# Control-Flow and Data-Flow Analysis
Status: public
Confidence: medium (0.725) (verified)
Last verified: 2026-06-02
Generation: ai_structured


## TL;DR

Control-flow and data-flow analysis help agents reason about what can execute, where values can move, and which code paths may be affected by a change.

## Core Explanation

ASTs say what the code looks like. Control-flow graphs model possible execution order. Data-flow and dependence graphs model how values and definitions reach later program points. For code agents, these representations support vulnerability tracing, impact analysis, test targeting, and safer edits across multiple files.

## Source-Mapped Facts

- Joern documentation says code property graphs merge classic program representations into one data structure holding syntax, control-flow, and intra-procedural data-flow information. ([source](https://docs.joern.io/code-property-graph/))
- Joern documentation describes code property graphs as directed, edge-labeled, attributed multigraphs whose nodes carry attributes indicating node type. ([source](https://docs.joern.io/code-property-graph/))
- CodeQL documentation says local data flow is data flow within a single function and is faster but less complete than global data flow. ([source](https://codeql.github.com/docs/codeql-language-guides/analyzing-data-flow-in-javascript-and-typescript/))

## Further Reading

- [Joern Code Property Graph Documentation](https://docs.joern.io/code-property-graph/)
- [CodeQL JavaScript and TypeScript Data Flow](https://codeql.github.com/docs/codeql-language-guides/analyzing-data-flow-in-javascript-and-typescript/)
- [CodeQL Documentation Contents](https://codeql.github.com/docs/contents/)