umjammer/codavaj

GitHub: umjammer/codavaj

将 Javadoc HTML 文档反向工程为 Java 源码,并可将注释注入到反编译后的源代码中,帮助开发者阅读无源码的 Java 库。

Stars: 0 | Forks: 1

[![发布](https://jitpack.io/v/umjammer/codavaj.svg)](https://jitpack.io/#umjammer/codavaj) [![Java CI](https://static.pigsec.cn/wp-content/uploads/repos/cas/f9/f938c5cffc2b94aa1d41877bfe1a169b45bc88138f5e16ea85ae1252b29a76f2.svg)](https://github.com/umjammer/codavaj/actions/workflows/maven.yml) [![CodeQL](https://static.pigsec.cn/wp-content/uploads/repos/cas/53/539e9a6bf48ad24469a4363bff3aa68124154549e26592783d3d8577f2acbbfc.svg)](https://github.com/umjammer/codavaj/actions/workflows/codeql-analysis.yml) ![Java](https://img.shields.io/badge/Java-17-b07219) # CODAVAJ logo        codavaj 是 javadoc 的倒序拼写 ## 安装 * https://jitpack.io/#umjammer/codavaj ## 用法 ### 将 Javadoc 转换为 Java 源码 将 javadoc 树转换为 Java 源码
(对 Sun 标准 javadoc 的外部引用会被自动解析 例如 `http://java.sun.com/j2se/1.5.0/docs/api/`) ``` codavaj.cmd codavaj {}* ``` #### 示例 ``` $ # from LOCAL javadoc $ codavaj.cmd codavaj tmp/jumpi/javadoc tmp/jumpi/src $ # or from local javadoc w/ EXTERNAL LINK $ codavaj.cmd codavaj tmp/jumpi/javadoc tmp/jumpi/src http://external.link.com/api $ # or from REMOTE javadoc $ codavaj.cmd codavaj http://jumpi.sourceforge.net/javadoc/j2se tmp/jumpi/src ``` ### 与 Java Parser 配合使用 | **parser** | **将 javadoc 设置到(反编译的)源码中** | **根据 javadoc 文档重命名参数名** | **代码** | **输出** | |:-----------|:--------------------------------------:|:-----------------------------------------------:|------------------------------------------------------------------------------------------------------------|:--------------------------------:| | [JavaParser](https://github.com/javaparser/javaparser) | ✅ | 🚫 | [📄](https://github.com/umjammer/codavaj/blob/master/src/test/java/commentator/JavaParserCommentator.java) | 👑 | | [rewrite](https://github.com/Netflix-Skunkworks/rewrite) | jdk 版本问题? | 🚧 | [📄](https://github.com/umjammer/codavaj/blob/master/src/test/java/commentator/RewriteCommentator.java) | | | [JDT](https://www.eclipse.org/jdt/) | ✅ | 🚫 | [📄](https://github.com/umjammer/codavaj/blob/master/src/test/java/commentator/JgtCommentator.java) | 比 JavaParser 稍差一点 | | [spoon](https://github.com/INRIA/spoon) | ✅ | 🚫 | [📄](https://github.com/umjammer/codavaj/blob/master/src/test/java/commentator/SpoonCommentator.java) | 格式丢失了 | #### 示例 ``` $ # install codavaj $ cd $HOME/src/java $ git clone https://github.com/umjammer/codavaj $ # decompile by fernflower $ cd $HOME/src/java/javax-speech $ curl -o tmp/speech-1.0.0.jar https://github.com/umjammer/umjammer/raw/mvn-repo/javax/speech/speech/1.0.0/speech-1.0.0.jar $ mkdir -p tmp/classes $ java -jar fernflower.jar tmp/speech-1.0.0.jar tmp/classes $ pushd src/main/java; jar xvf $HOME/src/java/javax-speech/tmp/classes/speech-1.0.0.jar; popd $ # add comment from javadoc on the net to decompiled source $ cd $HOME/src/java/javax-speech $ mkdir -p src/main/java $ mkdir -p tmp/src $ (pushd $HOME/src/java/codavaj; mvn -P comment test-compile antrun:run@javaParser \ -Dcomment.javadoc=https://docs.oracle.com/cd/E17802_01/products/products/java-media/speech/forDevelopers/jsapi-doc \ -Dcomment.source=$HOME/src/java/javax-speech/src/main/java \ -Dcomment.out=$HOME/src/java/javax-speech/tmp/src \ ; popd) $ diff -rBw src/main/java tmp/src | less -R $ diff -rBw src/main/java tmp/src > tmp/c.patch $ pushd src/main/java; patch -p 2 < ../../../tmp/c.patch; popd ``` ### 已知问题 * 如果在 javadoc 中没有找到,codavaj 不会引入默认构造函数。 这会导致编译问题,如果有子类 通过隐式的 super() 调用了该类的默认构造函数。 * nekohtml ~1.19.22 * https://mvnrepository.com/artifact/net.sourceforge.nekohtml/nekohtml/1.9.22 * https://mvnrepository.com/artifact/xerces/xercesImpl/2.11.0 * 但 1.19.22 目前无法在此项目中使用 * 所以我从依赖中排除了 xerces,并单独添加了 xerces 2.12.2。我不知道 codeql 是如何检测到这些的。 * https://sourceforge.net/p/nekohtml/bugs/167/#fdcc * `@see` 被参数分隔符“,”过度分割 * 第 2 次及以后的 override 方法的注释丢失了 * h 标签 * code 标签 * ol, ul, li 标签 ## 参考 * https://docs.openrewrite.org/ ## 待办事项 * ~~javadoc 1.8~~ * javadoc html5 * ~~javadoc 11~~ * ~~英文测试用例~~ * https://github.com/HtmlUnit/htmlunit-neko * https://github.com/HtmlUnit/htmlunit-neko/security/advisories/GHSA-6jmm-mp6w-4rrg TODO * 使用 vavi-util-screenscraping? * interface default * ~~Spoon~~
标签:JS文件枚举, SOC Prime, 云资产清单, 代码生成, 域名枚举, 开发工具, 文档解析, 渗透测试工具, 逆向工程