engine

package

v1.0.3 Latest Latest Go to latest Published: Dec 25, 2025 License: MIT Imports: 13 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/harekrishnarai/flowlyt

Links

Documentation ¶

Index ¶

type ASTEnhancedConfig
- func DefaultASTEnhancedConfig() ASTEnhancedConfig
type ASTEnhancedEngine
- func NewASTEnhancedEngine(config ASTEnhancedConfig) (*ASTEnhancedEngine, error)
- func (e *ASTEnhancedEngine) AnalyzeWithAST(ctx context.Context, workflowFiles []parser.WorkflowFile) (*EnhancedAnalysisResult, error)
- func (e *ASTEnhancedEngine) AnalyzeWorkflowDataFlow(workflowContent interface{}) ([]*ast.DataFlow, error)
- func (e *ASTEnhancedEngine) AnalyzeWorkflowReachability(workflowContent interface{}) (map[string]bool, error)
- func (e *ASTEnhancedEngine) GetReachabilityReport() *ast.ReachabilityReport
type AnalysisResult
type CallGraphMetrics
type Config
- func DefaultConfig() Config
type DataFlowFinding
type EnhancedAnalysisResult
type GoRulesConfig
type HybridEngine
- func NewHybridEngine(config Config) (*HybridEngine, error)
- func (he *HybridEngine) AnalyzeRepository(repoPath string) (*AnalysisResult, error)
- func (he *HybridEngine) AnalyzeWorkflow(workflowPath string) (*AnalysisResult, error)
- func (he *HybridEngine) GetGoRules() []rules.Rule
- func (he *HybridEngine) GetOPAPolicies() map[string]*opa.Policy
- func (he *HybridEngine) GetSupportedPlatforms() []string
type OPARulesConfig
type PerformanceMetrics
type PlatformConfig
type ReachabilityConfig
type ReportingConfig
type SharedWorkflowContext
type Statistics

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type ASTEnhancedConfig ¶ added in v0.0.5

type ASTEnhancedConfig struct {
	Config                                        // Embed base config
	EnableReachabilityAnalysis bool               `json:"enable_reachability_analysis"`
	EnableDataFlowAnalysis     bool               `json:"enable_data_flow_analysis"`
	EnableCallGraphAnalysis    bool               `json:"enable_call_graph_analysis"`
	FilterUnreachableFindings  bool               `json:"filter_unreachable_findings"`
	MinDataFlowSeverity        string             `json:"min_data_flow_severity"`
	ReachabilityConfig         ReachabilityConfig `json:"reachability_config"`
}

ASTEnhancedConfig extends the base config with AST-specific settings

func DefaultASTEnhancedConfig ¶ added in v0.0.5

func DefaultASTEnhancedConfig() ASTEnhancedConfig

DefaultASTEnhancedConfig returns a default configuration for AST-enhanced analysis

type ASTEnhancedEngine ¶ added in v0.0.5

type ASTEnhancedEngine struct {
	*HybridEngine
	// contains filtered or unexported fields
}

ASTEnhancedEngine extends the hybrid engine with AST-based analysis

func NewASTEnhancedEngine ¶ added in v0.0.5

func NewASTEnhancedEngine(config ASTEnhancedConfig) (*ASTEnhancedEngine, error)

NewASTEnhancedEngine creates a new AST-enhanced analysis engine

func (*ASTEnhancedEngine) AnalyzeWithAST ¶ added in v0.0.5

func (e *ASTEnhancedEngine) AnalyzeWithAST(ctx context.Context, workflowFiles []parser.WorkflowFile) (*EnhancedAnalysisResult, error)

AnalyzeWithAST performs enhanced analysis with AST-based reachability and data flow

func (*ASTEnhancedEngine) AnalyzeWorkflowDataFlow ¶ added in v0.0.5

func (e *ASTEnhancedEngine) AnalyzeWorkflowDataFlow(workflowContent interface{}) ([]*ast.DataFlow, error)

AnalyzeWorkflowDataFlow performs data flow analysis on a single workflow

func (*ASTEnhancedEngine) AnalyzeWorkflowReachability ¶ added in v0.0.5

func (e *ASTEnhancedEngine) AnalyzeWorkflowReachability(workflowContent interface{}) (map[string]bool, error)

AnalyzeWorkflowReachability performs reachability analysis on a single workflow

func (*ASTEnhancedEngine) GetReachabilityReport ¶ added in v0.0.5

func (e *ASTEnhancedEngine) GetReachabilityReport() *ast.ReachabilityReport

GetReachabilityReport returns the latest reachability analysis report

type AnalysisResult ¶

type AnalysisResult struct {
	Workflows        []*platform.Workflow `json:"workflows"`
	GoFindings       []rules.Finding      `json:"go_findings"`
	OPAFindings      []opa.Finding        `json:"opa_findings"`
	CombinedFindings []rules.Finding      `json:"combined_findings"`
	Statistics       Statistics           `json:"statistics"`
	Performance      PerformanceMetrics   `json:"performance"`
}

AnalysisResult represents the combined analysis results

type CallGraphMetrics ¶ added in v0.0.5

type CallGraphMetrics struct {
	TotalNodes    int            `json:"total_nodes"`
	NodesByType   map[string]int `json:"nodes_by_type"`
	TotalEdges    int            `json:"total_edges"`
	MaxDepth      int            `json:"max_depth"`
	ExternalCalls int            `json:"external_calls"`
	ActionCalls   int            `json:"action_calls"`
}

CallGraphMetrics provides metrics about the call graph

type Config ¶

type Config struct {
	EnableGoRules   bool            `json:"enable_go_rules"`
	EnableOPARules  bool            `json:"enable_opa_rules"`
	GoRulesConfig   GoRulesConfig   `json:"go_rules_config"`
	OPARulesConfig  OPARulesConfig  `json:"opa_rules_config"`
	PlatformConfig  PlatformConfig  `json:"platform_config"`
	ReportingConfig ReportingConfig `json:"reporting_config"`
}

Config defines configuration for the hybrid engine

func DefaultConfig ¶

func DefaultConfig() Config

DefaultConfig returns a default configuration

type DataFlowFinding ¶ added in v0.0.5

type DataFlowFinding struct {
	rules.Finding
	SourceID   string   `json:"source_id"`
	SinkID     string   `json:"sink_id"`
	FlowPath   []string `json:"flow_path"`
	TaintLevel string   `json:"taint_level"`
	RiskLevel  string   `json:"risk_level"`
}

DataFlowFinding represents a finding from data flow analysis

type EnhancedAnalysisResult ¶ added in v0.0.5

type EnhancedAnalysisResult struct {
	*AnalysisResult
	ReachabilityReport *ast.ReachabilityReport `json:"reachability_report"`
	DataFlowFindings   []DataFlowFinding       `json:"data_flow_findings"`
	CallGraphMetrics   CallGraphMetrics        `json:"call_graph_metrics"`
	FilteredFindings   int                     `json:"filtered_findings_count"`
}

EnhancedAnalysisResult extends AnalysisResult with AST analysis data

type GoRulesConfig ¶

type GoRulesConfig struct {
	EnabledCategories []rules.Category `json:"enabled_categories"`
	DisabledRules     []string         `json:"disabled_rules"`
	CustomRules       []string         `json:"custom_rules"`
	PerformanceMode   bool             `json:"performance_mode"`
}

GoRulesConfig configures Go-based rule execution

type HybridEngine ¶

type HybridEngine struct {
	// contains filtered or unexported fields
}

HybridEngine combines Go-native rules with OPA policies

func NewHybridEngine ¶

func NewHybridEngine(config Config) (*HybridEngine, error)

NewHybridEngine creates a new hybrid engine

func (*HybridEngine) AnalyzeRepository ¶

func (he *HybridEngine) AnalyzeRepository(repoPath string) (*AnalysisResult, error)

AnalyzeRepository analyzes a repository with both Go rules and OPA policies

func (*HybridEngine) AnalyzeWorkflow ¶

func (he *HybridEngine) AnalyzeWorkflow(workflowPath string) (*AnalysisResult, error)

AnalyzeWorkflow analyzes a single workflow file

func (*HybridEngine) GetGoRules ¶

func (he *HybridEngine) GetGoRules() []rules.Rule

GetGoRules returns available Go rules

func (*HybridEngine) GetOPAPolicies ¶

func (he *HybridEngine) GetOPAPolicies() map[string]*opa.Policy

GetOPAPolicies returns loaded OPA policies

func (*HybridEngine) GetSupportedPlatforms ¶

func (he *HybridEngine) GetSupportedPlatforms() []string

GetSupportedPlatforms returns list of supported platforms

type OPARulesConfig ¶

type OPARulesConfig struct {
	PolicyPaths    []string `json:"policy_paths"`
	CustomPolicies []string `json:"custom_policies"`
	StrictMode     bool     `json:"strict_mode"`
}

OPARulesConfig configures OPA policy execution

type PerformanceMetrics ¶

type PerformanceMetrics struct {
	TotalExecutionTimeMs int64 `json:"total_execution_time_ms"`
	GoRulesTimeMs        int64 `json:"go_rules_time_ms"`
	OPATimeMs            int64 `json:"opa_time_ms"`
	PlatformDetectionMs  int64 `json:"platform_detection_ms"`
	WorkflowParsingMs    int64 `json:"workflow_parsing_ms"`
}

PerformanceMetrics tracks execution performance

type PlatformConfig ¶

type PlatformConfig struct {
	AutoDetect         bool     `json:"auto_detect"`
	SupportedPlatforms []string `json:"supported_platforms"`
	PreferredPlatform  string   `json:"preferred_platform"`
}

PlatformConfig configures platform support

type ReachabilityConfig ¶ added in v0.0.5

type ReachabilityConfig struct {
	AnalyzeConditionals     bool `json:"analyze_conditionals"`
	StaticEvaluation        bool `json:"static_evaluation"`
	MarkUnreachableFindings bool `json:"mark_unreachable_findings"`
	ReportUnreachableCode   bool `json:"report_unreachable_code"`
}

ReachabilityConfig configures reachability analysis behavior

type ReportingConfig ¶

type ReportingConfig struct {
	Format          string `json:"format"`
	IncludeMetadata bool   `json:"include_metadata"`
	Verbose         bool   `json:"verbose"`
}

ReportingConfig configures output and reporting

type SharedWorkflowContext ¶ added in v0.0.5

type SharedWorkflowContext struct {
	AST      *ast.WorkflowAST
	Standard *platform.Workflow
	FilePath string
	Content  interface{}
}

SharedWorkflowContext contains parsed workflow for both engines

type Statistics ¶

type Statistics struct {
	TotalWorkflows      int                    `json:"total_workflows"`
	PlatformBreakdown   map[string]int         `json:"platform_breakdown"`
	FindingsByCategory  map[rules.Category]int `json:"findings_by_category"`
	FindingsBySeverity  map[rules.Severity]int `json:"findings_by_severity"`
	GoRulesExecuted     int                    `json:"go_rules_executed"`
	OPAPoliciesExecuted int                    `json:"opa_policies_executed"`
}

Statistics provides analysis statistics

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL