Merge pull request #6499 from github/workflow/coverage/update

Update CSV framework coverage reports
2026-04-29 10:45:15 +02:00 · 2021-08-23 11:26:36 +01:00
parent 4cfa0f66a8 7d9f06fb63
commit 0210d85ce8
2 changed files with 11 additions and 7 deletions
--- a/java/documentation/library-coverage/coverage.csv
+++ b/java/documentation/library-coverage/coverage.csv
@@ -8,6 +8,7 @@ com.esotericsoftware.kryo5.io,,,1,,,,,,,,,,,,,,,,,,,1,
 com.fasterxml.jackson.core,,,1,,,,,,,,,,,,,,,,,,,1,
 com.fasterxml.jackson.databind,,,5,,,,,,,,,,,,,,,,,,,5,
 com.google.common.base,,,85,,,,,,,,,,,,,,,,,,,62,23
+com.google.common.cache,,,17,,,,,,,,,,,,,,,,,,,,17
 com.google.common.io,6,,73,,,,,,,,,,,,,,6,,,,,72,1
 com.opensymphony.xwork2.ognl,3,,,,,,,,,,,,3,,,,,,,,,,
 com.unboundid.ldap.sdk,17,,,,,,,,,,17,,,,,,,,,,,,
@@ -35,10 +36,11 @@ javax.ws.rs.core,3,,143,,,,1,,,,,,,,,,,2,,,,88,55
 javax.xml.transform.sax,,,4,,,,,,,,,,,,,,,,,,,4,
 javax.xml.transform.stream,,,2,,,,,,,,,,,,,,,,,,,2,
 javax.xml.xpath,3,,,,,,,,,,,,,,,,,,3,,,,
+jodd.json,,,10,,,,,,,,,,,,,,,,,,,,10
 ognl,6,,,,,,,,,,,,6,,,,,,,,,,
 org.apache.commons.codec,,,6,,,,,,,,,,,,,,,,,,,6,
-org.apache.commons.collections,,,99,,,,,,,,,,,,,,,,,,,4,95
-org.apache.commons.collections4,,,99,,,,,,,,,,,,,,,,,,,4,95
+org.apache.commons.collections,,,394,,,,,,,,,,,,,,,,,,,9,385
+org.apache.commons.collections4,,,394,,,,,,,,,,,,,,,,,,,9,385
 org.apache.commons.io,,,22,,,,,,,,,,,,,,,,,,,22,
 org.apache.commons.jexl2,15,,,,,,,,15,,,,,,,,,,,,,,
 org.apache.commons.jexl3,15,,,,,,,,15,,,,,,,,,,,,,,
@@ -74,6 +76,7 @@ org.springframework.web.client,13,3,,,,,,,,,,,,13,,,,,,,3,,
 org.springframework.web.context.request,,8,,,,,,,,,,,,,,,,,,,8,,
 org.springframework.web.multipart,,12,13,,,,,,,,,,,,,,,,,,12,13,
 org.springframework.web.reactive.function.client,2,,,,,,,,,,,,,2,,,,,,,,,
+org.springframework.web.util,,,163,,,,,,,,,,,,,,,,,,,138,25
 org.xml.sax,,,1,,,,,,,,,,,,,,,,,,,1,
 org.xmlpull.v1,,3,,,,,,,,,,,,,,,,,,,3,,
 play.mvc,,4,,,,,,,,,,,,,,,,,,,4,,
--- a/java/documentation/library-coverage/coverage.rst
+++ b/java/documentation/library-coverage/coverage.rst
@@ -8,15 +8,16 @@ Java framework & library support

   Framework / library,Package,Flow sources,Taint & value steps,Sinks (total),`CWE‑022` :sub:`Path injection`,`CWE‑036` :sub:`Path traversal`,`CWE‑079` :sub:`Cross-site scripting`,`CWE‑089` :sub:`SQL injection`,`CWE‑090` :sub:`LDAP injection`,`CWE‑094` :sub:`Code injection`,`CWE‑319` :sub:`Cleartext transmission`
   Android,``android.*``,18,34,70,,,3,67,,,
-   `Apache Commons Collections <https://commons.apache.org/proper/commons-collections/>`_,"``org.apache.commons.collections``, ``org.apache.commons.collections4``",,198,,,,,,,,
