Include imported symbols in parsedeps

Signed-off-by: Prabhu Subramanian <prabhu@appthreat.com>

build.sbt

@@ -1,9 +1,9 @@
 name                     := "atom"
 ThisBuild / organization := "io.appthreat"
-ThisBuild / version      := "1.5.2"
+ThisBuild / version      := "1.5.3"
 ThisBuild / scalaVersion := "3.3.1"
 
-val chenVersion      = "0.0.20"
+val chenVersion      = "0.0.21"
 
 lazy val atom = Projects.atom
 

src/main/scala/io/appthreat/atom/parsedeps/PythonDependencyParser.scala

@@ -80,7 +80,6 @@ object PythonDependencyParser extends XDependencyParser {
       .filterNot(_ == "N/A")
       .map(x => ScalaFile(x))
       .l
-    val parentList = fileList.flatMap(_.parentOption.map(_.pathAsString))
     cpg.imports
       .whereNot(_.call.file.name(".*setup.py"))
       .filterNot {
@@ -92,8 +91,7 @@ object PythonDependencyParser extends XDependencyParser {
       }
       .dedup
       .importedEntity
-      .flatMap(_.split('.').headOption)
-      .map(x => ModuleWithVersion(x))
+      .map(x => ModuleWithVersion(name = x.split('.').head, importedSymbols = x))
       .toSet
   }
 

src/main/scala/io/appthreat/atom/parsedeps/package.scala

@@ -36,22 +36,35 @@ package object parsedeps {
   }
 
   implicit val moduleWithVersionEncoder: Encoder[ModuleWithVersion] =
-    Encoder.forProduct3("name", "version", "versionSpecifiers")(x => (x.name, x.version, x.versionSpecifiers))
+    Encoder.forProduct4("name", "version", "versionSpecifiers", "importedSymbols")(x =>
+      (x.name, x.version, x.versionSpecifiers, x.importedSymbols)
+    )
   implicit val moduleWithVersionDecoder: Decoder[ModuleWithVersion] =
-    Decoder.forProduct3("name", "version", "versionSpecifiers")(ModuleWithVersion.apply)
+    Decoder.forProduct4("name", "version", "versionSpecifiers", "importedSymbols")(ModuleWithVersion.apply)
 
   case class DependencySlice(modules: Seq[ModuleWithVersion]) extends AtomSlice {
     override def toJson: String = this.asJson.spaces2
   }
 
-  case class ModuleWithVersion(name: String, version: String = "", versionSpecifiers: String = "") {
+  case class ModuleWithVersion(
+    name: String,
+    version: String = "",
+    versionSpecifiers: String = "",
+    importedSymbols: String = ""
+  ) {
 
     def merge(x: ModuleWithVersion): ModuleWithVersion = {
       val vs = this.versions ++ x.versions
+      val is = this.importedSymbols + "," + x.importedSymbols
       vs.find(_.startsWith("==")) match
         case Some(exactVersion) =>
-          ModuleWithVersion(name, exactVersion.stripPrefix("=="), (vs diff Set(exactVersion)).mkString(","))
-        case None => ModuleWithVersion(name, versionSpecifiers = vs.mkString(","))
+          ModuleWithVersion(
+            name,
+            exactVersion.stripPrefix("=="),
+            (vs diff Set(exactVersion)).mkString(","),
+            importedSymbols = is
+          )
+        case None => ModuleWithVersion(name, versionSpecifiers = vs.mkString(","), importedSymbols = is)
 
