Make a few improvements here and there to various scorecard generators and the overall report.

Update the scorecards with the newest generated versions include new results for the latest FindSecBugs.

Author: davewichers

results/Benchmark_1.2beta-findbugs-v3.0.1-101.xml renamed to results/Benchmark_1.2beta-findbugs-v3.0.1-315.xml

@@ -1,14 +1,13 @@
 status=$(sudo -u root -p password /etc/init.d/sonar status)
-if [ "$status" == "SonarQube is running (930)." ];then
-mvn compile sonar:sonar -Dbuildtime.output.csv=true -Dbuildtime.oifutput.csv.file=classes/out.csv -Dsonar.scm.disabled=true -Dsonar.skipDesign=true -Dsonar.cpd.exclusions=**/*.java -Dsonar.importSources=false -Dsonar.exclusions=**/*.xml
-done=false
-while [ "$done" != "true" ]
-do
-  done=$(curl -sb -H "Accept: application/json" http://localhost:9000/api/analysis_reports/is_queue_empty)
-done
-mvn validate -Ptime -Dexec.args="sonar"
-else
+if [[ $status != *"SonarQube is running"* ]];then
     echo "SonarQube is not running..."
     echo "Attempting to start service....."
     sudo -u root -p password /etc/init.d/sonar start
-fi;
+fi;
+    mvn compile sonar:sonar -Dbuildtime.output.csv=true -Dbuildtime.oifutput.csv.file=classes/out.csv -Dsonar.scm.disabled=true -Dsonar.skipDesign=true -Dsonar.cpd.exclusions=**/*.java -Dsonar.importSources=false -Dsonar.exclusions=**/*.xml
+    done=false
+    while [ "$done" != "true" ]
+    do
+      done=$(curl -sb -H "Accept: application/json" http://localhost:9000/api/analysis_reports/is_queue_empty)
+    done
+    mvn validate -Ptime -Dexec.args="sonar"

results/Benchmark_1.2beta-findsecbugs-v1.4.0-110.xml renamed to results/Benchmark_1.2beta-findsecbugs-v1.4.3-196.xml

@@ -45,7 +45,7 @@
 <li><a href="Benchmark_v1.2beta_Scorecard_for_FindBugs.html">FindBugs</a></li>
 <li><a href="Benchmark_v1.2beta_Scorecard_for_OWASP_ZAP.html">OWASP ZAP</a></li>
 <li><a href="Benchmark_v1.2beta_Scorecard_for_PMD.html">PMD</a></li>
-<li><a href="Benchmark_v1.2beta_Scorecard_for_SonarQube.html">SonarQube</a></li>
+<li><a href="Benchmark_v1.2beta_Scorecard_for_SonarQube_Java_Plugin.html">SonarQube Java Plugin</a></li>
 <li><a href="Benchmark_v1.1,1.2beta_Scorecard_for_Commercial_Tools.html">Commercial Average</a></li>
 
 	          </ul>
@@ -97,11 +97,11 @@ <h3>OWASP Benchmark Scorecard for Command Injection</h3>
 <h2>Detailed Results Per Tool for Command Injection</h2>
 <table class="table">
 <tr><th>Tool</th><th>Benchmark Version</th><th>TP</th><th>FN</th><th>TN</th><th>FP</th><th>Total</th><th>TPR</th><th>FPR</th><th>Score</th></tr>
-<tr class="danger"><td>FBwFindSecBugs</td><td>1.2beta</td><td>93</td><td>33</td><td>30</td><td>95</td><td>251</td><td>73.81%</td><td>76.00%</td><td>-2.19%</td></tr>
+<tr class="danger"><td>FBwFindSecBugs</td><td>1.2beta</td><td>126</td><td>0</td><td>12</td><td>113</td><td>251</td><td>100.00%</td><td>90.40%</td><td>9.60%</td></tr>
 <tr class="danger"><td>FindBugs</td><td>1.2beta</td><td>0</td><td>126</td><td>125</td><td>0</td><td>251</td><td>0.00%</td><td>0.00%</td><td>0.00%</td></tr>
 <tr ><td>OWASP ZAP</td><td>1.2beta</td><td>44</td><td>82</td><td>125</td><td>0</td><td>251</td><td>34.92%</td><td>0.00%</td><td>34.92%</td></tr>
 <tr class="danger"><td>PMD</td><td>1.2beta</td><td>0</td><td>126</td><td>125</td><td>0</td><td>251</td><td>0.00%</td><td>0.00%</td><td>0.00%</td></tr>
-<tr class="danger"><td>SonarQube</td><td>1.2beta</td><td>107</td><td>19</td><td>16</td><td>109</td><td>251</td><td>84.92%</td><td>87.20%</td><td>-2.28%</td></tr>
+<tr class="danger"><td>SonarQube Java Plugin</td><td>1.2beta</td><td>107</td><td>19</td><td>16</td><td>109</td><td>251</td><td>84.92%</td><td>87.20%</td><td>-2.28%</td></tr>
 </tr>
 </table>
 

results/Benchmark_1.2beta-sonar-v5.1-258.xml renamed to results/Benchmark_1.2beta-sonar-Java-Plugin-v3.5-289.xml

@@ -45,7 +45,7 @@
 <li><a href="Benchmark_v1.2beta_Scorecard_for_FindBugs.html">FindBugs</a></li>
 <li><a href="Benchmark_v1.2beta_Scorecard_for_OWASP_ZAP.html">OWASP ZAP</a></li>
 <li><a href="Benchmark_v1.2beta_Scorecard_for_PMD.html">PMD</a></li>
-<li><a href="Benchmark_v1.2beta_Scorecard_for_SonarQube.html">SonarQube</a></li>
+<li><a href="Benchmark_v1.2beta_Scorecard_for_SonarQube_Java_Plugin.html">SonarQube Java Plugin</a></li>
 <li><a href="Benchmark_v1.1,1.2beta_Scorecard_for_Commercial_Tools.html">Commercial Average</a></li>
 
 	          </ul>

runSonarQube.sh

@@ -45,7 +45,7 @@
 <li><a href="Benchmark_v1.2beta_Scorecard_for_FindBugs.html">FindBugs</a></li>
 <li><a href="Benchmark_v1.2beta_Scorecard_for_OWASP_ZAP.html">OWASP ZAP</a></li>
 <li><a href="Benchmark_v1.2beta_Scorecard_for_PMD.html">PMD</a></li>
-<li><a href="Benchmark_v1.2beta_Scorecard_for_SonarQube.html">SonarQube</a></li>
+<li><a href="Benchmark_v1.2beta_Scorecard_for_SonarQube_Java_Plugin.html">SonarQube Java Plugin</a></li>
 <li><a href="Benchmark_v1.1,1.2beta_Scorecard_for_Commercial_Tools.html">Commercial Average</a></li>
 
 	          </ul>
@@ -101,7 +101,7 @@ <h2>Detailed Results Per Tool for Cross-Site Scripting</h2>
 <tr class="danger"><td>FindBugs</td><td>1.2beta</td><td>3</td><td>243</td><td>209</td><td>0</td><td>455</td><td>1.22%</td><td>0.00%</td><td>1.22%</td></tr>
 <tr ><td>OWASP ZAP</td><td>1.2beta</td><td>71</td><td>175</td><td>209</td><td>0</td><td>455</td><td>28.86%</td><td>0.00%</td><td>28.86%</td></tr>
 <tr class="danger"><td>PMD</td><td>1.2beta</td><td>0</td><td>246</td><td>209</td><td>0</td><td>455</td><td>0.00%</td><td>0.00%</td><td>0.00%</td></tr>
-<tr class="danger"><td>SonarQube</td><td>1.2beta</td><td>0</td><td>246</td><td>209</td><td>0</td><td>455</td><td>0.00%</td><td>0.00%</td><td>0.00%</td></tr>
+<tr class="danger"><td>SonarQube Java Plugin</td><td>1.2beta</td><td>0</td><td>246</td><td>209</td><td>0</td><td>455</td><td>0.00%</td><td>0.00%</td><td>0.00%</td></tr>
 </tr>
 </table>
 

scorecard/Benchmark_v1.1,1.2beta_Scorecard_for_Command_Injection.html

@@ -45,7 +45,7 @@
 <li><a href="Benchmark_v1.2beta_Scorecard_for_FindBugs.html">FindBugs</a></li>
 <li><a href="Benchmark_v1.2beta_Scorecard_for_OWASP_ZAP.html">OWASP ZAP</a></li>
 <li><a href="Benchmark_v1.2beta_Scorecard_for_PMD.html">PMD</a></li>
-<li><a href="Benchmark_v1.2beta_Scorecard_for_SonarQube.html">SonarQube</a></li>
+<li><a href="Benchmark_v1.2beta_Scorecard_for_SonarQube_Java_Plugin.html">SonarQube Java Plugin</a></li>
 <li><a href="Benchmark_v1.1,1.2beta_Scorecard_for_Commercial_Tools.html">Commercial Average</a></li>
 
 	          </ul>
@@ -97,11 +97,11 @@ <h3>OWASP Benchmark Scorecard for Insecure Cookie</h3>
 <h2>Detailed Results Per Tool for Insecure Cookie</h2>
 <table class="table">
 <tr><th>Tool</th><th>Benchmark Version</th><th>TP</th><th>FN</th><th>TN</th><th>FP</th><th>Total</th><th>TPR</th><th>FPR</th><th>Score</th></tr>
-<tr class="danger"><td>FBwFindSecBugs</td><td>1.2beta</td><td>3</td><td>33</td><td>27</td><td>4</td><td>67</td><td>8.33%</td><td>12.90%</td><td>-4.57%</td></tr>
+<tr class="success"><td>FBwFindSecBugs</td><td>1.2beta</td><td>36</td><td>0</td><td>31</td><td>0</td><td>67</td><td>100.00%</td><td>0.00%</td><td>100.00%</td></tr>
 <tr class="danger"><td>FindBugs</td><td>1.2beta</td><td>0</td><td>36</td><td>31</td><td>0</td><td>67</td><td>0.00%</td><td>0.00%</td><td>0.00%</td></tr>
 <tr class="success"><td>OWASP ZAP</td><td>1.2beta</td><td>36</td><td>0</td><td>31</td><td>0</td><td>67</td><td>100.00%</td><td>0.00%</td><td>100.00%</td></tr>
 <tr class="danger"><td>PMD</td><td>1.2beta</td><td>0</td><td>36</td><td>31</td><td>0</td><td>67</td><td>0.00%</td><td>0.00%</td><td>0.00%</td></tr>
-<tr class="success"><td>SonarQube</td><td>1.2beta</td><td>36</td><td>0</td><td>31</td><td>0</td><td>67</td><td>100.00%</td><td>0.00%</td><td>100.00%</td></tr>
+<tr class="success"><td>SonarQube Java Plugin</td><td>1.2beta</td><td>36</td><td>0</td><td>31</td><td>0</td><td>67</td><td>100.00%</td><td>0.00%</td><td>100.00%</td></tr>
 </tr>
 </table>
 

scorecard/Benchmark_v1.1,1.2beta_Scorecard_for_Commercial_Tools.html

@@ -45,7 +45,7 @@
 <li><a href="Benchmark_v1.2beta_Scorecard_for_FindBugs.html">FindBugs</a></li>
 <li><a href="Benchmark_v1.2beta_Scorecard_for_OWASP_ZAP.html">OWASP ZAP</a></li>
 <li><a href="Benchmark_v1.2beta_Scorecard_for_PMD.html">PMD</a></li>
-<li><a href="Benchmark_v1.2beta_Scorecard_for_SonarQube.html">SonarQube</a></li>
+<li><a href="Benchmark_v1.2beta_Scorecard_for_SonarQube_Java_Plugin.html">SonarQube Java Plugin</a></li>
 <li><a href="Benchmark_v1.1,1.2beta_Scorecard_for_Commercial_Tools.html">Commercial Average</a></li>
 
 	          </ul>
@@ -97,11 +97,11 @@ <h3>OWASP Benchmark Scorecard for LDAP Injection</h3>
 <h2>Detailed Results Per Tool for LDAP Injection</h2>
 <table class="table">
 <tr><th>Tool</th><th>Benchmark Version</th><th>TP</th><th>FN</th><th>TN</th><th>FP</th><th>Total</th><th>TPR</th><th>FPR</th><th>Score</th></tr>
-<tr ><td>FBwFindSecBugs</td><td>1.2beta</td><td>4</td><td>23</td><td>23</td><td>9</td><td>59</td><td>14.81%</td><td>28.12%</td><td>-13.31%</td></tr>
+<tr class="danger"><td>FBwFindSecBugs</td><td>1.2beta</td><td>27</td><td>0</td><td>3</td><td>29</td><td>59</td><td>100.00%</td><td>90.62%</td><td>9.38%</td></tr>
 <tr class="danger"><td>FindBugs</td><td>1.2beta</td><td>0</td><td>27</td><td>32</td><td>0</td><td>59</td><td>0.00%</td><td>0.00%</td><td>0.00%</td></tr>
 <tr class="danger"><td>OWASP ZAP</td><td>1.2beta</td><td>0</td><td>27</td><td>32</td><td>0</td><td>59</td><td>0.00%</td><td>0.00%</td><td>0.00%</td></tr>
 <tr class="danger"><td>PMD</td><td>1.2beta</td><td>0</td><td>27</td><td>32</td><td>0</td><td>59</td><td>0.00%</td><td>0.00%</td><td>0.00%</td></tr>
-<tr class="danger"><td>SonarQube</td><td>1.2beta</td><td>27</td><td>0</td><td>0</td><td>32</td><td>59</td><td>100.00%</td><td>100.00%</td><td>0.00%</td></tr>
+<tr class="danger"><td>SonarQube Java Plugin</td><td>1.2beta</td><td>27</td><td>0</td><td>0</td><td>32</td><td>59</td><td>100.00%</td><td>100.00%</td><td>0.00%</td></tr>
 </tr>
 </table>
 

scorecard/Benchmark_v1.1,1.2beta_Scorecard_for_Cross-Site_Scripting.html

@@ -45,7 +45,7 @@
 <li><a href="Benchmark_v1.2beta_Scorecard_for_FindBugs.html">FindBugs</a></li>
 <li><a href="Benchmark_v1.2beta_Scorecard_for_OWASP_ZAP.html">OWASP ZAP</a></li>
 <li><a href="Benchmark_v1.2beta_Scorecard_for_PMD.html">PMD</a></li>
-<li><a href="Benchmark_v1.2beta_Scorecard_for_SonarQube.html">SonarQube</a></li>
+<li><a href="Benchmark_v1.2beta_Scorecard_for_SonarQube_Java_Plugin.html">SonarQube Java Plugin</a></li>
 <li><a href="Benchmark_v1.1,1.2beta_Scorecard_for_Commercial_Tools.html">Commercial Average</a></li>
 
 	          </ul>
@@ -101,7 +101,7 @@ <h2>Detailed Results Per Tool for Path Traversal</h2>
 <tr class="danger"><td>FindBugs</td><td>1.2beta</td><td>4</td><td>129</td><td>129</td><td>6</td><td>268</td><td>3.01%</td><td>4.44%</td><td>-1.44%</td></tr>
 <tr class="danger"><td>OWASP ZAP</td><td>1.2beta</td><td>0</td><td>133</td><td>135</td><td>0</td><td>268</td><td>0.00%</td><td>0.00%</td><td>0.00%</td></tr>
 <tr class="danger"><td>PMD</td><td>1.2beta</td><td>0</td><td>133</td><td>135</td><td>0</td><td>268</td><td>0.00%</td><td>0.00%</td><td>0.00%</td></tr>
-<tr class="danger"><td>SonarQube</td><td>1.2beta</td><td>0</td><td>133</td><td>135</td><td>0</td><td>268</td><td>0.00%</td><td>0.00%</td><td>0.00%</td></tr>
+<tr class="danger"><td>SonarQube Java Plugin</td><td>1.2beta</td><td>0</td><td>133</td><td>135</td><td>0</td><td>268</td><td>0.00%</td><td>0.00%</td><td>0.00%</td></tr>
 </tr>
 </table>