codejury 1.0.0__tar.gz → 1.1.0__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {codejury-1.0.0 → codejury-1.1.0}/PKG-INFO +79 -25
- {codejury-1.0.0 → codejury-1.1.0}/README.md +73 -24
- {codejury-1.0.0 → codejury-1.1.0}/codejury/cli.py +205 -49
- {codejury-1.0.0 → codejury-1.1.0}/codejury/detection.py +6 -3
- codejury-1.1.0/codejury/domains/__init__.py +9 -0
- codejury-1.1.0/codejury/domains/base.py +153 -0
- codejury-1.1.0/codejury/domains/evm/__init__.py +74 -0
- codejury-1.1.0/codejury/domains/evm/detection.yaml +13 -0
- codejury-1.1.0/codejury/domains/evm/facts/__init__.py +5 -0
- codejury-1.1.0/codejury/domains/evm/facts/call_path.py +93 -0
- codejury-1.1.0/codejury/domains/evm/facts/slither.py +151 -0
- codejury-1.1.0/codejury/domains/evm/knowledge/guides/languages/solidity.md +52 -0
- codejury-1.1.0/codejury/domains/evm/knowledge/index.md +32 -0
- codejury-1.1.0/codejury/domains/evm/knowledge/vulnerabilities/access-control.md +40 -0
- codejury-1.1.0/codejury/domains/evm/knowledge/vulnerabilities/accounting-precision.md +35 -0
- codejury-1.1.0/codejury/domains/evm/knowledge/vulnerabilities/denial-of-service.md +37 -0
- codejury-1.1.0/codejury/domains/evm/knowledge/vulnerabilities/oracle-price-manipulation.md +34 -0
- codejury-1.1.0/codejury/domains/evm/knowledge/vulnerabilities/proxy-delegatecall.md +41 -0
- codejury-1.1.0/codejury/domains/evm/knowledge/vulnerabilities/reentrancy.md +38 -0
- codejury-1.1.0/codejury/domains/evm/knowledge/vulnerabilities/signature-replay.md +37 -0
- codejury-1.1.0/codejury/domains/evm/knowledge/vulnerabilities/unchecked-low-level-call.md +35 -0
- codejury-1.1.0/codejury/domains/evm/playbook/false-positive-traps.md +82 -0
- codejury-1.1.0/codejury/domains/evm/playbook/methodology.md +160 -0
- codejury-1.1.0/codejury/domains/evm/playbook/severity-rubric.md +48 -0
- codejury-1.1.0/codejury/domains/evm/playbook/slash-command.md +92 -0
- codejury-1.1.0/codejury/domains/evm/playbook/unit-review.md +109 -0
- codejury-1.1.0/codejury/domains/evm/poc.py +41 -0
- codejury-1.1.0/codejury/domains/registry.py +56 -0
- codejury-1.1.0/codejury/domains/web/__init__.py +57 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/guides/languages/python.md +0 -2
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/guides/protocols/oauth.md +1 -1
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/cross-site-request-forgery.md +14 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/server-side-request-forgery.md +2 -2
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/playbook/false-positive-traps.md +4 -4
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/playbook/methodology.md +7 -5
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/playbook/slash-command.md +14 -8
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/playbook/unit-review.md +14 -7
- {codejury-1.0.0 → codejury-1.1.0}/codejury/guides.py +2 -0
- {codejury-1.0.0 → codejury-1.1.0}/codejury/providers/anthropic.py +43 -9
- codejury-1.1.0/codejury/providers/factory.py +59 -0
- {codejury-1.0.0 → codejury-1.1.0}/codejury/providers/litellm.py +7 -3
