Packages

  • package root
    Definition Classes
    root
  • package io
    Definition Classes
    root
  • package shiftleft
    Definition Classes
    io
  • package queryprimitives

    Domain specific language for querying code property graphs

    Domain specific language for querying code property graphs

    This is the API reference for the CPG query language, a language to mine code for defects and vulnerabilities both interactively on a code analysis shell (REPL), or using non-interactive scripts.

    Queries written in the CPG query language express graph traversals (see https://en.wikipedia.org/wiki/Graph_traversal). Similar to the standard graph traversal language "Gremlin" (see https://en.wikipedia.org/wiki/Gremlin_(programming_language))) these traversals are formulated as sequences of primitive language elements referred to as "steps". You can think of a step as a small program, similar to a unix shell utility, however, instead of processing lines one by one, the step processes nodes of the graph.

    Starting a traversal

    All traversals begin by selecting a set of start nodes, e.g.,

    cpg.method

    will start the traversal at all methods, while

    cpg.local

    will start at all local variables. The complete list of starting points can be found here: io.shiftleft.queryprimitives.steps.starters.Cpg

    Lazy evaluation

    Queries are lazily evaluated, e.g., cpg.method creates a traversal which you can add more steps to. You can, for example, evaluate the traversal by converting it to a list:

    cpg.method.toList

    Since toList is such a common operation, we provide the shorthand l, meaning that

    cpg.method.l

    provides the same result as the former query.

    Properties

    Nodes have "properties", key-value pairs where keys are strings and values are primitive data types such as strings, integers, or Booleans. Properties of nodes can be selected based on their key, e.g.,

    cpg.method.name

    traverses to all method names. Nodes can also be filtered based on properties, e.g.,

    cpg.method.name(".*exec.*")

    traverse to all methods where name matches the regular expression ".*exec.*". You can see a complete list of properties by browsing to the API documentation of the corresponding step. For example, you can find the properties of method nodes at io.shiftleft.queryprimitives.steps.types.structure.Method.

    Side effects

    Useful if you want to mutate something outside the traversal, or simply debug it: This prints all typeDecl names as it traverses the graph and increments i for each one.

    var i = 0
cpg.typeDecl.sideEffect{typeTemplate => println(typeTemplate.name); i = i + 1}.exec

    [advanced] Selecting multiple things from your traversal

    If you are interested in multiple things along the way of your traversal, you label anything using the as modulator, and use select at the end. Note that the compiler automatically derived the correct return type as a tuple of the labelled steps, in this case with two elements.

    cpg.method.as("method").definingTypeDecl.as("classDef").select.toList
// return type: List[(nodes.Method, nodes.TypeDecl)]

    [advanced] For comprehensions

    You can always start a new traversal from a node, e.g.,

    val someMethod = cpg.method.head
someMethod.start.parameter.toList

    You can use this e.g. in a for comprehension, which is (in this context) essentially an alternative way to select multiple intermediate things. It is more expressive, but more computationally expensive.

    val query = for {
  method <- cpg.method
  param <- method.start.parameter
} yield (method.name, param.name)

query.toList
    Definition Classes
    shiftleft
  • package steps

    Steps for traversing the code property graph

    Steps for traversing the code property graph

    All traversal start at io.shiftleft.queryprimitives.starters.Cpg.

    Definition Classes
    queryprimitives
  • package types
    Definition Classes
    steps
  • package structure
    Definition Classes
    types
  • File
  • Local
  • Member
  • Method
  • MethodInst
  • MethodParameter
  • MethodParameterOut
  • MethodReturn
  • Namespace
  • NamespaceBlock
  • Type
  • TypeDecl

class Type[Labels <: HList] extends CpgSteps[codepropertygraph.generated.nodes.Type, Labels] with NameAccessors[codepropertygraph.generated.nodes.Type, Labels] with FullNameAccessors[codepropertygraph.generated.nodes.Type, Labels]

Linear Supertypes
FullNameAccessors[codepropertygraph.generated.nodes.Type, Labels], NameAccessors[codepropertygraph.generated.nodes.Type, Labels], StringPropertyAccessors[codepropertygraph.generated.nodes.Type, Labels], CpgSteps[codepropertygraph.generated.nodes.Type, Labels], NodeSteps[codepropertygraph.generated.nodes.Type, Labels], Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels], StepsRoot, AnyRef, Any
Ordering
  1. Alphabetic
  2. By Inheritance
Inherited
  1. Type
  2. FullNameAccessors
  3. NameAccessors
  4. StringPropertyAccessors
  5. CpgSteps
  6. NodeSteps
  7. Steps
  8. StepsRoot
  9. AnyRef
  10. Any
  1. Hide All
  2. Show All
Visibility
  1. Public
  2. All

Instance Constructors

  1. new Type(raw: GremlinScala[Vertex])

Type Members

  1. type EndDomain0 = codepropertygraph.generated.nodes.Type
    Definition Classes
    Steps → StepsRoot
  2. type EndGraph0 = Vertex
    Definition Classes
    Steps → StepsRoot

Value Members

  1. final def !=(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  2. final def ##(): Int
    Definition Classes
    AnyRef → Any
  3. final def ==(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  4. def _toJson(pretty: Boolean): String
    Attributes
    protected
    Definition Classes
    CpgSteps
  5. def aggregate(into: Buffer[codepropertygraph.generated.nodes.Type]): NodeSteps[codepropertygraph.generated.nodes.Type, Labels]
    Definition Classes
    NodeSteps
  6. def and(andTraversals: (Steps[codepropertygraph.generated.nodes.Type, Vertex, HNil]) ⇒ Steps[_, _, _]*): Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]
    Definition Classes
    Steps
  7. def as[NewLabels <: HList](stepLabel: StepLabel[codepropertygraph.generated.nodes.Type])(implicit prependDomain: shapeless.ops.hlist.Prepend.Aux[Labels, ::[codepropertygraph.generated.nodes.Type, HNil], NewLabels]): Steps[codepropertygraph.generated.nodes.Type, Vertex, NewLabels]
    Definition Classes
    Steps
  8. def as[NewLabels <: HList](stepLabel: String)(implicit prependDomain: shapeless.ops.hlist.Prepend.Aux[Labels, ::[codepropertygraph.generated.nodes.Type, HNil], NewLabels]): Steps[codepropertygraph.generated.nodes.Type, Vertex, NewLabels]
    Definition Classes
    Steps
  9. final def asInstanceOf[T0]: T0
    Definition Classes
    Any
  10. def baseType: Type[Labels]

    Direct base types of the corresponding type declarationi in the inheritance graph.

  11. def baseTypeTransitive: Type[Labels]

    Direct and transitive base types of the corresponding type declarationi.

  12. def clone(): Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]
    Definition Classes
    Steps → AnyRef
  13. val converter: Converter[codepropertygraph.generated.nodes.Type] { type GraphType = gremlin.scala.Vertex }
    Definition Classes
    TypeStringPropertyAccessors → Steps
  14. def count(): Long
    Definition Classes
    Steps
  15. def dedup(): Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]
    Definition Classes
    Steps
  16. def derivedType: Type[Labels]

    Direct derived types.

  17. def derivedTypeDecl: TypeDecl[Labels]

    Type declarations which derive from this type.

  18. def derivedTypeTransitive: Type[Labels]

    Direct and transitive derived types.

  19. def emit(emitTraversal: (Steps[codepropertygraph.generated.nodes.Type, Vertex, HNil]) ⇒ Steps[_, _, _]): Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]
    Definition Classes
    Steps
  20. def emit(): Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]
    Definition Classes
    Steps
  21. final def eq(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef
  22. def equals(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  23. def exec(): Unit
    Definition Classes
    Steps
  24. def expressionOfType: Expression[Labels]
  25. def external: Type[Labels]

    Filter for types whos corresponding type declaration is not in the analyzed jar.

  26. def file: File[Labels]

    Traverse to source file

    Traverse to source file

    Definition Classes
    CpgSteps
  27. def filter(predicate: (Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]) ⇒ Steps[_, _, _]): Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]
    Definition Classes
    Steps
  28. def filterNot(predicate: (Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]) ⇒ Steps[_, _, _]): Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]
    Definition Classes
    Steps
  29. def filterOnEnd(predicate: (codepropertygraph.generated.nodes.Type) ⇒ Boolean): NodeSteps[codepropertygraph.generated.nodes.Type, Labels]
    Definition Classes
    NodeSteps
  30. def finalize(): Unit
    Attributes
    protected[java.lang]
    Definition Classes
    AnyRef
    Annotations
    @throws( classOf[java.lang.Throwable] )
  31. def flatMap[NewSteps <: StepsRoot](fun: (codepropertygraph.generated.nodes.Type) ⇒ NewSteps)(implicit constr: Aux[gremlin.scala.dsl.Steps.flatMap.NewSteps.EndDomain0, Labels, gremlin.scala.dsl.Steps.flatMap.NewSteps.EndGraph0, NewSteps], newConverter: Converter[gremlin.scala.dsl.Steps.flatMap.NewSteps.EndDomain0]): NewSteps
    Definition Classes
    Steps
  32. def fullName(value: String*): Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]
    Definition Classes
    FullNameAccessors
  33. def fullName(value: String): Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]
    Definition Classes
    FullNameAccessors
  34. def fullName(): Steps[String, String, Labels]
    Definition Classes
    FullNameAccessors
  35. def fullNameExact(values: String*): Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]
    Definition Classes
    FullNameAccessors
  36. def fullNameExact(value: String): Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]
    Definition Classes
    FullNameAccessors
  37. def fullNameNot(values: String*): Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]
    Definition Classes
    FullNameAccessors
  38. def fullNameNot(value: String): Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]
    Definition Classes
    FullNameAccessors
  39. final def getClass(): Class[_]
    Definition Classes
    AnyRef → Any
    Annotations
    @native()
  40. implicit val graph: Graph
    Definition Classes
    CpgSteps
  41. def hashCode(): Int
    Definition Classes
    AnyRef → Any
    Annotations
    @native()
  42. def head(): codepropertygraph.generated.nodes.Type
    Definition Classes
    Steps
  43. def headOption(): Option[codepropertygraph.generated.nodes.Type]
    Definition Classes
    Steps
  44. def id(ids: AnyRef*): NodeSteps[codepropertygraph.generated.nodes.Type, Labels]
    Definition Classes
    NodeSteps
  45. def internal: Type[Labels]

    Filter for types whos corresponding type declaration is in the analyzed jar.

  46. def isDefined: Boolean
    Definition Classes
    Steps
  47. final def isInstanceOf[T0]: Boolean
    Definition Classes
    Any
  48. def iterate(): Unit
    Definition Classes
    Steps
  49. def l: List[codepropertygraph.generated.nodes.Type]
    Definition Classes
    Steps
  50. def localsOfType: Local[Labels]
  51. def map[NewEndDomain, NewEndGraph, NewSteps <: StepsRoot](fun: (codepropertygraph.generated.nodes.Type) ⇒ NewEndDomain)(implicit newConverter: Aux[NewEndDomain, NewEndGraph], constr: Aux[NewEndDomain, Labels, NewEndGraph, NewSteps]): NewSteps
    Definition Classes
    Steps
  52. def member: Member[Labels]

    Member variables of the corresponding type declaration.

  53. def method: Method[Labels]

    Methods defined on the corresponding type declaration.

  54. def name(value: String*): Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]

    Traverse to nodes where the name matches at least one of the regular expressions in values

    Traverse to nodes where the name matches at least one of the regular expressions in values

    Definition Classes
    NameAccessors
  55. def name(value: String): Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]

    Traverse to nodes where the name matches the regular expression value

    Traverse to nodes where the name matches the regular expression value

    Definition Classes
    NameAccessors
  56. def name(): Steps[String, String, Labels]

    Traverse to name

    Traverse to name

    Definition Classes
    NameAccessors
  57. def nameExact(values: String*): Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]

    Traverse to nodes where name matches one of the elements in values exactly.

