apisec-code-bolt 0.1.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- apisec_code_bolt/__init__.py +42 -0
- apisec_code_bolt/__main__.py +11 -0
- apisec_code_bolt/analysis/__init__.py +96 -0
- apisec_code_bolt/analysis/analyzer.py +2309 -0
- apisec_code_bolt/analysis/binding_tracker.py +341 -0
- apisec_code_bolt/analysis/call_graph.py +1197 -0
- apisec_code_bolt/analysis/call_graph_types.py +332 -0
- apisec_code_bolt/analysis/call_resolver.py +988 -0
- apisec_code_bolt/analysis/capability_tagger.py +322 -0
- apisec_code_bolt/analysis/config_scanner.py +197 -0
- apisec_code_bolt/analysis/data_flow.py +1883 -0
- apisec_code_bolt/analysis/dependency_extractor.py +959 -0
- apisec_code_bolt/analysis/flow_analysis.py +1406 -0
- apisec_code_bolt/analysis/hof_catalog.py +61 -0
- apisec_code_bolt/analysis/integration_detector.py +1399 -0
- apisec_code_bolt/analysis/literal_scanner.py +300 -0
- apisec_code_bolt/analysis/path_normalizer.py +55 -0
- apisec_code_bolt/analysis/read_site_detector.py +310 -0
- apisec_code_bolt/analysis/request_patterns.py +162 -0
- apisec_code_bolt/analysis/sensitivity_classifier.py +224 -0
- apisec_code_bolt/analysis/sink_evidence.py +333 -0
- apisec_code_bolt/analysis/url_prefix_resolver.py +338 -0
- apisec_code_bolt/cli/__init__.py +5 -0
- apisec_code_bolt/cli/exit_codes.py +17 -0
- apisec_code_bolt/cli/main.py +1069 -0
- apisec_code_bolt/cloud/__init__.py +1 -0
- apisec_code_bolt/cloud/apisec_client.py +118 -0
- apisec_code_bolt/cloud/client.py +255 -0
- apisec_code_bolt/core/__init__.py +75 -0
- apisec_code_bolt/core/config.py +528 -0
- apisec_code_bolt/core/credentials.py +65 -0
- apisec_code_bolt/core/discovery.py +433 -0
- apisec_code_bolt/core/log_format.py +115 -0
- apisec_code_bolt/core/manifest.py +1009 -0
- apisec_code_bolt/core/repo.py +280 -0
- apisec_code_bolt/core/state.py +59 -0
- apisec_code_bolt/core/telemetry.py +451 -0
- apisec_code_bolt/core/types.py +587 -0
- apisec_code_bolt/fingerprinting/__init__.py +1 -0
- apisec_code_bolt/frameworks/__init__.py +29 -0
- apisec_code_bolt/frameworks/_jwt_common.py +50 -0
- apisec_code_bolt/frameworks/auth_helpers.py +437 -0
- apisec_code_bolt/frameworks/base.py +608 -0
- apisec_code_bolt/frameworks/dotnet/__init__.py +17 -0
- apisec_code_bolt/frameworks/dotnet/_path_helpers.py +43 -0
- apisec_code_bolt/frameworks/dotnet/aspnet_plugin.py +2546 -0
- apisec_code_bolt/frameworks/dotnet/grpc_plugin.py +559 -0
- apisec_code_bolt/frameworks/dotnet/jwt_config_extractor.py +545 -0
- apisec_code_bolt/frameworks/dotnet/legacy_aspnet_plugin.py +732 -0
- apisec_code_bolt/frameworks/dotnet/refit_plugin.py +374 -0
- apisec_code_bolt/frameworks/dotnet/wcf_plugin.py +1239 -0
- apisec_code_bolt/frameworks/java/__init__.py +6 -0
- apisec_code_bolt/frameworks/java/_annotations.py +167 -0
- apisec_code_bolt/frameworks/java/_constraints.py +128 -0
- apisec_code_bolt/frameworks/java/graphql_plugin.py +287 -0
- apisec_code_bolt/frameworks/java/jaxrs_plugin.py +748 -0
- apisec_code_bolt/frameworks/java/jwt_config_extractor.py +361 -0
- apisec_code_bolt/frameworks/java/micronaut_plugin.py +1059 -0
- apisec_code_bolt/frameworks/java/spring_plugin.py +1293 -0
- apisec_code_bolt/frameworks/js/__init__.py +8 -0
- apisec_code_bolt/frameworks/js/express_plugin.py +391 -0
- apisec_code_bolt/frameworks/js/fastify_plugin.py +381 -0
- apisec_code_bolt/frameworks/js/graphql_plugin.py +198 -0
- apisec_code_bolt/frameworks/js/nestjs_plugin.py +423 -0
- apisec_code_bolt/frameworks/python/__init__.py +19 -0
- apisec_code_bolt/frameworks/python/celery_plugin.py +393 -0
- apisec_code_bolt/frameworks/python/click_plugin.py +427 -0
- apisec_code_bolt/frameworks/python/django_plugin.py +867 -0
- apisec_code_bolt/frameworks/python/fastapi/__init__.py +28 -0
- apisec_code_bolt/frameworks/python/fastapi/plugin.py +1390 -0
- apisec_code_bolt/frameworks/python/flask_plugin.py +205 -0
- apisec_code_bolt/frameworks/python/graphql_plugin.py +274 -0
- apisec_code_bolt/frameworks/python/prefect_plugin.py +251 -0
- apisec_code_bolt/frameworks/python/webhook_plugin.py +255 -0
- apisec_code_bolt/parsing/__init__.py +62 -0
- apisec_code_bolt/parsing/base.py +554 -0
- apisec_code_bolt/parsing/csharp/__init__.py +5 -0
- apisec_code_bolt/parsing/csharp/language_services.py +203 -0
- apisec_code_bolt/parsing/csharp/literals.py +72 -0
- apisec_code_bolt/parsing/csharp/parser.py +1158 -0
- apisec_code_bolt/parsing/csharp/type_resolver.py +568 -0
- apisec_code_bolt/parsing/js/__init__.py +5 -0
- apisec_code_bolt/parsing/js/language_services.py +118 -0
- apisec_code_bolt/parsing/js/parser.py +622 -0
- apisec_code_bolt/parsing/jvm/__init__.py +7 -0
- apisec_code_bolt/parsing/jvm/language_services.py +270 -0
- apisec_code_bolt/parsing/jvm/parser.py +774 -0
- apisec_code_bolt/parsing/jvm/type_resolver.py +422 -0
- apisec_code_bolt/parsing/python/__init__.py +150 -0
- apisec_code_bolt/parsing/python/cbv_extractor.py +606 -0
- apisec_code_bolt/parsing/python/constant_resolver.py +500 -0
- apisec_code_bolt/parsing/python/cross_file_resolver.py +1054 -0
- apisec_code_bolt/parsing/python/dynamic_route_detector.py +532 -0
- apisec_code_bolt/parsing/python/expression_utils.py +221 -0
- apisec_code_bolt/parsing/python/extraction_types.py +271 -0
- apisec_code_bolt/parsing/python/language_services.py +487 -0
- apisec_code_bolt/parsing/python/parameter_analyzer.py +789 -0
- apisec_code_bolt/parsing/python/parser.py +719 -0
- apisec_code_bolt/parsing/python/path_resolver.py +576 -0
- apisec_code_bolt/parsing/python/router_registry.py +806 -0
- apisec_code_bolt/parsing/python/type_resolver.py +730 -0
- apisec_code_bolt/parsing/python/visitors.py +1544 -0
- apisec_code_bolt/parsing/services.py +544 -0
- apisec_code_bolt/query/__init__.py +1 -0
- apisec_code_bolt/query/ast_cache.py +182 -0
- apisec_code_bolt/query/executor.py +283 -0
- apisec_code_bolt/query/handlers.py +832 -0
- apisec_code_bolt-0.1.0.dist-info/METADATA +230 -0
- apisec_code_bolt-0.1.0.dist-info/RECORD +111 -0
- apisec_code_bolt-0.1.0.dist-info/WHEEL +4 -0
- apisec_code_bolt-0.1.0.dist-info/entry_points.txt +2 -0
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
"""
|
|
2
|
+
apisec-code-bolt: Static analysis probe for extracting architectural metadata.
|
|
3
|
+
|
|
4
|
+
This package provides tools for analyzing codebases to extract architectural
|
|
5
|
+
information (routes, data flows, authentication patterns) without sending
|
|
6
|
+
raw source code outside the customer's environment.
|
|
7
|
+
"""
|
|
8
|
+
|
|
9
|
+
__version__ = "0.1.0"
|
|
10
|
+
__author__ = "APIsec"
|
|
11
|
+
|
|
12
|
+
from .core.config import CodeBoltConfig, load_config
|
|
13
|
+
from .core.manifest import Manifest
|
|
14
|
+
from .core.types import (
|
|
15
|
+
AuthSchemeType,
|
|
16
|
+
CodeLocation,
|
|
17
|
+
Confidence,
|
|
18
|
+
Framework,
|
|
19
|
+
HttpMethod,
|
|
20
|
+
Language,
|
|
21
|
+
OriginType,
|
|
22
|
+
QualifiedName,
|
|
23
|
+
)
|
|
24
|
+
|
|
25
|
+
__all__ = [
|
|
26
|
+
# Version
|
|
27
|
+
"__version__",
|
|
28
|
+
# Types
|
|
29
|
+
"Language",
|
|
30
|
+
"Framework",
|
|
31
|
+
"OriginType",
|
|
32
|
+
"AuthSchemeType",
|
|
33
|
+
"HttpMethod",
|
|
34
|
+
"CodeLocation",
|
|
35
|
+
"QualifiedName",
|
|
36
|
+
"Confidence",
|
|
37
|
+
# Config
|
|
38
|
+
"CodeBoltConfig",
|
|
39
|
+
"load_config",
|
|
40
|
+
# Output
|
|
41
|
+
"Manifest",
|
|
42
|
+
]
|
|
@@ -0,0 +1,96 @@
|
|
|
1
|
+
"""Analysis modules for call graph, data flow, and fingerprinting."""
