Data

Tools

Indexes

Applications

Experiments

Open Source Science

tai-e

An easy-to-learn/use static analysis framework for Java

https://github.com/pascal-lab/tai-e

Science Score: 67.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
    Found CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
    Found .zenodo.json file
  • DOI references
    Found 3 DOI reference(s) in README
  • Academic publication links
  • Committers with academic emails
    4 of 20 committers (20.0%) from academic institutions
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (11.9%) to scientific vocabulary

Keywords

call-graph java security static-analysis taint-analysis
Last synced: 4 months ago · JSON representation ·

Repository

An easy-to-learn/use static analysis framework for Java

Basic Info
Statistics
  • Stars: 1,650
  • Watchers: 28
  • Forks: 183
  • Open Issues: 34
  • Releases: 8
Topics
call-graph java security static-analysis taint-analysis
Created over 3 years ago · Last pushed 4 months ago
Metadata Files
Readme Changelog License Citation

README.md

# Tai-e [![test](https://github.com/pascal-lab/Tai-e/actions/workflows/test.yml/badge.svg)](https://github.com/pascal-lab/Tai-e/actions/workflows/test.yml) [![java](https://img.shields.io/badge/Java-17-informational)](https://openjdk.java.net/) [![maven-central](https://img.shields.io/badge/dynamic/xml.svg?label=maven-central&color=f1834d&query=//metadata/versioning/latest&url=https://repo1.maven.org/maven2/net/pascal-lab/tai-e/maven-metadata.xml)](https://search.maven.org/artifact/net.pascal-lab/tai-e) [![codecov](https://codecov.io/gh/pascal-lab/Tai-e/branch/master/graph/badge.svg)](https://codecov.io/gh/pascal-lab/Tai-e) [![DOI](https://img.shields.io/badge/DOI-10.1145/3597926.3598120-blue)](https://doi.org/10.1145/3597926.3598120)

✨News

  • Our paper "Two Approaches to Fast Bytecode Frontend for Static Analysis" has been accepted by OOPSLA'25. This paper presents Tai-e's new bytecode frontend, which is significantly faster and more reliable than existing frontends.
  • Our paper "Pointer Analysis for Database-Backed Applications" has been accepted by PLDI'25. This paper describes an end–to–end pointer analysis for Java database–backed application developed on top of Tai-e.
  • Our paper "PacDroid: A Pointer-Analysis-Centric Framework for Security Vulnerabilities in Android Apps" has been accepted by ICSE'25. This work demonstrates Tai-e's new capability in Android analysis, providing a simple yet effective approach for security analysis of Apps. This work earned the Best Artifact Award🏅.
  • Our paper "Bridge the Islands: Pointer Analysis for Microservice Systems" has been accepted by ISSTA'25. This paper describes the first pointer analysis for Java Microservice systems developed on top of Tai-e.
  • Our paper "Interactive Cross-Language Pointer Analysis for Resolving Native Code in Java Programs" has been accepted by ICSE'25. This is the first cross-language pointer analysis between Java and C. This work won the Distinguished Paper Award🏅.
  • Our paper "Context Sensitivity without Context: A Cut-Shortcut Approach to Fast and Precise Pointer Analysis" has been accepted by PLDI'23. This is the first published research work developed on top of Tai-e.
  • Our paper "Tai-e: A Developer-Friendly Static Analysis Framework for Java by Harnessing the Good Designs of Classics" has been accepted by ISSTA'23. This paper describes the designs for the major components of Tai-e.

Table of Contents

What is Tai-e?

Tai-e (Chinese: 太阿; pronunciation: [ˈtaɪə:]) is a new static analysis framework for Java (please see our ISSTA 2023 paper for details), which features arguably the "best" designs from both the novel ones we proposed and those of classic frameworks such as Soot, WALA, Doop, and SpotBugs. Tai-e is easy-to-learn, easy-to-use, efficient, and highly extensible, allowing you to easily develop new analyses on top of it.

Currently, Tai-e provides the following major analysis components (and more analyses are on the way):

  • Powerful pointer analysis framework
    • On-the-fly call graph construction
    • Various classic and advanced techniques of heap abstraction and context sensitivity for pointer analysis
    • Extensible analysis plugin system (allows to conveniently develop and add new analyses that interact with pointer analysis)
  • Configurable security analysis
    • Taint analysis, which allows to configure sources, sinks, taint transfers, and sanitizers
    • Detection of various information leakages and injection vulnerabilities
    • Various precision and efficiency tradeoffs (benefit from the pointer analysis framework)
  • Various fundamental/utility analyses
    • Fundamental analyses, e.g., reflection analysis and exception analysis
    • Modern language feature analyses, e.g., lambda and method reference analysis, and invokedynamic analysis
    • Utility tools like analysis timer, constraint checker (for debugging), and various graph dumpers
  • Control/Data-flow analysis framework
    • Control-flow graph construction
    • Classic data-flow analyses, e.g., live variable analysis, constant propagation
    • Your data-flow analyses
  • SpotBugs-like bug detection system
    • Bug detectors, e.g., null pointer detector, incorrect clone() detector
    • Your bug detectors

Tai-e is developed in Java, and it can run on major operating systems including Windows, Linux, and macOS.

As a courtesy to the developers, we expect that you please cite the paper from ISSTA 2023 describing the Tai-e framework in your research work:

Tian Tan and Yue Li. 2023. Tai-e: A Developer-Friendly Static Analysis Framework for Java by Harnessing the Good Designs of Classics. In Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA '23), July 17–21, 2023, Seattle, WA, USA (pdf, bibtex).

How to Obtain Runnable Jar of Tai-e?

The simplest way is to download it from GitHub Releases.

Alternatively, you might build the latest Tai-e yourself from the source code. This can be simply accomplished via Gradle (be sure that Java 17 (or higher version) is available on your system). You just need to run command gradlew fatJar, and then the runnable jar will be generated in tai-e/build/, which includes Tai-e and all its dependencies.

How to Include Tai-e in Your Project?

Tai-e is designed as a standalone tool, but you also have the option to include it in your project as a dependency. It is available on Maven repositories, allowing you to easily integrate it into your Java projects using build tools such as Gradle and Maven. We maintain both stable and latest versions of Tai-e, and here are the corresponding coordinates in Gradle and Maven script formats:

Stable Version

For Gradle:

kotlin dependencies { implementation("net.pascal-lab:tai-e:0.5.1") }

For Maven:

```xml

net.pascal-lab tai-e 0.5.1 ```

Latest Version

For Gradle:

```kotlin repositories { mavenCentral() maven { url = uri("https://central.sonatype.com/repository/maven-snapshots/") } }

dependencies { implementation("net.pascal-lab:tai-e:0.5.2-SNAPSHOT") } ```

For Maven:

```xml snapshots Sonatype snapshot server https://central.sonatype.com/repository/maven-snapshots/

net.pascal-lab tai-e 0.5.2-SNAPSHOT ```

You can use these coordinates in your Gradle or Maven scripts to include the desired version of Tai-e in your project.

Documentation

Reference Documentation

We have provided detailed information of Tai-e in the Reference Documentation, which covers various aspects such as Setup in IntelliJ IDEA, Command-Line Options, and Development of New Analysis.

Please note that the reference documentation mentioned above pertains to the latest version of Tai-e. If you need documentation for a specific stable version, please refer to the Documentation Index. Additionally, the documentation is included within the repository and maintained alongside the source code. You can access the reference documentation for a particular version of Tai-e (in AsciiDoc format) by exploring the docs/en directory, starting from index.adoc. This allows you to access version-specific documentation for Tai-e.

In addition to the reference documentation, Javadocs for Tai-e are also available as a useful reference resource.

Changelog

Since we are actively developing and updating Tai-e, we record the notable changes we made, especially the new features and breaking changes, in CHANGELOG. If you find something wrong after updating Tai-e, maybe you could check CHANGELOG for useful information.

Tai-e Assignments

In addition, we have developed an educational version of Tai-e where eight programming assignments are carefully designed for systematically training learners to implement various static analysis techniques to analyze real Java programs. The educational version shares a large amount of code with Tai-e, thus doing the assignments would be a good way to get familiar with Tai-e.

Owner

  • Name: PASCAL Research Group
  • Login: pascal-lab
  • Kind: organization

Programming Languages and Static Analysis Group@Nanjing University

Citation (CITATION.bib) 

@inproceedings{Tai-e:paper,
    author = {Tan, Tian and Li, Yue},
    title = {Tai-e: A Developer-Friendly Static Analysis Framework for Java by Harnessing the Good Designs of Classics},
    year = {2023},
    isbn = {9798400702211},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/3597926.3598120},
    doi = {10.1145/3597926.3598120},
    booktitle = {Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis},
    pages = {1093–1105},
    numpages = {13},
    keywords = {static analysis, framework design and implementation, Java},
    location = {Seattle, WA, USA},
    series = {ISSTA 2023}
}

GitHub Events

Total
  • Create event: 6
  • Release event: 4
  • Issues event: 65
  • Watch event: 203
  • Delete event: 4
  • Member event: 1
  • Issue comment event: 153
  • Push event: 46
  • Pull request review comment event: 20
  • Pull request review event: 42
  • Pull request event: 48
  • Fork event: 20
Last Year
  • Create event: 6
  • Release event: 4
  • Issues event: 65
  • Watch event: 203
  • Delete event: 4
  • Member event: 1
  • Issue comment event: 153
  • Push event: 46
  • Pull request review comment event: 20
  • Pull request review event: 42
  • Pull request event: 48
  • Fork event: 20

Committers

Last synced: 8 months ago

All Time
  • Total Commits: 2,126
  • Total Committers: 20
  • Avg Commits per committer: 106.3
  • Development Distribution Score (DDS): 0.097
Past Year
  • Commits: 116
  • Committers: 10
  • Avg Commits per committer: 11.6
  • Development Distribution Score (DDS): 0.491
Top Committers
Name Email Commits
Tian Tan s****t@g****m 1,920
Teng Zhang z****3@g****m 140
lancetyyy l****y@q****m 12
Chenshasan 4****n 10
Yue Li r****1@g****m 10
李甘霖 1****0@s****n 9
Zhang Shumeng 1****1@q****m 7
cs-cat 1****t 3
wyh 1****2@s****n 2
jpwang j****g@s****n 2
YangShengYuan 1****3@q****m 2
YaphetsH y****h@o****m 1
Wangxiz w****z@s****n 1
Shi Chenghang s****4@1****m 1
LancetY 3****l 1
GnSight f****g@l****m 1
Chenshasan 4****n 1
Zhaohui Wang 1****h 1
ningninger 1****r 1
penguinfirst z****d@1****m 1
Committer Domains (Top 20 + Academic)
smail.nju.edu.cn: 4 qq.com: 3 126.com: 1 163.com: 1

Issues and Pull Requests

Last synced: 4 months ago

All Time
  • Total issues: 148
  • Total pull requests: 42
  • Average time to close issues: 23 days
  • Average time to close pull requests: 7 days
  • Total issue authors: 72
  • Total pull request authors: 14
  • Average comments per issue: 3.24
  • Average comments per pull request: 2.71
  • Merged pull requests: 32
  • Bot issues: 0
  • Bot pull requests: 0
Past Year
  • Issues: 45
  • Pull requests: 33
  • Average time to close issues: 4 days
  • Average time to close pull requests: 4 days
  • Issue authors: 26
  • Pull request authors: 8
  • Average comments per issue: 1.09
  • Average comments per pull request: 2.39
  • Merged pull requests: 26
  • Bot issues: 0
  • Bot pull requests: 0
View more stats
Top Authors
Issue Authors
  • anabioticsoul (10)
  • michaelphop (9)
  • YunFy26 (7)
  • SEC-fsq (7)
  • jjppp (6)
  • struce2 (6)
  • Spr1n9T1me (5)
  • chennbnbnb (4)
  • Peteling (4)
  • enochii (4)
  • Y4er (4)
  • Raul1718 (3)
  • hillwangsec (3)
  • cyjhhh (3)
  • f4nx1ng (3)
Pull Request Authors
  • jjppp (12)
  • cs-cat (7)
  • ningninger (4)
  • FoggyDawn (3)
  • ftyghome (2)
  • zhangt2333 (2)
  • Michael1015198808 (2)
  • chaos-warzh (2)
  • YaphetsH (2)
  • penguinfirst (2)
  • Wangxiz (1)
  • RacerZ-fighting (1)
  • enochii (1)
  • Lucarun (1)
Top Labels
Issue Labels
type: question (37) type: bug (17) type: enhancement (13) status: feedback-provided (1) type: task (1) status: waiting-for-feedback (1) theme: performance (1) for: team-meeting (1)
Pull Request Labels
type: bug (1) type: enhancement (1)

Dependencies

build.gradle.kts maven
  • com.fasterxml.jackson.dataformat:jackson-dataformat-yaml 2.12.2 implementation
  • info.picocli:picocli 4.6.1 implementation
  • org.apache.logging.log4j:log4j-api 2.16.0 implementation
  • org.apache.logging.log4j:log4j-core 2.16.0 implementation
  • org.slf4j:slf4j-nop 1.7.5 implementation
  • org.soot-oss:soot 4.3.0-20211223.212205-256 implementation
  • junit:junit 4.13 testImplementation
buildSrc/build.gradle.kts maven
  • com.fasterxml.jackson.dataformat:jackson-dataformat-yaml 2.12.2 implementation
.github/workflows/test.yml actions
  • actions/checkout v3 composite
  • actions/setup-java v3 composite
  • gradle/gradle-build-action v2 composite