codepathfinder v0.0.31

Code Pathfinder

About Code Pathfinder, the open-source alternative to GitHub CodeQL. Built for advanced structural search, derive insights, find vulnerabilities in code.

:tv: Demo

docker run --rm -v "./src:/src" shivasurya/code-pathfinder:stable-latest pathfinder ci --project /src/code-pathfinder/test-src --ruleset cpf/java

:book: Documentation

• Documentation
• Pathfinder Queries

:floppy_disk: Installation

:whale: Using Docker

$ docker pull shivasurya/code-pathfinder:stable-latest

From npm

$ npm install -g codepathfinder
$ pathfinder --help

Pre-Built Binaries

Download the latest release from GitHub releases and choose the binary that matches your operating system.

$ chmod u+x pathfinder
$ pathfinder --help

Getting Started

Read the official documentation, or run pathfinder --help.

Features

• Basic queries (Similar to CodeQL)
• Source Sink Analysis
• Data Flow Analysis with Control Flow Graph

Usage

$ cd sourcecode-parser

$ gradle buildGo (or) npm install -g codepathfinder

$ ./pathfinder query --project <path_to_project> --stdin
2024/06/30 21:35:29 Graph built successfully
Path-Finder Query Console: 
>FROM method_declaration AS md 
 WHERE md.getName() == "getPaneChanges"
 SELECT md, "query for pane changes layout methods"
Executing query: FROM method_declaration AS md WHERE md.getName() == "getPaneChanges"

┌───┬──────────────────────────────────────────┬─────────────┬────────────────────┬────────────────┬──────────────────────────────────────────────────────────────┐
│ # │ FILE                                     │ LINE NUMBER │ TYPE               │ NAME           │ CODE SNIPPET                                                 │
├───┼──────────────────────────────────────────┼─────────────┼────────────────────┼────────────────┼──────────────────────────────────────────────────────────────┤
│ 1 │ /Users/shiva/src/code-pathfinder/test-sr │         148 │ method_declaration │ getPaneChanges │ protected void getPaneChanges() throws ClassCastException {  │
│   │ c/android/app/src/main/java/com/ivb/udac │             │                    │                │         mTwoPane = findViewById(R.id.movie_detail_container) │
│   │ ity/movieListActivity.java               │             │                    │                │  != null;                                                    │
│   │                                          │             │                    │                │     }                                                        │
└───┴──────────────────────────────────────────┴─────────────┴────────────────────┴────────────────┴──────────────────────────────────────────────────────────────┘
Path-Finder Query Console: 
>:quit
Okay, Bye!

Acknowledgements

Code Pathfinder uses tree-sitter for all language parsers.