apisec-code-bolt 0.1.0__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- apisec_code_bolt-0.1.0/.gitignore +54 -0
- apisec_code_bolt-0.1.0/PKG-INFO +230 -0
- apisec_code_bolt-0.1.0/README.md +184 -0
- apisec_code_bolt-0.1.0/pyproject.toml +150 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/__init__.py +42 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/__main__.py +11 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/__init__.py +96 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/analyzer.py +2309 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/binding_tracker.py +341 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/call_graph.py +1197 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/call_graph_types.py +332 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/call_resolver.py +988 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/capability_tagger.py +322 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/config_scanner.py +197 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/data_flow.py +1883 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/dependency_extractor.py +959 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/flow_analysis.py +1406 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/hof_catalog.py +61 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/integration_detector.py +1399 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/literal_scanner.py +300 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/path_normalizer.py +55 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/read_site_detector.py +310 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/request_patterns.py +162 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/sensitivity_classifier.py +224 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/sink_evidence.py +333 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/url_prefix_resolver.py +338 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/cli/__init__.py +5 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/cli/exit_codes.py +17 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/cli/main.py +1069 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/cloud/__init__.py +1 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/cloud/apisec_client.py +118 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/cloud/client.py +255 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/core/__init__.py +75 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/core/config.py +528 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/core/credentials.py +65 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/core/discovery.py +433 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/core/log_format.py +115 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/core/manifest.py +1009 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/core/repo.py +280 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/core/state.py +59 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/core/telemetry.py +451 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/core/types.py +587 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/fingerprinting/__init__.py +1 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/__init__.py +29 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/_jwt_common.py +50 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/auth_helpers.py +437 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/base.py +608 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/dotnet/__init__.py +17 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/dotnet/_path_helpers.py +43 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/dotnet/aspnet_plugin.py +2546 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/dotnet/grpc_plugin.py +559 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/dotnet/jwt_config_extractor.py +545 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/dotnet/legacy_aspnet_plugin.py +732 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/dotnet/refit_plugin.py +374 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/dotnet/wcf_plugin.py +1239 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/java/__init__.py +6 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/java/_annotations.py +167 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/java/_constraints.py +128 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/java/graphql_plugin.py +287 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/java/jaxrs_plugin.py +748 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/java/jwt_config_extractor.py +361 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/java/micronaut_plugin.py +1059 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/java/spring_plugin.py +1293 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/js/__init__.py +8 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/js/express_plugin.py +391 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/js/fastify_plugin.py +381 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/js/graphql_plugin.py +198 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/js/nestjs_plugin.py +423 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/python/__init__.py +19 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/python/celery_plugin.py +393 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/python/click_plugin.py +427 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/python/django_plugin.py +867 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/python/fastapi/__init__.py +28 