From e2bfaa5171bfe851bfda84219cc19ab69227d5bb Mon Sep 17 00:00:00 2001 From: Villon CHEN Date: Tue, 25 Nov 2025 09:51:01 +0100 Subject: [PATCH 1/6] docs: update overview figure --- docs/assets/overview.excalidraw | 120 ++++++++++++++++++++++++++++---- docs/assets/overview.svg | 2 +- 2 files changed, 106 insertions(+), 16 deletions(-) diff --git a/docs/assets/overview.excalidraw b/docs/assets/overview.excalidraw index 6bef973..831ef11 100644 --- a/docs/assets/overview.excalidraw +++ b/docs/assets/overview.excalidraw @@ -181,11 +181,41 @@ "autoResize": true, "lineHeight": 1.25 }, + { + "id": "Yp-Ops1lm44S4mFwzv_v2", + "type": "rectangle", + "x": 719.2928134448903, + "y": 269.6718345779226, + "width": 362.3999938964843, + "height": 141.5999298095703, + "angle": 0, + "strokeColor": "#1e1e1e", + "backgroundColor": "#e9ecef", + "fillStyle": "solid", + "strokeWidth": 4, + "strokeStyle": "solid", + "roughness": 1, + "opacity": 100, + "groupIds": [], + "frameId": null, + "index": "b22G", + "roundness": { + "type": 3 + }, + "seed": 485793748, + "version": 1598, + "versionNonce": 1114887916, + "isDeleted": false, + "boundElements": [], + "updated": 1764004560433, + "link": null, + "locked": false + }, { "id": "13dkZHvSDLQKbfPK5JpGL", "type": "rectangle", - "x": 709.7904386974515, - "y": 281.89503914969293, + "x": 708.9904509044827, + "y": 281.09506661551325, "width": 362.3999938964843, "height": 141.5999298095703, "angle": 0, @@ -203,8 +233,8 @@ "type": 3 }, "seed": 1483036838, - "version": 1499, - "versionNonce": 1672335482, + "version": 1500, + "versionNonce": 1068640724, "isDeleted": false, "boundElements": [ { @@ -212,15 +242,15 @@ "id": "fsuA80u19oDfd_WXy5fbY" } ], - "updated": 1760631995840, + "updated": 1764004513531, "link": null, "locked": false }, { "id": "fsuA80u19oDfd_WXy5fbY", "type": "text", - "x": 815.8244734264554, - "y": 286.89503914969293, + "x": 815.0244856334866, + "y": 286.09506661551325, "width": 150.33192443847656, "height": 35, "angle": 0, @@ -236,11 +266,11 @@ "index": "b24", "roundness": null, "seed": 1552723450, - "version": 1387, - "versionNonce": 894148965, + "version": 1388, + "versionNonce": 1022742356, "isDeleted": false, "boundElements": [], - "updated": 1760632001741, + "updated": 1764004513531, "link": null, "locked": false, "text": "SAST Tool", @@ -253,6 +283,36 @@ "autoResize": true, "lineHeight": 1.25 }, + { + "id": "ljpVgLZj0RDw1SkVJgIQY", + "type": "rectangle", + "x": 1107.2928287036793, + "y": 226.27181779325466, + "width": 172.79998779296875, + "height": 151.99999999999997, + "angle": 0, + "strokeColor": "#1e1e1e", + "backgroundColor": "#e9ecef", + "fillStyle": "solid", + "strokeWidth": 4, + "strokeStyle": "solid", + "roughness": 1, + "opacity": 100, + "groupIds": [], + "frameId": null, + "index": "b24G", + "roundness": { + "type": 3 + }, + "seed": 892714580, + "version": 820, + "versionNonce": 1133845228, + "isDeleted": false, + "boundElements": [], + "updated": 1764004596046, + "link": null, + "locked": false + }, { "id": "ehh88Kle4w-5mpVadmmlV", "type": "rectangle", @@ -325,6 +385,36 @@ "autoResize": true, "lineHeight": 1.25 }, + { + "id": "Y1koFTBntLWjV_oBg9Et0", + "type": "rectangle", + "x": 1105.6928531177418, + "y": 400.07185136259056, + "width": 172.79998779296875, + "height": 261.59994506835926, + "angle": 0, + "strokeColor": "#1e1e1e", + "backgroundColor": "#e9ecef", + "fillStyle": "solid", + "strokeWidth": 4, + "strokeStyle": "solid", + "roughness": 1, + "opacity": 100, + "groupIds": [], + "frameId": null, + "index": "b26G", + "roundness": { + "type": 3 + }, + "seed": 1150040660, + "version": 1164, + "versionNonce": 891305940, + "isDeleted": false, + "boundElements": [], + "updated": 1764004639763, + "link": null, + "locked": false + }, { "id": "bm_HYs349MNhCJXSJAr-s", "type": "rectangle", @@ -864,20 +954,20 @@ "index": "b2K", "roundness": null, "seed": 123664058, - "version": 1623, - "versionNonce": 199624230, + "version": 1625, + "versionNonce": 396867028, "isDeleted": false, "boundElements": [], - "updated": 1760631995840, + "updated": 1764004650574, "link": null, "locked": false, - "text": "Abstract\nSAST result", + "text": "Abstracted\nSAST result", "fontSize": 16, "fontFamily": 5, "textAlign": "center", "verticalAlign": "middle", "containerId": "8qAhylsGA8gx_F27etVCZ", - "originalText": "Abstract\nSAST result", + "originalText": "Abstracted\nSAST result", "autoResize": true, "lineHeight": 1.25 }, diff --git a/docs/assets/overview.svg b/docs/assets/overview.svg index 064822f..766d964 100644 --- a/docs/assets/overview.svg +++ b/docs/assets/overview.svg @@ -1,4 +1,4 @@ CodeSecToolsData abstractionSAST ToolProjectDatasetSAST ToolabstractionAnalyzerParserValidation(Dataset only)Tool resultAbstractSAST resultStatisticsCodebaseExpectedresultCodebaseAbstractedexpected resultAbstractedresourceInternalimplementationExternalresourceLegendGraphics \ No newline at end of file + @font-face { font-family: Excalifont; src: url(data:font/woff2;base64,d09GMgABAAAAABagAA4AAAAAJtAAABZKAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGhYbiVQcNAZgAIEkEQgKuSiqRwtKAAE2AiQDgRAEIAWDGAcgGzIeo5B2sFq+ZH91YB6SNw6y3Umk0D7Yfk6uREWliCt6oXOts/Jrm13Use+z70/b30pKKeMBPIMA3QTcH0GxVvbO3iOQA0UgASjCUPk4Rz7lI8UPT3P67+7ihkZIEI0iGnEsCQniwTSobqWiOqPun3XbrwntBDqTqlAM7yWihGkE7Q7X+vfW3ln6v4iWQJHEgwpTWeGzNrEDS8fZzQMG1TbwfzotqdW86/7MyJIhYFsO0HtZIBYsVL6rr78ybpNWI9kOXmJZhl02LQCPNO/K+7+1Vm8wH/DM286FindaWbHPP0wGjzuYV7Es3nmd0NSb6kZI0imNVgjpIq1CJnWszKnxlPAqaUcNoHxmennaFgwQYQlwjHRhH+7He/zI5dW1PeNZz+u98ar14s54735/NJIATBuldxevhDY4QHCeyadvxNZaPF1jflzir/iUOqDpMFd02d+mO0yFkenYC876Lb9rmtxlOhRQaSH5OhsqWV7kNvwoC+a6q3bTPo7+dtnrsmjLjxOWaioAuF8W3POFMdHdqhgT7WGLml4CGM3//Vd1pbblNMUMzaPmhFLFa/WiySJzOJUYcYGc0NnegrYyLjWM5IrWMDnX8OZZDCuoFKJEqsZoC4ZHgJIvc3gKcCYFIHNlQCojMijPFcPf4v68CPA54XVjfOKXOedJiwqKMgnlMmepUNIq6tRUmai2UuOQEwEEwLijTIm50IRGuRJlArlUzaT8CdCnNOXWLJzQIoDex8UcONeVquYDHQK5N0B6yLr6XVMGOAMEetPOD3MAetcG6hQAsNET/ogmRzBVcgQALBshRVEWgUAiyjxZCA0DE4s0Nk7ZKtXx6ND7+VFLgn11JCuhW7UGrbo/T8+k884564xTjh06sGbVimWLQVAHfSrMADFidkT44b/6ETsUBOMY1Y3wxQMyVA5MutnT1i3bh6NcbKvOv81RnhAntGcmKliBXFUiJYSVrfP25UgkaTov/1CqSl2QWmBJde/w6hX5Lx71TnD+FwiDCgAuF/SXH2CHutZ6mb6sNFkTr64moWFJryVHse9TfvxdXxe2t7OYAEj8CtWSHoch2v0ZRXMuMgs+af+WhKbbtEVijZS25lmtSFKHJ08AvoCURzODazHD4s6DB3q8TpaNjmqqXdgow3SDSwypgDGG0QXYCQCRxFYrZYA/VT/shyHtvBv1I+CwwgFYUcb7j+J0Htjxts8DdaMNXqYmgbItvpSSZWUvhUcfjWSEWnWQnVrDvQnWchZiJQyD1FuMC7DwvKCeziY47KMPS/zh20tqS0K3q7EcjUSa2rTd9vFtLUcKt0rs/rfclBuCcsP2cwevBW44n//xx0Fw+Dll+ZVR/Gy/t+uI00h1lsOpKqDZqwiAHidtMGChR7QmjzIchnSXqn74mfL7PuJtn7eQMVyDGqFn4E3gA2jahEENI4TB2aiLD9U0Cz3ljpuaw98PCtK+WAqXqBEoWFgBgB2ehTdvADrkH/CqZJSx3L6J93tnW1wIDqMPfylvJTaO3pz+QHdqg9oT9wtYaxod2xU7gtAojslSVR8Z2A8CjAgF5j5+HLYm3L0JvZ3pdweG5kIPI6TIjgKKJFWanhsm1zCU29TgBoe+z3CjvKVCrea6i4uKzEp47/gOXKngSdgoJwTDYZsKWMAwlkGbEj4DZadQ/0C/KcoY7HG/vXqVmc0EZyz0uOSRMd1HKmGTEw5QXgXcViJlhBPoByzAGDAm1crZ3pHsudvcrsiSnj13LYw5RFamq+3jV1gZVnYe8OzO9pssAJQr6mQKXbcMJzeMMDhsiHwutRIb62Qvzsu6C7ACwBMN9Ze1K3IkZ226P4Zjh8dUJIxzLYuJt/da49lovkf1EbfDx41ofj6/6F++xkpZWsnLukK1GmgONltLH0bYWZvJgs8/FPU0CRLHNN4qaUT8fBfgYP5JJz2cCA73Q6qCwFDCQfF2DCsuBheqxazsKPVyzE9wr2gRpWpQABysqHsapbM4PYo1qt4mI309h7C/gp2FEeYHNDhhwlDTxakKEjyBbsFVsSIBgKXjcfKqXrVEx+L5HqbnSFkYMGiVGAPmr+KEmd5OjK1IO7Mtt5XxfOA6E6/3bHu/3JxcmFos3tje9plBLkbZ9ykjlSq4aq3lHfdIndqNkundRsHaYTR/la8UeRZcDGyB4Y+Gb/+QncUe8YfXnPHrA+dim3nYHEsragKy5pERoR7s/JgUKxWcniojY4BNSezcseQ4kSzWoyCs3SjReXPwJm8tr9NcyLmBD3E63BVmwtXay7n0VoRTAEXmz+yLrD15YxdPkaLBgbrij1pnJo4Ep2PwbTQ85Ue1Ik9/kEjT6MTumQ/NCZOoncy/Z7db2zslQhYsLSHzXM9PfyAHjcKLv5/sqt7SRsYyUhhfNnOKmgeC5kK/UeTxozg9F3uOkTokQCiS0PFqcLMAAG6+H7dESnzXw45GOdVqD7lqzeLu5EoWijK/Fms+r780OKzsBEVOkxxXSz4di81Ym8ej75KPWMYQNsPOFNGQvZBBauw0GnZJ4WKbG1D/RKo1PX+cQ59hMYz7cAX+0uNLZJCLztL5NkyI1cq/WKyUpQCtqpgcja4Xo7TJKj+kspBo/CNP79nVbT3fWRhvYbc/jD6PSRbHGrXxYcpdm04eWNPlJaxVN+W5yMzESI7UmGC4h9KEc6kSra4mEMDaYbOqHH05RhO/TIavM8vaca6cqi0Lfd3YHdu0ktXVFspqpPLUbc3blDMFGqiB5ndNtZkLuk5IjuoE1oRibBbxI7RmlrUU+fwmuZrkf4hyQWON5LiNVSKVxIrEd+5Qbrfp8g4ObrGEkyyxKqUANeuu9+h2ekAleuwcIxUdcrPWhE7tnaOEyFC16rWIVyRogAYcqFBelfAWLq+B63ke8XYcl8R489i/zxikcs761yz48Z14f11wiVupunBDzQR76d3RAzPddbitvLG95/zE/a5FScCCIuukvlP4aAXg1GKSwIpbNpsp8pnWH8nj6bnBAUYmCWvAy/R2H3a7wXukDF4m1aSzNLWqZLTn1+CoYInhmeFhQb5xO7UaQBkfRmNOWjBv4t17xb1xur+m+9E8nRENskPIqxJap9/un+hEy9sWExjh9837cNvnu8kF0B0Ocr451LqIKQwMBlD+IfMcs8TLCaw0vpyETlHW64SqXi3lWvN2qJb3jGSbVSGzHNEotyl3UU43a65IkykMGFITwXlzPDVcEWIW4MWkgGIhSg0LYEF+TY94D59hoVO1Ra60iCc8SfvSjzE6dUcdFga3/RAuozVvIomKCwtZawLuYW4uaZ2CyFKtXjm20KKiG08AfoD+b5GsydG6k4vMBVfk+JGdlbaEPkYKL6pQmFjp0xyH7eU7fbaWl32f9iO7Fw92oSwBh4LPguuW1STbq2Tyl+mxmPh0WSYT3nTIUSan7DP0+b4QRplqJZP6BwcYDIb3P78g1f9shGPYDTAWgEMdlPck1Luys+i8ZUxo7/1qXvHCRUilj6WccGSs1Egk9OLRJCSJZc7Wt5c0HE02zMVryaX67c/30M6lfUdbcfHT2aQR0PwP+xzDxEGmOZB4Q93ULp/NWC19LT+7JXvOSf07QC/98agXwDzWQs2TiiI/fYOw3GsFPtcv6su9zmrgNUE++Fe7hXTNl7DCBS3Tz+KsZhFJDzHyYxUVO2m7Api2G8U5Lzo2P9sQYdC9ZhVCo1CzZw/rOMDeUAP8MRAEl3mvpsCMxednSiAi9NmvUkU63YLGOZlrLm3HPMd4BNq2OwcqpJEgZ/i1UPdAmudZD3SWQ4kzgq8d0bo2sGsLlmjzNb7VbQIM3ElDwQ+FhldNQ0EDX2fCp71rdHQagP4fMNQ45xZdoxMK//7vhSF/VYZNqWnyXQqQHcwyhEkxunq8uu3DqTxgaXuMOzpWcXMfvMfW4ti/H4Omd7zJryYYYQIXd86EvwCBgDWuLWhf3Pc+xK2vdIJZgZRZdpfRYQxQHy25Z/rp+r3Si9MafgV9HlXcZfynbyOhKlnOMLqwaLvMmlM+VtDki9VHn4A0yVA+Ssu0NFkD8VknwCYS66PLb8PMT8Lm4XQ4bJ6rRDGNVusD8YdopmvsP3YdWHpufMx7kyR6xcpVl9EpMRNbZJK9zSgjd5uOc+B9JbbaUxUSjhT76ql7CHvO6M7/vzp60jGIutPBzfSROAKOjJhRN90taphvw9AqOjDoDMRJvfl7cu/ORQuo10ov5W0dbrQDV5974jHdL10dMsu3AHTcR6cbymIbHdX1nXXm8US7GNOi/5VF2JoBY9tPvJkZuniXt76sCGVWZ+npqjnsJotIG3MelGTK0RpwUOx/wgNJZ812YZc4EecSvWCIQK8NtFhxwa9BXl1M/+JqL2fELvpRA7XF/AsFpye0U+gH0pU4ZZh7KI0NaAeevRvCNztlVxf9xLP84LhVLdn3CMNEvOUITUdDID00KvjLg1NjUPDXtgYyHVpyTvU5NniOe7KVhZYiUjS7jL8ChHqV48coeytxi82oyH8sUnG+qpttlYUVh+MwJdAfKyOIzK1k646/c5+FFPky8XlNf4qFUD4mZ5NjrmMA0BuqBvFIfSSoqiiKgLSEfKvPgrRf4azgoz2xsSpv8kHXOhdmHaaRWSZeGGYsZu9PBTmrrx5e4lU0a8XzFby0BC4QFGFSUhfDYO8sRhv9ofr5+U7uDEBk3E7cTRcvidqK0kypAn4CpPoymOADvKINzhDt/LwggBY5FbhSBn3+LFANWfF/LlqZZZC5GoP6Eql31u9psUmhPuTIT3OHTaD15xvt2eVlY2oietEYXAjZmDXS8X7lwXRfAubs2lR+2yJVSsaM4ueaxMZKsNdLp6iEMtBM1KVISqHUpqdlQoMt/h9Hl01N9HtTFrIyi1uIVaMrZyCbPDS0h2CGpqyoMIxRyMdBq2mezR7SdhITrX6oRv+JzQFXcQT8mi0Ib0h0nHYR+NZXzDxo6Z4r71m8Tzyz2+cve4z05cir0gMnjBch0eeiyjr/7MuXarrdZ/zTOVYL+Wf44NCTJ8dgV7gq9fPjhUe+RGxwsOI9OId5qOEFzq+7m+lih0KhhqPhFaLFZmomll67Jva7woIF3AyuqIA3n5KJegvQA2W7jOfFys84miBdi1NbRL8D9VeakW6s0opSLM3d70HVegNCQYUpxBqJL4SyBjBOH/a/ZHbdA/pKgu8jNHWmL3UeYhsW/+5vXsOPtIliPbNXpilledm0id6vJ5x007M/N4SLM/GnjT+4vqXng8KiM972J+W0+28wxqaFo5ySoN/VE8KqaymSiTPI9edx15f/sfhxsPI4rE3Y9lT+Nh3aV49uVWJ53UVgB0N2aXL8NcaehMVnftKbQZqyBicjWKQHi5FyKjIYtGI48cgjh89KJbB1kerF/HSx2h2V4+ujtvr/pcKyGv/1amqimiznJ5TbPAeF3Jc54UnL2ZthE95ZqQBBBxfEVXXJ9jTek/IzLfaUQJQ9D+GwFQ0/XKLsLEv7hDkycV/XKhGxpsdsHHsmShuiD8j/swvd9lxD8IOzflYsaGGzvpVXbwasL0xjTH7jWrVXhpvLOK5f8lKEgMlRfHoxA2WHF0TLEmbGmwmq3JqXGTEmgC6QEtFdhwy290/qjSJ9QoLl86pj9PtigZZVwsd1rkd2jomBz+y6TH4tpUtQsfZB+O/gcYMLvBnWyqXqfj8eUq+01JBJt4ncWSKAZMhRCimcykAKYA7lXQgTHatdXLoHAh8vj/cQ6mkK1m3M9zgUHI7QzOLnbvTNDYViGIYWsPDs9Gs/AWHHqJtJtzmWq2fJewN6oDh6Dn0m77ttgNzkg7Vhc7Hefn8EXrzCbmy+EYETRUFwVEgdGN+gMYbJSlbYOHyFU/P5GZ54orGdRxuFdMyQC+kZ8rwMs/0ohzIjlwzpo+X8g3ODXlAU5EKK+UvKq5/WKKJu8ziZf+WDESZ34gdogEfGEohfe8PEy+E9HF8+PIRGTARyBPkodrkFQgyC3VvJvROg17ZS8Qb4aTyHtLigRLXu7cPckCPPWTFtzKSsqbu7l1nP4PKgnNN+awNJXeecH5tW5kT0w+V4WZa+m74+c70i7Z+l8IOUHGIbLAPRa4qSuWA/TPBiVFUzNIWB42auCIMTamJUDmZkRstm/Qm+hbjcD52O4Gm6R4LzdWGUGEi371ZAdnPApFq4tW5R/T5/k4thR85C3n8KasADVGjtKctbVG1daO24JnhVinVWyoTC+FVK44Dv80qPVJAanM2xxBqJmk3VkMgZGc6/eIzuXKzHBYURIULjo331YF2rxzOZfZIeZCLsxIGqeshRiNcPPbrENJCxSzv8peb3pMF/m5JFkw7lehQeHhNi6+IrlqyOXnEq0YdtMRud45IXxFTqxgFKL1gYsJSiZ6H3ikhchYgMbd3E3T6vYLSEhcZ7zzezSLtMA7MJTMkc0FpNnheXsH3qWhIFsSAcWA80K8xbklj5X37b9qqJvt8sVXVGbEjXurw1KmPZdR9M42+F4iw0LEQey/brO81sxwy0/dGBjrd3bs54+d9+1+PcGG3xNJbeIhwcBKzZawWS64ckxL5Aljlbd+4u3m9v2f2fdHHMXNKZ2OojNZxtkUGIp0oim9yrubb9CzDifmmk7eUWGamxhMzd3h8qldKntv2aTw1dtf0mVAdr/My17+3q0r6YdFuLYBBMkjDYeM3s34cqeQ44ua+HL9i2b0yl2LWYBxmILjIm8gVTJBsxIYJIWCyJj3JcKQs+j/c7Ya3ytQbH/v8rLIIq3UoRRoUFxqKSyKYn7xh5wLy0OXNNPao2dTSzShu7LO9xZfZPSyM4Xdk4VMtS2qwvErPcamRTu0Mbp1u+YoB9i0Z3CAyMaAiBQ/XbqwqS1AY2xxxL7xGU3VS8Cfd+fcY+umxhnvZPGgHmXJyjc/HuR4Ef2gTLJUJScdyCL5OWXL9rjBN6ld/yKWjQuAlm7nAw/eWwCRP2CCmlhJuu9q7+6U7Ou7jMapQ+cX5WP89XlN6b3KL8F46XeHh7kr+Sx8TjkwO8CUBT80yBj98b0zw2623NDsLqKt+Ry65HTrfpO+2is8iiz0vIncRnvy6FEl9EjBo0f68q8vlgsCAQ9+02Zqv/I1pgHi+++JYRfwERwDcQAfJzMu4pA8AFrRe+0LJrRwk18TmOiPwOwKd6QvUA20xv+avv46e/D/UnKg6A5WyVrS4i52YxNH73Tn7piasUp2XAkCwCAPoFwpMlIDi2AQB/AG5KAuQ4D+Qp6eOFEPgHf3cVx4AmmgA+zQNQ2AAn1CAwwoAqeQUEUQRCwgv4GEcLixig8gy0xPxxR1NAGStBYlBAXOQCqX6jmGQdkAUfBEcIgEJ8WyoTUIMB5JEIhJmLF7sDMAALhF6L1bATVj4ElMEDABpcvwkQllMCjGKPgAg1JqCIlQloycSAoZsBwKBbObcGtao0a9IugkOlah0auLUuobNWbVqZ2grIRJJKlsCk5z08aizxI1GAXEGwIPLZY4REnoigZ2TN9bKYZFh9B+pJfWtBp5hHjwZqWViTEAQzIEQxOekZlHtWpmffIyhUsLlbl0hiGg1yuCA4tj1ApSKV0EkNFSIh/11l+AEaAAA=); }CodeSecToolsData abstractionSAST ToolProjectDatasetSAST ToolabstractionAnalyzerParserValidation(Dataset only)Tool resultAbstractedSAST resultStatisticsCodebaseExpectedresultCodebaseAbstractedexpected resultAbstractedresourceInternalimplementationExternalresourceLegendGraphics \ No newline at end of file From c99337f68bed032bc2f7d2af28f4c6f1e9ebacc5 Mon Sep 17 00:00:00 2001 From: Villon CHEN Date: Tue, 25 Nov 2025 09:51:51 +0100 Subject: [PATCH 2/6] docs(allsast): add it to API Reference section --- codesectools/sasts/all/__init__.py | 1 + docs/api/allsast.md | 4 ++++ docs/api/index.md | 1 + mkdocs.yml | 1 + 4 files changed, 7 insertions(+) create mode 100644 codesectools/sasts/all/__init__.py create mode 100644 docs/api/allsast.md diff --git a/codesectools/sasts/all/__init__.py b/codesectools/sasts/all/__init__.py new file mode 100644 index 0000000..b384e9a --- /dev/null +++ b/codesectools/sasts/all/__init__.py @@ -0,0 +1 @@ +"""Initializes the All SAST module.""" diff --git a/docs/api/allsast.md b/docs/api/allsast.md new file mode 100644 index 0000000..9b2eed2 --- /dev/null +++ b/docs/api/allsast.md @@ -0,0 +1,4 @@ +::: codesectools.sasts.all + options: + show_submodules: true + show_if_no_docstring: true \ No newline at end of file diff --git a/docs/api/index.md b/docs/api/index.md index c306b98..7782bb1 100644 --- a/docs/api/index.md +++ b/docs/api/index.md @@ -3,5 +3,6 @@ Available APIs: - [`sasts`](./sast.md) +- [`allsast`](./allsast.md) - [`datasets`](./dataset.md) - [`shared`](./shared.md) \ No newline at end of file diff --git a/mkdocs.yml b/mkdocs.yml index a231583..fdfe368 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -19,6 +19,7 @@ nav: - API Reference: - api/index.md - SAST Tools: api/sast.md + - All SAST: api/allsast.md - Datasets: api/dataset.md - Shared: api/shared.md From 48f27b281bc6d413481f83c16044a1f0230330e9 Mon Sep 17 00:00:00 2001 From: Villon CHEN Date: Tue, 25 Nov 2025 09:52:38 +0100 Subject: [PATCH 3/6] docs(readme): add table of contents --- README.md | 27 +++++++++++++++------------ mkdocs.yml | 2 ++ 2 files changed, 17 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index 65f778d..26fd808 100644 --- a/README.md +++ b/README.md @@ -1,11 +1,23 @@ -# CodeSecTools + +# CodeSecTools
Logo
A framework for code security that provides abstractions for static analysis tools and datasets to support their integration, testing, and evaluation. - + + +## Table Of Contents +- [Overview](#overview) +- [Features](#features) +- [SAST Tool Integration Status](#sast-tool-integration-status) +- [Installation](#installation) +- [Usage](#usage) + - [Command-line interface](#command-line-interface) + - [Python API](#python-api) + + ## Overview **CodeSecTools** is a collection of scripts and wrappers that abstract external resources (such as SAST tools, datasets, and codebases), providing standardized interfaces to help them interact easily. @@ -123,13 +135,4 @@ for plot_function in graphics.plot_functions: fig = plot_function() fig.show() ``` - -## Documentation - -The documentation is available [online](https://oppida.github.io/CodeSecTools/). - -Or, you can serve it locally: -```bash -pip install .[docs] -mkdocs serve -``` \ No newline at end of file + \ No newline at end of file diff --git a/mkdocs.yml b/mkdocs.yml index fdfe368..7b320d0 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -76,6 +76,8 @@ plugins: nav_file: SUMMARY.md - include-markdown: rewrite_relative_urls: true + start: + end: - mkdocstrings: handlers: python: From bc24d30741c540b201a834576cf42a21a61ab8eb Mon Sep 17 00:00:00 2001 From: Villon CHEN Date: Tue, 25 Nov 2025 09:53:19 +0100 Subject: [PATCH 4/6] docs(readme): reorder sections --- README.md | 42 +++++++++++++++++++++++++----------------- 1 file changed, 25 insertions(+), 17 deletions(-) diff --git a/README.md b/README.md index 26fd808..87aa6c9 100644 --- a/README.md +++ b/README.md @@ -26,11 +26,29 @@ A framework for code security that provides abstractions for static analysis too CodeSecTools Overview +## Features + +- **Standardized SAST Tool Integration**: Provides a common abstraction layer for integrating various SAST tools. Once a tool is integrated, it automatically benefits from the framework’s core functionalities. +- **Unified Dataset Integration**: Uses a similar abstraction for handling datasets, allowing for consistent benchmarking of SAST tools across different sets of codebases, whether they are collections of individual files or entire Git repositories. +- **Project Analysis and Benchmarking**: Users can analyze their own projects or benchmark SAST tools against curated datasets to evaluate their effectiveness, including metrics like true positives, false positives, and false negatives. +- **Concurrent Analysis for Cross-Verification**: CodeSecTools can run multiple SAST tools simultaneously on the same project. This allows for the aggregation and cross-verification of results, increasing confidence in the identified vulnerabilities by highlighting findings reported by multiple tools. +- **Automated Reporting and Visualization**: The framework can generate detailed reports in HTML format and create graphs to visualize analysis results, helping to identify trends such as the most common CWEs or the files with the highest number of defects. + > [!WARNING] > This