graph based analysis of javascript source code
play

Graph-based analysis of JavaScript source code repositories Gbor - PowerPoint PPT Presentation

Feb 24, 2024 •678 likes •1.09k views

Graph-based analysis of JavaScript source code repositories Gbor Szrnyas Graph Processing devroom @ FOSDEM 2018 JAVASCRIPT Latest standard: ECMAScript 2017 STATIC ANALYSIS Static source code analysis is a software testing approach

  1. Graph-based analysis of JavaScript source code repositories Gábor Szárnyas Graph Processing devroom @ FOSDEM 2018

  2. JAVASCRIPT Latest standard: ECMAScript 2017

  3. STATIC ANALYSIS  Static source code analysis is a software testing approach performed without compiling and executing the program itself. Codacy, Static CodeClimate, analysis etc. Version Control Development System Unit and Compilation integration tests

  4. STATIC ANALYSIS TOOLS  C  JavaScript o lint -> linters o ESLint o Facebook Flow  Java o Tern.js o FindBugs o TAJS o PMD

  5. PERFORMANCE CONSIDERATIONS  Checking global rules is computationally expensive  Slow for large projects, difficult to integrate even to CI ☆ ☾ ☆ ☼ Unit tests Code analysis  Workaround #1: no global rules (ESLint)  Workaround #2: batching (e.g. 1/day) Unit tests Code analysis  Workaround #3: custom algorithms (e.g. Flow)

  6. PROJECT GOALS Goal  Static analysis for JavaScript applications Design considerations  Custom analysis rules o Both global and local o Extensible  High-performance o “real - time” responses

  7. ARCHITECTURE AND WORKFLOW

  8. PROPOSED APPROACH Design considerations  Custom analysis rules  High-performance Δ 2.-1. 1. Approach analyzer  Use a declarative query language  Use incremental processing o in lieu of batch execution o file-granularity o maintain results

  9. ARCHITECTURE VCS Workspace Abstract Syntax Abstract Semantic Tree Graph . +--- discoverer +--- ChangeProcessor.js +--- CommandParser.js . +--- FileIterator.js +--- iterators +-------DepCollector.js +-------FileDiscoverer.js +-------InitIterator.js Main.js | ++---- +--- Main.js +--- whitepages Dependency.js . | +++++- +--- ConnectionMgr.js . Fiterator.js . | ---- +--- DependencyMgr .js . Parser.js | ++ Analysis rules Analysis server Graph database <!> <?> Validation report <.> Client

  10. CODE PROCESSING STEPS CODE forráskód code tokenizer tokenizer a sequence of statements: tokenek tokens parser parser var foo = 1 / 0 AST AST scope analyzer scope analyzer ASG ASG

  11. CODE PROCESSING STEPS TOKENS tokens : the shortest meaningful character sequence code var foo = 1 / 0 tokenizer tokens Token Token type parser var VAR (Keyword) foo IDENTIFIER (Ident) AST = ASSIGN (Punctuator) 1 NUMBER (NumericLiteral) scope analyzer / DIV (Punctuator) ASG 0 NUMBER (NumericLiteral)

  12. CODE PROCESSING STEPS AST Abstract Syntax Tree o Tree representation of Module o the grammar structure of items code VariableDeclarationStatement o sequence of tokens. declaration tokenizer VariableDeclaration declarators tokens VariableDeclarator binding init parser BindingIdentifier BinaryExpression name = "foo" operator = "Div" AST left right scope analyzer LiteralNumericExpression LiteralNumericExpression value = 1.0 value = 0.0 ASG

  13. CODE PROCESSING STEPS ASG Abstract Semantic Graph o Not necessarily a tree astNode Module Module GlobalScope o Has scopes & items items code children semantic info declaration declaration variables tokenizer o Cross edges declarators declarators tokens references binding binding declarations init init parser AST left right left right node scope analyzer ASG

