Skip to content

Statically analyze sources and extract information about called or exported library functions in Python applications

License

Notifications You must be signed in to change notification settings

thoth-station/invectio

Repository files navigation

Invectio

A simple tool to gather symbols provided or library calls and attribute usage based on static analysis of sources of Python applications.

See the linked article describing this tool.

Installation

Invectio can be installed from PyPI using:

$ pip3 install invectio
$ invectio --help

Usage

You can use this library as a CLI tool or as a Python module:

invectio whatprovides project-dir/   # To scan all Python files recursively for symbols provided.
invectio whatprovides app.py         # To perform symbols gathering on app.py file.

invectio whatuses project-dir/       # To scan all Python files recursively for symbols used from libraries.
invectio whatuses app.py             # To perform gather symbols used from libraries on app.py file.
from invectio import gather_library_usage
from invectio import gather_symbols_provided

result: dict = gather_library_usage("project-dir")
result: dict = gather_library_usage("app.py")

result: dict = gather_symbols_provided("project-dir")
result: dict = gather_symbols_provided("app.py")

Limitations

As Python is a dynamic programming language, it's not possible to obtain all library functions/attributes usage simply by performing static analysis of sources. One can still perfom "crazy" things like:

import tensorflow

getattr(tensorflow, "const" + "ant")("Hello, Invectio")

This library does its best to detect all function/attributes being used inside Python sources, but usage like shown above cannot be detected simply by static analysis of source code.

Development

To create a dev environment, clone the invectio repo and install all the dependencies:

git clone https://github.com/thoth-station/invectio && cd invectio
pipenv install --dev

To perform checks against unit tests present in the tests/ directory, issue the following command from the root of the git repo:

pipenv run python3 setup.py test

About

Statically analyze sources and extract information about called or exported library functions in Python applications

Topics

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages