Welcome to Scalpel’s documentation!
Scalpel is a Python Static Analysis Framework. It provides essential program analysis functions for facilitating the implementation of client applications focusing on statically resolving dedicated problems. Scalpel includes several fundamental static analysis functions, such as Call graph construction, Control-flow graph construction, Alias analysis, and type Inference. These functions can be reused by developers to implement client applications that focus on statically resolving dedicated Python problems, such as Detecting bugs, Fixing vulnerabilities, Profiling code and Refactoring code. Scalpel is a powerful tool that can help developers to improve the quality of their Python code. It is still under development, but it has the potential to become a valuable resource for the Python community.
Current Capabilities
Even though Scalpel is in a development phase, it provides a wide range of fundamental static analysis techniques in Python, including :
Call Graph Construction
Control-Flow Graph Construction
Type Inference
Import Graph Construction
Code Rewriting
Static Single Assignment (SSA)
These fundamental functions can be applied to various static analysis applications including:
API Name Qualifying
Bug and Vulnerability Detection
Data Flow Analysis
Taint Analysis
Future Directions
As Scalpel is in the early development stage, it is rapidly growing and aims to extend its scope for static analysis in Python, which has already been developed for other Programming Languages such as :
Flow-Sensitive Call Graph Construction
Fully Qualified Name Inference
Assignment Graph
Setting up Scalpel
You can download the source code of Scalpel to install manually or use pip
to install automatically.
The framework has not been uploaded to PyPI repository yet since it’s still in beta.
pip install python-scalpel
Contributing
We will highly appreciate it if you can contribute to this project. Please feel free to do so by submitting issue reports or directly adding pull requests. We hope to obtain help for:
New features. If you believe your publication/open-source project can be part of our framework, please contact us.
Bug reports.
Documentation.
Code refactoring
Roadmap
As a general-purpose framework, Scalpel is a layered structure designed to support tasks at different granularity. You can know more from this user guide about different modules.
Indices and tables
Development Team
Scalpel Framework was first introduced by Li Li, Jiawei Wang, and Haowei Quan in the paper Scalpel: The Python Static Analysis Framework. Scalpel is maintained by the SMAT Lab (SMart Software Analysis and Trustworthy Computing Lab) which is part of the Software Engineering group at Monash University, Australia. Scalpel also receives huge support from the Python community.
Acknowledgement
This project has been inspired and supported by many existing works. Some implementation of functionalities is taken from published work. If you think your work appears in this project but is not mentioned yet, please let us know by any means.
A Simple, Fast Dominance Algorithm Keith D. Cooper, Timothy J. Harvey, and Ken Kennedy
COS598C Advanced Compilers, Princeton University