Ruby auto-tagging (#96)

* Ruby reachables Signed-off-by: Prabhu Subramanian <[email protected]> --------- Signed-off-by: Prabhu Subramanian <[email protected]>
AppThreat · Jan 13, 2025 · d587cbf · d587cbf
1 parent 00ce822
commit d587cbf
Show file tree

Hide file tree

Showing 8 changed files with 167 additions and 139 deletions.
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -89,6 +89,7 @@ jobs:
           $CONDA/bin/conda build -c conda-forge --no-anaconda-upload --output-folder /tmp/conda-out/ .
         env:
           ANACONDA_API_TOKEN: ${{ secrets.ANACONDA_TOKEN }}
+        continue-on-error: true
       - name: Release Anaconda
         if: startsWith(github.ref, 'refs/tags/')
         run: |

diff --git a/build.sbt b/build.sbt
@@ -1,6 +1,6 @@
 name                     := "chen"
 ThisBuild / organization := "io.appthreat"
-ThisBuild / version      := "2.3.0"
+ThisBuild / version      := "2.3.1"
 ThisBuild / scalaVersion := "3.6.2"
 
 val cpgVersion = "1.0.1"

diff --git a/codemeta.json b/codemeta.json
@@ -7,7 +7,7 @@
   "downloadUrl": "https://github.com/AppThreat/chen",
   "issueTracker": "https://github.com/AppThreat/chen/issues",
   "name": "chen",
-  "version": "2.3.0",
+  "version": "2.3.1",
   "description": "Code Hierarchy Exploration Net (chen) is an advanced exploration toolkit for your application source code and its dependency hierarchy.",
   "applicationCategory": "code-analysis",
   "keywords": [

diff --git a/meta.yaml b/meta.yaml
@@ -1,4 +1,4 @@
-{% set version = "2.3.0" %}
+{% set version = "2.3.1" %}
 
 package:
   name: chen

diff --git a/...tends/ruby2atom/src/main/scala/io/appthreat/ruby2atom/passes/ConfigFileCreationPass.scala b/...tends/ruby2atom/src/main/scala/io/appthreat/ruby2atom/passes/ConfigFileCreationPass.scala
@@ -27,5 +27,9 @@ class ConfigFileCreationPass(cpg: Cpg) extends XConfigFileCreationPass(cpg):
     // XML files
     extensionFilter(".xml"),
     // ERB files
-    extensionFilter(".erb")
+    extensionFilter(".erb"),
+    pathEndFilter("bom.json"),
+    pathEndFilter(".cdx.json"),
+    pathEndFilter("chennai.json")
   )
+end ConfigFileCreationPass
diff --git a/platform/frontends/x2cpg/src/main/scala/io/appthreat/x2cpg/passes/taggers/CdxPass.scala b/platform/frontends/x2cpg/src/main/scala/io/appthreat/x2cpg/passes/taggers/CdxPass.scala
@@ -60,6 +60,12 @@ class CdxPass(atom: Cpg) extends CpgPass(atom):
       else
         str
 
+  private def toRubyModuleForm(str: String) =
+      if str.nonEmpty then
+        s".*(::)?${str.split("::").head}(::).*"
+      else
+        str
+
   override def run(dstGraph: DiffGraphBuilder): Unit =
       atom.configFile.name(BOM_JSON_FILE).content.foreach { cdxData =>
         val cdxJson         = parse(cdxData).getOrElse(Json.Null)
@@ -161,14 +167,31 @@ class CdxPass(atom: Cpg) extends CpgPass(atom):
                           bpkg.replace(File.separator, Pattern.quote(File.separator))
                     if language == Languages.PYTHON || language == Languages.PYTHONSRC
                     then bpkg = toPyModuleForm(bpkg)
+                    if language == Languages.RUBYSRC
+                    then bpkg = toRubyModuleForm(bpkg)
                     if language == Languages.PHP
                     then
                       bpkg = bpkg.replaceAll("""\\""", """\\\\""")
                       bpkg = s"""$bpkg.*"""
                     if bpkg.nonEmpty && !donePkgs.contains(bpkg) then
                       donePkgs.put(bpkg, true)
+                      // Ruby
+                      if language == Languages.RUBYSRC
+                      then
+                        atom.call.code(bpkg).argument.newTagNode(
+                          compPurl
+                        ).store()(dstGraph)
+                        atom.call.code(bpkg).receiver.isMethod.where(_.fullName(
+                          s"((app|config)${Pattern.quote(File.separator)})?(routes|controller(s)?|model(s)?|application).*\\.rb.*"
+                        )).parameter.newTagNode("framework-input").store()(dstGraph)
+                        atom.call.code(bpkg).receiver.newTagNode(
+                          s"$compType-value"
+                        ).store()(dstGraph)
+                        atom.call.code(bpkg).callee(NoResolve).isMethod.parameter.newTagNode(
+                          s"$compType-input"
+                        ).store()(dstGraph)
                       // C/C++
-                      if language == Languages.NEWC || language == Languages.C
+                      else if language == Languages.NEWC || language == Languages.C
                       then
                         atom.method.fullNameExact(bpkg).callIn(
                           NoResolve

diff --git a/poetry.lock b/poetry.lock
diff --git a/pyproject.toml b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "appthreat-chen"
-version = "2.3.0"
+version = "2.3.1"
 description = "Code Hierarchy Exploration Net (chen)"
 authors = ["Team AppThreat <[email protected]>"]
 license = "Apache-2.0"