Data Flow

Data flows are the journey of a data element within the codebase. It maps out the journey of a data element from a source to a sink detected via static code analysis.

A data flow result consists of the following structure:

{
    "dataFlow": {
        "third_parties": <DataFlow>,
        "leakages": <DataFlow>,
        "storages": <DataFlow>,
        "internal_apis": <DataFlow>,
        "miscellaneous": <DataFlow>
    }
}

The structure of all data flow representations is similar. As an example, the following is the structure of a storage sink:

{
    "storages": [
        "sourceId": "string",
        "sinks": [
            {
                "sinkType": "string",
                "id": "string",
                "name": "string",
                "isSensitive": "boolean",
                "paths": [
                    {
                        "pathId": "string",
                        "path": [
                            {
                                "sample": "string",
                                "lineNumber": "int",
                                "columnNumber": "int",
                                "fileName": "string",
                                "excerpt": "string"
                            }
                        ]
                    }
                ]
            }
        ]
    ]
}

The parameters of the results are explained below:

Field

Description

third_parties

Third parties that are consuming data elements

leakages

Leakages that are consuming data elements

storages

Databases that are consuming data elements

internal_apis

Internal APIs that are consuming data elements

miscellaneous

Miscellaneous data flows

The parameters of a data flow results are explained below:

Field

Description

sourceId

ID of the source which is processed

sinks

A list of sinks that are detected in a particular type of sink

sinkType

The type of sink

sinks.Id

ID of the sink

name

Name of the sink

isSensitive

Boolean value indicating if the data element is sensitive

paths

A list of paths defining the data flow of the element

pathId

Unique ID of the path

path

An occurrence of a data element

sample

name of the entity in which the data element is processed

lineNumber

Line number of the occurance

columnNumber

Column number of the occurance

fileName

Name of the file where the occurrence is detected

excerpt

A dump of the code around the occurrence

Last updated