About Code Pathfinder, the open-source alternative to GitHub CodeQL. Built for advanced structural search, derive insights, find vulnerabilities in code.
docker run --rm -v "./src:/src" shivasurya/code-pathfinder:stable-latest ci --project /src/code-pathfinder/test-src --ruleset cpf/java$ docker pull shivasurya/code-pathfinder:stable-latest$ npm install -g codepathfinder
$ pathfinder --helpDownload the latest release from GitHub releases and choose the binary that matches your operating system.
$ chmod u+x pathfinder
$ pathfinder --helpRead the official documentation, or run pathfinder --help.
- Basic queries (Similar to CodeQL)
- Source Sink Analysis
- Data Flow Analysis with Control Flow Graph
$ cd sourcecode-parser
$ gradle buildGo (or) npm install -g codepathfinder
$ ./pathfinder query --project <path_to_project> --stdin
2024/06/30 21:35:29 Graph built successfully
Path-Finder Query Console:
>FROM method_declaration AS md
WHERE md.getName() == "getPaneChanges"
SELECT md, "query for pane changes layout methods"
Executing query: FROM method_declaration AS md WHERE md.getName() == "getPaneChanges"
βββββ¬βββββββββββββββββββββββββββββββββββββββββββ¬ββββββββββββββ¬βββββββββββββββββββββ¬βββββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β # β FILE β LINE NUMBER β TYPE β NAME β CODE SNIPPET β
βββββΌβββββββββββββββββββββββββββββββββββββββββββΌββββββββββββββΌβββββββββββββββββββββΌβββββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β 1 β /Users/shiva/src/code-pathfinder/test-sr β 148 β method_declaration β getPaneChanges β protected void getPaneChanges() throws ClassCastException { β
β β c/android/app/src/main/java/com/ivb/udac β β β β mTwoPane = findViewById(R.id.movie_detail_container) β
β β ity/movieListActivity.java β β β β != null; β
β β β β β β } β
βββββ΄βββββββββββββββββββββββββββββββββββββββββββ΄ββββββββββββββ΄βββββββββββββββββββββ΄βββββββββββββββββ΄βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Path-Finder Query Console:
>:quit
Okay, Bye!Code Pathfinder uses tree-sitter for all language parsers.