entrygraph 0.1.37__tar.gz → 0.1.38__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (198) hide show
  1. {entrygraph-0.1.37 → entrygraph-0.1.38}/PKG-INFO +1 -1
  2. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/_version.py +2 -2
  3. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/detect/entrypoints/php.py +68 -0
  4. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/detect/frameworks.py +5 -1
  5. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_entrypoint_expansion.py +45 -0
  6. {entrygraph-0.1.37 → entrygraph-0.1.38}/.github/workflows/ci.yml +0 -0
  7. {entrygraph-0.1.37 → entrygraph-0.1.38}/.github/workflows/release.yml +0 -0
  8. {entrygraph-0.1.37 → entrygraph-0.1.38}/.gitignore +0 -0
  9. {entrygraph-0.1.37 → entrygraph-0.1.38}/LICENSE +0 -0
  10. {entrygraph-0.1.37 → entrygraph-0.1.38}/README.md +0 -0
  11. {entrygraph-0.1.37 → entrygraph-0.1.38}/RELEASING.md +0 -0
  12. {entrygraph-0.1.37 → entrygraph-0.1.38}/pyproject.toml +0 -0
  13. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/__init__.py +0 -0
  14. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/__main__.py +0 -0
  15. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/api.py +0 -0
  16. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/cli/__init__.py +0 -0
  17. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/cli/main.py +0 -0
  18. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/cli/render.py +0 -0
  19. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/data/sinks/csharp.toml +0 -0
  20. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/data/sinks/go.toml +0 -0
  21. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/data/sinks/java.toml +0 -0
  22. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/data/sinks/javascript.toml +0 -0
  23. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/data/sinks/lib_javascript.toml +0 -0
  24. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/data/sinks/lib_python.toml +0 -0
  25. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/data/sinks/php.toml +0 -0
  26. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/data/sinks/python.toml +0 -0
  27. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/data/sinks/ruby.toml +0 -0
  28. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/data/sinks/rust.toml +0 -0
  29. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/db/__init__.py +0 -0
  30. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/db/engine.py +0 -0
  31. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/db/meta.py +0 -0
  32. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/db/models.py +0 -0
  33. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/db/queries.py +0 -0
  34. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/detect/__init__.py +0 -0
  35. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/detect/entrypoints/__init__.py +0 -0
  36. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/detect/entrypoints/base.py +0 -0
  37. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/detect/entrypoints/configs.py +0 -0
  38. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/detect/entrypoints/csharp.py +0 -0
  39. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/detect/entrypoints/golang.py +0 -0
  40. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/detect/entrypoints/java.py +0 -0
  41. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/detect/entrypoints/javascript.py +0 -0
  42. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/detect/entrypoints/python.py +0 -0
  43. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/detect/entrypoints/ruby.py +0 -0
  44. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/detect/entrypoints/rust.py +0 -0
  45. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/detect/manifests.py +0 -0
  46. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/detect/taint.py +0 -0
  47. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/errors.py +0 -0
  48. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/extract/__init__.py +0 -0
  49. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/extract/base.py +0 -0
  50. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/extract/csharp.py +0 -0
  51. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/extract/golang.py +0 -0
  52. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/extract/ir.py +0 -0
  53. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/extract/java.py +0 -0
  54. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/extract/javascript.py +0 -0
  55. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/extract/php.py +0 -0
  56. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/extract/python.py +0 -0
  57. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/extract/registry.py +0 -0
  58. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/extract/ruby.py +0 -0
  59. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/extract/rust.py +0 -0
  60. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/fs/__init__.py +0 -0
  61. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/fs/hashing.py +0 -0
  62. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/fs/lang.py +0 -0
  63. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/fs/walker.py +0 -0
  64. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/graph/__init__.py +0 -0
  65. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/graph/adjacency.py +0 -0
  66. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/graph/cte.py +0 -0
  67. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/graph/scoring.py +0 -0
  68. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/kinds.py +0 -0
  69. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/parsing/__init__.py +0 -0
  70. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/parsing/parsers.py +0 -0
  71. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/parsing/queries.py +0 -0
