Closed
Description
Is your feature request related to a problem? Please describe
No. It would be preferable to connote if methods are potential application entry points.
Describe the solution you'd like
We would like to see an new field in the analysis.json object to capture a boolean flag to denote if a callable is an entrypoint or not.
Please use the implementation from https://yanniss.github.io/enterprise-pldi20.pdf
The following features are requested:
- For servlet based application, Accurate capture of ordering of control flow from service entry points and other related items discussed in issue
- For servlet based application, Identify functional entry points i.e where functional operation happens like code logic, request, response access etc. and ignore methods in the slice that just passes the req, resp object
- Identify importance of code statements in the method/slice
- For servlet based application, filter entry points that doesn't seem obsolete or does not contribute to key functionalities like logging, testing api etc.
- Expand to other strategically important frameworks like spring, struts, jsf, jax-rs
- Understand presence of different modules in an enterprise applications (multiple wars in an ear) and summarize app based on module awareness
- Cluster capabilities within an application (like candidate microservices from mono2micro) and summarise capabilities
Describe alternatives you've considered
We do this in CLDK currently, but it seems to be error prone and flaky when CLDK objects are parallelized.
Additional context
N/A