entrygraph 0.1.24__tar.gz → 0.1.26__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {entrygraph-0.1.24 → entrygraph-0.1.26}/PKG-INFO +4 -2
- {entrygraph-0.1.24 → entrygraph-0.1.26}/README.md +3 -1
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/_version.py +2 -2
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/cli/main.py +8 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/extract/java.py +30 -1
- entrygraph-0.1.26/tests/fixtures/java/methodref_app/pom.xml +6 -0
- entrygraph-0.1.26/tests/fixtures/java/methodref_app/src/main/java/com/example/App.java +11 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_cli.py +24 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_extract_java.py +26 -0
- entrygraph-0.1.26/tests/test_java_callbacks.py +45 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/.github/workflows/ci.yml +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/.github/workflows/release.yml +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/.gitignore +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/LICENSE +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/RELEASING.md +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/pyproject.toml +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/__init__.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/__main__.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/api.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/cli/__init__.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/cli/render.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/data/sinks/csharp.toml +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/data/sinks/go.toml +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/data/sinks/java.toml +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/data/sinks/javascript.toml +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/data/sinks/lib_javascript.toml +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/data/sinks/lib_python.toml +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/data/sinks/php.toml +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/data/sinks/python.toml +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/data/sinks/ruby.toml +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/data/sinks/rust.toml +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/db/__init__.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/db/engine.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/db/meta.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/db/models.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/db/queries.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/detect/__init__.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/detect/entrypoints/__init__.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/detect/entrypoints/base.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/detect/entrypoints/configs.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/detect/entrypoints/csharp.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/detect/entrypoints/golang.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/detect/entrypoints/java.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/detect/entrypoints/javascript.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/detect/entrypoints/php.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/detect/entrypoints/python.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/detect/entrypoints/ruby.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/detect/entrypoints/rust.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/detect/frameworks.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/detect/manifests.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/detect/taint.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/errors.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/extract/__init__.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/extract/base.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/extract/csharp.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/extract/golang.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/extract/ir.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/extract/javascript.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/extract/php.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/extract/python.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/extract/registry.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/extract/ruby.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/extract/rust.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/fs/__init__.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/fs/hashing.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/fs/lang.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/fs/walker.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/graph/__init__.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/graph/adjacency.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/graph/cte.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/graph/scoring.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/kinds.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/parsing/__init__.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/parsing/parsers.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/parsing/queries.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/pipeline/__init__.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/pipeline/scanner.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/pipeline/worker.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/pipeline/writer.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/py.typed +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/queries/csharp/calls.scm +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/queries/csharp/definitions.scm +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/queries/csharp/imports.scm +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/queries/go/calls.scm +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/queries/go/definitions.scm +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/queries/go/imports.scm +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/queries/java/calls.scm +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/queries/java/definitions.scm +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/queries/java/imports.scm +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/queries/javascript/calls.scm +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/queries/javascript/definitions.scm +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/queries/javascript/imports.scm +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/queries/php/calls.scm +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/queries/php/definitions.scm +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/queries/php/imports.scm +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/queries/python/calls.scm +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/queries/python/definitions.scm +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/queries/python/imports.scm +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/queries/ruby/calls.scm +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/queries/ruby/definitions.scm +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/queries/ruby/imports.scm +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/queries/rust/calls.scm +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/queries/rust/definitions.scm +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/queries/rust/imports.scm +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/resolve/__init__.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/resolve/externals.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/resolve/hierarchy.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/resolve/resolver.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/resolve/symbol_table.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/src/entrygraph/results.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/conftest.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/csharp/aspnet_app/Controllers/ReportsController.cs +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/csharp/aspnet_app/Program.cs +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/csharp/aspnet_app/Services/ReportService.cs +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/csharp/aspnet_app/app.csproj +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/csharp/minimalapi_app/Program.cs +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/csharp/minimalapi_app/app.csproj +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/go/gin_app/go.mod +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/go/gin_app/main.go +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/go/gin_app/service.go +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/go/nethttp_app/go.mod +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/go/nethttp_app/main.go +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/java/spring_app/pom.xml +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/java/spring_app/src/main/java/com/example/Application.java +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/java/spring_app/src/main/java/com/example/ReportRunner.java +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/java/spring_app/src/main/java/com/example/ReportService.java +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/java/spring_app/src/main/java/com/example/UserController.java +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/javascript/commonjs_app/server.js +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/javascript/express_app/package.json +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/javascript/express_app/src/routes.js +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/javascript/express_app/src/services.js +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/php/laravel_app/app/Http/Controllers/ReportController.php +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/php/laravel_app/artisan +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/php/laravel_app/composer.json +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/php/laravel_app/routes/web.php +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/python/chained_sinks/app.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/python/flask_app/app/__init__.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/python/flask_app/app/db.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/python/flask_app/app/routes.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/python/flask_app/app/services.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/python/flask_app/cli.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/python/flask_app/requirements.txt +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/python/fuzzy_sink/app.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/python/heal_fidelity/caller.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/python/heal_fidelity/worker.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/python/may_continue/app.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/python/sanitizer/app.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/python/taint_source/handler.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/ruby/sinatra_app/Gemfile +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/ruby/sinatra_app/app.rb +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/ruby/sinatra_app/services/runner.rb +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/rust/axum_app/Cargo.toml +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/rust/axum_app/src/handlers.rs +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/rust/axum_app/src/main.rs +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/rust/axum_callback_app/Cargo.toml +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/rust/axum_callback_app/src/main.rs +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/rust/scoped_sink_app/Cargo.toml +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/rust/scoped_sink_app/src/main.rs +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_api.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_commonjs.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_csharp_callbacks.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_cte_bounds.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_engine_pragmas.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_entrypoint_expansion.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_entrypoints.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_extract_csharp.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_extract_go.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_extract_javascript.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_extract_php.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_extract_python.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_extract_ruby.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_extract_rust.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_frameworks.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_fuzzy_sink.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_go_callbacks.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_hardening.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_heal_fidelity.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_incremental.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_indexer.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_lang.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_manifests.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_may_continue.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_models.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_pool.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_reachability.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_registry_cache.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_render.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_resolver.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_rust_callbacks.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_rust_scoped_sinks.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_scoring.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_sink_catalog.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_taint.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_taint_sanitizers.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_taint_sources.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/tests/test_walker.py +0 -0
- {entrygraph-0.1.24 → entrygraph-0.1.26}/uv.lock +0 -0
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: entrygraph
|
|
3
|
-
Version: 0.1.
|
|
3
|
+
Version: 0.1.26
|
|
4
4
|
Summary: Language-agnostic code graph: query symbols, entrypoints, and source-to-sink call paths from a SQLite index
|
|
5
5
|
Project-URL: Repository, https://github.com/brettbergin/entrygraph
|
|
6
6
|
Author-email: Brett Bergin <brettberginbc@yahoo.com>
|
|
@@ -202,7 +202,9 @@ entrygraph paths --source '*' --sink-category command_exec
|
|
|
202
202
|
`--source-category http_input` / `env`) — `entrygraph paths --source-category http_input --sink-category sql`. Combine with `--source` to union both.
|
|
203
203
|
- **Precision/recall dial**: by default only high-confidence edges are traversed.
|
|
204
204
|
Widen with `--include-unresolved` (wildcard `py:*.execute` sinks + dynamic
|
|
205
|
-
calls)
|
|
205
|
+
calls), `--include-fuzzy` (speculative class-hierarchy edges), or
|
|
206
|
+
`--include-callbacks` (function/method values passed as arguments — handler
|
|
207
|
+
registrations like `http.HandleFunc("/", handler)` or `this::handle`).
|
|
206
208
|
- **Sanitizers**: a registered sanitizer for the sink's category called on a
|
|
207
209
|
path (e.g. `shlex.quote`) *discounts* its risk score — heuristically, since
|
|
208
210
|
there is no dataflow, so it never zeroes the risk or hides the path.
|
|
@@ -151,7 +151,9 @@ entrygraph paths --source '*' --sink-category command_exec
|
|
|
151
151
|
`--source-category http_input` / `env`) — `entrygraph paths --source-category http_input --sink-category sql`. Combine with `--source` to union both.
