codedd-cli 0.1.1__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (48) hide show
  1. codedd_cli-0.1.1/LICENSE +21 -0
  2. codedd_cli-0.1.1/PKG-INFO +306 -0
  3. codedd_cli-0.1.1/README.md +270 -0
  4. codedd_cli-0.1.1/codedd_cli/__init__.py +3 -0
  5. codedd_cli-0.1.1/codedd_cli/__main__.py +19 -0
  6. codedd_cli-0.1.1/codedd_cli/api/__init__.py +4 -0
  7. codedd_cli-0.1.1/codedd_cli/api/client.py +120 -0
  8. codedd_cli-0.1.1/codedd_cli/api/endpoints.py +44 -0
  9. codedd_cli-0.1.1/codedd_cli/api/exceptions.py +24 -0
  10. codedd_cli-0.1.1/codedd_cli/auditor/__init__.py +6 -0
  11. codedd_cli-0.1.1/codedd_cli/auditor/architecture_analyzer.py +1251 -0
  12. codedd_cli-0.1.1/codedd_cli/auditor/architecture_prompts.py +173 -0
  13. codedd_cli-0.1.1/codedd_cli/auditor/complexity_analyzer.py +1739 -0
  14. codedd_cli-0.1.1/codedd_cli/auditor/dependency_scanner.py +2485 -0
  15. codedd_cli-0.1.1/codedd_cli/auditor/file_auditor.py +578 -0
  16. codedd_cli-0.1.1/codedd_cli/auditor/git_stats_collector.py +417 -0
  17. codedd_cli-0.1.1/codedd_cli/auditor/response_parser.py +484 -0
  18. codedd_cli-0.1.1/codedd_cli/auditor/vulnerability_validator.py +323 -0
  19. codedd_cli-0.1.1/codedd_cli/auth/__init__.py +4 -0
  20. codedd_cli-0.1.1/codedd_cli/auth/session.py +40 -0
  21. codedd_cli-0.1.1/codedd_cli/auth/token_manager.py +86 -0
  22. codedd_cli-0.1.1/codedd_cli/cli.py +69 -0
  23. codedd_cli-0.1.1/codedd_cli/commands/__init__.py +1 -0
  24. codedd_cli-0.1.1/codedd_cli/commands/audit_cmd.py +1987 -0
  25. codedd_cli-0.1.1/codedd_cli/commands/audits_cmd.py +276 -0
  26. codedd_cli-0.1.1/codedd_cli/commands/auth_cmd.py +235 -0
  27. codedd_cli-0.1.1/codedd_cli/commands/config_cmd.py +421 -0
  28. codedd_cli-0.1.1/codedd_cli/commands/scope_cmd.py +1016 -0
  29. codedd_cli-0.1.1/codedd_cli/config/__init__.py +4 -0
  30. codedd_cli-0.1.1/codedd_cli/config/constants.py +22 -0
  31. codedd_cli-0.1.1/codedd_cli/config/settings.py +389 -0
  32. codedd_cli-0.1.1/codedd_cli/llm/__init__.py +1 -0
  33. codedd_cli-0.1.1/codedd_cli/llm/key_manager.py +267 -0
  34. codedd_cli-0.1.1/codedd_cli/models/__init__.py +5 -0
  35. codedd_cli-0.1.1/codedd_cli/models/account.py +13 -0
  36. codedd_cli-0.1.1/codedd_cli/models/audit.py +31 -0
  37. codedd_cli-0.1.1/codedd_cli/models/local_directory.py +25 -0
  38. codedd_cli-0.1.1/codedd_cli/scanner/__init__.py +18 -0
  39. codedd_cli-0.1.1/codedd_cli/scanner/file_classifier.py +752 -0
  40. codedd_cli-0.1.1/codedd_cli/scanner/file_walker.py +213 -0
  41. codedd_cli-0.1.1/codedd_cli/scanner/line_counter.py +80 -0
  42. codedd_cli-0.1.1/codedd_cli/utils/__init__.py +1 -0
  43. codedd_cli-0.1.1/codedd_cli/utils/directory_validator.py +178 -0
  44. codedd_cli-0.1.1/codedd_cli/utils/display.py +497 -0
  45. codedd_cli-0.1.1/codedd_cli/utils/payload_inspector.py +178 -0
  46. codedd_cli-0.1.1/codedd_cli/utils/security.py +14 -0
  47. codedd_cli-0.1.1/codedd_cli/utils/validators.py +37 -0
  48. codedd_cli-0.1.1/pyproject.toml +60 -0
@@ -0,0 +1,21 @@
1
+ MIT License
2
+
3
+ Copyright (c) 2026 CodeDD Limited
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in all
13
+ copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21
+ SOFTWARE.