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/python/fastapi/plugin.py +1390 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/python/flask_plugin.py +205 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/python/graphql_plugin.py +274 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/python/prefect_plugin.py +251 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/python/webhook_plugin.py +255 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/__init__.py +62 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/base.py +554 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/csharp/__init__.py +5 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/csharp/language_services.py +203 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/csharp/literals.py +72 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/csharp/parser.py +1158 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/csharp/type_resolver.py +568 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/js/__init__.py +5 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/js/language_services.py +118 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/js/parser.py +622 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/jvm/__init__.py +7 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/jvm/language_services.py +270 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/jvm/parser.py +774 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/jvm/type_resolver.py +422 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/python/__init__.py +150 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/python/cbv_extractor.py +606 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/python/constant_resolver.py +500 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/python/cross_file_resolver.py +1054 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/python/dynamic_route_detector.py +532 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/python/expression_utils.py +221 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/python/extraction_types.py +271 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/python/language_services.py +487 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/python/parameter_analyzer.py +789 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/python/parser.py +719 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/python/path_resolver.py +576 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/python/router_registry.py +806 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/python/type_resolver.py +730 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/python/visitors.py +1544 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/services.py +544 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/query/__init__.py +1 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/query/ast_cache.py +182 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/query/executor.py +283 -0
- apisec_code_bolt-0.1.0/src/apisec_code_bolt/query/handlers.py +832 -0
- apisec_code_bolt-0.1.0/tests/conftest.py +120 -0
- apisec_code_bolt-0.1.0/tests/fixtures/dep_files/Cargo.toml +12 -0
- apisec_code_bolt-0.1.0/tests/fixtures/dep_files/Pipfile +17 -0
- apisec_code_bolt-0.1.0/tests/fixtures/dep_files/build.gradle +21 -0
- apisec_code_bolt-0.1.0/tests/fixtures/dep_files/build.gradle.kts +14 -0
- apisec_code_bolt-0.1.0/tests/fixtures/dep_files/go.mod +11 -0
- apisec_code_bolt-0.1.0/tests/fixtures/dep_files/package.json +13 -0
- apisec_code_bolt-0.1.0/tests/fixtures/dep_files/pom.xml +59 -0
- apisec_code_bolt-0.1.0/tests/fixtures/dep_files/pyproject_pep621.toml +12 -0
- apisec_code_bolt-0.1.0/tests/fixtures/dep_files/pyproject_poetry.toml +16 -0
- apisec_code_bolt-0.1.0/tests/fixtures/dep_files/requirements-dev.txt +4 -0
- apisec_code_bolt-0.1.0/tests/fixtures/dep_files/requirements.txt +9 -0
- apisec_code_bolt-0.1.0/tests/fixtures/dep_files/setup.cfg +15 -0
- apisec_code_bolt-0.1.0/tests/fixtures/dep_files/setup.py +15 -0
- apisec_code_bolt-0.1.0/tests/fixtures/sample_django/urls.py +14 -0
- apisec_code_bolt-0.1.0/tests/fixtures/sample_django/views.py +48 -0
- apisec_code_bolt-0.1.0/tests/fixtures/sample_express/app.ts +13 -0
- apisec_code_bolt-0.1.0/tests/fixtures/sample_express/middleware/authenticate.ts +15 -0
- apisec_code_bolt-0.1.0/tests/fixtures/sample_express/routes/auth.ts +9 -0
- apisec_code_bolt-0.1.0/tests/fixtures/sample_express/routes/users.ts +14 -0
- apisec_code_bolt-0.1.0/tests/fixtures/sample_fastapi/main.py +228 -0
- apisec_code_bolt-0.1.0/tests/fixtures/sample_fastapi/routes/__init__.py +5 -0
- apisec_code_bolt-0.1.0/tests/fixtures/sample_fastapi/routes/users.py +119 -0
- apisec_code_bolt-0.1.0/tests/fixtures/sample_fastapi/services/__init__.py +5 -0
- apisec_code_bolt-0.1.0/tests/fixtures/sample_fastapi/services/user_service.py +52 -0
- apisec_code_bolt-0.1.0/tests/fixtures/sample_flask/app.py +44 -0
- apisec_code_bolt-0.1.0/tests/fixtures/sample_nestjs/auth.controller.ts +23 -0
- apisec_code_bolt-0.1.0/tests/fixtures/sample_nestjs/roles.decorator.ts +2 -0
- apisec_code_bolt-0.1.0/tests/fixtures/sample_nestjs/roles.guard.ts +14 -0
- apisec_code_bolt-0.1.0/tests/fixtures/sample_nestjs/users.controller.ts +49 -0
- apisec_code_bolt-0.1.0/tests/fixtures/sample_spring_boot/src/main/java/com/example/demo/config/SecurityConfig.java +41 -0
- apisec_code_bolt-0.1.0/tests/fixtures/sample_spring_boot/src/main/java/com/example/demo/controller/UserController.java +47 -0
- apisec_code_bolt-0.1.0/tests/fixtures/sample_spring_boot/src/main/java/com/example/demo/model/User.java +29 -0
- apisec_code_bolt-0.1.0/tests/fixtures/sample_spring_boot/src/main/java/com/example/demo/service/UserService.java +36 -0
- apisec_code_bolt-0.1.0/tests/fixtures/sample_spring_boot/src/main/resources/application.properties +7 -0
- apisec_code_bolt-0.1.0/tests/fixtures/vuln_spring_boot/VULNERABILITIES.md +86 -0
- apisec_code_bolt-0.1.0/tests/fixtures/vuln_spring_boot/src/main/java/com/example/vulnapi/config/SecurityConfig.java +61 -0
- apisec_code_bolt-0.1.0/tests/fixtures/vuln_spring_boot/src/main/java/com/example/vulnapi/controller/AdminController.java +55 -0
- apisec_code_bolt-0.1.0/tests/fixtures/vuln_spring_boot/src/main/java/com/example/vulnapi/controller/OrderController.java +60 -0
- apisec_code_bolt-0.1.0/tests/fixtures/vuln_spring_boot/src/main/java/com/example/vulnapi/controller/UserController.java +74 -0
- apisec_code_bolt-0.1.0/tests/fixtures/vuln_spring_boot/src/main/java/com/example/vulnapi/model/Order.java +35 -0
- apisec_code_bolt-0.1.0/tests/fixtures/vuln_spring_boot/src/main/java/com/example/vulnapi/model/User.java +49 -0
- apisec_code_bolt-0.1.0/tests/fixtures/vuln_spring_boot/src/main/java/com/example/vulnapi/service/OrderService.java +38 -0
- apisec_code_bolt-0.1.0/tests/fixtures/vuln_spring_boot/src/main/java/com/example/vulnapi/service/UserService.java +54 -0
- apisec_code_bolt-0.1.0/tests/fixtures/vuln_spring_boot/src/main/resources/application.properties +6 -0
- apisec_code_bolt-0.1.0/tests/integration/__init__.py +1 -0
- apisec_code_bolt-0.1.0/tests/integration/test_cli.py +116 -0
- apisec_code_bolt-0.1.0/tests/integration/test_django_analysis.py +147 -0
- apisec_code_bolt-0.1.0/tests/integration/test_express_analysis.py +121 -0
- apisec_code_bolt-0.1.0/tests/integration/test_fastapi_analysis.py +466 -0
- apisec_code_bolt-0.1.0/tests/integration/test_flask_analysis.py +61 -0
- apisec_code_bolt-0.1.0/tests/integration/test_nestjs_analysis.py +146 -0
- apisec_code_bolt-0.1.0/tests/integration/test_spring_boot_analysis.py +442 -0
- apisec_code_bolt-0.1.0/tests/test_query/__init__.py +0 -0
- apisec_code_bolt-0.1.0/tests/test_query/fixtures/sample_app.py +52 -0
- apisec_code_bolt-0.1.0/tests/test_query/test_executor.py +132 -0
- apisec_code_bolt-0.1.0/tests/test_query/test_handlers.py +310 -0
- apisec_code_bolt-0.1.0/tests/unit/__init__.py +1 -0
- apisec_code_bolt-0.1.0/tests/unit/test_aspnet_plugin.py +2730 -0
- apisec_code_bolt-0.1.0/tests/unit/test_benchmark_audit.py +199 -0
- apisec_code_bolt-0.1.0/tests/unit/test_benchmark_run.py +311 -0
- apisec_code_bolt-0.1.0/tests/unit/test_call_graph.py +858 -0
- apisec_code_bolt-0.1.0/tests/unit/test_cbv_extractor.py +296 -0
- apisec_code_bolt-0.1.0/tests/unit/test_config.py +137 -0
- apisec_code_bolt-0.1.0/tests/unit/test_constant_resolver.py +393 -0
- apisec_code_bolt-0.1.0/tests/unit/test_cross_file_resolver.py +314 -0
- apisec_code_bolt-0.1.0/tests/unit/test_csharp_literals.py +123 -0
- apisec_code_bolt-0.1.0/tests/unit/test_csharp_type_resolver.py +390 -0
- apisec_code_bolt-0.1.0/tests/unit/test_data_flow.py +522 -0
- apisec_code_bolt-0.1.0/tests/unit/test_dependency_parsing.py +532 -0
- apisec_code_bolt-0.1.0/tests/unit/test_discovery.py +224 -0
- apisec_code_bolt-0.1.0/tests/unit/test_django_plugin.py +658 -0
- apisec_code_bolt-0.1.0/tests/unit/test_dynamic_routes.py +265 -0
- apisec_code_bolt-0.1.0/tests/unit/test_express_nestjs_plugin.py +754 -0
- apisec_code_bolt-0.1.0/tests/unit/test_fastapi_plugin.py +385 -0
- apisec_code_bolt-0.1.0/tests/unit/test_fastify_plugin.py +404 -0
- apisec_code_bolt-0.1.0/tests/unit/test_flow_analysis.py +308 -0
- apisec_code_bolt-0.1.0/tests/unit/test_graphql_plugin.py +566 -0
- apisec_code_bolt-0.1.0/tests/unit/test_grpc_plugin.py +510 -0
- apisec_code_bolt-0.1.0/tests/unit/test_instrumentation.py +435 -0
- apisec_code_bolt-0.1.0/tests/unit/test_integration_detection.py +1161 -0
- apisec_code_bolt-0.1.0/tests/unit/test_java_parser.py +517 -0
- apisec_code_bolt-0.1.0/tests/unit/test_jaxrs_plugin.py +421 -0
- apisec_code_bolt-0.1.0/tests/unit/test_js_graphql_plugin.py +480 -0
- apisec_code_bolt-0.1.0/tests/unit/test_jwt_config_extraction.py +450 -0
- apisec_code_bolt-0.1.0/tests/unit/test_legacy_aspnet_plugin.py +1160 -0
- apisec_code_bolt-0.1.0/tests/unit/test_micronaut_plugin.py +580 -0
- apisec_code_bolt-0.1.0/tests/unit/test_parameter_analyzer.py +316 -0
- apisec_code_bolt-0.1.0/tests/unit/test_path_resolver.py +185 -0
- apisec_code_bolt-0.1.0/tests/unit/test_python_parser.py +688 -0
- apisec_code_bolt-0.1.0/tests/unit/test_refit_plugin.py +401 -0
- apisec_code_bolt-0.1.0/tests/unit/test_repo_canonical.py +60 -0
- apisec_code_bolt-0.1.0/tests/unit/test_router_registry.py +566 -0
- apisec_code_bolt-0.1.0/tests/unit/test_sensitivity_capability.py +777 -0
- apisec_code_bolt-0.1.0/tests/unit/test_sink_evidence.py +775 -0
- apisec_code_bolt-0.1.0/tests/unit/test_spring_plugin.py +1709 -0
- apisec_code_bolt-0.1.0/tests/unit/test_telemetry.py +440 -0
- apisec_code_bolt-0.1.0/tests/unit/test_transformation_tracking.py +711 -0
- apisec_code_bolt-0.1.0/tests/unit/test_types.py +118 -0
- apisec_code_bolt-0.1.0/tests/unit/test_wcf_plugin.py +1803 -0
|
@@ -0,0 +1,54 @@
|
|
|
1
|
+
# Byte-compiled / optimized / DLL files
|
|
2
|
+
__pycache__/
|
|
3
|
+
**/__pycache__/
|
|
4
|
+
*.py[cod]
|
|
5
|
+
*$py.class
|
|
6
|
+
|
|
7
|
+
# Distribution / packaging
|
|
8
|
+
build/
|
|
9
|
+
dist/
|
|
10
|
+
wheels/
|
|
11
|
+
*.egg
|
|
12
|
+
*.egg-info/
|
|
13
|
+
.eggs/
|
|
14
|
+
|
|
15
|
+
# Virtual environments
|
|
16
|
+
.venv/
|
|
17
|
+
venv/
|
|
18
|
+
env/
|
|
19
|
+
ENV/
|
|
20
|
+
|
|
21
|
+
# Test / coverage / type-check caches
|
|
22
|
+
.pytest_cache/
|
|
23
|
+
.mypy_cache/
|
|
24
|
+
