Shared: share MaD kind validation across languages #13324

jcogs33 · 2023-05-30T23:18:11Z

Description

This PR shares models-as-data kind validation across languages. The reason for sharing this validation is to help enforce standardized naming conventions for kinds.
This PR is a followup to some recently merged PRs which updated model kind names: #12916, #13136, #13157, #13158, #13115.

Specifically, this PR:

Creates a shared/mad/codeql/mad/ModelValidation.qll file to share getInvalidModelKind() across languages.
Adds sink and source kind validation for Go/Swift. (Previously these languages only validated summary kinds).
Adds kind validation to the the pre-existing getAWarning() predicate for JavaScript/Python/Ruby.
Moves the the OutdatedSinkKind class from Java's ExternalFlow.qll file (which was recently added in Java: add error message for outdated sink kinds in getInvalidModelKind #13228) to the shared/mad/codeql/mad/ModelValidation.qll file and adds outdated sink kinds related to JS/C#/Swift.

github-actions · 2023-05-30T23:22:34Z

⚠️ The head of this PR and the base branch were compared for differences in the framework coverage reports. The generated reports are available in the artifacts of this workflow run. The differences will be picked up by the nightly job after the PR gets merged.

Click to show differences in coverage

java

Generated file changes for java

Changes to framework-coverage-java.rst:

-    Framework / library,Package,Flow sources,Taint & value steps,Sinks (total),`CWE‑022` :sub:`Path injection`,`CWE‑079` :sub:`Cross-site scripting`,`CWE‑089` :sub:`SQL injection`,`CWE‑090` :sub:`LDAP injection`,`CWE‑094` :sub:`Code injection`,`CWE‑319` :sub:`Cleartext transmission`
+    Framework / library,Package,Flow sources,Taint & value steps,Sinks (total),`CWE‑022` :sub:`Path injection`,`CWE‑079` :sub:`Cross-site scripting`,`CWE‑089` :sub:`SQL injection`,`CWE‑090` :sub:`LDAP injection`,`CWE‑094` :sub:`Code injection`,`CWE‑918` :sub:`Request Forgery`
-    `Apache Commons IO <https://commons.apache.org/proper/commons-io/>`_,``org.apache.commons.io``,,560,111,93,,,,,15
+    `Apache Commons IO <https://commons.apache.org/proper/commons-io/>`_,``org.apache.commons.io``,,560,111,94,,,,,15
-    `Google Guava <https://guava.dev/>`_,``com.google.common.*``,,730,41,2,,,,,
+    `Google Guava <https://guava.dev/>`_,``com.google.common.*``,,730,41,7,,,,,
-    Java Standard Library,``java.*``,3,679,170,40,,9,,,13
+    Java Standard Library,``java.*``,3,679,170,62,,9,,,17
-    Java extensions,"``javax.*``, ``jakarta.*``",63,611,34,1,4,,1,1,2
+    Java extensions,"``javax.*``, ``jakarta.*``",63,611,34,2,4,,1,1,2
-    Kotlin Standard Library,``kotlin*``,,1843,16,11,,,,,2
+    Kotlin Standard Library,``kotlin*``,,1843,16,14,,,,,2
-    `Spring <https://spring.io/>`_,``org.springframework.*``,29,483,113,2,,28,14,,29
+    `Spring <https://spring.io/>`_,``org.springframework.*``,29,483,113,3,,28,14,,34
-    Others,"``cn.hutool.core.codec``, ``com.esotericsoftware.kryo.io``, ``com.esotericsoftware.kryo5.io``, ``com.fasterxml.jackson.core``, ``com.fasterxml.jackson.databind``, ``com.hubspot.jinjava``, ``com.mitchellbosecke.pebble``, ``com.opensymphony.xwork2.ognl``, ``com.rabbitmq.client``, ``com.thoughtworks.xstream``, ``com.unboundid.ldap.sdk``, ``com.zaxxer.hikari``, ``flexjson``, ``freemarker.cache``, ``freemarker.template``, ``groovy.lang``, ``groovy.text``, ``groovy.util``, ``hudson``, ``io.jsonwebtoken``, ``io.netty.bootstrap``, ``io.netty.buffer``, ``io.netty.channel``, ``io.netty.handler.codec``, ``io.netty.handler.ssl``, ``io.netty.handler.stream``, ``io.netty.resolver``, ``io.netty.util``, ``javafx.scene.web``, ``jodd.json``, ``net.sf.saxon.s9api``, ``ognl``, ``okhttp3``, ``org.apache.commons.codec``, ``org.apache.commons.compress.archivers.tar``, ``org.apache.commons.httpclient.util``, ``org.apache.commons.jelly``, ``org.apache.commons.jexl2``, ``org.apache.commons.jexl3``, ``org.apache.commons.logging``, ``org.apache.commons.net``, ``org.apache.commons.ognl``, ``org.apache.directory.ldap.client.api``, ``org.apache.hadoop.fs``, ``org.apache.hadoop.hive.metastore``, ``org.apache.hc.client5.http.async.methods``, ``org.apache.hc.client5.http.classic.methods``, ``org.apache.hc.client5.http.fluent``, ``org.apache.hive.hcatalog.templeton``, ``org.apache.ibatis.jdbc``, ``org.apache.log4j``, ``org.apache.shiro.codec``, ``org.apache.shiro.jndi``, ``org.apache.tools.ant``, ``org.apache.tools.zip``, ``org.apache.velocity.app``, ``org.apache.velocity.runtime``, ``org.codehaus.cargo.container.installer``, ``org.codehaus.groovy.control``, ``org.dom4j``, ``org.eclipse.jetty.client``, ``org.geogebra.web.full.main``, ``org.hibernate``, ``org.jdbi.v3.core``, ``org.jooq``, ``org.kohsuke.stapler``, ``org.mvel2``, ``org.openjdk.jmh.runner.options``, ``org.scijava.log``, ``org.slf4j``, ``org.thymeleaf``, ``org.xml.sax``, ``org.xmlpull.v1``, ``play.mvc``, ``ratpack.core.form``, ``ratpack.core.handling``, ``ratpack.core.http``, ``ratpack.exec``, ``ratpack.form``, ``ratpack.func``, ``ratpack.handling``, ``ratpack.http``, ``ratpack.util``, ``retrofit2``",89,827,516,26,,18,18,,181
+    Others,"``cn.hutool.core.codec``, ``com.esotericsoftware.kryo.io``, ``com.esotericsoftware.kryo5.io``, ``com.fasterxml.jackson.core``, ``com.fasterxml.jackson.databind``, ``com.hubspot.jinjava``, ``com.mitchellbosecke.pebble``, ``com.opensymphony.xwork2.ognl``, ``com.rabbitmq.client``, ``com.thoughtworks.xstream``, ``com.unboundid.ldap.sdk``, ``com.zaxxer.hikari``, ``flexjson``, ``freemarker.cache``, ``freemarker.template``, ``groovy.lang``, ``groovy.text``, ``groovy.util``, ``hudson``, ``io.jsonwebtoken``, ``io.netty.bootstrap``, ``io.netty.buffer``, ``io.netty.channel``, ``io.netty.handler.codec``, ``io.netty.handler.ssl``, ``io.netty.handler.stream``, ``io.netty.resolver``, ``io.netty.util``, ``javafx.scene.web``, ``jodd.json``, ``net.sf.saxon.s9api``, ``ognl``, ``okhttp3``, ``org.apache.commons.codec``, ``org.apache.commons.compress.archivers.tar``, ``org.apache.commons.httpclient.util``, ``org.apache.commons.jelly``, ``org.apache.commons.jexl2``, ``org.apache.commons.jexl3``, ``org.apache.commons.logging``, ``org.apache.commons.net``, ``org.apache.commons.ognl``, ``org.apache.directory.ldap.client.api``, ``org.apache.hadoop.fs``, ``org.apache.hadoop.hive.metastore``, ``org.apache.hc.client5.http.async.methods``, ``org.apache.hc.client5.http.classic.methods``, ``org.apache.hc.client5.http.fluent``, ``org.apache.hive.hcatalog.templeton``, ``org.apache.ibatis.jdbc``, ``org.apache.log4j``, ``org.apache.shiro.codec``, ``org.apache.shiro.jndi``, ``org.apache.tools.ant``, ``org.apache.tools.zip``, ``org.apache.velocity.app``, ``org.apache.velocity.runtime``, ``org.codehaus.cargo.container.installer``, ``org.codehaus.groovy.control``, ``org.dom4j``, ``org.eclipse.jetty.client``, ``org.geogebra.web.full.main``, ``org.hibernate``, ``org.jdbi.v3.core``, ``org.jooq``, ``org.kohsuke.stapler``, ``org.mvel2``, ``org.openjdk.jmh.runner.options``, ``org.scijava.log``, ``org.slf4j``, ``org.thymeleaf``, ``org.xml.sax``, ``org.xmlpull.v1``, ``play.mvc``, ``ratpack.core.form``, ``ratpack.core.handling``, ``ratpack.core.http``, ``ratpack.exec``, ``ratpack.form``, ``ratpack.func``, ``ratpack.handling``, ``ratpack.http``, ``ratpack.util``, ``retrofit2``",89,827,516,60,,18,18,,189
-    Totals,,246,9119,1969,175,10,122,33,1,361
+    Totals,,246,9119,1969,242,10,122,33,1,378

Changes to framework-coverage-java.csv:

- package,sink,source,summary,sink:bean-validation,sink:create-file,sink:fragment-injection,sink:groovy,sink:header-splitting,sink:information-leak,sink:intent-start,sink:jdbc-url,sink:jexl,sink:jndi-injection,sink:ldap,sink:logging,sink:mvel,sink:ognl-injection,sink:open-url,sink:pending-intent-sent,sink:read-file,sink:regex-use,sink:regex-use[-1],sink:regex-use[0],sink:regex-use[],sink:regex-use[f-1],sink:regex-use[f1],sink:regex-use[f],sink:set-hostname-verifier,sink:sql,sink:ssti,sink:url-redirect,sink:write-file,sink:xpath,sink:xslt,sink:xss,source:android-external-storage-dir,source:android-widget,source:contentprovider,source:remote,summary:taint,summary:value
+ package,sink,source,summary,sink:bean-validation,sink:file-content-store,sink:fragment-injection,sink:groovy-injection,sink:hostname-verification,sink:html-injection,sink:information-leak,sink:intent-redirection,sink:jexl-injection,sink:jndi-injection,sink:js-injection,sink:ldap-injection,sink:log-injection,sink:mvel-injection,sink:ognl-injection,sink:path-injection,sink:pending-intents,sink:regex-use,sink:regex-use[-1],sink:regex-use[0],sink:regex-use[],sink:regex-use[f-1],sink:regex-use[f1],sink:regex-use[f],sink:request-forgery,sink:response-splitting,sink:sql-injection,sink:template-injection,sink:url-redirection,sink:xpath-injection,sink:xslt-injection,source:android-external-storage-dir,source:android-widget,source:contentprovider,source:remote,summary:taint,summary:value
- android.app,35,,103,,,11,,,,7,,,,,,,,,17,,,,,,,,,,,,,,,,,,,,,18,85
+ android.app,35,,103,,,11,,,,,7,,,,,,,,,17,,,,,,,,,,,,,,,,,,,18,85
- android.content,24,31,154,,,,,,,16,,,,,,,,,,,,,,,,,,,8,,,,,,,4,,27,,63,91
+ android.content,24,31,154,,,,,,,,16,,,,,,,,,,,,,,,,,,,8,,,,,4,,27,,63,91
- android.database,59,,41,,,,,,,,,,,,,,,,,,,,,,,,,,59,,,,,,,,,,,41,
+ android.database,59,,41,,,,,,,,,,,,,,,,,,,,,,,,,,,59,,,,,,,,,41,
- android.net,,,60,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,45,15
+ android.net,,,60,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,45,15
- android.os,,2,122,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,41,81
+ android.os,,2,122,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,41,81
- android.support.v4.app,11,,,,,11,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
+ android.support.v4.app,11,,,,,11,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
- android.util,6,16,,,,,,,,,,,,,6,,,,,,,,,,,,,,,,,,,,,,,,16,,
+ android.util,6,16,,,,,,,,,,,,,,6,,,,,,,,,,,,,,,,,,,,,,16,,
- android.webkit,3,2,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3,,,,2,,
+ android.webkit,3,2,,,,,,,2,,,,,1,,,,,,,,,,,,,,,,,,,,,,,,2,,
- android.widget,,1,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,1,
+ android.widget,,1,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,1,
- androidx.core.app,6,,95,,,,,,,,,,,,,,,,6,,,,,,,,,,,,,,,,,,,,,12,83
+ androidx.core.app,6,,95,,,,,,,,,,,,,,,,,6,,,,,,,,,,,,,,,,,,,12,83
- androidx.fragment.app,11,,,,,11,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
+ androidx.fragment.app,11,,,,,11,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
- androidx.slice,2,5,88,,,,,,,,,,,,,,,,2,,,,,,,,,,,,,,,,,,,5,,27,61
+ androidx.slice,2,5,88,,,,,,,,,,,,,,,,,2,,,,,,,,,,,,,,,,,5,,27,61
- cn.hutool.core.codec,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,
+ cn.hutool.core.codec,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,
- com.esotericsoftware.kryo.io,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,
+ com.esotericsoftware.kryo.io,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,
- com.esotericsoftware.kryo5.io,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,
+ com.esotericsoftware.kryo5.io,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,
- com.fasterxml.jackson.core,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,
+ com.fasterxml.jackson.core,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,
- com.fasterxml.jackson.databind,,,6,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,6,
+ com.fasterxml.jackson.databind,,,6,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,6,
- com.google.common.base,4,,87,,,,,,,,,,,,,,,,,,,,3,1,,,,,,,,,,,,,,,,63,24
+ com.google.common.base,4,,87,,,,,,,,,,,,,,,,,,,,3,1,,,,,,,,,,,,,,,63,24
- com.google.common.cache,,,17,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,17
+ com.google.common.cache,,,17,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,17
- com.google.common.collect,,,553,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,551
+ com.google.common.collect,,,553,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,551
- com.google.common.flogger,29,,,,,,,,,,,,,,29,,,,,,,,,,,,,,,,,,,,,,,,,,
+ com.google.common.flogger,29,,,,,,,,,,,,,,,29,,,,,,,,,,,,,,,,,,,,,,,,
- com.google.common.io,8,,73,,2,,,,,,,,,,,,,,,5,,,,,,,,,,,,1,,,,,,,,72,1
+ com.google.common.io,8,,73,,1,,,,,,,,,,,,,,7,,,,,,,,,,,,,,,,,,,,72,1
- com.hubspot.jinjava,2,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,,,,,,
+ com.hubspot.jinjava,2,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,,,,
- com.mitchellbosecke.pebble,2,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,,,,,,
+ com.mitchellbosecke.pebble,2,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,,,,
- com.opensymphony.xwork2.ognl,3,,,,,,,,,,,,,,,,3,,,,,,,,,,,,,,,,,,,,,,,,
+ com.opensymphony.xwork2.ognl,3,,,,,,,,,,,,,,,,,3,,,,,,,,,,,,,,,,,,,,,,
- com.rabbitmq.client,,21,7,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,21,7,