@@ -0,0 +1,306 @@
1
+ Metadata-Version: 2.4
2
+ Name: codedd-cli
3
+ Version: 0.1.1
4
+ Summary: CLI tool for CodeDD — run code audits from your terminal
5
+ License: MIT
6
+ License-File: LICENSE
7
+ Keywords: code-audit,security,cli,codedd
8
+ Author: CodeDD
9
+ Author-email: support@codedd.ai
10
+ Requires-Python: >=3.10,<4.0
11
+ Classifier: Development Status :: 3 - Alpha
12
+ Classifier: Environment :: Console
13
+ Classifier: Intended Audience :: Developers
14
+ Classifier: License :: OSI Approved :: MIT License
15
+ Classifier: Programming Language :: Python :: 3
16
+ Classifier: Programming Language :: Python :: 3.10
17
+ Classifier: Programming Language :: Python :: 3.11
18
+ Classifier: Programming Language :: Python :: 3.12
19
+ Classifier: Programming Language :: Python :: 3.13
20
+ Classifier: Programming Language :: Python :: 3.14
21
+ Classifier: Topic :: Security
22
+ Classifier: Topic :: Software Development :: Quality Assurance
23
+ Requires-Dist: defusedxml (>=0.7.1)
24
+ Requires-Dist: httpx (>=0.27.0)
25
+ Requires-Dist: keyring (>=25.0.0)
26
+ Requires-Dist: lizard (>=1.17.0)
27
+ Requires-Dist: radon (>=6.0.0)
28
+ Requires-Dist: rich (>=13.0.0)
29
+ Requires-Dist: tomli (>=2.0.0) ; python_version < "3.11"
30
+ Requires-Dist: tomli-w (>=1.0.0)
31
+ Requires-Dist: typer[all] (>=0.9.0)
32
+ Project-URL: Homepage, https://codedd.ai
33
+ Project-URL: Repository, https://gitlab.com/codedd1/codedd-cli
34
+ Description-Content-Type: text/markdown
35
+
36
+ # CodeDD CLI
37
+
38
+ **Run code audits from your terminal.** The CodeDD CLI lets you define scope locally, run file-level and complexity analysis on your machine (using your own LLM API keys), and sync results to [CodeDD](https://codedd.ai) for consolidation, recommendations, and dashboards.
39
+
40
+ ---
41
+
42
+ ## What is CodeDD CLI?
43
+
44
+ CodeDD CLI is the official command-line interface for the CodeDD platform. You:
45
+
46
+ - **Define scope** — Add one or more local Git repository roots to an audit.
47
+ - **Run analysis locally** — File audits (LLM-based) and complexity metrics run on your machine; only metadata and results are sent to CodeDD.
48
+ - **Sync to CodeDD** — Scope metadata, audit results, complexity data, dependencies, and architecture are submitted to CodeDD, where consolidation, dependency enrichment, security scoring, and recommendations run on the server.
49
+
50
+ Ideal for teams who want to keep source code local while still using CodeDD’s analytics, recommendations, and reporting.
