LLM

452 294

Softwareispronetosecurityvulnerabilities.Programanalysistoolstodetectthemhavelimitedeffectivenessinpractice.Whilelargelanguagemodels(orLLMs)haveshownimpressivecodegenerationcapabilities,theycannotdocomplexreasoningovercodetodetectsuchvulnerabilities,especiallybecausethistaskrequireswhole-repositoryanalysis.Inthiswork,weproposeIRIS,thefirstapproachthatsystematicallycombinesLLMswithstaticanalysistoperformwhole-repositoryreasoningtodetectsecurityvulnerabilities.Wecurateanewdataset,CWE-Bench-Java,comprising120manuallyvalidatedsecurityvulnerabilitiesinreal-worldJavaprojects.Theseprojectsarecomplex,withanaverageof300,000linesofcodeandamaximumofupto7million.Outof120vulnerabilitiesinCWE-Bench-Java,IRISdetects69usingGPT-4,whilethestate-of-the-artstaticanalysistoolonlydetects27.Further,IRISalsosignificantlyreducesthenumberoffalsealarms(bymorethan80%inthebestcase).

Falsenegativesduetomissingtaintspecificationsofthird-partylibraryAPIs.First,statictaintanalysispredominantlyreliesonspecificationsofthird-partylibraryAPIsassources,sinks,orsanitizers.Inpractice,developersandanalysisengineershavetomanuallycraftsuchspecificationsbasedontheirdomainknowledgeandAPIdocumentation.Thisisalaboriousanderror-proneprocessthatoftenleadstomissingspecificationsandincompleteanalysisofvulnerabilities.Further,evenifsuchspecificationsmayexistformanylibraries,theyneedtobeperiodicallyupdatedtocapturechangesinnewerversionsofsuchlibrariesandalsocovernewlibrariesthataredeveloped.

Approach.WeproposeIRIS,thefirstneuro-symbolicapproachforvulnerabilitydetectionthatcombinesthestrengthsofstaticanalysisandLLMswithoutsufferingtheirlimitations.Givenaprojecttoanalyzeforagivenvulnerabilityclass(orCWE),IRISappliesLLMsforminingCWE-specifictaintspecificationsforthird-partylibraryAPIsusedintheproject.IRISaugmentssuchspecificationswithCodeQL,astaticanalysistool,andusesittodetectsecurityvulnerabilities.OurintuitionhereisbecauseLLMshaveseennumeroususagesofsuchlibraryAPIsacrossprojects,theyhaveanunderstandingofwhichAPIsarerelevantfordifferentCWEs.

Dataset.WecurateadatasetofmanuallyvettedandcompilableJavaprojects,CWE-Bench-Java,containing120vulnerabilities(oneperproject)acrossfourcommonvulnerabilityclasses.Theprojectsinthedatasetarecomplex,containing300Klinesofcodeonaverage,and10projectswithmorethanamillionlinesofcode,makingitachallengingbenchmarkforvulnerabilitydetection.

Results.WeevaluateIRISonCWE-Bench-Javausingeightdiverseopen-andclosed-sourceLLMs.Overall,IRISobtainsthebestresultswithGPT-4,detecting69vulnerabilities,whichis42(35%)morethanCodeQL.Amongopen-sourceLLMs,DeepSeekCoder7B,despitebeingmuchsmallerthanotherLLMsperformsthebest,detecting67vulnerabilities,followedbyLlama370Bwith57vulnerabilities.Further,ourcontext-basedfilteringtechniquereducesfalsepositivealertsby80%.

Detectingthisvulnerabilityposesseveralchallenges.First,thecron-utilslibraryconsistsof13KSLOC(linesofcodeexcludingblanksandcomments),whichneedstobeanalyzedtofindthisvulnerability.Thisprocessrequiresanalyzingdataandcontrolflowacrossseveralinternalmethodsandthird-partyAPIs.Second,theanalysisneedstoidentifyrelevantsourcesandsinks.Inthiscase,thevalueparameterofthepublicisValidmethodmaycontainarbitrarystringswheninvoked,andhencemaybeasourceofmaliciousdata.Additionally,externalAPIslikebuildConstraintViolationWithTemplatecanexecutearbitraryJavaELexpressions,hencetheyshouldbetreatedassinksthatarevulnerabletoCodeInjectionattacks.Finally,theanalysisalsorequiresidentifyinganysanitizersthatblocktheflowofuntrusteddata,aswellasintuitiveunderstandingofcontextualinformationofthesourceandsinktosuppressfalsepositives.

Modernstaticanalysistools,likeCodeQL,areeffectiveattracingtaintdataflowsacrosscomplexcodebases.However,CodeQLfailstodetectthisvulnerabilityduetomissingspecifications.CodeQLincludesmanymanuallycuratedspecificationsforsourcesandsinksacrossmorethan360popularJavalibrarymodules.However,manuallyobtainingsuchspecificationsrequiressignificanthumanefforttoanalyze,specify,andvalidate.Further,evenwithperfectspecifications,CodeQLmayoftengeneratenumerousfalsepositivesduetoalackofcontextualreasoning,increasingthedeveloper’sburdenoftriagingtheresults.

Atahighlevel,IRIStakesaJavaprojectPPitalic_P,thevulnerabilityclassCCitalic_Ctodetect,andalargelanguagemodelLLM,asinputs.IRISstaticallyanalyzestheprojectPPitalic_P,checksforvulnerabilitiesspecifictoCCitalic_C,andreturnsasetofpotentialsecurityalertsAAitalic_A.EachalertisaccompaniedbyauniquecodepathfromataintsourcetoataintsinkthatisvulnerabletoCCitalic_C(i.e.,thepathisunsanitized).

Twokeychallengesintaintanalysisinclude:1)identifyingrelevanttaintspecificationsforeachclassCthatcanbemappedtosourceCsubscriptsuperscriptsource\boldsymbol{V}^{C}_{\textit{source}}bold_italic_Vstart_POSTSUPERSCRIPTitalic_Cend_POSTSUPERSCRIPTstart_POSTSUBSCRIPTsourceend_POSTSUBSCRIPT,sinkCsubscriptsuperscriptsink\boldsymbol{V}^{C}_{\textit{sink}}bold_italic_Vstart_POSTSUPERSCRIPTitalic_Cend_POSTSUPERSCRIPTstart_POSTSUBSCRIPTsinkend_POSTSUBSCRIPTforanyprojectPPitalic_P,and2)effectivelyeliminatingfalsepositivepathsinUnsanitized_Paths(Vs,Vt)Unsanitized_Pathssubscriptsubscript\textit{Unsanitized\_Paths}(V_{s},V_{t})Unsanitized_Paths(italic_Vstart_POSTSUBSCRIPTitalic_send_POSTSUBSCRIPT,italic_Vstart_POSTSUBSCRIPTitalic_tend_POSTSUBSCRIPT)identifiedbytaintanalysis.Inthefollowingsections,wediscusshowweaddresseachchallengebyleveragingLLMs.

Aprojectmayusevariousthird-partyAPIswhosespecifications(i.e.,sourceorsink)maybeunknown–reducingtheeffectivenessoftaintanalysis.Inaddition,internalAPIsmightacceptuntrustedinputfromdownstreamlibrariesaswell.Hence,ourgoalistoautomaticallyinferspecificationsforsuchAPIs.WedefineaspecificationSCsuperscriptS^{C}italic_Sstart_POSTSUPERSCRIPTitalic_Cend_POSTSUPERSCRIPTasa3-tupleT,F,R5.1ExperimentalSetupLLMselectionandCodeQLbaseline.Weselecttwoclosed-sourceLLMsfromOpenAI:GPT4(gpt-4-0125-preview)andGPT3.5(gpt-3.5-turbo-0125)forourevaluation.Wealsoselectinstruction-tunedversionsofsixstate-of-the-artopen-sourceLLMsviahuggingfaceAPI:Llama38Band70B,DeepSeekCoder7Band33B,Mistral7B,andGemma7B.Forbaseline,weuseCodeQL2.15.3anditsbuilt-inSecurityqueriesspecificallydesignedforeachCWE.

EffectivenessacrossLLMs.Outof120vulnerabilities,34arenotdetectedbyIRISwithanyLLM,78aredetectedbyatleasttwoLLMs,and10aredetectedbyall.Infact,allbutonevulnerabilitydetectedbyCodeQLcannotbedetectedbyIRISwithGPT-4.TheundetectedcaseisduetoamissingsourcespecificationrelatedtoJavaannotations,whichwecurrentlydonotsupport.Moreover,8vulnerabilitiesaredetectedbyonlyoneLLM:GPT-4(1),Mistral7B(1),DeepSeekCoder7B(4),andDeepSeekCoder33B(2).Observingonlysmalldiscrepancies,weconcludethatLLMssharealotofcommonknowledgeandaregenerallyapplicabletospecificationinference.

