{"id":31137793,"url":"https://github.com/xiaomingx/python-tree-sitter-demo","last_synced_at":"2025-09-18T10:01:55.223Z","repository":{"id":315007351,"uuid":"1057703905","full_name":"XiaomingX/python-tree-sitter-demo","owner":"XiaomingX","description":"这个仓库包含我学习和使用Tree-sitter技术的笔记和示例代码。Tree-sitter是一个解析器生成工具和库，能够为源代码构建高效且增量的抽象语法树(AST)，非常适合代码分析、语法高亮、自动补全等场景。","archived":false,"fork":false,"pushed_at":"2025-09-16T05:26:14.000Z","size":13,"stargazers_count":0,"open_issues_count":0,"forks_count":1,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-09-16T07:20:03.560Z","etag":null,"topics":["py-tree-sitter","syntax-parser","tree-sitter"],"latest_commit_sha":null,"homepage":"https://x.com/seclink","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/XiaomingX.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-09-16T05:19:53.000Z","updated_at":"2025-09-16T05:26:17.000Z","dependencies_parsed_at":"2025-09-16T07:20:05.022Z","dependency_job_id":"4482e4bd-3aff-47e3-b0e9-e1c2315a213a","html_url":"https://github.com/XiaomingX/python-tree-sitter-demo","commit_stats":null,"previous_names":["xiaomingx/python-tree-sitter-demo"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/XiaomingX/python-tree-sitter-demo","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/XiaomingX%2Fpython-tree-sitter-demo","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/XiaomingX%2Fpython-tree-sitter-demo/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/XiaomingX%2Fpython-tree-sitter-demo/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/XiaomingX%2Fpython-tree-sitter-demo/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/XiaomingX","download_url":"https://codeload.github.com/XiaomingX/python-tree-sitter-demo/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/XiaomingX%2Fpython-tree-sitter-demo/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":275747509,"owners_count":25521180,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-18T02:00:09.552Z","response_time":77,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["py-tree-sitter","syntax-parser","tree-sitter"],"created_at":"2025-09-18T10:00:39.808Z","updated_at":"2025-09-18T10:01:55.203Z","avatar_url":"https://github.com/XiaomingX.png","language":"Python","readme":"# Tree-sitter 学习笔记与示例代码\n\n这个仓库包含我学习和使用Tree-sitter技术的笔记和示例代码。Tree-sitter是一个解析器生成工具和库，能够为源代码构建高效且增量的抽象语法树(AST)，非常适合代码分析、语法高亮、自动补全等场景。\n\n## 示例代码说明\n\n仓库中包含两个主要的Python示例文件，展示了如何使用Tree-sitter进行代码分析：\n\n### 1. main.py\n基础的代码分析示例，展示了如何：\n- 初始化Tree-sitter解析器\n- 解析Python代码并生成语法树\n- 遍历语法树查找危险函数调用（如`eval`、`exec`、`os.system`等）\n- 定位危险函数在代码中的位置并提取相关代码片段\n\n### 2. taint-x.py\n进阶示例，在基础检测之上增加了污点分析功能：\n- 识别函数参数作为污点源头\n- 追踪污点变量在代码中的传播路径\n- 检测危险函数是否使用了受污染的变量作为参数\n- 更精准地识别潜在的远程代码执行(RCE)漏洞\n\n## 运行方法\n\n1. 安装必要的依赖：\n```bash\npip install tree-sitter tree-sitter-python\n```\n\n2. 运行基础分析示例：\n```bash\npython main.py\n```\n\n3. 运行污点分析示例：\n```bash\npython taint.py\n```\n\n## Tree-sitter 学习资源\n\n- [Tree-sitter 官方文档](https://tree-sitter.github.io/tree-sitter/)\n- [Tree-sitter Python绑定](https://github.com/tree-sitter/py-tree-sitter)\n- [Tree-sitter 语法仓库](https://github.com/tree-sitter)\n- https://github.com/Goldziher/uncomment\n\n## 许可证\n\n本仓库中的代码以MIT许可证开源，详情请见LICENSE文件。\n\n通过这些示例，你可以了解如何利用Tree-sitter强大的语法解析能力，构建自己的代码分析工具、静态分析器或IDE插件等应用。\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fxiaomingx%2Fpython-tree-sitter-demo","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fxiaomingx%2Fpython-tree-sitter-demo","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fxiaomingx%2Fpython-tree-sitter-demo/lists"}