From e6fa11660ff742794e4df0b89632ee2bd0d1dcfb Mon Sep 17 00:00:00 2001 From: Prabhu Subramanian Date: Thu, 21 Dec 2023 13:13:51 +0000 Subject: [PATCH] Export individual representations Signed-off-by: Prabhu Subramanian --- .github/workflows/repotests.yml | 8 +--- README.md | 4 +- build.sbt | 4 +- codemeta.json | 45 +++++++++++++++++++++ src/main/scala/io/appthreat/atom/Atom.scala | 20 +++++---- wrapper/nodejs/package-lock.json | 4 +- wrapper/nodejs/package.json | 2 +- 7 files changed, 67 insertions(+), 20 deletions(-) create mode 100644 codemeta.json diff --git a/.github/workflows/repotests.yml b/.github/workflows/repotests.yml index c6c3884..549a99e 100644 --- a/.github/workflows/repotests.yml +++ b/.github/workflows/repotests.yml @@ -135,7 +135,7 @@ jobs: ./atom.sh usages --remove-atom -o /tmp/py4.atom -l python $GITHUB_WORKSPACE/repotests/django-DefectDojo -Dlog4j.configurationFile=log4j2.xml --slice-outfile /tmp/py4.usages.json ./atom.sh usages --remove-atom -o /tmp/c3.atom -l c $GITHUB_WORKSPACE/repotests/libexpat -Dlog4j.configurationFile=log4j2.xml --slice-outfile /tmp/c.usages.json - ./atom.sh --remove-atom -o /tmp/java-sec-code.atom -l java $GITHUB_WORKSPACE/repotests/java-sec-code -Dlog4j.configurationFile=log4j2.xml --export-atom --export-dir gml_exports + ./atom.sh --remove-atom -o /tmp/java-sec-code.atom -l java $GITHUB_WORKSPACE/repotests/java-sec-code -Dlog4j.configurationFile=log4j2.xml -x --export-dir gml_exports env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} JAVA_TOOL_OPTIONS: "-Dfile.encoding=UTF-8" @@ -150,9 +150,3 @@ jobs: if: runner.os != 'Windows' env: JAVA_TOOL_OPTIONS: "-Dfile.encoding=UTF-8" - - run: | - cdxgen -t js -o $GITHUB_WORKSPACE/repotests/juice-shop/bom.json $GITHUB_WORKSPACE/repotests/juice-shop - ./atom.sh reachables --remove-atom -o /tmp/juice-shop.atom -l js $GITHUB_WORKSPACE/repotests/juice-shop -Dlog4j.configurationFile=log4j2.xml --slice-outfile /tmp/juice-shop.reachables.json - env: - JAVA_TOOL_OPTIONS: "-Dfile.encoding=UTF-8" - if: runner.os != 'Windows' diff --git a/README.md b/README.md index 55b09a1..2a2975f 100644 --- a/README.md +++ b/README.md @@ -59,7 +59,7 @@ Usage: atom [parsedeps|data-flow|usages|reachables] [options] [input] -l, --language source language --with-data-deps generate the atom with data-dependencies - defaults to `false` --remove-atom do not persist the atom file - defaults to `false` - --export-atom export the atom file with data-dependencies to graphml - defaults to `false` + -x, --export-atom export the atom file with data-dependencies to graphml - defaults to `false` --export-dir export directory. Default: atom-exports --file-filter the name of the source file to generate slices from. Uses regex. --method-name-filter @@ -140,6 +140,8 @@ The resulting graphml files could be imported into [Neo4j](https://neo4j.com/lab atom -o app.atom -l java --export-atom --export-format dot --export-dir ``` +In dot format, individual representations such as ast, cdg, and cfg would also get exported. + To also compute and include data-dependency graph (DDG) information in the exported files, pass `--with-data-deps` ```shell diff --git a/build.sbt b/build.sbt index f5fd5c9..9883b2b 100644 --- a/build.sbt +++ b/build.sbt @@ -1,9 +1,9 @@ name := "atom" ThisBuild / organization := "io.appthreat" -ThisBuild / version := "1.7.5" +ThisBuild / version := "1.8.0" ThisBuild / scalaVersion := "3.3.1" -val chenVersion = "1.0.10" +val chenVersion = "1.1.1" lazy val atom = Projects.atom diff --git a/codemeta.json b/codemeta.json new file mode 100644 index 0000000..6830ada --- /dev/null +++ b/codemeta.json @@ -0,0 +1,45 @@ +{ + "@context": "https://doi.org/10.5063/schema/codemeta-2.0", + "@type": "SoftwareSourceCode", + "license": "https://spdx.org/licenses/Apache-2.0", + "codeRepository": "git+https://github.com/AppThreat/atom.git", + "contIntegration": "https://github.com/AppThreat/atom/actions", + "downloadUrl": "https://github.com/AppThreat/atom", + "issueTracker": "https://github.com/AppThreat/atom/issues", + "name": "atom", + "version": "1.8.0", + "description": ".", + "applicationCategory": "code-analysis", + "keywords": [ + "static-analysis", + "code-analysis", + "dependency-analysis", + "code-hierarchy-analysis", + "static-slicer", + "reachability-analysis" + ], + "programmingLanguage": [ + "Scala 3", + "Node.js" + ], + "runtimePlatform": [ + "JVM" + ], + "operatingSystem": [ + "Linux", + "Windows", + "MacOS" + ], + "softwareRequirements": [ + "Java >= 21", + "Node.js >= 16" + ], + "author": [ + { + "@type": "Person", + "givenName": "Team", + "familyName": "AppThreat", + "email": "cloud@appthreat.com" + } + ] +} diff --git a/src/main/scala/io/appthreat/atom/Atom.scala b/src/main/scala/io/appthreat/atom/Atom.scala index 80133d7..789e2f8 100644 --- a/src/main/scala/io/appthreat/atom/Atom.scala +++ b/src/main/scala/io/appthreat/atom/Atom.scala @@ -44,12 +44,13 @@ object Atom: val DEFAULT_ATOM_OUT_FILE: String = if Properties.isWin || Charset.defaultCharset() != Charset.forName("UTF-8") then "app.atom" else "app.⚛" - val DEFAULT_SLICE_OUT_FILE = "slices.json" - val DEFAULT_SLICE_DEPTH = 7 - val DEFAULT_MAX_DEFS: Int = 2000 - val FRAMEWORK_INPUT_TAG: String = "framework-input" - val FRAMEWORK_OUTPUT_TAG: String = "framework-output" - val DEFAULT_EXPORT_DIR: String = "atom-exports" + val DEFAULT_SLICE_OUT_FILE = "slices.json" + val DEFAULT_SLICE_DEPTH = 7 + val DEFAULT_MAX_DEFS: Int = 2000 + val FRAMEWORK_INPUT_TAG: String = "framework-input" + val FRAMEWORK_OUTPUT_TAG: String = "framework-output" + val DEFAULT_EXPORT_DIR: String = "atom-exports" + // Possible values: graphml, dot val DEFAULT_EXPORT_FORMAT: String = "graphml" // Possible values: no-delombok, default, types-only, run-delombok private val DEFAULT_DELOMBOK_MODE: String = @@ -126,7 +127,7 @@ object Atom: case config: AtomConfig => config.withRemoveAtom(true) case _ => c ) - opt[Unit]("export-atom") + opt[Unit]('x', "export-atom") .text("export the atom file with data-dependencies to graphml - defaults to `false`") .action((_, c) => c match @@ -323,9 +324,14 @@ object Atom: _.name.startsWith("lambda") ).gml(x.exportDir) case _ => + // Export all representations ag.method.internal.filterNot(_.name.startsWith("<")).filterNot( _.name.startsWith("lambda") ).dot(x.exportDir) + // Export individual representations + ag.method.internal.filterNot(_.name.startsWith("<")).filterNot( + _.name.startsWith("lambda") + ).exportAllRepr(x.exportDir) case _: DataFlowConfig => val dataFlowSlice = sliceCpg(ag).collect { case x: DataFlowSlice => x } val atomDataFlowSliceJson = diff --git a/wrapper/nodejs/package-lock.json b/wrapper/nodejs/package-lock.json index a6b1446..1ddf965 100644 --- a/wrapper/nodejs/package-lock.json +++ b/wrapper/nodejs/package-lock.json @@ -1,12 +1,12 @@ { "name": "@appthreat/atom", - "version": "1.7.5", + "version": "1.8.0", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "@appthreat/atom", - "version": "1.7.5", + "version": "1.8.0", "license": "Apache-2.0", "dependencies": { "@babel/parser": "^7.23.6", diff --git a/wrapper/nodejs/package.json b/wrapper/nodejs/package.json index f96e513..339e131 100644 --- a/wrapper/nodejs/package.json +++ b/wrapper/nodejs/package.json @@ -1,6 +1,6 @@ { "name": "@appthreat/atom", - "version": "1.7.5", + "version": "1.8.0", "description": "Create atom (⚛) representation for your application, packages and libraries", "exports": "./index.js", "type": "module",