Continuoustaintspecificationinferenceisnecessary.Ourresultsshowthatthereisahighnumberofbothuniqueandrecurringsourcesandsinks:about900perCWEuniqueand700recurring(tablesinAppendix).Thisindicatesthatevenifpreviouslyinferredspecificationsareuseful,asignificantnumberofnewrelevantAPIsstillremainandneedtobelabeledforeffectivevulnerabilitydetection.ThisobservationstronglymotivatesthedesignofIRISthatinfersthesespecificationson-the-flyforeachprojectviaLLMs,insteadofrelyingonafixedcorpusofspecificationslikeCodeQL.

WepresentedIRIS,anovelneuro-symbolicapproachthatcombinesLLMswithstaticanalysisforvulnerabilitydetection.Wealsocuratedadataset,CWE-Bench-Java,containing120securityvulnerabilitiesacrossfourclassesinreal-worldprojects.OurexperimentalresultsshowthatIRIScansignificantlysurpassstate-of-the-artstaticanalysistools,likeCodeQL,indetectingcriticalvulnerabilities,evenwhenusingsmallerLLMs.Further,IRIS’scontextfilteringtechniquesalsodrasticallyreducethenumberoffalsepositives.Overall,ourresultsshowthateffectivelycombiningLLMswithstaticanalysisleadstomoreeffectiveanalysisandreducesthedeveloperburden.However,therearestillmanyvulnerabilitiesthatcanyetbedetectedbythisapproach.Hence,futureapproachesmayexploreatighterintegrationofthesetwotoolstofurtherimproveperformance.

Limitations.Determiningwhetheravulnerabilityisdetectedisadifficulttask.Hence,werelyonmanualvalidationtofindvulnerablemethodlocationsineachcase,limitingthesizeofCWE-Bench-Java.However,becauseeachprojectisstillquitelarge,webelieveCWE-Bench-Javawillremainachallengingbenchmarkforfutureworks.IRISmakesnumerouscallstoLLMsforspecificationinferenceandfilteringfalsepositives,increasingthepotentialcostofanalysis.However,asourresultsshow,evensmallermodels,likeLlama38BandDeepSeekCoder7B,canperformwellonthesetasksandcanbepotentiallydeployedlocallyforaproject.Foranygivenproject,thecostoflabelingwillconsolidatequicklyacrossversions,makingIRISaviablechoiceforpotentialintegrationintoCI/CDpipelines.WhileourresultsonJavabenchmarksarepromising,itisunknownifIRISwillperformwellonotherlanguages.Weplantoexplorethisfurtherinfuturework.

WhileextractingexternalAPIs,wefilteroutcommonly-usedJavalibrariesthatareunlikelytocontainanypotentialsourcesorsinks.SuchlibrariesincludetestinglibrarieslikeJUnitandHamcrestormockinglibrarieslikeMockito.Whilewefilteroutmethodsthataredefinedintheproject,wespecificallyallowmethodsthatareinheritedfromanexternalclassorinterface.AnexampleisthegetResourcemethodofthegenericclassClassinjava.langpackage,whichtakesapathasastringandaccessesafileinthemodule.Manyprojectscommonlyinheritthisclassandusethismethod.Iftheinputpathisunchecked,itmayleadtoaPath-Traversalvulnerabilityifthepathaccessesresourcesoutsidethegivenmodule.Hence,detectingsuchAPIusagesiscrucial.

Taintsourcesaretypicallyvaluesreturnedbymethodsthatobtaininputsfromexternalsources,suchasresponseofanHTTPrequestoracommandlineargument.Hence,weselectexternalAPIsthathavea“non-void”returntypeascandidatesources.AnothertypeoftaintsourcesarecommonlyseeninJavalibraries.Whenusedbydownstreamlibraries,taintedinformationmaybepassedintothelibrarythroughfunctioncalls.Therefore,wealsocollecttheformalparametersforpublicinternalfunctionassourcecandidates.Duetotheexcessiveamountofsuchcandidates,weposeafurtherconstraintthatthepublicinternalfunctionmustbedirectlyinvokedbyaunittestcasewithinthesamerepository.Here,thetestcasesareidentifiedbycheckingwhethertheresidingfilepathhassrc/testwithinit.

Ontheotherhand,taintsinksaretypicallyargumentstoanexternalAPI.Thisinvolvesexplicitarguments,suchasthecommandargumentpassedtoRuntime.exec(Stringcommand)method,andimplicitthisargumenttonon-staticfunctions,suchasthefilevariableinthefunctioncallfile.delete().ThisistheonlytypeofsinkthatweconsiderwithinIRIS.

Wenotethatthisisnottheentirestoryastheremightbeotherkindsofsourcesandsinks.Othertypesofsourcecandidatesincludetheformalparameterofprotectedbutoverriddeninternalfunctions(thereqparameterinprotectedHTTPServeletResponsedoGet(HTTPServeletRequestreq)),argumentstoanimpureexternalfunction(thebufferargumenttovoidread(byte[]buffer,intsize)),etc.Sinkcandidatesincludethereturnvalueofpublicfacingfunctions,thrownexceptions,andevenstaticmethodswithoutanyparameter(System.exit()).Duetothecomplexity,wedonottacklesuchkindofsourcesofsinksinthiswork.However,weplantoexplorefurtherinfutureworks.

WehypothesizethatsinceLLMsarepre-trainedoninternet-scaledata,theyhaveknowledgeaboutthebehaviorofwidelyusedlibrariesandtheirAPIs.Hence,itisnaturaltoaskwhetherLLMscanbeusedtoidentifyAPIsthatarerelevantassourcesorsinksforanyvulnerabilityclass.Ifsuccessful,LLMscanalleviatemanualeffort,anddrasticallyimprovetheeffectivenessofstaticanalysistools.

WeusetemplatetoconvertLLMinferredspecificationsintoCodeQLqueries.Therearethreekindsofqueries:

IncontrasttoVulDetected,computingtheprecisionoftheresultsismorechallenging.Forinstance,evenifadetectedcodepathdoesnotintersectwithafixedfileormethod,itmayactuallypointtoatruevulnerability(e.g.,adifferentCVEinthesameversion)intheproject.Moreover,evenifthereisaHence,manualanalysisisrequiredtocomputeprecision.

Finally,wemanuallycheckeachfixcommitandvalidatewhetherthecommitactuallycontainsafixtothegivenCVEinaJavafile.Forinstance,wefoundthatinsomecasesthefixisinfileswritteninotherlanguages(suchasScalaorJSP).WhilecodewritteninotherlanguagesmayflowtotheJavacomponentsintheprojectduringruntimeorviacompilation,itisnotpossibletocorrectlydetermineifstaticanalysiscancorrectlydetectsuchavulnerability.Hence,weexcludesuchCVEs.Further,weexcludecaseswherethevulnerabilitywasinadependencyandthefixwasjustaversionupgradeorifthevulnerabilitywasmis-classified.Finally,weendupwith(\star)120projectsthatweevaluatewithIRIS.Forthistask,wedividetheCVEsamongtwoco-authorsoftheproject,whoindependentlyvalidateeachcase.Theco-authorscross-checkeachother’sresultsanddiscusstogethertocomeupwiththefinallistofprojects.

WecompareCWE-Bench-JavawithexistingdatasetsforvulnerabilitydetectioninJava,C,andC++codebases,onthefollowingcriteria:

Weselecttwoclosed-sourceLLMsfromOpenAI:GPT4(gpt-4-0125-preview)andGPT3.5(gpt-3.5-turbo-0125)forourevaluation.GPT4andGPT3.5queriesusedinthepaperareperformedthroughOpenAIAPIduringAprilandMayof2024.

Wealsoselectinstruction-tunedversionsofsixstate-of-the-artopen-sourceLLMsviahuggingfaceAPI:Llama38Band70B,DeepSeekCoder7Band33B,Mistral7B,andGemma7B.Toruntheopen-sourceLLMsweusetwogroupsofmachines:a2.50GHzIntelXeonmachine,with40CPUs,fourGeForceRTX2080TiGPUs,and750GBRAM,andanother3.00GHzIntelXeonmachinewith48CPUs,8A100s,and1.5TRAM.