  14. AST VS. ASG var foo = 1 / 0 1 LOC -> 20+ nodes

  15. PATTERN MATCHING  Declarative graph patterns with Cypher VariableDeclarator binding be BindingIdentifier BinaryExpression name = "foo" operator = "Div" Match result LNExpression right LNExpression value = 1.0 value = 0.0 MATCH (binding:BindingIdentifier) <-[:binding]-()--> (be:BinaryExpression) -[:right]->(right:LNExpression) WHERE be.operator = 'Div' AND right.value = 0.0 RETURN binding

  16. WORKFLOW Version source code control system tokenizer tokens transformation Developer’s IDE graph parser database AST scope analyzer traceability ASG Java, Cypher Neo4j Git, Visual Studio Code ShapeSecurity Shift

  17. USE CASES TYPE INFERENCING function foo(x, y) { return (x + y); } function bar(a, b) { return foo(b, a); } var quux = bar("goodbye", "hello"); Source: http://marijnhaverbeke.nl/blog/tern.html

  18. USE CASES GLOBAL ANALYSIS Reachability:  dead code detection  async/await (ECMAScript 2017)  potential division by zero

  19. TECH DETAILS

  20. IMPORTS AND EXPORTS

  21. FIXPOINT ALGORITHMS  Lots of propagation algorithms  „ Run to completion ” scheduling o Mix of Java code and Cypher

  22. EFFICIENT INITIALIZATION  Initial build of the graph with Cypher was slow  Generate CSV and bulk load  Two files: nodes, relationships $NEO4J_HOME/bin/neo4j-admin import --database=db --nodes=nodes.csv --relationships=relationships.csv  10× speedup

  23. REGULAR PATH QUERIES  Transitive closure on certain combinations  Workaround: o Start transaction o Add proxy relationships o Calculate transitive closure o Rollback transaction A B *  openCypher proposal for path patterns (:A)-/[:R1 :R2 :R3]+/->(:B)

  24. INCREMENTAL QUERIES

  25. OPENCYPHER SYSTEMS  „ The openCypher project aims to deliver a full and open specification of the industry’s most widely adopted graph database query language: Cypher. ” (late 2015)  Research prototypes o Graphflow (Univesity of Waterloo) incremental processing o ingraph (incremental graph engine) (Source: Keynote talk @ GraphConnect NYC 2017)

  26. FOSDEM 2017: INGRAPH

  28. STATE OF INGRAPH IN 2018  Cover a substantial fragment of openCypher o MATCH , OPTIONAL MATCH , WHERE o WITH , functions, aggregations o CREATE , DELETE  Features on the roadmap o MERGE , REMOVE , SET o List comprehensions J. Marton, G. Szárnyas, D. Varró: Formalising openCypher Graph Queries in Relational Algebra, ADBIS, Springer, 2017 G. Szárnyas: Incremental View Maintenance for Property Graph Queries, SIGMOD SRC, 2018

  29. RELATED PROJECTS

  30. JQASSISTANT Code comprehension: software to graph Dirk Mahler, Pushing the evolution of software analytics with graph technology, Neo4j blog, 2017

  31. SLIZAA slizaa uses Neo4j/jQAssistant and provides a front end with a bunch of specific tools and viewers to provide an easy-to-use in-depth insight of your software's architecture. Gerd Wütherich, Core concepts, slizaa

  32. SLIZAA: ECLIPSE IDE

  33. SLIZAA: XTEXT OPENCYPHER  Xtext-based grammar  Used in the ingraph compiler  Now has a scope analyzer  Works in the Eclipse IDE and web UI

  34. WRAPPING UP

  35. PUBLICATIONS Dániel Stein: Graph-based source code analysis of JavaScript repositories, Master ’s thesis, 2016 Soma Lucz: Static analysis algorithms for JavaScript, Bachelor’s thesis, 2017

  36. CONCLUSION  Some interesting analysis rules require a global view of the code  Good use case for graph databases o Property graph o Cypher language  Very good use case for incremental queries o Incrementality on multiple levels

  37. RELATED RESOURCES Codemodel-Rifle github.com/ftsrg/codemodel-rifle ingraph engine github.com/ftsrg/ingraph Shape Security’s Shift parser github.com/shapesecurity/shift-java Slizaa openCypher Xtext github.com/slizaa/slizaa-opencypher-xtext Thanks to Ádám Lippai, Soma Lucz, Dániel Stein, Dávid Honfi and the ingraph team.

