Test Info
| Library Name | esapi |
| Version #1 | 2.0.1 |
| Version #2 | 2.1.0.1 |
| Subject | Binary Compatibility |
Test Results
| Total JARs | 1 |
| Total Methods / Classes | 1677 / 181 |
| Compatibility |
97.1% |
Problem Summary
| Severity | Count |
|---|
| Added Methods | - | 46 |
|---|
| Removed Methods | High | 4 |
|---|
Problems with Data Types | High | 2 |
|---|
| Medium | 4 |
| Low | 1 |
Problems with Methods | High | 0 |
|---|
| Medium | 0 |
| Low | 2 |
Other Changes in Data Types | - | 3 |
Added Methods (46)
esapi-2.1.0.1.jar,
AbstractPrioritizedPropertyLoader.class
package org.owasp.esapi.configuration
AbstractPrioritizedPropertyLoader.AbstractPrioritizedPropertyLoader ( String filename, int priority )
[mangled: org/owasp/esapi/configuration/AbstractPrioritizedPropertyLoader."<init>":(Ljava/lang/String;I)V]
AbstractPrioritizedPropertyLoader.compareTo ( AbstractPrioritizedPropertyLoader compared ) : int
[mangled: org/owasp/esapi/configuration/AbstractPrioritizedPropertyLoader.compareTo:(Lorg/owasp/esapi/configuration/AbstractPrioritizedPropertyLoader;)I]
AbstractPrioritizedPropertyLoader.compareTo ( Object x0 ) : int
[mangled: org/owasp/esapi/configuration/AbstractPrioritizedPropertyLoader.compareTo:(Ljava/lang/Object;)I]
AbstractPrioritizedPropertyLoader.initProperties ( ) : void
[mangled: org/owasp/esapi/configuration/AbstractPrioritizedPropertyLoader.initProperties:()V]
AbstractPrioritizedPropertyLoader.loadPropertiesFromFile ( File p1 ) [abstract] : void
[mangled: org/owasp/esapi/configuration/AbstractPrioritizedPropertyLoader.loadPropertiesFromFile:(Ljava/io/File;)V]
AbstractPrioritizedPropertyLoader.name ( ) : String
[mangled: org/owasp/esapi/configuration/AbstractPrioritizedPropertyLoader.name:()Ljava/lang/String;]
AbstractPrioritizedPropertyLoader.priority ( ) : int
[mangled: org/owasp/esapi/configuration/AbstractPrioritizedPropertyLoader.priority:()I]
esapi-2.1.0.1.jar,
CryptoHelper.class
package org.owasp.esapi.crypto
CryptoHelper.isValidKDFVersion ( int kdfVers, boolean restrictToCurrent, boolean throwIfError ) [static] : boolean
[mangled: org/owasp/esapi/crypto/CryptoHelper.isValidKDFVersion:(IZZ)Z]
esapi-2.1.0.1.jar,
DefaultSecurityConfiguration.class
package org.owasp.esapi.reference
DefaultSecurityConfiguration.getBooleanProp ( String propertyName ) : Boolean
[mangled: org/owasp/esapi/reference/DefaultSecurityConfiguration.getBooleanProp:(Ljava/lang/String;)Ljava/lang/Boolean;]
DefaultSecurityConfiguration.getByteArrayProp ( String propertyName ) : byte[ ]
[mangled: org/owasp/esapi/reference/DefaultSecurityConfiguration.getByteArrayProp:(Ljava/lang/String;)[B]
DefaultSecurityConfiguration.getIntProp ( String propertyName ) : int
[mangled: org/owasp/esapi/reference/DefaultSecurityConfiguration.getIntProp:(Ljava/lang/String;)I]
DefaultSecurityConfiguration.getStringProp ( String propertyName ) : String
[mangled: org/owasp/esapi/reference/DefaultSecurityConfiguration.getStringProp:(Ljava/lang/String;)Ljava/lang/String;]
esapi-2.1.0.1.jar,
EnterpriseSecurityException.class
package org.owasp.esapi.errors
EnterpriseSecurityException.EnterpriseSecurityException ( String userMessage )
[mangled: org/owasp/esapi/errors/EnterpriseSecurityException."<init>":(Ljava/lang/String;)V]
EnterpriseSecurityException.EnterpriseSecurityException ( String userMessage, Throwable cause )
[mangled: org/owasp/esapi/errors/EnterpriseSecurityException."<init>":(Ljava/lang/String;Ljava/lang/Throwable;)V]
esapi-2.1.0.1.jar,
EnterpriseSecurityRuntimeException.class
package org.owasp.esapi.errors
EnterpriseSecurityRuntimeException.EnterpriseSecurityRuntimeException ( String userMessage )
[mangled: org/owasp/esapi/errors/EnterpriseSecurityRuntimeException."<init>":(Ljava/lang/String;)V]
EnterpriseSecurityRuntimeException.EnterpriseSecurityRuntimeException ( String userMessage, Throwable cause )
[mangled: org/owasp/esapi/errors/EnterpriseSecurityRuntimeException."<init>":(Ljava/lang/String;Ljava/lang/Throwable;)V]
esapi-2.1.0.1.jar,
EsapiConfiguration.class
package org.owasp.esapi.configuration.consts
EsapiConfiguration.getConfigName ( ) : String
[mangled: org/owasp/esapi/configuration/consts/EsapiConfiguration.getConfigName:()Ljava/lang/String;]
EsapiConfiguration.getPriority ( ) : int
[mangled: org/owasp/esapi/configuration/consts/EsapiConfiguration.getPriority:()I]
EsapiConfiguration.valueOf ( String name ) [static] : EsapiConfiguration
[mangled: org/owasp/esapi/configuration/consts/EsapiConfiguration.valueOf:(Ljava/lang/String;)Lorg/owasp/esapi/configuration/consts/EsapiConfiguration;]
EsapiConfiguration.values ( ) [static] : EsapiConfiguration[ ]
[mangled: org/owasp/esapi/configuration/consts/EsapiConfiguration.values:()[Lorg/owasp/esapi/configuration/consts/EsapiConfiguration;]
esapi-2.1.0.1.jar,
EsapiConfigurationType.class
