Integrate atom tools and other goodies (#133)

* Update packages. Added atom-tools to container image.

Signed-off-by: Prabhu Subramanian <[email protected]>

* Invoke atom-tools

Signed-off-by: Prabhu Subramanian <[email protected]>

* Invoke atom-tools

Signed-off-by: Prabhu Subramanian <[email protected]>

* Lint fixes

Signed-off-by: Prabhu Subramanian <[email protected]>

* Retain resolved method for python

Signed-off-by: Prabhu Subramanian <[email protected]>

* Update cli args

Signed-off-by: Prabhu Subramanian <[email protected]>

---------

Signed-off-by: Prabhu Subramanian <[email protected]>

README.md

@@ -85,6 +85,7 @@ Command: usages [options]
 Extract local variable and parameter usages
   --min-num-calls <value>  the minimum number of calls required for a usage slice - defaults to 1.
   --include-source         includes method source code in the slices - defaults to false.
+  --extract-endpoints      extract http endpoints and convert to openapi format using atom-tools - defaults to false.
 Command: reachables [options]
 Extract reachable data-flow slices based on automated framework tags
   --source-tag <value>     source tag - defaults to framework-input.
@@ -133,6 +134,17 @@ atom usages -o app.atom --slice-outfile usages.json -l java .
 
 Learn more about [slices](./specification/docs/slices.md) or view some [samples](https://github.com/AppThreat/atom-samples)
 
+### Extract HTTP endpoints in openapi format using atom-tools
+
+Atom can automatically invoke [atom-tools](https://github.com/AppThreat/atom-tools) `convert` command to extract http endpoints from the usages slices. Pass the argument `--extract-endpoints` to enable this feature.
+
+```shell
+pip install atom-tools
+atom usages --extract-endpoints -o app.atom --slice-outfile usages.json -l java .
+```
+
+A file called `openapi.generated.json` would be created with the endpoints information.
+
 ### Export atom to graphml or dot format
 
 It is possible to export each method along with data dependencies in an atom to graphml or dot format. Simply pass `--export` to enable this feature.
@@ -158,15 +170,15 @@ atom -o app.atom -l java --export-atom --export-dir <export dir> --with-data-dep
 ## container usage
 
 ```shell
-docker run --rm -v /tmp:/tmp -v $HOME:$HOME -v $(pwd):/app:rw -it ghcr.io/appthreat/atom --help
-# podman run --rm -v /tmp:/tmp -v $HOME:$HOME -v $(pwd):/app:rw -it ghcr.io/appthreat/atom --help
+docker run --rm -v /tmp:/tmp -v $HOME:$HOME -v $(pwd):/app:rw -it ghcr.io/appthreat/atom atom --help
+# podman run --rm -v /tmp:/tmp -v $HOME:$HOME -v $(pwd):/app:rw -it ghcr.io/appthreat/atom atom --help
 ```
 
 Example for java project.
 
 ```shell
-docker run --rm -v /tmp:/tmp -v $HOME:$HOME -v $(pwd):/app:rw -it ghcr.io/appthreat/atom -l java -o /app/app.atom /app
-# podman run --rm -v /tmp:/tmp -v $HOME:$HOME -v $(pwd):/app:rw -it ghcr.io/appthreat/atom -l java -o /app/app.atom /app
+docker run --rm -v /tmp:/tmp -v $HOME:$HOME -v $(pwd):/app:rw -it ghcr.io/appthreat/atom atom -l java -o /app/app.atom /app
+# podman run --rm -v /tmp:/tmp -v $HOME:$HOME -v $(pwd):/app:rw -it ghcr.io/appthreat/atom atom -l java -o /app/app.atom /app
 ```
 
 ## Languages supported

build.sbt

@@ -1,6 +1,6 @@
 name                     := "atom"
 ThisBuild / organization := "io.appthreat"
-ThisBuild / version      := "2.0.8"
+ThisBuild / version      := "2.0.9"
 ThisBuild / scalaVersion := "3.3.1"
 
 val chenVersion      = "2.0.8"

ci/Dockerfile

@@ -9,7 +9,7 @@ LABEL maintainer="appthreat" \
       org.opencontainers.image.licenses="Apache-2.0" \
       org.opencontainers.image.title="atom" \
       org.opencontainers.image.description="Container image for AppThreat atom" \
-      org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -v $HOME:$HOME -v $(pwd):/app:rw -it ghcr.io/appthreat/atom -o /app/app.atom -l java /app"
+      org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -v $HOME:$HOME -v $(pwd):/app:rw -it ghcr.io/appthreat/atom atom -o /app/app.atom -l java /app"
 
 ARG MAVEN_VERSION=3.9.6
 
@@ -18,6 +18,8 @@ ENV MAVEN_VERSION=$MAVEN_VERSION \
     ANDROID_HOME=/opt/android-sdk-linux \
     JAVA_TOOL_OPTIONS="-Dfile.encoding=UTF-8" \
     PHP_PARSER_BIN=/opt/vendor/bin/php-parse \
+    PYTHONUNBUFFERED=1 \
+    PYTHONIOENCODING="utf-8" \
     COMPOSER_ALLOW_SUPERUSER=1
 
 ENV PATH=/opt/bin:/opt/vendor/bin:${PATH}:${MAVEN_HOME}/bin:/usr/local/bin/:/root/.local/bin:${ANDROID_HOME}/cmdline-tools/latest/bin:${ANDROID_HOME}/tools:${ANDROID_HOME}/tools/bin:${ANDROID_HOME}/platform-tools:
@@ -38,8 +40,13 @@ RUN set -e; \
     esac; \
     echo -e "[nodejs]\nname=nodejs\nstream=20\nprofiles=\nstate=enabled\n" > /etc/dnf/modules.d/nodejs.module \
     && microdnf install -y gcc git-core php php-cli php-curl php-zip php-bcmath php-json php-pear php-mbstring php-devel make \
+        python3.11 python3.11-devel python3.11-pip \
         wget bash glibc-common glibc-all-langpacks java-21-openjdk-headless \
         pcre2 findutils which tar gzip zip unzip sudo nodejs \
+    && alternatives --install /usr/bin/python3 python /usr/bin/python3.11 1 \
+    && python3 --version \
+    && node --version \
+    && python3 -m pip install --upgrade pip poetry atom-tools \
     && curl -s "https://get.sdkman.io" | bash \
     && source "$HOME/.sdkman/bin/sdkman-init.sh" \
     && echo -e "sdkman_auto_answer=true\nsdkman_selfupdate_feature=false\nsdkman_auto_env=true\nsdkman_curl_connect_timeout=20\nsdkman_curl_max_time=0" >> $HOME/.sdkman/etc/config \
@@ -77,4 +84,4 @@ RUN unzip -q atom.zip \
     && which phpastgen \
     && microdnf clean all
 
-ENTRYPOINT ["/opt/bin/atom"]
+CMD ["/opt/bin/atom"]

ci/Dockerfile.sle

@@ -9,12 +9,14 @@ LABEL maintainer="appthreat" \
       org.opencontainers.image.licenses="Apache-2.0" \
       org.opencontainers.image.title="atom" \
       org.opencontainers.image.description="Container image for AppThreat atom" \
-      org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -v $HOME:$HOME -v $(pwd):/app:rw -it ghcr.io/appthreat/atom-sle -o /app/app.atom -l java /app"
+      org.opencontainers.docker.cmd="docker run --rm -v /tmp:/tmp -v $HOME:$HOME -v $(pwd):/app:rw -it ghcr.io/appthreat/atom-sle atom -o /app/app.atom -l java /app"
 
 
 ENV ANDROID_HOME=/opt/android-sdk-linux \
     JAVA_TOOL_OPTIONS="-Dfile.encoding=UTF-8" \
     PHP_PARSER_BIN=/opt/vendor/bin/php-parse \
+    PYTHONUNBUFFERED=1 \
+    PYTHONIOENCODING="utf-8" \
     COMPOSER_ALLOW_SUPERUSER=1
 
 ENV PATH=/opt/bin:/opt/vendor/bin:${PATH}:/usr/local/bin/:/root/.local/bin:${ANDROID_HOME}/cmdline-tools/latest/bin:${ANDROID_HOME}/tools:${ANDROID_HOME}/tools/bin:${ANDROID_HOME}/platform-tools:
@@ -34,6 +36,9 @@ RUN set -e; \
         *) echo >&2 "error: unsupported architecture: '$ARCH_NAME'"; exit 1 ;; \
     esac; \
     zypper --non-interactive install -l --no-recommends php8 php8-cli php8-curl php8-zip php8-bcmath php8-pear php8-mbstring php8-devel \
+    && python3 --version \
+    && node --version \
+    && python3 -m pip install --upgrade pip poetry atom-tools \
     && mkdir -p ${ANDROID_HOME}/cmdline-tools \
     && curl -L https://dl.google.com/android/repository/commandlinetools-linux-10406996_latest.zip -o ${ANDROID_HOME}/cmdline-tools/android_tools.zip \
     && unzip ${ANDROID_HOME}/cmdline-tools/android_tools.zip -d ${ANDROID_HOME}/cmdline-tools/ \
@@ -64,4 +69,4 @@ RUN unzip -q atom.zip \
     && which phpastgen \
     && zypper clean -a
 
-ENTRYPOINT ["/opt/bin/atom"]
+CMD ["/opt/bin/atom"]

codemeta.json

@@ -7,7 +7,7 @@
   "downloadUrl": "https://github.com/AppThreat/atom",
   "issueTracker": "https://github.com/AppThreat/atom/issues",
   "name": "atom",
-  "version": "2.0.8",
+  "version": "2.0.9",
   "description": "Atom is a novel intermediate representation for next-generation code analysis.",
   "applicationCategory": "code-analysis",
   "keywords": [