refactor: Rename sourcecode-parser to sast-engine (v1.1.0)

.github/workflows/build.yml

@@ -7,7 +7,7 @@ on:
       - master
   pull_request:
     paths:
-      - 'sourcecode-parser/**'
+      - 'sast-engine/**'
       - 'playground/**'
       - 'pathfinder-rules/**'
 
@@ -33,12 +33,12 @@ jobs:
 
       - name: Get dependencies
         run: |
-          cd sourcecode-parser
+          cd sast-engine
           go mod download
 
       - name: Test
         run: |
-          cd sourcecode-parser
+          cd sast-engine
           go test -p 2 -v ./... -coverprofile=coverage.out -covermode=atomic
 
       - name: Upload coverage reports to Codecov
@@ -51,7 +51,7 @@ jobs:
     runs-on: ubuntu-latest
     defaults:
       run:
-        working-directory: sourcecode-parser
+        working-directory: sast-engine
     steps:
       - uses: actions/checkout@v4
       - uses: actions/setup-go@v5
@@ -61,4 +61,4 @@ jobs:
         uses: golangci/golangci-lint-action@v8
         with:
           version: v2.5.0
-          working-directory: sourcecode-parser
+          working-directory: sast-engine

.github/workflows/docker-publish.yml

@@ -29,7 +29,7 @@ jobs:
       - name: Compute Version and Commit Info
         id: cpfinfo
         run: |
-          VERSION=$(cat sourcecode-parser/VERSION)
+          VERSION=$(cat sast-engine/VERSION)
           COMMIT=$(git describe --tags)
           echo $VERSION
           echo $COMMIT
@@ -40,11 +40,11 @@ jobs:
         id: vars
         run: |
           if [[ "${{ github.ref }}" == refs/tags/* ]]; then
-            VERSION=$(cat sourcecode-parser/VERSION)
+            VERSION=$(cat sast-engine/VERSION)
             echo "tag1=v${VERSION}" >> $GITHUB_OUTPUT
             echo "tag2=stable-latest" >> $GITHUB_OUTPUT
           elif [ "${{ github.event_name }}" == "push" ] && [ "${{ github.ref }}" == "refs/heads/main" ]; then
-            VERSION=$(cat sourcecode-parser/VERSION)
+            VERSION=$(cat sast-engine/VERSION)
             echo "tag1=dev-${VERSION}" >> $GITHUB_OUTPUT
             echo "tag2=nightly-latest" >> $GITHUB_OUTPUT
           else

.github/workflows/release.yml

@@ -30,16 +30,16 @@ jobs:
           GOARCH: amd64
           POSTHOG_WEB_ANALYTICS: ${{ secrets.POSTHOG_WEB_ANALYTICS }}
         run: |
-          cd sourcecode-parser
+          cd sast-engine
           gitCommit=$(git describe --tags)
           projectVersion=$(cat VERSION)
           posthogkey=$(echo $POSTHOG_WEB_ANALYTICS)
-          go build -ldflags="-s -w -X github.com/shivasurya/code-pathfinder/sourcecode-parser/cmd.Version=${projectVersion} -X github.com/shivasurya/code-pathfinder/sourcecode-parser/cmd.GitCommit=${gitCommit} -X github.com/shivasurya/code-pathfinder/sourcecode-parser/analytics.PublicKey=${posthogkey}" -v -o pathfinder-linux-amd64 .
+          go build -ldflags="-s -w -X github.com/shivasurya/code-pathfinder/sast-engine/cmd.Version=${projectVersion} -X github.com/shivasurya/code-pathfinder/sast-engine/cmd.GitCommit=${gitCommit} -X github.com/shivasurya/code-pathfinder/sast-engine/analytics.PublicKey=${posthogkey}" -v -o pathfinder-linux-amd64 .
           chmod +x pathfinder-linux-amd64
 
       - name: Calculate SHA256
         run: |
-          cd sourcecode-parser
+          cd sast-engine
           sha256sum pathfinder-linux-amd64 > pathfinder-linux-amd64.sha256sum.txt
           cp pathfinder-linux-amd64 pathfinder
           tar -czvf pathfinder-linux-amd64.tar.gz pathfinder
@@ -49,9 +49,9 @@ jobs:
         with:
           name: pathfinder-linux-amd64
           path: |
-            sourcecode-parser/pathfinder-linux-amd64
-            sourcecode-parser/pathfinder-linux-amd64.sha256sum.txt
-            sourcecode-parser/pathfinder-linux-amd64.tar.gz
+            sast-engine/pathfinder-linux-amd64
+            sast-engine/pathfinder-linux-amd64.sha256sum.txt
+            sast-engine/pathfinder-linux-amd64.tar.gz
 
   build-linux-arm64:
     runs-on: ubuntu-24.04-arm  # Native ARM64 runner (public repos only)
@@ -73,16 +73,16 @@ jobs:
           CGO_ENABLED: 1  # Required for tree-sitter
           POSTHOG_WEB_ANALYTICS: ${{ secrets.POSTHOG_WEB_ANALYTICS }}
         run: |
-          cd sourcecode-parser
+          cd sast-engine
           gitCommit=$(git describe --tags)
           projectVersion=$(cat VERSION)
           posthogkey=$(echo $POSTHOG_WEB_ANALYTICS)
-          go build -ldflags="-s -w -X github.com/shivasurya/code-pathfinder/sourcecode-parser/cmd.Version=${projectVersion} -X github.com/shivasurya/code-pathfinder/sourcecode-parser/cmd.GitCommit=${gitCommit} -X github.com/shivasurya/code-pathfinder/sourcecode-parser/analytics.PublicKey=${posthogkey}" -v -o pathfinder-linux-arm64 .
+          go build -ldflags="-s -w -X github.com/shivasurya/code-pathfinder/sast-engine/cmd.Version=${projectVersion} -X github.com/shivasurya/code-pathfinder/sast-engine/cmd.GitCommit=${gitCommit} -X github.com/shivasurya/code-pathfinder/sast-engine/analytics.PublicKey=${posthogkey}" -v -o pathfinder-linux-arm64 .
           chmod +x pathfinder-linux-arm64
 
       - name: Calculate SHA256
         run: |
-          cd sourcecode-parser
+          cd sast-engine
           sha256sum pathfinder-linux-arm64 > pathfinder-linux-arm64.sha256sum.txt
           cp pathfinder-linux-arm64 pathfinder
           tar -czvf pathfinder-linux-arm64.tar.gz pathfinder
@@ -92,9 +92,9 @@ jobs:
         with:
           name: pathfinder-linux-arm64
           path: |
-            sourcecode-parser/pathfinder-linux-arm64
-            sourcecode-parser/pathfinder-linux-arm64.sha256sum.txt
-            sourcecode-parser/pathfinder-linux-arm64.tar.gz
+            sast-engine/pathfinder-linux-arm64
+            sast-engine/pathfinder-linux-arm64.sha256sum.txt
+            sast-engine/pathfinder-linux-arm64.tar.gz
 
   build-windows:
     runs-on: windows-latest
@@ -115,15 +115,15 @@ jobs:
           GOARCH: amd64
           POSTHOG_WEB_ANALYTICS: ${{ secrets.POSTHOG_WEB_ANALYTICS }}
         run: |
-          cd sourcecode-parser
+          cd sast-engine
           $gitCommit = (git describe --tags).Trim()
           $projectVersion = Get-Content VERSION
           $posthogkey=$env:POSTHOG_WEB_ANALYTICS          
-          go build -ldflags="-s -w -X github.com/shivasurya/code-pathfinder/sourcecode-parser/cmd.Version=${projectVersion} -X github.com/shivasurya/code-pathfinder/sourcecode-parser/cmd.GitCommit=${gitCommit} -X github.com/shivasurya/code-pathfinder/sourcecode-parser/analytics.PublicKey=${posthogkey}" -v -o pathfinder-windows-amd64.exe .
+          go build -ldflags="-s -w -X github.com/shivasurya/code-pathfinder/sast-engine/cmd.Version=${projectVersion} -X github.com/shivasurya/code-pathfinder/sast-engine/cmd.GitCommit=${gitCommit} -X github.com/shivasurya/code-pathfinder/sast-engine/analytics.PublicKey=${posthogkey}" -v -o pathfinder-windows-amd64.exe .
 
       - name: Calculate SHA256
         run: |
-          cd sourcecode-parser
+          cd sast-engine
           Get-FileHash -Algorithm SHA256 pathfinder-windows-amd64.exe | Select-Object Hash | Out-File -Encoding UTF8 pathfinder-windows-amd64.exe.sha256sum.txt
           Copy-Item pathfinder-windows-amd64.exe pathfinder.exe
           Compress-Archive -Path pathfinder.exe -DestinationPath pathfinder-windows-amd64.zip
@@ -133,9 +133,9 @@ jobs:
         with:
           name: pathfinder-windows-amd64
           path: |
-            sourcecode-parser/pathfinder-windows-amd64.exe
-            sourcecode-parser/pathfinder-windows-amd64.exe.sha256sum.txt
-            sourcecode-parser/pathfinder-windows-amd64.zip
+            sast-engine/pathfinder-windows-amd64.exe
+            sast-engine/pathfinder-windows-amd64.exe.sha256sum.txt
+            sast-engine/pathfinder-windows-amd64.zip
 
