Code2Graph
Code2Graph copied to clipboard
Symbolk
Towards converting multilingual source code into one language-agnostic graph representation.
三组实验: 1. XLL:跨语言连接检测的Precision/Recall 2. Cochange:历史在文件级别的预测P/R 3. Lint:是否能发现已知或未知的因跨语言变更造成的bug/code smell
input: ``` def://sagan-site/src/main/java/sagan/site/blog/support/BlogAdminController.java[language=FILE]//BlogAdminController/newPost/model.addAttribute[language=JAVA]//formats[language=ANY] def://sagan-site/src/main/java/sagan/site/blog/support/BlogAdminController.java[language=FILE]//BlogAdminController/newPost/model.addAttribute[language=JAVA]//formatsObj[language=ANY] ``` rename pair: ``` use://sagan-site/src/main/resources/templates/admin/blog/new.html[language=FILE]//html/body/form/div/div/div/div/div/select/option/data-th-each[language=HTML]//${formats}[language=ANY] use://sagan-site/src/main/resources/templates/admin/blog/resources/templates/admin/blog/new.html[language=FILE]//html/body/form/div/div/div/div/div/select/option/data-th-each[language=HTML]//${formatsObj}[language=ANY] ``` 在图中例子里,oldURI的file层为sagan-site/src/main/resources/templates/admin/blog/new.html,rename后newURI的file层变成sagan-site/src/main/resources/templates/admin/blog/resources/templates/admin/blog/new.html
## CVE-2022-36033 - Medium Severity Vulnerability Vulnerable Library - jsoup-1.14.2.jar jsoup is a Java library for working with real-world HTML. It provides a very convenient API for fetching URLs and...
![mend-bolt-for-github[bot] avatar](https://avatars.githubusercontent.com/in/16809?v=4 "mend-bolt-for-github[bot] avatar"){kind=avatar}
## CVE-2022-25857 - High Severity Vulnerability Vulnerable Libraries - snakeyaml-1.30.jar, snakeyaml-1.29.jar snakeyaml-1.30.jar YAML 1.1 parser and emitter for Java Library home page: https://bitbucket.org/snakeyaml/snakeyaml Path to dependency file: /mining/build.gradle Path to...
## CVE-2022-1471 - Critical Severity Vulnerability Vulnerable Libraries - snakeyaml-1.30.jar, snakeyaml-1.29.jar snakeyaml-1.30.jar YAML 1.1 parser and emitter for Java Library home page: https://bitbucket.org/snakeyaml/snakeyaml Path to dependency file: /mining/build.gradle Path to...
## CVE-2021-46877 - High Severity Vulnerability Vulnerable Library - jackson-databind-2.12.2.jar General data-binding functionality for Jackson: works on core streaming API Library home page: http://github.com/FasterXML/jackson Path to dependency file: /mining/build.gradle Path...
## CVE-2022-42889 - Critical Severity Vulnerability Vulnerable Library - commons-text-1.8.jar Apache Commons Text is a library focused on algorithms working on strings. Path to dependency file: /gen.html/build.gradle Path to vulnerable...
## CVE-2022-41854 - Medium Severity Vulnerability Vulnerable Libraries - snakeyaml-1.30.jar, snakeyaml-1.29.jar snakeyaml-1.30.jar YAML 1.1 parser and emitter for Java Library home page: https://bitbucket.org/snakeyaml/snakeyaml Path to dependency file: /mining/build.gradle Path to...
## CVE-2022-42003 - High Severity Vulnerability Vulnerable Library - jackson-databind-2.12.2.jar General data-binding functionality for Jackson: works on core streaming API Library home page: http://github.com/FasterXML/jackson Path to dependency file: /mining/build.gradle Path...