Switch to java 21 (#110)

* Switch to java 21

Signed-off-by: Prabhu Subramanian <prabhu@appthreat.com>

---------

Signed-off-by: Prabhu Subramanian <prabhu@appthreat.com>

.github/workflows/containers.yml

@@ -45,11 +45,6 @@ jobs:
             ~/.coursier
           key: ${{ runner.os }}-sbt-${{ hashfiles('**/build.sbt') }}
       - run: |
-          git apply --ignore-space-change --ignore-whitespace contrib/java21.patch
-          if [ $? != 0 ]; then
-            echo "Unable to patch the codebase correctly."
-            exit 1
-          fi
           sbt stage createDistribution
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -80,24 +75,3 @@ jobs:
           labels: ${{ steps.meta.outputs.labels }}
           cache-from: type=gha,scope=atom
           cache-to: type=gha,mode=max,scope=atom
-      - name: Upload atom to ghcr
-        run: |
-          cd target
-          cp atom.zip atom-java21.zip
-          sha512sum atom.zip > atom.zip.sha512
-          sha512sum atom-java21.zip > atom-java21.zip.sha512
-          echo $GITHUB_TOKEN | oras login ghcr.io -u $GITHUB_USERNAME --password-stdin
-          oras push ghcr.io/appthreat/atom-java21:v1 \
-            --annotation-file ../ci/annotations.json \
-            ./atom.zip:application/vnd.appthreat.atom.layer.v1+tar \
-            ./atom.zip.sha512:application/vnd.appthreat.atom.layer.v1+tar
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          GITHUB_USERNAME: ${{ github.actor }}
-      - name: Create Release
-        if: startsWith(github.ref, 'refs/tags/')
-        uses: softprops/action-gh-release@v1
-        with:
-          files: |
-            target/atom-java21.zip
-            target/atom-java21.zip.sha512

.github/workflows/nodejstests.yml

@@ -7,8 +7,8 @@ jobs:
     strategy:
       matrix:
         os: [ubuntu-latest, macos-latest]
-        java-version: ['17', '19', '20', '21']
-        node-version: ['20.x']
+        java-version: ['21']
+        node-version: ['21.x']
     runs-on: ${{ matrix.os }}
     steps:
       - uses: actions/checkout@v4
@@ -61,8 +61,8 @@ jobs:
     runs-on: windows-latest
     strategy:
       matrix:
-        java-version: ['17', '19', '20', '21']
-        node-version: ['20.x']
+        java-version: ['21']
+        node-version: ['21.x']
     steps:
       - uses: actions/checkout@v4
       - name: Use Node.js ${{ matrix.node-version }}

.github/workflows/npm-release.yml

@@ -24,7 +24,7 @@ jobs:
       uses: actions/setup-java@v4
       with:
         distribution: 'zulu'
-        java-version: '19'
+        java-version: '21'
     - name: Release
       run: |
         sbt scalafmtCheck stage assembly createDistribution

.github/workflows/repotests.yml

@@ -6,68 +6,11 @@ on:
       - feature/*
   workflow_dispatch:
 jobs:
-  jvm21-testing:
-    strategy:
-      matrix:
-        os: [ ubuntu-latest, macos-latest ]
-        java-version: [ '21' ]
-    runs-on: ${{ matrix.os }}
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-      - uses: actions/checkout@v4
-        with:
-          repository: 'HooliCorp/java-sec-code'
-          path: 'repotests/java-sec-code'
-      - uses: actions/checkout@v4
-        with:
-          repository: 'DefectDojo/django-DefectDojo'
-          path: 'repotests/django-DefectDojo'
-      - uses: actions/checkout@v4
-        with:
-          repository: 'nodejs/node'
-          path: 'repotests/nodejs'
-      - uses: actions/checkout@v4
-        with:
-          repository: 'awsdocs/aws-doc-sdk-examples'
-          path: 'repotests/aws-doc-sdk-examples'
-      - uses: actions/checkout@v4
-        with:
-          repository: 'friendica/friendica'
-          path: 'repotests/friendica'
-      - uses: coursier/cache-action@v6
-      - name: Set up JDK
-        uses: actions/setup-java@v4
-        with:
-          distribution: 'zulu'
-          java-version: ${{ matrix.java-version }}
-      - name: Use Node.js ${{ matrix.node-version }}
-        uses: actions/setup-node@v3
-        with:
-          node-version: '21.x'
-      - run: |
-          git apply --ignore-space-change --ignore-whitespace contrib/java21.patch
-          sbt stage astGenDlTask
-          npm install -g @cyclonedx/cdxgen --omit=optional
-          cdxgen -t java --deep -o $GITHUB_WORKSPACE/repotests/java-sec-code/bom.json $GITHUB_WORKSPACE/repotests/java-sec-code
-          ./atom.sh reachables --remove-atom -o /tmp/java-sec-code.atom -l java $GITHUB_WORKSPACE/repotests/java-sec-code -Dlog4j.configurationFile=log4j2.xml --slice-outfile /tmp/java-sec-code.reachables.json
-          cdxgen -t python --deep -o $GITHUB_WORKSPACE/repotests/django-DefectDojo/bom.json $GITHUB_WORKSPACE/repotests/django-DefectDojo
-          ./atom.sh reachables --remove-atom -o /tmp/django-DefectDojo.atom -l python $GITHUB_WORKSPACE/repotests/django-DefectDojo -Dlog4j.configurationFile=log4j2.xml --slice-outfile /tmp/django-DefectDojo.reachables.json
-          ./atom.sh usages --remove-atom -o /tmp/v8.atom -l h $GITHUB_WORKSPACE/repotests/nodejs/deps/v8 -Dlog4j.configurationFile=log4j2.xml --slice-outfile /tmp/v8.slices.json
-          ./atom.sh usages --remove-atom -o /tmp/uv.atom -l h $GITHUB_WORKSPACE/repotests/nodejs/deps/uv -Dlog4j.configurationFile=log4j2.xml --slice-outfile /tmp/uv.slices.json
-          ./atom.sh usages --remove-atom -o /tmp/aws.atom -l h $GITHUB_WORKSPACE/repotests/aws-doc-sdk-examples/cpp -Dlog4j.configurationFile=log4j2.xml --slice-outfile /tmp/aws.slices.json
-          ./atom.sh usages --remove-atom -o /tmp/friendica.atom -l h $GITHUB_WORKSPACE/repotests/friendica -Dlog4j.configurationFile=log4j2.xml --slice-outfile /tmp/friend.slices.json
-          cdxgen -t php -o $GITHUB_WORKSPACE/repotests/friendica/bom.json $GITHUB_WORKSPACE/repotests/friendica
-          ./atom.sh reachables --remove-atom -o /tmp/friendica2.atom -l h $GITHUB_WORKSPACE/repotests/friendica -Dlog4j.configurationFile=log4j2.xml --slice-outfile /tmp/friend2.slices.json
-        env:
-          JAVA_TOOL_OPTIONS: "-Dfile.encoding=UTF-8"
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   jvm-testing:
     strategy:
       matrix:
         os: [ubuntu-latest, macos-latest, windows-latest]
-        java-version: ['17', '19', '20']
+        java-version: ['21']
     runs-on: ${{ matrix.os }}
     steps:
       - uses: actions/checkout@v4
@@ -118,7 +61,7 @@ jobs:
       - name: Use Node.js ${{ matrix.node-version }}
         uses: actions/setup-node@v3
         with:
-          node-version: '20.x'
+          node-version: '21.x'
       - run: |
           sbt stage astGenDlTask
           ./atom.sh --remove-atom -o /tmp/java.atom -l java $GITHUB_WORKSPACE/repotests/shiftleft-java-example -Dlog4j.configurationFile=log4j2.xml

