chore(docs): update documentation to include SELECT keyword (#138)

* update documentation to include SELECT keyword

* update docs 📖

* update readme

Author: shivasurya

README.md

@@ -58,7 +58,9 @@ $ gradle buildGo (or) npm install -g codepathfinder
 $ ./pathfinder query --project <path_to_project> --stdin
 2024/06/30 21:35:29 Graph built successfully
 Path-Finder Query Console: 
->FROM method_declaration AS md WHERE md.getName() == "getPaneChanges"
+>FROM method_declaration AS md 
+ WHERE md.getName() == "getPaneChanges"
+ SELECT md, "query for pane changes layout methods"
 Executing query: FROM method_declaration AS md WHERE md.getName() == "getPaneChanges"
 
 ┌───┬──────────────────────────────────────────┬─────────────┬────────────────────┬────────────────┬──────────────────────────────────────────────────────────────┐

docs/src/content/docs/api/Entities/index.mdx

@@ -13,13 +13,17 @@ import PostHogLayout from '../../../../layouts/PostHogLayout.astro';
 The query structure is simple, easy to use and inspired by SQL. Query often start with the keyword `FIND` followed by the entity type and then the condition.
 
 ```sql
-FROM entity_type AS entity_variable WHERE condition
+FROM entity_type AS entity_variable
+WHERE condition
+SELECT entity_variable, "Description"
 ```
 
 ## Example
 
 ```sql
-FROM method_declaration AS md WHERE "@Deprecated" in md.getAnnotation()
+FROM method_declaration AS md
+WHERE "@Deprecated" in md.getAnnotation()
+SELECT md, "Listing all deprecated methods"
 ```
 
 ### Alias syntax
@@ -28,7 +32,9 @@ The alias syntax is used to give a name to the entity. This is useful when the e
 to use the alias to invoke the entity methods.
 
 ```sql
-FROM method_declaration AS md WHERE md.<Entity method>
+FROM method_declaration AS md
+WHERE md.<Entity method>
+SELECT md.<Entity Data>, "Example description"
 ```
 
 Learn more about the entity methods below in the API Index.

docs/src/content/docs/api/Predicates/index.mdx

@@ -0,0 +1,27 @@
+---
+title: Predicates
+description: "Predicates - Code PathFinder API Index"
+---
+
+import { Badge } from '@astrojs/starlight/components';
+import PostHogLayout from '../../../../layouts/PostHogLayout.astro';
+
+<PostHogLayout>
+</PostHogLayout>
+
+## Predicates <Badge text="new" variant="tip" size="small" />
+
+Predicates are re-usable functions that can be used in the query. They are defined in the query and can be used in the query.
+
+```sql
+predicate isPublicOrProtected(method_declaration md) {
+    md.getVisibility() == "public" || md.getVisibility() == "protected"
+}
+
+FROM method_declaration AS md
+WHERE isPublicOrProtected(md)
+SELECT md, "Listing all public or protected methods"
+```
+
+
+

docs/src/content/docs/api/index.mdx

@@ -9,4 +9,5 @@ import PostHogLayout from '../../../layouts/PostHogLayout.astro';
 </PostHogLayout>
 
 - [Entities](./entities/)
-- [Conditions](./conditions/)
+- [Conditions](./conditions/)
+- [Predicates](./predicates/)

docs/src/content/docs/changelog.mdx

@@ -8,6 +8,19 @@ import PostHogLayout from '../../layouts/PostHogLayout.astro';
 <PostHogLayout>
 </PostHogLayout>
 
+## v0.0.26
+
+- You can now query multiple entities in a single query and compare with them in conditions and filter them like CodeQL 🚀
+   Example:
+   ```sql
+   FIND method_declaration AS md, method_invocation AS mi
+   WHERE md.getName() == mi.getName() &&
+   md.getVisibility() != "private"
+   ```
+- The pathfinder cli now fresh look with code, line number, file name formatted
+- If you make any mistakes in query, pathfinder cli advises you error message exactly line number and doesn't crash the program
+- Posthog had issues in previous release due to breaking changes in golang sdk from posthog, which is now fixed.
+
 ## v0.0.23
 
