Files that changed from the base of the PR and between 5d7c9d1 and 5fb4d21.

• .github/workflows/maven.yml (1 hunks)

• .github/workflows/maven.yml

Files that changed from the base of the PR and between 5fb4d21 and 9afa670.

• src/main/java/de/tum/cit/ase/ares/api/ast/model/RecursionCheck.java (1 hunks)
• src/test/java/de/tum/cit/ase/ares/integration/AstAssertionTest.java (1 hunks)
• src/test/java/de/tum/cit/ase/ares/integration/testuser/PathAccessUser.java (1 hunks)

• src/main/java/de/tum/cit/ase/ares/api/ast/model/RecursionCheck.java
• src/test/java/de/tum/cit/ase/ares/integration/AstAssertionTest.java

src/test/java/de/tum/cit/ase/ares/integration/testuser/PathAccessUser.java (1)

Line range hint 69-69:
Verify the intentional removal of the security policy.

The @Policy annotation, which specified a security policy file and a path constraint, has been removed from the weAccessPath method. Ensure that this change is intentional and does not compromise the security context of the test.

Files that changed from the base of the PR and between 9afa670 and 590fdd2.

• .github/workflows/maven.yml (1 hunks)

• .github/workflows/maven.yml

Files that changed from the base of the PR and between 590fdd2 and 4ee9d55.

• src/main/java/de/tum/cit/ase/ares/api/architecturetest/java/postcompile/CustomClassResolver.java (2 hunks)
• src/main/java/de/tum/cit/ase/ares/api/architecturetest/java/postcompile/TransitivelyAccessesMethodsCondition.java (3 hunks)
• src/main/resources/archunit.properties (1 hunks)
• src/test/java/de/tum/cit/ase/ares/integration/PathAccessTest.java (1 hunks)
• src/test/java/de/tum/cit/ase/ares/integration/testuser/PathAccessUser.java (1 hunks)
• src/test/java/de/tum/cit/ase/ares/integration/testuser/subject/pathaccess/PathAccessPenguin.java (1 hunks)
• src/test/java/de/tum/cit/ase/ares/integration/testuser/subject/student/FileSystemAccessPenguin.java (1 hunks)
• src/test/java/de/tum/cit/ase/ares/integration/testuser/subject/thirdpartypackage/ThirdPartyPackagePenguin.java (1 hunks)

• src/main/resources/archunit.properties
• src/test/java/de/tum/cit/ase/ares/integration/testuser/subject/pathaccess/PathAccessPenguin.java

• src/test/java/de/tum/cit/ase/ares/integration/testuser/PathAccessUser.java

src/test/java/de/tum/cit/ase/ares/integration/testuser/subject/thirdpartypackage/ThirdPartyPackagePenguin.java (1)

15-17: Verify the existence of the file during tests.

Ensure that the file fileUsingFilesClass.txt exists in the expected location during tests to avoid FileNotFoundException.

src/main/java/de/tum/cit/ase/ares/api/architecturetest/java/postcompile/CustomClassResolver.java (1)

Line range hint 1-24:
Verify the impact of the removed class resolver setting.

The removal of the line ArchConfiguration.get().setClassResolver(ClassResolverFromClasspath.class); might affect the class resolution mechanism. Ensure that the class resolution process works as expected without this setting.

src/test/java/de/tum/cit/ase/ares/integration/PathAccessTest.java (1)

103-106: Verify the exception handling during the test.

Ensure that the SecurityException is correctly handled and reported during the test.

Verification successful

Verify the exact implementation of the test_accessFileSystem method.

Ensure that the method correctly handles and asserts the SecurityException.

---

Exception handling in test_accessFileSystem is correctly implemented.

The method correctly asserts that a SecurityException is thrown when accessing the file system.

• src/test/java/de/tum/cit/ase/ares/integration/PathAccessTest.java: test_accessFileSystem

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the exception handling during the test.

