comments can be added to rules in json5

src/main/kotlin/net/bytedance/security/app/AnalyzeStepByStep.kt

@@ -41,7 +41,7 @@ class AnalyzeStepByStep {
         if (config.rules.isEmpty()) {
             config.rules = withContext(Dispatchers.IO) {
                 Files.walk(Paths.get(config.rulePath), 1) }
-                .filter { it.pathString.endsWith(".json")}
+                .filter { it.pathString.endsWith(".json") || it.pathString.endsWith(".json5")}
                 .map { it.fileName }.toList().joinToString(separator = ",")
         }
         val rulePathList = config.rules.split(",")
@@ -106,10 +106,11 @@ class AnalyzeStepByStep {
         // reduce time
         val excludeList = ArrayList<String>()
         excludeList.add("java.*")
+        excludeList.add("javax.*")
         excludeList.add("org.*")
         excludeList.add("sun.*")
-        //        excludeList.add("android.*");
-//        excludeList.add("androidx.*");
+        // excludeList.add("android.*")
+        // excludeList.add("androidx.*")
         Options.v().set_exclude(excludeList)
         // do not load body in exclude list
         Options.v().set_no_bodies_for_excluded(true)
@@ -169,7 +170,7 @@ class AnalyzeStepByStep {
         Options.v().set_debug(false)
         Options.v().set_verbose(false)
         Options.v().set_validate(false)
-//        Options.v().set_keep_line_number(true)
+        // Options.v().set_keep_line_number(true)
         setExclude()
         logInfo("loadNecessaryClasses")
         try {

src/main/kotlin/net/bytedance/security/app/android/AndroidUtils.kt

@@ -260,7 +260,7 @@ object AndroidUtils {
         }
         if (getConfig().jimpleSource == true) {
             Log.logDebug("Dex to jimple code")
-            PackManager.v().writeOutput();
+            PackManager.v().writeOutput()
         }
 
         val targetAPK = File(apkAbsPath!!)

src/main/kotlin/net/bytedance/security/app/engineconfig/IgnoreListsConfig.kt

@@ -28,30 +28,17 @@ class IgnoreListsConfig(ignoreListData: IgnoreListsData) {
     private var methodSigSet: HashSet<String> = HashSet()
 
     init {
-        ignoreListData.PackageName?.forEach {
-            packageNameSet.add(it)
-        }
-        ignoreListData.MethodName?.forEach {
-            methodNameSet.add(it)
-        }
+        ignoreListData.PackageName?.forEach { packageNameSet.add(it) }
+        ignoreListData.MethodName?.forEach { methodNameSet.add(it) }
         ignoreListData.MethodSignature?.forEach { methodSigSet.add(it) }
-
     }
 
     fun isInIgnoreList(className: String, methodName: String, methodSig: String): Boolean {
         return containsPackageName(className) || containsMethodName(methodName) || containsMethodSig(methodSig)
     }
 
     private fun containsPackageName(className: String): Boolean {
-        if (packageNameSet.contains(className)) {
-            return true
-        }
-        for (ignorePackageName in packageNameSet) {
-            if (className.startsWith(ignorePackageName)) {
-                return true
-            }
-        }
-        return false
+        return packageNameSet.any { className.startsWith(it) }
     }
 
     private fun containsMethodName(methodName: String): Boolean {
@@ -61,5 +48,4 @@ class IgnoreListsConfig(ignoreListData: IgnoreListsData) {
     private fun containsMethodSig(methodSig: String): Boolean {
         return methodSigSet.contains(methodSig)
     }
-
-}
+}

src/main/kotlin/net/bytedance/security/app/engineconfig/LibraryConfig.kt

@@ -20,26 +20,12 @@ package net.bytedance.security.app.engineconfig
 class LibraryConfig(val libraryData: LibraryData) {
 
     private fun isInExcludeLibrary(className: String): Boolean {
-        for (excludeContain in libraryData.ExcludeLibraryContains) {
-            if (className.contains(excludeContain)) {
-                return true
-            }
-        }
-        return false
+        return libraryData.ExcludeLibraryContains.any { className.contains(it) }
     }
 
     fun isLibraryClass(className: String): Boolean {
-        for (packageName in libraryData.Package) {
-            //If it's library. It is necessary to continue to check
-            // whether it belongs to the whitelist which needs to be analyzed
-            if (className.startsWith(packageName)) {
-                // Only those not on the whitelist are considered libraries
-                if (!isInExcludeLibrary(className)) {
-                    return true
-                }
-            }
-        }
-        return false
+        // those belong to Package and not belong to ExcludeLibraryContains
+        return libraryData.Package.any { className.startsWith(it) && !isInExcludeLibrary(className) }
     }
 
     fun isLibraryMethod(methodSig: String): Boolean {
@@ -50,5 +36,4 @@ class LibraryConfig(val libraryData: LibraryData) {
     fun setPackage(packages: List<String>) {
         libraryData.Package = packages
     }
-
-}
+}

src/main/kotlin/net/bytedance/security/app/rules/TaintFlowRule.kt

@@ -46,12 +46,15 @@ abstract class TaintFlowRule(name: String, ruleData: RuleData) : AbstractRule(na
 
     fun isThisRuleNeedLog(): Boolean {
         val config = getConfig()
-        val ruleNameList = when (config.debugRule) {
-            "" -> emptyList()
-            "all" -> config.rules.split(",").map { it.trim() }
-            else -> config.debugRule.split(",").map { it.trim() }
+        val ruleNameList = let {
+            fun String.process() = this.split(",").map { it.trim().substringBeforeLast('.') }
+            when (config.debugRule) {
+                "" -> emptyList()
+                "all" -> config.rules.process()
+                else -> config.debugRule.process()
+            }
         }
-        return ruleNameList.contains("${this.name}.json")
+        return ruleNameList.contains(this.name)
     }
 
     fun isThroughEnable(): Boolean {