project provides wrappers and scripts to integrate with various third-party static analysis security testing (SAST) tools and datasets. It is important to note that this project **does not include** these third-party tools or datasets, unless otherwise specified. When a tool or dataset is included, its associated license file is also provided. > > Users of this project are solely responsible for reviewing, understanding, and complying with the licenses and terms of use associated with any third-party tools or datasets they choose to use through this framework. The respective licenses and terms can be found on the official websites or in the documentation of each tool or dataset. +## SAST Tool Integration Status + +|SAST Tool|Languages|Maintained|Continuous Testing|Last Test Date| +|:---:|:---:|:---:|:---:|:---:| +|Coverity|Java|⚠️
(Deprioritized)|❌
(Proprietary)|October 2025| +|Semgrep Community Edition|C/C++, Java|✅|✅|[Latest PR](https://github.com/OPPIDA/CodeSecTools/actions/workflows/ci.yaml)| +|Snyk Code|C/C++, Java|✅|❌
(Rate limited)|November 2025| +|Bearer|Java|✅|✅|[Latest PR](https://github.com/OPPIDA/CodeSecTools/actions/workflows/ci.yaml)| +|SpotBugs|Java|✅|✅|[Latest PR](https://github.com/OPPIDA/CodeSecTools/actions/workflows/ci.yaml)| +|Cppcheck|C/C++|✅|✅|[Latest PR](https://github.com/OPPIDA/CodeSecTools/actions/workflows/ci.yaml)| ## Installation @@ -57,24 +75,14 @@ cd CodeSecTools pip install . ``` -## Features - -- **Standardized SAST Tool Integration**: Provides a common abstraction layer for integrating various SAST tools. Once a tool is integrated, it automatically benefits from the framework’s core functionalities. -- **Unified Dataset Integration**: Uses a similar abstraction for handling datasets, allowing for consistent benchmarking of SAST tools across different sets of codebases, whether they are collections of individual files or entire Git repositories. -- **Project Analysis and Benchmarking**: Users can analyze their own projects or benchmark SAST tools against curated datasets to evaluate their effectiveness, including metrics like true positives, false positives, and false negatives. -- **Concurrent Analysis for Cross-Verification**: CodeSecTools can run multiple SAST tools simultaneously on the same project. This allows for the aggregation and cross-verification of results, increasing confidence in the identified vulnerabilities by highlighting findings reported by multiple tools. -- **Automated Reporting and Visualization**: The framework can generate detailed reports in HTML format and create graphs to visualize analysis results, helping to identify trends such as the most common CWEs or the files with the highest number of defects. - -### SAST Tool Integration Status +- Update the project: + + - Pull the latest changes: + ```bash + git pull + ``` -|SAST Tool|Languages|Maintained|Continuous Testing|Last Test Date| -|:---:|:---:|:---:|:---:|:---:| -|Coverity|Java|❌
(Proprietary)|❌