+ com.rabbitmq.client,,21,7,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,21,7,
- com.thoughtworks.xstream,1,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,
+ com.thoughtworks.xstream,1,,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,
- com.unboundid.ldap.sdk,17,,,,,,,,,,,,,17,,,,,,,,,,,,,,,,,,,,,,,,,,,
+ com.unboundid.ldap.sdk,17,,,,,,,,,,,,,,17,,,,,,,,,,,,,,,,,,,,,,,,,
- com.zaxxer.hikari,2,,,,,,,,,,2,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
+ com.zaxxer.hikari,2,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,,,,,,,
- flexjson,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1
+ flexjson,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1
- freemarker.cache,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,,
+ freemarker.cache,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,,
- freemarker.template,7,,,,,,,,,,,,,,,,,,,,,,,,,,,,,7,,,,,,,,,,,
+ freemarker.template,7,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,7,,,,,,,,,
- groovy.lang,26,,,,,,26,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
+ groovy.lang,26,,,,,,26,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
- groovy.text,1,,,,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
+ groovy.text,1,,,,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
- groovy.util,5,,,,,,5,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
+ groovy.util,5,,,,,,5,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
- hudson,44,,16,,19,,,,,,,,,,,,,6,,17,,,,,,,,,,,,2,,,,,,,,16,
+ hudson,44,,16,,2,,,,,,,,,,,,,,36,,,,,,,,,6,,,,,,,,,,,16,
- io.jsonwebtoken,,2,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,4,
+ io.jsonwebtoken,,2,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,4,
- io.netty.bootstrap,3,,,,,,,,,,,,,,,,,3,,,,,,,,,,,,,,,,,,,,,,,
+ io.netty.bootstrap,3,,,,,,,,,,,,,,,,,,,,,,,,,,,3,,,,,,,,,,,,
- io.netty.buffer,,,207,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,130,77
+ io.netty.buffer,,,207,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,130,77
- io.netty.channel,9,2,,,,,,,,,,,,,,,,9,,,,,,,,,,,,,,,,,,,,,2,,
+ io.netty.channel,9,2,,,,,,,,,,,,,,,,,,,,,,,,,,9,,,,,,,,,,2,,
- io.netty.handler.codec,4,13,259,,,,,,,,,,,,,,,3,,1,,,,,,,,,,,,,,,,,,,13,143,116
+ io.netty.handler.codec,4,13,259,,,,,,,,,,,,,,,,1,,,,,,,,,3,,,,,,,,,,13,143,116
- io.netty.handler.ssl,2,,,,,,,,,,,,,,,,,,,2,,,,,,,,,,,,,,,,,,,,,
+ io.netty.handler.ssl,2,,,,,,,,,,,,,,,,,,2,,,,,,,,,,,,,,,,,,,,,
- io.netty.handler.stream,1,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,
+ io.netty.handler.stream,1,,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,
- io.netty.resolver,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,
+ io.netty.resolver,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,
- io.netty.util,2,,23,,1,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,21,2
+ io.netty.util,2,,23,,,,,,,,,,,,,,,,1,,,,,,,,,1,,,,,,,,,,,21,2
- jakarta.faces.context,2,7,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,7,,
+ jakarta.faces.context,2,7,,,,,,,2,,,,,,,,,,,,,,,,,,,,,,,,,,,,,7,,
- jakarta.json,,,123,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,100,23
+ jakarta.json,,,123,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,100,23
- jakarta.ws.rs.client,1,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,,
+ jakarta.ws.rs.client,1,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,
- jakarta.ws.rs.container,,9,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,9,,
+ jakarta.ws.rs.container,,9,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,9,,
- jakarta.ws.rs.core,2,,149,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,,,,94,55
+ jakarta.ws.rs.core,2,,149,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,,94,55
- java.awt,,,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3
+ java.awt,,,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3
- java.beans,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,
+ java.beans,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,
- java.io,44,,45,,18,,,,,,,,,,,,,,,4,,,,,,,,,,,,22,,,,,,,,43,2
+ java.io,44,,45,,22,,,,,,,,,,,,,,22,,,,,,,,,,,,,,,,,,,,43,2
- java.lang,18,,92,,,,,,,,,,,,8,,,,,5,,4,,,1,,,,,,,,,,,,,,,56,36
+ java.lang,18,,92,,,,,,,,,,,,,8,,,5,,,4,,,1,,,,,,,,,,,,,,56,36
- java.net,13,3,20,,,,,,,,,,,,,,,13,,,,,,,,,,,,,,,,,,,,,3,20,
+ java.net,13,3,20,,,,,,,,,,,,,,,,,,,,,,,,,13,,,,,,,,,,3,20,
- java.nio,38,,31,,22,,,,,,,,,,,,,,,13,,,,,,,,,,,,3,,,,,,,,31,
+ java.nio,38,,31,,3,,,,,,,,,,,,,,35,,,,,,,,,,,,,,,,,,,,31,
- java.sql,13,,3,,,,,,,,4,,,,,,,,,,,,,,,,,,9,,,,,,,,,,,2,1
+ java.sql,13,,3,,,,,,,,,,,,,,,,,,,,,,,,,4,,9,,,,,,,,,2,1
- java.util,44,,484,,,,,,,,,,,,34,,,,,,,,5,2,,1,2,,,,,,,,,,,,,44,440
+ java.util,44,,484,,,,,,,,,,,,,34,,,,,,,5,2,,1,2,,,,,,,,,,,,44,440
- javafx.scene.web,1,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,,
+ javafx.scene.web,1,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,
- javax.faces.context,2,7,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,7,,
+ javax.faces.context,2,7,,,,,,,2,,,,,,,,,,,,,,,,,,,,,,,,,,,,,7,,
- javax.imageio.stream,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,
+ javax.imageio.stream,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,
- javax.jms,,9,57,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,9,57,
+ javax.jms,,9,57,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,9,57,
- javax.json,,,123,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,100,23
+ javax.json,,,123,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,100,23
- javax.management.remote,2,,,,,,,,,,,,2,,,,,,,,,,,,,,,,,,,,,,,,,,,,
+ javax.management.remote,2,,,,,,,,,,,,2,,,,,,,,,,,,,,,,,,,,,,,,,,,
- javax.naming,7,,1,,,,,,,,,,6,1,,,,,,,,,,,,,,,,,,,,,,,,,,1,
+ javax.naming,7,,1,,,,,,,,,,6,,1,,,,,,,,,,,,,,,,,,,,,,,,1,
- javax.net.ssl,2,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,,,,,,,,
+ javax.net.ssl,2,,,,,,,2,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
- javax.script,1,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,,,,
+ javax.script,1,,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,,
- javax.servlet,5,21,2,,,,,3,1,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,21,2,
+ javax.servlet,5,21,2,,,,,,,1,,,,,,,,,1,,,,,,,,,,3,,,,,,,,,21,2,
- javax.validation,1,1,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,
+ javax.validation,1,1,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,
- javax.ws.rs.client,1,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,,
+ javax.ws.rs.client,1,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,
- javax.ws.rs.container,,9,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,9,,
+ javax.ws.rs.container,,9,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,9,,
- javax.ws.rs.core,3,,149,,,,,1,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,,,,94,55
+ javax.ws.rs.core,3,,149,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,2,,,,,,,94,55
- javax.xml.transform,2,,6,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,6,
+ javax.xml.transform,2,,6,,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,1,,,,,6,
- javax.xml.xpath,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3,,,,,,,,
+ javax.xml.xpath,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3,,,,,,,
- jodd.json,,,10,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,10
+ jodd.json,,,10,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,10
- kotlin,16,,1843,,11,,,,,,,,,,,,,2,,3,,,,,,,,,,,,,,,,,,,,1836,7
+ kotlin,16,,1843,,,,,,,,,,,,,,,,14,,,,,,,,,2,,,,,,,,,,,1836,7
- net.sf.saxon.s9api,5,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,5,,,,,,,
+ net.sf.saxon.s9api,5,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,5,,,,,,
- ognl,6,,,,,,,,,,,,,,,,6,,,,,,,,,,,,,,,,,,,,,,,,
+ ognl,6,,,,,,,,,,,,,,,,,6,,,,,,,,,,,,,,,,,,,,,,
- okhttp3,2,,47,,,,,,,,,,,,,,,2,,,,,,,,,,,,,,,,,,,,,,22,25
+ okhttp3,2,,47,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,,,,,,22,25
- org.apache.commons.codec,,,6,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,6,
+ org.apache.commons.codec,,,6,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,6,
- org.apache.commons.collections,,,800,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,17,783
+ org.apache.commons.collections,,,800,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,17,783
- org.apache.commons.collections4,,,800,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,17,783
+ org.apache.commons.collections4,,,800,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,17,783
- org.apache.commons.compress.archivers.tar,,,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,4,
+ org.apache.commons.compress.archivers.tar,,,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,4,
- org.apache.commons.httpclient.util,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,
+ org.apache.commons.httpclient.util,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,
- org.apache.commons.io,111,,560,,93,,,,,,,,,,,,,15,,1,,,,,,,,,,,,2,,,,,,,,546,14
+ org.apache.commons.io,111,,560,,2,,,,,,,,,,,,,,94,,,,,,,,,15,,,,,,,,,,,546,14
- org.apache.commons.jelly,6,,,,,,,,,,,,,,,,,6,,,,,,,,,,,,,,,,,,,,,,,
+ org.apache.commons.jelly,6,,,,,,,,,,,,,,,,,,,,,,,,,,,6,,,,,,,,,,,,
- org.apache.commons.jexl2,15,,,,,,,,,,,15,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
+ org.apache.commons.jexl2,15,,,,,,,,,,,15,,,,,,,,,,,,,,,,,,,,,,,,,,,,
- org.apache.commons.jexl3,15,,,,,,,,,,,15,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
+ org.apache.commons.jexl3,15,,,,,,,,,,,15,,,,,,,,,,,,,,,,,,,,,,,,,,,,
- org.apache.commons.lang3,6,,424,,,,,,,,,,,,,,,,,,6,,,,,,,,,,,,,,,,,,,293,131
+ org.apache.commons.lang3,6,,424,,,,,,,,,,,,,,,,,,6,,,,,,,,,,,,,,,,,,293,131
- org.apache.commons.logging,6,,,,,,,,,,,,,,6,,,,,,,,,,,,,,,,,,,,,,,,,,
+ org.apache.commons.logging,6,,,,,,,,,,,,,,,6,,,,,,,,,,,,,,,,,,,,,,,,
- org.apache.commons.net,9,12,,,,,,,,,,,,,,,,6,,3,,,,,,,,,,,,,,,,,,,12,,
+ org.apache.commons.net,9,12,,,,,,,,,,,,,,,,,3,,,,,,,,,6,,,,,,,,,,12,,
- org.apache.commons.ognl,6,,,,,,,,,,,,,,,,6,,,,,,,,,,,,,,,,,,,,,,,,
+ org.apache.commons.ognl,6,,,,,,,,,,,,,,,,,6,,,,,,,,,,,,,,,,,,,,,,
- org.apache.commons.text,,,272,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,220,52
+ org.apache.commons.text,,,272,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,220,52
- org.apache.directory.ldap.client.api,1,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,
+ org.apache.directory.ldap.client.api,1,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,,,,
- org.apache.hadoop.fs,,,10,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,10,
+ org.apache.hadoop.fs,,,10,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,10,
- org.apache.hadoop.hive.metastore,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,3,,,,,,,,,,,,
+ org.apache.hadoop.hive.metastore,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3,,,,,,,,,,
- org.apache.hc.client5.http.async.methods,84,,,,,,,,,,,,,,,,,84,,,,,,,,,,,,,,,,,,,,,,,
+ org.apache.hc.client5.http.async.methods,84,,,,,,,,,,,,,,,,,,,,,,,,,,,84,,,,,,,,,,,,
- org.apache.hc.client5.http.classic.methods,37,,,,,,,,,,,,,,,,,37,,,,,,,,,,,,,,,,,,,,,,,
+ org.apache.hc.client5.http.classic.methods,37,,,,,,,,,,,,,,,,,,,,,,,,,,,37,,,,,,,,,,,,
- org.apache.hc.client5.http.fluent,19,,,,,,,,,,,,,,,,,19,,,,,,,,,,,,,,,,,,,,,,,
+ org.apache.hc.client5.http.fluent,19,,,,,,,,,,,,,,,,,,,,,,,,,,,19,,,,,,,,,,,,
- org.apache.hc.core5.benchmark,1,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,,
+ org.apache.hc.core5.benchmark,1,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,
- org.apache.hc.core5.function,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,
+ org.apache.hc.core5.function,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,
- org.apache.hc.core5.http,73,2,45,,,,,,,,,,,,,,,72,,,,,,,,,,,,,,,,,1,,,,2,45,
+ org.apache.hc.core5.http,73,2,45,,,,,,1,,,,,,,,,,,,,,,,,,,72,,,,,,,,,,2,45,
- org.apache.hc.core5.net,,,18,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,18,
+ org.apache.hc.core5.net,,,18,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,18,
- org.apache.hc.core5.util,,,24,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,18,6
+ org.apache.hc.core5.util,,,24,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,18,6
- org.apache.hive.hcatalog.templeton,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,
+ org.apache.hive.hcatalog.templeton,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,
- org.apache.http,48,3,94,,,,,,,,,,,,,,,46,,,,,,,,,,,,,,,,,2,,,,3,86,8
+ org.apache.http,48,3,94,,,,,,2,,,,,,,,,,,,,,,,,,,46,,,,,,,,,,3,86,8
- org.apache.ibatis.jdbc,6,,57,,,,,,,,,,,,,,,,,,,,,,,,,,6,,,,,,,,,,,57,
+ org.apache.ibatis.jdbc,6,,57,,,,,,,,,,,,,,,,,,,,,,,,,,,6,,,,,,,,,57,
- org.apache.log4j,11,,,,,,,,,,,,,,11,,,,,,,,,,,,,,,,,,,,,,,,,,
+ org.apache.log4j,11,,,,,,,,,,,,,,,11,,,,,,,,,,,,,,,,,,,,,,,,
- org.apache.logging.log4j,359,,8,,,,,,,,,,,,359,,,,,,,,,,,,,,,,,,,,,,,,,4,4
+ org.apache.logging.log4j,359,,8,,,,,,,,,,,,,359,,,,,,,,,,,,,,,,,,,,,,,4,4
- org.apache.shiro.codec,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,
+ org.apache.shiro.codec,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,
- org.apache.shiro.jndi,1,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,
+ org.apache.shiro.jndi,1,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,
- org.apache.tools.ant,11,,,,3,,,,,,,,,,,,,,,8,,,,,,,,,,,,,,,,,,,,,
+ org.apache.tools.ant,11,,,,,,,,,,,,,,,,,,11,,,,,,,,,,,,,,,,,,,,,
- org.apache.tools.zip,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,
+ org.apache.tools.zip,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,
- org.apache.velocity.app,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,4,,,,,,,,,,,
+ org.apache.velocity.app,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,4,,,,,,,,,
- org.apache.velocity.runtime,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,4,,,,,,,,,,,
+ org.apache.velocity.runtime,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,4,,,,,,,,,
- org.codehaus.cargo.container.installer,3,,,,2,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,,
+ org.codehaus.cargo.container.installer,3,,,,,,,,,,,,,,,,,,2,,,,,,,,,1,,,,,,,,,,,,
- org.codehaus.groovy.control,1,,,,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
+ org.codehaus.groovy.control,1,,,,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
- org.dom4j,20,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,20,,,,,,,,
+ org.dom4j,20,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,20,,,,,,,
- org.eclipse.jetty.client,1,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,,
+ org.eclipse.jetty.client,1,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,
- org.geogebra.web.full.main,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,
+ org.geogebra.web.full.main,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,
- org.hibernate,7,,,,,,,,,,,,,,,,,,,,,,,,,,,,7,,,,,,,,,,,,
+ org.hibernate,7,,,,,,,,,,,,,,,,,,,,,,,,,,,,,7,,,,,,,,,,
- org.jboss.logging,324,,,,,,,,,,,,,,324,,,,,,,,,,,,,,,,,,,,,,,,,,
+ org.jboss.logging,324,,,,,,,,,,,,,,,324,,,,,,,,,,,,,,,,,,,,,,,,
- org.jdbi.v3.core,6,,,,,,,,,,6,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
+ org.jdbi.v3.core,6,,,,,,,,,,,,,,,,,,,,,,,,,,,6,,,,,,,,,,,,
- org.jooq,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,
+ org.jooq,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,
- org.json,,,236,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,198,38
+ org.json,,,236,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,198,38
- org.kohsuke.stapler,3,,1,,,,,,,,,,,,,,,1,,1,,,,,,,,,,,1,,,,,,,,,1,
+ org.kohsuke.stapler,3,,1,,,,,,,,,,,,,,,,1,,,,,,,,,1,,,,1,,,,,,,1,
- org.mvel2,16,,,,,,,,,,,,,,,16,,,,,,,,,,,,,,,,,,,,,,,,,
+ org.mvel2,16,,,,,,,,,,,,,,,,16,,,,,,,,,,,,,,,,,,,,,,,
- org.openjdk.jmh.runner.options,1,,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
+ org.openjdk.jmh.runner.options,1,,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,
- org.scijava.log,13,,,,,,,,,,,,,,13,,,,,,,,,,,,,,,,,,,,,,,,,,
+ org.scijava.log,13,,,,,,,,,,,,,,,13,,,,,,,,,,,,,,,,,,,,,,,,
- org.slf4j,55,,6,,,,,,,,,,,,55,,,,,,,,,,,,,,,,,,,,,,,,,2,4
+ org.slf4j,55,,6,,,,,,,,,,,,,55,,,,,,,,,,,,,,,,,,,,,,,2,4
- org.springframework.beans,,,30,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,30
+ org.springframework.beans,,,30,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,30
- org.springframework.boot.jdbc,1,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
+ org.springframework.boot.jdbc,1,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,
- org.springframework.cache,,,13,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,13
+ org.springframework.cache,,,13,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,13
- org.springframework.context,,,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3,
+ org.springframework.context,,,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3,
- org.springframework.data.repository,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1
+ org.springframework.data.repository,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1
- org.springframework.http,14,,71,,,,,,,,,,,,,,,14,,,,,,,,,,,,,,,,,,,,,,61,10
+ org.springframework.http,14,,71,,,,,,,,,,,,,,,,,,,,,,,,,14,,,,,,,,,,,61,10
- org.springframework.jdbc.core,19,,,,,,,,,,,,,,,,,,,,,,,,,,,,19,,,,,,,,,,,,
+ org.springframework.jdbc.core,19,,,,,,,,,,,,,,,,,,,,,,,,,,,,,19,,,,,,,,,,
- org.springframework.jdbc.datasource,4,,,,,,,,,,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
+ org.springframework.jdbc.datasource,4,,,,,,,,,,,,,,,,,,,,,,,,,,,4,,,,,,,,,,,,
- org.springframework.jdbc.object,9,,,,,,,,,,,,,,,,,,,,,,,,,,,,9,,,,,,,,,,,,
+ org.springframework.jdbc.object,9,,,,,,,,,,,,,,,,,,,,,,,,,,,,,9,,,,,,,,,,
- org.springframework.jndi,1,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,
+ org.springframework.jndi,1,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,
- org.springframework.ldap,47,,,,,,,,,,,,33,14,,,,,,,,,,,,,,,,,,,,,,,,,,,
+ org.springframework.ldap,47,,,,,,,,,,,,33,,14,,,,,,,,,,,,,,,,,,,,,,,,,
- org.springframework.security.web.savedrequest,,6,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,6,,
+ org.springframework.security.web.savedrequest,,6,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,6,,
- org.springframework.ui,,,32,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,32
+ org.springframework.ui,,,32,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,32
- org.springframework.util,3,,142,,2,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,90,52
+ org.springframework.util,3,,142,,,,,,,,,,,,,,,,3,,,,,,,,,,,,,,,,,,,,90,52
- org.springframework.validation,,,13,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,13,
+ org.springframework.validation,,,13,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,13,
- org.springframework.web.client,13,3,,,,,,,,,,,,,,,,13,,,,,,,,,,,,,,,,,,,,,3,,
+ org.springframework.web.client,13,3,,,,,,,,,,,,,,,,,,,,,,,,,,13,,,,,,,,,,3,,
- org.springframework.web.context.request,,8,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,8,,
+ org.springframework.web.context.request,,8,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,8,,
- org.springframework.web.multipart,,12,13,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,12,13,
+ org.springframework.web.multipart,,12,13,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,12,13,
- org.springframework.web.reactive.function.client,2,,,,,,,,,,,,,,,,,2,,,,,,,,,,,,,,,,,,,,,,,
+ org.springframework.web.reactive.function.client,2,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,,,,,,,
- org.springframework.web.util,,,165,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,140,25
+ org.springframework.web.util,,,165,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,140,25
- org.thymeleaf,2,,2,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,,,,,2,
+ org.thymeleaf,2,,2,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,,,2,
- org.xml.sax,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,
+ org.xml.sax,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,
- org.xmlpull.v1,,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3,,
+ org.xmlpull.v1,,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3,,
- play.mvc,,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,4,,
+ play.mvc,,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,4,,
- ratpack.core.form,,,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3,
+ ratpack.core.form,,,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3,
- ratpack.core.handling,,6,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,6,4,
+ ratpack.core.handling,,6,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,6,4,
- ratpack.core.http,,10,10,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,10,10,
+ ratpack.core.http,,10,10,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,10,10,
- ratpack.exec,,,48,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,48
+ ratpack.exec,,,48,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,48
- ratpack.form,,,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3,
+ ratpack.form,,,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3,
- ratpack.func,,,35,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,35
+ ratpack.func,,,35,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,35
- ratpack.handling,,6,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,6,4,
+ ratpack.handling,,6,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,6,4,
- ratpack.http,,10,10,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,10,10,
+ ratpack.http,,10,10,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,10,10,
- ratpack.util,,,35,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,35
+ ratpack.util,,,35,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,35
- retrofit2,1,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,,
+ retrofit2,1,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,

…d C# sink kinds

…anguages

javascript/ql/lib/semmle/javascript/frameworks/data/internal/SharedModelValidation.qll

yoff

This looks fine for Python, but is there a reason not to place just one copy of the shared file inside shared? It could even contain getInvalidModelKind if you made it parameterised module. The users would just provide summaryModel, sinkModel, etc.. (neutralModel could simply be none for languages not supporting it yet).

jcogs33 · 2023-06-06T12:51:31Z

is there a reason not to place just one copy of the shared file inside shared

I wasn't aware of shared. 🙂

It could even contain getInvalidModelKind if you made it parameterised module. The users would just provide summaryModel, sinkModel, etc.. (neutralModel could simply be none for languages not supporting it yet).

Yes, this sounds better. I'll refactor the code to do this. Thanks for the suggestion!

yoff · 2023-06-06T13:11:53Z

Excellent! Ideally, identical-files.json will only shrink from now on :-)

…ule for 'getInvalidModelKind'

jcogs33 · 2023-06-09T02:15:19Z

I've re-opened this PR for review after refactoring the code to use shared and a parameterised module as @yoff suggested.

A few things for consideration during review:

Let me know if the parameterised module should be structured differently. I've never created a parameterised module before so I'm not sure if I've structured it correctly/optimally. 🙂
Let me know if the shared/mad/qlpack.yml file needs any modification and if I need to do anything else to set up the pack correctly.
Let me know if I should name the shared/mad folder and/or the ModelValidation.qll file differently.
Note: the JavaScript Language Tests check will fail until JS: Fix invalid source kind in test #13380 is merged.

shared/mad/codeql/mad/ModelValidation.qll

michaelnebel

Just a single minor suggestion to consider before merging. Otherwise LGTM! :-)

michaelnebel · 2023-06-09T12:12:51Z

shared/mad/codeql/mad/ModelValidation.qll

+          // shared
+          "taint", "value",
+          // Dynamic languages
+          "type"


I think that for all practical purposes for now, it is acceptable the shared code also contain some validation that is language specific (to reduce the amount of code we need to write and maintain). If we notice (going forward) that the we have to much language specific stuff in the shared validation we probably need to split it and make sure that the shared validation is only the intersection between the languages.

yoff

Nice 👍

michaelnebel

Fantastic! Looks really good!

atorralba

👏

alexrford

Ruby 👍

asgerf

The JS tests are failing since #13380 hasn't been merged yet (sorry). I'll prioritise getting that merged ASAP.

jcogs33 · 2023-06-14T14:11:27Z

The JS tests are failing since #13380 hasn't been merged yet (sorry). I'll prioritise getting that merged ASAP.