+   `Apache Commons Collections <https://commons.apache.org/proper/commons-collections/>`_,"``org.apache.commons.collections``, ``org.apache.commons.collections4``",,788,,,,,,,,
   `Apache Commons IO <https://commons.apache.org/proper/commons-io/>`_,``org.apache.commons.io``,,22,,,,,,,,
   `Apache Commons Lang <https://commons.apache.org/proper/commons-lang/>`_,``org.apache.commons.lang3``,,423,,,,,,,,
   `Apache Commons Text <https://commons.apache.org/proper/commons-text/>`_,``org.apache.commons.text``,,272,,,,,,,,
   `Apache HttpComponents <https://hc.apache.org/>`_,"``org.apache.hc.core5.*``, ``org.apache.http``",5,136,28,,,3,,,,25
-   `Google Guava <https://guava.dev/>`_,``com.google.common.*``,,158,6,,6,,,,,
+   `Google Guava <https://guava.dev/>`_,``com.google.common.*``,,175,6,,6,,,,,
+   `JSON-java <https://github.com/stleary/JSON-java>`_,``org.json``,,236,,,,,,,,
   Java Standard Library,``java.*``,3,371,30,13,,,7,,,10
   Java extensions,"``javax.*``, ``jakarta.*``",22,540,27,,,,,1,1,2
-   `Spring <https://spring.io/>`_,``org.springframework.*``,29,306,91,,,,19,14,,29
-   Others,"``com.esotericsoftware.kryo.io``, ``com.esotericsoftware.kryo5.io``, ``com.fasterxml.jackson.core``, ``com.fasterxml.jackson.databind``, ``com.opensymphony.xwork2.ognl``, ``com.unboundid.ldap.sdk``, ``groovy.lang``, ``groovy.util``, ``ognl``, ``org.apache.commons.codec``, ``org.apache.commons.jexl2``, ``org.apache.commons.jexl3``, ``org.apache.commons.ognl``, ``org.apache.directory.ldap.client.api``, ``org.apache.ibatis.jdbc``, ``org.apache.shiro.jndi``, ``org.codehaus.groovy.control``, ``org.dom4j``, ``org.hibernate``, ``org.jooq``, ``org.json``, ``org.mvel2``, ``org.xml.sax``, ``org.xmlpull.v1``, ``play.mvc``",7,251,146,,,,14,18,,
-   Totals,,84,2711,398,13,6,6,107,33,1,66
+   `Spring <https://spring.io/>`_,``org.springframework.*``,29,469,91,,,,19,14,,29
+   Others,"``com.esotericsoftware.kryo.io``, ``com.esotericsoftware.kryo5.io``, ``com.fasterxml.jackson.core``, ``com.fasterxml.jackson.databind``, ``com.opensymphony.xwork2.ognl``, ``com.unboundid.ldap.sdk``, ``groovy.lang``, ``groovy.util``, ``jodd.json``, ``ognl``, ``org.apache.commons.codec``, ``org.apache.commons.jexl2``, ``org.apache.commons.jexl3``, ``org.apache.commons.ognl``, ``org.apache.directory.ldap.client.api``, ``org.apache.ibatis.jdbc``, ``org.apache.shiro.jndi``, ``org.codehaus.groovy.control``, ``org.dom4j``, ``org.hibernate``, ``org.jooq``, ``org.mvel2``, ``org.xml.sax``, ``org.xmlpull.v1``, ``play.mvc``",7,25,146,,,,14,18,,
+   Totals,,84,3491,398,13,6,6,107,33,1,66