Skip to main content

Code Hierarchy Exploration Net (chen)

Project description

chen

Code Hierarchy Exploration Net (chen) is an advanced exploration toolkit for your application source code and its dependency hierarchy. This repo contains the source code for chen library and an advanced REPL console called chennai (chen not AI).

Requirements

  • Java 17 - 21
  • Python > 3.8.1
  • Node.js > 16 (To run atom)
  • Minimum 16GB RAM

Getting started

chen container image has everything needed to get started.

Jupyter notebook with docker compose

Use the docker compose from this repo to try chennai with Jupyter Notebook.

git clone https://github.com/AppThreat/chen
cd chen
docker compose up

Use the controls in Jupyter to interact with the cells. For a preview via github click here

Jupyter console Jupyter console

Interactive console

To start the interactive console, run chennai command.

docker run --rm -v /tmp:/tmp -v $HOME:$HOME -v $(pwd):/app:rw -it ghcr.io/appthreat/chen chennai

Chennai server mode

chennai could also be run as an HTTP server.

docker run --rm -v /tmp:/tmp -v $HOME:$HOME -v $(pwd):/app:rw -p 8080:8080 -it ghcr.io/appthreat/chen chennai --server

Defaults:

  • Port 8080
  • Username chenadmin
  • Password chenpassword

Local Installation

# Install atom and cdxgen
sudo npm install -g @appthreat/atom @cyclonedx/cdxgen --omit=optional

# Install chen from pypi
pip install appthreat-chen

To download the chen distribution.

chen --download

To generate custom graphs and models with atom for data science, download the scientific pack which installs support for the PyTorch ecosystem. conda is recommended for the best experience.

chen --download --with-science

Once the download finishes, the command will display the download location along with the environment variables that need to be set to invoke chennai console. Example output below:

[21:53:36] INFO     To run chennai console, add the following environment variables to your .zshrc or .bashrc:
export JAVA_OPTS="-Xmx16G"
export JAVA_TOOL_OPTIONS="-Dfile.encoding=UTF-8 -Djna.library.path=<lib dir>"
export SCALAPY_PYTHON_LIBRARY=python3.11
export CHEN_HOME=/home/user/.local/share/chen
export PATH=$PATH:/home/user/.local/share/chen/platform:/home/user/.local/share/chen/platform/bin:

It is important to set these environment variables without which the console commands would fail with errors.

Running the console

Type chennai to launch the console.

chennai
 _                          _   _   _   _  __
/  |_   _  ._  ._   _. o   |_  / \ / \ / \  / |_|_
\_ | | (/_ | | | | (_| |   |_) \_/ \_/ \_/ /    |


Version: 0.0.7
Type `help` to begin


chennai>

Sample commmands

Help command

chennai> help
val res0: Helper = Welcome to the interactive help system. Below you find a table of all available
top-level commands. To get more detailed help on a specific command, just type

`help.<command>`.

Try `help.importCode` to begin with.
_______________________________________________________________________________________________________________________________________________________________
command          | description                                                               | example                                                       |
==============================================================================================================================================================|
annotations      | List annotations                                                          | annotations                                                   |
close            | Close project by name                                                     | close(projectName)                                            |
declarations     | List declarations                                                         | declarations                                                  |
distance         | Show graph edit distance from the source method to the comparison methods | distance(source method iterator, comparison method iterators) |
exit             | Exit the REPL                                                             |                                                               |
files            | List files                                                                | files                                                         |
importAtom       | Create new project from existing atom                                     | importAtom("app.atom")                                        |
importCode       | Create new project from code                                              | importCode("example.jar")                                     |
imports          | List imports                                                              | imports                                                       |
methods          | List methods                                                              | methods('Methods', includeCalls=true, tree=true)              |
sensitive        | List sensitive literals                                                   | sensitive                                                     |
showSimilar      | Show methods similar to the given method                                  | showSimilar(method full name)                                 |
summary          | Display summary information                                               | summary                                                       |

Refer to the documentation site to learn more about the commands.