Thanks @asgerf! The JS tests are passing now.

asgerf

👍

swift/ql/lib/codeql/swift/dataflow/ExternalFlow.qll

geoffw0

Swift 👍

github-actions bot added C# documentation Go Java JS Python Ruby Swift labels May 30, 2023

jcogs33 mentioned this pull request Jun 1, 2023

Java: add error message for outdated sink kinds in getInvalidModelKind #13228

Merged

jcogs33 force-pushed the jcogs33/shared-sink-kind-validation branch from ffb4844 to b8daca7 Compare June 1, 2023 17:15

github-actions bot removed the documentation label Jun 1, 2023

jcogs33 force-pushed the jcogs33/shared-sink-kind-validation branch 2 times, most recently from faac8b7 to e72191c Compare June 5, 2023 13:23

Jami Cogswell added 15 commits June 5, 2023 12:18

JS/Python/Ruby: add getInvalidModelKind as experiment

e24e3a6

Shared: add 'SharedModelValidation' file as experiment

869f820

Shared: add source, summary, and neutral shared valid kinds

ddb5d92

JS/Python/Ruby: use 'SharedModelValidation' file

0ab1848

Java/C#/Go/Swift: use 'SharedModelValidation' file

79f61cc

Shared: update kind information

7317c29

Shared: remove cpp note

9f42ae3

Java/C#/Go/Swift: remove commented-out code

615f2a5

JS/Python/Ruby: update getInvalidModelKind

254e447

Go/Swift: validate source/sink kinds

76508d1

Shared: include 'qltest%' and 'test-%'

7b629f5

Shared: move 'OutdatedSinkKind' to shared file and add outdated JS an…

76f5dca

…d C# sink kinds

Shared: add outdated sink kind msg to 'getInvalidModelKind' for all l…

62ac0dc

…anguages

Shared: add outdated Swift sink kinds

3f1dc8e

Shared: update qldocs

9d5972a

jcogs33 force-pushed the jcogs33/shared-sink-kind-validation branch from e72191c to 9d5972a Compare June 5, 2023 16:19

jcogs33 requested review from a team as code owners June 5, 2023 20:38

jcogs33 requested a review from michaelnebel June 5, 2023 20:38

calumgrant requested a review from asgerf June 6, 2023 08:18

asgerf reviewed Jun 6, 2023

View reviewed changes

javascript/ql/lib/semmle/javascript/frameworks/data/internal/SharedModelValidation.qll Outdated Show resolved Hide resolved

javascript/ql/lib/semmle/javascript/frameworks/data/internal/SharedModelValidation.qll Outdated Show resolved Hide resolved

yoff reviewed Jun 6, 2023

View reviewed changes

jcogs33 marked this pull request as draft June 6, 2023 22:10

Jami Cogswell added 3 commits June 8, 2023 20:05

Shared: move shared file to 'shared' folder and add parameterized mod…

da58b2a

…ule for 'getInvalidModelKind'

Shared: update comment and remove 'remote-flow' as a source kind

3bfb5f9

Shared: update pack files

bcba1f3

jcogs33 marked this pull request as ready for review June 9, 2023 02:15

michaelnebel reviewed Jun 9, 2023

View reviewed changes

shared/mad/codeql/mad/ModelValidation.qll Outdated Show resolved Hide resolved

michaelnebel reviewed Jun 9, 2023

View reviewed changes

Shared: use a module as input to 'KindValidation'

9abe3e3

owen-mc approved these changes Jun 10, 2023

View reviewed changes

yoff approved these changes Jun 11, 2023

View reviewed changes

michaelnebel approved these changes Jun 12, 2023

View reviewed changes

atorralba approved these changes Jun 12, 2023

View reviewed changes

alexrford approved these changes Jun 13, 2023

View reviewed changes

asgerf reviewed Jun 14, 2023

View reviewed changes

Merge branch 'main' into jcogs33/shared-sink-kind-validation

3559111

asgerf approved these changes Jun 14, 2023

View reviewed changes

geoffw0 reviewed Jun 19, 2023

View reviewed changes

swift/ql/lib/codeql/swift/dataflow/ExternalFlow.qll Show resolved Hide resolved

geoffw0 approved these changes Jun 20, 2023

View reviewed changes

jcogs33 merged commit 5259a6e into github:main Jun 20, 2023

jcogs33 deleted the jcogs33/shared-sink-kind-validation branch June 20, 2023 15:56

Shared: share MaD kind validation across languages #13324

Shared: share MaD kind validation across languages #13324

Uh oh!

Conversation

jcogs33 commented May 30, 2023 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Description

Uh oh!

github-actions bot commented May 30, 2023

java

Generated file changes for java

Uh oh!

Uh oh!

Uh oh!

yoff left a comment

Choose a reason for hiding this comment

Uh oh!

jcogs33 commented Jun 6, 2023

Uh oh!

yoff commented Jun 6, 2023

Uh oh!

jcogs33 commented Jun 9, 2023

Uh oh!

Uh oh!

michaelnebel left a comment

Choose a reason for hiding this comment

Uh oh!

michaelnebel Jun 9, 2023

Choose a reason for hiding this comment

Uh oh!

yoff left a comment

Choose a reason for hiding this comment

Uh oh!

michaelnebel left a comment

Choose a reason for hiding this comment

Uh oh!

atorralba left a comment

Choose a reason for hiding this comment

Uh oh!

alexrford left a comment

Choose a reason for hiding this comment

Uh oh!

asgerf left a comment • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

jcogs33 commented Jun 14, 2023

Uh oh!

asgerf left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

geoffw0 left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

jcogs33 commented May 30, 2023 •

edited

Loading

asgerf left a comment •

edited

Loading