apisec-code-bolt 0.1.0__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (211) hide show
  1. apisec_code_bolt-0.1.0/.gitignore +54 -0
  2. apisec_code_bolt-0.1.0/PKG-INFO +230 -0
  3. apisec_code_bolt-0.1.0/README.md +184 -0
  4. apisec_code_bolt-0.1.0/pyproject.toml +150 -0
  5. apisec_code_bolt-0.1.0/src/apisec_code_bolt/__init__.py +42 -0
  6. apisec_code_bolt-0.1.0/src/apisec_code_bolt/__main__.py +11 -0
  7. apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/__init__.py +96 -0
  8. apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/analyzer.py +2309 -0
  9. apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/binding_tracker.py +341 -0
  10. apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/call_graph.py +1197 -0
  11. apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/call_graph_types.py +332 -0
  12. apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/call_resolver.py +988 -0
  13. apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/capability_tagger.py +322 -0
  14. apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/config_scanner.py +197 -0
  15. apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/data_flow.py +1883 -0
  16. apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/dependency_extractor.py +959 -0
  17. apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/flow_analysis.py +1406 -0
  18. apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/hof_catalog.py +61 -0
  19. apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/integration_detector.py +1399 -0
  20. apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/literal_scanner.py +300 -0
  21. apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/path_normalizer.py +55 -0
  22. apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/read_site_detector.py +310 -0
  23. apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/request_patterns.py +162 -0
  24. apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/sensitivity_classifier.py +224 -0
  25. apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/sink_evidence.py +333 -0
  26. apisec_code_bolt-0.1.0/src/apisec_code_bolt/analysis/url_prefix_resolver.py +338 -0
  27. apisec_code_bolt-0.1.0/src/apisec_code_bolt/cli/__init__.py +5 -0
  28. apisec_code_bolt-0.1.0/src/apisec_code_bolt/cli/exit_codes.py +17 -0
  29. apisec_code_bolt-0.1.0/src/apisec_code_bolt/cli/main.py +1069 -0
  30. apisec_code_bolt-0.1.0/src/apisec_code_bolt/cloud/__init__.py +1 -0
  31. apisec_code_bolt-0.1.0/src/apisec_code_bolt/cloud/apisec_client.py +118 -0
  32. apisec_code_bolt-0.1.0/src/apisec_code_bolt/cloud/client.py +255 -0
  33. apisec_code_bolt-0.1.0/src/apisec_code_bolt/core/__init__.py +75 -0
  34. apisec_code_bolt-0.1.0/src/apisec_code_bolt/core/config.py +528 -0
  35. apisec_code_bolt-0.1.0/src/apisec_code_bolt/core/credentials.py +65 -0
  36. apisec_code_bolt-0.1.0/src/apisec_code_bolt/core/discovery.py +433 -0
  37. apisec_code_bolt-0.1.0/src/apisec_code_bolt/core/log_format.py +115 -0
  38. apisec_code_bolt-0.1.0/src/apisec_code_bolt/core/manifest.py +1009 -0
  39. apisec_code_bolt-0.1.0/src/apisec_code_bolt/core/repo.py +280 -0
  40. apisec_code_bolt-0.1.0/src/apisec_code_bolt/core/state.py +59 -0
  41. apisec_code_bolt-0.1.0/src/apisec_code_bolt/core/telemetry.py +451 -0
  42. apisec_code_bolt-0.1.0/src/apisec_code_bolt/core/types.py +587 -0
  43. apisec_code_bolt-0.1.0/src/apisec_code_bolt/fingerprinting/__init__.py +1 -0
  44. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/__init__.py +29 -0
  45. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/_jwt_common.py +50 -0
  46. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/auth_helpers.py +437 -0
  47. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/base.py +608 -0
  48. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/dotnet/__init__.py +17 -0
  49. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/dotnet/_path_helpers.py +43 -0
  50. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/dotnet/aspnet_plugin.py +2546 -0
  51. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/dotnet/grpc_plugin.py +559 -0
  52. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/dotnet/jwt_config_extractor.py +545 -0
  53. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/dotnet/legacy_aspnet_plugin.py +732 -0
  54. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/dotnet/refit_plugin.py +374 -0
  55. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/dotnet/wcf_plugin.py +1239 -0
  56. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/java/__init__.py +6 -0
  57. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/java/_annotations.py +167 -0
  58. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/java/_constraints.py +128 -0
