Packages

  • package root
    Definition Classes
    root
  • package io
    Definition Classes
    root
  • package shiftleft
    Definition Classes
    io
  • package queryprimitives

    Domain specific language for querying code property graphs

    Domain specific language for querying code property graphs

    This is the API reference for the CPG query language, a language to mine code for defects and vulnerabilities both interactively on a code analysis shell (REPL), or using non-interactive scripts.

    Queries written in the CPG query language express graph traversals (see https://en.wikipedia.org/wiki/Graph_traversal). Similar to the standard graph traversal language "Gremlin" (see https://en.wikipedia.org/wiki/Gremlin_(programming_language))) these traversals are formulated as sequences of primitive language elements referred to as "steps". You can think of a step as a small program, similar to a unix shell utility, however, instead of processing lines one by one, the step processes nodes of the graph.

    Starting a traversal

    All traversals begin by selecting a set of start nodes, e.g.,

    cpg.method

    will start the traversal at all methods, while

    cpg.local

    will start at all local variables. The complete list of starting points can be found here: io.shiftleft.queryprimitives.steps.starters.Cpg

    Lazy evaluation

    Queries are lazily evaluated, e.g., cpg.method creates a traversal which you can add more steps to. You can, for example, evaluate the traversal by converting it to a list:

    cpg.method.toList

    Since toList is such a common operation, we provide the shorthand l, meaning that

    cpg.method.l

    provides the same result as the former query.

    Properties

    Nodes have "properties", key-value pairs where keys are strings and values are primitive data types such as strings, integers, or Booleans. Properties of nodes can be selected based on their key, e.g.,

    cpg.method.name

    traverses to all method names. Nodes can also be filtered based on properties, e.g.,

    cpg.method.name(".*exec.*")

    traverse to all methods where name matches the regular expression ".*exec.*". You can see a complete list of properties by browsing to the API documentation of the corresponding step. For example, you can find the properties of method nodes at io.shiftleft.queryprimitives.steps.types.structure.Method.

    Side effects

    Useful if you want to mutate something outside the traversal, or simply debug it: This prints all typeDecl names as it traverses the graph and increments i for each one.

    var i = 0
cpg.typeDecl.sideEffect{typeTemplate => println(typeTemplate.name); i = i + 1}.exec

    [advanced] Selecting multiple things from your traversal

    If you are interested in multiple things along the way of your traversal, you label anything using the as modulator, and use select at the end. Note that the compiler automatically derived the correct return type as a tuple of the labelled steps, in this case with two elements.

    cpg.method.as("method").definingTypeDecl.as("classDef").select.toList
// return type: List[(nodes.Method, nodes.TypeDecl)]

    [advanced] For comprehensions

    You can always start a new traversal from a node, e.g.,

    val someMethod = cpg.method.head
someMethod.start.parameter.toList

    You can use this e.g. in a for comprehension, which is (in this context) essentially an alternative way to select multiple intermediate things. It is more expressive, but more computationally expensive.

    val query = for {
  method <- cpg.method
  param <- method.start.parameter
} yield (method.name, param.name)

query.toList
    Definition Classes
    shiftleft
  • package steps

    Steps for traversing the code property graph

    Steps for traversing the code property graph

    All traversal start at io.shiftleft.queryprimitives.starters.Cpg.

    Definition Classes
    queryprimitives
  • package types
    Definition Classes
    steps
  • package structure
    Definition Classes
    types
  • File
  • Local
  • Member
  • Method
  • MethodInst
  • MethodParameter
  • MethodParameterOut
  • MethodReturn
  • Namespace
  • NamespaceBlock
  • Type
  • TypeDecl

class Member[Labels <: HList] extends CpgSteps[codepropertygraph.generated.nodes.Member, Labels] with DeclarationBase[codepropertygraph.generated.nodes.Member, Labels] with CodeAccessors[codepropertygraph.generated.nodes.Member, Labels] with NameAccessors[codepropertygraph.generated.nodes.Member, Labels] with EvalTypeAccessors[codepropertygraph.generated.nodes.Member, Labels]

A member variable of a class/type.

Linear Supertypes
EvalTypeAccessors[codepropertygraph.generated.nodes.Member, Labels], NameAccessors[codepropertygraph.generated.nodes.Member, Labels], CodeAccessors[codepropertygraph.generated.nodes.Member, Labels], StringPropertyAccessors[codepropertygraph.generated.nodes.Member, Labels], DeclarationBase[codepropertygraph.generated.nodes.Member, Labels], CpgSteps[codepropertygraph.generated.nodes.Member, Labels], NodeSteps[codepropertygraph.generated.nodes.Member, Labels], Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels], StepsRoot, AnyRef, Any
Ordering
  1. Alphabetic
  2. By Inheritance
Inherited
  1. Member
  2. EvalTypeAccessors
  3. NameAccessors
  4. CodeAccessors
  5. StringPropertyAccessors
  6. DeclarationBase
  7. CpgSteps
  8. NodeSteps
  9. Steps
  10. StepsRoot
  11. AnyRef
  12. Any
  1. Hide All
  2. Show All
Visibility
  1. Public
  2. All

Instance Constructors

  1. new Member(raw: GremlinScala[Vertex])

Type Members

  1. type EndDomain0 = codepropertygraph.generated.nodes.Member
    Definition Classes
    Steps → StepsRoot
  2. type EndGraph0 = Vertex
    Definition Classes
    Steps → StepsRoot

Value Members

  1. final def !=(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  2. final def ##(): Int
    Definition Classes
    AnyRef → Any
  3. final def ==(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  4. def _toJson(pretty: Boolean): String
    Attributes
    protected
    Definition Classes
    CpgSteps
  5. def aggregate(into: Buffer[codepropertygraph.generated.nodes.Member]): NodeSteps[codepropertygraph.generated.nodes.Member, Labels]
    Definition Classes
    NodeSteps
  6. def and(andTraversals: (Steps[codepropertygraph.generated.nodes.Member, Vertex, HNil]) ⇒ Steps[_, _, _]*): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]
    Definition Classes
    Steps
  7. def as[NewLabels <: HList](stepLabel: StepLabel[codepropertygraph.generated.nodes.Member])(implicit prependDomain: shapeless.ops.hlist.Prepend.Aux[Labels, ::[codepropertygraph.generated.nodes.Member, HNil], NewLabels]): Steps[codepropertygraph.generated.nodes.Member, Vertex, NewLabels]
    Definition Classes
    Steps
  8. def as[NewLabels <: HList](stepLabel: String)(implicit prependDomain: shapeless.ops.hlist.Prepend.Aux[Labels, ::[codepropertygraph.generated.nodes.Member, HNil], NewLabels]): Steps[codepropertygraph.generated.nodes.Member, Vertex, NewLabels]
    Definition Classes
    Steps
  9. final def asInstanceOf[T0]: T0
    Definition Classes
    Any
  10. def clone(): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]
    Definition Classes
    Steps → AnyRef
  11. def code(value: String*): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]
    Definition Classes
    CodeAccessors
  12. def code(value: String): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]
    Definition Classes
    CodeAccessors
  13. def code(): Steps[String, String, Labels]
    Definition Classes
    CodeAccessors
  14. def codeExact(values: String*): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]
    Definition Classes
    CodeAccessors
  15. def codeExact(value: String): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]
    Definition Classes
    CodeAccessors
  16. def codeNot(values: String*): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]
    Definition Classes
    CodeAccessors
  17. def codeNot(value: String): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]
    Definition Classes
    CodeAccessors
  18. val converter: Converter[codepropertygraph.generated.nodes.Member] { type GraphType = gremlin.scala.Vertex }
    Definition Classes
    MemberEvalTypeAccessorsStringPropertyAccessors → Steps
  19. def count(): Long
    Definition Classes
    Steps
  20. def dedup(): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]
    Definition Classes
    Steps
  21. def emit(emitTraversal: (Steps[codepropertygraph.generated.nodes.Member, Vertex, HNil]) ⇒ Steps[_, _, _]): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]
    Definition Classes
    Steps
  22. def emit(): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]
    Definition Classes
    Steps
  23. final def eq(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef
  24. def equals(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  25. def evalType(_values: String*): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]
    Definition Classes
    EvalTypeAccessors
  26. def evalType(_value: String): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]
    Definition Classes
    EvalTypeAccessors
  27. def evalType(): Steps[String, String, Labels]
    Definition Classes
    EvalTypeAccessors
  28. def evalTypeExact(_values: String*): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]
    Definition Classes
    EvalTypeAccessors
  29. def evalTypeExact(_value: String): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]
    Definition Classes
    EvalTypeAccessors
  30. def evalTypeNot(_values: String*): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]
    Definition Classes
    EvalTypeAccessors
  31. def evalTypeNot(_value: String): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]
    Definition Classes
    EvalTypeAccessors
  32. def exec(): Unit
    Definition Classes
    Steps
  33. def file: File[Labels]

    Traverse to source file

    Traverse to source file

    Definition Classes
    CpgSteps
  34. def filter(predicate: (Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]) ⇒ Steps[_, _, _]): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]
    Definition Classes
    Steps
  35. def filterNot(predicate: (Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]) ⇒ Steps[_, _, _]): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]
    Definition Classes
    Steps
  36. def filterOnEnd(predicate: (codepropertygraph.generated.nodes.Member) ⇒ Boolean): NodeSteps[codepropertygraph.generated.nodes.Member, Labels]
    Definition Classes
    NodeSteps
  37. def finalize(): Unit
    Attributes
    protected[java.lang]
    Definition Classes
    AnyRef
    Annotations
    @throws( classOf[java.lang.Throwable] )
  38. def flatMap[NewSteps <: StepsRoot](fun: (codepropertygraph.generated.nodes.Member) ⇒ NewSteps)(implicit constr: Aux[gremlin.scala.dsl.Steps.flatMap.NewSteps.EndDomain0, Labels, gremlin.scala.dsl.Steps.flatMap.NewSteps.EndGraph0, NewSteps], newConverter: Converter[gremlin.scala.dsl.Steps.flatMap.NewSteps.EndDomain0]): NewSteps
    Definition Classes
    Steps
  39. final def getClass(): Class[_]
    Definition Classes
    AnyRef → Any
    Annotations
    @native()
  40. implicit val graph: Graph
    Definition Classes
    CpgSteps
  41. def hashCode(): Int
    Definition Classes
    AnyRef → Any
    Annotations
    @native()
  42. def head(): codepropertygraph.generated.nodes.Member
    Definition Classes
    Steps
  43. def headOption(): Option[codepropertygraph.generated.nodes.Member]
    Definition Classes
    Steps
  44. def id(ids: AnyRef*): NodeSteps[codepropertygraph.generated.nodes.Member, Labels]
    Definition Classes
    NodeSteps
  45. def isDefined: Boolean
    Definition Classes
    Steps
  46. final def isInstanceOf[T0]: Boolean
    Definition Classes
    Any
  47. def isPrivate: Member[Labels]

    Private members

  48. def isProtected: Member[Labels]

    Protected members

  49. def isPublic: Member[Labels]

    Public members

  50. def isStatic: Member[Labels]

    Static members

  51. def iterate(): Unit
    Definition Classes
    Steps
  52. def l: List[codepropertygraph.generated.nodes.Member]
    Definition Classes
    Steps
  53. def map[NewEndDomain, NewEndGraph, NewSteps <: StepsRoot](fun: (codepropertygraph.generated.nodes.Member) ⇒ NewEndDomain)(implicit newConverter: Aux[NewEndDomain, NewEndGraph], constr: Aux[NewEndDomain, Labels, NewEndGraph, NewSteps]): NewSteps
    Definition Classes
    Steps
  54. def name(value: String*): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]

    Traverse to nodes where the name matches at least one of the regular expressions in values

    Traverse to nodes where the name matches at least one of the regular expressions in values

    Definition Classes
    NameAccessors
  55. def name(value: String): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]

    Traverse to nodes where the name matches the regular expression value

    Traverse to nodes where the name matches the regular expression value

    Definition Classes
    NameAccessors
  56. def name(): Steps[String, String, Labels]

    Traverse to name

    Traverse to name

    Definition Classes
    NameAccessors
  57. def nameExact(values: String*): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]

    Traverse to nodes where name matches one of the elements in values exactly.

    Traverse to nodes where name matches one of the elements in values exactly.

    Definition Classes
    NameAccessors
  58. def nameExact(value: String): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]

    Traverse to nodes where name matches value exactly.

    Traverse to nodes where name matches value exactly.

    Definition Classes
    NameAccessors
  59. def nameNot(values: String*): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]

    Traverse to nodes where name does not match any of the regular expressions in values.

    Traverse to nodes where name does not match any of the regular expressions in values.

    Definition Classes
    NameAccessors
  60. def nameNot(value: String): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]

    Traverse to nodes where name does not match the regular expression value.

    Traverse to nodes where name does not match the regular expression value.

    Definition Classes
    NameAccessors
  61. final def ne(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef
  62. final def notify(): Unit
    Definition Classes
    AnyRef
    Annotations
    @native()
  63. final def notifyAll(): Unit
    Definition Classes
    AnyRef
    Annotations
    @native()
  64. def onRaw(fun: (GremlinScala[Vertex]) ⇒ GremlinScala[Vertex]): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]
    Definition Classes
    Steps
  65. def or(orTraversals: (Steps[codepropertygraph.generated.nodes.Member, Vertex, HNil]) ⇒ Steps[_, _, _]*): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]
    Definition Classes
    Steps
  66. def orderBy[A](fun: (codepropertygraph.generated.nodes.Member) ⇒ A): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]
    Definition Classes
    Steps
  67. def p(): Unit
    Definition Classes
    Steps
  68. val raw: GremlinScala[Vertex]
    Definition Classes
    CpgSteps → NodeSteps → Steps → StepsRoot
  69. def ref: Call[Labels]

    Places where

  70. def repeat[NewEndDomain >: codepropertygraph.generated.nodes.Member](repeatTraversal: (Steps[codepropertygraph.generated.nodes.Member, Vertex, HNil]) ⇒ Steps[NewEndDomain, Vertex, _])(implicit newConverter: Aux[NewEndDomain, Vertex]): Steps[NewEndDomain, Vertex, Labels]
    Definition Classes
    Steps
  71. def s(): Stream[codepropertygraph.generated.nodes.Member]
    Definition Classes
    Steps
  72. def select[StepLabelsTuple <: Product, StepLabels <: HList, H0, T0 <: HList, SelectedTypes <: HList, SelectedTypesTuple <: Product, SelectedGraphTypesTuple <: Product, LabelNames <: HList, Z](stepLabelsTuple: StepLabelsTuple)(implicit toHList: Aux[StepLabelsTuple, StepLabels], hasOne: Aux[StepLabels, H0, T0], hasTwo: IsHCons[T0], extractLabelType: Aux[StepLabels, SelectedTypes], tupler: shapeless.ops.hlist.Tupler.Aux[SelectedTypes, SelectedTypesTuple], conv: Aux[SelectedTypesTuple, SelectedGraphTypesTuple], stepLabelToString: Aux[GetLabelName.type, StepLabels, LabelNames], trav: Aux[LabelNames, List, String], folder: Aux[StepLabels, (HNil, Map[String, Any]), combineLabelWithValue.type, (SelectedTypes, Z)]): Steps[SelectedTypesTuple, SelectedGraphTypesTuple, Labels]
    Definition Classes
    Steps
  73. def select[Label, LabelGraph](label: StepLabel[Label])(implicit conv1: Aux[Label, LabelGraph]): Steps[Label, LabelGraph, Labels]
    Definition Classes
    Steps
  74. def select[LabelsGraph <: HList, LabelsGraphTuple, LabelsTuple]()(implicit conv1: Aux[Labels, LabelsGraph], tupler1: shapeless.ops.hlist.Tupler.Aux[LabelsGraph, LabelsGraphTuple], tupler2: shapeless.ops.hlist.Tupler.Aux[Labels, LabelsTuple], conv2: Aux[LabelsTuple, LabelsGraphTuple]): Steps[LabelsTuple, LabelsGraphTuple, Labels]
    Definition Classes
    Steps
  75. def sideEffect(fun: (codepropertygraph.generated.nodes.Member) ⇒ Any): NodeSteps[codepropertygraph.generated.nodes.Member, Labels]
    Definition Classes
    NodeSteps
  76. def stringProperty(property: Key[String]): Steps[String, String, Labels]
    Attributes
    protected
    Definition Classes
    StringPropertyAccessors
  77. def stringPropertyFilter(property: Key[String], value: String): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]
    Attributes
    protected
    Definition Classes
    StringPropertyAccessors
  78. def stringPropertyFilterExact[Out](property: Key[String], _value: String): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]
    Attributes
    protected
    Definition Classes
    StringPropertyAccessors
  79. def stringPropertyFilterExactMultiple[Out](property: Key[String], values: String*): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]
    Attributes
    protected
    Definition Classes
    StringPropertyAccessors
  80. def stringPropertyFilterMultiple(property: Key[String], values: String*): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]
    Attributes
    protected
    Definition Classes
    StringPropertyAccessors
  81. def stringPropertyFilterNot[Out](property: Key[String], value: String): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]
    Attributes
    protected
    Definition Classes
    StringPropertyAccessors
  82. def stringPropertyFilterNotMultiple[Out](property: Key[String], values: String*): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]
    Attributes
    protected
    Definition Classes
    StringPropertyAccessors
  83. final def synchronized[T0](arg0: ⇒ T0): T0
    Definition Classes
    AnyRef
  84. def times(maxLoops: Int): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]
    Definition Classes
    Steps
  85. def toBuffer(): Buffer[codepropertygraph.generated.nodes.Member]
    Definition Classes
    Steps
  86. def toJson: String

    Execute traversal and convert the result to json.

    Execute traversal and convert the result to json.

    Definition Classes
    CpgSteps
  87. def toJsonPretty: String
    Definition Classes
    CpgSteps
  88. def toList(): List[codepropertygraph.generated.nodes.Member]
    Definition Classes
    Steps
  89. def toMaps(): Steps[Map[String, AnyRef], Map[String, AnyRef], Labels]
    Definition Classes
    CpgSteps
  90. def toSet(): Set[codepropertygraph.generated.nodes.Member]
    Definition Classes
    Steps
  91. def toStream(): Stream[codepropertygraph.generated.nodes.Member]
    Definition Classes
    Steps
  92. def toString(): String
    Definition Classes
    Steps → AnyRef → Any
  93. def typeDecl: TypeDecl[Labels]

    The type declaration this member is defined in

  94. def until(untilTraversal: (Steps[codepropertygraph.generated.nodes.Member, Vertex, HNil]) ⇒ Steps[_, _, _]): Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]
    Definition Classes
    Steps
  95. final def wait(): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )
  96. final def wait(arg0: Long, arg1: Int): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )
  97. final def wait(arg0: Long): Unit
    Definition Classes
    AnyRef
    Annotations
    @native() @throws( ... )
  98. def walkIn(edgeType: String): GremlinScala[Vertex]
    Definition Classes
    NodeSteps

Inherited from EvalTypeAccessors[codepropertygraph.generated.nodes.Member, Labels]

Inherited from NameAccessors[codepropertygraph.generated.nodes.Member, Labels]

Inherited from CodeAccessors[codepropertygraph.generated.nodes.Member, Labels]

Inherited from StringPropertyAccessors[codepropertygraph.generated.nodes.Member, Labels]

Inherited from DeclarationBase[codepropertygraph.generated.nodes.Member, Labels]

Inherited from CpgSteps[codepropertygraph.generated.nodes.Member, Labels]

Inherited from NodeSteps[codepropertygraph.generated.nodes.Member, Labels]

Inherited from Steps[codepropertygraph.generated.nodes.Member, Vertex, Labels]

Inherited from StepsRoot

Inherited from AnyRef

Inherited from Any

Ungrouped