Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/shivasurya/code-pathfinder
Code Pathfinder, the open-source alternative to GitHub CodeQL. Built for advanced structural search, derive insights, find vulnerabilities in code.
https://github.com/shivasurya/code-pathfinder
codeql sast search security security-tools structural-search tree-sitter
Last synced: about 1 month ago
JSON representation
Code Pathfinder, the open-source alternative to GitHub CodeQL. Built for advanced structural search, derive insights, find vulnerabilities in code.
- Host: GitHub
- URL: https://github.com/shivasurya/code-pathfinder
- Owner: shivasurya
- License: agpl-3.0
- Created: 2023-11-19T23:24:49.000Z (12 months ago)
- Default Branch: main
- Last Pushed: 2024-10-07T23:59:13.000Z (about 1 month ago)
- Last Synced: 2024-10-08T00:39:17.192Z (about 1 month ago)
- Topics: codeql, sast, search, security, security-tools, structural-search, tree-sitter
- Language: Go
- Homepage: https://codepathfinder.dev/
- Size: 5.92 MB
- Stars: 33
- Watchers: 1
- Forks: 6
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
- Security: SECURITY.md
Awesome Lists containing this project
README
# Code Pathfinder
About
Code Pathfinder, the open-source alternative to GitHub CodeQL. Built for advanced structural search, derive insights, find vulnerabilities in code.
[](https://github.com/shivasurya/code-pathfinder/actions/workflows/build.yml) [](https://goreportcard.com/report/github.com/shivasurya/code-pathfinder/sourcecode-parser)
[](https://github.com/shivasurya/code-pathfinder/blob/main/LICENSE)
[](https://discord.gg/xmPdJC6WPX)
[](https://codecov.io/gh/shivasurya/code-pathfinder)
## Documentation
- [Documentation](https://codepathfinder.dev/)
- [Pathfinder Queries](https://github.com/shivasurya/code-pathfinder/tree/main/pathfinder-rules)
## Installation
### From npm
```bash
$ npm install -g codepathfinder
$ pathfinder --help
```
### Pre-Built Binaries
Download the latest release from [GitHub releases](https://github.com/shivasurya/code-pathfinder/releases) and choose
the binary that matches your operating system.
```shell
$ chmod u+x pathfinder
$ pathfinder --help
```
## Getting Started
Read the [official documentation](https://codepathfinder.dev/), or run `pathfinder --help`.
## Features
- [x] Basic queries (Similar to CodeQL)
- [x] Source Sink Analysis
- [ ] Data Flow Analysis with Control Flow Graph
## Usage
```bash
$ cd sourcecode-parser
$ gradle buildGo (or) npm install -g codepathfinder
$ ./pathfinder query --project --stdin
2024/06/30 21:35:29 Graph built successfully
Path-Finder Query Console:
>FROM method_declaration AS md
WHERE md.getName() == "getPaneChanges"
SELECT md, "query for pane changes layout methods"
Executing query: FROM method_declaration AS md WHERE md.getName() == "getPaneChanges"
┌───┬──────────────────────────────────────────┬─────────────┬────────────────────┬────────────────┬──────────────────────────────────────────────────────────────┐
│ # │ FILE │ LINE NUMBER │ TYPE │ NAME │ CODE SNIPPET │
├───┼──────────────────────────────────────────┼─────────────┼────────────────────┼────────────────┼──────────────────────────────────────────────────────────────┤
│ 1 │ /Users/shiva/src/code-pathfinder/test-sr │ 148 │ method_declaration │ getPaneChanges │ protected void getPaneChanges() throws ClassCastException { │
│ │ c/android/app/src/main/java/com/ivb/udac │ │ │ │ mTwoPane = findViewById(R.id.movie_detail_container) │
│ │ ity/movieListActivity.java │ │ │ │ != null; │
│ │ │ │ │ │ } │
└───┴──────────────────────────────────────────┴─────────────┴────────────────────┴────────────────┴──────────────────────────────────────────────────────────────┘
Path-Finder Query Console:
>:quit
Okay, Bye!
```
## Acknowledgements
Code Pathfinder uses tree-sitter for all language parsers.