51
+
52
+ ---
53
+
54
+ ## Features
55
+
56
+ - **Scope management** — Add/remove local directories, sync with CodeDD, detect changes and re-confirm scope (delta updates).
57
+ - **Local file auditing** — LLM-based file analysis using your Anthropic or OpenAI API keys; supports batching and progress feedback.
58
+ - **Complexity analysis** — Cyclomatic complexity and Halstead metrics (Radon/Lizard) run locally and are submitted to CodeDD.
59
+ - **Dependency scanning** — Local lockfile/manifest and import parsing; dependency data is sent to CodeDD for vulnerability and license analysis.
60
+ - **Architecture analysis** — Local component/relationship extraction with optional LLM enhancement; Phase 3 synthesis and storage on CodeDD.
61
+ - **Payment and budget** — Pre-flight checks, LoC budget deduction, or Stripe checkout when additional payment is required.
62
+ - **Secure auth** — CLI tokens stored in the OS credential store (Windows Credential Locker, macOS Keychain, Linux Secret Service).
63
+
64
+ ---
65
+
66
+ ## Installation
67
+
68
+ ### Requirements
69
+
70
+ - **Python 3.11+**
71
+ - A [CodeDD](https://codedd.ai) account and a CLI token (Account → CLI Access → Generate Token)
72
+
73
+ ### From source (development)
74
+
75
+ ```bash
76
+ git clone https://gitlab.com/codedd1/codedd-cli
77
+ cd codedd-cli
78
+ pip install -e .
79
+ ```
80
+
81
+ ### From PyPI (when available)
82
+
83
+ ```bash
84
+ pip install codedd-cli
85
+ ```
86
+
87
+ Verify:
88
+
89
+ ```bash
90
+ codedd --version
91
+ ```
92
+
93
+ ---
94
+
95
+ ## Quick start (recommended workflow)
96
+
97
+ ### 1. Authenticate once
98
+
99
+ Generate a CLI token at [codedd.ai](https://codedd.ai) (Account -> CLI Access), then:
100
+
101
+ ```bash
102
+ codedd auth login --token <your_token>
103
+ ```
104
+
105
+ Or run `codedd auth login` and paste the token when prompted.
106
+
107
+ Optional sanity check:
108
+
109
+ ```bash
110
+ codedd auth status
111
+ ```
112
+
113
+ ### 2. Select the active audit context
114
+
115
+ ```bash
116
+ codedd audits list
117
+ codedd audits select
118
+ ```
119
+
120
+ Choose a **group audit** (multiple repos) or a **single audit** (one repo). The selected audit becomes the active context used by all `scope` and `audit` commands.
121
+
122
+ ### 3. Define local scope
123
+
124
+ Add local paths that correspond to the repositories in that audit (each path must be a Git repository root with commits):
125
+
126
+ ```bash
127
+ codedd scope add /path/to/my-repo
128
+ codedd scope list
129
+ codedd scope confirm
130
+ ```
131
+
132
+ `scope confirm` performs a metadata scan (paths, file types, LoC) and registers scope with CodeDD.
133
+ If files change later, `codedd audit start` auto-checks sync and prompts for re-confirmation when needed.
134
+
135
+ ### 4. Configure LLM key(s)
136
+
137
+ Configure at least one provider key (used for local file-level auditing):
138
+
139
+ ```bash
140
+ codedd config set-key anthropic
141
+ # or: codedd config set-key openai
142
+ ```
143
+
144
+ Optional (recommended if both are configured):
145
+
146
+ ```bash
147
+ codedd config provider both
148
+ ```
149
+
150
+ ### 5. Start the audit
151
+
152
+ ```bash
153
+ codedd audit start
154
+ ```
155
+
156
+ The CLI will:
157
+
158
+ - Sync scope with CodeDD (and prompt to re-confirm if local files changed).
159
+ - Run pre-flight checks (payment, LoC budget).
160
+ - Optionally open payment in the browser or deduct from budget.