    Traverse to nodes where name matches one of the elements in values exactly.

    Definition Classes
    NameAccessors
  58. def nameExact(value: String): Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]

    Traverse to nodes where name matches value exactly.

    Traverse to nodes where name matches value exactly.

    Definition Classes
    NameAccessors
  59. def nameNot(values: String*): Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]

    Traverse to nodes where name does not match any of the regular expressions in values.

    Traverse to nodes where name does not match any of the regular expressions in values.

    Definition Classes
    NameAccessors
  60. def nameNot(value: String): Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]

    Traverse to nodes where name does not match the regular expression value.

    Traverse to nodes where name does not match the regular expression value.

    Definition Classes
    NameAccessors
  61. def namespace: Namespace[Labels]

    Namespaces in which the corresponding type declaration is defined.

  62. final def ne(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef
  63. final def notify(): Unit
    Definition Classes
    AnyRef
    Annotations
    @native()
  64. final def notifyAll(): Unit
    Definition Classes
    AnyRef
    Annotations
    @native()
  65. def onRaw(fun: (GremlinScala[Vertex]) ⇒ GremlinScala[Vertex]): Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]
    Definition Classes
    Steps
  66. def or(orTraversals: (Steps[codepropertygraph.generated.nodes.Type, Vertex, HNil]) ⇒ Steps[_, _, _]*): Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]
    Definition Classes
    Steps
  67. def orderBy[A](fun: (codepropertygraph.generated.nodes.Type) ⇒ A): Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]
    Definition Classes
    Steps
  68. def p(): Unit
    Definition Classes
    Steps
  69. val raw: GremlinScala[Vertex]
    Definition Classes
    CpgSteps → NodeSteps → Steps → StepsRoot
  70. def referencedTypeDecl: TypeDecl[Labels]

    Type declaration which is referenced by this type.

