entrygraph 0.1.26__tar.gz → 0.1.27__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (198) hide show
  1. {entrygraph-0.1.26 → entrygraph-0.1.27}/PKG-INFO +1 -1
  2. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/_version.py +2 -2
  3. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/data/sinks/csharp.toml +23 -0
  4. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/data/sinks/go.toml +30 -0
  5. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/data/sinks/java.toml +23 -0
  6. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/data/sinks/php.toml +44 -0
  7. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/data/sinks/ruby.toml +30 -0
  8. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/data/sinks/rust.toml +16 -0
  9. entrygraph-0.1.27/tests/test_sanitizer_languages.py +56 -0
  10. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_taint.py +25 -0
  11. {entrygraph-0.1.26 → entrygraph-0.1.27}/.github/workflows/ci.yml +0 -0
  12. {entrygraph-0.1.26 → entrygraph-0.1.27}/.github/workflows/release.yml +0 -0
  13. {entrygraph-0.1.26 → entrygraph-0.1.27}/.gitignore +0 -0
  14. {entrygraph-0.1.26 → entrygraph-0.1.27}/LICENSE +0 -0
  15. {entrygraph-0.1.26 → entrygraph-0.1.27}/README.md +0 -0
  16. {entrygraph-0.1.26 → entrygraph-0.1.27}/RELEASING.md +0 -0
  17. {entrygraph-0.1.26 → entrygraph-0.1.27}/pyproject.toml +0 -0
  18. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/__init__.py +0 -0
  19. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/__main__.py +0 -0
  20. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/api.py +0 -0
  21. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/cli/__init__.py +0 -0
  22. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/cli/main.py +0 -0
  23. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/cli/render.py +0 -0
  24. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/data/sinks/javascript.toml +0 -0
  25. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/data/sinks/lib_javascript.toml +0 -0
  26. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/data/sinks/lib_python.toml +0 -0
  27. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/data/sinks/python.toml +0 -0
  28. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/db/__init__.py +0 -0
  29. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/db/engine.py +0 -0
  30. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/db/meta.py +0 -0
  31. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/db/models.py +0 -0
  32. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/db/queries.py +0 -0
  33. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/detect/__init__.py +0 -0
  34. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/detect/entrypoints/__init__.py +0 -0
  35. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/detect/entrypoints/base.py +0 -0
  36. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/detect/entrypoints/configs.py +0 -0
  37. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/detect/entrypoints/csharp.py +0 -0
  38. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/detect/entrypoints/golang.py +0 -0
  39. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/detect/entrypoints/java.py +0 -0
  40. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/detect/entrypoints/javascript.py +0 -0
  41. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/detect/entrypoints/php.py +0 -0
  42. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/detect/entrypoints/python.py +0 -0
  43. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/detect/entrypoints/ruby.py +0 -0
  44. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/detect/entrypoints/rust.py +0 -0
  45. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/detect/frameworks.py +0 -0
  46. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/detect/manifests.py +0 -0
  47. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/detect/taint.py +0 -0
  48. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/errors.py +0 -0
  49. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/extract/__init__.py +0 -0
  50. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/extract/base.py +0 -0
  51. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/extract/csharp.py +0 -0
  52. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/extract/golang.py +0 -0
  53. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/extract/ir.py +0 -0
  54. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/extract/java.py +0 -0
  55. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/extract/javascript.py +0 -0
  56. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/extract/php.py +0 -0
  57. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/extract/python.py +0 -0
  58. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/extract/registry.py +0 -0
  59. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/extract/ruby.py +0 -0
  60. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/extract/rust.py +0 -0
  61. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/fs/__init__.py +0 -0
  62. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/fs/hashing.py +0 -0
  63. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/fs/lang.py +0 -0
  64. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/fs/walker.py +0 -0
  65. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/graph/__init__.py +0 -0
  66. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/graph/adjacency.py +0 -0
  67. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/graph/cte.py +0 -0
  68. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/graph/scoring.py +0 -0
  69. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/kinds.py +0 -0
  70. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/parsing/__init__.py +0 -0
  71. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/parsing/parsers.py +0 -0
  72. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/parsing/queries.py +0 -0
  73. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/pipeline/__init__.py +0 -0
  74. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/pipeline/scanner.py +0 -0
  75. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/pipeline/worker.py +0 -0
  76. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/pipeline/writer.py +0 -0
  77. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/py.typed +0 -0
  78. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/queries/csharp/calls.scm +0 -0
  79. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/queries/csharp/definitions.scm +0 -0
  80. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/queries/csharp/imports.scm +0 -0
  81. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/queries/go/calls.scm +0 -0
  82. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/queries/go/definitions.scm +0 -0
  83. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/queries/go/imports.scm +0 -0
  84. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/queries/java/calls.scm +0 -0
  85. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/queries/java/definitions.scm +0 -0
  86. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/queries/java/imports.scm +0 -0
  87. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/queries/javascript/calls.scm +0 -0
  88. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/queries/javascript/definitions.scm +0 -0
  89. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/queries/javascript/imports.scm +0 -0
  90. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/queries/php/calls.scm +0 -0
  91. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/queries/php/definitions.scm +0 -0
  92. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/queries/php/imports.scm +0 -0
  93. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/queries/python/calls.scm +0 -0
  94. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/queries/python/definitions.scm +0 -0
  95. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/queries/python/imports.scm +0 -0
  96. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/queries/ruby/calls.scm +0 -0
  97. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/queries/ruby/definitions.scm +0 -0
  98. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/queries/ruby/imports.scm +0 -0
  99. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/queries/rust/calls.scm +0 -0
  100. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/queries/rust/definitions.scm +0 -0
  101. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/queries/rust/imports.scm +0 -0
  102. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/resolve/__init__.py +0 -0
  103. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/resolve/externals.py +0 -0
  104. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/resolve/hierarchy.py +0 -0
  105. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/resolve/resolver.py +0 -0
  106. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/resolve/symbol_table.py +0 -0
  107. {entrygraph-0.1.26 → entrygraph-0.1.27}/src/entrygraph/results.py +0 -0
  108. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/conftest.py +0 -0
  109. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/csharp/aspnet_app/Controllers/ReportsController.cs +0 -0
  110. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/csharp/aspnet_app/Program.cs +0 -0
  111. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/csharp/aspnet_app/Services/ReportService.cs +0 -0
  112. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/csharp/aspnet_app/app.csproj +0 -0
  113. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/csharp/minimalapi_app/Program.cs +0 -0
  114. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/csharp/minimalapi_app/app.csproj +0 -0
  115. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/go/gin_app/go.mod +0 -0
  116. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/go/gin_app/main.go +0 -0
  117. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/go/gin_app/service.go +0 -0
  118. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/go/nethttp_app/go.mod +0 -0
  119. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/go/nethttp_app/main.go +0 -0
  120. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/java/methodref_app/pom.xml +0 -0
  121. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/java/methodref_app/src/main/java/com/example/App.java +0 -0
  122. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/java/spring_app/pom.xml +0 -0
  123. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/java/spring_app/src/main/java/com/example/Application.java +0 -0
  124. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/java/spring_app/src/main/java/com/example/ReportRunner.java +0 -0
  125. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/java/spring_app/src/main/java/com/example/ReportService.java +0 -0
  126. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/java/spring_app/src/main/java/com/example/UserController.java +0 -0
  127. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/javascript/commonjs_app/server.js +0 -0
  128. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/javascript/express_app/package.json +0 -0
  129. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/javascript/express_app/src/routes.js +0 -0
  130. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/javascript/express_app/src/services.js +0 -0
  131. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/php/laravel_app/app/Http/Controllers/ReportController.php +0 -0
  132. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/php/laravel_app/artisan +0 -0
  133. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/php/laravel_app/composer.json +0 -0
  134. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/php/laravel_app/routes/web.php +0 -0
  135. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/python/chained_sinks/app.py +0 -0
  136. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/python/flask_app/app/__init__.py +0 -0
  137. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/python/flask_app/app/db.py +0 -0
  138. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/python/flask_app/app/routes.py +0 -0
  139. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/python/flask_app/app/services.py +0 -0
  140. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/python/flask_app/cli.py +0 -0
  141. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/python/flask_app/requirements.txt +0 -0
  142. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/python/fuzzy_sink/app.py +0 -0
  143. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/python/heal_fidelity/caller.py +0 -0
  144. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/python/heal_fidelity/worker.py +0 -0
  145. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/python/may_continue/app.py +0 -0
  146. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/python/sanitizer/app.py +0 -0
  147. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/python/taint_source/handler.py +0 -0
  148. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/ruby/sinatra_app/Gemfile +0 -0
  149. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/ruby/sinatra_app/app.rb +0 -0
  150. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/ruby/sinatra_app/services/runner.rb +0 -0
  151. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/rust/axum_app/Cargo.toml +0 -0
  152. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/rust/axum_app/src/handlers.rs +0 -0
  153. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/rust/axum_app/src/main.rs +0 -0
  154. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/rust/axum_callback_app/Cargo.toml +0 -0
  155. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/rust/axum_callback_app/src/main.rs +0 -0
  156. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/rust/scoped_sink_app/Cargo.toml +0 -0
  157. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/fixtures/rust/scoped_sink_app/src/main.rs +0 -0
  158. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_api.py +0 -0
  159. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_cli.py +0 -0
  160. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_commonjs.py +0 -0
  161. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_csharp_callbacks.py +0 -0
  162. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_cte_bounds.py +0 -0
  163. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_engine_pragmas.py +0 -0
  164. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_entrypoint_expansion.py +0 -0
  165. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_entrypoints.py +0 -0
  166. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_extract_csharp.py +0 -0
  167. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_extract_go.py +0 -0
  168. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_extract_java.py +0 -0
  169. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_extract_javascript.py +0 -0
  170. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_extract_php.py +0 -0
  171. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_extract_python.py +0 -0
  172. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_extract_ruby.py +0 -0
  173. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_extract_rust.py +0 -0
  174. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_frameworks.py +0 -0
  175. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_fuzzy_sink.py +0 -0
  176. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_go_callbacks.py +0 -0
  177. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_hardening.py +0 -0
  178. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_heal_fidelity.py +0 -0
  179. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_incremental.py +0 -0
  180. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_indexer.py +0 -0
  181. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_java_callbacks.py +0 -0
  182. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_lang.py +0 -0
  183. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_manifests.py +0 -0
  184. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_may_continue.py +0 -0
  185. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_models.py +0 -0
  186. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_pool.py +0 -0
  187. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_reachability.py +0 -0
  188. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_registry_cache.py +0 -0
  189. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_render.py +0 -0
  190. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_resolver.py +0 -0
  191. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_rust_callbacks.py +0 -0
  192. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_rust_scoped_sinks.py +0 -0
  193. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_scoring.py +0 -0
  194. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_sink_catalog.py +0 -0
  195. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_taint_sanitizers.py +0 -0
  196. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_taint_sources.py +0 -0
  197. {entrygraph-0.1.26 → entrygraph-0.1.27}/tests/test_walker.py +0 -0
  198. {entrygraph-0.1.26 → entrygraph-0.1.27}/uv.lock +0 -0
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: entrygraph
3
- Version: 0.1.26
3
+ Version: 0.1.27
4
4
  Summary: Language-agnostic code graph: query symbols, entrypoints, and source-to-sink call paths from a SQLite index
5
5
  Project-URL: Repository, https://github.com/brettbergin/entrygraph
6
6
  Author-email: Brett Bergin <brettberginbc@yahoo.com>
@@ -18,7 +18,7 @@ version_tuple: tuple[int | str, ...]
18
18
  commit_id: str | None
19
19
  __commit_id__: str | None
20
20
 
21
- __version__ = version = '0.1.26'
22
- __version_tuple__ = version_tuple = (0, 1, 26)
21
+ __version__ = version = '0.1.27'
22
+ __version_tuple__ = version_tuple = (0, 1, 27)
23
23
 
24
24
  __commit_id__ = commit_id = None
@@ -104,3 +104,26 @@ id = "csharp.env"
104
104
  category = "env_input"
105
105
  callee = "cs:Environment.GetEnvironmentVariable"
106
106
  description = "Environment variable input"
107
+
108
+ # ---------------- sanitizers ----------------
109
+
110
+ [[sanitizer]]
111
+ id = "cs.sanitize.path-getfilename"
112
+ category = "path_traversal"
113
+ callee = "cs:*.{GetFileName,GetFullPath}"
114
+ effect = "reduces"
115
+ description = "Path.GetFileName / GetFullPath normalization"
116
+
117
+ [[sanitizer]]
118
+ id = "cs.sanitize.uri-escape"
119
+ category = "ssrf"
120
+ callee = "cs:*.{EscapeDataString,EscapeUriString}"
121
+ effect = "reduces"
122
+ description = "Uri.EscapeDataString URL encoding"
123
+
124
+ [[sanitizer]]
125
+ id = "cs.sanitize.sql-parameter"
126
+ category = "sql"
127
+ callee = "cs:*.{AddWithValue}"
128
+ effect = "reduces"
129
+ description = "Parameterized query value binding (SqlParameter)"
@@ -85,3 +85,33 @@ id = "go.env"
85
85
  category = "env_input"
86
86
  callee = "go:os.Getenv"
87
87
  description = "Environment variable input"
88
+
89
+ # ---------------- sanitizers ----------------
90
+
91
+ [[sanitizer]]
92
+ id = "go.sanitize.filepath-clean"
93
+ category = "path_traversal"
94
+ callee = "go:{path/filepath.Clean,path.Clean,path/filepath.Base,path.Base}"
95
+ effect = "reduces"
96
+ description = "Path normalization / basename"
97
+
98
+ [[sanitizer]]
99
+ id = "go.sanitize.html-escape"
100
+ category = "template_injection"
101
+ callee = "go:{html.EscapeString,template.HTMLEscapeString}"
102
+ effect = "reduces"
103
+ description = "HTML escaping"
104
+
105
+ [[sanitizer]]
106
+ id = "go.sanitize.url-escape"
107
+ category = "ssrf"
108
+ callee = "go:{url.QueryEscape,url.PathEscape}"
109
+ effect = "reduces"
110
+ description = "URL component escaping"
111
+
112
+ [[sanitizer]]
113
+ id = "go.sanitize.strconv-sql"
114
+ category = "sql"
115
+ callee = "go:{strconv.Atoi,strconv.ParseInt,strconv.ParseUint,strconv.ParseFloat}"
116
+ effect = "neutralizes"
117
+ description = "Numeric parse — a parsed number cannot carry SQL injection"
@@ -90,3 +90,26 @@ id = "java.env"
90
90
  category = "env_input"
91
91
  callee = "java:System.getenv"
92
92
  description = "Environment variable input"
93
+
94
+ # ---------------- sanitizers ----------------
95
+
96
+ [[sanitizer]]
97
+ id = "java.sanitize.html-encode"
98
+ category = "template_injection"
99
+ callee = "java:*.{forHtml,forHtmlContent,forJavaScript,escapeHtml4,escapeHtml,escapeXml11,htmlEscape}"
100
+ effect = "reduces"
101
+ description = "OWASP Encoder / commons-text / Spring HTML escaping"
102
+
103
+ [[sanitizer]]
104
+ id = "java.sanitize.path-normalize"
105
+ category = "path_traversal"
106
+ callee = "java:*.{getFileName,normalize,getName}"
107
+ effect = "reduces"
108
+ description = "Path normalization / filename extraction (Path.getFileName, FilenameUtils.getName)"
109
+
110
+ [[sanitizer]]
111
+ id = "java.sanitize.url-encode"
112
+ category = "ssrf"
113
+ callee = "java:*.{urlEncode,encode}"
114
+ effect = "reduces"
115
+ description = "URL encoding (URLEncoder.encode)"
@@ -123,3 +123,47 @@ id = "php.laravel.request"
123
123
  category = "http_input"
124
124
  callee = "php:*.{input,query,post,cookie,header}"
125
125
  description = "Laravel request accessors"
126
+
127
