@hackage dhscanner-bitcode0.1.0.2

Intermediate language for static code analysis

The intermediate language / intermediate representation / bitcode (IL / IR / bitcode) is a data structure able to represent code originating from multiple programming languages. Its main purpose is to enable an efficient and uniform static code analysis, as part of the dhscanner framework for CI/CD container security checks. As part of that framework, it targets mostly languages used for cloud native applications: Python, Ruby, Php, Javascript, Typescript, Java, C# and Golang. Typically, a collection of files are first parsed using relevant parsers, then, the resulting collection of abstract syntax trees is sent to code generation, where it is translated into a collection of callables. A callable is a sequence of commands corresponding to either a function, a method or (in languages like python) a script. The design of commands was done with simplicity in mind. The commands resemble an abstract RISC-style assembley, motivated by keeping later-phases analyses as simple as possible.