For other CodeQL resources, including tutorials and examples, see the CodeQL documentation

Jackson

Module Jackson

Provides classes and predicates for working with the Jackson serialization framework.


                                import semmle.code.java.frameworks.Jackson

java	Provides all default Java QL imports.

createJacksonJsonParserStep	Holds if `fromNode` to `toNode` is a dataflow step that creates a Jackson parser.
createJacksonTreeNodeStep	Holds if `fromNode` to `toNode` is a dataflow step that creates a Jackson `TreeNode`.
hasArgumentWithUnsafeJacksonAnnotation	Holds if `call` is a method call to a Jackson deserialization method such as `ObjectMapper.readValue(String, Class)`, and the target deserialized class has a field with a `JsonTypeInfo` annotation that enables polymorphic typing.

EnableJacksonDefaultTyping	A call that enables the default typing in `ObjectMapper`.
JacksonTypeDescriptorType	A type descriptor in Jackson libraries. For example, `java.lang.Class`.
MapperBuilder	A builder for building Jackson’s `JsonMapper`.
ObjectMapperReadMethod	A method in `ObjectMapper` that deserialize data.
ObjectMapperReadQualifier	A qualifier of a call to one of the methods in `ObjectMapper` that deserialize data.
SetPolymorphicTypeValidatorSource	A source that sets a type validator.