{ "schema": "richgraph-v1", "analyzer": { "name": "scanner.java", "version": "1.2.0", "toolchain_digest": "sha256:7b9e8c6d5a4f3e2d1c0b9a8f7e6d5c4b3a2f1e0d" }, "nodes": [ { "id": "sym:java:bWFpbi0xMjM0NTY3ODkwYWJjZGVm", "symbol_id": "sym:java:bWFpbi0xMjM0NTY3ODkwYWJjZGVm", "code_id": "code:java:Y29kZS1tYWluLTEyMzQ1Njc4OTBhYmM", "lang": "java", "kind": "method", "display": "com.example.app.Main.main(String[])", "purl": "pkg:maven/com.example/app@1.0.0", "build_id": null, "symbol_digest": "sha256:a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0c1d2e3f4a5b6c7d8e9f0a1b2", "symbol": { "mangled": null, "demangled": "com.example.app.Main.main(String[])", "source": "DWARF", "confidence": 1.0 }, "evidence": ["bytecode"], "attributes": {} }, { "id": "sym:java:cHJvY2Vzc1JlcXVlc3QtYWJjZGVm", "symbol_id": "sym:java:cHJvY2Vzc1JlcXVlc3QtYWJjZGVm", "code_id": "code:java:Y29kZS1wcm9jZXNzLWFiY2RlZjEy", "lang": "java", "kind": "method", "display": "com.example.app.RequestHandler.processRequest(HttpRequest)", "purl": "pkg:maven/com.example/app@1.0.0", "build_id": null, "symbol_digest": "sha256:b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0c1d2e3f4a5b6c7d8e9f0a1b2c3", "symbol": { "mangled": null, "demangled": "com.example.app.RequestHandler.processRequest(HttpRequest)", "source": "DWARF", "confidence": 0.98 }, "evidence": ["bytecode", "import"], "attributes": {} }, { "id": "sym:java:bG9nRXJyb3ItMTIzNDU2Nzg5MGFiY2Q", "symbol_id": "sym:java:bG9nRXJyb3ItMTIzNDU2Nzg5MGFiY2Q", "code_id": "code:java:Y29kZS1sb2ctMTIzNDU2Nzg5MGFiY2Q", "lang": "java", "kind": "method", "display": "org.apache.logging.log4j.Logger.error(String, Object...)", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.14.1", "build_id": null, "symbol_digest": "sha256:c3d4e5f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0c1d2e3f4a5b6c7d8e9f0a1b2c3d4", "symbol": { "mangled": null, "demangled": "org.apache.logging.log4j.Logger.error(String, Object...)", "source": "DWARF", "confidence": 0.95 }, "evidence": ["bytecode", "import"], "attributes": { "vulnerable": "CVE-2021-44228" } }, { "id": "sym:java:dW51c2VkTWV0aG9kLWFiY2RlZjEyMzQ", "symbol_id": "sym:java:dW51c2VkTWV0aG9kLWFiY2RlZjEyMzQ", "code_id": "code:java:Y29kZS11bnVzZWQtYWJjZGVmMTIzNA", "lang": "java", "kind": "method", "display": "com.example.app.Unused.unusedMethod()", "purl": "pkg:maven/com.example/app@1.0.0", "build_id": null, "symbol_digest": "sha256:d4e5f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0c1d2e3f4a5b6c7d8e9f0a1b2c3d4e5", "symbol": { "mangled": null, "demangled": "com.example.app.Unused.unusedMethod()", "source": "DWARF", "confidence": 0.92 }, "evidence": ["bytecode"], "attributes": {} } ], "edges": [ { "from": "sym:java:bWFpbi0xMjM0NTY3ODkwYWJjZGVm", "to": "sym:java:cHJvY2Vzc1JlcXVlc3QtYWJjZGVm", "kind": "call", "purl": "pkg:maven/com.example/app@1.0.0", "symbol_digest": "sha256:b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0c1d2e3f4a5b6c7d8e9f0a1b2c3", "confidence": 1.0, "evidence": ["bytecode"], "candidates": [] }, { "from": "sym:java:cHJvY2Vzc1JlcXVlc3QtYWJjZGVm", "to": "sym:java:bG9nRXJyb3ItMTIzNDU2Nzg5MGFiY2Q", "kind": "virtual", "purl": "pkg:maven/org.apache.logging.log4j/log4j-core@2.14.1", "symbol_digest": "sha256:c3d4e5f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0c1d2e3f4a5b6c7d8e9f0a1b2c3d4", "confidence": 0.92, "evidence": ["bytecode", "import"], "candidates": [] } ], "roots": [ { "id": "sym:java:bWFpbi0xMjM0NTY3ODkwYWJjZGVm", "phase": "runtime", "source": "main" } ] }