  38. Ω

  39. VISUAL STUDIO CODE INTEGRATION  Language Server Protocol (LSP) allows portable implementation

  40. USE CASES CFG  Control Flow Graph o graph representation of error o every possible statement statement sequence statement  Basis for type condition if inferencing and statement statement test generation statement done statement

Recommend

CSc 337 LECTURE 7: UNOBTRUSIVE JAVASCRIPT Unobtrusive JavaScript JavaScript event code seen

CSc 337 LECTURE 7: UNOBTRUSIVE JAVASCRIPT Unobtrusive JavaScript JavaScript event code seen

CSc 337 LECTURE 7: UNOBTRUSIVE JAVASCRIPT Unobtrusive JavaScript JavaScript event code seen previously was obtrusive , in the HTML; this is bad style now we'll see how to write unobtrusive JavaScript code HTML with no JavaScript code

877 views • 30 slides
Interactive Software Maps for Web-Based Source Code Analysis Daniel Limberger ( a ) Benjamin Wasty

Interactive Software Maps for Web-Based Source Code Analysis Daniel Limberger ( a ) Benjamin Wasty

Interactive Software Maps for Web-Based Source Code Analysis Daniel Limberger ( a ) Benjamin Wasty ( b ) umper ( a ) ollner ( a ) Jonas Tr J urgen D ( a ) Hasso-Plattner-Institut , University of Potsdam, Germany ( b ) Software Diagnostics

696 views • 40 slides
Tools for large-scale collection &amp; analysis of source code repositories OPEN SOURCE GIT

Tools for large-scale collection &amp; analysis of source code repositories OPEN SOURCE GIT

Tools for large-scale collection &amp; analysis of source code repositories OPEN SOURCE GIT REPOSITORY COLLECTION PIPELINE Intro Alexander Bezzubov source{d} committer &amp; PMC @ apache zeppelin startup in Madrid engineer

436 views • 25 slides
TITRE DE LA THESE Pattern Analysis for Source-Code Performance Improvement Authors: Riyane SID

TITRE DE LA THESE Pattern Analysis for Source-Code Performance Improvement Authors: Riyane SID

Data-Layout Optimization based on Memory-Access- TITRE DE LA THESE Pattern Analysis for Source-Code Performance Improvement Authors: Riyane SID LAKHDAR, Henri-Pierre CHARLES, Maha KOOLI Univ Grenoble Alpes, CEA, List, F-38000 Grenoble, France

374 views • 35 slides
Introduction to Graph Cluster Analysis Outline Introduction to Cluster Analysis Types of

Introduction to Graph Cluster Analysis Outline Introduction to Cluster Analysis Types of

Introduction to Graph Cluster Analysis Outline Introduction to Cluster Analysis Types of Graph Cluster Analysis Algorithms for Graph Clustering k-Spanning Tree Shared Nearest Neighbor Betweenness Centrality Based Highly

836 views • 48 slides
Runtime Environments Where We Are Source Lexical Analysis Code Syntax Analysis Semantic

Runtime Environments Where We Are Source Lexical Analysis Code Syntax Analysis Semantic

Runtime Environments Where We Are Source Lexical Analysis Code Syntax Analysis Semantic Analysis IR Generation IR Optimization Code Generation Machine Optimization Code Where We Are Source Lexical Analysis Code Syntax Analysis

1.47k views • 125 slides
Compiling and Linking C code Assembly C Source C Source C Source Source .c Code Code Code

Compiling and Linking C code Assembly C Source C Source C Source Source .c Code Code Code

Advanced Programming Modular Programming in C Modular Programming Intro n It is not possible to create complex programs using a single source file: n Compiling is slow n Difficult reuse of functions n Impossible collaboration among

513 views • 17 slides
Where We Are Source code Lexical, Syntax, and if (b == 0) a = b; Semantic Analysis IR

Where We Are Source code Lexical, Syntax, and if (b == 0) a = b; Semantic Analysis IR

Where We Are Source code Lexical, Syntax, and if (b == 0) a = b; Semantic Analysis IR Generation Low-level IR code Optimizations Optimized Low-level IR code Assembly code Assembly code generation cmp $0,%rcx cmovz %rax,%rdx 1 Low IR

777 views • 42 slides
Graphology Designing a graph library for JavaScript Speakers Guillaume Plique ( )

Graphology Designing a graph library for JavaScript Speakers Guillaume Plique ( )

Graphology Designing a graph library for JavaScript Speakers Guillaume Plique ( ) @Yomguithereal Developer at SciencesPos mdialab ~ Alexis Jacomy ( ) @jacomyal CTO of Matlo, sigma.js developer Observation In JavaScript, unlike most

745 views • 51 slides
What is TypeScript? TypeScript = JavaScript TypeScript = Modern JavaScript TypeScript = Modern

What is TypeScript? TypeScript = JavaScript TypeScript = Modern JavaScript TypeScript = Modern

What is TypeScript? TypeScript = JavaScript TypeScript = Modern JavaScript TypeScript = Modern JavaScript + Types Open source and open development Closely track ECMAScript standard Innovate in type system Best of breed tooling Continuously

909 views • 53 slides
JAVASCRIPT AND FORMS Introduction to JavaScript and Forms Announcements 2 Some of the

JAVASCRIPT AND FORMS Introduction to JavaScript and Forms Announcements 2 Some of the

CS380 1 JAVASCRIPT AND FORMS Introduction to JavaScript and Forms Announcements 2 Some of the files were missing from /home/martin/ Assignment4. They are available now. Some of the pages have pointers to validate code on

882 views • 65 slides
Interprocedural Type Specialization of JavaScript Programs Without Type Analysis Maxime

Interprocedural Type Specialization of JavaScript Programs Without Type Analysis Maxime

Interprocedural Type Specialization of JavaScript Programs Without Type Analysis Maxime Chevalier-Boisvert joint work with Marc Feeley ECOOP - July 20th, 2016 Overview Previous work: Lazy Basic Block Versioning Single pass JIT code

632 views • 50 slides
Binarylevel program analysis: Assembly basics Gang Tan CSE 597 Spring 2019 Penn State

Binarylevel program analysis: Assembly basics Gang Tan CSE 597 Spring 2019 Penn State

Binarylevel program analysis: Assembly basics Gang Tan CSE 597 Spring 2019 Penn State University 1 Source code, Assembly code, Object code, and Executable Code Source Object Assembly Compiler Assembler code code code Then a

500 views • 12 slides
Building Frontends Thierry Sans Recipes to become a good front-end developer Load Javascript

Building Frontends Thierry Sans Recipes to become a good front-end developer Load Javascript

Building Frontends Thierry Sans Recipes to become a good front-end developer Load Javascript code efficiently Ensure the DOM is loaded with window.onload Write good Javascript code Encapsulate Javascript in closures Create

391 views • 11 slides
Fertility, mortality, and economic development: An analysis of 201 countries during 1960 2010

Fertility, mortality, and economic development: An analysis of 201 countries during 1960 2010

Fertility, mortality, and economic development: An analysis of 201 countries during 1960 2010 Qingfeng Li Li Liu Amy Tsui Saifuddin Ahmed Demographic transition Graph source: http://en.wikipedia.org/wiki/Demographic_transition Graph source:

533 views • 18 slides
Graph-based, Self-Supervised Program Repair from Diagnostic Feedback ICML 2020 Michihiro

