codeql/java/documentation/library-coverage/coverage.csv

1	package	sink	source	summary	sink:bean-validation	sink:file-content-store	sink:fragment-injection	sink:groovy-injection	sink:hostname-verification	sink:html-injection	sink:information-leak	sink:intent-redirection	sink:jexl-injection	sink:jndi-injection	sink:js-injection	sink:ldap-injection	sink:log-injection	sink:mvel-injection	sink:ognl-injection	sink:path-injection	sink:pending-intents	sink:regex-use	sink:regex-use[-1]	sink:regex-use[0]	sink:regex-use[]	sink:regex-use[f-1]	sink:regex-use[f1]	sink:regex-use[f]	sink:request-forgery	sink:response-splitting	sink:sql-injection	sink:template-injection	sink:url-redirection	sink:xpath-injection	sink:xslt-injection	source:android-external-storage-dir	source:contentprovider	source:remote	summary:taint	summary:value
2	android.app	35		103			11					7									17																		18	85
3	android.content	24	31	154								16																			8					4	27		63	91
4	android.database	59		41																											59								41
5	android.net			60																																			45	15
6	android.os		2	122																																2			41	81
7	android.support.v4.app	11					11
8	android.util	6	16														6																					16
9	android.webkit	3	2							2					1																							2
10	android.widget		1	1																																		1	1
11	androidx.core.app	6		95																	6																		12	83
12	androidx.fragment.app	11					11
13	androidx.slice	2	5	88																	2																5		27	61
14	cn.hutool.core.codec			1																																			1
15	com.alibaba.druid.sql			1																																			1
16	com.esotericsoftware.kryo.io			1																																			1
17	com.esotericsoftware.kryo5.io			1																																			1
18	com.fasterxml.jackson.core			1																																			1
19	com.fasterxml.jackson.databind	2		6																2																			6
20	com.google.common.base	4		87																				3	1														63	24
21	com.google.common.cache			17																																				17
22	com.google.common.collect			553																																			2	551
23	com.google.common.flogger	29															29
24	com.google.common.io	8		73		1														7																			72	1
25	com.google.gson			44																																			30	14
26	com.hubspot.jinjava	2																														2
27	com.jcraft.jsch	1		1																									1										1
28	com.mitchellbosecke.pebble	2																														2
29	com.opensymphony.xwork2.ognl	3																	3
30	com.rabbitmq.client		21	7																																		21	7
31	com.thoughtworks.xstream	1																		1
32	com.unboundid.ldap.sdk	17														17
33	com.zaxxer.hikari	2																											2
34	flexjson			1																																				1
35	freemarker.cache	1																														1
36	freemarker.template	7																														7
37	groovy.lang	26						26
38	groovy.text	1						1
39	groovy.util	5						5
40	hudson	44		16		2														36									6										16
41	io.jsonwebtoken		2	4																																		2	4
42	io.netty.bootstrap	3																											3
43	io.netty.buffer			207																																			130	77
44	io.netty.channel	9	2																										9									2
45	io.netty.handler.codec	4	13	259																1									3									13	143	116
46	io.netty.handler.ssl	4																		4
47	io.netty.handler.stream	1																		1
48	io.netty.resolver			1																																			1
49	io.netty.util	2		23																1									1										21	2
50	jakarta.faces.context	2	7							2																												7
51	jakarta.json			123																																			100	23
52	jakarta.ws.rs.client	1																											1
53	jakarta.ws.rs.container		9																																			9
54	jakarta.ws.rs.core	2		149																													2						94	55
55	java.awt			3																																				3
56	java.beans			1																																			1
57	java.io	49		45		22														27																			43	2
58	java.lang	18		92													8			5			4			1													56	36
59	java.net	13	3	20																									13									3	20
60	java.nio	47		35		3														44																			35
61	java.sql	13		3																									4		9								2	1
62	java.util	44		484													34							5	2		1	2											44	440
63	javafx.scene.web	1																											1
64	javax.faces.context	2	7							2																												7
65	javax.imageio.stream			1																																			1
66	javax.jms		9	57																																		9	57
67	javax.json			123																																			100	23
68	javax.management.remote	2												2
69	javax.naming	7		1										6		1																							1
70	javax.net.ssl	2							2
71	javax.script	1																1
72	javax.servlet	5	21	2							1									1										3								21	2
73	javax.validation	1	1		1																																	1
74	javax.ws.rs.client	1																											1
75	javax.ws.rs.container		9																																			9
76	javax.ws.rs.core	3		149																										1			2						94	55
77	javax.xml.transform	2		6																1															1				6
78	javax.xml.xpath	3																																3
79	jodd.json			10																																				10
80	kotlin	16		1847																14									2										1836	11
81	net.sf.saxon.s9api	5																																	5
82	ognl	6																	6
83	okhttp3	4		48																									4										23	25
84	org.antlr.runtime	1																		1
85	org.apache.commons.codec			6																																			6
