-
Notifications
You must be signed in to change notification settings - Fork 19
Configuring Codyze
There are two ways of configuring Codyze, through command line options or a configuration file.
If both are present, the command line options take precedence over the configuration file. For list and map type options, the data from the configuration file can be overwritten if the normal option (e.g. --option-name
) is used. If the option with a plus is used (e.g. --option-name+
), the data from the command line is appended to the one from the configuration file.
There are three execution modes in which Codyze can run:
- Command line mode (
-c
, default):
Non-interactive command line client, accepts arguments from command line and runs analysis - Language server protocol mode (
-l
):
This mode is for IDE support and binds to stdout as a server for Language Server Protocol (LSP) - Interactive console mode (
-t
):
The text based user interface (TUI) is an interactive console that allows exploring the analyzed source code by manual queries
The help and version message can be displayed with -h
and -V
respectively.
The configurations can also be defined with a YAML configuration file. Use the option --config=<filepath>
to specify the path to the config file. If --config
is specified without an option parameter, Codyze will try to load the configuration file from ./codyze.yaml
in the working directory. If the option is not specified, no configuration file will be parsed.
Relative paths in the configuration file are resolved relative to the configuration file location.
The JSON schema located at schema/codyze-config-schema.json
can be used for generating or validating the configuration file.
Different IDE extensions for using the schema (e.g. for VSCode) can be found in this Red Hat blog post.
This is a list of all available configurations in Codyze and their descriptions. They are sorted into different headings so that the heading structure is identical to the one expected in the configuration file.
The key names are the same for the configuration file and the CLI options. The CLI options of list- and map-type configurations have another name with a plus appended (e.g. --option-name+
) to append the command line data to the configuration file data.
./
denotes the working directory in which codyze was started.
Key | Value | Description | Default Value |
---|---|---|---|
source | String[] | Path to the to be analyzed files or directories. | [./] |
disabled-sources | String[] | Path to files or directories which should not be analyzed. Symbolic links are not followed when filtering out these paths. | [] |
output | String | Path to output file in which results are written. Use "-" to print to stdout . |
findings.sarif |
timeout | long | Terminates analysis after given minutes. | 120 |
sarif | boolean | Controls whether the output is written in the SARIF format. | true |
Key | Value | Description | Default Value |
---|---|---|---|
mark | String[] | Paths to Mark rule files. | [./] |
disabled-mark-rules | String[] | The specified Mark rules will be excluded from being parsed and processed. The rule has to be specified by its fully qualified name (package.rule ). If there is no package name, specify rule as .rule . Use package.* to disable an entire package. |
[] |
no-good-findings | boolean | Disables output of positive findings. | false |
pedantic | boolean | Activates pedantic analysis mode. In this mode, Codyze analyzes all MARK rules and report all findings. This option overrides "disabled-mark-rules" and "no-good-finding" and ignores any Codyze source code comments. | false |
Key | Value | Description | Default Value |
---|---|---|---|
typestate | DFA/WPDS |
Specify typestate analysis mode.DFA : Deterministic finite automaton (faster, intraprocedural)WPDS : Weighted pushdown system (slower, interprocedural) |
DFA |
Key | Value | Description | Default Value |
---|---|---|---|
additional-languages | String[] | Specify programming languages of to be analyzed files (full names). | [] |
unity | boolean | Only relevant for C++. A unity build refers to a build that consolidates all translation units into a single one, which has the advantage that header files are only processed once, adding far less duplicate nodes to the graph. | false |
type-system-in-frontend | boolean | If false, the type listener system is only activated once the frontends are done building the initial AST structure. This avoids errors where the type of a node may depend on the order in which the source files have been parsed. | true |
default-passes | boolean | Adds all default passes in cpg (1. FilenameMapper, 2. TypeHierarchyResolver, 3. ImportResolver, 4. VariableUsageResolver, 5. CallResolver, 6. EvaluationOrderGraphPass, 7. TypeResolver). | true |
passes | String[] | Register these passes to be executed in the specified order. | [] |
debug-parser | boolean | Enables debug output generation for the cpg parser. | false |
disable-cleanup | boolean | Switch off cleaning up TypeManager memory after analysis, set to true only for testing. | false |
code-in-nodes | boolean | Should the code of a node be shown as parameter in the node. | false |
annotations | boolean | Enables processing annotations or annotation-like elements. | false |
fail-on-error | boolean | Should parser/translation fail on parse/resolving errors (true) or try to continue in a best-effort manner (false). | false |
symbols | Map<String, String> | Definition of additional symbols. | {} |
parallel-frontends | boolean | If true, the ASTs for the source files are parsed in parallel, but the passes afterwards will still run in a single thread. This speeds up initial parsing but makes sure that further graph enrichment algorithms remain correct. | false |
Key | Value | Description | Default Value |
---|---|---|---|
analyze-includes | boolean | Enables parsing of include files. If includePaths are given, the parser will resolve symbols/templates from these in include but not load their parse tree. | false |
includes | String[] | Paths containing include files. | [] |
enabled-includes | String[] | If includes is not empty, only the specified files will be parsed and processed in the cpg, unless it is a part of the disabled list, in which it will be ignored. | [] |
disabled-includes | String[] | If includes is not empty, the specified includes files will be excluded from being parsed and processed in the cpg. The disabled list entries always take priority over the enabled list entries. | [] |