hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add changed framework coverage reports

Browse Source
This commit is contained in:
github-actions[bot]
2021-07-12 00:06:55 +00:00
parent 1d56748eed
commit 56419bc74b
2 changed files with 66 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

115
java/documentation/library-coverage/coverage.csv
View File

@@ -1,54 +1,61 @@
package,sink,source,summary,sink:bean-validation,sink:create-file,sink:header-splitting,sink:information-leak,sink:jexl,sink:ldap,sink:open-url,sink:set-hostname-verifier,sink:url-open-stream,sink:url-redirect,sink:xpath,sink:xss,source:remote,summary:taint,summary:value
android.util,,16,,,,,,,,,,,,,,16,,
android.webkit,3,2,,,,,,,,,,,,,3,2,,
com.esotericsoftware.kryo.io,,,1,,,,,,,,,,,,,,1,
com.esotericsoftware.kryo5.io,,,1,,,,,,,,,,,,,,1,
com.fasterxml.jackson.databind,,,3,,,,,,,,,,,,,,3,
com.google.common.base,,,85,,,,,,,,,,,,,,62,23
com.google.common.io,6,,73,,,,,,,,,6,,,,,72,1
com.unboundid.ldap.sdk,17,,,,,,,,17,,,,,,,,,
jakarta.ws.rs.client,1,,,,,,,,,1,,,,,,,,
jakarta.ws.rs.core,2,,143,,,,,,,,,,2,,,,88,55
java.beans,,,1,,,,,,,,,,,,,,1,
java.io,3,,20,,3,,,,,,,,,,,,20,
java.lang,,,3,,,,,,,,,,,,,,1,2
java.net,10,3,6,,,,,,,10,,,,,,3,6,
java.nio,10,,2,,10,,,,,,,,,,,,2,
java.util,,,295,,,,,,,,,,,,,,15,280
javax.naming.directory,1,,,,,,,,1,,,,,,,,,
javax.net.ssl,2,,,,,,,,,,2,,,,,,,
javax.servlet,4,21,2,,,3,1,,,,,,,,,21,2,
javax.validation,1,1,,1,,,,,,,,,,,,1,,
javax.ws.rs.client,1,,,,,,,,,1,,,,,,,,
javax.ws.rs.core,3,,143,,,1,,,,,,,2,,,,88,55
javax.xml.transform.sax,,,4,,,,,,,,,,,,,,4,
javax.xml.transform.stream,,,2,,,,,,,,,,,,,,2,
javax.xml.xpath,3,,,,,,,,,,,,,3,,,,
org.apache.commons.codec,,,2,,,,,,,,,,,,,,2,
org.apache.commons.collections,,,99,,,,,,,,,,,,,,4,95
org.apache.commons.collections4,,,99,,,,,,,,,,,,,,4,95
org.apache.commons.io,,,22,,,,,,,,,,,,,,22,
org.apache.commons.jexl2,15,,,,,,,15,,,,,,,,,,
org.apache.commons.jexl3,15,,,,,,,15,,,,,,,,,,
org.apache.commons.lang3,,,420,,,,,,,,,,,,,,292,128
org.apache.commons.text,,,272,,,,,,,,,,,,,,220,52
org.apache.directory.ldap.client.api,1,,,,,,,,1,,,,,,,,,
org.apache.hc.core5.function,,,1,,,,,,,,,,,,,,1,
org.apache.hc.core5.http,1,2,39,,,,,,,,,,,,1,2,39,
org.apache.hc.core5.net,,,2,,,,,,,,,,,,,,2,
org.apache.hc.core5.util,,,24,,,,,,,,,,,,,,18,6
org.apache.http,27,3,70,,,,,,,25,,,,,2,3,62,8
org.dom4j,20,,,,,,,,,,,,,20,,,,
org.springframework.beans,,,26,,,,,,,,,,,,,,,26
org.springframework.http,14,,,,,,,,,14,,,,,,,,
org.springframework.ldap.core,14,,,,,,,,14,,,,,,,,,
org.springframework.security.web.savedrequest,,6,,,,,,,,,,,,,,6,,
org.springframework.util,,,139,,,,,,,,,,,,,,87,52
org.springframework.validation,,,13,,,,,,,,,,,,,,13,
org.springframework.web.client,13,3,,,,,,,,13,,,,,,3,,
org.springframework.web.context.request,,8,,,,,,,,,,,,,,8,,
org.springframework.web.multipart,,12,,,,,,,,,,,,,,12,,
org.springframework.web.reactive.function.client,2,,,,,,,,,2,,,,,,,,
org.xml.sax,,,1,,,,,,,,,,,,,,1,
org.xmlpull.v1,,3,,,,,,,,,,,,,,3,,
play.mvc,,4,,,,,,,,,,,,,,4,,
package,sink,source,summary,sink:bean-validation,sink:create-file,sink:header-splitting,sink:information-leak,sink:jexl,sink:ldap,sink:open-url,sink:set-hostname-verifier,sink:sql,sink:url-open-stream,sink:url-redirect,sink:xpath,sink:xss,source:remote,summary:taint,summary:value
android.content,8,,,,,,,,,,,8,,,,,,,
android.database,59,,,,,,,,,,,59,,,,,,,
android.util,,16,,,,,,,,,,,,,,,16,,
android.webkit,3,2,,,,,,,,,,,,,,3,2,,
com.esotericsoftware.kryo.io,,,1,,,,,,,,,,,,,,,1,
com.esotericsoftware.kryo5.io,,,1,,,,,,,,,,,,,,,1,
com.fasterxml.jackson.databind,,,3,,,,,,,,,,,,,,,3,
com.google.common.base,,,85,,,,,,,,,,,,,,,62,23
com.google.common.io,6,,73,,,,,,,,,,6,,,,,72,1
com.unboundid.ldap.sdk,17,,,,,,,,17,,,,,,,,,,
jakarta.ws.rs.client,1,,,,,,,,,1,,,,,,,,,
jakarta.ws.rs.core,2,,143,,,,,,,,,,,2,,,,88,55
java.beans,,,1,,,,,,,,,,,,,,,1,
java.io,3,,20,,3,,,,,,,,,,,,,20,
java.lang,,,3,,,,,,,,,,,,,,,1,2
java.net,10,3,6,,,,,,,10,,,,,,,3,6,
java.nio,10,,2,,10,,,,,,,,,,,,,2,
java.sql,7,,,,,,,,,,,7,,,,,,,
java.util,,,295,,,,,,,,,,,,,,,15,280
javax.naming.directory,1,,,,,,,,1,,,,,,,,,,
javax.net.ssl,2,,,,,,,,,,2,,,,,,,,
javax.servlet,4,21,2,,,3,1,,,,,,,,,,21,2,
javax.validation,1,1,,1,,,,,,,,,,,,,1,,
javax.ws.rs.client,1,,,,,,,,,1,,,,,,,,,
javax.ws.rs.core,3,,143,,,1,,,,,,,,2,,,,88,55
javax.xml.transform.sax,,,4,,,,,,,,,,,,,,,4,
javax.xml.transform.stream,,,2,,,,,,,,,,,,,,,2,
javax.xml.xpath,3,,,,,,,,,,,,,,3,,,,
org.apache.commons.codec,,,2,,,,,,,,,,,,,,,2,
org.apache.commons.collections,,,99,,,,,,,,,,,,,,,4,95
org.apache.commons.collections4,,,99,,,,,,,,,,,,,,,4,95
org.apache.commons.io,,,22,,,,,,,,,,,,,,,22,
org.apache.commons.jexl2,15,,,,,,,15,,,,,,,,,,,
org.apache.commons.jexl3,15,,,,,,,15,,,,,,,,,,,
org.apache.commons.lang3,,,420,,,,,,,,,,,,,,,292,128
org.apache.commons.text,,,272,,,,,,,,,,,,,,,220,52
org.apache.directory.ldap.client.api,1,,,,,,,,1,,,,,,,,,,
org.apache.hc.core5.function,,,1,,,,,,,,,,,,,,,1,
org.apache.hc.core5.http,1,2,39,,,,,,,,,,,,,1,2,39,
org.apache.hc.core5.net,,,2,,,,,,,,,,,,,,,2,
org.apache.hc.core5.util,,,24,,,,,,,,,,,,,,,18,6
org.apache.http,27,3,70,,,,,,,25,,,,,,2,3,62,8
org.apache.ibatis.jdbc,6,,,,,,,,,,,6,,,,,,,
org.dom4j,20,,,,,,,,,,,,,,20,,,,
org.hibernate,7,,,,,,,,,,,7,,,,,,,
org.jooq,1,,,,,,,,,,,1,,,,,,,
org.springframework.beans,,,26,,,,,,,,,,,,,,,,26
org.springframework.http,14,,,,,,,,,14,,,,,,,,,
org.springframework.jdbc.core,10,,,,,,,,,,,10,,,,,,,
org.springframework.ldap.core,14,,,,,,,,14,,,,,,,,,,
org.springframework.security.web.savedrequest,,6,,,,,,,,,,,,,,,6,,
org.springframework.util,,,139,,,,,,,,,,,,,,,87,52
org.springframework.validation,,,13,,,,,,,,,,,,,,,13,
org.springframework.web.client,13,3,,,,,,,,13,,,,,,,3,,
org.springframework.web.context.request,,8,,,,,,,,,,,,,,,8,,
org.springframework.web.multipart,,12,,,,,,,,,,,,,,,12,,
org.springframework.web.reactive.function.client,2,,,,,,,,,2,,,,,,,,,
org.xml.sax,,,1,,,,,,,,,,,,,,,1,
org.xmlpull.v1,,3,,,,,,,,,,,,,,,3,,
play.mvc,,4,,,,,,,,,,,,,,,4,,
1 package sink source summary sink:bean-validation sink:create-file sink:header-splitting sink:information-leak sink:jexl sink:ldap sink:open-url sink:set-hostname-verifier sink:sql sink:url-open-stream sink:url-redirect sink:xpath sink:xss source:remote summary:taint summary:value
2 android.util android.content 8 16 8 16
3 android.webkit android.database 3 59 2 59 3 2
4 com.esotericsoftware.kryo.io android.util 16 1 16 1
5 com.esotericsoftware.kryo5.io android.webkit 3 2 1 3 2 1
6 com.fasterxml.jackson.databind com.esotericsoftware.kryo.io 3 1 3 1
7 com.google.common.base com.esotericsoftware.kryo5.io 85 1 62 1 23
8 com.google.common.io com.fasterxml.jackson.databind 6 73 3 6 72 3 1
9 com.unboundid.ldap.sdk com.google.common.base 17 85 17 62 23
10 jakarta.ws.rs.client com.google.common.io 1 6 73 1 6 72 1
11 jakarta.ws.rs.core com.unboundid.ldap.sdk 2 17 143 17 2 88 55
12 java.beans jakarta.ws.rs.client 1 1 1 1
13 java.io jakarta.ws.rs.core 3 2 20 143 3 2 20 88 55
14 java.lang java.beans 3 1 1 2
15 java.net java.io 10 3 3 6 20 3 10 3 6 20
16 java.nio java.lang 10 2 3 10 2 1 2
17 java.util java.net 10 3 295 6 10 3 15 6 280
18 javax.naming.directory java.nio 1 10 2 10 1 2
19 javax.net.ssl java.sql 2 7 2 7
20 javax.servlet java.util 4 21 2 295 3 1 21 2 15 280
21 javax.validation javax.naming.directory 1 1 1 1 1
22 javax.ws.rs.client javax.net.ssl 1 2 1 2
23 javax.ws.rs.core javax.servlet 3 4 21 143 2 1 3 1 2 21 88 2 55
24 javax.xml.transform.sax javax.validation 1 1 4 1 1 4
25 javax.xml.transform.stream javax.ws.rs.client 1 2 1 2
26 javax.xml.xpath javax.ws.rs.core 3 143 1 2 3 88 55
27 org.apache.commons.codec javax.xml.transform.sax 2 4 2 4
28 org.apache.commons.collections javax.xml.transform.stream 99 2 4 2 95
29 org.apache.commons.collections4 javax.xml.xpath 3 99 3 4 95
30 org.apache.commons.io org.apache.commons.codec 22 2 22 2
31 org.apache.commons.jexl2 org.apache.commons.collections 15 99 15 4 95
32 org.apache.commons.jexl3 org.apache.commons.collections4 15 99 15 4 95
33 org.apache.commons.lang3 org.apache.commons.io 420 22 292 22 128
34 org.apache.commons.text org.apache.commons.jexl2 15 272 15 220 52
35 org.apache.directory.ldap.client.api org.apache.commons.jexl3 1 15 15 1
36 org.apache.hc.core5.function org.apache.commons.lang3 1 420 1 292 128
37 org.apache.hc.core5.http org.apache.commons.text 1 2 39 272 1 2 39 220 52
38 org.apache.hc.core5.net org.apache.directory.ldap.client.api 1 2 1 2
39 org.apache.hc.core5.util org.apache.hc.core5.function 24 1 18 1 6
40 org.apache.http org.apache.hc.core5.http 27 1 3 2 70 39 25 2 1 3 2 62 39 8
41 org.dom4j org.apache.hc.core5.net 20 2 20 2
42 org.springframework.beans org.apache.hc.core5.util 26 24 18 26 6
43 org.springframework.http org.apache.http 14 27 3 70 14 25 2 3 62 8
44 org.springframework.ldap.core org.apache.ibatis.jdbc 14 6 14 6
45 org.springframework.security.web.savedrequest org.dom4j 20 6 20 6
46 org.springframework.util org.hibernate 7 139 7 87 52
47 org.springframework.validation org.jooq 1 13 1 13
48 org.springframework.web.client org.springframework.beans 13 3 26 13 3 26
