python

package
v0.1.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 27, 2026 License: GPL-3.0 Imports: 2 Imported by: 0

Documentation

Overview

Package python - frameworks.go provides Python framework pattern registry All Python framework patterns should be registered here

Package python provides centralized Python patterns for semantic analysis

Index

Constants

This section is empty.

Variables

View Source 
var (
	// SelfPropertyAssignPattern matches self.property = ...
	// Used to detect __init__ parameter flow to properties
	SelfPropertyAssignPattern = regexp.MustCompile(`self\.(\w+)\s*=`)

	// DictKeyAccessPattern matches ['key'] or ["key"]
	// Used to extract dictionary keys from expressions
	DictKeyAccessPattern = regexp.MustCompile(`\[['"](\w+)['"]\]`)

	// DictGetPattern matches .get('key') or .get("key")
	// Used to extract keys from dict.get() calls
	DictGetPattern = regexp.MustCompile(`\.get\(['"](\w+)['"]\)`)
)
View Source 
var Definitions = []common.Definition{

	{
		Name:         "request.args",
		Pattern:      `request\.args(?:\.\w+|\[|\.get)`,
		Language:     "python",
		Labels:       []common.InputLabel{common.LabelHTTPGet, common.LabelUserInput},
		Description:  "Flask GET parameters",
		NodeTypes:    []string{"attribute", "subscript"},
		KeyExtractor: `request\.args\.get\s*\(\s*['"](\w+)['"]|request\.args\[['"](\w+)['"]\]`,
	},
	{
		Name:         "request.form",
		Pattern:      `request\.form(?:\.\w+|\[|\.get)`,
		Language:     "python",
		Labels:       []common.InputLabel{common.LabelHTTPPost, common.LabelUserInput},
		Description:  "Flask POST form data",
		NodeTypes:    []string{"attribute", "subscript"},
		KeyExtractor: `request\.form\.get\s*\(\s*['"](\w+)['"]|request\.form\[['"](\w+)['"]\]`,
	},
	{
		Name:         "request.values",
		Pattern:      `request\.values(?:\.\w+|\[|\.get)`,
		Language:     "python",
		Labels:       []common.InputLabel{common.LabelHTTPGet, common.LabelHTTPPost, common.LabelUserInput},
		Description:  "Flask combined GET/POST",
		NodeTypes:    []string{"attribute", "subscript"},
		KeyExtractor: `request\.values\.get\s*\(\s*['"](\w+)['"]|request\.values\[['"](\w+)['"]\]`,
	},
	{
		Name:        "request.json",
		Pattern:     `request\.json`,
		Language:    "python",
		Labels:      []common.InputLabel{common.LabelHTTPBody, common.LabelUserInput},
		Description: "Flask JSON body",
		NodeTypes:   []string{"attribute"},
	},
	{
		Name:        "request.data",
		Pattern:     `request\.data`,
		Language:    "python",
		Labels:      []common.InputLabel{common.LabelHTTPBody, common.LabelUserInput},
		Description: "Flask raw body",
		NodeTypes:   []string{"attribute"},
	},
	{
		Name:         "request.files",
		Pattern:      `request\.files(?:\.\w+|\[|\.get)`,
		Language:     "python",
		Labels:       []common.InputLabel{common.LabelFile, common.LabelUserInput},
		Description:  "Flask file uploads",
		NodeTypes:    []string{"attribute", "subscript"},
		KeyExtractor: `request\.files\.get\s*\(\s*['"](\w+)['"]|request\.files\[['"](\w+)['"]\]`,
	},
	{
		Name:         "request.headers",
		Pattern:      `request\.headers(?:\.\w+|\[|\.get)`,
		Language:     "python",
		Labels:       []common.InputLabel{common.LabelHTTPHeader, common.LabelUserInput},
		Description:  "Flask HTTP headers",
		NodeTypes:    []string{"attribute", "subscript"},
		KeyExtractor: `request\.headers\.get\s*\(\s*['"]([^'"]+)['"]|request\.headers\[['"]([^'"]+)['"]\]`,
	},
	{
		Name:         "request.cookies",
		Pattern:      `request\.cookies(?:\.\w+|\[|\.get)`,
		Language:     "python",
		Labels:       []common.InputLabel{common.LabelHTTPCookie, common.LabelUserInput},
		Description:  "Flask cookies",
		NodeTypes:    []string{"attribute", "subscript"},
		KeyExtractor: `request\.cookies\.get\s*\(\s*['"](\w+)['"]|request\.cookies\[['"](\w+)['"]\]`,
	},

	{
		Name:         "request.GET",
		Pattern:      `request\.GET(?:\.\w+|\[|\.get)`,
		Language:     "python",
		Labels:       []common.InputLabel{common.LabelHTTPGet, common.LabelUserInput},
		Description:  "Django GET parameters",
		NodeTypes:    []string{"attribute", "subscript"},
		KeyExtractor: `request\.GET\.get\s*\(\s*['"](\w+)['"]|request\.GET\[['"](\w+)['"]\]`,
	},
	{
		Name:         "request.POST",
		Pattern:      `request\.POST(?:\.\w+|\[|\.get)`,
		Language:     "python",
		Labels:       []common.InputLabel{common.LabelHTTPPost, common.LabelUserInput},
		Description:  "Django POST data",
		NodeTypes:    []string{"attribute", "subscript"},
		KeyExtractor: `request\.POST\.get\s*\(\s*['"](\w+)['"]|request\.POST\[['"](\w+)['"]\]`,
	},
	{
		Name:        "request.body",
		Pattern:     `request\.body`,
		Language:    "python",
		Labels:      []common.InputLabel{common.LabelHTTPBody, common.LabelUserInput},
		Description: "Django raw body",
		NodeTypes:   []string{"attribute"},
	},