|
|
152
152
|
- **Precision/recall dial**: by default only high-confidence edges are traversed.
|
|
153
153
|
Widen with `--include-unresolved` (wildcard `py:*.execute` sinks + dynamic
|
|
154
|
-
calls)
|
|
154
|
+
calls), `--include-fuzzy` (speculative class-hierarchy edges), or
|
|
155
|
+
`--include-callbacks` (function/method values passed as arguments — handler
|
|
156
|
+
registrations like `http.HandleFunc("/", handler)` or `this::handle`).
|
|
155
157
|
- **Sanitizers**: a registered sanitizer for the sink's category called on a
|
|
156
158
|
path (e.g. `shlex.quote`) *discounts* its risk score — heuristically, since
|
|
157
159
|
there is no dataflow, so it never zeroes the risk or hides the path.
|
|
@@ -18,7 +18,7 @@ version_tuple: tuple[int | str, ...]
|
|
|
18
18
|
commit_id: str | None
|
|
19
19
|
__commit_id__: str | None
|
|
20
20
|
|
|
21
|
-
__version__ = version = '0.1.
|
|
22
|
-
__version_tuple__ = version_tuple = (0, 1,
|
|
21
|
+
__version__ = version = '0.1.26'
|
|
22
|
+
__version_tuple__ = version_tuple = (0, 1, 26)
|
|
23
23
|
|
|
24
24
|
__commit_id__ = commit_id = None
|
|
@@ -274,6 +274,7 @@ def cmd_paths(args) -> int:
|
|
|
274
274
|
min_confidence=args.min_confidence,
|
|
275
275
|
include_fuzzy=args.include_fuzzy,
|
|
276
276
|
include_unresolved=args.include_unresolved,
|
|
277
|
+
include_callbacks=args.include_callbacks,
|
|
277
278
|
prune_sanitized=args.prune_sanitized,
|
|
278
279
|
)
|
|
279
280
|
if args.json:
|
|
@@ -411,6 +412,13 @@ def build_parser() -> argparse.ArgumentParser:
|
|
|
411
412
|
action="store_true",
|
|
412
413
|
help="also traverse unresolved wildcard-sink and dynamic-call edges",
|
|
413
414
|
)
|
|
415
|
+
p.add_argument(
|
|
416
|
+
"--include-callbacks",
|
|
417
|
+
dest="include_callbacks",
|
|
418
|
+
action="store_true",
|
|
419
|
+
help="also follow function/method values passed as arguments "
|
|
420
|
+
"(handler registrations, callbacks)",
|
|
421
|
+
)
|
|
414
422
|
p.add_argument(
|
|
415
423
|
"--prune-sanitized",
|
|
416
424
|
dest="prune_sanitized",
|
|
@@ -206,6 +206,7 @@ class JavaExtractor:
|
|
|
206
206
|
receiver = None
|
|
207
207
|
callee_text = callee_name
|
|
208
208
|
args = node.child_by_field_name("arguments")
|
|
209
|
+
caller = self._caller(node, ctx)
|
|
209
210
|
out.references.append(
|
|
210
211
|
RawReference(
|
|
211
212
|
kind="call",
|
|
@@ -213,11 +214,12 @@ class JavaExtractor:
|
|
|
213
214
|
callee_name=callee_name,
|
|
214
215
|
receiver_text=receiver,
|
|
215
216
|
span=span_of(node),
|
|
216
|
-
caller_qualified_name=
|
|
217
|
+
caller_qualified_name=caller,
|
|
217
218
|
arg_count=len(args.named_children) if args is not None else 0,
|
|
218
219
|
arg_preview=truncate(node_text(args)) if args is not None else None,
|
|
219
220
|
)
|
|
220
221
|
)
|
|
222
|
+
self._emit_callbacks(args, caller, out)
|
|
221
223
|
|
|
222
224
|
for node in caps.get("new", []):
|
|
223
225
|
type_node = node.child_by_field_name("type")
|
|
@@ -239,6 +241,33 @@ class JavaExtractor:
|
|
|
239
241
|
)
|
|
240
242
|
)
|
|
241
243
|
|
|
244
|
+
def _emit_callbacks(self, args: Node | None, caller: str | None, out: FileExtraction) -> None:
|
|
245
|
+
"""Method-reference arguments passed to a call — a method value invoked
|
|
246
|
+
later, e.g. ``r.get("/run", this::handle)`` or ``stream.map(App::parse)``.
