autoai-codetrust 0.1.0__tar.gz

autoai_codetrust-0.1.0/.gitignore

@@ -0,0 +1,7 @@
+node_modules/
+dist/
+build/
+*.egg-info/
+__pycache__/
+.pytest_cache/
+*.pyc

autoai_codetrust-0.1.0/Dockerfile

@@ -0,0 +1,24 @@
+FROM python:3.12-slim
+
+WORKDIR /app
+
+# Install dependencies first (cache layer)
+COPY pyproject.toml README.md ./
+COPY src/ src/
+RUN pip install --no-cache-dir . && \
+    pip install --no-cache-dir gunicorn
+
+# Create data directory for SQLite
+RUN mkdir -p /app/data
+
+ENV CODETRUST_DB_PATH=/app/data/codetrust.db
+ENV CODETRUST_HOST=0.0.0.0
+ENV CODETRUST_PORT=8080
+
+EXPOSE 8080
+
+CMD ["gunicorn", "aicodetrustcore.api:app", \
+     "-k", "uvicorn.workers.UvicornWorker", \
+     "-b", "0.0.0.0:8080", \
+     "--workers", "2", \
+     "--timeout", "120"]

autoai_codetrust-0.1.0/PKG-INFO

@@ -0,0 +1,64 @@
+Metadata-Version: 2.4
+Name: autoai-codetrust
+Version: 0.1.0
+Summary: AI code security scanner — catches vulnerabilities, hallucinated dependencies, and compliance issues in AI-generated code. Snyk, but built for the AI coding era.
+Project-URL: Homepage, https://codetrust.dev
+Project-URL: Repository, https://github.com/autoailabadmin/codetrust
+Project-URL: Documentation, https://codetrust.dev/docs
+Author-email: AutoAI Labs <info@autoailabs.co.uk>
+License: Apache-2.0
+Keywords: ai-code,ai-scanner,claude,code-quality,code-security,copilot,cursor,hallucination-detection,mcp,sast,security,snyk-alternative,vulnerability-scanner
+Classifier: Development Status :: 4 - Beta
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: Apache Software License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Topic :: Security
+Classifier: Topic :: Software Development :: Quality Assurance
+Requires-Python: >=3.10
+Requires-Dist: click>=8.0
+Requires-Dist: fastapi>=0.110.0
+Requires-Dist: mcp>=1.0.0
+Requires-Dist: python-multipart>=0.0.9
+Requires-Dist: rich>=13.0
+Requires-Dist: uvicorn[standard]>=0.29.0
+Provides-Extra: dev
+Requires-Dist: httpx>=0.27.0; extra == 'dev'
+Requires-Dist: pytest-asyncio>=0.21; extra == 'dev'
+Requires-Dist: pytest>=7.0; extra == 'dev'
+Description-Content-Type: text/markdown
+
+# AICodeTrustScore
+
+Continuous trust scoring for AI-generated code. Analyzes code from Cursor, Copilot, Claude, and other AI tools, assigning a 0-100 trust score with hallucination detection.
+
+## Install
+
+```bash
+pip install autoai-aicodetrustcore
+```
+
+## Usage
+
+```bash
+# Score a file
+aicodetrustcore score path/to/file.py
+
+# Score a git diff
+aicodetrustcore diff
+
+# Full report for a directory
+aicodetrustcore report path/to/project/
+
+# Check for AI hallucinations
+aicodetrustcore hallucination-check path/to/file.py
+
+# Start MCP server
+aicodetrustcore serve
+```
+
+## License
+
+Apache-2.0

autoai_codetrust-0.1.0/README.md

@@ -0,0 +1,32 @@
+# AICodeTrustScore
+
+Continuous trust scoring for AI-generated code. Analyzes code from Cursor, Copilot, Claude, and other AI tools, assigning a 0-100 trust score with hallucination detection.
+
+## Install
+
+```bash
+pip install autoai-aicodetrustcore
+```
+
+## Usage
+
+```bash
+# Score a file
+aicodetrustcore score path/to/file.py
+
+# Score a git diff
+aicodetrustcore diff
+
+# Full report for a directory
+aicodetrustcore report path/to/project/
+
+# Check for AI hallucinations
+aicodetrustcore hallucination-check path/to/file.py
+
+# Start MCP server
+aicodetrustcore serve
+```
+
+## License
+
+Apache-2.0

