So you want to develop tools with Joern? Let’s get started!
Simple Standalone Application Template #
standalone-ext is the core template for developing Joern-based tooling. Here are some tasks you can perform using this template to suite your needs:
- Update to latest Joern versions? Run
./updateDependencies.sh - Extend the CPG schema for custom nodes/edges/properties? See
CpgExtSchema - Want to create a CLI tool? See
Main - Want to create a REPL? See
ReplMain - Want to add custom query steps? See
package
Joern modules can be imported, as well as their test resources, e.g.
// build.sbt
// parsed by project/Versions.scala, updated by updateDependencies.sh
val cpgVersion = "1.6.5"
val joernVersion = "2.0.262"
val overflowdbVersion = "1.187"
// ...
val joernDeps =
Seq("x2cpg", "javasrc2cpg", "joern-cli", "semanticcpg", "dataflowengineoss")
.flatMap { x =>
val dep = "io.joern" %% x % Versions.joern
val testDep = "io.joern" %% x % Versions.joern % Test classifier "tests"
Seq(dep, testDep)
}
libraryDependencies ++= Seq(/*...*/) ++ joernDeps
With the test resources, you have access to the same text fixtures and tooling that Joern has, notably, the ability to generate CPG to test against from source code blocks.
Examples #
Here are some open-source tools developed from standalone-ext:
Add your project here!