# Test: Search for the `SecurityException` handling. Expect: Proper handling of the exception.
rg --type java 'SecurityException'

Length of output: 19328

---

Script:

#!/bin/bash
# Description: Retrieve the implementation of the `test_accessFileSystem` method to verify exception handling.

# Search for the `test_accessFileSystem` method in the PathAccessTest.java file.
rg --type java '@TestTest' -A 5

Length of output: 206213

src/main/java/de/tum/cit/ase/ares/api/architecturetest/java/postcompile/TransitivelyAccessesMethodsCondition.java (5)

15-15: Imports look good.

The addition of java.util.* is necessary for the new functionality.

---

30-38: Addition of bannedClasses is appropriate.

This set refines the criteria for determining access violations by excluding certain fundamental Java classes and packages from consideration.

---

50-54: Addition of resolvedClasses is appropriate.

This map optimizes performance by caching resolved classes and preventing redundant resolution attempts.

---

61-61: Initialization of resolvedClasses is appropriate.

Initializing the map as a HashMap ensures it is ready for use.

---

166-178: Changes to getDirectAccessTargetsOutsideOfAnalyzedClasses are appropriate.

The method now checks if the accessed class is part of bannedClasses and uses resolvedClasses to optimize class resolution, enhancing efficiency and ensuring adherence to the new access rules.

src/test/java/de/tum/cit/ase/ares/integration/testuser/subject/student/FileSystemAccessPenguin.java (11)

44-50: Method accessFileSystemViaFileInputStream looks good.

The method is straightforward and uses a valid file path.

---

55-62: Method accessFileSystemViaFileOutputStream looks good.

The method is straightforward and uses a valid file path.

---

67-79: Method accessFileSystemViaFileReader looks good.

The method is straightforward and uses a valid file path.

---

84-93: Method accessFileSystemViaFileWriter looks good.

The method is straightforward and uses a valid file path.

---

98-113: Method accessFileSystemViaRandomAccessFile looks good.

The method is straightforward and uses a valid file path.

---

118-143: Method accessFileSystemViaFile looks good.

The method is straightforward and uses a valid file path.

---

234-250: Method accessFileSystemViaFileSystem looks good.

The method is straightforward and does not use null for file paths.

---

272-295: Method accessFileSystemViaPath looks good.

The method is straightforward and uses valid file paths.

---

300-309: Method accessFileSystemViaPaths looks good.

The method is straightforward and uses valid file paths.

---

314-325: Method accessFileSystemViaWatchService looks good.

The method is straightforward and does not use null for file paths.

---

360-369: Method accessFileSystemViaFileHandler looks good.

The method is straightforward and uses valid file paths.

Files that changed from the base of the PR and between 4ee9d55 and 7ff0b65.

• src/main/java/de/tum/cit/ase/ares/api/architecturetest/java/postcompile/TransitivelyAccessesMethodsCondition.java (3 hunks)

• src/main/java/de/tum/cit/ase/ares/api/architecturetest/java/postcompile/TransitivelyAccessesMethodsCondition.java

Files that changed from the base of the PR and between 7ff0b65 and 50c2f40.

• src/main/java/de/tum/cit/ase/ares/api/architecturetest/java/postcompile/CustomClassResolver.java (1 hunks)
• src/main/java/de/tum/cit/ase/ares/api/architecturetest/java/postcompile/JavaArchitectureTestCaseCollection.java (1 hunks)
• src/main/java/de/tum/cit/ase/ares/api/architecturetest/java/postcompile/TransitivelyAccessesMethodsCondition.java (4 hunks)
• src/main/resources/archunit.properties (1 hunks)

• src/main/resources/archunit.properties

src/main/java/de/tum/cit/ase/ares/api/architecturetest/java/postcompile/CustomClassResolver.java (3)

4-6: LGTM!

The new import statements for JavaClasses and ImportOption are necessary and appropriate for the new implementation.

---

19-26: LGTM! Consider improving readability.

The declaration and initialization of allClasses are correct. For better readability, consider chaining the import options more clearly.