package org.owasp.esapi.configuration.consts
EsapiConfigurationType.getTypeName ( ) : String
[mangled: org/owasp/esapi/configuration/consts/EsapiConfigurationType.getTypeName:()Ljava/lang/String;]
EsapiConfigurationType.valueOf ( String name ) [static] : EsapiConfigurationType
[mangled: org/owasp/esapi/configuration/consts/EsapiConfigurationType.valueOf:(Ljava/lang/String;)Lorg/owasp/esapi/configuration/consts/EsapiConfigurationType;]
EsapiConfigurationType.values ( ) [static] : EsapiConfigurationType[ ]
[mangled: org/owasp/esapi/configuration/consts/EsapiConfigurationType.values:()[Lorg/owasp/esapi/configuration/consts/EsapiConfigurationType;]
esapi-2.1.0.1.jar,
EsapiPropertyLoader.class
package org.owasp.esapi.configuration
EsapiPropertyLoader.getBooleanProp ( String p1 ) [abstract] : Boolean
[mangled: org/owasp/esapi/configuration/EsapiPropertyLoader.getBooleanProp:(Ljava/lang/String;)Ljava/lang/Boolean;]
EsapiPropertyLoader.getByteArrayProp ( String p1 ) [abstract] : byte[ ]
[mangled: org/owasp/esapi/configuration/EsapiPropertyLoader.getByteArrayProp:(Ljava/lang/String;)[B]
EsapiPropertyLoader.getIntProp ( String p1 ) [abstract] : int
[mangled: org/owasp/esapi/configuration/EsapiPropertyLoader.getIntProp:(Ljava/lang/String;)I]
EsapiPropertyLoader.getStringProp ( String p1 ) [abstract] : String
[mangled: org/owasp/esapi/configuration/EsapiPropertyLoader.getStringProp:(Ljava/lang/String;)Ljava/lang/String;]
esapi-2.1.0.1.jar,
EsapiPropertyLoaderFactory.class
package org.owasp.esapi.configuration
EsapiPropertyLoaderFactory.createPropertyLoader ( EsapiConfiguration cfg ) [static] : AbstractPrioritizedPropertyLoader
[mangled: org/owasp/esapi/configuration/EsapiPropertyLoaderFactory.createPropertyLoader:(Lorg/owasp/esapi/configuration/consts/EsapiConfiguration;)Lorg/owasp/esapi/configuration/AbstractPrioritizedPropertyLoader;]
EsapiPropertyLoaderFactory.EsapiPropertyLoaderFactory ( )
[mangled: org/owasp/esapi/configuration/EsapiPropertyLoaderFactory."<init>":()V]
esapi-2.1.0.1.jar,
EsapiPropertyManager.class
package org.owasp.esapi.configuration
EsapiPropertyManager.EsapiPropertyManager ( )
[mangled: org/owasp/esapi/configuration/EsapiPropertyManager."<init>":()V]
EsapiPropertyManager.getBooleanProp ( String propertyName ) : Boolean
[mangled: org/owasp/esapi/configuration/EsapiPropertyManager.getBooleanProp:(Ljava/lang/String;)Ljava/lang/Boolean;]
EsapiPropertyManager.getByteArrayProp ( String propertyName ) : byte[ ]
[mangled: org/owasp/esapi/configuration/EsapiPropertyManager.getByteArrayProp:(Ljava/lang/String;)[B]
EsapiPropertyManager.getIntProp ( String propertyName ) : int
[mangled: org/owasp/esapi/configuration/EsapiPropertyManager.getIntProp:(Ljava/lang/String;)I]
EsapiPropertyManager.getStringProp ( String propertyName ) : String
[mangled: org/owasp/esapi/configuration/EsapiPropertyManager.getStringProp:(Ljava/lang/String;)Ljava/lang/String;]
esapi-2.1.0.1.jar,
StandardEsapiPropertyLoader.class
package org.owasp.esapi.configuration
StandardEsapiPropertyLoader.getBooleanProp ( String propertyName ) : Boolean
[mangled: org/owasp/esapi/configuration/StandardEsapiPropertyLoader.getBooleanProp:(Ljava/lang/String;)Ljava/lang/Boolean;]
StandardEsapiPropertyLoader.getByteArrayProp ( String propertyName ) : byte[ ]
[mangled: org/owasp/esapi/configuration/StandardEsapiPropertyLoader.getByteArrayProp:(Ljava/lang/String;)[B]
StandardEsapiPropertyLoader.getIntProp ( String propertyName ) : int
[mangled: org/owasp/esapi/configuration/StandardEsapiPropertyLoader.getIntProp:(Ljava/lang/String;)I]
StandardEsapiPropertyLoader.getStringProp ( String propertyName ) : String
[mangled: org/owasp/esapi/configuration/StandardEsapiPropertyLoader.getStringProp:(Ljava/lang/String;)Ljava/lang/String;]
StandardEsapiPropertyLoader.loadPropertiesFromFile ( File file ) : void
[mangled: org/owasp/esapi/configuration/StandardEsapiPropertyLoader.loadPropertiesFromFile:(Ljava/io/File;)V]
StandardEsapiPropertyLoader.StandardEsapiPropertyLoader ( String filename, int priority )
[mangled: org/owasp/esapi/configuration/StandardEsapiPropertyLoader."<init>":(Ljava/lang/String;I)V]
esapi-2.1.0.1.jar,
XmlEsapiPropertyLoader.class
package org.owasp.esapi.configuration
XmlEsapiPropertyLoader.getBooleanProp ( String propertyName ) : Boolean
[mangled: org/owasp/esapi/configuration/XmlEsapiPropertyLoader.getBooleanProp:(Ljava/lang/String;)Ljava/lang/Boolean;]
XmlEsapiPropertyLoader.getByteArrayProp ( String propertyName ) : byte[ ]
[mangled: org/owasp/esapi/configuration/XmlEsapiPropertyLoader.getByteArrayProp:(Ljava/lang/String;)[B]
XmlEsapiPropertyLoader.getIntProp ( String propertyName ) : int
[mangled: org/owasp/esapi/configuration/XmlEsapiPropertyLoader.getIntProp:(Ljava/lang/String;)I]
XmlEsapiPropertyLoader.getStringProp ( String propertyName ) : String
[mangled: org/owasp/esapi/configuration/XmlEsapiPropertyLoader.getStringProp:(Ljava/lang/String;)Ljava/lang/String;]
XmlEsapiPropertyLoader.loadPropertiesFromFile ( File file ) : void
[mangled: org/owasp/esapi/configuration/XmlEsapiPropertyLoader.loadPropertiesFromFile:(Ljava/io/File;)V]
XmlEsapiPropertyLoader.XmlEsapiPropertyLoader ( String filename, int priority )
[mangled: org/owasp/esapi/configuration/XmlEsapiPropertyLoader."<init>":(Ljava/lang/String;I)V]
to the top
Removed Methods (4)
esapi-2.0.1.jar,
Encryptor.class
package org.owasp.esapi
Encryptor.decrypt ( String p1 ) [abstract] : String *DEPRECATED*
[mangled: org/owasp/esapi/Encryptor.decrypt:(Ljava/lang/String;)Ljava/lang/String;]
Encryptor.encrypt ( String p1 ) [abstract] : String *DEPRECATED*
[mangled: org/owasp/esapi/Encryptor.encrypt:(Ljava/lang/String;)Ljava/lang/String;]
esapi-2.0.1.jar,
JavaEncryptor.class
package org.owasp.esapi.reference.crypto
JavaEncryptor.decrypt ( String b64IVCiphertext ) : String *DEPRECATED*
[mangled: org/owasp/esapi/reference/crypto/JavaEncryptor.decrypt:(Ljava/lang/String;)Ljava/lang/String;]
JavaEncryptor.encrypt ( String plaintext ) : String *DEPRECATED*
[mangled: org/owasp/esapi/reference/crypto/JavaEncryptor.encrypt:(Ljava/lang/String;)Ljava/lang/String;]
to the top
Problems with Data Types, High Severity (2)
esapi-2.0.1.jar
package org.owasp.esapi
[+] Encryptor (2)
| Change | Effect |
|---|
| 1 | Abstract method Encryptor.decrypt ( String ) has been removed from this interface. | A client program may be interrupted by NoSuchMethodError exception. |
| 2 | Abstract method Encryptor.encrypt ( String ) has been removed from this interface. | A client program may be interrupted by NoSuchMethodError exception. |
[+] affected methods: 15 (0.9%)
Encryptor.decrypt ( SecretKey p1, CipherText p2 )This abstract method is from 'Encryptor' interface.
Encryptor.decrypt ( CipherText p1 )This abstract method is from 'Encryptor' interface.
Encryptor.encrypt ( SecretKey p1, PlainText p2 )This abstract method is from 'Encryptor' interface.
Encryptor.encrypt ( PlainText p1 )This abstract method is from 'Encryptor' interface.
Encryptor.getRelativeTimeStamp ( long p1 )This abstract method is from 'Encryptor' interface.
Encryptor.getTimeStamp ( )This abstract method is from 'Encryptor' interface.
Encryptor.hash ( String p1, String p2 )This abstract method is from 'Encryptor' interface.
Encryptor.hash ( String p1, String p2, int p3 )This abstract method is from 'Encryptor' interface.
Encryptor.seal ( String p1, long p2 )This abstract method is from 'Encryptor' interface.
ESAPI.encryptor ( )Return value of this method has type 'Encryptor'.
...
to the top
Problems with Data Types, Medium Severity (4)
esapi-2.0.1.jar
package org.owasp.esapi.crypto
[+] CipherText (1)
| Change | Effect |
|---|
| 1 | Value of final field cipherTextVersion (int) has been changed from 20110203 to 20130830. | Old value of the field will be inlined to the client code at compile-time and will be used instead of a new one. |
[+] affected methods: 41 (2.4%)
CipherText.CipherText ( )This constructor is from 'CipherText' class.
CipherText.CipherText ( CipherSpec cipherSpec )This constructor is from 'CipherText' class.
CipherText.CipherText ( CipherSpec cipherSpec, byte[ ] cipherText )This constructor is from 'CipherText' class.
CipherText.asPortableSerializedByteArray ( )This method is from 'CipherText' class.
CipherText.canEqual ( Object other )This method is from 'CipherText' class.
CipherText.computeAndStoreMAC ( SecretKey authKey )This method is from 'CipherText' class.
org.owasp.esapi.Encryptor.decrypt ( SecretKey p1, CipherText p2 )2nd parameter 'p2' of this abstract method has type 'CipherText'.
org.owasp.esapi.Encryptor.decrypt ( CipherText p1 )1st parameter 'p1' of this abstract method has type 'CipherText'.
org.owasp.esapi.Encryptor.encrypt ( SecretKey p1, PlainText p2 )Return value of this abstract method has type 'CipherText'.
org.owasp.esapi.Encryptor.encrypt ( PlainText p1 )Return value of this abstract method has type 'CipherText'.
...
[+] CipherTextSerializer (1)
| Change | Effect |
|---|
| 1 | Value of final field cipherTextSerializerVersion (int) has been changed from 20110203 to 20130830. | Old value of the field will be inlined to the client code at compile-time and will be used instead of a new one. |
[+] affected methods: 4 (0.2%)
CipherTextSerializer.CipherTextSerializer ( byte[ ] cipherTextSerializedBytes )This constructor is from 'CipherTextSerializer' class.
CipherTextSerializer.CipherTextSerializer ( CipherText cipherTextObj )This constructor is from 'CipherTextSerializer' class.
CipherTextSerializer.asCipherText ( )This method is from 'CipherTextSerializer' class.
CipherTextSerializer.asSerializedByteArray ( )This method is from 'CipherTextSerializer' class.
[+] KeyDerivationFunction (1)
| Change | Effect |
|---|
| 1 | Value of final field kdfVersion (int) has been changed from 20110203 to 20130830. | Old value of the field will be inlined to the client code at compile-time and will be used instead of a new one. |
[+] affected methods: 12 (0.7%)
KeyDerivationFunction.KeyDerivationFunction ( )This constructor is from 'KeyDerivationFunction' class.
KeyDerivationFunction.KeyDerivationFunction ( KeyDerivationFunction.PRF_ALGORITHMS prfAlg )This constructor is from 'KeyDerivationFunction' class.
KeyDerivationFunction.computeDerivedKey ( SecretKey keyDerivationKey, int keySize, String purpose )This method is from 'KeyDerivationFunction' class.
KeyDerivationFunction.convertIntToPRF ( int selection )This method is from 'KeyDerivationFunction' class.
KeyDerivationFunction.convertNameToPRF ( String prfAlgName )This method is from 'KeyDerivationFunction' class.
KeyDerivationFunction.getContext ( )This method is from 'KeyDerivationFunction' class.
KeyDerivationFunction.getPRFAlgName ( )This method is from 'KeyDerivationFunction' class.
KeyDerivationFunction.getVersion ( )This method is from 'KeyDerivationFunction' class.
KeyDerivationFunction.isValidPRF ( String prfAlgName )This method is from 'KeyDerivationFunction' class.
KeyDerivationFunction.main ( String[ ] args )This method is from 'KeyDerivationFunction' class.
...
esapi-2.0.1.jar
package org.owasp.esapi.errors
[+] IntrusionException (1)
| Change | Effect |
|---|
| 1 | Superclass has been changed from java.lang.RuntimeException to EnterpriseSecurityRuntimeException. | 1) Access of a client program to the fields or methods of the old super-class may be interrupted by NoSuchFieldError or NoSuchMethodError exceptions. 2) A static field from a super-interface of a client class may hide a field (with the same name) inherited from new super-class and cause IncompatibleClassChangeError exception. |
[+] affected methods: 4 (0.2%)
IntrusionException.IntrusionException ( String userMessage, String logMessage )This constructor is from 'IntrusionException' class.
IntrusionException.IntrusionException ( String userMessage, String logMessage, Throwable cause )This constructor is from 'IntrusionException' class.
IntrusionException.getLogMessage ( )This method is from 'IntrusionException' class.
IntrusionException.getUserMessage ( )This method is from 'IntrusionException' class.
to the top
Problems with Data Types, Low Severity (1)
esapi-2.0.1.jar
package org.owasp.esapi.reference
[+] DefaultSecurityConfiguration (1)
| Change | Effect |
|---|
| 1 | Field RESOURCE_FILE (java.lang.String) with the compile-time constant value "ESAPI.properties" has been renamed to DEFAULT_RESOURCE_FILE. | A client program may change behavior. |
[+] affected methods: 78 (4.7%)
DefaultSecurityConfiguration.DefaultSecurityConfiguration ( )This constructor is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.DefaultSecurityConfiguration ( Properties properties )This constructor is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAccessControlImplementation ( )This method is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAdditionalAllowedCipherModes ( )This method is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAllowedExecutables ( )This method is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAllowedFileExtensions ( )This method is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAllowedFileUploadSize ( )This method is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAllowedLoginAttempts ( )This method is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAllowMixedEncoding ( )This method is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAllowMultipleEncoding ( )This method is from 'DefaultSecurityConfiguration' class.
...
to the top
Problems with Methods, Low Severity (2)
esapi-2.0.1.jar,
KeyDerivationFunction.class
package org.owasp.esapi.crypto
[+] KeyDerivationFunction.setVersion ( int version ) : void (1)
[mangled: org/owasp/esapi/crypto/KeyDerivationFunction.setVersion:(I)V]
| Change | Effect |
|---|
| 1 | Added java.lang.IllegalArgumentException exception thrown.
| A client program may be interrupted by added exception. |
esapi-2.0.1.jar,
ReferenceEncryptedProperties.class
package org.owasp.esapi.reference.crypto
[+] ReferenceEncryptedProperties.getProperty ( String key, String defaultValue ) : String (1)
[mangled: org/owasp/esapi/reference/crypto/ReferenceEncryptedProperties.getProperty:(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String;]
| Change | Effect |
|---|
| 1 | Method became synchronized.
| A multi-threaded client program may change behavior. |
to the top
Other Changes in Data Types (3)
esapi-2.0.1.jar
package org.owasp.esapi
[+] SecurityConfiguration (1)
| Change | Effect |
|---|
| 1 | Added super-interface configuration.EsapiPropertyLoader. | No effect. |
[+] affected methods: 70 (4.2%)
ESAPI.override ( SecurityConfiguration config )1st parameter 'config' of this method has type 'SecurityConfiguration'.
ESAPI.securityConfiguration ( )Return value of this method has type 'SecurityConfiguration'.
SecurityConfiguration.getAccessControlImplementation ( )This abstract method is from 'SecurityConfiguration' interface.
SecurityConfiguration.getAdditionalAllowedCipherModes ( )This abstract method is from 'SecurityConfiguration' interface.
SecurityConfiguration.getAllowedExecutables ( )This abstract method is from 'SecurityConfiguration' interface.
SecurityConfiguration.getAllowedFileExtensions ( )This abstract method is from 'SecurityConfiguration' interface.
SecurityConfiguration.getAllowedFileUploadSize ( )This abstract method is from 'SecurityConfiguration' interface.
SecurityConfiguration.getAllowedLoginAttempts ( )This abstract method is from 'SecurityConfiguration' interface.
SecurityConfiguration.getAllowMixedEncoding ( )This abstract method is from 'SecurityConfiguration' interface.
SecurityConfiguration.getAllowMultipleEncoding ( )This abstract method is from 'SecurityConfiguration' interface.
