Packages

  • package root
    Definition Classes
    root
  • package io
    Definition Classes
    root
  • package shiftleft
    Definition Classes
    io
  • package semanticcpg

    Domain specific language for querying code property graphs

    Domain specific language for querying code property graphs

    This is the API reference for the CPG query language, a language to mine code for defects and vulnerabilities both interactively on a code analysis shell (REPL), or using non-interactive scripts.

    Queries written in the CPG query language express graph traversals (see https://en.wikipedia.org/wiki/Graph_traversal). Similar to the standard graph traversal language "Gremlin" (see https://en.wikipedia.org/wiki/Gremlin_(programming_language))) these traversals are formulated as sequences of primitive language elements referred to as "steps". You can think of a step as a small program, similar to a unix shell utility, however, instead of processing lines one by one, the step processes nodes of the graph.

    Starting a traversal

    All traversals begin by selecting a set of start nodes, e.g.,

    cpg.method

    will start the traversal at all methods, while

    cpg.local

    will start at all local variables. The complete list of starting points can be found at

    io.shiftleft.codepropertygraph.Cpg

    Lazy evaluation

    Queries are lazily evaluated, e.g., cpg.method creates a traversal which you can add more steps to. You can, for example, evaluate the traversal by converting it to a list:

    cpg.method.toList

    Since toList is such a common operation, we provide the shorthand l, meaning that

    cpg.method.l

    provides the same result as the former query.

    Properties

    Nodes have "properties", key-value pairs where keys are strings and values are primitive data types such as strings, integers, or Booleans. Properties of nodes can be selected based on their key, e.g.,

    cpg.method.name

    traverses to all method names. Nodes can also be filtered based on properties, e.g.,

    cpg.method.name(".*exec.*")

    traverse to all methods where name matches the regular expression ".*exec.*". You can see a complete list of properties by browsing to the API documentation of the corresponding step. For example, you can find the properties of method nodes at io.shiftleft.semanticcpg.language.types.structure.MethodTraversal.

    Side effects

    Useful if you want to mutate something outside the traversal, or simply debug it: This prints all typeDecl names as it traverses the graph and increments i for each one.

    var i = 0
cpg.typeDecl.sideEffect{typeTemplate => println(typeTemplate.name); i = i + 1}.exec

    [advanced] Selecting multiple things from your traversal

    If you are interested in multiple things along the way of your traversal, you label anything using the as modulator, and use select at the end. Note that the compiler automatically derived the correct return type as a tuple of the labelled steps, in this case with two elements.

    cpg.method.as("method").definingTypeDecl.as("classDef").select.toList
// return type: List[(Method, TypeDecl)]

    [advanced] For comprehensions

    You can always start a new traversal from a node, e.g.,

    val someMethod = cpg.method.head
someMethod.start.parameter.toList

    You can use this e.g. in a for comprehension, which is (in this context) essentially an alternative way to select multiple intermediate things. It is more expressive, but more computationally expensive.

    val query = for {
  method <- cpg.method
  param <- method.start.parameter
} yield (method.name, param.name)

query.toList
    Definition Classes
    shiftleft
  • package language

    Language for traversing the code property graph

    Language for traversing the code property graph

    Implicit conversions to specific steps, based on the node at hand. Automatically in scope when using anything in the steps package, e.g. Steps

    Definition Classes
    semanticcpg
  • package bindingextension
    Definition Classes
    language
  • package callgraphextension
    Definition Classes
    language
  • package dotextension
    Definition Classes
    language
  • package nodemethods
    Definition Classes
    language
  • package operatorextension
    Definition Classes
    language
  • package types
    Definition Classes
    language
  • AccessPathHandling
  • DefaultNodeExtensionFinder
  • HasLocation
  • HasStoreMethod
  • ICallResolver
  • LocationCreator
  • NewNodeSteps
  • NewNodeTypeDeco
  • NewTagNodePairTraversal
  • NoResolve
  • NodeExtensionFinder
  • NodeOrdering
  • NodeSteps
  • NodeTypeStarters
  • Show
  • Steps
  • TagTraversal

class NodeTypeStarters extends TraversalSource

Annotations
@TraversalSource()
Linear Supertypes
TraversalSource, AnyRef, Any
Ordering
  1. Alphabetic
  2. By Inheritance
Inherited
  1. NodeTypeStarters
  2. TraversalSource
  3. AnyRef
  4. Any
  1. Hide All
  2. Show All
Visibility
  1. Public
  2. Protected

Instance Constructors

  1. new NodeTypeStarters(cpg: Cpg)

Value Members

  1. final def !=(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  2. final def ##: Int
    Definition Classes
    AnyRef → Any
  3. final def ==(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  4. def all: Traversal[StoredNode]

    Traverse to all nodes.

    Traverse to all nodes.

