hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1065 from yh-semmle/java-frameworks-notes

Browse Source 
Java: update frameworks list for 1.20 release
This commit is contained in:
Felicity Chapman
2019-03-14 09:15:46 +00:00
committed by GitHub
parent 28efd91bbc d7925ee2ec
commit 01b8770b7c
2 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
change-notes/1.20/analysis-java.md
View File

@@ -29,7 +29,7 @@
collections, maps, and iterators. This affects all security queries, which
can report more results based on such paths.
* The `FlowSources` and `TaintTracking` libraries are extended to cover additional remote user
input and taint steps from the Apache Thrift, Apache Struts, Guice and Protobuf frameworks.
input and taint steps from the following frameworks: Guice, Protobuf, Thrift and Struts.
This affects all security queries, which may yield additional results on projects
that use these frameworks.

3
change-notes/1.20/support/java-frameworks.csv
View File

@@ -3,8 +3,11 @@ Hibernate, Database
iBatis / MyBatis, Database
Java Persistence API (JPA), Database
JDBC, Database
Protobuf, Serialization
Kryo deserialization, Serialization
SnakeYaml, Serialization
Spring JDBC, Database
Spring MVC, Web application framework
Struts, Web application framework
Thrift, RPC framework
XStream, Serialization
1 Name Category
3 iBatis / MyBatis Database
4 Java Persistence API (JPA) Database
5 JDBC Database
6 Protobuf Serialization
7 Kryo deserialization Serialization
8 SnakeYaml Serialization
9 Spring JDBC Database
10 Spring MVC Web application framework
11 Struts Web application framework
12 Thrift RPC framework
13 XStream Serialization