49 org.springframework.web.context.request org.springframework.http 14 8 14 8
50 org.springframework.web.multipart org.springframework.jdbc.core 10 12 10 12
51 org.springframework.web.reactive.function.client org.springframework.ldap.core 2 14 14 2
52 org.xml.sax org.springframework.security.web.savedrequest 6 1 6 1
53 org.xmlpull.v1 org.springframework.util 3 139 3 87 52
54 play.mvc org.springframework.validation 4 13 4 13
55 org.springframework.web.client 13 3 13 3
56 org.springframework.web.context.request 8 8
57 org.springframework.web.multipart 12 12
58 org.springframework.web.reactive.function.client 2 2
59 org.xml.sax 1 1
60 org.xmlpull.v1 3 3
61 play.mvc 4 4

10
java/documentation/library-coverage/coverage.rst
View File

@@ -7,16 +7,16 @@ Java framework & library support
:widths: auto
Framework / library,Package,Flow sources,Taint & value steps,Sinks (total),`CWE022` :sub:`Path injection`,`CWE036` :sub:`Path traversal`,`CWE079` :sub:`Cross-site scripting`,`CWE089` :sub:`SQL injection`,`CWE090` :sub:`LDAP injection`,`CWE094` :sub:`Code injection`,`CWE319` :sub:`Cleartext transmission`
Android,``android.*``,18,,3,,,3,,,,
Android,``android.*``,18,,70,,,3,67,,,
`Apache Commons Collections <https://commons.apache.org/proper/commons-collections/>`_,"``org.apache.commons.collections``, ``org.apache.commons.collections4``",,198,,,,,,,,
`Apache Commons IO <https://commons.apache.org/proper/commons-io/>`_,``org.apache.commons.io``,,22,,,,,,,,
`Apache Commons Lang <https://commons.apache.org/proper/commons-lang/>`_,``org.apache.commons.lang3``,,420,,,,,,,,
`Apache Commons Text <https://commons.apache.org/proper/commons-text/>`_,``org.apache.commons.text``,,272,,,,,,,,
`Apache HttpComponents <https://hc.apache.org/>`_,"``org.apache.hc.core5.*``, ``org.apache.http``",5,136,28,,,3,,,,25
`Google Guava <https://guava.dev/>`_,``com.google.common.*``,,158,6,,6,,,,,
Java Standard Library,``java.*``,3,327,23,13,,,,,,10
Java Standard Library,``java.*``,3,327,30,13,,,7,,,10
Java extensions,"``javax.*``, ``jakarta.*``",22,294,18,,,,,1,1,2
`Spring <https://spring.io/>`_,``org.springframework.*``,29,178,43,,,,,14,,29
Others,"``com.esotericsoftware.kryo.io``, ``com.esotericsoftware.kryo5.io``, ``com.fasterxml.jackson.databind``, ``com.unboundid.ldap.sdk``, ``org.apache.commons.codec``, ``org.apache.commons.jexl2``, ``org.apache.commons.jexl3``, ``org.apache.directory.ldap.client.api``, ``org.dom4j``, ``org.xml.sax``, ``org.xmlpull.v1``, ``play.mvc``",7,8,68,,,,,18,,
Totals,,84,2013,189,13,6,6,,33,1,66
`Spring <https://spring.io/>`_,``org.springframework.*``,29,178,53,,,,10,14,,29
Others,"``com.esotericsoftware.kryo.io``, ``com.esotericsoftware.kryo5.io``, ``com.fasterxml.jackson.databind``, ``com.unboundid.ldap.sdk``, ``org.apache.commons.codec``, ``org.apache.commons.jexl2``, ``org.apache.commons.jexl3``, ``org.apache.directory.ldap.client.api``, ``org.apache.ibatis.jdbc``, ``org.dom4j``, ``org.hibernate``, ``org.jooq``, ``org.xml.sax``, ``org.xmlpull.v1``, ``play.mvc``",7,8,82,,,,14,18,,
Totals,,84,2013,287,13,6,6,98,33,1,66