    Definition Classes
    NodeTypeStarters → TraversalSource
    Annotations
    @Doc()
  5. def annotation: Traversal[Annotation]

    Traverse to all annotations

  6. def argument(code: String): Traversal[Expression]

    Shorthand for cpg.argument.code(code)

  7. def argument: Traversal[Expression]

    Traverse to all arguments passed to methods

    Traverse to all arguments passed to methods

    Annotations
    @Doc()
  8. final def asInstanceOf[T0]: T0
    Definition Classes
    Any
  9. def break: Traversal[ControlStructure]
    Annotations
    @Doc()
  10. def call(name: String): Traversal[Call]

    Shorthand for cpg.call.name(name)

  11. def call: Traversal[Call]

    Traverse to all call sites

    Traverse to all call sites

    Annotations
    @Doc()
  12. def clone(): AnyRef
    Attributes
    protected[lang]
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.CloneNotSupportedException]) @native() @HotSpotIntrinsicCandidate()
  13. def comment(code: String): Traversal[Comment]

    Shorthand for cpg.comment.code(code)

  14. def comment: Traversal[Comment]

    Traverse to all comments in source-based CPGs.

    Traverse to all comments in source-based CPGs.

    Annotations
    @Doc()
  15. def configFile(name: String): Traversal[ConfigFile]

    Shorthand for cpg.configFile.name(name)

  16. def configFile: Traversal[ConfigFile]

    Traverse to all config files

    Traverse to all config files

    Annotations
    @Doc()
  17. def continue: Traversal[ControlStructure]
    Annotations
    @Doc()
  18. def controlStructure: Traversal[ControlStructure]
    Annotations
    @Doc()
  19. def dependency(name: String): Traversal[Dependency]

    Shorthand for cpg.dependency.name(name)

  20. def dependency: Traversal[Dependency]

    Traverse to all dependencies

    Traverse to all dependencies

    Annotations
    @Doc()
  21. def doBlock: Traversal[ControlStructure]
    Annotations
    @Doc()
  22. def elseBlock: Traversal[ControlStructure]
    Annotations
    @Doc()
  23. final def eq(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef
  24. def equals(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef → Any
  25. def file(name: String): Traversal[File]

    Shorthand for cpg.file.name(name)

  26. def file: Traversal[File]

    Traverse to all source files

    Traverse to all source files

    Annotations
    @Doc()
  27. def forBlock: Traversal[ControlStructure]
    Annotations
    @Doc()
  28. final def getClass(): Class[_ <: AnyRef]
    Definition Classes
    AnyRef → Any
    Annotations
    @native() @HotSpotIntrinsicCandidate()
  29. def goto: Traversal[ControlStructure]
    Annotations
    @Doc()
  30. def has(key: String, value: Any): Traversal[Node]
    Definition Classes
    TraversalSource
  31. def has(property: Property[_]): Traversal[Node]
    Definition Classes
    TraversalSource
  32. def hasLabel(label: String): Traversal[Node]
    Definition Classes
    TraversalSource
  33. def hashCode(): Int
    Definition Classes
    AnyRef → Any
    Annotations
    @native() @HotSpotIntrinsicCandidate()
  34. def id[NodeType](id: Long)(implicit arg0: DefaultsToNode[NodeType]): Traversal[NodeType]
    Definition Classes
    TraversalSource
  35. def identifier(name: String): Traversal[Identifier]

    Shorthand for cpg.identifier.name(name)

  36. def identifier: Traversal[Identifier]

    Traverse to all identifiers, e.g., occurrences of local variables or class members in method bodies.

    Traverse to all identifiers, e.g., occurrences of local variables or class members in method bodies.

    Annotations
    @Doc()
  37. def ids[NodeType](ids: Long*)(implicit arg0: DefaultsToNode[NodeType]): Traversal[NodeType]
    Definition Classes
    TraversalSource
  38. def ifBlock: Traversal[ControlStructure]
    Annotations
    @Doc()
  39. final def isInstanceOf[T0]: Boolean
    Definition Classes
    Any
  40. def jumpTarget: Traversal[JumpTarget]

    Traverse to all jump targets

    Traverse to all jump targets

    Annotations
    @Doc()
  41. def label(label: String): Traversal[Node]
    Definition Classes
    TraversalSource
  42. def labelAndProperty(label: String, propertyKey: String, propertyValue: Any): Traversal[Node]
    Definition Classes
    TraversalSource
  43. def labelAndProperty(label: String, property: Property[_]): Traversal[Node]
    Definition Classes
    TraversalSource
  44. def labelTyped[A <: Node](label: String): Traversal[A]
    Definition Classes
    TraversalSource
  45. def literal(code: String): Traversal[Literal]

    Shorthand for cpg.literal.code(code)

  46. def literal: Traversal[Literal]

    Traverse to all literals (constant strings and numbers provided directly in the code).

    Traverse to all literals (constant strings and numbers provided directly in the code).

    Annotations
    @Doc()
  47. def local(name: String): Traversal[Local]

    Shorthand for cpg.local.name

  48. def local: Traversal[Local]

    Traverse to all local variable declarations

    Traverse to all local variable declarations

    Annotations
    @Doc()
  49. def member(name: String): Traversal[Member]

    Shorthand for cpg.member.name(name)

  50. def member: Traversal[Member]

    Traverse to all class members

    Traverse to all class members

    Annotations
    @Doc()
  51. def metaData: Traversal[MetaData]

    Traverse to all meta data entries

    Traverse to all meta data entries

    Annotations
    @Doc()
  52. def method(namePattern: String): Traversal[Method]

    Shorthand for cpg.method.name(name)

    Shorthand for cpg.method.name(name)

    Annotations
    @Doc()
  53. def method: Traversal[Method]

    Traverse to all methods

    Traverse to all methods

    Annotations
    @Doc()
  54. def methodRef(name: String): Traversal[MethodRef]

    Shorthand for cpg.methodRef.filter(_.referencedMethod.name(name))

  55. def methodRef: Traversal[MethodRef]

    Traverse to all method references

    Traverse to all method references

    Annotations
    @Doc()
  56. def methodReturn: Traversal[MethodReturn]

    Traverse to all formal return parameters

    Traverse to all formal return parameters

    Annotations
    @Doc()
  57. def namespace(name: String): Traversal[Namespace]

    Shorthand for cpg.namespace.name(name)

  58. def namespace: Traversal[Namespace]

    Traverse to all namespaces, e.g., packages in Java.

    Traverse to all namespaces, e.g., packages in Java.

    Annotations
    @Doc()
  59. def namespaceBlock(name: String): Traversal[NamespaceBlock]

    Shorthand for cpg.namespaceBlock.name(name)

  60. def namespaceBlock: Traversal[NamespaceBlock]

    Traverse to all namespace blocks, e.g., packages in Java.

  61. final def ne(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef
  62. final def notify(): Unit
    Definition Classes
    AnyRef
    Annotations
    @native() @HotSpotIntrinsicCandidate()
  63. final def notifyAll(): Unit
    Definition Classes
    AnyRef
    Annotations
    @native() @HotSpotIntrinsicCandidate()
  64. def parameter(name: String): Traversal[MethodParameterIn]

    Shorthand for cpg.parameter.name(name)

  65. def parameter: Traversal[MethodParameterIn]

    Traverse to all input parameters

    Traverse to all input parameters

    Annotations
    @Doc()
  66. def ret(code: String): Traversal[Return]

    Shorthand for returns.code(code)

  67. def ret: Traversal[Return]

    Traverse to all return expressions

    Traverse to all return expressions

    Annotations
    @Doc()
  68. def staticImport: Traversal[Import]
    Annotations
    @Doc()
  69. def switchBlock: Traversal[ControlStructure]
    Annotations
    @Doc()
  70. final def synchronized[T0](arg0: => T0): T0
    Definition Classes
    AnyRef
  71. def tag(name: String): Traversal[Tag]
    Annotations
    @Doc()
  72. def tag: Traversal[Tag]

    Traverse to all tags

    Traverse to all tags

    Annotations
    @Doc()
  73. def throws: Traversal[ControlStructure]
    Annotations
    @Doc()
  74. def toString(): String
    Definition Classes
    AnyRef → Any
  75. def tryBlock: Traversal[ControlStructure]
    Annotations
    @Doc()
  76. def typ(name: String): Traversal[Type]

    Shorthand for cpg.typ.name(name)

    Shorthand for cpg.typ.name(name)

    Annotations
    @Doc()
  77. def typ: Traversal[Type]

    Traverse to all types, e.g., Set<String>

    Traverse to all types, e.g., Set<String>

    Annotations
    @Doc()
  78. def typeDecl(name: String): Traversal[TypeDecl]

    Shorthand for cpg.typeDecl.name(name)

  79. def typeDecl: Traversal[TypeDecl]

    Traverse to all declarations, e.g., Set<T>

    Traverse to all declarations, e.g., Set<T>

    Annotations
    @Doc()
  80. def typeRef: Traversal[TypeRef]

    Traverse to all type references

    Traverse to all type references

    Annotations
    @Doc()
  81. final def wait(arg0: Long, arg1: Int): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.InterruptedException])
  82. final def wait(arg0: Long): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.InterruptedException]) @native()
  83. final def wait(): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.InterruptedException])
  84. def whileBlock: Traversal[ControlStructure]
    Annotations
    @Doc()

Deprecated Value Members

  1. def finalize(): Unit
    Attributes
    protected[lang]
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.Throwable]) @Deprecated
    Deprecated

Inherited from TraversalSource

Inherited from AnyRef

Inherited from Any

Ungrouped