|
|
2
|
+
|
|
3
|
+
from ..core.types import OriginType
|
|
4
|
+
from .analyzer import AnalysisResult, ProjectAnalyzer, analyze_project
|
|
5
|
+
from .call_graph import (
|
|
6
|
+
PYTHON_BUILTINS,
|
|
7
|
+
# Helpers
|
|
8
|
+
BindingTracker,
|
|
9
|
+
CallContext,
|
|
10
|
+
CallContextAnalyzer,
|
|
11
|
+
CallGraph,
|
|
12
|
+
# Builder
|
|
13
|
+
CallGraphBuilder,
|
|
14
|
+
CallGraphEdge,
|
|
15
|
+
# Node and Edge types
|
|
16
|
+
CallGraphNode,
|
|
17
|
+
CallResolver,
|
|
18
|
+
DecoratorAnalyzer,
|
|
19
|
+
EdgeType,
|
|
20
|
+
LambdaClosureTracker,
|
|
21
|
+
NodeType,
|
|
22
|
+
ResolutionConfidence,
|
|
23
|
+
TypeBinding,
|
|
24
|
+
build_call_graph,
|
|
25
|
+
build_call_graph_with_context,
|
|
26
|
+
)
|
|
27
|
+
from .data_flow import (
|
|
28
|
+
DataFlow,
|
|
29
|
+
DataFlowAnalyzer,
|
|
30
|
+
FlowStep,
|
|
31
|
+
SourceIdentifier,
|
|
32
|
+
TaintedValue,
|
|
33
|
+
# Analyzers
|
|
34
|
+
TaintPropagator,
|
|
35
|
+
Transformation,
|
|
36
|
+
analyze_data_flow,
|
|
37
|
+
)
|
|
38
|
+
from .flow_analysis import (
|
|
39
|
+
CallSiteContext,
|
|
40
|
+
CFGNode,
|
|
41
|
+
CFGNodeType,
|
|
42
|
+
# CFG
|
|
43
|
+
ControlFlowGraph,
|
|
44
|
+
Definition,
|
|
45
|
+
# Flow-sensitive bindings
|
|
46
|
+
FlowSensitiveBindings,
|
|
47
|
+
# Reaching definitions
|
|
48
|
+
ReachingDefinitions,
|
|
49
|
+
ReturnInfo,
|
|
50
|
+
build_flow_sensitive_bindings,
|
|
51
|
+
)
|
|
52
|
+
|
|
53
|
+
__all__ = [
|
|
54
|
+
# Analyzer
|
|
55
|
+
"ProjectAnalyzer",
|
|
56
|
+
"AnalysisResult",
|
|
57
|
+
"analyze_project",
|
|
58
|
+
# Data Flow
|
|
59
|
+
"OriginType",
|
|
60
|
+
"TaintedValue",
|
|
61
|
+
"FlowStep",
|
|
62
|
+
"Transformation",
|
|
63
|
+
"DataFlow",
|
|
64
|
+
"TaintPropagator",
|
|
65
|
+
"SourceIdentifier",
|
|
66
|
+
"DataFlowAnalyzer",
|
|
67
|
+
"analyze_data_flow",
|
|
68
|
+
# Call Graph
|
|
69
|
+
"CallGraphBuilder",
|
|
70
|
+
"CallGraph",
|
|
71
|
+
"build_call_graph",
|
|
72
|
+
"build_call_graph_with_context",
|
|
73
|
+
"CallGraphNode",
|
|
74
|
+
"CallGraphEdge",
|
|
75
|
+
"NodeType",
|
|
76
|
+
"EdgeType",
|
|
77
|
+
"ResolutionConfidence",
|
|
78
|
+
"CallContext",
|
|
79
|
+
"BindingTracker",
|
|
80
|
+
"CallResolver",
|
|
81
|
+
"TypeBinding",
|
|
82
|
+
"DecoratorAnalyzer",
|
|
83
|
+
"LambdaClosureTracker",
|
|
84
|
+
"CallContextAnalyzer",
|
|
85
|
+
"PYTHON_BUILTINS",
|
|
86
|
+
# Flow Analysis
|
|
87
|
+
"ControlFlowGraph",
|
|
88
|
+
"CFGNode",
|
|
89
|
+
"CFGNodeType",
|
|
90
|
+
"Definition",
|
|
91
|
+
"ReturnInfo",
|
|
92
|
+
"CallSiteContext",
|
|
93
|
+
"ReachingDefinitions",
|
|
94
|
+
"FlowSensitiveBindings",
|
|
95
|
+
"build_flow_sensitive_bindings",
|
|
96
|
+
]
|