Graph-based, Self-Supervised Program Repair from Diagnostic Feedback ICML 2020 Michihiro

Graph-based, Self-Supervised Program Repair from Diagnostic Feedback ICML 2020 Michihiro Yasunaga, Percy Liang Stanford University Why program repair? Programmers spend 75% of time fixing source code errors Automatic program repair can

1.69k views • 130 slides
Using Graph-Based Characterization for Predictive Modeling Assistant Prof. John Cavazos

Using Graph-Based Characterization for Predictive Modeling Assistant Prof. John Cavazos

Using Graph-Based Characterization for Predictive Modeling Assistant Prof. John Cavazos University of Delaware Department of Computer and Information Sciences Motivation State-of-the-art Graph-based Build &amp; Use Evaluation for Code 2

506 views • 25 slides
From Data to Effects Dependence Graphs: Source-to-Source Transformations for C CPC 2015 Nelson

From Data to Effects Dependence Graphs: Source-to-Source Transformations for C CPC 2015 Nelson

Motivation Limitations of the Data Dependence Graph Effects Dependence Graph Impact on Existing Code Transformations Conclusion From Data to Effects Dependence Graphs: Source-to-Source Transformations for C CPC 2015 Nelson Lossing 1 Pierre

662 views • 26 slides
Js tips and tricks javascript is bad javascript is good - You can change the appearance and

Js tips and tricks javascript is bad javascript is good - You can change the appearance and

Js tips and tricks javascript is bad javascript is good - You can change the appearance and behaviour of everything that you see in a webpage - Extremely easy to make other people access your work - You can write good code if you know how

424 views • 41 slides
CLIENT-SIDE STATIC ANALYSIS Ben Livshits, Microsoft Research Overview of Todays Lecture 2

CLIENT-SIDE STATIC ANALYSIS Ben Livshits, Microsoft Research Overview of Todays Lecture 2

CLIENT-SIDE STATIC ANALYSIS Ben Livshits, Microsoft Research Overview of Todays Lecture 2 Client-side JavaScript Browser Analysis of JavaScript Plugins eval and code Extensions obfuscation Firefox extension model

812 views • 51 slides
Javascript Thierry Sans Introduction Javascript (aka Ecmascript) Scripting language

Javascript Thierry Sans Introduction Javascript (aka Ecmascript) Scripting language

Javascript Thierry Sans Introduction Javascript (aka Ecmascript) Scripting language (dynamically and weakly typed) Object-oriented (first prototype-based and now class-based) Functional (first-class functions) Reflexive (eval method)

1.19k views • 18 slides
Similar code fragment A code fragment that has similar part to it in source code

Similar code fragment A code fragment that has similar part to it in source code

Similar code fragment A code fragment that has similar part to it in source code introduced in source code because of various reasons. e.g. copy-and-paste makes software maintenance difficult. It is necessary to It is

488 views • 9 slides
A modularity-based spectral graph analysis Dario Fasino (Udine), Francesco Tudisco (Roma TV)

A modularity-based spectral graph analysis Dario Fasino (Udine), Francesco Tudisco (Roma TV)

A modularity-based spectral graph analysis Dario Fasino (Udine), Francesco Tudisco (Roma TV) Cagliari, VDM60 D. Fasino, F. Tudisco Modularity-based spectral graph analysis 1/ 18 Introduction Graphs and networks A complex network is a

242 views • 23 slides
JTransform , a Tool for Source Code Analysis Holger Eichelberger and J urgen Wolff von

JTransform , a Tool for Source Code Analysis Holger Eichelberger and J urgen Wolff von

JTransform , a Tool for Source Code Analysis Holger Eichelberger and J urgen Wolff von Gudenberg Universit at W urzburg 6. Workshop Software-Reengineering Bad Honnef, 5.5.2004 Contents 1. Architecture 2. Configuration 3.

448 views • 21 slides

More recommend