.ruff_cache/
|
|
25
|
+
.tox/
|
|
26
|
+
.nox/
|
|
27
|
+
.coverage
|
|
28
|
+
.coverage.*
|
|
29
|
+
coverage.xml
|
|
30
|
+
htmlcov/
|
|
31
|
+
.hypothesis/
|
|
32
|
+
|
|
33
|
+
# Environment / secrets
|
|
34
|
+
.env
|
|
35
|
+
.env.*
|
|
36
|
+
!.env.example
|
|
37
|
+
|
|
38
|
+
# Editors / OS
|
|
39
|
+
.idea/
|
|
40
|
+
.vscode/
|
|
41
|
+
*.swp
|
|
42
|
+
*.swo
|
|
43
|
+
.DS_Store
|
|
44
|
+
Thumbs.db
|
|
45
|
+
|
|
46
|
+
# Logs
|
|
47
|
+
*.log
|
|
48
|
+
|
|
49
|
+
# Demo recordings (local-only)
|
|
50
|
+
*.mp4
|
|
51
|
+
|
|
52
|
+
# Benchmark per-run output (clones are cached at ~/.cache/apisec-benchmark,
|
|
53
|
+
# manifests go under benchmark/runs/<suite>-<version>/)
|
|
54
|
+
benchmark/runs/
|
|
@@ -0,0 +1,230 @@
|
|
|
1
|
+
Metadata-Version: 2.4
|
|
2
|
+
Name: apisec-code-bolt
|
|
3
|
+
Version: 0.1.0
|
|
4
|
+
Summary: Static analysis probe for extracting architectural metadata from codebases
|
|
5
|
+
Project-URL: Homepage, https://apisec.ai
|
|
6
|
+
Project-URL: Documentation, https://docs.apisec.ai/code-bolt
|
|
7
|
+
Project-URL: Repository, https://github.com/apisec-inc/apisec-code-bolt
|
|
8
|
+
Author-email: APIsec <engineering@apisec.ai>
|
|
9
|
+
License: Proprietary
|
|
10
|
+
Keywords: api,security,static-analysis,vulnerability
|
|
11
|
+
Classifier: Development Status :: 3 - Alpha
|
|
12
|
+
Classifier: Environment :: Console
|
|
13
|
+
Classifier: Intended Audience :: Developers
|
|
14
|
+
Classifier: Operating System :: OS Independent
|
|
15
|
+
Classifier: Programming Language :: Python :: 3
|
|
16
|
+
Classifier: Programming Language :: Python :: 3.11
|
|
17
|
+
Classifier: Programming Language :: Python :: 3.12
|
|
18
|
+
Classifier: Topic :: Security
|
|
19
|
+
Classifier: Topic :: Software Development :: Quality Assurance
|
|
20
|
+
Classifier: Typing :: Typed
|
|
21
|
+
Requires-Python: >=3.11
|
|
22
|
+
Requires-Dist: click>=8.1.0
|
|
23
|
+
Requires-Dist: httpx>=0.26.0
|
|
24
|
+
Requires-Dist: javalang>=0.13.0
|
|
25
|
+
Requires-Dist: libcst>=1.1.0
|
|
26
|
+
Requires-Dist: networkx>=3.2
|
|
27
|
+
Requires-Dist: pathspec>=0.12.0
|
|
28
|
+
Requires-Dist: pydantic-settings>=2.1.0
|
|
29
|
+
Requires-Dist: pydantic>=2.5.0
|
|
30
|
+
Requires-Dist: pyyaml>=6.0
|
|
31
|
+
Requires-Dist: rich>=13.7.0
|
|
32
|
+
Requires-Dist: tree-sitter-c-sharp>=0.23
|
|
33
|
+
Requires-Dist: tree-sitter-javascript>=0.23
|
|
34
|
+
Requires-Dist: tree-sitter-typescript>=0.23
|
|
35
|
+
Requires-Dist: tree-sitter>=0.23
|
|
36
|
+
Requires-Dist: typing-extensions>=4.9.0
|
|
37
|
+
Provides-Extra: dev
|
|
38
|
+
Requires-Dist: mypy>=1.8.0; extra == 'dev'
|
|
39
|
+
Requires-Dist: pytest-asyncio>=0.23.0; extra == 'dev'
|
|
40
|
+
Requires-Dist: pytest-cov>=4.1.0; extra == 'dev'
|
|
41
|
+
Requires-Dist: pytest>=7.4.0; extra == 'dev'
|
|
42
|
+
Requires-Dist: ruff>=0.6; extra == 'dev'
|
|
43
|
+
Provides-Extra: semgrep
|
|
44
|
+
Requires-Dist: semgrep>=1.50.0; extra == 'semgrep'
|
|
45
|
+
Description-Content-Type: text/markdown
|
|
46
|
+
|
|
47
|
+
# apisec-code-bolt
|
|
48
|
+
|
|
49
|
+
Static analysis probe for extracting architectural metadata from codebases.
|
|
50
|
+
|
|
51
|
+
## Overview
|
|
52
|
+
|
|
53
|
+
apisec-code-bolt analyzes source code to extract:
|
|
54
|
+
|
|
55
|
+
- **Routes/Endpoints** — HTTP routes, parameters, request/response types
|
|
56
|
+
- **Data Flows** — How data moves from entry points to sinks
|
|
57
|
+
- **Authentication** — Auth schemes, dependencies, role requirements
|
|
58
|
+
- **Integrations** — External services, databases, APIs
|
|
59
|
+
- **Dependencies** — Package dependencies and versions
|
|
60
|
+
|
|
61
|
+
The output is a structured **manifest** that can be uploaded to the APIsec cloud
|
|
62
|
+
for vulnerability analysis. **Raw source code never leaves your environment.**
|
|
63
|
+
|
|
64
|
+
## Installation
|
|
65
|
+
|
|
66
|
+
```bash
|
|
67
|
+
pip install apisec-code-bolt
|
|
68
|
+
```
|
|
69
|
+
|
|
70
|
+
## Quick Start
|
|
71
|
+
|
|
72
|
+
```bash
|
|
73
|
+
# Analyze a project and upload to cloud
|
|
74
|
+
apisec-code-bolt analyze /path/to/project
|
|
75
|
+
|
|
76
|
+
# Analyze and save manifest locally
|
|
77
|
+
apisec-code-bolt analyze . --output manifest.json --no-upload
|
|
78
|
+
|
|
79
|
+
# With framework hints
|
|
80
|
+
apisec-code-bolt analyze . --frameworks fastapi,sqlalchemy
|
|
81
|
+
```
|
|
82
|
+
|
|
83
|
+
## Supported Languages & Frameworks
|
|
84
|
+
|
|
85
|
+
### Currently Supported
|
|
86
|
+
|
|
87
|
+
| Language | Frameworks |
|
|
88
|
+
|----------|-----------|
|
|
89
|
+
| Python | FastAPI |
|
|
90
|
+
| Java | Spring Boot |
|
|
91
|
+
|
|
92
|
+
### Planned
|
|
93
|
+
|
|
94
|
+
| Language | Frameworks |
|
|
95
|
+
|----------|-----------|
|
|
96
|
+
| Python | Flask, Django |
|
|
97
|
+
| Java | Micronaut, Quarkus |
|
|
98
|
+
| Kotlin | Spring Boot, Ktor |
|
|
99
|
+
| JavaScript/TypeScript | Express, NestJS |
|
|
100
|
+
|
|
101
|
+
## Configuration
|
|
102
|
+
|
|
103
|
+
Create a `.codebolt.yaml` file in your project root:
|
|
104
|
+
|
|
105
|
+
```yaml
|
|
106
|
+
analysis:
|
|
107
|
+
file_discovery:
|
|
108
|
+
exclude_patterns:
|
|
109
|
+
- "tests/**"
|
|
110
|
+
- "**/migrations/**"
|
|
111
|
+
max_files: 10000
|
|
112
|
+
|
|
113
|
+
data_flow:
|
|
114
|
+
mode: inter_procedural
|
|
115
|
+
max_depth: 10
|
|
116
|
+
|
|
117
|
+
cloud:
|
|
118
|
+
enabled: true
|
|
119
|
+
api_url: https://api.apisec.ai
|
|
120
|
+
|
|
121
|
+
output:
|
|
122
|
+
format: json
|
|
123
|
+
```
|
|
124
|
+
|
|
125
|
+
## Commands
|
|
126
|
+
|
|
127
|
+
### analyze
|
|
128
|
+
|
|
129
|
+
Analyze a codebase and generate a manifest.
|
|
130
|
+
|
|
131
|
+
```bash
|
|
132
|
+
apisec-code-bolt analyze [PATH] [OPTIONS]
|
|
133
|
+
|
|
134
|
+
Options:
|
|
135
|
+
-o, --output FILE Save manifest to file
|
|
136
|
+
--no-upload Skip uploading to cloud
|
|
137
|
+
--format [json|yaml] Output format
|
|
138
|
+
--config FILE Path to config file
|
|
139
|
+
--frameworks TEXT Comma-separated framework hints
|
|
140
|
+
--exclude TEXT Glob patterns to exclude
|
|
141
|
+
--max-files INTEGER Maximum files to analyze
|
|
142
|
+
--timeout INTEGER Analysis timeout in seconds
|
|
143
|
+
```
|
|
144
|
+
|
|
145
|
+
### auth
|
|
146
|
+
|
|
147
|
+
Authenticate with the APIsec cloud.
|
|
148
|
+
|
|
149
|
+
```bash
|
|
150
|
+
apisec-code-bolt auth [API_KEY] [OPTIONS]
|
|
151
|
+
|
|
152
|
+
Options:
|
|
153
|
+
--check Check if already authenticated
|
|
154
|
+
--logout Remove stored credentials
|
|
155
|
+
```
|
|
156
|
+
|
|
157
|
+
### answer
|
|
158
|
+
|
|
159
|
+
Answer verification queries (for air-gapped environments).
|
|
160
|
+
|
|
161
|
+
```bash
|
|
162
|
+
apisec-code-bolt answer [OPTIONS]
|
|
163
|
+
|
|
164
|
+
Options:
|
|
165
|
+
-q, --questions FILE Input questions file (required)
|
|
166
|
+
-o, --output FILE Output answers file
|
|
167
|
+
-r, --repo PATH Repository path
|
|
168
|
+
--timeout INTEGER Query timeout in seconds
|
|
169
|
+
```
|
|
170
|
+
|
|
171
|
+
## Architecture
|
|
172
|
+
|
|
173
|
+
```
|
|
174
|
+
apisec-code-bolt/
|
|
175
|
+
├── cli/ # Command-line interface
|
|
176
|
+
├── core/ # Types, config, manifest schema
|
|
177
|
+
├── parsing/ # Language-specific parsers
|
|
178
|
+
│ ├── python/ # LibCST-based Python parser
|
|
179
|
+
│ └── jvm/ # Java/Kotlin via subprocess
|
|
180
|
+
├── frameworks/ # Framework plugins
|
|
181
|
+
│ ├── python/ # FastAPI, Flask, Django
|
|
182
|
+
│ └── java/ # Spring Boot, Micronaut
|
|
183
|
+
├── analysis/ # Call graph, data flow
|
|
184
|
+
├── fingerprinting/ # Integration detection
|
|
185
|
+
├── query/ # Query API executor
|
|
186
|
+
└── cloud/ # Cloud communication
|
|
187
|
+
```
|
|
188
|
+
|
|
189
|
+
## Development
|
|
190
|
+
|
|
191
|
+
### Setup
|
|
192
|
+
|
|
193
|
+
```bash
|
|
194
|
+
# Clone and install in development mode
|
|
195
|
+
git clone https://github.com/apisec-inc/apisec-code-bolt.git
|
|
196
|
+
cd apisec-code-bolt
|
|
197
|
+
pip install -e ".[dev]"
|
|
198
|
+
```
|
|
199
|
+
|
|
200
|
+
### Running Tests
|
|
201
|
+
|
|
202
|
+
```bash
|
|
203
|
+
pytest
|
|
204
|
+
```
|
|
205
|
+
|
|
206
|
+
### Type Checking
|
|
207
|
+
|
|
208
|
+
```bash
|
|
209
|
+
mypy src/apisec_code_bolt
|
|
210
|
+
```
|
|
211
|
+
|
|
212
|
+
### Linting
|
|
213
|
+
|
|
214
|
+
```bash
|
|
215
|
+
ruff check src/
|
|
216
|
+
black --check src/
|
|
217
|
+
```
|
|
218
|
+
|
|
219
|
+
## Privacy
|
|
220
|
+
|
|
221
|
+
apisec-code-bolt is designed with privacy as a core principle:
|
|
222
|
+
|
|
223
|
+
- **No raw code egress** — Source code never leaves your environment
|
|
224
|
+
- **Metadata only** — The manifest contains structural information, not code
|
|
225
|
+
- **Outbound only** — Only makes outbound HTTPS calls to upload manifests
|
|
226
|
+
- **Air-gapped support** — Can run completely offline with file-based workflow
|
|
227
|
+
|
|
228
|
+
## License
|
|
229
|
+
|
|
230
|
+
Proprietary. Copyright © APIsec.
|
|
@@ -0,0 +1,184 @@
|
|
|
1
|
+
# apisec-code-bolt
|
|
2
|
+
|
|
3
|
+
Static analysis probe for extracting architectural metadata from codebases.