   build-macos:
     runs-on: macos-latest
@@ -156,16 +156,16 @@ jobs:
           GOARCH: arm64
           POSTHOG_WEB_ANALYTICS: ${{ secrets.POSTHOG_WEB_ANALYTICS }}
         run: |
-          cd sourcecode-parser
+          cd sast-engine
           gitCommit=$(git describe --tags)
           projectVersion=$(cat VERSION)
           posthogkey=$(echo $POSTHOG_WEB_ANALYTICS)
-          go build -ldflags="-s -w -X github.com/shivasurya/code-pathfinder/sourcecode-parser/cmd.Version=${projectVersion} -X github.com/shivasurya/code-pathfinder/sourcecode-parser/cmd.GitCommit=${gitCommit} -X github.com/shivasurya/code-pathfinder/sourcecode-parser/analytics.PublicKey=${posthogkey}" -v -o pathfinder-darwin-arm64 .
+          go build -ldflags="-s -w -X github.com/shivasurya/code-pathfinder/sast-engine/cmd.Version=${projectVersion} -X github.com/shivasurya/code-pathfinder/sast-engine/cmd.GitCommit=${gitCommit} -X github.com/shivasurya/code-pathfinder/sast-engine/analytics.PublicKey=${posthogkey}" -v -o pathfinder-darwin-arm64 .
           chmod +x pathfinder-darwin-arm64
 
       - name: Calculate SHA256
         run: |
-          cd sourcecode-parser
+          cd sast-engine
           shasum -a 256 pathfinder-darwin-arm64 > pathfinder-darwin-arm64.sha256sum.txt
           cp pathfinder-darwin-arm64 pathfinder
           tar -czvf pathfinder-darwin-arm64.tar.gz pathfinder
@@ -175,9 +175,9 @@ jobs:
         with:
           name: pathfinder-darwin-arm64
           path: |
-            sourcecode-parser/pathfinder-darwin-arm64
-            sourcecode-parser/pathfinder-darwin-arm64.sha256sum.txt
-            sourcecode-parser/pathfinder-darwin-arm64.tar.gz
+            sast-engine/pathfinder-darwin-arm64
+            sast-engine/pathfinder-darwin-arm64.sha256sum.txt
+            sast-engine/pathfinder-darwin-arm64.tar.gz
 
   build-macos-intel:
     runs-on: macos-13  # Last Intel-based macOS runner
@@ -199,16 +199,16 @@ jobs:
           CGO_ENABLED: 1  # Required for tree-sitter
           POSTHOG_WEB_ANALYTICS: ${{ secrets.POSTHOG_WEB_ANALYTICS }}
         run: |
-          cd sourcecode-parser
+          cd sast-engine
           gitCommit=$(git describe --tags)
           projectVersion=$(cat VERSION)
           posthogkey=$(echo $POSTHOG_WEB_ANALYTICS)
-          go build -ldflags="-s -w -X github.com/shivasurya/code-pathfinder/sourcecode-parser/cmd.Version=${projectVersion} -X github.com/shivasurya/code-pathfinder/sourcecode-parser/cmd.GitCommit=${gitCommit} -X github.com/shivasurya/code-pathfinder/sourcecode-parser/analytics.PublicKey=${posthogkey}" -v -o pathfinder-darwin-amd64 .
+          go build -ldflags="-s -w -X github.com/shivasurya/code-pathfinder/sast-engine/cmd.Version=${projectVersion} -X github.com/shivasurya/code-pathfinder/sast-engine/cmd.GitCommit=${gitCommit} -X github.com/shivasurya/code-pathfinder/sast-engine/analytics.PublicKey=${posthogkey}" -v -o pathfinder-darwin-amd64 .
           chmod +x pathfinder-darwin-amd64
 
       - name: Calculate SHA256
         run: |
-          cd sourcecode-parser
+          cd sast-engine
           shasum -a 256 pathfinder-darwin-amd64 > pathfinder-darwin-amd64.sha256sum.txt
           cp pathfinder-darwin-amd64 pathfinder
           tar -czvf pathfinder-darwin-amd64.tar.gz pathfinder
@@ -218,9 +218,9 @@ jobs:
         with:
           name: pathfinder-darwin-amd64
           path: |
-            sourcecode-parser/pathfinder-darwin-amd64
-            sourcecode-parser/pathfinder-darwin-amd64.sha256sum.txt
-            sourcecode-parser/pathfinder-darwin-amd64.tar.gz
+            sast-engine/pathfinder-darwin-amd64
+            sast-engine/pathfinder-darwin-amd64.sha256sum.txt
+            sast-engine/pathfinder-darwin-amd64.tar.gz
 
   release:
     needs: [build-linux, build-linux-arm64, build-windows, build-macos, build-macos-intel]

.github/workflows/stdlib-r2-upload.yml

@@ -55,7 +55,7 @@ jobs:
           R2_ACCESS_KEY_ID: ${{ secrets.R2_ACCESS_KEY_ID }}
           R2_SECRET_ACCESS_KEY: ${{ secrets.R2_SECRET_ACCESS_KEY }}
         run: |
-          cd sourcecode-parser/tools
+          cd sast-engine/tools
           chmod +x upload_to_r2.sh
           ./upload_to_r2.sh
 

CLAUDE.md

@@ -6,7 +6,7 @@ This file provides guidance to Claude Code (claude.ai/code) when working with co
 
 ### Building the Binary
 ```bash
-cd sourcecode-parser
+cd sast-engine
 gradle buildGo
 ```
 The binary is output to `build/go/pathfinder`. The build automatically cleans previous builds first.
@@ -65,29 +65,29 @@ Output Formats (JSON, SARIF, Table)
 
 ### Core Packages
 
-**sourcecode-parser/graph/** - Code graph construction and management
+**sast-engine/graph/** - Code graph construction and management
 - `initialize.go`: Multi-threaded file parsing with 5 workers
 - `parser.go`: AST traversal orchestrator (language-agnostic entry point)
 - `parser_java.go`: Java-specific node parsing
 - `parser_python.go`: Python-specific node parsing
 - `query.go`: Query execution engine with Cartesian product optimization
 - `utils.go`: SHA256-based ID generation, file operations
 
-**sourcecode-parser/antlr/** - Query language parsing
+**sast-engine/antlr/** - Query language parsing
 - `Query.g4`: ANTLR grammar for PathFinder query language
 - `listener_impl.go`: Semantic analysis of parsed queries
 
-**sourcecode-parser/cmd/** - CLI interface
+**sast-engine/cmd/** - CLI interface
 - `query.go`: Interactive/batch query execution with pagination
 - `ci.go`: CI/CD integration with rule loading from codepathfinder.dev
 - `scan.go`: Scan project against local ruleset
 
-**sourcecode-parser/model/** - AST data models
+**sast-engine/model/** - AST data models
 - `stmt.go`: Statement models (if/while/for/blocks)
 - `expr.go`: Expression models
 - `location.go`: Source location tracking for lazy loading
 
-**sourcecode-parser/analytics/** - Optional PostHog telemetry
+**sast-engine/analytics/** - Optional PostHog telemetry
 
 ## Critical Design Patterns
 
@@ -398,7 +398,7 @@ This counteracts non-determinism from multi-threaded parsing.
 ## Release and Versioning
 
 ### Version Management
-Version is stored in `sourcecode-parser/VERSION` and injected at build time:
+Version is stored in `sast-engine/VERSION` and injected at build time:
 ```gradle
 // In build.gradle
 commandLine 'go', 'build', '-ldflags',

CONTRIBUTING.md

@@ -12,7 +12,7 @@ We recommend using the following IDEs for developing with Code Pathfinder:
 
 ## Core Project
 
-The core of Code Pathfinder is the `sourcecode-parser` project, written in Go.
+The core of Code Pathfinder is the `sast-engine` project, written in Go.
 
 ## Build System
 

Dockerfile

@@ -2,7 +2,7 @@ FROM cgr.dev/chainguard/go:latest AS builder
 
 WORKDIR /app
 
-COPY sourcecode-parser .
+COPY sast-engine .
 
 ARG POSTHOG_WEB_ANALYTICS
 
@@ -16,7 +16,7 @@ RUN echo "Building version ${PROJECT_VERSION} with commit ${PROJECT_COMMIT}"
 
 RUN go mod download
 
-RUN go build -ldflags="-s -w -X github.com/shivasurya/code-pathfinder/sourcecode-parser/cmd.Version=${PROJECT_VERSION} -X github.com/shivasurya/code-pathfinder/sourcecode-parser/cmd.GitCommit=${PROJECT_COMMIT} -X github.com/shivasurya/code-pathfinder/sourcecode-parser/analytics.PublicKey=${POSTHOG_API_KEY}" -v -o pathfinder .
+RUN go build -ldflags="-s -w -X github.com/shivasurya/code-pathfinder/sast-engine/cmd.Version=${PROJECT_VERSION} -X github.com/shivasurya/code-pathfinder/sast-engine/cmd.GitCommit=${PROJECT_COMMIT} -X github.com/shivasurya/code-pathfinder/sast-engine/analytics.PublicKey=${POSTHOG_API_KEY}" -v -o pathfinder .
 
 FROM cgr.dev/chainguard/wolfi-base:latest
 

README.md

@@ -9,6 +9,7 @@
 [![npm version](https://img.shields.io/npm/v/@codepathfinder/secureflow-cli?logo=npm)](https://www.npmjs.com/package/@codepathfinder/secureflow-cli)
 [![Open VSX](https://img.shields.io/open-vsx/v/codepathfinder/secureflow?label=Open%20VSX&logo=vscodium)](https://open-vsx.org/extension/codepathfinder/secureflow)
 [![AGPL-3.0 License](https://img.shields.io/github/license/shivasurya/code-pathfinder)](https://github.com/shivasurya/code-pathfinder/blob/main/LICENSE)
+[![Ask DeepWiki](https://deepwiki.com/badge.svg)](https://deepwiki.com/shivasurya/code-pathfinder)
 </div>
 
 # Code Pathfinder 

codecov.yml

@@ -1,2 +1,2 @@
 ignore:
-  - "sourcecode-parser/antlr/"  # ignore folders and all its contents
+  - "sast-engine/antlr/"  # ignore folders and all its contents

package.json

@@ -1,6 +1,6 @@
 {
     "name": "codepathfinder",
-    "version": "1.0.0",
+    "version": "1.1.0",
     "description": "Code Pathfinder, the open-source alternative to CodeQL. Designed for precise flow analysis and advanced structural search, it identifies vulnerabilities in source code.",
     "goBinary": {
         "name": "pathfinder",

perf_tools/README.md

@@ -34,7 +34,7 @@ Options:
   -p, --project DIR     Project directory to analyze (default: ~/src/shivasurya/salt)
   -q, --query QUERY     Query to run (default: 'FROM function_definition AS fd SELECT fd')
   -o, --output NAME     Output file prefix (default: 'benchmark')
-  -b, --binary PATH     Path to pathfinder binary (default: ../sourcecode-parser/build/go/pathfinder)
+  -b, --binary PATH     Path to pathfinder binary (default: ../sast-engine/build/go/pathfinder)
   -h, --help            Show this help message
 ```
 
@@ -117,7 +117,7 @@ Memory Usage Over Time
 
 ### Required
 - Bash shell
-- Built pathfinder binary (run `cd ../sourcecode-parser && gradle buildGo`)
+- Built pathfinder binary (run `cd ../sast-engine && gradle buildGo`)
 
 ### Optional
 - Python 3 with matplotlib and pandas for graph generation
@@ -133,7 +133,7 @@ If you want more control, use the individual scripts:
 
 ```bash
 # Terminal 1: Start query
-../sourcecode-parser/build/go/pathfinder query --project ~/salt --query "..." &
+../sast-engine/build/go/pathfinder query --project ~/salt --query "..." &
 PID=$!
 
 # Terminal 2: Monitor memory
@@ -163,12 +163,12 @@ To measure the impact of performance optimizations:
 ```bash
 # Before optimization
 git checkout main
-cd sourcecode-parser && gradle clean buildGo && cd ../perf_tools
+cd sast-engine && gradle clean buildGo && cd ../perf_tools
 ./benchmark.sh -o before_optimization
 
 # After optimization
 git checkout feature-branch
-cd sourcecode-parser && gradle clean buildGo && cd ../perf_tools
+cd sast-engine && gradle clean buildGo && cd ../perf_tools
 ./benchmark.sh -o after_optimization
 
 # Compare results
@@ -182,7 +182,7 @@ echo "After:  $(grep 'Peak RSS' after_optimization.csv | tail -1)"
 
 Build the binary first:
 ```bash
-cd ../sourcecode-parser
+cd ../sast-engine
 gradle clean buildGo
 cd ../perf_tools
 ```

playground-Dockerfile

@@ -4,8 +4,8 @@ FROM cgr.dev/chainguard/go:latest as builder
 # Set working directory
 WORKDIR /build
 
-# First, copy the sourcecode-parser module
-COPY ./sourcecode-parser /build/sourcecode-parser
+# First, copy the sast-engine module
+COPY ./sast-engine /build/sast-engine
 
 # Copy the playground module
 COPY ./playground /build/playground