Skip to content

Java: Improve Spring models#8639

Merged
atorralba merged 4 commits into
github:mainfrom
atorralba:atorralba/spring-beans-improvements
Apr 28, 2022
Merged

Java: Improve Spring models#8639
atorralba merged 4 commits into
github:mainfrom
atorralba:atorralba/spring-beans-improvements

Conversation

@atorralba
Copy link
Copy Markdown
Contributor

Adds models for the constructor of MutablePropertyValues of spring-beans. Also fixes a mistake in a couple of classes of spring-web.

@atorralba atorralba requested a review from a team as a code owner April 1, 2022 10:38
@github-actions github-actions Bot added the Java label Apr 1, 2022
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 1, 2022

⚠️ The head of this PR and the base branch were compared for differences in the framework coverage reports. The generated reports are available in the artifacts of this workflow run. The differences will be picked up by the nightly job after the PR gets merged.

Click to show differences in coverage

java

Generated file changes for java

  • Changes to framework-coverage-java.rst:
-    `Spring <https://spring.io/>`_,``org.springframework.*``,29,472,101,,,,19,14,,29
+    `Spring <https://spring.io/>`_,``org.springframework.*``,29,476,101,,,,19,14,,29
-    Totals,,183,6225,1441,106,6,10,107,33,1,81
+    Totals,,183,6229,1441,106,6,10,107,33,1,81
  • Changes to framework-coverage-java.csv:
- org.springframework.beans,,,26,,,,,,,,,,,,,,,,,,,,,,,,,,,,26
+ org.springframework.beans,,,30,,,,,,,,,,,,,,,,,,,,,,,,,,,,30

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 1, 2022

⚠️ The head of this PR and the base branch were compared for differences in the framework coverage reports. The generated reports are available in the artifacts of this workflow run. The differences will be picked up by the nightly job after the PR gets merged.

Click to show differences in coverage

java

Generated file changes for java

  • Changes to framework-coverage-java.rst:
-    `Spring <https://spring.io/>`_,``org.springframework.*``,29,472,101,,,,19,14,,29
+    `Spring <https://spring.io/>`_,``org.springframework.*``,29,476,101,,,,19,14,,29
-    Totals,,183,6225,1441,106,6,10,107,33,1,81
+    Totals,,183,6229,1441,106,6,10,107,33,1,81
  • Changes to framework-coverage-java.csv:
- org.springframework.beans,,,26,,,,,,,,,,,,,,,,,,,,,,,,,,,,26
+ org.springframework.beans,,,30,,,,,,,,,,,,,,,,,,,,,,,,,,,,30

@smowton
Copy link
Copy Markdown
Contributor

smowton commented Apr 1, 2022

This suggests that

  /** Holds if the parameter should not be consider a direct source of taint. */
  predicate isNotDirectlyTaintedInput() {
    this.getType().(RefType).getAnAncestor() instanceof SpringWebRequest or
    this.getType().(RefType).getAnAncestor() instanceof SpringNativeWebRequest or

should not have worked before-- add a test?

@atorralba
Copy link
Copy Markdown
Contributor Author

@smowton good point, thanks. Added in 348b932.

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 7, 2022

⚠️ The head of this PR and the base branch were compared for differences in the framework coverage reports. The generated reports are available in the artifacts of this workflow run. The differences will be picked up by the nightly job after the PR gets merged.

Click to show differences in coverage

java

Generated file changes for java

  • Changes to framework-coverage-java.rst:
-    `Spring <https://spring.io/>`_,``org.springframework.*``,29,472,101,,,,19,14,,29
+    `Spring <https://spring.io/>`_,``org.springframework.*``,29,476,101,,,,19,14,,29
-    Totals,,183,6225,1441,106,6,10,107,33,1,81
+    Totals,,183,6229,1441,106,6,10,107,33,1,81
  • Changes to framework-coverage-java.csv:
- org.springframework.beans,,,26,,,,,,,,,,,,,,,,,,,,,,,,,,,,26
+ org.springframework.beans,,,30,,,,,,,,,,,,,,,,,,,,,,,,,,,,30

smowton
smowton previously approved these changes Apr 7, 2022
@atorralba atorralba force-pushed the atorralba/spring-beans-improvements branch from d91d6df to 468cca8 Compare April 7, 2022 16:15
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 7, 2022

⚠️ The head of this PR and the base branch were compared for differences in the framework coverage reports. The generated reports are available in the artifacts of this workflow run. The differences will be picked up by the nightly job after the PR gets merged.

Click to show differences in coverage

java

Generated file changes for java

  • Changes to framework-coverage-java.rst:
-    `Spring <https://spring.io/>`_,``org.springframework.*``,29,472,101,,,,19,14,,29
+    `Spring <https://spring.io/>`_,``org.springframework.*``,29,476,101,,,,19,14,,29
-    Totals,,183,6225,1441,106,6,10,107,33,1,81
+    Totals,,183,6229,1441,106,6,10,107,33,1,81
  • Changes to framework-coverage-java.csv:
- org.springframework.beans,,,26,,,,,,,,,,,,,,,,,,,,,,,,,,,,26
+ org.springframework.beans,,,30,,,,,,,,,,,,,,,,,,,,,,,,,,,,30

@atorralba atorralba force-pushed the atorralba/spring-beans-improvements branch from 468cca8 to 9833fa2 Compare April 7, 2022 16:17
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 7, 2022

⚠️ The head of this PR and the base branch were compared for differences in the framework coverage reports. The generated reports are available in the artifacts of this workflow run. The differences will be picked up by the nightly job after the PR gets merged.

Click to show differences in coverage

java

Generated file changes for java

  • Changes to framework-coverage-java.rst:
-    `Spring <https://spring.io/>`_,``org.springframework.*``,29,472,101,,,,19,14,,29
+    `Spring <https://spring.io/>`_,``org.springframework.*``,29,476,101,,,,19,14,,29
-    Totals,,183,6225,1441,106,6,10,107,33,1,81
+    Totals,,183,6229,1441,106,6,10,107,33,1,81
  • Changes to framework-coverage-java.csv:
- org.springframework.beans,,,26,,,,,,,,,,,,,,,,,,,,,,,,,,,,26
+ org.springframework.beans,,,30,,,,,,,,,,,,,,,,,,,,,,,,,,,,30

@atorralba
Copy link
Copy Markdown
Contributor Author

Had to undo a change made by the stub generator that broke the Spring XSS tests due to some stubs not being actually constant.

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 7, 2022

⚠️ The head of this PR and the base branch were compared for differences in the framework coverage reports. The generated reports are available in the artifacts of this workflow run. The differences will be picked up by the nightly job after the PR gets merged.

Click to show differences in coverage

java

Generated file changes for java

  • Changes to framework-coverage-java.rst:
-    `Spring <https://spring.io/>`_,``org.springframework.*``,29,472,101,,,,19,14,,29
+    `Spring <https://spring.io/>`_,``org.springframework.*``,29,476,101,,,,19,14,,29
-    Totals,,183,6225,1441,106,6,10,107,33,1,81
+    Totals,,183,6229,1441,106,6,10,107,33,1,81
  • Changes to framework-coverage-java.csv:
- org.springframework.beans,,,26,,,,,,,,,,,,,,,,,,,,,,,,,,,,26
+ org.springframework.beans,,,30,,,,,,,,,,,,,,,,,,,,,,,,,,,,30

@atorralba atorralba merged commit 604a5fc into github:main Apr 28, 2022
@atorralba atorralba deleted the atorralba/spring-beans-improvements branch April 28, 2022 09:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants