Skip to content

Codyze is a static analyzer for Java, C, C++ based on code property graphs

License

Notifications You must be signed in to change notification settings

obraunsdorf/codyze

 
 

Repository files navigation

Codyze 🔎 🚀

build GitHub last commit codecov GitHub

⚠️ This version of Codyze is still under development. If you are looking for a stable version, please use the 2.3.0 release.

Codyze is a static code analyzer that focuses on verifying security compliance in source code, i.e. by inferring the correct use of cryptographic libraries. It operates on code property graphs and is thus able to handle non-compiling or even incomplete code fragments.

Build & Run Codyze

A Java SE 17 JDK is a prerequisite. We build and test using Eclipse Temurin but any distribution should work.

To build an executable version of Codyze, use the installDist task in the project's root:

$ ./gradlew :codyze-cli:installDist

This will provide you with an executable Codyze installation under codyze-cli/build/install/codyze-cli.

To run Codyze you can either run this executable or use the run task:

$ ./gradlew run

This will print the help message and return an error.

To actually run Codyze you must specify a subcommand:

$ ./gradlew run --args="analyze"

This will run the 'analyze' subcommand using the demo config file ./codyze-cli/codyze.json.

For more information, please refer to the documentation.

Research & Student Work

If you are looking for an exciting thesis project or student job in the field of static analysis, we are happy to discuss possible topics. Please contact us at codyze [at] aisec.fraunhofer.de.

Support

We will continue to maintain this project for the foreseeable future on a best-effort basis. That is, if you run into any bugs or find the documentation insufficient, we encourage you to open issues or pull requests. If you are interested in support and development for commercial use, please contact us.

License

Apache License 2.0

About

Codyze is a static analyzer for Java, C, C++ based on code property graphs

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Kotlin 94.2%
  • Java 4.2%
  • Other 1.6%