WeuseCodeQLversion2.15.3asthebackboneofourstaticanalysis.

ForbaselinecomparisonwithCodeQL,weusethebuilt-inSecurityqueriesspecificallydesignedforeachCWEthatcomeswithCodeQL2.15.3.NotethattherearemultiplesecurityqueriesforeachCWE,andeachproducealarmsofdifferentlevels(error,warning,andrecommendation).ForeachCWE,wetaketheunionofalertsgeneratedbyallqueriesanddonotdifferentiatebetweenalarmsofdifferentlevels.Forinstance,thereare3queriesfromCodeQLfordetectingCWE-22vulnerabilities,namelyTaintedPath,TaintedPathLocal,andZipSlip.WhileTaintedPathandZipSlipproduceerrorlevelalarms,TaintedPathLocalproducesonlyalarmrecommendations.ToCodeQL’sadvantage,allalarmsaretreatedequallyinourcomparisons.

DuringIRIS,wehave2promptsthatareusedtolabelexternalandinternalAPIs.RecallthatthepromptscontainbatchedAPIs.Weusebatchsizeof20and30forinternalandexternal,respectively.Intermsoffew-shotexamplespassedtolabelingexternalAPIs,weuse4examplesforCWE-22,3examplesforCWE-78,3examplesforCWE-79,and3examplesforCWE-94.Weuseatemperatureof0,maximumtokensto2048,andtop-pof1forinferencewithalltheLLMs.ForGPT3.5andGPT4,wealsofixaseedtomitigaterandomnessasmuchaspossible.

Weincludethefulltablecontainingstatisticstoprovidemoredetailsaboutprojectsandouranalysis(TableLABEL:tab:longtable).Foreachproject,wepresentitscorrespondingCWEID,thelines-of-code(SLOC),thetimeittakestorunthefullanalysis,thenumbercandidateAPIsandthenumberoflabeledsourceandsinksbyLlama38B.Wealsocolorcodecellsofinterest:ForSLOC,wemarkacellasredif>>>1M;yellowif>>>100k.ForTime,wemarkacellasredif≥\geq≥1h;yellowif≥\geq≥5m.Forthenumberofcandidates,wemarkacellasredif>>>10k.Lastlyforsourcesandsinks,wemarkacellasredifthenumberislargerthan200.

THE END

Android3.0PlatformAndroidDevelopers

c++CCMake编译错误(/usr/bin/ld:找不到<LIBRARYNAME>)