|
|
4
|
+
|
|
5
|
+
## Overview
|
|
6
|
+
|
|
7
|
+
apisec-code-bolt analyzes source code to extract:
|
|
8
|
+
|
|
9
|
+
- **Routes/Endpoints** — HTTP routes, parameters, request/response types
|
|
10
|
+
- **Data Flows** — How data moves from entry points to sinks
|
|
11
|
+
- **Authentication** — Auth schemes, dependencies, role requirements
|
|
12
|
+
- **Integrations** — External services, databases, APIs
|
|
13
|
+
- **Dependencies** — Package dependencies and versions
|
|
14
|
+
|
|
15
|
+
The output is a structured **manifest** that can be uploaded to the APIsec cloud
|
|
16
|
+
for vulnerability analysis. **Raw source code never leaves your environment.**
|
|
17
|
+
|
|
18
|
+
## Installation
|
|
19
|
+
|
|
20
|
+
```bash
|
|
21
|
+
pip install apisec-code-bolt
|
|
22
|
+
```
|
|
23
|
+
|
|
24
|
+
## Quick Start
|
|
25
|
+
|
|
26
|
+
```bash
|
|
27
|
+
# Analyze a project and upload to cloud
|
|
28
|
+
apisec-code-bolt analyze /path/to/project
|
|
29
|
+
|
|
30
|
+
# Analyze and save manifest locally
|
|
31
|
+
apisec-code-bolt analyze . --output manifest.json --no-upload
|
|
32
|
+
|
|
33
|
+
# With framework hints
|
|
34
|
+
apisec-code-bolt analyze . --frameworks fastapi,sqlalchemy
|
|
35
|
+
```
|
|
36
|
+
|
|
37
|
+
## Supported Languages & Frameworks
|
|
38
|
+
|
|
39
|
+
### Currently Supported
|
|
40
|
+
|
|
41
|
+
| Language | Frameworks |
|
|
42
|
+
|----------|-----------|
|
|
43
|
+
| Python | FastAPI |
|
|
44
|
+
| Java | Spring Boot |
|
|
45
|
+
|
|
46
|
+
### Planned
|
|
47
|
+
|
|
48
|
+
| Language | Frameworks |
|
|
49
|
+
|----------|-----------|
|
|
50
|
+
| Python | Flask, Django |
|
|
51
|
+
| Java | Micronaut, Quarkus |
|
|
52
|
+
| Kotlin | Spring Boot, Ktor |
|
|
53
|
+
| JavaScript/TypeScript | Express, NestJS |
|
|
54
|
+
|
|
55
|
+
## Configuration
|
|
56
|
+
|
|
57
|
+
Create a `.codebolt.yaml` file in your project root:
|
|
58
|
+
|
|
59
|
+
```yaml
|
|
60
|
+
analysis:
|
|
61
|
+
file_discovery:
|
|
62
|
+
exclude_patterns:
|
|
63
|
+
- "tests/**"
|
|
64
|
+
- "**/migrations/**"
|
|
65
|
+
max_files: 10000
|
|
66
|
+
|
|
67
|
+
data_flow:
|
|
68
|
+
mode: inter_procedural
|
|
69
|
+
max_depth: 10
|
|
70
|
+
|
|
71
|
+
cloud:
|
|
72
|
+
enabled: true
|
|
73
|
+
api_url: https://api.apisec.ai
|
|
74
|
+
|
|
75
|
+
output:
|
|
76
|
+
format: json
|
|
77
|
+
```
|
|
78
|
+
|
|
79
|
+
## Commands
|
|
80
|
+
|
|
81
|
+
### analyze
|
|
82
|
+
|
|
83
|
+
Analyze a codebase and generate a manifest.
|
|
84
|
+
|
|
85
|
+
```bash
|
|
86
|
+
apisec-code-bolt analyze [PATH] [OPTIONS]
|
|
87
|
+
|
|
88
|
+
Options:
|
|
89
|
+
-o, --output FILE Save manifest to file
|
|
90
|
+
--no-upload Skip uploading to cloud
|
|
91
|
+
--format [json|yaml] Output format
|
|
92
|
+
--config FILE Path to config file
|
|
93
|
+
--frameworks TEXT Comma-separated framework hints
|
|
94
|
+
--exclude TEXT Glob patterns to exclude
|
|
95
|
+
--max-files INTEGER Maximum files to analyze
|
|
96
|
+
--timeout INTEGER Analysis timeout in seconds
|
|
97
|
+
```
|
|
98
|
+
|
|
99
|
+
### auth
|
|
100
|
+
|
|
101
|
+
Authenticate with the APIsec cloud.
|
|
102
|
+
|
|
103
|
+
```bash
|
|
104
|
+
apisec-code-bolt auth [API_KEY] [OPTIONS]
|
|
105
|
+
|
|
106
|
+
Options:
|
|
107
|
+
--check Check if already authenticated
|
|
108
|
+
--logout Remove stored credentials
|
|
109
|
+
```
|
|
110
|
+
|
|
111
|
+
### answer
|
|
112
|
+
|
|
113
|
+
Answer verification queries (for air-gapped environments).