161
+ - Fetch the plan, run local analysis, submit structured results, and trigger server-side post-processing.
162
+
163
+ Results and recommendations are available in the CodeDD dashboard; you can also run `codedd audits list` to see status.
164
+
165
+ ---
166
+
167
+ ## Workflow overview
168
+
169
+ Use this exact order for a predictable run:
170
+
171
+ ```text
172
+ 1. codedd auth login
173
+ 2. codedd audits select
174
+ 3. codedd scope add <repo-path> [more paths...]
175
+ 4. codedd scope confirm
176
+ 5. codedd config set-key <anthropic|openai> # at least one
177
+ 6. codedd audit start
178
+ ```
179
+
180
+ What `codedd audit start` does, in order:
181
+
182
+ ```text
183
+ A. Auto-sync scope -> if changed, asks to re-confirm
184
+ B. Pre-flight on CodeDD -> checks status/payment/budget
185
+ C. Payment path -> budget deduction OR checkout flow
186
+ D. Local execution -> file audit (LLM), complexity, dependencies, git stats, architecture
187
+ E. Submission -> sends structured outputs to CodeDD
188
+ F. Completion -> triggers server-side consolidation/recommendations
189
+ ```
190
+
191
+ If you update files after confirming scope:
192
+
193
+ ```text
194
+ Run: codedd audit start
195
+ -> CLI detects drift
196
+ -> Re-confirm prompt appears
197
+ -> Continue with updated scope
198
+ ```
199
+
200
+ | Step | Where it runs | What happens |
201
+ |-------------------|---------------|--------------|
202
+ | Scope add/confirm | Local | Scan dirs, count files/LoC; register or delta-update scope on CodeDD. |
203
+ | Pre-flight | CodeDD | Check payment, budget, status. |
204
+ | File audit | Local | LLM (Anthropic/OpenAI) analyses each file; results sent to CodeDD. |
205
+ | Complexity | Local | Radon/Lizard; metrics sent to CodeDD. |
206
+ | Dependencies | Local + CodeDD| Lockfiles/imports scanned locally; package/vuln data stored and enriched on CodeDD. |
207
+ | Git statistics | Local + CodeDD| Commit/churn/collaboration metrics collected locally, then submitted. |
208
+ | Architecture | Local + CodeDD| Components/relations extracted locally; persisted and processed on CodeDD. |
209
+ | Recommendations | CodeDD | Consolidation, technical debt, security, licenses, etc. |
210
+
211
+ ---
212
+
213
+ ## Commands reference
214
+
215
+ ### Authentication
216
+
217
+ | Command | Description |
218
+ |--------|-------------|
219
+ | `codedd auth login` | Log in with a CLI token (prompt or `--token`) |
220
+ | `codedd auth logout` | Clear stored credentials |
221
+ | `codedd auth status` | Show current account and token state |
222
+
223
+ ### Audits
224
+
225
+ | Command | Description |
226
+ |--------|-------------|
227
+ | `codedd audits list` | List audits (`--type single\|group`, `--limit`, `--page`) |
228
+ | `codedd audits select [uuid]` | Set active audit (interactive if UUID omitted) |
229
+
230
+ ### Scope
231
+
232
+ | Command | Description |
233
+ |--------|-------------|
234
+ | `codedd scope add <path> [path ...]` | Add Git repository root(s) to the active audit’s scope |
235
+ | `codedd scope remove <n>` | Remove directory by list number |
236
+ | `codedd scope list` | List directories in scope |
237
+ | `codedd scope clear` | Remove all directories from scope |
238
+ | `codedd scope status` | Show scope and sync state per directory |
239
+ | `codedd scope confirm` | Scan, preview, and register scope with CodeDD |
240
+ | `codedd scope sync` | Compare local vs CodeDD and show changes |
241
+
242
+ ### Audit execution
243
+
244
+ | Command | Description |
245
+ |--------|-------------|
246