+ # ---------------- sanitizers ----------------
128
+
129
+ [[sanitizer]]
130
+ id = "php.sanitize.escapeshell"
131
+ category = "command_exec"
132
+ callee = "php:{escapeshellarg,escapeshellcmd}"
133
+ effect = "neutralizes"
134
+ description = "Shell argument/command escaping"
135
+
136
+ [[sanitizer]]
137
+ id = "php.sanitize.htmlspecialchars"
138
+ category = "template_injection"
139
+ callee = "php:{htmlspecialchars,htmlentities,strip_tags}"
140
+ effect = "reduces"
141
+ description = "HTML escaping"
142
+
143
+ [[sanitizer]]
144
+ id = "php.sanitize.sql-escape"
145
+ category = "sql"
146
+ callee = "php:{mysqli_real_escape_string,pg_escape_string,pg_escape_literal}"
147
+ effect = "reduces"
148
+ description = "SQL string escaping"
149
+
150
+ [[sanitizer]]
151
+ id = "php.sanitize.sql-quote"
152
+ category = "sql"
153
+ callee = "php:*.{quote,real_escape_string}"
154
+ effect = "reduces"
155
+ description = "PDO::quote / mysqli::real_escape_string"
156
+
157
+ [[sanitizer]]
158
+ id = "php.sanitize.intval"
159
+ category = "sql"
160
+ callee = "php:{intval,floatval}"
161
+ effect = "neutralizes"
162
+ description = "Numeric cast — a parsed number cannot carry SQL injection"
163
+
164
+ [[sanitizer]]
165
+ id = "php.sanitize.basename"
166
+ category = "path_traversal"
167
+ callee = "php:{basename,realpath}"
168
+ effect = "reduces"
169
+ description = "Basename / realpath resolution"
@@ -100,3 +100,33 @@ category = "env_input"
100
100
  callee = "rb:*.{fetch}"
101
101
  require_arg_hint = "ENV"
102
102
  description = "Environment variable input"
103
+
104
+ # ---------------- sanitizers ----------------
105
+
106
+ [[sanitizer]]
107
+ id = "rb.sanitize.shellwords"
108
+ category = "command_exec"
109
+ callee = "rb:*.{shellescape}"
110
+ effect = "neutralizes"
111
+ description = "Shell argument quoting (Shellwords.escape / String#shellescape)"
112
+
113
+ [[sanitizer]]
114
+ id = "rb.sanitize.html-escape"
115
+ category = "template_injection"
116
+ callee = "rb:{CGI.escapeHTML,ERB.Util.html_escape,ERB.Util.h,Rack.Utils.escape_html}"
117
+ effect = "reduces"
118
+ description = "HTML escaping"
119
+
120
+ [[sanitizer]]
121
+ id = "rb.sanitize.sql"
122
+ category = "sql"
123
+ callee = "rb:*.{sanitize_sql,sanitize_sql_array,sanitize_sql_for_conditions,quote}"
124
+ effect = "reduces"
125
+ description = "ActiveRecord SQL sanitization"
126
+
127
+ [[sanitizer]]
128
+ id = "rb.sanitize.basename"
129
+ category = "path_traversal"
130
+ callee = "rb:{File.basename}"
131
+ effect = "reduces"
132
+ description = "Basename extraction"
@@ -66,3 +66,19 @@ id = "rust.stdin"
66
66
  category = "stdin_input"
67
67
  callee = "rs:{std.io.stdin,io.stdin}"
68
68
  description = "Standard input"
69
+
70
+ # ---------------- sanitizers ----------------
71
+
72
+ [[sanitizer]]
73
+ id = "rs.sanitize.shell-escape"
74
+ category = "command_exec"
75
+ callee = "rs:{shell_escape.escape,shell_escape.unix.escape,shlex.quote,shlex.try_quote}"
76
+ effect = "neutralizes"
77
+ description = "Shell argument quoting (shell-escape / shlex crates)"
78
+
79
+ [[sanitizer]]
80
+ id = "rs.sanitize.path-filename"
81
+ category = "path_traversal"
82
+ callee = "rs:*.{file_name,canonicalize}"
83
+ effect = "reduces"
84
+ description = "Path::file_name / canonicalize"
@@ -0,0 +1,56 @@
1
+ """End-to-end sanitizer detection across the newly-covered languages (Phase 5).
2
+
3
+ Regression: Go, Java, Ruby, C#, PHP, and Rust shipped zero sanitizers. A sibling
4
+ sanitizer call for the sink's category now discounts the path's risk (matched via
5
+ out-edges, per the query-time sanitizer machinery).
