APIs have become a central building block in modern software development, and many organizations follow an API-first approach. In practice, this trend is reflected in service-oriented systems, where functionality is exposed and consumed through REST APIs. While this improves modularity and supports independent evolution of components, it also makes the overall architecture harder to understand from source code alone, especially when documentation is incomplete or no longer matches the implementation. This thesis investigates how static analysis can be extended to recover REST-related architectural information from Spring-based Java microservices directly from source code, without executing the system. The work builds on the LiSA static analysis framework and its Java frontend, JLiSA, and focuses on demonstrating the extensibility of the framework for Spring-specific architectural recovery. A key challenge is that Spring encodes essential architectural information in Java annotations. Since annotations are metadata rather than executable statements, the thesis models them as descriptive information attached to program entities (classes, methods, and fields), not as control-flow graph nodes. A prototype extension is implemented to extract request mapping metadata centered around RequestMapping and its specialized variants, together with controller-related annotations, and to propagate this metadata into the framework’s internal descriptors so that it becomes visible in generated artifacts (e.g., annotated signatures and graph-based views). The approach is evaluated on small examples and on one to two open-source Spring microservice applications. The evaluation shows that the extension provides a practical baseline for architecture recovery while also highlighting limitations caused by framework-specific behavior that is difficult to model precisely with static analysis. Overall, this thesis adopts a design choice: Spring annotation information is treated as metadata attached to program entities and exposed in the generated artifacts, while control-flow graphs remain unchanged.
Static Analysis of REST Architecture in Spring Microservices with JLiSA
SALIMI, SAJEDE
2024/2025
Abstract
APIs have become a central building block in modern software development, and many organizations follow an API-first approach. In practice, this trend is reflected in service-oriented systems, where functionality is exposed and consumed through REST APIs. While this improves modularity and supports independent evolution of components, it also makes the overall architecture harder to understand from source code alone, especially when documentation is incomplete or no longer matches the implementation. This thesis investigates how static analysis can be extended to recover REST-related architectural information from Spring-based Java microservices directly from source code, without executing the system. The work builds on the LiSA static analysis framework and its Java frontend, JLiSA, and focuses on demonstrating the extensibility of the framework for Spring-specific architectural recovery. A key challenge is that Spring encodes essential architectural information in Java annotations. Since annotations are metadata rather than executable statements, the thesis models them as descriptive information attached to program entities (classes, methods, and fields), not as control-flow graph nodes. A prototype extension is implemented to extract request mapping metadata centered around RequestMapping and its specialized variants, together with controller-related annotations, and to propagate this metadata into the framework’s internal descriptors so that it becomes visible in generated artifacts (e.g., annotated signatures and graph-based views). The approach is evaluated on small examples and on one to two open-source Spring microservice applications. The evaluation shows that the extension provides a practical baseline for architecture recovery while also highlighting limitations caused by framework-specific behavior that is difficult to model precisely with static analysis. Overall, this thesis adopts a design choice: Spring annotation information is treated as metadata attached to program entities and exposed in the generated artifacts, while control-flow graphs remain unchanged.| File | Dimensione | Formato | |
|---|---|---|---|
|
Salimi_thesis (46) (1).pdf
non disponibili
Dimensione
980.9 kB
Formato
Adobe PDF
|
980.9 kB | Adobe PDF |
I documenti in UNITESI sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/20.500.14247/28806