Extending JeSS

 

When JeSS scans a file it first produces an AST.  JeSS then searches this AST for problematic code structures using the visitor pattern.  A visitor is passed to the root of the AST and it searches for the signature of security bugs.  Each security bug is scanned for using a separate visitor.  This structure allows JeSS to be easily extended, to scan for new security bugs simply introduce a new visitor of the appropriate type.