6
+ """
7
+
8
+ from __future__ import annotations
9
+
10
+ import pytest
11
+
12
+ from entrygraph import CodeGraph
13
+
14
+ # (language, filename, source code, path source qname, sink category, expected sanitizer id)
15
+ CASES = [
16
+ (
17
+ "go",
18
+ "main.go",
19
+ 'package main\nimport ("os"; "path/filepath")\n'
20
+ "func h(p string) { filepath.Clean(p); os.ReadFile(p) }\n",
21
+ "_root.h",
22
+ "path_traversal",
23
+ "go.sanitize.filepath-clean",
24
+ ),
25
+ (
26
+ "php",
27
+ "i.php",
28
+ "<?php\nfunction h($c) { escapeshellarg($c); system($c); }\n",
29
+ "i.h",
30
+ "command_exec",
31
+ "php.sanitize.escapeshell",
32
+ ),
33
+ (
34
+ "ruby",
35
+ "a.rb",
36
+ "def h(c)\n c.shellescape\n system(c)\nend\n",
37
+ "a.h",
38
+ "command_exec",
39
+ "rb.sanitize.shellwords",
40
+ ),
41
+ ]
42
+
43
+
44
+ @pytest.mark.parametrize("lang,fname,code,source,category,sanitizer", CASES)
45
+ def test_sibling_sanitizer_discounts_risk(tmp_path, lang, fname, code, source, category, sanitizer):
46
+ (tmp_path / fname).write_text(code)
47
+ g = CodeGraph.index(tmp_path, db=tmp_path / "g.db")
48
+ try:
49
+ paths = g.paths(source=source, sink_category=category, include_unresolved=True)
50
+ assert paths, f"{lang}: expected a {category} path from {source}"
51
+ path = paths[0]
52
+ assert sanitizer in {sid for e in path.edges for sid in e.sanitized_by}
53
+ # a detected sanitizer discounts risk without zeroing it
54
+ assert 0.0 < path.risk_score < 0.5
55
+ finally:
56
+ g.close()
@@ -79,6 +79,31 @@ def test_sanitizer_matching_and_category_lookup():
79
79
  assert reg.sanitizers_for_category("command_exec")[0].id == "san"
80
80
 
81
81
 
82
+ def test_builtin_sanitizers_cover_all_languages():
83
+ # every supported language now ships sanitizers, matched against the exact
84
+ # canonical callee form its resolver produces.
85
+ reg = builtin_registry()
86
+ cases = [
87
+ ("go:path/filepath.Clean", "go.sanitize.filepath-clean"),
88
+ ("go:strconv.Atoi", "go.sanitize.strconv-sql"),
89
+ ("java:*.forHtml", "java.sanitize.html-encode"),
90
+ ("java:*.getFileName", "java.sanitize.path-normalize"),
91
+ ("rb:*.shellescape", "rb.sanitize.shellwords"),
92
+ ("rb:File.basename", "rb.sanitize.basename"),
93
+ ("cs:System.IO.Path.GetFileName", "cs.sanitize.path-getfilename"),
94
+ ("cs:*.AddWithValue", "cs.sanitize.sql-parameter"),
95
+ ("php:escapeshellarg", "php.sanitize.escapeshell"),
96
+ ("php:htmlspecialchars", "php.sanitize.htmlspecialchars"),
97
+ ("rs:shell_escape.escape", "rs.sanitize.shell-escape"),
98
+ ("rs:*.file_name", "rs.sanitize.path-filename"),
99
+ ]
100
+ for callee, sid in cases:
101
+ assert sid in {s.id for s in reg.match_sanitizers(callee)}, callee
102
+ # all eight languages represented
103
+ langs = {sid.split(".")[0] for sid in reg.sanitizers}
104
+ assert langs == {"py", "js", "go", "java", "rb", "cs", "php", "rs"}
105
+
106
+
82
107
  def test_match_source_and_source_category():
83
108
  reg = SinkRegistry(
84
109
  sinks=[],
File without changes
File without changes
File without changes
File without changes
File without changes
File without changes