-
Notifications
You must be signed in to change notification settings - Fork 18
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
This PR adds a JSON schema which users can use to generate and validate their YAML configuration files. The README is also updated to include a short exemplary codyze call and link to the configuration wiki page instead of listing them all in the README.
- Loading branch information
Showing
3 changed files
with
209 additions
and
38 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,191 @@ | ||
{ | ||
"$schema": "https://json-schema.org/draft/2020-12/schema", | ||
"title": "Codyze Configuration File Schema", | ||
"description": "A schema for writing yaml configuration files for codyze", | ||
"type": "object", | ||
"properties": { | ||
"source": { | ||
"description": "Path to the to be analyzed directory or file", | ||
"type": "string" | ||
}, | ||
"output": { | ||
"description": "Path to output file in which results are written. Use “-” to print to stdout", | ||
"default": "findings.sarif", | ||
"type": "string" | ||
}, | ||
"timeout": { | ||
"description": "Terminates analysis after given minutes", | ||
"default": "120", | ||
"type": "integer", | ||
"exclusiveMinimum": 0 | ||
}, | ||
"sarif": { | ||
"description": "Enables the SARIF output", | ||
"type": "boolean", | ||
"default": "false" | ||
}, | ||
"codyze": { | ||
"description": "Configurations for codyze", | ||
"type": "object", | ||
"properties": { | ||
"mark": { | ||
"description": "Paths to Mark rule files", | ||
"type": "array", | ||
"items": { | ||
"type": "string" | ||
}, | ||
"uniqueItems": true, | ||
"default": ["./"] | ||
}, | ||
"no-good-findings": { | ||
"description": "Disables output of \"positive\" findings", | ||
"type": "boolean", | ||
"default": "false" | ||
}, | ||
"disabled-mark-rules": { | ||
"description": "The specified mark rules will be excluded from being parsed and processed.", | ||
"type": "array", | ||
"items": { | ||
"description": "Has to be specified as <package.rule>.", | ||
"type": "string", | ||
"pattern": "\\.." | ||
} | ||
}, | ||
"pedantic": { | ||
"description": "Activates pedantic analysis mode. In this mode, Codyze analyzes all MARK rules and report all findings. This option overrides \"disabledMarkRules\" and \"noGoodFinding\" and ignores any Codyze source code comments.", | ||
"type": "boolean", | ||
"default" : "false" | ||
}, | ||
"analysis": { | ||
"description": "Analysis configurations", | ||
"type": "object", | ||
"properties": { | ||
"typestate": { | ||
"description": "Specify typestate analysis mode.\nDFA: Deterministic finite automaton (faster, intraprocedural)\nWPDS: Weighted pushdown system (slower, interprocedural)", | ||
"default": "DFA", | ||
"type": "string", | ||
"enum": [ | ||
"DFA", | ||
"WPDS" | ||
] | ||
} | ||
} | ||
} | ||
} | ||
}, | ||
"cpg": { | ||
"description": "Configurations for cpg", | ||
"type": "object", | ||
"properties": { | ||
"additional-languages": { | ||
"description": "Specify programming languages of to be analyzed files (full names)", | ||
"type": "array", | ||
"items": { | ||
"type": "string", | ||
"enum": [ | ||
"python", | ||
"go" | ||
] | ||
}, | ||
"uniqueItems": true | ||
}, | ||
"unity": { | ||
"description": "Only relevant for C++. A unity build refers to a build that consolidates all translation units into a single one, which has the advantage that header files are only processed once, adding far less duplicate nodes to the graph", | ||
"type": "boolean", | ||
"default": "false" | ||
}, | ||
"type-system-in-frontend" : { | ||
"description": "If false, type listener system is only activated after the frontends are done building the initial AST structure.", | ||
"type": "boolean", | ||
"default": "true" | ||
}, | ||
"default-passes": { | ||
"description": "Controls the usage of default passes for cpg.", | ||
"type": "boolean", | ||
"default": "true" | ||
}, | ||
"passes": { | ||
"description": "CPG passes in the order in which they should be executed, fully qualified name of the classes only. If default-passes is specified, the default passes are executed first.", | ||
"type": "array", | ||
"items": { | ||
"type": "string", | ||
"pattern": ".\\.." | ||
} | ||
}, | ||
"debug-parser": { | ||
"description": "Controls debug output generation for the cpg parser", | ||
"type": "boolean", | ||
"default": "false" | ||
}, | ||
"disable-cleanup": { | ||
"description": "Switch off cleaning up TypeManager memory after the analysis. Set to true only for testing", | ||
"type": "boolean", | ||
"default": "false" | ||
}, | ||
"code-in-nodes": { | ||
"description": "Controls showing the code of a node as parameter in the node", | ||
"type": "boolean", | ||
"default": "true" | ||
}, | ||
"annotations": { | ||
"description": "Enables processing annotations or annotation-like elements", | ||
"type": "boolean", | ||
"default": "false" | ||
}, | ||
"fail-on-error": { | ||
"description": "Should the parser/translation fail on errors (true) or try to continue in a best-effort manner (false)", | ||
"type": "boolean", | ||
"default": "false" | ||
}, | ||
"symbols": { | ||
"description": "Definition of additional symbols", | ||
"type": "object", | ||
"properties": { | ||
"description": "symbol: description", | ||
"type": "string" | ||
} | ||
}, | ||
"parallel-frontends": { | ||
"description": "Enables parsing the ASTs for the source files in parallel, but the passes afterwards will still run in a single thread", | ||
"type": "boolean", | ||
"default": "false" | ||
}, | ||
"translation": { | ||
"description": "Translation configurations", | ||
"type": "object", | ||
"properties": { | ||
"analyze-includes": { | ||
"description": "Enables parsing of include files. If includePaths are given, the parser will resolve symbols/templates from these in include but not load their parse tree", | ||
"type": "boolean", | ||
"default": "false" | ||
}, | ||
"includes": { | ||
"description": "Paths containing include files", | ||
"type": "array", | ||
"items": { | ||
"type": "string" | ||
}, | ||
"uniqueItems": true | ||
}, | ||
"enabled-includes": { | ||
"description": "If includes is not empty, only the specified files will be parsed and processed in the cpg, unless it is a part of the disabled list, in which it will be ignored.", | ||
"type": "array", | ||
"items": { | ||
"type": "string" | ||
}, | ||
"uniqueItems": true | ||
}, | ||
"disabled-includes": { | ||
"description": "If includes is not empty, the specified files will be excluded from being parsed and processed in the cpg. The disabled list entries always take priority over the enabled list entries.", | ||
"type": "array", | ||
"items": { | ||
"type": "string" | ||
}, | ||
"uniqueItems": true | ||
} | ||
} | ||
} | ||
} | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters