refactor(dynamic): add multi-method support to RouteShape, update framework bindings, and improve test coverage

tests/dynamic_fixtures/message_handler/kafka_java/Benign.java

@@ -1,8 +1,11 @@
 // Phase 20 (Track M.2) — Kafka Java benign control.
-// `org.springframework.kafka` adapter marker preserved.
+
+import org.springframework.kafka.annotation.KafkaListener;
+
 public class Benign {
     public Benign() {}
 
+    @KafkaListener(topics = "orders")
     public void onMessage(String body) throws Exception {
         new ProcessBuilder("echo", body).inheritIO().start().waitFor();
     }

tests/dynamic_fixtures/message_handler/kafka_java/Vuln.java

@@ -1,13 +1,11 @@
 // Phase 20 (Track M.2) — Kafka Java vuln fixture.
-//
-// Marker line so the kafka-java framework adapter binds:
-// `org.springframework.kafka` consumer entry point.  Annotation is
-// elided so javac compiles without the Spring jar; the dynamic harness
-// invokes onMessage reflectively.
+
+import org.springframework.kafka.annotation.KafkaListener;
 
 public class Vuln {
     public Vuln() {}
 
+    @KafkaListener(topics = "orders")
     public void onMessage(String body) throws Exception {
         // SINK: tainted body concatenated into shell command
         new ProcessBuilder("sh", "-c", "echo " + body).inheritIO().start().waitFor();

tests/dynamic_fixtures/message_handler/rabbit_java/Benign.java

@@ -1,9 +1,11 @@
 // Phase 20 (Track M.2) — RabbitMQ Java benign control.
-// `org.springframework.amqp.rabbit` adapter marker preserved.
+
+import org.springframework.amqp.rabbit.annotation.RabbitListener;
 
 public class Benign {
     public Benign() {}
 
+    @RabbitListener(queues = "work")
     public void onMessage(String messageId, String body) throws Exception {
         new ProcessBuilder("echo", body).inheritIO().start().waitFor();
     }

tests/dynamic_fixtures/message_handler/rabbit_java/Vuln.java

@@ -1,10 +1,11 @@
 // Phase 20 (Track M.2) — RabbitMQ Java vuln fixture.
-// `org.springframework.amqp.rabbit` consumer marker preserved;
-// annotation elided so javac compiles without the Spring AMQP jar.
+
+import org.springframework.amqp.rabbit.annotation.RabbitListener;
 
 public class Vuln {
     public Vuln() {}
 
+    @RabbitListener(queues = "work")
     public void onMessage(String messageId, String body) throws Exception {
         // SINK: tainted body concatenated into shell command
         new ProcessBuilder("sh", "-c", "echo " + body).inheritIO().start().waitFor();

tests/dynamic_fixtures/message_handler/sqs_java/Benign.java

@@ -1,9 +1,11 @@
 // Phase 20 (Track M.2) — SQS Java benign control.
-// `io.awspring.cloud.sqs` adapter marker preserved.
+
+import io.awspring.cloud.sqs.annotation.SqsListener;
 
 public class Benign {
     public Benign() {}
 
+    @SqsListener("jobs")
     public void handleMessage(java.util.Map<String, String> env) throws Exception {
         String body = env != null ? env.getOrDefault("Body", "") : "";
         new ProcessBuilder("echo", body).inheritIO().start().waitFor();

tests/dynamic_fixtures/message_handler/sqs_java/Vuln.java

@@ -1,10 +1,11 @@
 // Phase 20 (Track M.2) — SQS Java vuln fixture.
-// `io.awspring.cloud.sqs` consumer entry point — annotation elided so
-// javac compiles without the Spring Cloud AWS jar.
+
+import io.awspring.cloud.sqs.annotation.SqsListener;
 
 public class Vuln {
     public Vuln() {}
 
+    @SqsListener("jobs")
     public void handleMessage(java.util.Map<String, String> env) throws Exception {
         String body = env != null ? env.getOrDefault("Body", "") : "";
         // SINK: tainted Body concatenated into shell command