  59. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/java/graphql_plugin.py +287 -0
  60. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/java/jaxrs_plugin.py +748 -0
  61. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/java/jwt_config_extractor.py +361 -0
  62. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/java/micronaut_plugin.py +1059 -0
  63. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/java/spring_plugin.py +1293 -0
  64. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/js/__init__.py +8 -0
  65. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/js/express_plugin.py +391 -0
  66. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/js/fastify_plugin.py +381 -0
  67. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/js/graphql_plugin.py +198 -0
  68. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/js/nestjs_plugin.py +423 -0
  69. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/python/__init__.py +19 -0
  70. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/python/celery_plugin.py +393 -0
  71. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/python/click_plugin.py +427 -0
  72. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/python/django_plugin.py +867 -0
  73. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/python/fastapi/__init__.py +28 -0
  74. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/python/fastapi/plugin.py +1390 -0
  75. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/python/flask_plugin.py +205 -0
  76. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/python/graphql_plugin.py +274 -0
  77. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/python/prefect_plugin.py +251 -0
  78. apisec_code_bolt-0.1.0/src/apisec_code_bolt/frameworks/python/webhook_plugin.py +255 -0
  79. apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/__init__.py +62 -0
  80. apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/base.py +554 -0
  81. apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/csharp/__init__.py +5 -0
  82. apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/csharp/language_services.py +203 -0
  83. apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/csharp/literals.py +72 -0
  84. apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/csharp/parser.py +1158 -0
  85. apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/csharp/type_resolver.py +568 -0
  86. apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/js/__init__.py +5 -0
  87. apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/js/language_services.py +118 -0
  88. apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/js/parser.py +622 -0
  89. apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/jvm/__init__.py +7 -0
  90. apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/jvm/language_services.py +270 -0
  91. apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/jvm/parser.py +774 -0
  92. apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/jvm/type_resolver.py +422 -0
  93. apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/python/__init__.py +150 -0
  94. apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/python/cbv_extractor.py +606 -0
  95. apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/python/constant_resolver.py +500 -0
  96. apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/python/cross_file_resolver.py +1054 -0
  97. apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/python/dynamic_route_detector.py +532 -0
  98. apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/python/expression_utils.py +221 -0
  99. apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/python/extraction_types.py +271 -0
  100. apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/python/language_services.py +487 -0
  101. apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/python/parameter_analyzer.py +789 -0
  102. apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/python/parser.py +719 -0
  103. apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/python/path_resolver.py +576 -0
  104. apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/python/router_registry.py +806 -0
  105. apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/python/type_resolver.py +730 -0
  106. apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/python/visitors.py +1544 -0
  107. apisec_code_bolt-0.1.0/src/apisec_code_bolt/parsing/services.py +544 -0
  108. apisec_code_bolt-0.1.0/src/apisec_code_bolt/query/__init__.py +1 -0
  109. apisec_code_bolt-0.1.0/src/apisec_code_bolt/query/ast_cache.py +182 -0
  110. apisec_code_bolt-0.1.0/src/apisec_code_bolt/query/executor.py +283 -0
  111. apisec_code_bolt-0.1.0/src/apisec_code_bolt/query/handlers.py +832 -0
  112. apisec_code_bolt-0.1.0/tests/conftest.py +120 -0
  113. apisec_code_bolt-0.1.0/tests/fixtures/dep_files/Cargo.toml +12 -0
  114. apisec_code_bolt-0.1.0/tests/fixtures/dep_files/Pipfile +17 -0
  115. apisec_code_bolt-0.1.0/tests/fixtures/dep_files/build.gradle +21 -0
  116. apisec_code_bolt-0.1.0/tests/fixtures/dep_files/build.gradle.kts +14 -0
  117. apisec_code_bolt-0.1.0/tests/fixtures/dep_files/go.mod +11 -0
  118. apisec_code_bolt-0.1.0/tests/fixtures/dep_files/package.json +13 -0
  119. apisec_code_bolt-0.1.0/tests/fixtures/dep_files/pom.xml +59 -0
  120. apisec_code_bolt-0.1.0/tests/fixtures/dep_files/pyproject_pep621.toml +12 -0
  121. apisec_code_bolt-0.1.0/tests/fixtures/dep_files/pyproject_poetry.toml +16 -0
  122. apisec_code_bolt-0.1.0/tests/fixtures/dep_files/requirements-dev.txt +4 -0
  123. apisec_code_bolt-0.1.0/tests/fixtures/dep_files/requirements.txt +9 -0
  124. apisec_code_bolt-0.1.0/tests/fixtures/dep_files/setup.cfg +15 -0
  125. apisec_code_bolt-0.1.0/tests/fixtures/dep_files/setup.py +15 -0
  126. apisec_code_bolt-0.1.0/tests/fixtures/sample_django/urls.py +14 -0
  127. apisec_code_bolt-0.1.0/tests/fixtures/sample_django/views.py +48 -0
  128. apisec_code_bolt-0.1.0/tests/fixtures/sample_express/app.ts +13 -0
  129. apisec_code_bolt-0.1.0/tests/fixtures/sample_express/middleware/authenticate.ts +15 -0
  130. apisec_code_bolt-0.1.0/tests/fixtures/sample_express/routes/auth.ts +9 -0
  131. apisec_code_bolt-0.1.0/tests/fixtures/sample_express/routes/users.ts +14 -0
  132. apisec_code_bolt-0.1.0/tests/fixtures/sample_fastapi/main.py +228 -0
  133. apisec_code_bolt-0.1.0/tests/fixtures/sample_fastapi/routes/__init__.py +5 -0
  134. apisec_code_bolt-0.1.0/tests/fixtures/sample_fastapi/routes/users.py +119 -0
  135. apisec_code_bolt-0.1.0/tests/fixtures/sample_fastapi/services/__init__.py +5 -0
  136. apisec_code_bolt-0.1.0/tests/fixtures/sample_fastapi/services/user_service.py +52 -0
  137. apisec_code_bolt-0.1.0/tests/fixtures/sample_flask/app.py +44 -0
  138. apisec_code_bolt-0.1.0/tests/fixtures/sample_nestjs/auth.controller.ts +23 -0
  139. apisec_code_bolt-0.1.0/tests/fixtures/sample_nestjs/roles.decorator.ts +2 -0
  140. apisec_code_bolt-0.1.0/tests/fixtures/sample_nestjs/roles.guard.ts +14 -0
  141. apisec_code_bolt-0.1.0/tests/fixtures/sample_nestjs/users.controller.ts +49 -0
  142. apisec_code_bolt-0.1.0/tests/fixtures/sample_spring_boot/src/main/java/com/example/demo/config/SecurityConfig.java +41 -0
  143. apisec_code_bolt-0.1.0/tests/fixtures/sample_spring_boot/src/main/java/com/example/demo/controller/UserController.java +47 -0
  144. apisec_code_bolt-0.1.0/tests/fixtures/sample_spring_boot/src/main/java/com/example/demo/model/User.java +29 -0
  145. apisec_code_bolt-0.1.0/tests/fixtures/sample_spring_boot/src/main/java/com/example/demo/service/UserService.java +36 -0
  146. apisec_code_bolt-0.1.0/tests/fixtures/sample_spring_boot/src/main/resources/application.properties +7 -0
  147. apisec_code_bolt-0.1.0/tests/fixtures/vuln_spring_boot/VULNERABILITIES.md +86 -0
  148. apisec_code_bolt-0.1.0/tests/fixtures/vuln_spring_boot/src/main/java/com/example/vulnapi/config/SecurityConfig.java +61 -0
  149. apisec_code_bolt-0.1.0/tests/fixtures/vuln_spring_boot/src/main/java/com/example/vulnapi/controller/AdminController.java +55 -0
  150. apisec_code_bolt-0.1.0/tests/fixtures/vuln_spring_boot/src/main/java/com/example/vulnapi/controller/OrderController.java +60 -0
  151. apisec_code_bolt-0.1.0/tests/fixtures/vuln_spring_boot/src/main/java/com/example/vulnapi/controller/UserController.java +74 -0
  152. apisec_code_bolt-0.1.0/tests/fixtures/vuln_spring_boot/src/main/java/com/example/vulnapi/model/Order.java +35 -0
  153. apisec_code_bolt-0.1.0/tests/fixtures/vuln_spring_boot/src/main/java/com/example/vulnapi/model/User.java +49 -0
  154. apisec_code_bolt-0.1.0/tests/fixtures/vuln_spring_boot/src/main/java/com/example/vulnapi/service/OrderService.java +38 -0
  155. apisec_code_bolt-0.1.0/tests/fixtures/vuln_spring_boot/src/main/java/com/example/vulnapi/service/UserService.java +54 -0
  156. apisec_code_bolt-0.1.0/tests/fixtures/vuln_spring_boot/src/main/resources/application.properties +6 -0
  157. apisec_code_bolt-0.1.0/tests/integration/__init__.py +1 -0
  158. apisec_code_bolt-0.1.0/tests/integration/test_cli.py +116 -0
  159. apisec_code_bolt-0.1.0/tests/integration/test_django_analysis.py +147 -0
  160. apisec_code_bolt-0.1.0/tests/integration/test_express_analysis.py +121 -0
  161. apisec_code_bolt-0.1.0/tests/integration/test_fastapi_analysis.py +466 -0
  162. apisec_code_bolt-0.1.0/tests/integration/test_flask_analysis.py +61 -0
  163. apisec_code_bolt-0.1.0/tests/integration/test_nestjs_analysis.py +146 -0
  164. apisec_code_bolt-0.1.0/tests/integration/test_spring_boot_analysis.py +442 -0
  165. apisec_code_bolt-0.1.0/tests/test_query/__init__.py +0 -0
  166. apisec_code_bolt-0.1.0/tests/test_query/fixtures/sample_app.py +52 -0
  167. apisec_code_bolt-0.1.0/tests/test_query/test_executor.py +132 -0
  168. apisec_code_bolt-0.1.0/tests/test_query/test_handlers.py +310 -0
  169. apisec_code_bolt-0.1.0/tests/unit/__init__.py +1 -0
  170. apisec_code_bolt-0.1.0/tests/unit/test_aspnet_plugin.py +2730 -0
  171. apisec_code_bolt-0.1.0/tests/unit/test_benchmark_audit.py +199 -0
  172. apisec_code_bolt-0.1.0/tests/unit/test_benchmark_run.py +311 -0
  173. apisec_code_bolt-0.1.0/tests/unit/test_call_graph.py +858 -0
  174. apisec_code_bolt-0.1.0/tests/unit/test_cbv_extractor.py +296 -0
  175. apisec_code_bolt-0.1.0/tests/unit/test_config.py +137 -0
  176. apisec_code_bolt-0.1.0/tests/unit/test_constant_resolver.py +393 -0
  177. apisec_code_bolt-0.1.0/tests/unit/test_cross_file_resolver.py +314 -0
  178. apisec_code_bolt-0.1.0/tests/unit/test_csharp_literals.py +123 -0
  179. apisec_code_bolt-0.1.0/tests/unit/test_csharp_type_resolver.py +390 -0
  180. apisec_code_bolt-0.1.0/tests/unit/test_data_flow.py +522 -0
  181. apisec_code_bolt-0.1.0/tests/unit/test_dependency_parsing.py +532 -0
  182. apisec_code_bolt-0.1.0/tests/unit/test_discovery.py +224 -0
  183. apisec_code_bolt-0.1.0/tests/unit/test_django_plugin.py +658 -0
  184. apisec_code_bolt-0.1.0/tests/unit/test_dynamic_routes.py +265 -0
  185. apisec_code_bolt-0.1.0/tests/unit/test_express_nestjs_plugin.py +754 -0
  186. apisec_code_bolt-0.1.0/tests/unit/test_fastapi_plugin.py +385 -0
  187. apisec_code_bolt-0.1.0/tests/unit/test_fastify_plugin.py +404 -0
  188. apisec_code_bolt-0.1.0/tests/unit/test_flow_analysis.py +308 -0
  189. apisec_code_bolt-0.1.0/tests/unit/test_graphql_plugin.py +566 -0
  190. apisec_code_bolt-0.1.0/tests/unit/test_grpc_plugin.py +510 -0
  191. apisec_code_bolt-0.1.0/tests/unit/test_instrumentation.py +435 -0
  192. apisec_code_bolt-0.1.0/tests/unit/test_integration_detection.py +1161 -0
  193. apisec_code_bolt-0.1.0/tests/unit/test_java_parser.py +517 -0
  194. apisec_code_bolt-0.1.0/tests/unit/test_jaxrs_plugin.py +421 -0
  195. apisec_code_bolt-0.1.0/tests/unit/test_js_graphql_plugin.py +480 -0
  196. apisec_code_bolt-0.1.0/tests/unit/test_jwt_config_extraction.py +450 -0
  197. apisec_code_bolt-0.1.0/tests/unit/test_legacy_aspnet_plugin.py +1160 -0
  198. apisec_code_bolt-0.1.0/tests/unit/test_micronaut_plugin.py +580 -0
  199. apisec_code_bolt-0.1.0/tests/unit/test_parameter_analyzer.py +316 -0
  200. apisec_code_bolt-0.1.0/tests/unit/test_path_resolver.py +185 -0
  201. apisec_code_bolt-0.1.0/tests/unit/test_python_parser.py +688 -0
  202. apisec_code_bolt-0.1.0/tests/unit/test_refit_plugin.py +401 -0
  203. apisec_code_bolt-0.1.0/tests/unit/test_repo_canonical.py +60 -0
  204. apisec_code_bolt-0.1.0/tests/unit/test_router_registry.py +566 -0
  205. apisec_code_bolt-0.1.0/tests/unit/test_sensitivity_capability.py +777 -0
  206. apisec_code_bolt-0.1.0/tests/unit/test_sink_evidence.py +775 -0
  207. apisec_code_bolt-0.1.0/tests/unit/test_spring_plugin.py +1709 -0
  208. apisec_code_bolt-0.1.0/tests/unit/test_telemetry.py +440 -0
  209. apisec_code_bolt-0.1.0/tests/unit/test_transformation_tracking.py +711 -0
  210. apisec_code_bolt-0.1.0/tests/unit/test_types.py +118 -0
  211. apisec_code_bolt-0.1.0/tests/unit/test_wcf_plugin.py +1803 -0
@@ -0,0 +1,54 @@
1
+ # Byte-compiled / optimized / DLL files
2
+ __pycache__/
3
+ **/__pycache__/
4
+ *.py[cod]
5
+ *$py.class
6
+
7
+ # Distribution / packaging
8
+ build/
9
+ dist/
10
+ wheels/
11
+ *.egg
12
+ *.egg-info/
13
+ .eggs/
14
+
15
+ # Virtual environments
16
+ .venv/
17
+ venv/
18
+ env/
19
+ ENV/
20
+
21
+ # Test / coverage / type-check caches
22
+ .pytest_cache/
23
+ .mypy_cache/
24
+ .ruff_cache/
25
+ .tox/
26
+ .nox/
27
+ .coverage
28
+ .coverage.*
29
+ coverage.xml
30
+ htmlcov/
31
+ .hypothesis/
32
+
33
+ # Environment / secrets
34
+ .env
35
+ .env.*
36
+ !.env.example
37
+
38
+ # Editors / OS
39
+ .idea/
40
+ .vscode/
41
+ *.swp
42
+ *.swo
43
+ .DS_Store
44
+ Thumbs.db
45
+
46
+ # Logs
47
+ *.log
48
+
49
+ # Demo recordings (local-only)
50
+ *.mp4
51
+
52
+ # Benchmark per-run output (clones are cached at ~/.cache/apisec-benchmark,
53
+ # manifests go under benchmark/runs/<suite>-<version>/)
54
+ benchmark/runs/
@@ -0,0 +1,230 @@
1
+ Metadata-Version: 2.4
2
+ Name: apisec-code-bolt
3
+ Version: 0.1.0
4
+ Summary: Static analysis probe for extracting architectural metadata from codebases
5
+ Project-URL: Homepage, https://apisec.ai
6
+ Project-URL: Documentation, https://docs.apisec.ai/code-bolt
7
+ Project-URL: Repository, https://github.com/apisec-inc/apisec-code-bolt
8
+ Author-email: APIsec <engineering@apisec.ai>
9
+ License: Proprietary
10
+ Keywords: api,security,static-analysis,vulnerability
11
+ Classifier: Development Status :: 3 - Alpha
12
+ Classifier: Environment :: Console
13
+ Classifier: Intended Audience :: Developers
14
+ Classifier: Operating System :: OS Independent
15
+ Classifier: Programming Language :: Python :: 3
16
+ Classifier: Programming Language :: Python :: 3.11
17
+ Classifier: Programming Language :: Python :: 3.12
18
+ Classifier: Topic :: Security
19
+ Classifier: Topic :: Software Development :: Quality Assurance
20
+ Classifier: Typing :: Typed
21
+ Requires-Python: >=3.11
22
+ Requires-Dist: click>=8.1.0
23
+ Requires-Dist: httpx>=0.26.0
24
+ Requires-Dist: javalang>=0.13.0
25
+ Requires-Dist: libcst>=1.1.0
26
+ Requires-Dist: networkx>=3.2
27
+ Requires-Dist: pathspec>=0.12.0
28
+ Requires-Dist: pydantic-settings>=2.1.0
29
+ Requires-Dist: pydantic>=2.5.0
30
+ Requires-Dist: pyyaml>=6.0
31
+ Requires-Dist: rich>=13.7.0
32
+ Requires-Dist: tree-sitter-c-sharp>=0.23
33
+ Requires-Dist: tree-sitter-javascript>=0.23
34
+ Requires-Dist: tree-sitter-typescript>=0.23
35
+ Requires-Dist: tree-sitter>=0.23
36
+ Requires-Dist: typing-extensions>=4.9.0
37
+ Provides-Extra: dev
38
+ Requires-Dist: mypy>=1.8.0; extra == 'dev'
39
+ Requires-Dist: pytest-asyncio>=0.23.0; extra == 'dev'
40
+ Requires-Dist: pytest-cov>=4.1.0; extra == 'dev'
41
+ Requires-Dist: pytest>=7.4.0; extra == 'dev'
42
+ Requires-Dist: ruff>=0.6; extra == 'dev'
43
+ Provides-Extra: semgrep
44
+ Requires-Dist: semgrep>=1.50.0; extra == 'semgrep'
45
+ Description-Content-Type: text/markdown
46
+
47
+ # apisec-code-bolt
48
+
49
+ Static analysis probe for extracting architectural metadata from codebases.
50
+
51
+ ## Overview
52
+
53
+ apisec-code-bolt analyzes source code to extract:
54
+
55
+ - **Routes/Endpoints** — HTTP routes, parameters, request/response types
56
+ - **Data Flows** — How data moves from entry points to sinks
57
+ - **Authentication** — Auth schemes, dependencies, role requirements
58
+ - **Integrations** — External services, databases, APIs
59
+ - **Dependencies** — Package dependencies and versions
60
+
61
+ The output is a structured **manifest** that can be uploaded to the APIsec cloud
62
+ for vulnerability analysis. **Raw source code never leaves your environment.**
63
+
64
+ ## Installation
65
+
66
+ ```bash
67
+ pip install apisec-code-bolt
68
+ ```
69
+
70
+ ## Quick Start
71
+
72
+ ```bash
73
+ # Analyze a project and upload to cloud
74
+ apisec-code-bolt analyze /path/to/project
75
+
76
+ # Analyze and save manifest locally
77
+ apisec-code-bolt analyze . --output manifest.json --no-upload
78
+
79
+ # With framework hints
80
+ apisec-code-bolt analyze . --frameworks fastapi,sqlalchemy
81
+ ```
82
+
83
+ ## Supported Languages & Frameworks
84
+
85
+ ### Currently Supported
86
+
87
+ | Language | Frameworks |
88
+ |----------|-----------|
89
+ | Python | FastAPI |
90
+ | Java | Spring Boot |
91
+
92
+ ### Planned
93
+
94
+ | Language | Frameworks |
95
+ |----------|-----------|
96
+ | Python | Flask, Django |
97
+ | Java | Micronaut, Quarkus |
98
+ | Kotlin | Spring Boot, Ktor |
99
+ | JavaScript/TypeScript | Express, NestJS |
100
+
101
+ ## Configuration
102
+
103
+ Create a `.codebolt.yaml` file in your project root:
104
+
105
+ ```yaml
106
+ analysis:
107
+ file_discovery:
108
+ exclude_patterns:
109
+ - "tests/**"
110
+ - "**/migrations/**"
111
+ max_files: 10000
112
+
113
+ data_flow:
114
+ mode: inter_procedural
115
+ max_depth: 10
116
+
117
+ cloud:
118
+ enabled: true
119
+ api_url: https://api.apisec.ai
120
+
121
+ output:
122
+ format: json
123
+ ```
124
+
125
+ ## Commands
126
+
127
+ ### analyze
128
+
129
+ Analyze a codebase and generate a manifest.
130
+
131
+ ```bash
132
+ apisec-code-bolt analyze [PATH] [OPTIONS]
133
+
134
+ Options:
135
+ -o, --output FILE Save manifest to file
136
+ --no-upload Skip uploading to cloud
137
+ --format [json|yaml] Output format
138
+ --config FILE Path to config file
139
+ --frameworks TEXT Comma-separated framework hints
140
+ --exclude TEXT Glob patterns to exclude
141
+ --max-files INTEGER Maximum files to analyze
142
+ --timeout INTEGER Analysis timeout in seconds
143
+ ```
144
+
145
+ ### auth
146
+
147
+ Authenticate with the APIsec cloud.
148
+
149
+ ```bash
150
+ apisec-code-bolt auth [API_KEY] [OPTIONS]
151
+
152
+ Options:
153
+ --check Check if already authenticated
154
+ --logout Remove stored credentials
155
+ ```
156
+
157
+ ### answer
158
+
159
+ Answer verification queries (for air-gapped environments).
160
+
161
+ ```bash
162
+ apisec-code-bolt answer [OPTIONS]
163
+
164
+ Options:
165
+ -q, --questions FILE Input questions file (required)
166
+ -o, --output FILE Output answers file
167
+ -r, --repo PATH Repository path
168
+ --timeout INTEGER Query timeout in seconds
169
+ ```
170
+
171
+ ## Architecture
172
+
173
+ ```
174
+ apisec-code-bolt/
175
+ ├── cli/ # Command-line interface
176
+ ├── core/ # Types, config, manifest schema
177
+ ├── parsing/ # Language-specific parsers
178
+ │ ├── python/ # LibCST-based Python parser
179
+ │ └── jvm/ # Java/Kotlin via subprocess
180
+ ├── frameworks/ # Framework plugins
181
+ │ ├── python/ # FastAPI, Flask, Django
182
+ │ └── java/ # Spring Boot, Micronaut
183
+ ├── analysis/ # Call graph, data flow
184
+ ├── fingerprinting/ # Integration detection
185
+ ├── query/ # Query API executor
186
+ └── cloud/ # Cloud communication
187
+ ```
188
+
189
+ ## Development
190
+
191
+ ### Setup
192
+
193
+ ```bash
194
+ # Clone and install in development mode
195
+ git clone https://github.com/apisec-inc/apisec-code-bolt.git
196
+ cd apisec-code-bolt
197
+ pip install -e ".[dev]"
198
+ ```
199
+
200
+ ### Running Tests
201
+
202
+ ```bash
203
+ pytest
204
+ ```
205
+
206
+ ### Type Checking
207
+
208
+ ```bash
209
+ mypy src/apisec_code_bolt
210
+ ```
211
+
212
+ ### Linting
213
+
214
+ ```bash
215
+ ruff check src/
216
+ black --check src/
217
+ ```
218
+
219
+ ## Privacy
220
+
221
+ apisec-code-bolt is designed with privacy as a core principle:
222
+
223
+ - **No raw code egress** — Source code never leaves your environment
224
+ - **Metadata only** — The manifest contains structural information, not code
225
+ - **Outbound only** — Only makes outbound HTTPS calls to upload manifests
226
+ - **Air-gapped support** — Can run completely offline with file-based workflow
227
+
228
+ ## License
229
+
230
+ Proprietary. Copyright © APIsec.
@@ -0,0 +1,184 @@
1
+ # apisec-code-bolt
2
+
3
+ Static analysis probe for extracting architectural metadata from codebases.
4
+
5
+ ## Overview
6
+
7
+ apisec-code-bolt analyzes source code to extract:
8
+
9
+ - **Routes/Endpoints** — HTTP routes, parameters, request/response types
10
+ - **Data Flows** — How data moves from entry points to sinks
11
+ - **Authentication** — Auth schemes, dependencies, role requirements
12
+ - **Integrations** — External services, databases, APIs
13
+ - **Dependencies** — Package dependencies and versions
14
+
15
+ The output is a structured **manifest** that can be uploaded to the APIsec cloud
16
+ for vulnerability analysis. **Raw source code never leaves your environment.**
17
+
18
+ ## Installation
19
+
20
+ ```bash
21
+ pip install apisec-code-bolt
22
+ ```
23
+
24
+ ## Quick Start
25
+
26
+ ```bash
27
+ # Analyze a project and upload to cloud
28
+ apisec-code-bolt analyze /path/to/project
29
+
30
+ # Analyze and save manifest locally
31
+ apisec-code-bolt analyze . --output manifest.json --no-upload
32
+
33
+ # With framework hints
34
+ apisec-code-bolt analyze . --frameworks fastapi,sqlalchemy
35
+ ```
36
+
37
+ ## Supported Languages & Frameworks
38
+
39
+ ### Currently Supported
40
+
41
+ | Language | Frameworks |
42
+ |----------|-----------|
43
+ | Python | FastAPI |
44
+ | Java | Spring Boot |
45
+
46
+ ### Planned
47
+
48
+ | Language | Frameworks |
49
+ |----------|-----------|
50
+ | Python | Flask, Django |
51
+ | Java | Micronaut, Quarkus |
52
+ | Kotlin | Spring Boot, Ktor |
53
+ | JavaScript/TypeScript | Express, NestJS |
54
+
55
+ ## Configuration
56
+
57
+ Create a `.codebolt.yaml` file in your project root:
58
+
59
+ ```yaml
60
+ analysis:
61
+ file_discovery:
62
+ exclude_patterns:
63
+ - "tests/**"
64
+ - "**/migrations/**"
65
+ max_files: 10000
66
+
67
+ data_flow:
68
+ mode: inter_procedural
69
+ max_depth: 10
70
+
71
+ cloud:
72
+ enabled: true
73
+ api_url: https://api.apisec.ai
74
+
75
+ output:
76
+ format: json
77
+ ```
78
+
79
+ ## Commands
80
+
81
+ ### analyze
82
+
83
+ Analyze a codebase and generate a manifest.
84
+
85
+ ```bash
86
+ apisec-code-bolt analyze [PATH] [OPTIONS]
87
+
88
+ Options:
89
+ -o, --output FILE Save manifest to file
90
+ --no-upload Skip uploading to cloud
91
+ --format [json|yaml] Output format
92
+ --config FILE Path to config file
93
+ --frameworks TEXT Comma-separated framework hints
94
+ --exclude TEXT Glob patterns to exclude
95
+ --max-files INTEGER Maximum files to analyze
96
+ --timeout INTEGER Analysis timeout in seconds
97
+ ```
98
+
99
+ ### auth
100
+
101
+ Authenticate with the APIsec cloud.
102
+
103
+ ```bash
104
+ apisec-code-bolt auth [API_KEY] [OPTIONS]
105
+
106
+ Options:
107
+ --check Check if already authenticated
108
+ --logout Remove stored credentials
109
+ ```
110
+
111
+ ### answer
112
+
113
+ Answer verification queries (for air-gapped environments).
114
+
115
+ ```bash
116
+ apisec-code-bolt answer [OPTIONS]
117
+
118
+ Options:
119
+ -q, --questions FILE Input questions file (required)
120
+ -o, --output FILE Output answers file
121
+ -r, --repo PATH Repository path
122
+ --timeout INTEGER Query timeout in seconds
123
+ ```
124
+
125
+ ## Architecture
126
+
127
+ ```
128
+ apisec-code-bolt/
129
+ ├── cli/ # Command-line interface
130
+ ├── core/ # Types, config, manifest schema
131
+ ├── parsing/ # Language-specific parsers
132
+ │ ├── python/ # LibCST-based Python parser
133
+ │ └── jvm/ # Java/Kotlin via subprocess
134
+ ├── frameworks/ # Framework plugins
135
+ │ ├── python/ # FastAPI, Flask, Django
136
+ │ └── java/ # Spring Boot, Micronaut
137
+ ├── analysis/ # Call graph, data flow
138
+ ├── fingerprinting/ # Integration detection
139
+ ├── query/ # Query API executor
140
+ └── cloud/ # Cloud communication
141
+ ```
142
+
143
+ ## Development
144
+
145
+ ### Setup
146
+
147
+ ```bash
148
+ # Clone and install in development mode
149
+ git clone https://github.com/apisec-inc/apisec-code-bolt.git
150
+ cd apisec-code-bolt
151
+ pip install -e ".[dev]"
152
+ ```
153
+
154
+ ### Running Tests
155
+
156
+ ```bash
157
+ pytest
158
+ ```
159
+
160
+ ### Type Checking
161
+
162
+ ```bash
163
+ mypy src/apisec_code_bolt
164
+ ```
165
+
166
+ ### Linting
167
+
168
+ ```bash
169
+ ruff check src/
170
+ black --check src/
171
+ ```
172
+
173
+ ## Privacy
174
+
175
+ apisec-code-bolt is designed with privacy as a core principle:
176
+
177
+ - **No raw code egress** — Source code never leaves your environment
178
+ - **Metadata only** — The manifest contains structural information, not code
179
+ - **Outbound only** — Only makes outbound HTTPS calls to upload manifests
180
+ - **Air-gapped support** — Can run completely offline with file-based workflow
181
+
182
+ ## License
183
+
184
+ Proprietary. Copyright © APIsec.
@@ -0,0 +1,150 @@
1
+ [build-system]
2
+ requires = ["hatchling"]
3
+ build-backend = "hatchling.build"
4
+
5
+ [project]
6
+ name = "apisec-code-bolt"
7
+ version = "0.1.0"
8
+ description = "Static analysis probe for extracting architectural metadata from codebases"
9
+ readme = "README.md"
10
+ license = {text = "Proprietary"}
11
+ requires-python = ">=3.11"
12
+ authors = [
13
+ { name = "APIsec", email = "engineering@apisec.ai" }
14
+ ]
15
+ classifiers = [
16
+ "Development Status :: 3 - Alpha",
17
+ "Environment :: Console",
18
+ "Intended Audience :: Developers",
19
+ "Operating System :: OS Independent",
20
+ "Programming Language :: Python :: 3",
21
+ "Programming Language :: Python :: 3.11",
22
+ "Programming Language :: Python :: 3.12",
23
+ "Topic :: Security",
24
+ "Topic :: Software Development :: Quality Assurance",
25
+ "Typing :: Typed",
26
+ ]
27
+ keywords = ["security", "static-analysis", "api", "vulnerability"]
28
+
29
+ dependencies = [
30
+ # Parsing
31
+ "libcst>=1.1.0", # Python CST parsing
32
+
33
+ # JVM parsing
34
+ "javalang>=0.13.0", # Pure-Python Java parser
35
+
36
+ # C# / .NET parsing
37
+ "tree-sitter>=0.23", # Generic tree-sitter bindings
38
+ "tree-sitter-c-sharp>=0.23", # C# grammar for tree-sitter
39
+
40
+ # JavaScript / TypeScript parsing
41
+ "tree-sitter-javascript>=0.23", # JS grammar for tree-sitter
42
+ "tree-sitter-typescript>=0.23", # TypeScript grammar for tree-sitter
43
+
44
+ # Graph operations
45
+ "networkx>=3.2", # Call graph, data flow graphs
46
+
47
+ # Data validation and serialization
48
+ "pydantic>=2.5.0", # Schema validation, settings
49
+ "pydantic-settings>=2.1.0", # Configuration from env
50
+
51
+ # CLI
52
+ "click>=8.1.0", # CLI framework
53
+ "rich>=13.7.0", # Rich terminal output
54
+
55
+ # HTTP client (for cloud communication only)
56
+ "httpx>=0.26.0", # Async HTTP client
57
+
58
+ # File handling
59
+ "pathspec>=0.12.0", # Gitignore pattern matching
60
+ "pyyaml>=6.0", # YAML configuration
61
+
62
+ # Utilities
63
+ "typing-extensions>=4.9.0", # Extended typing support
64
+ ]
65
+
66
+ [project.optional-dependencies]
67
+ dev = [
68
+ "pytest>=7.4.0",
69
+ "pytest-cov>=4.1.0",
70
+ "pytest-asyncio>=0.23.0",
71
+ "mypy>=1.8.0",
72
+ "ruff>=0.6",
73
+ ]
74
+
75
+ semgrep = [
76
+ "semgrep>=1.50.0", # Optional: pattern-based analysis
77
+ ]
78
+
79
+ [project.scripts]
80
+ apisec-code-bolt = "apisec_code_bolt.cli.main:cli"
81
+
82
+ [project.urls]
83
+ Homepage = "https://apisec.ai"
84
+ Documentation = "https://docs.apisec.ai/code-bolt"
85
+ Repository = "https://github.com/apisec-inc/apisec-code-bolt"
86
+
87
+ [tool.hatch.build.targets.wheel]
88
+ packages = ["src/apisec_code_bolt"]
89
+
90
+ [tool.hatch.build.targets.sdist]
91
+ include = [
92
+ "/src",
93
+ "/tests",
94
+ "/README.md",
95
+ ]
96
+
97
+ # Include bundled JVM analyzer JAR
98
+ [tool.hatch.build.targets.wheel.shared-data]
99
+ "src/apisec_code_bolt/parsing/jvm/lib" = "apisec_code_bolt/parsing/jvm/lib"
100
+
101
+ [tool.pytest.ini_options]
102
+ testpaths = ["tests"]
103
+ asyncio_mode = "auto"
104
+ addopts = "-v --tb=short"
105
+
106
+ [tool.mypy]
107
+ python_version = "3.11"
108
+ strict = true
109
+ warn_return_any = true
110
+ warn_unused_configs = true
111
+ disallow_untyped_defs = true
112
+ disallow_incomplete_defs = true
113
+
114
+ [tool.ruff]
115
+ target-version = "py311"
116
+ line-length = 100
117
+ exclude = ["scripts"]
118
+
119
+ [tool.ruff.lint]
120
+ select = [
121
+ "E", # pycodestyle errors
122
+ "W", # pycodestyle warnings
123
+ "F", # pyflakes
124
+ "I", # isort
125
+ "B", # flake8-bugbear
126
+ "C4", # flake8-comprehensions
127
+ "UP", # pyupgrade
128
+ "ARG", # flake8-unused-arguments
129
+ "SIM", # flake8-simplify
130
+ ]
131
+ ignore = [
132
+ "E501", # line too long (handled by black)
133
+ "B008", # function calls in argument defaults
134
+ "F821", # forward-reference string annotations reported as undefined
135
+ "ARG001", # unused function argument — common in interface/plugin stubs
136
+ "ARG002", # unused method argument — common in interface/plugin stubs
137
+ "ARG005", # unused lambda argument
138
+ "SIM102", # use single if — style opinion, not a bug
139
+ "SIM103", # return condition directly — style opinion
140
+ ]
141
+
142
+ [tool.ruff.lint.per-file-ignores]
143
+ "**/__init__.py" = ["F401"] # intentional re-exports
144
+
145
+ [tool.ruff.lint.isort]
146
+ known-first-party = ["apisec_code_bolt"]
147
+
148
+ [tool.ruff.format]
149
+ # Ruff's built-in formatter (black-compatible). Inherits target-version
150
+ # and line-length from [tool.ruff] above, so no duplication needed.
@@ -0,0 +1,42 @@
1
+ """
2
+ apisec-code-bolt: Static analysis probe for extracting architectural metadata.
3
+
4
+ This package provides tools for analyzing codebases to extract architectural
5
+ information (routes, data flows, authentication patterns) without sending
6
+ raw source code outside the customer's environment.
7
+ """
8
+
9
+ __version__ = "0.1.0"
10
+ __author__ = "APIsec"
11
+
12
+ from .core.config import CodeBoltConfig, load_config
13
+ from .core.manifest import Manifest
14
+ from .core.types import (
15
+ AuthSchemeType,
16
+ CodeLocation,
17
+ Confidence,
18
+ Framework,
19
+ HttpMethod,
20
+ Language,
21
+ OriginType,
22
+ QualifiedName,
23
+ )
24
+
25
+ __all__ = [
26
+ # Version
27
+ "__version__",
28
+ # Types
29
+ "Language",
30
+ "Framework",
31
+ "OriginType",
32
+ "AuthSchemeType",
33
+ "HttpMethod",
34
+ "CodeLocation",
35
+ "QualifiedName",
36
+ "Confidence",
37
+ # Config
38
+ "CodeBoltConfig",
39
+ "load_config",
40
+ # Output
41
+ "Manifest",
42
+ ]
@@ -0,0 +1,11 @@
1
+ """
2
+ Entry point for running as a module.
3
+
4
+ Usage:
5
+ python -m apisec_code_bolt [COMMAND] [OPTIONS]
6
+ """
7
+
8
+ from .cli.main import main
9
+
10
+ if __name__ == "__main__":
11
+ main()