dhscanner-bitcode: Intermediate language for static code analysis

[ gpl, library, sast ] [ Propose Tags ] [ Report a vulnerability ]

The intermediate language / intermediate representation / bitcode (IL / IR / bitcode) is a data structure able to represent code originating from multiple programming languages. Its main purpose is to enable an efficient and uniform static code analysis, as part of the dhscanner framework for CI/CD container security checks. As part of that framework, it targets mostly languages used for cloud native applications: Python, Ruby, Php, Javascript, Typescript, Java, C# and Golang. Typically, a collection of files are first parsed using relevant parsers, then, the resulting collection of abstract syntax trees is sent to code generation, where it is translated into a collection of callables. A callable is a sequence of commands corresponding to either a function, a method or (in languages like python) a script. The design of commands was done with simplicity in mind. The commands resemble an abstract RISC-style assembley, motivated by keeping later-phases analyses as simple as possible.

Downloads

Maintainer's Corner

Package maintainers

For package maintainers and hackage trustees

Candidates

  • No Candidates
Versions [RSS] 0.1.0.0, 0.1.0.1, 0.1.0.2
Dependencies aeson (>=2.2.3 && <2.3), base (>=4.17.2 && <4.18), containers (>=0.6.7 && <0.7), dhscanner-ast (>=0.1.0 && <0.2) [details]
License GPL-3.0-only
Copyright (c) 2024 Oren Ish Shalom
Author OrenGitHub
Maintainer Oren Ish Shalom
Category sast
Home page https://github.com/OrenGitHub/dhscanner
Uploaded by OrenHackage at 2024-08-11T18:06:07Z
Distributions
Downloads 70 total (2 in the last 30 days)
Rating 2.0 (votes: 1) [estimated by Bayesian average]
Your Rating
  • λ
  • λ
  • λ
Status Docs uploaded by user
Build status unknown [no reports yet]