...
esapi-2.0.1.jar
package org.owasp.esapi.crypto
[+] KeyDerivationFunction (1)
| Change | Effect |
|---|
| 1 | Field originalVersion has been added to this class. | No effect. |
[+] affected methods: 12 (0.7%)
KeyDerivationFunction.KeyDerivationFunction ( )This constructor is from 'KeyDerivationFunction' class.
KeyDerivationFunction.KeyDerivationFunction ( KeyDerivationFunction.PRF_ALGORITHMS prfAlg )This constructor is from 'KeyDerivationFunction' class.
KeyDerivationFunction.computeDerivedKey ( SecretKey keyDerivationKey, int keySize, String purpose )This method is from 'KeyDerivationFunction' class.
KeyDerivationFunction.convertIntToPRF ( int selection )This method is from 'KeyDerivationFunction' class.
KeyDerivationFunction.convertNameToPRF ( String prfAlgName )This method is from 'KeyDerivationFunction' class.
KeyDerivationFunction.getContext ( )This method is from 'KeyDerivationFunction' class.
KeyDerivationFunction.getPRFAlgName ( )This method is from 'KeyDerivationFunction' class.
KeyDerivationFunction.getVersion ( )This method is from 'KeyDerivationFunction' class.
KeyDerivationFunction.isValidPRF ( String prfAlgName )This method is from 'KeyDerivationFunction' class.
KeyDerivationFunction.main ( String[ ] args )This method is from 'KeyDerivationFunction' class.
...
esapi-2.0.1.jar
package org.owasp.esapi.reference
[+] DefaultSecurityConfiguration (1)
| Change | Effect |
|---|
| 1 | Field VALIDATION_PROPERTIES_MULTIVALUED has been added to this class. | No effect. |
[+] affected methods: 78 (4.7%)
DefaultSecurityConfiguration.DefaultSecurityConfiguration ( )This constructor is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.DefaultSecurityConfiguration ( Properties properties )This constructor is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAccessControlImplementation ( )This method is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAdditionalAllowedCipherModes ( )This method is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAllowedExecutables ( )This method is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAllowedFileExtensions ( )This method is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAllowedFileUploadSize ( )This method is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAllowedLoginAttempts ( )This method is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAllowMixedEncoding ( )This method is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAllowMultipleEncoding ( )This method is from 'DefaultSecurityConfiguration' class.
...
to the top
Java ARchives (1)
esapi-2.0.1.jar
to the top
Test Info
| Library Name | esapi |
| Version #1 | 2.0.1 |
| Version #2 | 2.1.0.1 |
| Subject | Source Compatibility |
Test Results
| Total JARs | 1 |
| Total Methods / Classes | 1677 / 181 |
| Compatibility |
89.7% |
Problem Summary
| Severity | Count |
|---|
| Added Methods | - | 46 |
|---|
| Removed Methods | High | 4 |
|---|
Problems with Data Types | High | 4 |
|---|
| Medium | 1 |
| Low | 0 |
Problems with Methods | High | 0 |
|---|
| Medium | 0 |
| Low | 0 |
Other Changes in Data Types | - | 2 |
Added Methods (46)
esapi-2.1.0.1.jar,
AbstractPrioritizedPropertyLoader.class
package org.owasp.esapi.configuration
AbstractPrioritizedPropertyLoader.AbstractPrioritizedPropertyLoader ( String filename, int priority )
[mangled: org/owasp/esapi/configuration/AbstractPrioritizedPropertyLoader."<init>":(Ljava/lang/String;I)V]
AbstractPrioritizedPropertyLoader.compareTo ( AbstractPrioritizedPropertyLoader compared ) : int
[mangled: org/owasp/esapi/configuration/AbstractPrioritizedPropertyLoader.compareTo:(Lorg/owasp/esapi/configuration/AbstractPrioritizedPropertyLoader;)I]
AbstractPrioritizedPropertyLoader.compareTo ( Object x0 ) : int
[mangled: org/owasp/esapi/configuration/AbstractPrioritizedPropertyLoader.compareTo:(Ljava/lang/Object;)I]
AbstractPrioritizedPropertyLoader.initProperties ( ) : void
[mangled: org/owasp/esapi/configuration/AbstractPrioritizedPropertyLoader.initProperties:()V]
AbstractPrioritizedPropertyLoader.loadPropertiesFromFile ( File p1 ) [abstract] : void
[mangled: org/owasp/esapi/configuration/AbstractPrioritizedPropertyLoader.loadPropertiesFromFile:(Ljava/io/File;)V]
AbstractPrioritizedPropertyLoader.name ( ) : String
[mangled: org/owasp/esapi/configuration/AbstractPrioritizedPropertyLoader.name:()Ljava/lang/String;]
AbstractPrioritizedPropertyLoader.priority ( ) : int
[mangled: org/owasp/esapi/configuration/AbstractPrioritizedPropertyLoader.priority:()I]
esapi-2.1.0.1.jar,
CryptoHelper.class
package org.owasp.esapi.crypto
CryptoHelper.isValidKDFVersion ( int kdfVers, boolean restrictToCurrent, boolean throwIfError ) [static] : boolean
[mangled: org/owasp/esapi/crypto/CryptoHelper.isValidKDFVersion:(IZZ)Z]
esapi-2.1.0.1.jar,
DefaultSecurityConfiguration.class
package org.owasp.esapi.reference
DefaultSecurityConfiguration.getBooleanProp ( String propertyName ) : Boolean
[mangled: org/owasp/esapi/reference/DefaultSecurityConfiguration.getBooleanProp:(Ljava/lang/String;)Ljava/lang/Boolean;]
DefaultSecurityConfiguration.getByteArrayProp ( String propertyName ) : byte[ ]
[mangled: org/owasp/esapi/reference/DefaultSecurityConfiguration.getByteArrayProp:(Ljava/lang/String;)[B]
DefaultSecurityConfiguration.getIntProp ( String propertyName ) : int
[mangled: org/owasp/esapi/reference/DefaultSecurityConfiguration.getIntProp:(Ljava/lang/String;)I]
DefaultSecurityConfiguration.getStringProp ( String propertyName ) : String
[mangled: org/owasp/esapi/reference/DefaultSecurityConfiguration.getStringProp:(Ljava/lang/String;)Ljava/lang/String;]
esapi-2.1.0.1.jar,
EnterpriseSecurityException.class
package org.owasp.esapi.errors
EnterpriseSecurityException.EnterpriseSecurityException ( String userMessage )
[mangled: org/owasp/esapi/errors/EnterpriseSecurityException."<init>":(Ljava/lang/String;)V]
EnterpriseSecurityException.EnterpriseSecurityException ( String userMessage, Throwable cause )
[mangled: org/owasp/esapi/errors/EnterpriseSecurityException."<init>":(Ljava/lang/String;Ljava/lang/Throwable;)V]
esapi-2.1.0.1.jar,
EnterpriseSecurityRuntimeException.class
package org.owasp.esapi.errors
EnterpriseSecurityRuntimeException.EnterpriseSecurityRuntimeException ( String userMessage )
[mangled: org/owasp/esapi/errors/EnterpriseSecurityRuntimeException."<init>":(Ljava/lang/String;)V]
EnterpriseSecurityRuntimeException.EnterpriseSecurityRuntimeException ( String userMessage, Throwable cause )
[mangled: org/owasp/esapi/errors/EnterpriseSecurityRuntimeException."<init>":(Ljava/lang/String;Ljava/lang/Throwable;)V]
esapi-2.1.0.1.jar,
EsapiConfiguration.class
package org.owasp.esapi.configuration.consts
EsapiConfiguration.getConfigName ( ) : String
[mangled: org/owasp/esapi/configuration/consts/EsapiConfiguration.getConfigName:()Ljava/lang/String;]
EsapiConfiguration.getPriority ( ) : int
[mangled: org/owasp/esapi/configuration/consts/EsapiConfiguration.getPriority:()I]
EsapiConfiguration.valueOf ( String name ) [static] : EsapiConfiguration
[mangled: org/owasp/esapi/configuration/consts/EsapiConfiguration.valueOf:(Ljava/lang/String;)Lorg/owasp/esapi/configuration/consts/EsapiConfiguration;]
EsapiConfiguration.values ( ) [static] : EsapiConfiguration[ ]
[mangled: org/owasp/esapi/configuration/consts/EsapiConfiguration.values:()[Lorg/owasp/esapi/configuration/consts/EsapiConfiguration;]
esapi-2.1.0.1.jar,
EsapiConfigurationType.class
package org.owasp.esapi.configuration.consts
EsapiConfigurationType.getTypeName ( ) : String
[mangled: org/owasp/esapi/configuration/consts/EsapiConfigurationType.getTypeName:()Ljava/lang/String;]
EsapiConfigurationType.valueOf ( String name ) [static] : EsapiConfigurationType
[mangled: org/owasp/esapi/configuration/consts/EsapiConfigurationType.valueOf:(Ljava/lang/String;)Lorg/owasp/esapi/configuration/consts/EsapiConfigurationType;]
EsapiConfigurationType.values ( ) [static] : EsapiConfigurationType[ ]
[mangled: org/owasp/esapi/configuration/consts/EsapiConfigurationType.values:()[Lorg/owasp/esapi/configuration/consts/EsapiConfigurationType;]
esapi-2.1.0.1.jar,
EsapiPropertyLoader.class
package org.owasp.esapi.configuration
EsapiPropertyLoader.getBooleanProp ( String p1 ) [abstract] : Boolean
[mangled: org/owasp/esapi/configuration/EsapiPropertyLoader.getBooleanProp:(Ljava/lang/String;)Ljava/lang/Boolean;]
EsapiPropertyLoader.getByteArrayProp ( String p1 ) [abstract] : byte[ ]
[mangled: org/owasp/esapi/configuration/EsapiPropertyLoader.getByteArrayProp:(Ljava/lang/String;)[B]
EsapiPropertyLoader.getIntProp ( String p1 ) [abstract] : int
[mangled: org/owasp/esapi/configuration/EsapiPropertyLoader.getIntProp:(Ljava/lang/String;)I]
EsapiPropertyLoader.getStringProp ( String p1 ) [abstract] : String
[mangled: org/owasp/esapi/configuration/EsapiPropertyLoader.getStringProp:(Ljava/lang/String;)Ljava/lang/String;]
esapi-2.1.0.1.jar,
EsapiPropertyLoaderFactory.class
package org.owasp.esapi.configuration
EsapiPropertyLoaderFactory.createPropertyLoader ( EsapiConfiguration cfg ) [static] : AbstractPrioritizedPropertyLoader
[mangled: org/owasp/esapi/configuration/EsapiPropertyLoaderFactory.createPropertyLoader:(Lorg/owasp/esapi/configuration/consts/EsapiConfiguration;)Lorg/owasp/esapi/configuration/AbstractPrioritizedPropertyLoader;]
EsapiPropertyLoaderFactory.EsapiPropertyLoaderFactory ( )
[mangled: org/owasp/esapi/configuration/EsapiPropertyLoaderFactory."<init>":()V]
esapi-2.1.0.1.jar,
EsapiPropertyManager.class
package org.owasp.esapi.configuration
EsapiPropertyManager.EsapiPropertyManager ( )
[mangled: org/owasp/esapi/configuration/EsapiPropertyManager."<init>":()V]
EsapiPropertyManager.getBooleanProp ( String propertyName ) : Boolean
[mangled: org/owasp/esapi/configuration/EsapiPropertyManager.getBooleanProp:(Ljava/lang/String;)Ljava/lang/Boolean;]
EsapiPropertyManager.getByteArrayProp ( String propertyName ) : byte[ ]
[mangled: org/owasp/esapi/configuration/EsapiPropertyManager.getByteArrayProp:(Ljava/lang/String;)[B]
EsapiPropertyManager.getIntProp ( String propertyName ) : int
[mangled: org/owasp/esapi/configuration/EsapiPropertyManager.getIntProp:(Ljava/lang/String;)I]
EsapiPropertyManager.getStringProp ( String propertyName ) : String
[mangled: org/owasp/esapi/configuration/EsapiPropertyManager.getStringProp:(Ljava/lang/String;)Ljava/lang/String;]
esapi-2.1.0.1.jar,
StandardEsapiPropertyLoader.class
package org.owasp.esapi.configuration
StandardEsapiPropertyLoader.getBooleanProp ( String propertyName ) : Boolean
[mangled: org/owasp/esapi/configuration/StandardEsapiPropertyLoader.getBooleanProp:(Ljava/lang/String;)Ljava/lang/Boolean;]
StandardEsapiPropertyLoader.getByteArrayProp ( String propertyName ) : byte[ ]
[mangled: org/owasp/esapi/configuration/StandardEsapiPropertyLoader.getByteArrayProp:(Ljava/lang/String;)[B]
StandardEsapiPropertyLoader.getIntProp ( String propertyName ) : int
[mangled: org/owasp/esapi/configuration/StandardEsapiPropertyLoader.getIntProp:(Ljava/lang/String;)I]
StandardEsapiPropertyLoader.getStringProp ( String propertyName ) : String
[mangled: org/owasp/esapi/configuration/StandardEsapiPropertyLoader.getStringProp:(Ljava/lang/String;)Ljava/lang/String;]
StandardEsapiPropertyLoader.loadPropertiesFromFile ( File file ) : void
[mangled: org/owasp/esapi/configuration/StandardEsapiPropertyLoader.loadPropertiesFromFile:(Ljava/io/File;)V]
StandardEsapiPropertyLoader.StandardEsapiPropertyLoader ( String filename, int priority )
[mangled: org/owasp/esapi/configuration/StandardEsapiPropertyLoader."<init>":(Ljava/lang/String;I)V]
esapi-2.1.0.1.jar,
XmlEsapiPropertyLoader.class
package org.owasp.esapi.configuration
XmlEsapiPropertyLoader.getBooleanProp ( String propertyName ) : Boolean
[mangled: org/owasp/esapi/configuration/XmlEsapiPropertyLoader.getBooleanProp:(Ljava/lang/String;)Ljava/lang/Boolean;]
XmlEsapiPropertyLoader.getByteArrayProp ( String propertyName ) : byte[ ]
[mangled: org/owasp/esapi/configuration/XmlEsapiPropertyLoader.getByteArrayProp:(Ljava/lang/String;)[B]
XmlEsapiPropertyLoader.getIntProp ( String propertyName ) : int
[mangled: org/owasp/esapi/configuration/XmlEsapiPropertyLoader.getIntProp:(Ljava/lang/String;)I]
XmlEsapiPropertyLoader.getStringProp ( String propertyName ) : String
[mangled: org/owasp/esapi/configuration/XmlEsapiPropertyLoader.getStringProp:(Ljava/lang/String;)Ljava/lang/String;]
XmlEsapiPropertyLoader.loadPropertiesFromFile ( File file ) : void
[mangled: org/owasp/esapi/configuration/XmlEsapiPropertyLoader.loadPropertiesFromFile:(Ljava/io/File;)V]
XmlEsapiPropertyLoader.XmlEsapiPropertyLoader ( String filename, int priority )
[mangled: org/owasp/esapi/configuration/XmlEsapiPropertyLoader."<init>":(Ljava/lang/String;I)V]
to the top
Removed Methods (4)
esapi-2.0.1.jar,
Encryptor.class
package org.owasp.esapi
Encryptor.decrypt ( String p1 ) [abstract] : String *DEPRECATED*
[mangled: org/owasp/esapi/Encryptor.decrypt:(Ljava/lang/String;)Ljava/lang/String;]
Encryptor.encrypt ( String p1 ) [abstract] : String *DEPRECATED*
[mangled: org/owasp/esapi/Encryptor.encrypt:(Ljava/lang/String;)Ljava/lang/String;]
esapi-2.0.1.jar,
JavaEncryptor.class
package org.owasp.esapi.reference.crypto
JavaEncryptor.decrypt ( String b64IVCiphertext ) : String *DEPRECATED*
[mangled: org/owasp/esapi/reference/crypto/JavaEncryptor.decrypt:(Ljava/lang/String;)Ljava/lang/String;]
JavaEncryptor.encrypt ( String plaintext ) : String *DEPRECATED*
[mangled: org/owasp/esapi/reference/crypto/JavaEncryptor.encrypt:(Ljava/lang/String;)Ljava/lang/String;]
to the top
Problems with Data Types, High Severity (4)
esapi-2.0.1.jar
package org.owasp.esapi
[+] Encryptor (2)
| Change | Effect |
|---|
| 1 | Abstract method Encryptor.decrypt ( String ) has been removed from this interface. | Recompilation of a client program may be terminated with the message: cannot find method decrypt ( String ) in interface Encryptor. |
| 2 | Abstract method Encryptor.encrypt ( String ) has been removed from this interface. | Recompilation of a client program may be terminated with the message: cannot find method encrypt ( String ) in interface Encryptor. |
[+] affected methods: 15 (0.9%)
Encryptor.decrypt ( SecretKey p1, CipherText p2 )This abstract method is from 'Encryptor' interface.
Encryptor.decrypt ( CipherText p1 )This abstract method is from 'Encryptor' interface.
Encryptor.encrypt ( SecretKey p1, PlainText p2 )This abstract method is from 'Encryptor' interface.
Encryptor.encrypt ( PlainText p1 )This abstract method is from 'Encryptor' interface.
Encryptor.getRelativeTimeStamp ( long p1 )This abstract method is from 'Encryptor' interface.
Encryptor.getTimeStamp ( )This abstract method is from 'Encryptor' interface.
Encryptor.hash ( String p1, String p2 )This abstract method is from 'Encryptor' interface.
Encryptor.hash ( String p1, String p2, int p3 )This abstract method is from 'Encryptor' interface.
Encryptor.seal ( String p1, long p2 )This abstract method is from 'Encryptor' interface.
ESAPI.encryptor ( )Return value of this method has type 'Encryptor'.
...
