codyze icon indicating copy to clipboard operation
codyze copied to clipboard

Published 20 hours ago verified publisher icon Fraunhofer-AISEC

Metadata

Codyze is a static analyzer for Java, C, C++ based on code property graphs

Results 66 codyze issues
Sort by recently updated
recently updated
newest added

Transition towards Java SE 17 (LTS)

# Feature request Java SE 17 (LTS) has been released some time ago. We should consider moving up from Java SE 11. To ensure everything keeps on working, we should...

fwendland avatar fwendland

enhancement
CI

Populate Manifest for artifacts

We generate a couple of artifacts for Codyze v2 and v3. We should populate the Manifest files for built JAR files.

fwendland avatar fwendland

enhancement

Rework integration of Spotless

1 comment

We're using [Spotless](https://github.com/diffplug/spotless) to enforce a consistent programming style. Currently, we're applying Spotless before the compilation step. As a result, Spotless checks will always succeed. The downside is that checked...

fwendland avatar fwendland

enhancement

No output files produced: CLI mode

No .json or .txt output files produced on CLI execution Command : \codyze-main\build\install\codyze\bin\codyze.bat -c -m codyze\mark\bouncycastle -s test.java -o output.txt No errors reported. Please find attached the logs. [crymlin.log](https://github.com/Fraunhofer-AISEC/codyze/files/8414813/crymlin.log) Sneak...

kiranravindran90 avatar kiranravindran90

ScopeManager Error

When I run codyze, I get a ScopeManager error message for each imported class. Does this affect the results of the analysis? If that is the case, how can fix...

0xNiko avatar 0xNiko

Duplicate conditions in MARK rules

In the following rule from the Bouncy Castle ruleset, the `_is(m.key, kg.key)` is mentioned as precondition and condition both. Based on MARK, the condition statement will be examined if a...

shahrzadav avatar shahrzadav

Mark tests do not handle spaces in filepath

Tests using [AbstractMarkTest](https://github.com/Fraunhofer-AISEC/codyze/blob/main/src/test/java/de/fraunhofer/aisec/codyze/crymlin/AbstractMarkTest.kt).performTest() (e. g. BotanRulesTest) throw a RuntimeException if the path to the mark files contains a whitespace (tested on Windows). > . . . 13:54:01,709 INFO AnalysisServer Parsing...

CodingDepot avatar CodingDepot

bug

Incorrect template type evaluation when matching MARK ops

In MARK entities we can define `op`s. They collect functions/methods with a common purpose but different signatures. To differentiate between functions/methods with the same name we can provide type specifiers...

fwendland avatar fwendland

bug

Trouble using Codyze on IntelliJ

I faced an issue when I was trying to install Codyze on IntelliJ. I followed the steps on the Codyze doc page to install Codyze on IntelliJ. I maintained a...

shahrzadav avatar shahrzadav

Use CPG's `ValueResolver` to help resolve constants

We can use the CPG's value resolver once https://github.com/Fraunhofer-AISEC/cpg/pull/619 is merged in to also resolve simple constant expressions such as `int a = 1+1`

oxisto avatar oxisto

Metadata

82
Stars
19
Forks
Watchers

Owner

verified publisher icon Fraunhofer-AISEC

Metadata

Codyze is a static analyzer for Java, C, C++ based on code property graphs

Back