|
|
247
|
+
The qualifier becomes the receiver (``this`` resolves to the enclosing
|
|
248
|
+
class; a type/instance qualifier resolves by unique method name), so the
|
|
249
|
+
handler gets an inbound edge. Resolution keeps only project methods."""
|
|
250
|
+
if args is None:
|
|
251
|
+
return
|
|
252
|
+
for arg in args.named_children:
|
|
253
|
+
if arg.type != "method_reference":
|
|
254
|
+
continue
|
|
255
|
+
children = arg.named_children
|
|
256
|
+
if len(children) < 2 or children[-1].type != "identifier":
|
|
257
|
+
continue
|
|
258
|
+
receiver = node_text(children[0]) # "this" | "App" | "obj"
|
|
259
|
+
name = node_text(children[-1])
|
|
260
|
+
out.references.append(
|
|
261
|
+
RawReference(
|
|
262
|
+
kind="callback",
|
|
263
|
+
callee_text=f"{receiver}::{name}",
|
|
264
|
+
callee_name=name,
|
|
265
|
+
receiver_text=receiver,
|
|
266
|
+
span=span_of(arg),
|
|
267
|
+
caller_qualified_name=caller,
|
|
268
|
+
)
|
|
269
|
+
)
|
|
270
|
+
|
|
242
271
|
# ---------------- helpers ----------------
|
|
243
272
|
|
|
244
273
|
def _scope_chain(self, node: Node, ctx: FileContext) -> list[str]:
|
|
@@ -80,6 +80,30 @@ def test_paths_by_category(db, capsys):
|
|
|
80
80
|
assert paths and paths[0]["symbols"][-1] == "py:subprocess.run"
|
|
81
81
|
|
|
82
82
|
|
|
83
|
+
NETHTTP_APP = Path(__file__).parent / "fixtures" / "go" / "nethttp_app"
|
|
84
|
+
|
|
85
|
+
|
|
86
|
+
def test_paths_include_callbacks(tmp_path, capsys):
|
|
87
|
+
# a handler passed to http.HandleFunc is severed unless callback edges are
|
|
88
|
+
# traversed; --include-callbacks flips the query from unreachable to reachable.
|
|
89
|
+
db = str(tmp_path / "go.db")
|
|
90
|
+
assert main(["index", str(NETHTTP_APP), "--db", db]) == 0
|
|
91
|
+
args = [
|
|
92
|
+
"paths",
|
|
93
|
+
"--db",
|
|
94
|
+
db,
|
|
95
|
+
"--source",
|
|
96
|
+
"_root.main",
|
|
97
|
+
"--sink-category",
|
|
98
|
+
"command_exec",
|
|
99
|
+
"--include-unresolved",
|
|
100
|
+
]
|
|
101
|
+
assert main(args) == 1 # handler severed -> no path
|
|
102
|
+
capsys.readouterr()
|
|
103
|
+
assert main([*args, "--include-callbacks"]) == 0 # reachable via the callback edge
|
|
104
|
+
assert "_root.handler" in capsys.readouterr().out
|
|
105
|
+
|
|
106
|
+
|
|
83
107
|
def test_callers(db, capsys):
|
|
84
108
|
assert main(["callers", "--db", db, "app.services.run_report"]) == 0
|
|
85
109
|
assert "app.routes.create_report" in capsys.readouterr().out
|
|
@@ -199,6 +199,32 @@ public class C {
|
|
|
199
199
|
assert "ProcessBuilder" in calls
|
|
200
200
|
|
|
201
201
|
|
|
202
|
+
def test_method_reference_argument_is_a_callback():
|
|
203
|
+
# r.get("/run", this::handle) / stream.map(App::parse) pass method values;
|
|
204
|
+
# they must be callbacks so the referenced method is reachable.
|
|
205
|
+
x = extract(
|
|
206
|
+
"""
|
|
207
|
+
package com.example;
|
|
208
|
+
|
|
209
|
+
public class App {
|
|
210
|
+
void setup(Router r) {
|
|
211
|
+
r.get("/run", this::handle);
|
|
212
|
+
r.post("/x", App::parse);
|
|
213
|
+
}
|
|
214
|
+
void handle() {}
|
|
215
|
+
static void parse() {}
|
|
216
|
+
}
|
|
217
|
+
""",
|
|
218
|
+
path="src/main/java/com/example/App.java",
|
|
219
|
+
)
|
|
220
|
+
callbacks = {r.callee_name: r for r in x.references if r.kind == "callback"}
|
|
221
|
+
assert callbacks["handle"].receiver_text == "this"
|
|
222
|
+
assert callbacks["handle"].caller_qualified_name == "com.example.App.setup"
|
|
223
|
+
assert callbacks["parse"].receiver_text == "App"
|
|
224
|
+
# string literal args are not callbacks
|
|
225
|
+
assert "/run" not in callbacks
|
|
226
|
+
|
|
227
|
+
|
|
202
228
|
# ---------------- unit: main detection ----------------
|
|
203
229
|
|
|
204
230
|
|
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
"""End-to-end: Java method-reference callbacks connect handlers to their
|
|
2
|
+
registration site (Phase 4).
|
|
3
|
+
|
|
4
|
+
Regression: the Java extractor emitted no callback references, so a handler passed
|
|
5
|
+
as a method reference (`this::handle`) had no inbound edge and was unreachable.
|
|
6
|
+
"""
|
|
7
|
+
|
|
8
|
+
from __future__ import annotations
|
|
9
|
+
|
|
10
|
+
from pathlib import Path
|
|
11
|
+
|
|
12
|
+
import pytest
|
|
13
|
+
|
|
14
|
+
from entrygraph import CodeGraph
|
|
15
|
+
|
|
16
|
+
METHODREF_APP = Path(__file__).parent / "fixtures" / "java" / "methodref_app"
|
|
17
|
+
|
|
18
|
+
|
|
19
|
+
@pytest.fixture(scope="module")
|
|
20
|
+
def graph(tmp_path_factory) -> CodeGraph:
|
|
21
|
+
db = tmp_path_factory.mktemp("db") / "graph.db"
|
|
22
|
+
g = CodeGraph.index(METHODREF_APP, db=db)
|
|
23
|
+
yield g
|
|
24
|
+
g.close()
|
|
25
|
+
|
|
26
|
+
|
|
27
|
+
def test_callback_edge_created(graph):
|
|
28
|
+
rows = graph.sql(
|
|
29
|
+
"SELECT src.qname AS src, e.dst_qname AS dst FROM edges e "
|
|
30
|
+
"JOIN symbols src ON e.src_symbol_id = src.id WHERE e.kind = 'callback'"
|
|
31
|
+
)
|
|
32
|
+
pairs = {(r["src"], r["dst"]) for r in rows}
|
|
33
|
+
assert ("com.example.App.setup", "com.example.App.handle") in pairs
|
|
34
|
+
|
|
35
|
+
|
|
36
|
+
def test_handler_reachable_only_with_callbacks(graph):
|
|
37
|
+
kw = {
|
|
38
|
+
"source": "com.example.App.setup",
|
|
39
|
+
"sink_category": "command_exec",
|
|
40
|
+
"include_unresolved": True,
|
|
41
|
+
}
|
|
42
|
+
assert graph.paths(**kw) == []
|
|
43
|
+
withcb = graph.paths(**kw, include_callbacks=True)
|
|
44
|
+
assert withcb
|
|
45
|
+
assert "com.example.App.handle" in [s.qname for s in withcb[0].symbols]
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
{entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/csharp/aspnet_app/Services/ReportService.cs
RENAMED
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
{entrygraph-0.1.24 → entrygraph-0.1.26}/tests/fixtures/javascript/express_app/src/services.js
RENAMED
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|