[+] SecurityConfiguration (1)
| Change | Effect |
|---|
| 1 | Added super-interface configuration.EsapiPropertyLoader. | Recompilation of a client program may be terminated with the message: a client class C is not abstract and does not override abstract method in configuration.EsapiPropertyLoader. |
[+] affected methods: 70 (4.2%)
ESAPI.override ( SecurityConfiguration config )1st parameter 'config' of this method has type 'SecurityConfiguration'.
ESAPI.securityConfiguration ( )Return value of this method has type 'SecurityConfiguration'.
SecurityConfiguration.getAccessControlImplementation ( )This abstract method is from 'SecurityConfiguration' interface.
SecurityConfiguration.getAdditionalAllowedCipherModes ( )This abstract method is from 'SecurityConfiguration' interface.
SecurityConfiguration.getAllowedExecutables ( )This abstract method is from 'SecurityConfiguration' interface.
SecurityConfiguration.getAllowedFileExtensions ( )This abstract method is from 'SecurityConfiguration' interface.
SecurityConfiguration.getAllowedFileUploadSize ( )This abstract method is from 'SecurityConfiguration' interface.
SecurityConfiguration.getAllowedLoginAttempts ( )This abstract method is from 'SecurityConfiguration' interface.
SecurityConfiguration.getAllowMixedEncoding ( )This abstract method is from 'SecurityConfiguration' interface.
SecurityConfiguration.getAllowMultipleEncoding ( )This abstract method is from 'SecurityConfiguration' interface.
...
esapi-2.0.1.jar
package org.owasp.esapi.reference
[+] DefaultSecurityConfiguration (1)
| Change | Effect |
|---|
| 1 | Field RESOURCE_FILE has been renamed to DEFAULT_RESOURCE_FILE. | Recompilation of a client program may be terminated with the message: cannot find variable RESOURCE_FILE in DefaultSecurityConfiguration. |
[+] affected methods: 78 (4.7%)
DefaultSecurityConfiguration.DefaultSecurityConfiguration ( )This constructor is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.DefaultSecurityConfiguration ( Properties properties )This constructor is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAccessControlImplementation ( )This method is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAdditionalAllowedCipherModes ( )This method is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAllowedExecutables ( )This method is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAllowedFileExtensions ( )This method is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAllowedFileUploadSize ( )This method is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAllowedLoginAttempts ( )This method is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAllowMixedEncoding ( )This method is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAllowMultipleEncoding ( )This method is from 'DefaultSecurityConfiguration' class.
...
to the top
Problems with Data Types, Medium Severity (1)
esapi-2.0.1.jar
package org.owasp.esapi.errors
[+] IntrusionException (1)
| Change | Effect |
|---|
| 1 | Superclass has been changed from java.lang.RuntimeException to EnterpriseSecurityRuntimeException. | 1) Recompilation of a client program may be terminated with the message: cannot find variable (or method) in IntrusionException. 2) A static field from a super-interface of a client class may hide a field (with the same name) inherited from new super-class. Recompilation of a client class may be terminated with the message: reference to variable is ambiguous. |
[+] affected methods: 4 (0.2%)
IntrusionException.IntrusionException ( String userMessage, String logMessage )This constructor is from 'IntrusionException' class.
IntrusionException.IntrusionException ( String userMessage, String logMessage, Throwable cause )This constructor is from 'IntrusionException' class.
IntrusionException.getLogMessage ( )This method is from 'IntrusionException' class.
IntrusionException.getUserMessage ( )This method is from 'IntrusionException' class.
to the top
Other Changes in Data Types (2)
esapi-2.0.1.jar
package org.owasp.esapi.crypto
[+] KeyDerivationFunction (1)
| Change | Effect |
|---|
| 1 | Field originalVersion has been added to this class. | No effect. |
[+] affected methods: 12 (0.7%)
KeyDerivationFunction.KeyDerivationFunction ( )This constructor is from 'KeyDerivationFunction' class.
KeyDerivationFunction.KeyDerivationFunction ( KeyDerivationFunction.PRF_ALGORITHMS prfAlg )This constructor is from 'KeyDerivationFunction' class.
KeyDerivationFunction.computeDerivedKey ( SecretKey keyDerivationKey, int keySize, String purpose )This method is from 'KeyDerivationFunction' class.
KeyDerivationFunction.convertIntToPRF ( int selection )This method is from 'KeyDerivationFunction' class.
KeyDerivationFunction.convertNameToPRF ( String prfAlgName )This method is from 'KeyDerivationFunction' class.
KeyDerivationFunction.getContext ( )This method is from 'KeyDerivationFunction' class.
KeyDerivationFunction.getPRFAlgName ( )This method is from 'KeyDerivationFunction' class.
KeyDerivationFunction.getVersion ( )This method is from 'KeyDerivationFunction' class.
KeyDerivationFunction.isValidPRF ( String prfAlgName )This method is from 'KeyDerivationFunction' class.
KeyDerivationFunction.main ( String[ ] args )This method is from 'KeyDerivationFunction' class.
...
esapi-2.0.1.jar
package org.owasp.esapi.reference
[+] DefaultSecurityConfiguration (1)
| Change | Effect |
|---|
| 1 | Field VALIDATION_PROPERTIES_MULTIVALUED has been added to this class. | No effect. |
[+] affected methods: 78 (4.7%)
DefaultSecurityConfiguration.DefaultSecurityConfiguration ( )This constructor is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.DefaultSecurityConfiguration ( Properties properties )This constructor is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAccessControlImplementation ( )This method is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAdditionalAllowedCipherModes ( )This method is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAllowedExecutables ( )This method is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAllowedFileExtensions ( )This method is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAllowedFileUploadSize ( )This method is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAllowedLoginAttempts ( )This method is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAllowMixedEncoding ( )This method is from 'DefaultSecurityConfiguration' class.
DefaultSecurityConfiguration.getAllowMultipleEncoding ( )This method is from 'DefaultSecurityConfiguration' class.
...
to the top
Java ARchives (1)
esapi-2.0.1.jar
to the top