Merge pull request #1 from rahlk/main

Update codeanalyzer to use graalvm

.gitignore

@@ -0,0 +1,198 @@
+# User-specific stuff
+.idea
+.idea/**/workspace.xml
+.idea/**/tasks.xml
+.idea/**/usage.statistics.xml
+.idea/**/dictionaries
+.idea/**/shelf
+
+# AWS User-specific
+.idea/**/aws.xml
+
+# Generated files
+.idea/**/contentModel.xml
+
+# Sensitive or high-churn files
+.idea/**/dataSources/
+.idea/**/dataSources.ids
+.idea/**/dataSources.local.xml
+.idea/**/sqlDataSources.xml
+.idea/**/dynamic.xml
+.idea/**/uiDesigner.xml
+.idea/**/dbnavigator.xml
+
+# Gradle
+.idea/**/gradle.xml
+.idea/**/libraries
+
+# Gradle and Maven with auto-import
+# When using Gradle or Maven with auto-import, you should exclude module files,
+# since they will be recreated, and may cause churn.  Uncomment if using
+# auto-import.
+# .idea/artifacts
+# .idea/compiler.xml
+# .idea/jarRepositories.xml
+# .idea/modules.xml
+# .idea/*.iml
+# .idea/modules
+# *.iml
+# *.ipr
+
+# CMake
+cmake-build-*/
+
+# Mongo Explorer plugin
+.idea/**/mongoSettings.xml
+
+# File-based project format
+*.iws
+
+# IntelliJ
+out/
+
+# mpeltonen/sbt-idea plugin
+.idea_modules/
+
+# JIRA plugin
+atlassian-ide-plugin.xml
+
+# Cursive Clojure plugin
+.idea/replstate.xml
+
+# SonarLint plugin
+.idea/sonarlint/
+
+# Crashlytics plugin (for Android Studio and IntelliJ)
+com_crashlytics_export_strings.xml
+crashlytics.properties
+crashlytics-build.properties
+fabric.properties
+
+# Editor-based Rest Client
+.idea/httpRequests
+
+# Android studio 3.1+ serialized cache file
+.idea/caches/build_file_checksums.ser
+
+### Intellij Patch ###
+# Comment Reason: https://github.com/joeblau/gitignore.io/issues/186#issuecomment-215987721
+
+# *.iml
+# modules.xml
+# .idea/misc.xml
+# *.ipr
+
+# Sonarlint plugin
+# https://plugins.jetbrains.com/plugin/7973-sonarlint
+.idea/**/sonarlint/
+
+# SonarQube Plugin
+# https://plugins.jetbrains.com/plugin/7238-sonarqube-community-plugin
+.idea/**/sonarIssues.xml
+
+# Markdown Navigator plugin
+# https://plugins.jetbrains.com/plugin/7896-markdown-navigator-enhanced
+.idea/**/markdown-navigator.xml
+.idea/**/markdown-navigator-enh.xml
+.idea/**/markdown-navigator/
+
+# Cache file creation bug
+# See https://youtrack.jetbrains.com/issue/JBR-2257
+.idea/$CACHE_FILE$
+
+# CodeStream plugin
+# https://plugins.jetbrains.com/plugin/12206-codestream
+.idea/codestream.xml
+
+# Azure Toolkit for IntelliJ plugin
+# https://plugins.jetbrains.com/plugin/8053-azure-toolkit-for-intellij
+.idea/**/azureSettings.xml
+
+### Java ###
+# Compiled class file
+*.class
+
+# Log file
+*.log
+
+# BlueJ files
+*.ctxt
+
+# Mobile Tools for Java (J2ME)
+.mtj.tmp/
+
+# Package Files #
+*.jar
+*.war
+*.nar
+*.ear
+*.zip
+*.tar.gz
+*.rar
+
+# Don't ignore the demo binaries
+!etc/demo/jar/*.jar
+!etc/demo/ear/*.ear
+!etc/demo/war/*.war
+
+# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
+hs_err_pid*
+replay_pid*
+
+### VisualStudioCode ###
+.vscode/*
+
+!src/test/resources/sample_apps/daytrader8/binaries/daytrader8.jar
+src/test/resources/sample_apps/daytrader8/output
+
+# Local History for Visual Studio Code
+.history/
+
+# Built Visual Studio Code Extensions
+*.vsix
+
+### VisualStudioCode Patch ###
+# Ignore all local history of files
+.history
+.ionide
+
+# Support for Project snippet scope
+.vscode/*.code-snippets
+
+# Ignore code-workspaces
+*.code-workspace
+
+### Gradle ###
+.gradle
+**/build/
+!src/**/build/
+
+# Ignore Gradle GUI config
+gradle-app.setting
+
+# Avoid ignoring Gradle wrapper jar file (.jar files are usually ignored)
+!gradle-wrapper.jar
+
+# Avoid ignore Gradle wrappper properties
+!gradle-wrapper.properties
+
+# Cache of project
+.gradletasknamecache
+
+# Eclipse Gradle plugin generated files
+# Eclipse Core
+.project
+# JDT-specific (Eclipse Java Development Tools)
+.classpath
+
+### Gradle Patch ###
+# Java heap dump
+*.hprof
+
+# End of https://www.toptal.com/developers/gitignore/api/intellij,gradle,java,visualstudiocode
+.idea
+.DS_Store
+.vscode
+bin/
+etc/
+/src/test/resources/sample_apps/daytrader8/output/

LICENSE.txt

@@ -0,0 +1,10 @@
+Copyright IBM Corporation 2023, 2024
+
+Licensed under the Apache Public License 2.0, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.

README.md

@@ -1,2 +1,183 @@
-# codenet-minerva-code-analyzer
-Java source code (and/or binary)  to JSON based system dependency graph generator.
+#
+
+![logo](./docs/assets/logo.png)
+
+Native WALA implementation of source code analysis tool for Enterprise Java Applications.
+
+## 1. Prerequisites
+
+Before you begin, ensure you have met the following requirements:
+
+* You have a Linux/MacOS/WSL machine.
+* You have installed the latest version of [SDKMan!](sdkman.io/)
+
+### 1.1. Install SDKMan!
+1. Install SDKMan!
+   Open your terminal and enter the following command:
+
+   ```bash
+   curl -s "https://get.sdkman.io" | bash
+   ```
+
+   Follow the on-screen instructions to complete the installation.
+
+2. Open a new terminal or source the SDKMan! scripts:
+
+   ```bash
+   source "$HOME/.sdkman/bin/sdkman-init.sh"
+   ```
+
+## 2. Building `codeanalyzer`
+
+### 2.1. Install Java 11 or above
+
+1. You can list all available GraalVM versions with:
+
+   ```bash
+   sdk list java | grep sem
+   ```
+   You should see the following:
+   ```
+    Semeru     |     | 21.0.2       | sem     |            | 21.0.2-sem
+               |     | 21.0.1       | sem     |            | 21.0.1-sem
+               |     | 17.0.10      | sem     |            | 17.0.10-sem
+               |     | 17.0.9       | sem     |            | 17.0.9-sem
+               |     | 11.0.22      | sem     | installed  | 11.0.22-sem
+               |     | 11.0.21      | sem     |            | 11.0.21-sem
+   ```
+
+2. Install Java 11 or above (we'll go with 17.0.10-sem):
+
+   ```bash
+   sdk install java 17.0.10-sem
+   ```
+
+3. Set Java 17 as the current Java version:
+
+   ```bash
+   sdk use java 17.0.10-sem
+   ```
+
+### 2.2. Build `codeanalyzer`
+
+Clone the repository (if you haven't already) and navigate into the cloned directory.
+
+Run the Gradle wrapper script to build the project. This will compile the project using GraalVM native image.
+
+```bash
+./gradlew fatJar
+```
+
+### 2.3. Using `codeanalyzer`
+
+The jar will be built at `build/libs/codeanalyzer-1.0.jar`. It may be used as follows:
+
+```help
+Usage: java -jar /path/to/codeanalyzer-1.0.jar [-hqV] [-d=<appDeps>] [-e=<extraLibs>] -i=<input>
+                    -o=<outDir>
+Convert java binary (*.jar, *.ear, *.war) to a neo4j graph.
+  -d, --app-deps=<appDeps>   Path to the application dependencies.
+  -e, --extra-libs=<extraLibs>
+                             Path to the extra libraries.
+  -h, --help                 Show this help message and exit.
+  -i, --input=<input>        Path to the input jar(s).
+  -o, --output=<outDir>      Destination directory to save the output graphs.
+  -q, --quiet                Don't print logs to console.
+  -V, --version              Print version information and exit.
+```
+
+
+## 3. Installing `codeanalyzer` as a native binary (once built, no JVM will be required for running `codeanalyzer`)
+
+To install `codeanalyzer`, follow these steps:
+
+### 3.1. Install GraalVM using SDKMan
+
+1. You can list all available GraalVM versions with:
+
+   ```bash
+   sdk list java | grep graal
+   ```
+
+2. Install GraalVM 17 or above (we'll go with 21.0.2-graalce):
+
+   ```bash
+   sdk install java 21.0.2-graalce
+   ```
+
+3. Set GraalVM 21 as the current Java version:
+
+   ```bash
+   sdk use java 21.0.2-graalce
+   ```
+
+### 3.2. Build the Project
+
+Clone the repository (if you haven't already) and navigate into the cloned directory.
+
+Run the Gradle wrapper script to build the project. This will compile the project using GraalVM native image.
+
+```bash
+./gradlew nativeCompile -PbinDir=$HOME/.local/bin
+```
+
+**Note: `-PbinDir` is optional. If not provided, this command places the binaries in  `build/bin`.**
+
+### 3.3. Using `codeanalyzer`
+
+Assuming the path you provided in `-PbinDir` (in my case `$HOME/.local/bin`) is in your `$PATH`, after installation, you can use `codeanalyzer` by following the below format:
+
+   ```help
+   Usage: codeanalyzer [-hqV] [-d=<appDeps>] [-e=<extraLibs>] -i=<input>
+                       -o=<outDir>
+   Convert java binary (*.jar, *.ear, *.war) to a neo4j graph.
+     -d, --app-deps=<appDeps>   Path to the application dependencies.
+     -e, --extra-libs=<extraLibs>
+                                Path to the extra libraries.
+     -h, --help                 Show this help message and exit.
+     -i, --input=<input>        Path to the input jar(s).
+     -o, --output=<outDir>      Destination directory to save the output graphs.
+     -q, --quiet                Don't print logs to console.
+     -V, --version              Print version information and exit.
+   ```
+
+There is a sample application in `src/test/resources/sample_apps/daytrader8/binaries/`. You can use this to test the tool.
+
+   ```sh
+   codeanalyzer  -i src/test/resources/sample_apps/daytrader8/binaries/ 
+   ```
+
+This will produce print the SDG on the console. Explore other flags to save the output to a JSON.
+
+## FAQ
+
+1. After making a few code changes, my native binary gives random exceptions. But, my code works perfectly with `java -jar`.
+
+   The `reflect-config.json` is most likely out of date. Plese follow the below instructions:
+
+      a. Build the fatjar using `./gradlew fatJar`
+
+      b. Run the following
+
+      ```sh
+      java -agentlib:native-image-agent=config-output-dir=src/main/resources/META-INF/native-image-config -jar build/libs/codeanalyzer-1.0.jar -i src/test/resources/sample.applications/daytrader8/source -a 2 -v
+      ```
+
+      c. Then build using the instructions in [§3.3](./README.md#33-build-the-project).
+
+   The problem should be resolved.
+
+## LICENSE
+
+```LICENSE
+Copyright IBM Corporation 2023, 2024
+
+Licensed under the Apache Public License 2.0, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+```