Languages supported

  • C/C++ (Requires Java 17 or above)
  • H (C/C++ Header files alone)
  • Java (Requires compilation) - 8 to 17
  • Jar
  • Android APK (Requires Android SDK. Set the environment variable ANDROID_HOME)
  • JavaScript
  • TypeScript
  • Python

Troubleshooing

Commands throw errors in chennai console

You might see errors like this in chennai console.

chennai> help
-- [E006] Not Found Error: -----------------------------------------------------
1 |help
  |^^^^
  |Not found: help
  |-----------------------------------------------------------------------------
  | Explanation (enabled by `-explain`)
  |- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
  | The identifier for `help` is not bound, that is,
  | no declaration for this identifier can be found.
  | That can happen, for example, if `help` or its declaration has either been
  | misspelt or if an import is missing.
   -----------------------------------------------------------------------------
1 error found

This error is mostly due to missing python .so (linux), .dll (windows) or .dylib (mac) file. Ensure the environment variables below are set correctly.

  • SCALAPY_PYTHON_LIBRARY - Use values such as python3.10, python3.11 based on the version installed. On Windows, there are no dots. python311
  • JAVA_TOOL_OPTIONS - jna.library.path must be set to the python lib directory
  • SCALAPY_PYTHON_PROGRAMNAME - Path to Python executable in case of virtual environments (Usually not required)

Origin of chen

chen is a fork of the popular joern project. We deviate from the joern project in the following ways:

  • Make code analysis accessible by adding first-class integration with Python and frameworks such as NetworkX and PyTorch.
  • Enable broader hierarchical analysis (Application + Dependency + Container + OS layer)
  • By creating a welcoming community more appropriate for beginner users with great enterprise support. We want to democratize code analysis.

We don't intend for bug-to-bug compatibility and often rewrite patches to suit our needs. We also do not bring features and passes that do not add value for hierarchical analysis.

License

Apache-2.0

Enterprise support

Enterprise support including custom language development and integration services is available via AppThreat Ltd. Free community support is also available via Discord.

Sponsors

YourKit supports open source projects with innovative and intelligent tools for monitoring and profiling Java and .NET applications. YourKit is the creator of YourKit Java Profiler, YourKit .NET Profiler, and YourKit YouMonitor.

YourKit logo

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

appthreat_chen-1.1.2.tar.gz (38.3 kB view details)

Uploaded Source

Built Distribution

appthreat_chen-1.1.2-py3-none-any.whl (40.6 kB view details)

Uploaded Python 3

File details

Details for the file appthreat_chen-1.1.2.tar.gz.

File metadata

  • Download URL: appthreat_chen-1.1.2.tar.gz
  • Upload date:
  • Size: 38.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.7.1 CPython/3.11.7 Linux/6.2.0-1018-azure

File hashes

Hashes for appthreat_chen-1.1.2.tar.gz
Algorithm Hash digest
SHA256 a4640569463da1a1c6bc1a67801da518632355314e49ee6f6b14e53c7a6e397a
MD5 52619a35b21910b5c29acff56de444a3
BLAKE2b-256 fc2f01543823752a3c35fef7b603e22229d30edcb6d7c3aa038b477d20868c1e

See more details on using hashes here.

File details

Details for the file appthreat_chen-1.1.2-py3-none-any.whl.

File metadata

  • Download URL: appthreat_chen-1.1.2-py3-none-any.whl
  • Upload date:
  • Size: 40.6 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.7.1 CPython/3.11.7 Linux/6.2.0-1018-azure

File hashes

Hashes for appthreat_chen-1.1.2-py3-none-any.whl
Algorithm Hash digest
SHA256 baf6d58608104e85420242206e519478de23cbfdb251f880003265de8d1e5692
MD5 93c2b31539db6c3d4803e4d422bb2036
BLAKE2b-256 f137e51975ecad71e380427f5544c3002482f719cb29e584b99c66789562dc93

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page