+ | `codedd audit start` | Sync scope (if needed), pre-flight, pay/budget, then run full local audit and submit to CodeDD. Use `--skip-sync` to skip scope sync; `--yes` to auto-confirm; `--show` for one-shot transparency summary; `--show-interactive` for per-request confirmations (debug); `--show-force-interactive` to override large-audit guardrails; `--debug-llm` for LLM debug output. |
247
+
248
+ ### Configuration
249
+
250
+ | Command | Description |
251
+ |--------|-------------|
252
+ | `codedd config show` | Show current config (API URL, active audit, scope, etc.) |
253
+ | `codedd config set <key> <value>` | Set a config value |
254
+ | `codedd config set-key [anthropic\|openai]` | Store an LLM API key in the OS keychain |
255
+ | `codedd config show-keys` | List which providers have keys configured (not the keys themselves) |
256
+ | `codedd config remove-key <anthropic\|openai>` | Remove a stored LLM API key from keychain |
257
+ | `codedd config provider [anthropic\|openai\|both]` | Set preferred LLM provider |
258
+ | `codedd config concurrency <n>` | Set max concurrent LLM requests (default 6) |
259
+
260
+ ---
261
+
262
+ ## Configuration
263
+
264
+ - **Config file:** `~/.codedd/config.toml` (TOML). Stores API URL, active audit, scope directories, LLM provider, concurrency. Permissions are restricted to the owner (Unix).
265
+ - **Secrets:** The CLI token and LLM API keys are stored in the system keychain (Windows Credential Locker, macOS Keychain, Linux Secret Service), not in the config file.
266
+
267
+ ### Environment variables
268
+
269
+ | Variable | Purpose |
270
+ |---------|---------|
271
+ | `CODEDD_API_TOKEN` | Override the stored CLI token (e.g. for CI) |
272
+
273
+
274
+ ---
275
+
276
+ ## Security
277
+
278
+ - CLI tokens and LLM keys are stored in the OS credential store, not in plaintext on disk.
279
+ - TLS certificate verification is always enabled for API requests.
280
+ - Config file and `~/.codedd` directory use owner-only permissions where supported.
281
+ - Tokens expire after 90 days (server-configurable); re-generate from the CodeDD dashboard when needed.
282
+
283
+ ---
284
+
285
+ ## Development
286
+
287
+ ```bash
288
+ pip install -e .
289
+ pip install pytest pytest-httpx pytest-mock ruff
290
+ pytest
291
+ ruff check .
292
+ ```
293
+
294
+ ---
295
+
296
+ ## License
297
+
298
+ MIT License — see [LICENSE](LICENSE).
299
+
300
+ ---
301
+
302
+ ## Support
303
+
304
+ - **Issues:** [GitLab Issues](https://gitlab.com/codedd1/codedd-cli/-/work_items)
305
+ - **Product:** [CodeDD](https://codedd.ai)
306
+
@@ -0,0 +1,270 @@
1
+ # CodeDD CLI
2
+
3
+ **Run code audits from your terminal.** The CodeDD CLI lets you define scope locally, run file-level and complexity analysis on your machine (using your own LLM API keys), and sync results to [CodeDD](https://codedd.ai) for consolidation, recommendations, and dashboards.
4
+
5
+ ---
6
+
7
+ ## What is CodeDD CLI?
8
+
9
+ CodeDD CLI is the official command-line interface for the CodeDD platform. You:
10
+
11
+ - **Define scope** — Add one or more local Git repository roots to an audit.
12
+ - **Run analysis locally** — File audits (LLM-based) and complexity metrics run on your machine; only metadata and results are sent to CodeDD.
13
+ - **Sync to CodeDD** — Scope metadata, audit results, complexity data, dependencies, and architecture are submitted to CodeDD, where consolidation, dependency enrichment, security scoring, and recommendations run on the server.
14
+
15
+ Ideal for teams who want to keep source code local while still using CodeDD’s analytics, recommendations, and reporting.
16
+
17
+ ---
18
+
19
+ ## Features
20
+
21
+ - **Scope management** — Add/remove local directories, sync with CodeDD, detect changes and re-confirm scope (delta updates).
22
+ - **Local file auditing** — LLM-based file analysis using your Anthropic or OpenAI API keys; supports batching and progress feedback.
23
+ - **Complexity analysis** — Cyclomatic complexity and Halstead metrics (Radon/Lizard) run locally and are submitted to CodeDD.
24
+ - **Dependency scanning** — Local lockfile/manifest and import parsing; dependency data is sent to CodeDD for vulnerability and license analysis.
25
+ - **Architecture analysis** — Local component/relationship extraction with optional LLM enhancement; Phase 3 synthesis and storage on CodeDD.
26
+ - **Payment and budget** — Pre-flight checks, LoC budget deduction, or Stripe checkout when additional payment is required.
27
+ - **Secure auth** — CLI tokens stored in the OS credential store (Windows Credential Locker, macOS Keychain, Linux Secret Service).
28
+
29
+ ---
30
+
31
+ ## Installation
32
+
33
+ ### Requirements
34
+
35
+ - **Python 3.11+**
36
+ - A [CodeDD](https://codedd.ai) account and a CLI token (Account → CLI Access → Generate Token)
37
+
38
+ ### From source (development)
39
+
40
+ ```bash
41
+ git clone https://gitlab.com/codedd1/codedd-cli
42
+ cd codedd-cli
43
+ pip install -e .
44
+ ```
45
+
46
+ ### From PyPI (when available)
47
+
48
+ ```bash
49
+ pip install codedd-cli
50
+ ```
51
+
52
+ Verify:
53
+
54
+ ```bash
55
+ codedd --version
56
+ ```
57
+
58
+ ---
59
+
60
+ ## Quick start (recommended workflow)
61
+
62
+ ### 1. Authenticate once
63
+
64
+ Generate a CLI token at [codedd.ai](https://codedd.ai) (Account -> CLI Access), then:
65
+
66
+ ```bash
67
+ codedd auth login --token <your_token>
68
+ ```
69
+
70
+ Or run `codedd auth login` and paste the token when prompted.
71
+
72
+ Optional sanity check:
73
+
74
+ ```bash
75
+ codedd auth status
76
+ ```
77
+
78
+ ### 2. Select the active audit context
79
+
80
+ ```bash
81
+ codedd audits list
82
+ codedd audits select
83
+ ```
84
+
85
+ Choose a **group audit** (multiple repos) or a **single audit** (one repo). The selected audit becomes the active context used by all `scope` and `audit` commands.
86
+
87
+ ### 3. Define local scope
88
+
89
+ Add local paths that correspond to the repositories in that audit (each path must be a Git repository root with commits):
90
+
91
+ ```bash
92
+ codedd scope add /path/to/my-repo
93
+ codedd scope list
94
+ codedd scope confirm
95
+ ```
96
+
97
+ `scope confirm` performs a metadata scan (paths, file types, LoC) and registers scope with CodeDD.
98
+ If files change later, `codedd audit start` auto-checks sync and prompts for re-confirmation when needed.
99
+
100
+ ### 4. Configure LLM key(s)
101
+
102
+ Configure at least one provider key (used for local file-level auditing):
103
+
104
+ ```bash
105
+ codedd config set-key anthropic
106
+ # or: codedd config set-key openai
107
+ ```
108
+
109
+ Optional (recommended if both are configured):
110
+
111
+ ```bash
112
+ codedd config provider both
113
+ ```
114
+
115
+ ### 5. Start the audit
116
+
117
+ ```bash
118
+ codedd audit start
119
+ ```
120
+
121
+ The CLI will:
122
+
123
+ - Sync scope with CodeDD (and prompt to re-confirm if local files changed).
124
+ - Run pre-flight checks (payment, LoC budget).
