Skip to main content

Overview

Krait analyzes each API endpoint by generating a call graph that shows a hierarchical representation of your codebase. The call graph provides function invocation relationships for the endpoint, depicting cross-file interactions.

How it works

Krait builds the call graph through the following process:
  1. Identifies the endpoint’s controller and traces its execution path
  2. Creates structured nodes representing key elements such as routes, controllers, functions, middleware, and HTTP status codes
  3. Defines parent-child relationships between these nodes to reflect how each component is invoked
  4. Stores the full structure in a Memgraph database for querying and visualization

Node relationships

Krait performs a breadth-first search (BFS) starting from the controller function, using LSP and Tree-Sitter to map out the relationships between nodes:

Route → Controller

Connected by ROUTED_BY relationship

Route → Middleware

Connected by HAS_MIDDLEWARE relationship

Controller → Functions

Connected by CALLS relationship

Functions → Status Codes

Connected by EMITS relationship

Visualization

The call graph provides a complete picture of how data and logic flow through your application, enabling precise security analysis and dependency tracking. Call graph visualization showing hierarchical relationships between routes, controllers, and functions
The call graph is generated automatically as soon as your code repository is integrated, with no additional manual steps required.