A Python implementation of a Code Property Graph.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for markgacoka from gravatar.com markgacoka

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: Apache Software License (Apache License 2.0)

Author: Gacoka Mbui

Tags cybersecurity, static analysis, code tokenization, property graph

Requires: Python >=3.9.0

Classifiers

Project description

Code Property Graph

Github Stars badge GitHub release (latest SemVer) badge Maintenance badge

Code Property Graph Logo

This library is an implementation of a Code Property Graph as seen in the paper published by Fabian Yamaguchi on Modeling and Discovering Vulnerabilities with Code Property Graphs

A code property graph is a highly efficient data structure designed to mine large codebases for similar programming patterns. The data structure can be loaded into a graph database where properties of code can be queried. Code property graphs are intended to be code-agnostic and highly scalable making it one of the best choices for code representation.

Code Property Graph Demo

Running as a Library

Installation

Requires:

  • Python 3
  • pip3
pip install codepropertygraph

Using the code as a library

from codepropertygraph import CPG

code = """a = 1; b = 2; print(a + b)"""

graph = CPG(code)
print(graph)

> Graph(Nodes(a, b), Edges([a, b]))

Running from Source

Setting up Neo4J locally

  1. Download Neo4J Desktop v4.4.5 to create local graph databases locally and remotely from your desktop. If the latest version has changed, use this link to download the version used for development.
  2. Create a new project and a new local graph database as shown below. It might take a few moments to finish loading. Create graph database
  3. Start the database. Make sure the DB is active before heading onto the Installation and Running the application sections.
Starting the database Active Database
Start the DB Active DB

Installation

To install the repository, you need to clone it and run it inside a virtual environment. Running main.py generates a Code Property Graph of the simple addition script inside examples/ and saves it to output/.

git clone https://github.com/markgacoka/codepropertygraph.git
cd codepropertygraph

python3 -m venv venv
source venv/bin/activate
pip install -r requirements.txt

Running the Application

python main.py

Testing

pytest tests

For first time contributors, read the CONTRIBUTING page.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for markgacoka from gravatar.com markgacoka

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: Apache Software License (Apache License 2.0)

Author: Gacoka Mbui

Tags cybersecurity, static analysis, code tokenization, property graph

Requires: Python >=3.9.0

Classifiers

Release history Release notifications | RSS feed

0.1.2

0.1.1

0.1.0

This version

0.0.9

0.0.8

0.0.7

0.0.6

0.0.5

0.0.4

0.0.3

0.0.2

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

codepropertygraph-0.0.9.tar.gz (2.2 MB view hashes)

Uploaded Source

Built Distribution

codepropertygraph-0.0.9-py3-none-any.whl (2.8 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page