  71. def repeat[NewEndDomain >: codepropertygraph.generated.nodes.Type](repeatTraversal: (Steps[codepropertygraph.generated.nodes.Type, Vertex, HNil]) ⇒ Steps[NewEndDomain, Vertex, _])(implicit newConverter: Aux[NewEndDomain, Vertex]): Steps[NewEndDomain, Vertex, Labels]
    Definition Classes
    Steps
  72. def s(): Stream[codepropertygraph.generated.nodes.Type]
    Definition Classes
    Steps
  73. def select[StepLabelsTuple <: Product, StepLabels <: HList, H0, T0 <: HList, SelectedTypes <: HList, SelectedTypesTuple <: Product, SelectedGraphTypesTuple <: Product, LabelNames <: HList, Z](stepLabelsTuple: StepLabelsTuple)(implicit toHList: Aux[StepLabelsTuple, StepLabels], hasOne: Aux[StepLabels, H0, T0], hasTwo: IsHCons[T0], extractLabelType: Aux[StepLabels, SelectedTypes], tupler: shapeless.ops.hlist.Tupler.Aux[SelectedTypes, SelectedTypesTuple], conv: Aux[SelectedTypesTuple, SelectedGraphTypesTuple], stepLabelToString: Aux[GetLabelName.type, StepLabels, LabelNames], trav: Aux[LabelNames, List, String], folder: Aux[StepLabels, (HNil, Map[String, Any]), combineLabelWithValue.type, (SelectedTypes, Z)]): Steps[SelectedTypesTuple, SelectedGraphTypesTuple, Labels]
    Definition Classes
    Steps
  74. def select[Label, LabelGraph](label: StepLabel[Label])(implicit conv1: Aux[Label, LabelGraph]): Steps[Label, LabelGraph, Labels]
    Definition Classes
    Steps
  75. def select[LabelsGraph <: HList, LabelsGraphTuple, LabelsTuple]()(implicit conv1: Aux[Labels, LabelsGraph], tupler1: shapeless.ops.hlist.Tupler.Aux[LabelsGraph, LabelsGraphTuple], tupler2: shapeless.ops.hlist.Tupler.Aux[Labels, LabelsTuple], conv2: Aux[LabelsTuple, LabelsGraphTuple]): Steps[LabelsTuple, LabelsGraphTuple, Labels]
    Definition Classes
    Steps
  76. def sideEffect(fun: (codepropertygraph.generated.nodes.Type) ⇒ Any): NodeSteps[codepropertygraph.generated.nodes.Type, Labels]
    Definition Classes
    NodeSteps
  77. def stringProperty(property: Key[String]): Steps[String, String, Labels]
    Attributes
    protected
    Definition Classes
    StringPropertyAccessors
  78. def stringPropertyFilter(property: Key[String], value: String): Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]
    Attributes
    protected
    Definition Classes
    StringPropertyAccessors
  79. def stringPropertyFilterExact[Out](property: Key[String], _value: String): Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]
    Attributes
    protected
    Definition Classes
    StringPropertyAccessors
  80. def stringPropertyFilterExactMultiple[Out](property: Key[String], values: String*): Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]
    Attributes
    protected
    Definition Classes
    StringPropertyAccessors
  81. def stringPropertyFilterMultiple(property: Key[String], values: String*): Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]
    Attributes
    protected
    Definition Classes
    StringPropertyAccessors
  82. def stringPropertyFilterNot[Out](property: Key[String], value: String): Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]
    Attributes
    protected
    Definition Classes
    StringPropertyAccessors
  83. def stringPropertyFilterNotMultiple[Out](property: Key[String], values: String*): Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]
    Attributes
    protected
    Definition Classes
    StringPropertyAccessors
  84. final def synchronized[T0](arg0: ⇒ T0): T0
    Definition Classes
    AnyRef
  85. def times(maxLoops: Int): Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]
    Definition Classes
    Steps
  86. def toBuffer(): Buffer[codepropertygraph.generated.nodes.Type]
    Definition Classes
    Steps
  87. def toJson: String

    Execute traversal and convert the result to json.

    Execute traversal and convert the result to json.

    Definition Classes
    CpgSteps
  88. def toJsonPretty: String
    Definition Classes
    CpgSteps
  89. def toList(): List[codepropertygraph.generated.nodes.Type]
    Definition Classes
    Steps
  90. def toMaps(): Steps[Map[String, AnyRef], Map[String, AnyRef], Labels]
    Definition Classes
    CpgSteps
  91. def toSet(): Set[codepropertygraph.generated.nodes.Type]
    Definition Classes
    Steps
  92. def toStream(): Stream[codepropertygraph.generated.nodes.Type]
    Definition Classes
    Steps
  93. def toString(): String
    Definition Classes
    Steps → AnyRef → Any
  94. def until(untilTraversal: (Steps[codepropertygraph.generated.nodes.Type, Vertex, HNil]) ⇒ Steps[_, _, _]): Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]
    Definition Classes
    Steps
  95. final def wait(): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )
  96. final def wait(arg0: Long, arg1: Int): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )
  97. final def wait(arg0: Long): Unit
    Definition Classes
    AnyRef
    Annotations
    @native() @throws( ... )
  98. def walkIn(edgeType: String): GremlinScala[Vertex]
    Definition Classes
    NodeSteps

Inherited from FullNameAccessors[codepropertygraph.generated.nodes.Type, Labels]

Inherited from NameAccessors[codepropertygraph.generated.nodes.Type, Labels]

Inherited from StringPropertyAccessors[codepropertygraph.generated.nodes.Type, Labels]

Inherited from CpgSteps[codepropertygraph.generated.nodes.Type, Labels]

Inherited from NodeSteps[codepropertygraph.generated.nodes.Type, Labels]

Inherited from Steps[codepropertygraph.generated.nodes.Type, Vertex, Labels]

Inherited from StepsRoot

Inherited from AnyRef

Inherited from Any

Ungrouped