|
|
114
|
+
|
|
115
|
+
```bash
|
|
116
|
+
apisec-code-bolt answer [OPTIONS]
|
|
117
|
+
|
|
118
|
+
Options:
|
|
119
|
+
-q, --questions FILE Input questions file (required)
|
|
120
|
+
-o, --output FILE Output answers file
|
|
121
|
+
-r, --repo PATH Repository path
|
|
122
|
+
--timeout INTEGER Query timeout in seconds
|
|
123
|
+
```
|
|
124
|
+
|
|
125
|
+
## Architecture
|
|
126
|
+
|
|
127
|
+
```
|
|
128
|
+
apisec-code-bolt/
|
|
129
|
+
├── cli/ # Command-line interface
|
|
130
|
+
├── core/ # Types, config, manifest schema
|
|
131
|
+
├── parsing/ # Language-specific parsers
|
|
132
|
+
│ ├── python/ # LibCST-based Python parser
|
|
133
|
+
│ └── jvm/ # Java/Kotlin via subprocess
|
|
134
|
+
├── frameworks/ # Framework plugins
|
|
135
|
+
│ ├── python/ # FastAPI, Flask, Django
|
|
136
|
+
│ └── java/ # Spring Boot, Micronaut
|
|
137
|
+
├── analysis/ # Call graph, data flow
|
|
138
|
+
├── fingerprinting/ # Integration detection
|
|
139
|
+
├── query/ # Query API executor
|
|
140
|
+
└── cloud/ # Cloud communication
|
|
141
|
+
```
|
|
142
|
+
|
|
143
|
+
## Development
|
|
144
|
+
|
|
145
|
+
### Setup
|
|
146
|
+
|
|
147
|
+
```bash
|
|
148
|
+
# Clone and install in development mode
|
|
149
|
+
git clone https://github.com/apisec-inc/apisec-code-bolt.git
|
|
150
|
+
cd apisec-code-bolt
|
|
151
|
+
pip install -e ".[dev]"
|
|
152
|
+
```
|
|
153
|
+
|
|
154
|
+
### Running Tests
|
|
155
|
+
|
|
156
|
+
```bash
|
|
157
|
+
pytest
|
|
158
|
+
```
|
|
159
|
+
|
|
160
|
+
### Type Checking
|
|
161
|
+
|
|
162
|
+
```bash
|
|
163
|
+
mypy src/apisec_code_bolt
|
|
164
|
+
```
|
|
165
|
+
|
|
166
|
+
### Linting
|
|
167
|
+
|
|
168
|
+
```bash
|
|
169
|
+
ruff check src/
|
|
170
|
+
black --check src/
|
|
171
|
+
```
|
|
172
|
+
|
|
173
|
+
## Privacy
|
|
174
|
+
|
|
175
|
+
apisec-code-bolt is designed with privacy as a core principle:
|
|
176
|
+
|
|
177
|
+
- **No raw code egress** — Source code never leaves your environment
|
|
178
|
+
- **Metadata only** — The manifest contains structural information, not code
|
|
179
|
+
- **Outbound only** — Only makes outbound HTTPS calls to upload manifests
|
|
180
|
+
- **Air-gapped support** — Can run completely offline with file-based workflow
|
|
181
|
+
|
|
182
|
+
## License
|
|
183
|
+
|
|
184
|
+
Proprietary. Copyright © APIsec.
|
|
@@ -0,0 +1,150 @@
|
|
|
1
|
+
[build-system]
|
|
2
|
+
requires = ["hatchling"]
|
|
3
|
+
build-backend = "hatchling.build"
|
|
4
|
+
|
|
5
|
+
[project]
|
|
6
|
+
name = "apisec-code-bolt"
|
|
7
|
+
version = "0.1.0"
|
|
8
|
+
description = "Static analysis probe for extracting architectural metadata from codebases"
|
|
9
|
+
readme = "README.md"
|
|
10
|
+
license = {text = "Proprietary"}
|
|
11
|
+
requires-python = ">=3.11"
|
|
12
|
+
authors = [
|
|
13
|
+
{ name = "APIsec", email = "engineering@apisec.ai" }
|
|
14
|
+
]
|
|
15
|
+
classifiers = [
|
|
16
|
+
"Development Status :: 3 - Alpha",
|
|
17
|
+
"Environment :: Console",
|
|
18
|
+
"Intended Audience :: Developers",
|
|
19
|
+
"Operating System :: OS Independent",
|
|
20
|
+
"Programming Language :: Python :: 3",
|
|
21
|
+
"Programming Language :: Python :: 3.11",
|
|
22
|
+
"Programming Language :: Python :: 3.12",
|
|
23
|
+
"Topic :: Security",
|
|
24
|
+
"Topic :: Software Development :: Quality Assurance",
|
|
25
|
+
"Typing :: Typed",
|
|
26
|
+
]
|
|
27
|
+
keywords = ["security", "static-analysis", "api", "vulnerability"]
|
|
28
|
+
|
|
29
|
+
dependencies = [
|
|
30
|
+
# Parsing
|
|
31
|
+
"libcst>=1.1.0", # Python CST parsing
|
|
32
|
+
|
|
33
|
+
# JVM parsing
|
|
34
|
+
"javalang>=0.13.0", # Pure-Python Java parser
|
|
35
|
+
|
|
36
|
+
# C# / .NET parsing
|
|
37
|
+
"tree-sitter>=0.23", # Generic tree-sitter bindings
|
|
38
|
+
"tree-sitter-c-sharp>=0.23", # C# grammar for tree-sitter
|
|
39
|
+
|
|
40
|
+
# JavaScript / TypeScript parsing
|
|
41
|
+
"tree-sitter-javascript>=0.23", # JS grammar for tree-sitter
|
|
42
|
+
"tree-sitter-typescript>=0.23", # TypeScript grammar for tree-sitter
|
|
43
|
+
|
|
44
|
+
# Graph operations
|
|
45
|
+
"networkx>=3.2", # Call graph, data flow graphs
|
|
46
|
+
|
|
47
|
+
# Data validation and serialization
|
|
48
|
+
"pydantic>=2.5.0", # Schema validation, settings
|
|
49
|
+
"pydantic-settings>=2.1.0", # Configuration from env
|
|
50
|
+
|
|
51
|
+
# CLI
|
|
52
|
+
"click>=8.1.0", # CLI framework
|
|
53
|
+
"rich>=13.7.0", # Rich terminal output
|
|
54
|
+
|
|
55
|
+
# HTTP client (for cloud communication only)
|
|
56
|
+
"httpx>=0.26.0", # Async HTTP client
|
|
57
|
+
|
|
58
|
+
# File handling
|
|
59
|
+
"pathspec>=0.12.0", # Gitignore pattern matching
|
|
60
|
+
"pyyaml>=6.0", # YAML configuration
|
|
61
|
+
|
|
62
|
+
# Utilities
|
|
63
|
+
"typing-extensions>=4.9.0", # Extended typing support
|
|
64
|
+
]
|
|
65
|
+
|
|
66
|
+
[project.optional-dependencies]
|
|
67
|
+
dev = [
|
|
68
|
+
"pytest>=7.4.0",
|
|
69
|
+
"pytest-cov>=4.1.0",
|
|
70
|
+
"pytest-asyncio>=0.23.0",
|
|
71
|
+
"mypy>=1.8.0",
|
|
72
|
+
"ruff>=0.6",
|
|
73
|
+
]
|
|
74
|
+
|
|
75
|
+
semgrep = [
|
|
76
|
+
"semgrep>=1.50.0", # Optional: pattern-based analysis
|
|
77
|
+
]
|
|
78
|
+
|
|
79
|
+
[project.scripts]
|
|
80
|
+
apisec-code-bolt = "apisec_code_bolt.cli.main:cli"
|
|
81
|
+
|
|
82
|
+
[project.urls]
|
|
83
|
+
Homepage = "https://apisec.ai"
|
|
84
|
+
Documentation = "https://docs.apisec.ai/code-bolt"
|
|
85
|
+
Repository = "https://github.com/apisec-inc/apisec-code-bolt"
|
|
86
|
+
|
|
87
|
+
[tool.hatch.build.targets.wheel]
|
|
88
|
+
packages = ["src/apisec_code_bolt"]
|
|
89
|
+
|
|
90
|
+
[tool.hatch.build.targets.sdist]
|
|
91
|
+
include = [
|
|
92
|
+
"/src",
|
|
93
|
+
"/tests",
|
|
94
|
+
"/README.md",
|
|
95
|
+
]
|
|
96
|
+
|
|
97
|
+
# Include bundled JVM analyzer JAR
|
|
98
|
+
[tool.hatch.build.targets.wheel.shared-data]
|
|
99
|
+
"src/apisec_code_bolt/parsing/jvm/lib" = "apisec_code_bolt/parsing/jvm/lib"
|
|
100
|
+
|
|
101
|
+
[tool.pytest.ini_options]
|
|
102
|
+
testpaths = ["tests"]
|
|
103
|
+
asyncio_mode = "auto"
|
|
104
|
+
addopts = "-v --tb=short"
|
|
105
|
+
|
|
106
|
+
[tool.mypy]
|
|
107
|
+
python_version = "3.11"
|
|
108
|
+
strict = true
|
|
109
|
+
warn_return_any = true
|
|
110
|
+
warn_unused_configs = true
|
|
111
|
+
disallow_untyped_defs = true
|
|
112
|
+
disallow_incomplete_defs = true
|
|
113
|
+
|
|
114
|
+
[tool.ruff]
|
|
115
|
+
target-version = "py311"
|
|
116
|
+
line-length = 100
|
|
117
|
+
exclude = ["scripts"]
|
|
118
|
+
|
|
119
|
+
[tool.ruff.lint]
|
|
120
|
+
select = [
|
|
121
|
+
"E", # pycodestyle errors
|
|
122
|
+
"W", # pycodestyle warnings
|
|
123
|
+
"F", # pyflakes
|
|
124
|
+
"I", # isort
|
|
125
|
+
"B", # flake8-bugbear
|
|
126
|
+
"C4", # flake8-comprehensions
|
|
127
|
+
"UP", # pyupgrade
|
|
128
|
+
"ARG", # flake8-unused-arguments
|
|
129
|
+
"SIM", # flake8-simplify
|
|
130
|
+
]
|
|
131
|
+
ignore = [
|
|
132
|
+
"E501", # line too long (handled by black)
|
|
133
|
+
"B008", # function calls in argument defaults
|
|
134
|
+
"F821", # forward-reference string annotations reported as undefined
|
|
135
|
+
"ARG001", # unused function argument — common in interface/plugin stubs
|
|
136
|
+
"ARG002", # unused method argument — common in interface/plugin stubs
|
|
137
|
+
"ARG005", # unused lambda argument
|
|
138
|
+
"SIM102", # use single if — style opinion, not a bug
|
|
139
|
+
"SIM103", # return condition directly — style opinion
|
|
140
|
+
]
|
|
141
|
+
|
|
142
|
+
[tool.ruff.lint.per-file-ignores]
|
|
143
|
+
"**/__init__.py" = ["F401"] # intentional re-exports
|
|
144
|
+
|
|
145
|
+
[tool.ruff.lint.isort]
|
|
146
|
+
known-first-party = ["apisec_code_bolt"]
|
|
147
|
+
|
|
148
|
+
[tool.ruff.format]
|
|
149
|
+
# Ruff's built-in formatter (black-compatible). Inherits target-version
|
|
150
|
+
# and line-length from [tool.ruff] above, so no duplication needed.
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
"""
|
|
2
|
+
apisec-code-bolt: Static analysis probe for extracting architectural metadata.
|
|
3
|
+
|
|
4
|
+
This package provides tools for analyzing codebases to extract architectural
|
|
5
|
+
information (routes, data flows, authentication patterns) without sending
|
|
6
|
+
raw source code outside the customer's environment.
|
|
7
|
+
"""
|
|
8
|
+
|
|
9
|
+
__version__ = "0.1.0"
|
|
10
|
+
__author__ = "APIsec"
|
|
11
|
+
|
|
12
|
+
from .core.config import CodeBoltConfig, load_config
|
|
13
|
+
from .core.manifest import Manifest
|
|
14
|
+
from .core.types import (
|
|
15
|
+
AuthSchemeType,
|
|
16
|
+
CodeLocation,
|
|
17
|
+
Confidence,
|
|
18
|
+
Framework,
|
|
19
|
+
HttpMethod,
|
|
20
|
+
Language,
|
|
21
|
+
OriginType,
|
|
22
|
+
QualifiedName,
|
|
23
|
+
)
|
|
24
|
+
|
|
25
|
+
__all__ = [
|
|
26
|
+
# Version
|
|
27
|
+
"__version__",
|
|
28
|
+
# Types
|
|
29
|
+
"Language",
|
|
30
|
+
"Framework",
|
|
31
|
+
"OriginType",
|
|
32
|
+
"AuthSchemeType",
|
|
33
|
+
"HttpMethod",
|
|
34
|
+
"CodeLocation",
|
|
35
|
+
"QualifiedName",
|
|
36
|
+
"Confidence",
|
|
37
|
+
# Config
|
|
38
|
+
"CodeBoltConfig",
|
|
39
|
+
"load_config",
|
|
40
|
+
# Output
|
|
41
|
+
"Manifest",
|
|
42
|
+
]
|