build.sbt

@@ -1,9 +1,9 @@
 name                     := "atom"
 ThisBuild / organization := "io.appthreat"
-ThisBuild / version      := "1.8.4"
+ThisBuild / version      := "2.0.0"
 ThisBuild / scalaVersion := "3.3.1"
 
-val chenVersion      = "1.1.6"
+val chenVersion      = "2.0.0"
 
 lazy val atom = Projects.atom
 
@@ -36,17 +36,17 @@ Compile / doc / scalacOptions ++= Seq("-doc-title", "atom apidocs", "-doc-versio
 ThisBuild / scalacOptions ++= Seq(
   "-deprecation", // Emit warning and location for usages of deprecated APIs.
   "--release",
-  "17",
+  "21",
 )
 
 ThisBuild / compile / javacOptions ++= Seq(
   "-g", // debug symbols
   "-Xlint",
-  "--release=17"
+  "--release=21"
 ) ++ {
   // fail early if users with JDK11 try to run this
   val javaVersion = sys.props("java.specification.version").toFloat
-  assert(javaVersion.toInt >= 17, s"this build requires JDK17+ - you're using $javaVersion")
+  assert(javaVersion.toInt >= 21, s"this build requires JDK21+ - you're using $javaVersion")
   Nil
 }
 

codemeta.json

@@ -7,7 +7,7 @@
   "downloadUrl": "https://github.com/AppThreat/atom",
   "issueTracker": "https://github.com/AppThreat/atom/issues",
   "name": "atom",
-  "version": "1.8.4",
+  "version": "2.0.0",
   "description": "Atom is a novel intermediate representation for next-generation code analysis.",
   "applicationCategory": "code-analysis",
   "keywords": [

src/main/scala/io/appthreat/atom/dataflows/DataFlowGraph.scala

@@ -65,7 +65,7 @@ object DataFlowGraph:
     private def DF_EDGES =
         Set(EdgeTypes.REACHING_DEF, EdgeTypes.CALL, EdgeTypes.REF)
     val exec: ExecutorService =
-        Executors.newWorkStealingPool(Runtime.getRuntime.availableProcessors / 2)
+        Executors.newVirtualThreadPerTaskExecutor()
 
     def buildFromSlice(slice: DataFlowSlice): DataFlowGraph =
         val dfNodes = slice.nodes

src/main/scala/io/appthreat/atom/slicing/DataFlowSlicing.scala

@@ -14,7 +14,7 @@ class DataFlowSlicing:
 
     implicit val resolver: ICallResolver = NoResolve
     protected val exec: ExecutorService =
-        Executors.newWorkStealingPool(Runtime.getRuntime.availableProcessors() / 2)
+        Executors.newVirtualThreadPerTaskExecutor()
     private val excludeOperatorCalls     = new AtomicBoolean(true)
     private val nodeCache                = new TrieMap[Long, SliceNode]()
     private var language: Option[String] = _

src/main/scala/io/appthreat/atom/slicing/UsageSlicing.scala

@@ -20,7 +20,7 @@ object UsageSlicing:
 
     private val resolver = NoResolve
     val exec: ExecutorService =
-        Executors.newWorkStealingPool(Runtime.getRuntime.availableProcessors() / 2)
+        Executors.newVirtualThreadPerTaskExecutor()
     private val constructorTypeMatcher = Pattern.compile(".*new (\\w+)\\(.*")
     private val excludeOperatorCalls   = new AtomicBoolean(true)
     private val FRAMEWORK_ROUTE        = "framework-route"

wrapper/nodejs/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@appthreat/atom",
-  "version": "1.8.4",
+  "version": "2.0.0",
   "description": "Create atom (⚛) representation for your application, packages and libraries",
   "exports": "./index.js",
   "type": "module",