Python fp and docs updtes (#58)

* refactor: Update comments for clarity and add expectations.json files for performance metrics * feat: Implement FP guard for JS/TS local-collection receivers to suppress missing ownership checks * feat: Enhance Rust parameter handling to classify local collections and prevent false ownership checks * refactor: Simplify code formatting for better readability in multiple files * refactor: Improve UTF-8 sequence length handling and enhance clarity in loop iteration * feat: Update Java and Python patterns to include new security rules * refactor: Improve comment clarity and consistency across multiple Rust files * refactor: Simplify code formatting for improved readability in integration tests and module files * refactor: Improve comment formatting and enhance clarity in assertions across multiple files
2026-06-21 20:18:06 +02:00 · 2026-04-29 19:53:34 -04:00 · 2026-04-29 19:53:34 -04:00 · a438886217
commit a438886217
parent 4db0805de6
291 changed files with 9485 additions and 3851 deletions
--- a/src/cfg_analysis/mod.rs
+++ b/src/cfg_analysis/mod.rs
@ -1,3 +1,5 @@
+#![doc = include_str!(concat!(env!("OUT_DIR"), "/cfg_analysis.md"))]
+
 pub mod auth;
 pub mod dominators;
 pub mod error_handling;
@ -30,17 +32,15 @@ pub struct BodyConstFacts {
    pub type_facts: TypeFactResult,
    /// Field-sensitive Steensgaard points-to facts.
    ///
-    /// Computed only when [`crate::pointer::is_enabled()`] (i.e. the
-    /// `NYX_POINTER_ANALYSIS=1` env var is set).  Phase 2 of the
-    /// pointer-analysis rollout consumes this in `state::transfer.rs`
-    /// to suppress proxy-acquire mis-attribution on field-aliased
-    /// locals like `m := c.mu`.  When `None`, every consumer must fall
-    /// back to its existing pointer-unaware behaviour.
+    /// Computed only when [`crate::pointer::is_enabled()`].
+    /// `state::transfer.rs` consumes this to suppress proxy-acquire
+    /// mis-attribution on field-aliased locals like `m := c.mu`. When
+    /// `None`, consumers fall back to pointer-unaware behaviour.
    pub pointer_facts: Option<crate::pointer::PointsToFacts>,
 }

 /// Lower a body to SSA and run constant propagation.  Returns `None` when
-/// lowering fails (empty CFG, invalid entry) — callers treat absence as
+/// lowering fails (empty CFG, invalid entry), callers treat absence as
 /// "no SSA facts available" and fall back to the syntactic path.
 pub fn build_body_const_facts(body: &crate::cfg::BodyCfg, lang: Lang) -> Option<BodyConstFacts> {
    let mut ssa = crate::ssa::lower_to_ssa_with_params(
@ -116,13 +116,13 @@ pub struct AnalysisContext<'a> {
    /// Structural analyses use it to suppress findings when a sink's argument
    /// SSA values are proven to carry non-injectable types (e.g. integers
    /// parsed from a raw source can't form SHELL/SQL/path payloads).  Sourced
-    /// from `body_const_facts` when present — keep both pointers coherent.
+    /// from `body_const_facts` when present, keep both pointers coherent.
    pub type_facts: Option<&'a TypeFactResult>,
    /// Decorators / annotations / attributes attached to the body's
    /// declaration (e.g. Python `@login_required`, Java `@PreAuthorize`,
    /// Symfony `#[IsGranted(...)]`).  Consumed by the AuthGap analysis to
    /// suppress `cfg-auth-gap` when the framework already enforces auth at
-    /// the function-declaration level — the gap only matters when the
+    /// the function-declaration level, the gap only matters when the
    /// auth call has to live inside the body.
    pub auth_decorators: &'a [String],
 }