autoai_codetrust-0.1.0/github-action/action.yml

@@ -0,0 +1,144 @@
+name: 'CodeTrust AI Code Scanner'
+description: 'Scan AI-generated code for security vulnerabilities, hallucinated dependencies, and quality issues. Snyk, but built for the AI coding era.'
+author: 'AutoAI Labs'
+
+branding:
+  icon: 'shield'
+  color: 'blue'
+
+inputs:
+  api-key:
+    description: 'CodeTrust API key (get one at codetrust.dev)'
+    required: false
+    default: ''
+  scan-mode:
+    description: 'Scan mode: "diff" (only changed files) or "full" (entire repo)'
+    required: false
+    default: 'diff'
+  fail-on:
+    description: 'Fail the check if score is below this threshold (0-100). Set to 0 to never fail.'
+    required: false
+    default: '50'
+  languages:
+    description: 'Comma-separated languages to scan (python,typescript,javascript,go). Default: all.'
+    required: false
+    default: 'all'
+  api-url:
+    description: 'CodeTrust API URL (for self-hosted installations)'
+    required: false
+    default: 'https://codetrust-api.autoailabs.co.uk'
+
+outputs:
+  score:
+    description: 'Overall trust score (0-100)'
+    value: ${{ steps.scan.outputs.score }}
+  category:
+    description: 'Trust category: ship_it, review, needs_work, dont_ship'
+    value: ${{ steps.scan.outputs.category }}
+  total-issues:
+    description: 'Total number of issues found'
+    value: ${{ steps.scan.outputs.total_issues }}
+  critical-issues:
+    description: 'Number of critical issues'
+    value: ${{ steps.scan.outputs.critical_issues }}
+  report-url:
+    description: 'URL to the full report on codetrust.dev'
+    value: ${{ steps.scan.outputs.report_url }}
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Set up Python
+      uses: actions/setup-python@v5
+      with:
+        python-version: '3.12'
+
+    - name: Install CodeTrust
+      shell: bash
+      run: pip install codetrust --quiet
+
+    - name: Run CodeTrust Scan
+      id: scan
+      shell: bash
+      env:
+        CODETRUST_API_KEY: ${{ inputs.api-key }}
+        CODETRUST_API_URL: ${{ inputs.api-url }}
+      run: |
+        set -e
+
+        SCAN_MODE="${{ inputs.scan-mode }}"
+        FAIL_THRESHOLD="${{ inputs.fail-on }}"
+
+        if [ "$SCAN_MODE" = "diff" ]; then
+          # Get the diff for this PR or push
+          if [ -n "${{ github.event.pull_request.base.sha }}" ]; then
+            DIFF=$(git diff ${{ github.event.pull_request.base.sha }}..HEAD)
+          else
+            DIFF=$(git diff HEAD~1..HEAD 2>/dev/null || git diff HEAD)
+          fi
+
+          if [ -z "$DIFF" ]; then
+            echo "No code changes detected."
+            echo "score=100" >> "$GITHUB_OUTPUT"
+            echo "category=ship_it" >> "$GITHUB_OUTPUT"
+            echo "total_issues=0" >> "$GITHUB_OUTPUT"
+            echo "critical_issues=0" >> "$GITHUB_OUTPUT"
+            exit 0
+          fi
+
+          # Run scan via CLI with JSON output
+          RESULT=$(echo "$DIFF" | codetrust diff --json-output 2>/dev/null || echo '{"score": 0, "trust_category": "dont_ship", "total_issues": -1}')
+        else
+          RESULT=$(codetrust report . --json-output 2>/dev/null || echo '{"score": 0, "trust_category": "dont_ship", "total_issues": -1}')
+        fi
+
+        # Parse results
+        SCORE=$(echo "$RESULT" | python3 -c "import sys,json; d=json.load(sys.stdin); print(int(d.get('score',0)))")
+        CATEGORY=$(echo "$RESULT" | python3 -c "import sys,json; d=json.load(sys.stdin); print(d.get('trust_category','unknown'))")
+        TOTAL=$(echo "$RESULT" | python3 -c "import sys,json; d=json.load(sys.stdin); print(d.get('total_issues',0))")
+        CRITICAL=$(echo "$RESULT" | python3 -c "import sys,json; d=json.load(sys.stdin); print(len([i for i in d.get('issues',[]) if i.get('severity')=='critical']))")
+
+        echo "score=$SCORE" >> "$GITHUB_OUTPUT"
+        echo "category=$CATEGORY" >> "$GITHUB_OUTPUT"
+        echo "total_issues=$TOTAL" >> "$GITHUB_OUTPUT"
+        echo "critical_issues=$CRITICAL" >> "$GITHUB_OUTPUT"
+
+        # Print summary
+        echo "## CodeTrust Scan Results" >> "$GITHUB_STEP_SUMMARY"
+        echo "" >> "$GITHUB_STEP_SUMMARY"
+        echo "| Metric | Value |" >> "$GITHUB_STEP_SUMMARY"
+        echo "|--------|-------|" >> "$GITHUB_STEP_SUMMARY"
+        echo "| **Trust Score** | **$SCORE/100** |" >> "$GITHUB_STEP_SUMMARY"
+        echo "| Category | $CATEGORY |" >> "$GITHUB_STEP_SUMMARY"
+        echo "| Total Issues | $TOTAL |" >> "$GITHUB_STEP_SUMMARY"
+        echo "| Critical Issues | $CRITICAL |" >> "$GITHUB_STEP_SUMMARY"
+        echo "" >> "$GITHUB_STEP_SUMMARY"
+
+        # Print issues if any
+        if [ "$TOTAL" -gt 0 ] 2>/dev/null; then
+          echo "### Issues Found" >> "$GITHUB_STEP_SUMMARY"
+          echo "" >> "$GITHUB_STEP_SUMMARY"
+          echo "$RESULT" | python3 -c "
+        import sys, json
+        d = json.load(sys.stdin)
+        for i in d.get('issues', [])[:20]:
+            sev = i.get('severity', 'info').upper()
+            title = i.get('title', 'Unknown')
+            desc = i.get('description', '')
+            line = i.get('line_start', '?')
+            fp = i.get('file_path', '?')
+            suggestion = i.get('suggestion', '')
+            print(f'- **[{sev}]** {title} ({fp}:{line})')
+            if suggestion:
+                print(f'  - Fix: {suggestion}')
+        " >> "$GITHUB_STEP_SUMMARY" 2>/dev/null || true
+        fi
+
+        echo "" >> "$GITHUB_STEP_SUMMARY"
+        echo "*Scanned by [CodeTrust](https://codetrust.dev) — AI code security by AutoAI Labs*" >> "$GITHUB_STEP_SUMMARY"
+
+        # Fail if below threshold
+        if [ "$SCORE" -lt "$FAIL_THRESHOLD" ] 2>/dev/null; then
+          echo "::error::CodeTrust score ($SCORE) is below threshold ($FAIL_THRESHOLD). Fix the issues above."
+          exit 1
+        fi

autoai_codetrust-0.1.0/pyproject.toml

@@ -0,0 +1,58 @@
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"
+
+[project]
+name = "autoai-codetrust"
+version = "0.1.0"
+description = "AI code security scanner — catches vulnerabilities, hallucinated dependencies, and compliance issues in AI-generated code. Snyk, but built for the AI coding era."
+readme = "README.md"
+license = {text = "Apache-2.0"}
+requires-python = ">=3.10"
+authors = [
+    {name = "AutoAI Labs", email = "info@autoailabs.co.uk"},
+]
+keywords = [
+    "ai-code", "code-security", "hallucination-detection", "ai-scanner",
+    "code-quality", "security", "sast", "copilot", "cursor", "claude",
+    "snyk-alternative", "vulnerability-scanner", "mcp",
+]
+classifiers = [
+    "Development Status :: 4 - Beta",
+    "Intended Audience :: Developers",
+    "License :: OSI Approved :: Apache Software License",
+    "Programming Language :: Python :: 3",
+    "Programming Language :: Python :: 3.10",
+    "Programming Language :: Python :: 3.11",
+    "Programming Language :: Python :: 3.12",
+    "Topic :: Software Development :: Quality Assurance",
+    "Topic :: Security",
+]
+dependencies = [
+    "mcp>=1.0.0",
+    "click>=8.0",
+    "rich>=13.0",
+    "fastapi>=0.110.0",
+    "uvicorn[standard]>=0.29.0",
+    "python-multipart>=0.0.9",
+]
+
+[project.optional-dependencies]
+dev = [
+    "pytest>=7.0",
+    "pytest-asyncio>=0.21",
+    "httpx>=0.27.0",
+]
+
+[project.scripts]
+codetrust = "aicodetrustcore.cli:main"
+codetrust-api = "aicodetrustcore.api:main"
+codetrust-mcp = "aicodetrustcore.server:main"
+
+[project.urls]
+Homepage = "https://codetrust.dev"
+Repository = "https://github.com/autoailabadmin/codetrust"
+Documentation = "https://codetrust.dev/docs"
+
+[tool.hatch.build.targets.wheel]
+packages = ["src/aicodetrustcore"]

autoai_codetrust-0.1.0/src/aicodetrustcore/__init__.py

@@ -0,0 +1,8 @@
+"""AICodeTrustScore -- Continuous trust scoring for AI-generated code.
+
+Analyzes code produced by Cursor, Copilot, Claude, and other AI tools,
+assigning a 0-100 trust score based on correctness, safety, test coverage,
+dependency risk, consistency, and hallucination detection.
+"""
+
+__version__ = "0.1.0"

autoai_codetrust-0.1.0/src/aicodetrustcore/analyzers/__init__.py

@@ -0,0 +1,29 @@
+"""AICodeTrustScore analyzers -- each module detects a specific class of trust issue."""
+
+from __future__ import annotations
+
+from .correctness import CorrectnessAnalyzer
+from .safety import SafetyAnalyzer
+from .test_coverage import TestCoverageAnalyzer
+from .dependency import DependencyAnalyzer
+from .consistency import ConsistencyAnalyzer
+from .hallucination import HallucinationAnalyzer
+
+ALL_ANALYZERS = [
+    CorrectnessAnalyzer,
+    SafetyAnalyzer,
+    TestCoverageAnalyzer,
+    DependencyAnalyzer,
+    ConsistencyAnalyzer,
+    HallucinationAnalyzer,
+]
+
+__all__ = [
+    "CorrectnessAnalyzer",
+    "SafetyAnalyzer",
+    "TestCoverageAnalyzer",
+    "DependencyAnalyzer",
+    "ConsistencyAnalyzer",
+    "HallucinationAnalyzer",
+    "ALL_ANALYZERS",
+]

autoai_codetrust-0.1.0/src/aicodetrustcore/analyzers/consistency.py

@@ -0,0 +1,255 @@
+"""Consistency analyzer -- checks if AI code matches existing project style.
+
+Checks:
+- Naming convention mismatch with existing code
+- Different error handling patterns than the project uses
+- Import style inconsistency
+- Comment style mismatch
+- Architecture layer violations
+"""
+
+from __future__ import annotations
+
+import re
+from pathlib import Path
+
+from ..types import TrustIssue, IssueCategory, Severity
+
+
+_CODE_EXTENSIONS = {".py", ".ts", ".tsx", ".js", ".jsx", ".go"}
+
+
+class ConsistencyAnalyzer:
+    """Detects style and pattern inconsistencies in AI-generated code."""
+
+    name = "consistency"
+
+    @classmethod
+    def analyze_file(cls, file_path: Path, content: str) -> list[TrustIssue]:
+        """Analyse a file for consistency issues."""
+        findings: list[TrustIssue] = []
+
+        if file_path.suffix not in _CODE_EXTENSIONS:
+            return findings
+
+        lines = content.splitlines()
+        rel_path = str(file_path)
+        is_python = file_path.suffix == ".py"
+        is_js_ts = file_path.suffix in {".ts", ".tsx", ".js", ".jsx"}
+
+        # Naming convention checks
+        if is_python:
+            findings.extend(cls._check_python_naming(rel_path, lines))
+            findings.extend(cls._check_python_import_style(rel_path, lines))
+            findings.extend(cls._check_python_string_style(rel_path, lines))
+
+        if is_js_ts:
+            findings.extend(cls._check_js_naming(rel_path, lines))
+            findings.extend(cls._check_js_import_style(rel_path, lines))
+
+        # Mixed tab/space indentation
+        findings.extend(cls._check_indentation(rel_path, lines))
+
+        return findings
+
+    @classmethod
+    def _check_python_naming(cls, rel_path: str, lines: list[str]) -> list[TrustIssue]:
+        """Check Python naming conventions (PEP 8)."""
+        findings: list[TrustIssue] = []
+        camel_case_var = re.compile(r'^\s*([a-z]+[A-Z]\w*)\s*=')
+
+        camel_count = 0
+        for i, line in enumerate(lines, 1):
+            m = camel_case_var.match(line)
+            if m:
+                var_name = m.group(1)
+                # Exclude common abbreviations
+                if not re.match(r'^(is|has|can|should|will)', var_name):
+                    camel_count += 1
+                    if camel_count <= 3:  # Report first few only
+                        findings.append(TrustIssue(
+                            analyzer=cls.name,
+                            category=IssueCategory.CONSISTENCY,
+                            severity=Severity.LOW,
+                            title=f"camelCase variable '{var_name}' in Python",
+                            description="Python convention is snake_case for variables and functions (PEP 8).",
+                            file_path=rel_path,
+                            line_start=i,
+                            suggestion=f"Rename to '{cls._to_snake_case(var_name)}'.",
+                            code_snippet=line.strip()[:200],
+                        ))
+
+        # Classes not in PascalCase
+        class_pattern = re.compile(r'^\s*class\s+(\w+)')
+        for i, line in enumerate(lines, 1):
+            m = class_pattern.match(line)
+            if m:
+                name = m.group(1)
+                if "_" in name and not name.startswith("_"):
+                    findings.append(TrustIssue(
+                        analyzer=cls.name,
+                        category=IssueCategory.CONSISTENCY,
+                        severity=Severity.LOW,
+                        title=f"Class '{name}' uses snake_case instead of PascalCase",
+                        description="Python convention is PascalCase for class names (PEP 8).",
+                        file_path=rel_path,
+                        line_start=i,
+                        suggestion=f"Rename to PascalCase.",
+                        code_snippet=line.strip()[:200],
+                    ))
+
+        return findings
+
+    @classmethod
+    def _check_python_import_style(cls, rel_path: str, lines: list[str]) -> list[TrustIssue]:
+        """Check for inconsistent import styles."""
+        findings: list[TrustIssue] = []
+
+        has_wildcard = False
+        wildcard_line = 0
+        for i, line in enumerate(lines, 1):
+            stripped = line.strip()
+            if re.match(r'from\s+\w+\s+import\s+\*', stripped):
+                has_wildcard = True
+                wildcard_line = i
+
+        if has_wildcard:
+            findings.append(TrustIssue(
+                analyzer=cls.name,
+                category=IssueCategory.CONSISTENCY,
+                severity=Severity.MEDIUM,
+                title="Wildcard import (from x import *)",
+                description="Wildcard imports pollute the namespace and make it unclear what's available.",
+                file_path=rel_path,
+                line_start=wildcard_line,
+                suggestion="Import specific names: from module import Class1, func1",
+            ))
+
+        return findings
+
+    @classmethod
+    def _check_python_string_style(cls, rel_path: str, lines: list[str]) -> list[TrustIssue]:
+        """Check for mixed single/double quotes (inconsistency indicator)."""
+        findings: list[TrustIssue] = []
+        single_count = 0
+        double_count = 0
+
+        for line in lines:
+            stripped = line.strip()
+            if stripped.startswith("#"):
+                continue
+            # Count string literal starts (simple heuristic)
+            single_count += len(re.findall(r"(?<![\"\\])'(?!'')", stripped))
+            double_count += len(re.findall(r'(?<![\'\\])"(?!"")', stripped))
+
+        total = single_count + double_count
+        if total > 10:  # Only check if there are enough strings
+            ratio = min(single_count, double_count) / max(single_count, double_count, 1)
+            if 0.3 < ratio < 0.7:
+                findings.append(TrustIssue(
+                    analyzer=cls.name,
+                    category=IssueCategory.CONSISTENCY,
+                    severity=Severity.INFO,
+                    title="Inconsistent string quote style",
+                    description=f"Mixed use of single ({single_count}) and double ({double_count}) quotes. "
+                                "Pick one style and use it consistently.",
+                    file_path=rel_path,
+                    line_start=1,
+                    suggestion="Use a formatter like black (Python) or prettier (JS) to enforce consistent quotes.",
+                ))
+
+        return findings
+
+    @classmethod
+    def _check_js_naming(cls, rel_path: str, lines: list[str]) -> list[TrustIssue]:
+        """Check JS/TS naming conventions."""
+        findings: list[TrustIssue] = []
+        snake_case_var = re.compile(r'^\s*(?:const|let|var)\s+([a-z]+_[a-z_]+)\s*=')
+
+        snake_count = 0
+        for i, line in enumerate(lines, 1):
+            m = snake_case_var.match(line)
+            if m:
+                var_name = m.group(1)
+                snake_count += 1
+                if snake_count <= 3:
+                    findings.append(TrustIssue(
+                        analyzer=cls.name,
+                        category=IssueCategory.CONSISTENCY,
+                        severity=Severity.LOW,
+                        title=f"snake_case variable '{var_name}' in JS/TS",
+                        description="JavaScript/TypeScript convention is camelCase for variables.",
+                        file_path=rel_path,
+                        line_start=i,
+                        suggestion=f"Rename to '{cls._to_camel_case(var_name)}'.",
+                        code_snippet=line.strip()[:200],
+                    ))
+
+        return findings
+
+    @classmethod
+    def _check_js_import_style(cls, rel_path: str, lines: list[str]) -> list[TrustIssue]:
+        """Check for mixed require/import in JS/TS."""
+        findings: list[TrustIssue] = []
+        has_import = False
+        has_require = False
+
+        for line in lines:
+            stripped = line.strip()
+            if re.match(r'import\s+', stripped):
+                has_import = True
+            if re.search(r'require\s*\(', stripped):
+                has_require = True
+
+        if has_import and has_require:
+            findings.append(TrustIssue(
+                analyzer=cls.name,
+                category=IssueCategory.CONSISTENCY,
+                severity=Severity.LOW,
+                title="Mixed import and require() statements",
+                description="File uses both ES module imports and CommonJS require() -- pick one style.",
+                file_path=rel_path,
+                line_start=1,
+                suggestion="Use ES modules (import/export) consistently in modern JS/TS projects.",
+            ))
+
+        return findings
+
+    @classmethod
+    def _check_indentation(cls, rel_path: str, lines: list[str]) -> list[TrustIssue]:
+        """Check for mixed tabs and spaces."""
+        findings: list[TrustIssue] = []
+        has_tabs = False
+        has_spaces = False
+
+        for line in lines:
+            if line.startswith("\t"):
+                has_tabs = True
+            elif line.startswith("  "):
+                has_spaces = True
+
+        if has_tabs and has_spaces:
+            findings.append(TrustIssue(
+                analyzer=cls.name,
+                category=IssueCategory.CONSISTENCY,
+                severity=Severity.MEDIUM,
+                title="Mixed tabs and spaces for indentation",
+                description="File uses both tabs and spaces for indentation -- this causes subtle bugs.",
+                file_path=rel_path,
+                line_start=1,
+                suggestion="Configure your editor to use consistent indentation (spaces recommended).",
+            ))
+
+        return findings
+
+    @staticmethod
+    def _to_snake_case(name: str) -> str:
+        """Convert camelCase to snake_case."""
+        s = re.sub(r'([A-Z])', r'_\1', name).lower()
+        return s.lstrip("_")
+
+    @staticmethod
+    def _to_camel_case(name: str) -> str:
+        """Convert snake_case to camelCase."""
+        parts = name.split("_")
+        return parts[0] + "".join(p.capitalize() for p in parts[1:])