 ### **New Feature**:

docs/src/content/docs/index.mdx

@@ -25,7 +25,9 @@ import PostHogLayout from '../../layouts/PostHogLayout.astro';
 
 ```shell
 Code-PathFinder Console:
-> FROM method_declaration AS md WHERE md.getVisibility() == "public" && md.getName() == "main"
+> FROM method_declaration AS md
+  WHERE md.getVisibility() == "public" && md.getName() == "main"
+  SELECT md, "Listing all main methods"
 
 public static void main(String[] args) {
     System.out.println("\"Set thy heart upon thy work, but never on its reward.\" - Bhagavad Gita, Chapter 2, Verse 47");
@@ -39,7 +41,7 @@ public static void main(String[] args) {
 		Strengthen your code’s integrity with robust security checks and insights.
 	</Card>
 	<Card title="Structural Search" icon="seti:code-search">
-		Search and identify specific patterns in your Java code seamlessly.
+		Search and identify specific patterns in source code seamlessly.
 	</Card>
 	<Card title="Call Graph Analysis" icon="seti:pipeline">
 		Visualize and analyze method calls and data flow for better understanding.

docs/src/content/docs/queries/Android/android-webview-settings.mdx

@@ -28,7 +28,9 @@ result in cross-site scripting attacks.
  * @tags security
  * external/cwe/cwe-079
  */
-FROM method_invocation AS mi WHERE mi.getName() == "setJavaScriptEnabled" && "true" in mi.getArgumentName()
+FROM method_invocation AS mi
+WHERE mi.getName() == "setJavaScriptEnabled" && "true" in mi.getArgumentName()
+SELECT mi, "Enabling JavaScript execution in a WebView can result in cross-site scripting attacks."
 ```
 
 ### setAllowUniversalAccessFromFileURLs Webview API
@@ -45,7 +47,9 @@ FROM method_invocation AS mi WHERE mi.getName() == "setJavaScriptEnabled" && "tr
  * @tags security
  * external/cwe/cwe-079
  */
-FROM method_invocation AS mi WHERE mi.getName() == "setAllowUniversalAccessFromFileURLs" && "true" in mi.getArgumentName()
+FROM method_invocation AS mi
+WHERE mi.getName() == "setAllowUniversalAccessFromFileURLs" && "true" in mi.getArgumentName()
+SELECT mi, "Enabling SetAllowUniversalAccessFromFileURLs leak s&&box access to file:/// URLs from any origin."
 ```
 
 ### setAllowFileAccessFromFileURLs Webview API
@@ -62,7 +66,9 @@ FROM method_invocation AS mi WHERE mi.getName() == "setAllowUniversalAccessFromF
  * @tags security
  * external/cwe/cwe-079
  */
-FROM method_invocation AS mi WHERE mi.getName() == "setAllowFileAccessFromFileURLs" && "true" in mi.getArgumentName()
+FROM method_invocation AS mi
+WHERE mi.getName() == "setAllowFileAccessFromFileURLs" && "true" in mi.getArgumentName()
+SELECT mi, "Enabling setAllowFileAccessFromFileURLs leak s&&box access to file:/// URLs."
 ```
 
 ### setAllowContentAccess Webview API
@@ -79,7 +85,9 @@ FROM method_invocation AS mi WHERE mi.getName() == "setAllowFileAccessFromFileUR
  * @tags security
  * external/cwe/cwe-079
  */
-FROM method_invocation WHERE mi.getName() == "setAllowContentAccess" && "true" in mi.getArgumentName()
+FROM method_invocation AS mi
+WHERE mi.getName() == "setAllowContentAccess" && "true" in mi.getArgumentName()
+SELECT mi, "Enabling setAllowContentAccess enables content:// access from webpages."
 ```
 
 ### setAllowFileAccess Webview API
@@ -96,7 +104,9 @@ FROM method_invocation WHERE mi.getName() == "setAllowContentAccess" && "true" i
  * @tags security
  * external/cwe/cwe-079
  */
-FROM method_invocation AS mi WHERE mi.getName() == "setAllowFileAccess" && "true" in mi.getArgumentName()
+FROM method_invocation AS mi
+WHERE mi.getName() == "setAllowFileAccess" && "true" in mi.getArgumentName()
+SELECT mi, "Enabling setAllowFileAccess enables webview access to file:/// URLs."
 ```
 
 ### addJavascriptInterface Webview API
@@ -113,5 +123,7 @@ FROM method_invocation AS mi WHERE mi.getName() == "setAllowFileAccess" && "true
  * @tags security
  * external/cwe/cwe-079
  */
-FROM method_invocation AS mi WHERE mi.getName() == "addJavascriptInterface"
+FROM method_invocation AS mi
+WHERE mi.getName() == "addJavascriptInterface"
+SELECT mi, "Enabling addJavascriptInterface exposes java methods to JavaScript."
 ```

docs/src/content/docs/queries/Javadoc/deprecated-access.mdx

@@ -17,5 +17,7 @@ Pathfinder supports querying for deprecated callable access in the source code.
 The query syntax is simple, easy to use and inspired by SQL.
 
 ```sql
-FROM method_declaration AS md WHERE "@Deprecated" in md.getAnnotation()
+FROM method_declaration AS md
+WHERE "@Deprecated" in md.getAnnotation()
+SELECT md, "Listing all deprecated methods"
 ```