Merge pull request #2628 from aschackmull/java/no-adhoc-testclass

Java: Replace ad-hoc TestClass detection.
2026-05-05 13:45:19 +02:00 · 2020-01-23 14:09:11 -05:00
parent 33070cc16d 0bbe571064
commit 50320c7828
2 changed files with 28 additions and 3 deletions
--- a/change-notes/1.24/analysis-java.md
+++ b/change-notes/1.24/analysis-java.md
@@ -22,3 +22,10 @@ The following changes in version 1.24 affect Java analysis in all applications.

 ## Changes to libraries

+* Identification of test classes has been improved. Previously, one of the
+  match conditions would classify any class with a name containing the string
+  "Test" as a test class, but now this matching has been replaced with one that
+  looks for the occurrence of actual unit-test annotations. This affects the
+  general file classification mechanism and thus suppression of alerts, and
+  also any security queries using taint tracking, as test classes act as
+  default barriers stopping taint flow.