(Proprietary)|October 2025| -|Semgrep Community Edition|C/C++, Java|✅|✅|[Latest PR](https://github.com/OPPIDA/CodeSecTools/actions/workflows/ci.yaml)| -|Snyk Code|C/C++, Java|✅|❌
(Rate limited)|November 2025| -|Bearer|Java|✅|✅|[Latest PR](https://github.com/OPPIDA/CodeSecTools/actions/workflows/ci.yaml)| -|SpotBugs|Java|✅|✅|[Latest PR](https://github.com/OPPIDA/CodeSecTools/actions/workflows/ci.yaml)| -|Cppcheck|C/C++|✅|✅|[Latest PR](https://github.com/OPPIDA/CodeSecTools/actions/workflows/ci.yaml)| + - Reinstall (in case dependencies changed) ## Usage From d917f4219646d1bdf6cf477542283bd5c6e139f0 Mon Sep 17 00:00:00 2001 From: Villon CHEN Date: Tue, 25 Nov 2025 09:53:54 +0100 Subject: [PATCH 5/6] docs(readme): move reference to documentation higher --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 87aa6c9..7e23469 100644 --- a/README.md +++ b/README.md @@ -22,6 +22,8 @@ A framework for code security that provides abstractions for static analysis too **CodeSecTools** is a collection of scripts and wrappers that abstract external resources (such as SAST tools, datasets, and codebases), providing standardized interfaces to help them interact easily. +For more details on the design and integration of SAST tools and datasets in CodeSecTools, please refer to the [documentation](https://oppida.github.io/CodeSecTools). +
CodeSecTools Overview
From e886bb2ddb9e535d4b0ac5bed12efed509172fe0 Mon Sep 17 00:00:00 2001 From: Villon CHEN Date: Tue, 25 Nov 2025 09:56:28 +0100 Subject: [PATCH 6/6] docs(readme): clarify confusing sentence --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 7e23469..33c900f 100644 --- a/README.md +++ b/README.md @@ -37,7 +37,7 @@ For more details on the design and integration of SAST tools and datasets in Cod - **Automated Reporting and Visualization**: The framework can generate detailed reports in HTML format and create graphs to visualize analysis results, helping to identify trends such as the most common CWEs or the files with the highest number of defects. > [!WARNING] -> This project provides wrappers and scripts to integrate with various third-party static analysis security testing (SAST) tools and datasets. It is important to note that this project **does not include** these third-party tools or datasets, unless otherwise specified. When a tool or dataset is included, its associated license file is also provided. +> This project provides wrappers and scripts to integrate with various third-party static analysis security testing (SAST) tools and datasets. By default, this project **does not include third-party tools or datasets**. In the few instances where they are included, their associated license files are provided. > > Users of this project are solely responsible for reviewing, understanding, and complying with the licenses and terms of use associated with any third-party tools or datasets they choose to use through this framework. The respective licenses and terms can be found on the official websites or in the documentation of each tool or dataset.