![]() ![]() ![]() This project uses CFR to decompile, issues with the decompiled code should be reported for: Compiled jar lacks some information present in the source code, most importantly many generic types, some local variable names, comments, etc., therefore perfect reproduction of the source code is not always possible and sometimes you will see compilation failure which you have to correct manually.Continue the deveopment of a project you no longer have source for.Via this plugin the actual decompiled source can be pulled into Eclipse, where you can manually study it (or even build it).Even with valid artifacts tricking caches, MITM and compramising artifactories is possible.Even if the library owner has no malicious intent, build servers can be compromised to include additional code into an otherwise legitimate library.Source attachment of a Maven artifact also cannot be trusted, since it is only uploaded to Maven, it can contain anything the author wants, if your IDE shows the source attachment instead of the decompiled source, you IDE can potentially help to hide the malicious code. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |