DRF Common Root Issue

[dmdhrumilmistry]

I'm trying to run tool on a Django project with multiple Django applications installed inside a single Django project. I'm facing issues while creating a visualization. Django app is using Django Rest Framework. please find the logs below:

s routes viz --browser routes.json
2023-08-07 15:38:29,726 INFO routes.main Starting command viz
2023-08-07 15:38:29,726 INFO routes.commands.viz Reading input file routes.json
2023-08-07 15:38:29,729 INFO routes.commands.viz Finding rule counts: Users.xxxxx..pyenv.versions.3.11.3.lib.python3.11.site-packages.routes.rules.django-rest-framework-route-authenticated=40 Users.xxxxx..pyenv.versions.3.11.3.lib.python3.11.site-packages.routes.rules.django-rest-framework-route-unauthenticated=79
Traceback (most recent call last):
  File "/Users/xxxxx/.pyenv/versions/3.11.3/bin/routes", line 8, in <module>
    sys.exit(main())
             ^^^^^^
  File "/Users/xxxxx/.pyenv/versions/3.11.3/lib/python3.11/site-packages/routes/main.py", line 103, in main
    result = command(args)
             ^^^^^^^^^^^^^
  File "/Users/xxxxx/.pyenv/versions/3.11.3/lib/python3.11/site-packages/routes/commands/viz.py", line 155, in main
    raise ValueError(
ValueError: Tree assumes a common root ({'app1', 'app2', 'app3', 'app4', 'app5', 'app6'}), please only specify a single directory

[dmdhrumilmistry]

Found a workaround for this, we can scan each apps one by one or provide complete path to django project.

• App by App

  s semgrep --config $(routes which django-rest-framework) ./app1 -o app1-routes.json --json # app by app
  s routes viz --browser app1-routes.json

• All at once

  $ semgrep --config $(routes which django-rest-framework) ~/project/repo/path -o routes.json --json # complete django project
  s routes viz --browser routes.json

[mschwager]

Hi there,

Yes, I would recommend scanning all directories at once. Typically you can achieve this by specifying a parent directory of multiple app directories, as you've done here. The reason for this is route-detect cannot create a common root node if there are multiple directories specified. We'd end up with multiple trees in the visualization, or a "forest." This is technically achievable, but route-detect does not currently support it.

Thanks for giving it a try!