pyrograph 0.1.0

GPU-accelerated taint analysis for supply chain malware detection
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

#![cfg(feature = "js")]

use pyrograph::analyze;

fn must_be_clean(js: &str, n: &str) {
    let g = pyrograph::parse::parse_js(js, &format!("{n}.js")).unwrap();
    let findings = analyze(&g).unwrap();
    assert!(findings.is_empty(), "Failed for {n}:\n{js}\nFindings: {findings:#?}");
}

#[test]
fn test_cross_env_and_env_cmd_false_positives() {
    let cases = [
        (
            "cross_env_dynamic_value",
            r#"
            const cp = require('child_process');
            const port = process.env.PORT || 3000;
            cp.execSync(`cross-env PORT=${port} npm start`);
            "#,
        ),
    ];

    for (name, js) in cases {
        must_be_clean(js, name);
    }
}