125
+ - Optionally open payment in the browser or deduct from budget.
126
+ - Fetch the plan, run local analysis, submit structured results, and trigger server-side post-processing.
127
+
128
+ Results and recommendations are available in the CodeDD dashboard; you can also run `codedd audits list` to see status.
129
+
130
+ ---
131
+
132
+ ## Workflow overview
133
+
134
+ Use this exact order for a predictable run:
135
+
136
+ ```text
137
+ 1. codedd auth login
138
+ 2. codedd audits select
139
+ 3. codedd scope add <repo-path> [more paths...]
140
+ 4. codedd scope confirm
141
+ 5. codedd config set-key <anthropic|openai> # at least one
142
+ 6. codedd audit start
143
+ ```
144
+
145
+ What `codedd audit start` does, in order:
146
+
147
+ ```text
148
+ A. Auto-sync scope -> if changed, asks to re-confirm
149
+ B. Pre-flight on CodeDD -> checks status/payment/budget
150
+ C. Payment path -> budget deduction OR checkout flow
151
+ D. Local execution -> file audit (LLM), complexity, dependencies, git stats, architecture
152
+ E. Submission -> sends structured outputs to CodeDD
153
+ F. Completion -> triggers server-side consolidation/recommendations
154
+ ```
155
+
156
+ If you update files after confirming scope:
157
+
158
+ ```text
159
+ Run: codedd audit start
160
+ -> CLI detects drift
161
+ -> Re-confirm prompt appears
162
+ -> Continue with updated scope
163
+ ```
164
+
165
+ | Step | Where it runs | What happens |
166
+ |-------------------|---------------|--------------|
167
+ | Scope add/confirm | Local | Scan dirs, count files/LoC; register or delta-update scope on CodeDD. |
168
+ | Pre-flight | CodeDD | Check payment, budget, status. |
169
+ | File audit | Local | LLM (Anthropic/OpenAI) analyses each file; results sent to CodeDD. |
170
+ | Complexity | Local | Radon/Lizard; metrics sent to CodeDD. |
171
+ | Dependencies | Local + CodeDD| Lockfiles/imports scanned locally; package/vuln data stored and enriched on CodeDD. |
172
+ | Git statistics | Local + CodeDD| Commit/churn/collaboration metrics collected locally, then submitted. |
173
+ | Architecture | Local + CodeDD| Components/relations extracted locally; persisted and processed on CodeDD. |
174
+ | Recommendations | CodeDD | Consolidation, technical debt, security, licenses, etc. |
175
+
176
+ ---
177
+
178
+ ## Commands reference
179
+
180
+ ### Authentication
181
+
182
+ | Command | Description |
183
+ |--------|-------------|
184
+ | `codedd auth login` | Log in with a CLI token (prompt or `--token`) |
185
+ | `codedd auth logout` | Clear stored credentials |
186
+ | `codedd auth status` | Show current account and token state |
187
+
188
+ ### Audits
189
+
190
+ | Command | Description |
191
+ |--------|-------------|
192
+ | `codedd audits list` | List audits (`--type single\|group`, `--limit`, `--page`) |
193
+ | `codedd audits select [uuid]` | Set active audit (interactive if UUID omitted) |
194
+
195
+ ### Scope
196
+
197
+ | Command | Description |
198
+ |--------|-------------|
199
+ | `codedd scope add <path> [path ...]` | Add Git repository root(s) to the active audit’s scope |
200
+ | `codedd scope remove <n>` | Remove directory by list number |
201
+ | `codedd scope list` | List directories in scope |
202
+ | `codedd scope clear` | Remove all directories from scope |
203
+ | `codedd scope status` | Show scope and sync state per directory |
204
+ | `codedd scope confirm` | Scan, preview, and register scope with CodeDD |
205
+ | `codedd scope sync` | Compare local vs CodeDD and show changes |
206
+
207
+ ### Audit execution
208
+
209
+ | Command | Description |
210
+ |--------|-------------|
211
+ | `codedd audit start` | Sync scope (if needed), pre-flight, pay/budget, then run full local audit and submit to CodeDD. Use `--skip-sync` to skip scope sync; `--yes` to auto-confirm; `--show` for one-shot transparency summary; `--show-interactive` for per-request confirmations (debug); `--show-force-interactive` to override large-audit guardrails; `--debug-llm` for LLM debug output. |
212
+
213
+ ### Configuration
214
+
215
+ | Command | Description |
216
+ |--------|-------------|
217
+ | `codedd config show` | Show current config (API URL, active audit, scope, etc.) |
218
+ | `codedd config set <key> <value>` | Set a config value |
219
+ | `codedd config set-key [anthropic\|openai]` | Store an LLM API key in the OS keychain |
220
+ | `codedd config show-keys` | List which providers have keys configured (not the keys themselves) |
221
+ | `codedd config remove-key <anthropic\|openai>` | Remove a stored LLM API key from keychain |
222
+ | `codedd config provider [anthropic\|openai\|both]` | Set preferred LLM provider |
223
+ | `codedd config concurrency <n>` | Set max concurrent LLM requests (default 6) |
224
+
225
+ ---
226
+
227
+ ## Configuration
228
+
229
+ - **Config file:** `~/.codedd/config.toml` (TOML). Stores API URL, active audit, scope directories, LLM provider, concurrency. Permissions are restricted to the owner (Unix).
230
+ - **Secrets:** The CLI token and LLM API keys are stored in the system keychain (Windows Credential Locker, macOS Keychain, Linux Secret Service), not in the config file.
231
+
232
+ ### Environment variables
233
+
234
+ | Variable | Purpose |
235
+ |---------|---------|
236
+ | `CODEDD_API_TOKEN` | Override the stored CLI token (e.g. for CI) |
237
+
238
+
239
+ ---
240
+
241
+ ## Security
242
+
243
+ - CLI tokens and LLM keys are stored in the OS credential store, not in plaintext on disk.
244
+ - TLS certificate verification is always enabled for API requests.
245
+ - Config file and `~/.codedd` directory use owner-only permissions where supported.
246
+ - Tokens expire after 90 days (server-configurable); re-generate from the CodeDD dashboard when needed.
247
+
248
+ ---
249
+
250
+ ## Development
251
+
252
+ ```bash
253
+ pip install -e .
254
+ pip install pytest pytest-httpx pytest-mock ruff
255
+ pytest
256
+ ruff check .
257
+ ```
258
+
259
+ ---
260
+
261
+ ## License
262
+
263
+ MIT License — see [LICENSE](LICENSE).
264
+
265
+ ---
266
+
267
+ ## Support
268
+
269
+ - **Issues:** [GitLab Issues](https://gitlab.com/codedd1/codedd-cli/-/work_items)
270
+ - **Product:** [CodeDD](https://codedd.ai)
@@ -0,0 +1,3 @@
1
+ """CodeDD CLI — run code audits from your terminal."""
2
+
3
+ __version__ = "0.1.1"
@@ -0,0 +1,19 @@
1
+ """Allow running via ``python -m codedd_cli``."""
2
+
3
+ import sys
4
+
5
+ from codedd_cli.api.exceptions import CodeDDConnectionError
6
+ from codedd_cli.cli import app
7
+ from codedd_cli.utils.display import print_error
8
+
9
+
10
+ def main() -> None:
11
+ try:
12
+ app()
13
+ except CodeDDConnectionError as e:
14
+ print_error(str(e))
15
+ sys.exit(1)
16
+
17
+
18
+ if __name__ == "__main__":
19
+ main()
@@ -0,0 +1,4 @@
1
+ from codedd_cli.api.client import CodeDDClient
2
+ from codedd_cli.api.endpoints import Endpoints
3
+
4
+ __all__ = ["CodeDDClient", "Endpoints"]