     }
 

src/test/scala/io/appthreat/atom/PythonDependencyScannerTests.scala

@@ -197,19 +197,19 @@ class PythonDependencyScannerTests extends PySrc2CpgFixture(withOssDataflow = fa
     "have the modules scanned successfully" in {
       val scanResult = PythonDependencyParser.parse(cpg)
       scanResult.modules shouldBe List(
-        ModuleWithVersion("PackageC", "1.2.0.dev1+hg.5.b11e5e6f0b0b"),
-        ModuleWithVersion("PickyThing", "2.4c1", "<1.6,>1.9,!=1.9.6,<2.0a0"),
-        ModuleWithVersion("certifi", "", ">=2017.4.17"),
-        ModuleWithVersion("charset_normalizer", "", ">=2,<4"),
-        ModuleWithVersion("idna", "", ">=2.5,<4"),
-        ModuleWithVersion("os", "", ""),
-        ModuleWithVersion("packageA", "", ">=1.4.2,<1.9,!=1.5.*,!=1.6.*"),
-        ModuleWithVersion("packageB", "", ">=0.5.0,< 0.7.0"),
-        ModuleWithVersion("re-wx", "", ">=0.0.2"),
-        ModuleWithVersion("socket", "", ""),
-        ModuleWithVersion("typing-extensions", "3.10.0.2", ""),
-        ModuleWithVersion("urllib3", "", ">=1.21.1,<3"),
-        ModuleWithVersion("zope.interface", "", ">=5.1.0")
+        ModuleWithVersion("PackageC", "1.2.0.dev1+hg.5.b11e5e6f0b0b", ""),
+        ModuleWithVersion("PickyThing", "2.4c1", "<1.6,>1.9,!=1.9.6,<2.0a0", ""),
+        ModuleWithVersion("certifi", "", ">=2017.4.17", ""),
+        ModuleWithVersion("charset_normalizer", "", ">=2,<4", ""),
+        ModuleWithVersion("idna", "", ">=2.5,<4", ""),
+        ModuleWithVersion("os", "", "", "os.path"),
+        ModuleWithVersion("packageA", "", ">=1.4.2,<1.9,!=1.5.*,!=1.6.*", ""),
+        ModuleWithVersion("packageB", "", ">=0.5.0,< 0.7.0", ""),
+        ModuleWithVersion("re-wx", "", ">=0.0.2", ""),
+        ModuleWithVersion("socket", "", "", "socket"),
+        ModuleWithVersion("typing-extensions", "3.10.0.2", "", ""),
+        ModuleWithVersion("urllib3", "", ">=1.21.1,<3", "urllib3.poolmanager.proxy_from_url,urllib3.util.Timeout,urllib3.exceptions.LocationValueError,urllib3.contrib.socks.SOCKSProxyManager,urllib3.exceptions.HTTPError,urllib3.exceptions.SSLError,urllib3.exceptions.ProxyError,urllib3.exceptions.InvalidHeader,urllib3.exceptions.MaxRetryError,urllib3.exceptions.ConnectTimeoutError,urllib3.exceptions.ClosedPoolError,urllib3.exceptions.ProtocolError,urllib3.util.retry.Retry,urllib3.exceptions.ResponseError,,urllib3.exceptions.ReadTimeoutError,urllib3.exceptions.NewConnectionError,urllib3.util.parse_url,urllib3.poolmanager.PoolManager"),
+        ModuleWithVersion("zope.interface", "", ">=5.1.0", "")
       )
     }
   }

wrapper/nodejs/index.js

@@ -2,6 +2,8 @@
 
 import { freemem, platform as _platform } from "node:os";
 import { dirname, join, delimiter } from "node:path";
+import { readFileSync } from "node:fs";
+
 import { spawnSync } from "node:child_process";
 import { fileURLToPath } from "node:url";
 import { detectJava } from "./utils.mjs";
@@ -12,7 +14,8 @@ if (!url.startsWith("file://")) {
   url = new URL(`file://${import.meta.url}`).toString();
 }
 const dirName = import.meta ? dirname(fileURLToPath(url)) : __dirname;
-
+const selfPJson = JSON.parse(readFileSync(join(dirName, "package.json")));
+const _version = selfPJson.version;
 export const LOG4J_CONFIG = join(dirName, "plugins", "log4j2.xml");
 export const ATOM_HOME = join(dirName, "plugins");
 export const APP_LIB_DIR = join(ATOM_HOME, "lib");
@@ -22,7 +25,7 @@ export const JAVA_OPTS = `${
   process.env.JAVA_OPTS || ""
 } -Xmx${freeMemoryGB}G ${JVM_ARGS}`;
 export const APP_MAIN_CLASS = "io.appthreat.atom.Atom";
-export const ATOM_VERSION = "1.5.2";
+export const ATOM_VERSION = _version;
 export const APP_CLASSPATH = join(
   APP_LIB_DIR,
   `io.appthreat.atom-${ATOM_VERSION}-classpath.jar`

wrapper/nodejs/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@appthreat/atom",
-  "version": "1.5.2",
+  "version": "1.5.3",
   "description": "Create atom (⚛) representation for your application, packages and libraries",
   "exports": "./index.js",
   "type": "module",