This specification relates to static analysis of computer software source code.
Static analysis refers to techniques for analyzing computer software source code without executing the source code as a computer software program.
A software project, or for brevity, a “project,” is a code base having a collection of source code files. A project generally organizes the collection of source code files in a particular way, e.g., in a hierarchical directory structure, with each source code file in the project having a respective path. Typically, the source code files in a project provide one or more related functionalities.
Source code in a project is typically maintained by developers using a version control system. Version control systems generally maintain multiple revisions of the source code in the code base, each revision being referred to as a snapshot. Each snapshot includes the source code of files of the code base as the files existed at a particular point in time.
Snapshots stored in a version control system can be represented as a directed, acyclical revision graph. Each node in the revision graph represents a commit of the source code. A commit represents a snapshot as well as other pertinent information about the snapshot such as the author of the snapshot, and data about ancestor commits of the node in the revision graph. A directed edge from a first node to a second node in the revision graph indicates that a commit represented by the first node is a previous commit than a commit represented by the second node, and that no intervening commits exist in the version control system.