86	org.apache.commons.collections			800																																			17	783
87	org.apache.commons.collections4			800																																			17	783
88	org.apache.commons.compress.archivers.tar			4																																			4
89	org.apache.commons.httpclient.util			1																																			1
90	org.apache.commons.io	111		560		2														94									15										546	14
91	org.apache.commons.jelly	6																											6
92	org.apache.commons.jexl2	15											15
93	org.apache.commons.jexl3	15											15
94	org.apache.commons.lang3	6		424																		6																	293	131
95	org.apache.commons.logging	6															6
96	org.apache.commons.net	9	12																	3									6									12
97	org.apache.commons.ognl	6																	6
98	org.apache.commons.text			272																																			220	52
99	org.apache.directory.ldap.client.api	1														1
100	org.apache.hadoop.fs			10																																			10
101	org.apache.hadoop.hive.metastore	3																													3
102	org.apache.hc.client5.http.async.methods	84																											84
103	org.apache.hc.client5.http.classic.methods	37																											37
104	org.apache.hc.client5.http.fluent	19																											19
105	org.apache.hc.core5.benchmark	1																											1
106	org.apache.hc.core5.function			1																																			1
107	org.apache.hc.core5.http	73	2	45						1																			72									2	45
108	org.apache.hc.core5.net			18																																			18
109	org.apache.hc.core5.util			24																																			18	6
110	org.apache.hive.hcatalog.templeton	1																													1
111	org.apache.http	48	3	94						2																			46									3	86	8
112	org.apache.ibatis.jdbc	6		57																											6								57
113	org.apache.log4j	11															11
114	org.apache.logging.log4j	359		8													359																						4	4
115	org.apache.shiro.codec			1																																			1
116	org.apache.shiro.jndi	1												1
117	org.apache.tools.ant	11																		11
118	org.apache.tools.zip			1																																			1
119	org.apache.velocity.app	4																														4
120	org.apache.velocity.runtime	4																														4
121	org.codehaus.cargo.container.installer	3																		2									1
122	org.codehaus.groovy.control	1						1
123	org.dom4j	20																																20
124	org.eclipse.jetty.client	1																											1
125	org.fusesource.leveldbjni	1																		1
126	org.geogebra.web.full.main	1																															1
127	org.hibernate	7																													7
128	org.influxdb	1																											1
129	org.jboss.logging	324															324
130	org.jdbi.v3.core	6																											6
131	org.jooq	1																													1
132	org.json			236																																			198	38
133	org.kohsuke.stapler	3		1																1									1				1						1
134	org.mvel2	16																16
135	org.openjdk.jmh.runner.options	1																		1
136	org.scijava.log	13															13
137	org.slf4j	55		6													55																						2	4
138	org.springframework.beans			30																																				30
139	org.springframework.boot.jdbc	1																											1
140	org.springframework.cache			13																																				13
141	org.springframework.context			3																																			3
142	org.springframework.core.io	2																		1									1
143	org.springframework.data.repository			1																																				1
144	org.springframework.http	14		71																									14										61	10
145	org.springframework.jdbc.core	19																													19
146	org.springframework.jdbc.datasource	4																											4
147	org.springframework.jdbc.object	9																													9
148	org.springframework.jndi	1												1
149	org.springframework.ldap	47												33		14
150	org.springframework.security.web.savedrequest		6																																			6
151	org.springframework.ui			32																																				32
152	org.springframework.util	3		142																3																			90	52
153	org.springframework.validation			13																																			13
154	org.springframework.web.client	13	3																										13									3
155	org.springframework.web.context.request		8																																			8
156	org.springframework.web.multipart		12	13																																		12	13
157	org.springframework.web.reactive.function.client	2																											2
158	org.springframework.web.util			165																																			140	25
159	org.thymeleaf	2		2																												2							2
160	org.xml.sax			1																																			1
161	org.xmlpull.v1		3																																			3
162	org.yaml.snakeyaml			1																																			1
163	play.libs.ws	2																											2
164	play.mvc		13	24																																		13	24
165	ratpack.core.form			3																																			3
166	ratpack.core.handling		6	4																																		6	4
167	ratpack.core.http		10	10																																		10	10
168	ratpack.exec			48																																				48
169	ratpack.form			3																																			3
170	ratpack.func			35																																				35
171	ratpack.handling		6	4																																		6	4
172	ratpack.http		10	10																																		10	10
173	ratpack.util			35																																				35
174	retrofit2	1																											1