Skip to main content

PyCG - Practical Python Call Graphs

Project description

PyCG - Practical Python Call Graphs

Linters Tests

PyCG generates call graphs for Python code using static analysis. It efficiently supports

  • Higher order functions
  • Twisted class inheritance schemes
  • Automatic discovery of imported modules for further analysis
  • Nested definitions

You can read the full methodology as well as a complete evaluation on the ICSE 2021 paper.

You can cite PyCG as follows. Vitalis Salis, Thodoris Sotiropoulos, Panos Louridas, Diomidis Spinellis and Dimitris Mitropoulos. PyCG: Practical Call Graph Generation in Python. In 43rd International Conference on Software Engineering, ICSE '21, 25–28 May 2021.

Installation

PyCG is implemented in Python3 and requires Python version 3.4 or higher. It also has no dependencies. Simply:

pip install pycg

Usage

~ >>> pycg -h
usage: __main__.py [-h] [--package PACKAGE] [--fasten] [--product PRODUCT]
                        [--forge FORGE] [--version VERSION] [--timestamp TIMESTAMP]
                        [--max-iter MAX_ITER] [--operation {call-graph,key-error}]
                        [--as-graph-output AS_GRAPH_OUTPUT] [-o OUTPUT]
                        [entry_point ...]

positional arguments:
  entry_point           Entry points to be processed

optional arguments:
  -h, --help            show this help message and exit
  --package PACKAGE     Package containing the code to be analyzed
  --fasten              Produce call graph using the FASTEN format
  --product PRODUCT     Package name
  --forge FORGE         Source the product was downloaded from
  --version VERSION     Version of the product
  --timestamp TIMESTAMP
                        Timestamp of the package's version
  --max-iter MAX_ITER   Maximum number of iterations through source code. If not specified a fix-point iteration will be performed.
  --operation {call-graph,key-error}
                        Operation to perform. Choose call-graph for call graph generation (default) or key-error for key error detection on dictionaries.
  --as-graph-output AS_GRAPH_OUTPUT
                        Output for the assignment graph
  -o OUTPUT, --output OUTPUT
                        Output path

The following command line arguments should used only when --fasten is provied:

  • --product: The name of the package.
  • --forge: Source the package was downloaded from.
  • --version: The version of the package.
  • --timestamp : The timestamp of the package's version.

Call Graph Output

Simple JSON format

The call edges are in the form of an adjacency list where an edge (src, dst) is represented as an entry of dst in the list assigned to key src:

{
    "node1": ["node2", "node3"],
    "node2": ["node3"],
    "node3": []
}

FASTEN Format

For an up-to-date description of the FASTEN format refer to the FASTEN wiki.

Key Errors Output

We are currently experimenting on identifying potential invalid dictionary accesses on Python dictionaries (key errors). The output format for key errors is a list of dictionaries containing:

  • The file name in which the key error was identified
  • The line number inside the file
  • The namespace of the accessed dictionary
  • The key used to access the dictionary
[{
    "filename": "mod.py",
    "lineno": 2,
    "namespace": "mod.<dict1>",
    "key": "key2"
},
{
    "filename": "mod.py",
    "lineno": 8,
    "namespace": "mod.<dict1>",
    "key": "nokey"
}]

Examples

All the entry points are known and we want the simple JSON format

~ >>> pycg --package pkg_root pkg_root/module1.py pkg_root/subpackage/module2.py -o cg.json

All entry points are not known and we want the simple JSON format

~ >>> pycg --package django $(find django -type f -name "*.py") -o django.json

We want the FASTEN format:

~ >>> pycg --package pypi_pkg --fasten --product "pypipkg" --forge "PyPI" \
        --version "0.1" --timestamp 42 \
        pypi_pkg/module1.py pkg_root/subpackage/module2.py -o cg.json

Running Tests

From the root directory, first install the mock package:

pip3 install mock

Τhen, simply run the tests by executing:

make test

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pycg-0.0.8.tar.gz (58.7 kB view details)

Uploaded Source

Built Distribution

pycg-0.0.8-py3-none-any.whl (57.0 kB view details)

Uploaded Python 3

File details

Details for the file pycg-0.0.8.tar.gz.

File metadata

  • Download URL: pycg-0.0.8.tar.gz
  • Upload date:
  • Size: 58.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.8.0 pkginfo/1.8.2 readme-renderer/34.0 requests/2.27.1 requests-toolbelt/0.9.1 urllib3/1.26.9 tqdm/4.63.1 importlib-metadata/4.11.3 keyring/23.5.0 rfc3986/2.0.0 colorama/0.4.4 CPython/3.9.16

File hashes

Hashes for pycg-0.0.8.tar.gz
Algorithm Hash digest
SHA256 644b4df4346b393ca29450223da12598a6e6ad51fcfb1c218330b774f643a6c1
MD5 e55a9e4a5b36088d0e6c1b2381ff8e9e
BLAKE2b-256 98ceb438f7066610fd24c03fee5c92dfc8930c5f4e9613480b0e337c7ead2b51

See more details on using hashes here.

File details

Details for the file pycg-0.0.8-py3-none-any.whl.

File metadata

  • Download URL: pycg-0.0.8-py3-none-any.whl
  • Upload date:
  • Size: 57.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.8.0 pkginfo/1.8.2 readme-renderer/34.0 requests/2.27.1 requests-toolbelt/0.9.1 urllib3/1.26.9 tqdm/4.63.1 importlib-metadata/4.11.3 keyring/23.5.0 rfc3986/2.0.0 colorama/0.4.4 CPython/3.9.16

File hashes

Hashes for pycg-0.0.8-py3-none-any.whl
Algorithm Hash digest
SHA256 90109b8b787d4496c2198576b0bb08ee5872e1a9a1d1ca557cb856c6798ec0da
MD5 72bd73c12bd429fb23ceda579c701561
BLAKE2b-256 c7ee3db86c684ae05d43f0777cc0d3739fd9f000827b4baa774f12ccab3200aa

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page