  72. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/pipeline/__init__.py +0 -0
  73. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/pipeline/scanner.py +0 -0
  74. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/pipeline/worker.py +0 -0
  75. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/pipeline/writer.py +0 -0
  76. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/py.typed +0 -0
  77. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/queries/csharp/calls.scm +0 -0
  78. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/queries/csharp/definitions.scm +0 -0
  79. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/queries/csharp/imports.scm +0 -0
  80. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/queries/go/calls.scm +0 -0
  81. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/queries/go/definitions.scm +0 -0
  82. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/queries/go/imports.scm +0 -0
  83. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/queries/java/calls.scm +0 -0
  84. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/queries/java/definitions.scm +0 -0
  85. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/queries/java/imports.scm +0 -0
  86. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/queries/javascript/calls.scm +0 -0
  87. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/queries/javascript/definitions.scm +0 -0
  88. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/queries/javascript/imports.scm +0 -0
  89. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/queries/php/calls.scm +0 -0
  90. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/queries/php/definitions.scm +0 -0
  91. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/queries/php/imports.scm +0 -0
  92. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/queries/python/calls.scm +0 -0
  93. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/queries/python/definitions.scm +0 -0
  94. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/queries/python/imports.scm +0 -0
  95. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/queries/ruby/calls.scm +0 -0
  96. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/queries/ruby/definitions.scm +0 -0
  97. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/queries/ruby/imports.scm +0 -0
  98. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/queries/rust/calls.scm +0 -0
  99. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/queries/rust/definitions.scm +0 -0
  100. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/queries/rust/imports.scm +0 -0
  101. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/resolve/__init__.py +0 -0
  102. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/resolve/externals.py +0 -0
  103. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/resolve/hierarchy.py +0 -0
  104. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/resolve/resolver.py +0 -0
  105. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/resolve/symbol_table.py +0 -0
  106. {entrygraph-0.1.37 → entrygraph-0.1.38}/src/entrygraph/results.py +0 -0
  107. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/conftest.py +0 -0
  108. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/csharp/aspnet_app/Controllers/ReportsController.cs +0 -0
  109. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/csharp/aspnet_app/Program.cs +0 -0
  110. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/csharp/aspnet_app/Services/ReportService.cs +0 -0
  111. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/csharp/aspnet_app/app.csproj +0 -0
  112. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/csharp/minimalapi_app/Program.cs +0 -0
  113. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/csharp/minimalapi_app/app.csproj +0 -0
  114. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/go/gin_app/go.mod +0 -0
  115. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/go/gin_app/main.go +0 -0
  116. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/go/gin_app/service.go +0 -0
  117. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/go/nethttp_app/go.mod +0 -0
  118. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/go/nethttp_app/main.go +0 -0
  119. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/java/methodref_app/pom.xml +0 -0
  120. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/java/methodref_app/src/main/java/com/example/App.java +0 -0
  121. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/java/spring_app/pom.xml +0 -0
  122. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/java/spring_app/src/main/java/com/example/Application.java +0 -0
  123. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/java/spring_app/src/main/java/com/example/ReportRunner.java +0 -0
  124. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/java/spring_app/src/main/java/com/example/ReportService.java +0 -0
  125. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/java/spring_app/src/main/java/com/example/UserController.java +0 -0
  126. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/javascript/commonjs_app/server.js +0 -0
  127. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/javascript/express_app/package.json +0 -0
  128. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/javascript/express_app/src/routes.js +0 -0
  129. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/javascript/express_app/src/services.js +0 -0
  130. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/php/laravel_app/app/Http/Controllers/ReportController.php +0 -0
  131. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/php/laravel_app/artisan +0 -0
  132. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/php/laravel_app/composer.json +0 -0
  133. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/php/laravel_app/routes/web.php +0 -0
  134. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/python/chained_sinks/app.py +0 -0
  135. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/python/flask_app/app/__init__.py +0 -0
  136. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/python/flask_app/app/db.py +0 -0
  137. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/python/flask_app/app/routes.py +0 -0
  138. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/python/flask_app/app/services.py +0 -0
  139. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/python/flask_app/cli.py +0 -0
  140. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/python/flask_app/requirements.txt +0 -0
  141. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/python/fuzzy_sink/app.py +0 -0
  142. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/python/heal_fidelity/caller.py +0 -0
  143. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/python/heal_fidelity/worker.py +0 -0
  144. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/python/may_continue/app.py +0 -0
  145. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/python/sanitizer/app.py +0 -0
  146. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/python/taint_source/handler.py +0 -0
  147. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/ruby/sinatra_app/Gemfile +0 -0
  148. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/ruby/sinatra_app/app.rb +0 -0
  149. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/ruby/sinatra_app/services/runner.rb +0 -0
  150. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/rust/axum_app/Cargo.toml +0 -0
  151. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/rust/axum_app/src/handlers.rs +0 -0
  152. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/rust/axum_app/src/main.rs +0 -0
  153. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/rust/axum_callback_app/Cargo.toml +0 -0
  154. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/rust/axum_callback_app/src/main.rs +0 -0
  155. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/rust/scoped_sink_app/Cargo.toml +0 -0
  156. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/fixtures/rust/scoped_sink_app/src/main.rs +0 -0
  157. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_api.py +0 -0
  158. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_cli.py +0 -0
  159. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_commonjs.py +0 -0
  160. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_csharp_callbacks.py +0 -0
  161. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_cte_bounds.py +0 -0
  162. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_engine_pragmas.py +0 -0
  163. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_entrypoints.py +0 -0
  164. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_extract_csharp.py +0 -0
  165. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_extract_go.py +0 -0
  166. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_extract_java.py +0 -0
  167. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_extract_javascript.py +0 -0
  168. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_extract_php.py +0 -0
  169. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_extract_python.py +0 -0
  170. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_extract_ruby.py +0 -0
  171. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_extract_rust.py +0 -0
  172. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_frameworks.py +0 -0
  173. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_fuzzy_sink.py +0 -0
  174. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_go_callbacks.py +0 -0
  175. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_hardening.py +0 -0
  176. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_heal_fidelity.py +0 -0
  177. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_incremental.py +0 -0
  178. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_indexer.py +0 -0
  179. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_java_callbacks.py +0 -0
  180. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_lang.py +0 -0
  181. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_manifests.py +0 -0
  182. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_may_continue.py +0 -0
  183. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_models.py +0 -0
  184. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_pool.py +0 -0
  185. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_reachability.py +0 -0
  186. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_registry_cache.py +0 -0
  187. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_render.py +0 -0
  188. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_resolver.py +0 -0
  189. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_rust_callbacks.py +0 -0
  190. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_rust_scoped_sinks.py +0 -0
  191. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_sanitizer_languages.py +0 -0
  192. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_scoring.py +0 -0
  193. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_sink_catalog.py +0 -0
  194. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_taint.py +0 -0
  195. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_taint_sanitizers.py +0 -0
  196. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_taint_sources.py +0 -0
  197. {entrygraph-0.1.37 → entrygraph-0.1.38}/tests/test_walker.py +0 -0
  198. {entrygraph-0.1.37 → entrygraph-0.1.38}/uv.lock +0 -0
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: entrygraph
3
- Version: 0.1.37
3
+ Version: 0.1.38
4
4
  Summary: Language-agnostic code graph: query symbols, entrypoints, and source-to-sink call paths from a SQLite index
5
5
  Project-URL: Repository, https://github.com/brettbergin/entrygraph
6
6
  Author-email: Brett Bergin <brettberginbc@yahoo.com>
@@ -18,7 +18,7 @@ version_tuple: tuple[int | str, ...]
18
18
  commit_id: str | None
19
19
  __commit_id__: str | None
20
20
 
21
- __version__ = version = '0.1.37'
22
- __version_tuple__ = version_tuple = (0, 1, 37)
21
+ __version__ = version = '0.1.38'
22
+ __version_tuple__ = version_tuple = (0, 1, 38)
23
23
 
24
24
  __commit_id__ = commit_id = None
@@ -24,6 +24,67 @@ _LARAVEL_VERBS = frozenset({"get", "post", "put", "delete", "patch", "any", "mat
24
24
  _LARAVEL_RESOURCE = frozenset({"resource", "apiResource"})
25
25
  _SYMFONY_ROUTE = re.compile(r"#\[\s*Route\s*\(")
26
26
  _WORDPRESS_HOOKS = frozenset({"add_action", "add_filter"})
27
+ # register_rest_route($namespace, $route, ...). Anchor to the first two positional
28
+ # args: arg 1 is the namespace (a literal like 'wp/v2' or a variable such as
29
+ # $this->namespace), arg 2 is the route literal. Requiring arg 2 to be quoted keeps
30
+ # array keys ('methods'/'GET') from being mistaken for the route when arg 1 is a var.
31
+ _WP_REST_NS_ROUTE = re.compile(r"""\(\s*(?:['"]([^'"]+)['"]|[^,'"]+?)\s*,\s*['"]([^'"]+)['"]""")
32
+ # 'methods' => 'GET' / 'GET,POST' or 'methods' => WP_REST_Server::READABLE
33
+ _WP_METHODS_KV = re.compile(
34
+ r"""['"]methods['"]\s*=>\s*(?:['"]([A-Za-z,\s|]+)['"]|WP_REST_Server::(\w+))"""
35
+ )
36
+ _WP_REST_CONST = {
37
+ "READABLE": "GET",
38
+ "CREATABLE": "POST",
39
+ "EDITABLE": "PUT",
40
+ "DELETABLE": "DELETE",
41
+ "ALLMETHODS": "*",
42
+ }
43
+
44
+
45
+ def _wp_rest_methods(arg_preview: str) -> list[str]:
46
+ m = _WP_METHODS_KV.search(arg_preview)
47
+ if not m:
48
+ return ["*"] # WP defaults to all methods when 'methods' is omitted
49
+ if m.group(1): # a 'GET' / 'GET, POST' string
50
+ return [v.strip().upper() for v in re.split(r"[,|]", m.group(1)) if v.strip()]
51
+ return [_WP_REST_CONST.get(m.group(2), "*")] # a WP_REST_Server:: constant
52
+
53
+
54
+ def _wordpress_rest_routes(x: FileExtraction) -> list[EntrypointHint]:
55
+ """WP REST API: register_rest_route($namespace, $route, ['methods' => ...]).
56
+
57
+ Not framework-gated: the function is unambiguously WordPress, and WP is often
58
+ undetected (plugins ship no core files), which otherwise hid the whole REST
59
+ surface (wordpress core: 0/112 routes)."""
60
+ hints = []
61
+ for ref in x.references:
62
+ if (
63
+ ref.kind != "call"
64
+ or ref.receiver_text is not None
65
+ or ref.callee_name != "register_rest_route"
66
+ or not ref.arg_preview
67
+ ):
68
+ continue
69
+ m = _WP_REST_NS_ROUTE.match(ref.arg_preview)
70
+ if m is None: # a dynamic route literal we can't read — skip
71
+ continue
72
+ namespace, route = m.group(1), m.group(2) # namespace None if it's a variable
73
+ parts = [p.strip("/") for p in (namespace, route) if p and p.strip("/")]
74
+ full = "/" + "/".join(parts)
75
+ for method in _wp_rest_methods(ref.arg_preview):
76
+ hints.append(
77
+ EntrypointHint(
78
+ rule_id="php.wordpress.rest",
79
+ kind=EntrypointKind.HTTP_ROUTE,
80
+ handler_qualified_name=None, # callback resolved as a call edge
81
+ route=full,
82
+ http_methods=[method],
83
+ framework="wordpress",
84
+ metadata={"registration": ref.arg_preview},
85
+ )
86
+ )
87
+ return hints
27
88
 
28
89
 
29
90
  def _resource_param(name: str) -> str:
@@ -183,4 +244,11 @@ register(
183
244
  "php.wordpress.hook", "php", "wordpress", EntrypointKind.EVENT_HANDLER, _wordpress_hooks
184
245
  )
185
246
  )
247
+ # framework=None: register_rest_route is unambiguously WP but plugins ship no core
248
+ # files, so WP is often undetected — run it for any PHP file rather than gate it.
249
+ register(
250
+ EntrypointRule(
251
+ "php.wordpress.rest", "php", None, EntrypointKind.HTTP_ROUTE, _wordpress_rest_routes
252
+ )
253
+ )
186
254
  register(EntrypointRule("php.core.script", "php", None, EntrypointKind.MAIN, _script))
@@ -484,7 +484,11 @@ FRAMEWORKS: list[FrameworkSpec] = [
484
484
  "wordpress",
485
485
  "php",
486
486
  (
487
- FrameworkSignal("file_presence", "wp-config.php", 0.7),
487
+ # wp-config.php is git-ignored (only wp-config-sample.php ships), so key
488
+ # off WP core files that are always present in a checkout instead.
489
+ FrameworkSignal("file_presence", "*wp-blog-header.php", 0.7),
490
+ FrameworkSignal("file_presence", "*wp-login.php", 0.5),
491
+ FrameworkSignal("file_presence", "*wp-includes/functions.php", 0.6),
488
492
  FrameworkSignal("symbol_name", "wp_*", 0.2),
489
493
  ),
490
494
  ),
@@ -520,3 +520,48 @@ def test_gorilla_chained_routes_and_methods():
520
520
  got = {(tuple(h.http_methods), h.route) for h in rule.match(_go_ext(refs))}
521
521
  assert (("GET",), "/users") in got # HandleFunc route + chained method
522
522
  assert (("POST", "PUT"), "/reports") in got # Path().Methods().Handler() form
523
+
524
+
525
+ def _php_ref(callee, arg):
526
+ return RawReference(
527
+ kind="call",
528
+ callee_text=callee,
529
+ callee_name=callee,
530
+ receiver_text=None,
531
+ span=SPAN,
532
+ caller_qualified_name=None,
533
+ arg_preview=arg,
534
+ )
535
+
536
+
537
+ def _php_ext(refs, path="wp-includes/rest.php"):
538
+ return FileExtraction(
539
+ path=path,
540
+ language="php",
541
+ module_path="wp.rest",
542
+ parse_ok=True,
543
+ error_count=0,
544
+ symbols=[],
545
+ references=list(refs),
546
+ )
547
+
548
+
549
+ def test_wordpress_register_rest_route():
550
+ from entrygraph.detect.entrypoints import rules_for
551
+
552
+ refs = [
553
+ _php_ref("register_rest_route", "('myplugin/v1', '/authors', array('methods' => 'GET'))"),
554
+ # variable namespace + WP_REST_Server constant method
555
+ _php_ref(
556
+ "register_rest_route",
557
+ "($this->namespace, '/items', array('methods' => WP_REST_Server::CREATABLE))",
558
+ ),
559
+ # both namespace and route dynamic -> not statically resolvable, skipped
560
+ _php_ref("register_rest_route", "($ns, $route, array('methods' => 'DELETE'))"),
561
+ ]
562
+ # framework=None rule runs for any PHP file (WP is often undetected in plugins)
563
+ rule = {r.id: r for r in rules_for("php", set())}["php.wordpress.rest"]
564
+ got = {(tuple(h.http_methods), h.route) for h in rule.match(_php_ext(refs))}
565
+ assert (("GET",), "/myplugin/v1/authors") in got # namespace + route composed
566
+ assert (("POST",), "/items") in got # CREATABLE -> POST; dynamic namespace dropped
567
+ assert not any(h.route in ("", "/methods") for h in rule.match(_php_ext(refs))) # no garbage
File without changes
File without changes
File without changes
File without changes
File without changes
File without changes