-        allClasses = new ClassFileImporter()
-                .withImportOption(ImportOption.Predefined.DO_NOT_INCLUDE_TESTS)
-                .withImportOption(location -> location.toString().contains("jrt:/"))
-                .importClasspath();
+        allClasses = new ClassFileImporter()
+                .withImportOption(ImportOption.Predefined.DO_NOT_INCLUDE_TESTS)
+                .withImportOption(location -> location.toString().contains("jrt:/"))
+                .importClasspath();

---

34-39: LGTM!

The tryResolve method correctly uses allClasses to resolve the class and handles exceptions appropriately.

src/main/java/de/tum/cit/ase/ares/api/architecturetest/java/postcompile/JavaArchitectureTestCaseCollection.java (1)

50-50: Verify the removal of banned packages.

The removal of "sun.security" and "java.awt.desktop" packages likely indicates a change in security or functionality requirements. Ensure that this change is intentional and does not introduce security risks.

Verification successful

---

Verified the removal of banned packages.

The removal of sun.security and java.awt.desktop packages from the banned list is confirmed to be safe as there are no occurrences of these packages in the codebase or configuration/documentation files.

• No occurrences of sun.security or java.awt.desktop found in the codebase.
• No mentions of sun.security or java.awt.desktop found in configuration or documentation files.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the removal of banned packages.

# Test: Search for the usage of the removed packages. Expect: No occurrences of the removed packages.
rg --type java 'sun.security|java.awt.desktop'

Length of output: 48

---

Script:

#!/bin/bash
# Description: Verify the removal of banned packages in configuration or documentation files.

# Test: Search for mentions of the removed packages in configuration or documentation files.
rg 'sun.security|java.awt.desktop' --glob '*.{yml,yaml,json,md,xml,properties}'

Length of output: 81

src/main/java/de/tum/cit/ase/ares/api/architecturetest/java/postcompile/TransitivelyAccessesMethodsCondition.java (4)

30-39: LGTM!

The bannedClasses set includes fundamental Java classes and packages, which streamlines access violation checks.

---

52-55: LGTM!

The declaration and initialization of customClassResolver are correct and use the CustomClassResolver class appropriately.

Also applies to: 77-77

---

166-186: LGTM!

The method getDirectAccessTargetsOutsideOfAnalyzedClasses correctly checks if the accessed class is part of bannedClasses and resolves target owners using customClassResolver.

---

199-201: LGTM!

The method resolveTargetOwner correctly uses customClassResolver to resolve class names, improving the efficiency of access checks.

Files that changed from the base of the PR and between 50c2f40 and 9577966.

• .github/workflows/maven.yml (1 hunks)
• src/main/resources/logback.xml (1 hunks)

• .github/workflows/maven.yml

src/main/resources/logback.xml (1)

15-15: LGTM! Ensure the new logger is used as intended.

The addition of the logger for com.tngtech.archunit with a logging level set to INFO is a good enhancement for better logging granularity.

Verify that the new logger is effectively utilized in the codebase.

Files that changed from the base of the PR and between 9577966 and afa652e.

• src/main/java/de/tum/cit/ase/ares/api/architecturetest/java/postcompile/CustomClassResolver.java (1 hunks)
• src/main/resources/archunit.properties (1 hunks)

• src/main/resources/archunit.properties

src/main/java/de/tum/cit/ase/ares/api/architecturetest/java/postcompile/CustomClassResolver.java (4)

4-4: LGTM! The import statement is necessary.

The import statement for JavaClasses is required for the new allClasses variable.

---

17-17: LGTM! The variable declaration is necessary.

The new instance variable allClasses is required to hold all imported classes.

---

19-25: Consider addressing the memory efficiency concern.

The constructor imports all classes, which might not be memory efficient. The TODO comment suggests improving this.

Ensure that the memory efficiency concern is addressed in future updates.

---

33-38: LGTM! The method change is appropriate.

The tryResolve method now directly accesses allClasses to resolve classes, handling cases where the class may not exist by returning an empty Optional.