	{
		Name:        "Query()",
		Pattern:     `Query\s*\(`,
		Language:    "python",
		Labels:      []common.InputLabel{common.LabelHTTPGet, common.LabelUserInput},
		Description: "FastAPI query parameter",
		NodeTypes:   []string{"call"},
	},
	{
		Name:        "Body()",
		Pattern:     `Body\s*\(`,
		Language:    "python",
		Labels:      []common.InputLabel{common.LabelHTTPBody, common.LabelUserInput},
		Description: "FastAPI body parameter",
		NodeTypes:   []string{"call"},
	},
	{
		Name:        "Path()",
		Pattern:     `Path\s*\(`,
		Language:    "python",
		Labels:      []common.InputLabel{common.LabelHTTPGet, common.LabelUserInput},
		Description: "FastAPI path parameter",
		NodeTypes:   []string{"call"},
	},
	{
		Name:        "Header()",
		Pattern:     `Header\s*\(`,
		Language:    "python",
		Labels:      []common.InputLabel{common.LabelHTTPHeader, common.LabelUserInput},
		Description: "FastAPI header parameter",
		NodeTypes:   []string{"call"},
	},
	{
		Name:        "Cookie()",
		Pattern:     `Cookie\s*\(`,
		Language:    "python",
		Labels:      []common.InputLabel{common.LabelHTTPCookie, common.LabelUserInput},
		Description: "FastAPI cookie parameter",
		NodeTypes:   []string{"call"},
	},

	{
		Name:        "input()",
		Pattern:     `\binput\s*\(`,
		Language:    "python",
		Labels:      []common.InputLabel{common.LabelUserInput},
		Description: "Standard input",
		NodeTypes:   []string{"call"},
	},

	{
		Name:        "sys.argv",
		Pattern:     `sys\.argv`,
		Language:    "python",
		Labels:      []common.InputLabel{common.LabelCLI},
		Description: "Command line arguments",
		NodeTypes:   []string{"attribute", "subscript"},
	},

	{
		Name:         "os.environ",
		Pattern:      `os\.environ(?:\.\w+|\[|\.get)`,
		Language:     "python",
		Labels:       []common.InputLabel{common.LabelEnvironment},
		Description:  "Environment variables",
		NodeTypes:    []string{"attribute", "subscript"},
		KeyExtractor: `os\.environ\.get\s*\(\s*['"](\w+)['"]|os\.environ\[['"](\w+)['"]\]`,
	},
	{
		Name:        "os.getenv()",
		Pattern:     `os\.getenv\s*\(`,
		Language:    "python",
		Labels:      []common.InputLabel{common.LabelEnvironment},
		Description: "Get environment variable",
		NodeTypes:   []string{"call"},
	},

	{
		Name:        "open().read()",
		Pattern:     `\.read\s*\(`,
		Language:    "python",
		Labels:      []common.InputLabel{common.LabelFile},
		Description: "File read",
		NodeTypes:   []string{"call"},
	},
	{
		Name:        "open().readline()",
		Pattern:     `\.readline\s*\(`,
		Language:    "python",
		Labels:      []common.InputLabel{common.LabelFile},
		Description: "File readline",
		NodeTypes:   []string{"call"},
	},
	{
		Name:        "open().readlines()",
		Pattern:     `\.readlines\s*\(`,
		Language:    "python",
		Labels:      []common.InputLabel{common.LabelFile},
		Description: "File readlines",
		NodeTypes:   []string{"call"},
	},
}

Definitions contains the source definitions for Python.

View Source 
var Registry = common.NewFrameworkPatternRegistry("python")

Registry is the global Python framework pattern registry

Functions

func BuildMethodCallPattern 

func BuildMethodCallPattern(methodPattern string) *regexp.Regexp

BuildMethodCallPattern creates a pattern for .methodName(

func BuildPropertyPattern 

func BuildPropertyPattern(pattern string) *regexp.Regexp

BuildPropertyPattern creates a pattern to match a property pattern with word boundary

func BuildSelfPropertyAssignPattern 

func BuildSelfPropertyAssignPattern(paramName string) *regexp.Regexp

BuildSelfPropertyAssignPattern creates a pattern for self.property = ... paramName

func ExtractDictGetKey 

func ExtractDictGetKey(expr string) string

ExtractDictGetKey extracts the key from dict.get('key') expression

func ExtractDictKey 

func ExtractDictKey(expr string) string

ExtractDictKey extracts the key from dict['key'] or dict["key"] expression

func GetAllPatterns 

func GetAllPatterns() []*common.FrameworkPattern

GetAllPatterns returns all registered framework patterns

func GetPatternByID 

func GetPatternByID(id string) *common.FrameworkPattern

GetPatternByID returns a pattern by its ID

func GetPatternsByFramework 

func GetPatternsByFramework(framework string) []*common.FrameworkPattern

GetPatternsByFramework returns patterns for a specific framework

Types

type Matcher 

type Matcher struct {
	*common.BaseMatcher
}

Matcher matches Python user input sources

func NewMatcher 

func NewMatcher() *Matcher

NewMatcher creates a new Python source matcher

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.