HowtostructureaZendFrameworkapplicationanditsdependenciesinThink

LLM

SnapPatentInteractingwithvisualcodeswithinmessagingsystem

1.FtcRobotControllerFIRSTTechChallengeFixes the "Download" context menu item for external libraries in the OnBotJava interface. Fixes issue where Driver Station telemetry would intermittently freeze when set to Monospace mode. Fixes performance regression for certain REV Hub operations that was introduced in version 8.2. https://mygit.osfipin.com/repository/296471971
2.LibrariesIntelliJIDEADocumentationTo view external library documentation, configure the documentation URL first. In the Project Structure dialog CtrlAltShift0S, select Libraries. Select the necessary library, click the icon and enter the external documentation URL. Apply the changes and close the dialog. Add library documentation tohttps://www.jetbrains.com/idea/webhelp/library.html
3.CommonRpmlintissues::FedoraDocsPublic libraries are libs expected to be used by other packages. Other libraries e.g., plugins and functionality internal to the package are private. We have four cases: The library is public. Inform upstream about the issue and propose that they add or fix versioning, possibly by sending ahttps://fedoraproject.org/wiki/Common_Rpmlint_issues
4.ideatomcat设置环境变量,rpa,机器人,自动化四、导入 Tomcat 的 jar 包五、动态更新网页当上面都做完后,还是发现:我们发现在 External Libraries 中并没有 Tomcat 的 jar 包在blog.csdn.net上查看更多信息更多内容请查看https://blog.csdn.net/Ice__Clean/article/details/116329031 腾讯云idea配置tomcat以及环境变量「建议收藏」-腾讯云开发者社区 2022年8月https://www.wdlinux.cn/html/fuwuqi/20241210/23710.html
5.miktex报错:Error:TheremotepackagerepositoryisnotregisteredSource: Libraries\MiKTeX\PackageManager\RestRemoteService.cpp:275 Error: The remote package repository is not registered. You have to choose another repository. Details: url: https://mirrors.tuna.tsinghua.edu.cn/CTAN/systems/win32/miktex/tm/packages/ https://blog.csdn.net/m0_46105943/article/details/144434287
6.unityReferenceResolution找不见2,初始化DOTween全局配置,不初始化将使用默认值,后面仍可以改变初始化的配置,具体方法下步。 需要记住:如果在创建第一个Tween后才调用DOTween.Init将不会生效。 考虑到你仍然在任何时候初始化设置,可以使用全局设置。Global settings 通常,你可以在调用DOTween后链式调用DOTween.SetTweensCapacity来一同初始化可同时执行最https://blog.51cto.com/u_16099272/12789171
7.如何创建Android库以及掌握.aar文件的使用技巧?A1: 要将现有的应用模块转换为库模块,只需打开该模块的build.gradle文件,将插件从com.android.application更改为com.android.library,然后同步项目,这样,该模块就会被识别为库模块,并可以生成.aar文件供其他项目使用。 Q2: 如何确保库中的资源不被外部访问? https://www.kdun.com/ask/1395108.html
8.解决IDEA项目externallibraries依赖包消失的问题java有时候电脑重启后,再打开IDEA上的项目时会出现external libraries目录下的依赖包都消失了的情况,只剩下了一个JDK的包,本文给大家介绍了解决IDEA项目external libraries依赖包消失的办法,需要的朋友可以参考下 有时候电脑重启后,再打开IDEA上的项目时会出现external libraries目录下的依赖包都消失了的情况,只剩下了一个https://www.jb51.net/program/3160088rb.htm
9.HomeShoalhavenLibrariesChristmas & New Year Hours Update to Opening Hours Book Club Kits Multicultural Bulk Loan Service Remote Printing Santa Letters Drop your letter to Santa at your library, and Santa will send a reply! Christmas & New Year Hours Shoalhaven Libraries will be CLOSED over the Christmas and New Yearhttps://www.shoalhavenlibraries.com.au/
10.Android3.0PlatformAndroid中文APIAPI Level: 11For developers, the Android 3.0 platform is available as a downloadable component for the Android SDK. The downloadable platform includes an Android library and system image, as well as a set of emulator skins and more. The downloadable platform includes no external libraries.https://www.android-doc.com/about/versions/android-3.0.html
11.Android3.0PlatformAndroidDevelopersFor developers, the Android 3.0 platform is available as a downloadable component for the Android SDK. The downloadable platform includes an Android library and system image, as well as a set of emulator skins and more. The downloadable platform includes no external libraries. To get started dehttps://docs.huihoo.com/android/3.0/sdk/android-3.0.html
12.GitHubBillHoo/mobileUse binaries available atGithub/JCenter/CocoaPodsor build your own version with external libraries you need Supports Both Android and IOS FFmpegv3.4.x,v4.0.x,v4.1andv4.2-devreleases 27 external libraries chromaprint,fontconfig,freetype,fribidi,gmp,gnutls,kvazaar,lame,libaom,libass,libiconv,libilbc,https://github.com/BillHoo/mobile-ffmpeg
13.InstallingApacheAntAnt supports a number of optional tasks. An optional task is a task which typically requires an external library to function. The optional tasks are packaged together with the core Ant tasks. The external libraries required by each of the optional tasks is detailed in theLibrary Dependenciessectiohttp://ant.apache.org/manual/install.html
14.部署和配置适用于Mac的OneDrive同步应用<key>DisableOfflineModeForExternalLibraries</key> <integer>1</integer> 若要在 Web 上的 OneDrive 中为从其他组织共享的库和文件夹重新启用脱机模式,请使用以下示例:XML 复制 <key>DisableOfflineModeForExternalLibraries </key> <integer>0</integer> Disablehttps://support.office.com/zh-CN/article/deploy-and-configure-the-new-onedrive-sync-client-for-mac-eadddc4e-edc0-4982-9f50-2aef5038c307
15.AzureHow to configure single-core executors to run JNI libraries Learn how to configure single-core executors to run JNI libraries on Databricks LastTrouble reading external JDBC tables after upgrading from Databricks Runtime 5.5 Fail to read external JDBC tables after upgrading from Databricks Runhttps://docs.microsoft.com/zh-cn/azure/databricks/kb/libraries/install-tf21-dbr65ml
16.用户:渚花/Lua参考手册(翻译)Other extensions should use the ScribuntoExternalLibraries hook. In either case, the key should match the Lua module name ("mw.name" for libraries in Scribunto, or "mw.ext.name" for extension libraries). The Lua portion of the library sets up the table containing the functions that can http://mzh.moegirl.org/User:%E3%82%B5%E3%83%B3%E3%83%A0%E3%83%AB/Lua%E5%8F%82%E8%80%83%E6%89%8B%E5%86%8C
17.seattlepubliclibrariesSPLThe Seattle Public Library gives you 24/7 free access to books, music, movies, TV shows, classes and more.https://www.spl.org/
18.浏览器中的Python解释器。在Skulpt中使用外部模块该文章介绍了浏览器中的ECMAScript模块,包括模块的导入和导出,以及如何使用type=module和nomodule来优化https://cloud.tencent.com/developer/ask/782945/answer/1137182
19.WritingAPIexitsRequired libraries SeeExternal librariesfor a list of 32-bit and 64-bit libraries that you can use. Libraries containing "ia" have been built with the XLC 16 compiler, whilst libraries with "ca" in the name have been built with the XLC 17 compiler. https://www.ibm.com/docs/pt/ibm-mq/9.4?topic=multiplatforms-writing-api-exits
20.libxslt:AnExtendedTutorialglibc uses external libraries to perform some of its functions. Same version libraries must be present on the system we want the application to run. One way to avoid this it to use an alternative C runtime, for exampleuClibc, which requires obtaining and building a uClibc toolchain first (ifhttp://xmlsoft.org/xslt/tutorial2/libxslt_pipes.html
21.Gitee极速下载/qpdfcmake_minimum_required(VERSION 3.16) project(some-application LANGUAGES CXX) find_package(qpdf) add_executable(some-application some-application.cc) target_link_libraries(some-application qpdf::libqpdf) qpdf depends on the external librarieszlibandjpeg. Thelibjpeg-turbolibrary is also known to workhttps://gitee.com/mirrors/qpdf/
22.Index—CMake3.12.4DocumentationCMAKE_<LANG>_COMPILER_EXTERNAL_TOOLCHAIN variable, [1] CMAKE_<LANG>_COMPILER_ID variable, [1], [2], [3], [4], [5], [6], [7]CMAKE_<LANG>_IMPLICIT_LINK_LIBRARIES variable CMAKE_<LANG>_INCLUDE_WHAT_YOU_USE variable, [1], [2] CMAKE_<LANG>_LIBRARY_ARCHITECTURE variablhttps://cmake.org/cmake/help/v3.12/genindex.html
23.TheProjectGutenbergeBookof"TheRhesus",byGilbertLet us try quite a different hypothesis, and begin by [Pg vii] accepting the external evidence as true. The famous critic, Crates, of the second century B.C., happens to mention—in excuse of what he took to be a slip in the poet's astronomy—that the Rhesus of Euripides was a https://www.gutenberg.org/files/35170/35170-h/35170-h.htm
24.鸿蒙HarmonyOS应用开发者高级认证习题.docxA.端开发工程(Application)B.云开发工程(CloudProgram)C.端侧公共库(ExternalLibraries)2.HarmonyOS云开发工程创建后,会自动开通哪些服务?A.云函数B.云数据库C.云存储D.认证服务1.在Column和Row容器组件中,justiyContent用于设置子组件在主轴方向上的对齐格式,alignltems用于设置子组件在交又轴方向上的对产格式。(https://www.renrendoc.com/paper/327895599.html
25.FFTWDownloadPageIf you are interested in using a cycle counter in your own code, you can download FFTW's cycle-counter header by itself: FFTW cycle-counter code: cycle.h (ftp: cycle.h) To use it, #include "cycle.h", call the ticks t = getticks() function before and after the code you want tohttp://www.fftw.org/download.html
26.ManPageCC.1Since this might not be possible for system libraries, do not com- pile your version of malloc() with -xipo=2. As another example, suppose that you build a shared library with two external calls, foo() and bar() inside two different source files. Furthermore, suppose that bar() callshttps://docs.oracle.com/cd/E18659_01/html/821-2676/CCplusplus.1.html