- codejury-1.1.0/codejury/providers/openai.py +86 -0
- codejury-1.1.0/codejury/providers/retry.py +155 -0
- codejury-1.1.0/codejury/resources.py +29 -0
- {codejury-1.0.0 → codejury-1.1.0}/codejury/review/diff/adversarial.py +24 -7
- codejury-1.0.0/codejury/review/diff/engine.py → codejury-1.1.0/codejury/review/diff/audit.py +27 -11
- codejury-1.0.0/codejury/review/diff/runner.py → codejury-1.1.0/codejury/review/diff/engine.py +11 -3
- {codejury-1.0.0 → codejury-1.1.0}/codejury/review/diff/prompts.py +17 -34
- {codejury-1.0.0 → codejury-1.1.0}/codejury/review/diff/vulnerabilities.py +30 -1
- {codejury-1.0.0 → codejury-1.1.0}/codejury/review/repo/agent.py +12 -11
- codejury-1.1.0/codejury/review/repo/engine.py +703 -0
- {codejury-1.0.0 → codejury-1.1.0}/codejury/review/repo/gate.py +5 -5
- {codejury-1.0.0 → codejury-1.1.0}/codejury/review/repo/model.py +9 -10
- codejury-1.1.0/codejury/review/repo/pass_loop.py +103 -0
- {codejury-1.0.0 → codejury-1.1.0}/codejury/review/repo/paths.py +1 -1
- {codejury-1.0.0 → codejury-1.1.0}/codejury/review/repo/reviewer.py +55 -53
- {codejury-1.0.0 → codejury-1.1.0}/codejury/review/repo/scaffold.py +145 -35
- codejury-1.1.0/codejury/review/repo/severity.py +36 -0
- codejury-1.1.0/codejury/review/repo/shapes.py +106 -0
- {codejury-1.0.0 → codejury-1.1.0}/codejury/review/repo/union.py +63 -19
- codejury-1.1.0/codejury/review/repo/verifier.py +355 -0
- {codejury-1.0.0 → codejury-1.1.0}/codejury.egg-info/PKG-INFO +79 -25
- codejury-1.1.0/codejury.egg-info/SOURCES.txt +147 -0
- {codejury-1.0.0 → codejury-1.1.0}/codejury.egg-info/requires.txt +4 -0
- {codejury-1.0.0 → codejury-1.1.0}/pyproject.toml +6 -2
- codejury-1.1.0/tests/test_anthropic_provider.py +108 -0
- codejury-1.0.0/tests/test_openai_format.py → codejury-1.1.0/tests/test_chat_format.py +1 -1
- {codejury-1.0.0 → codejury-1.1.0}/tests/test_cli.py +62 -11
- {codejury-1.0.0 → codejury-1.1.0}/tests/test_diff_adversarial.py +9 -6
- codejury-1.0.0/tests/test_diff_engine.py → codejury-1.1.0/tests/test_diff_audit.py +6 -6
- codejury-1.1.0/tests/test_domains.py +251 -0
- codejury-1.1.0/tests/test_evals.py +497 -0
- {codejury-1.0.0 → codejury-1.1.0}/tests/test_guides.py +1 -1
- codejury-1.1.0/tests/test_json_parse.py +79 -0
- {codejury-1.0.0 → codejury-1.1.0}/tests/test_litellm_provider.py +32 -1
- codejury-1.1.0/tests/test_openai_provider.py +108 -0
- codejury-1.1.0/tests/test_provider_factory.py +31 -0
- {codejury-1.0.0 → codejury-1.1.0}/tests/test_repo_agent.py +1 -1
- codejury-1.1.0/tests/test_repo_engine.py +510 -0
- {codejury-1.0.0 → codejury-1.1.0}/tests/test_repo_gate.py +6 -5
- {codejury-1.0.0 → codejury-1.1.0}/tests/test_repo_pass_loop.py +89 -1
- codejury-1.1.0/tests/test_repo_paths.py +42 -0
- codejury-1.1.0/tests/test_repo_scaffold.py +352 -0
- codejury-1.1.0/tests/test_repo_severity.py +23 -0
- codejury-1.1.0/tests/test_repo_union.py +281 -0
- codejury-1.1.0/tests/test_repo_verifier.py +193 -0
- codejury-1.1.0/tests/test_retry_provider.py +191 -0
- {codejury-1.0.0 → codejury-1.1.0}/tests/test_vulnerabilities.py +31 -0
- codejury-1.0.0/codejury/providers/factory.py +0 -33
- codejury-1.0.0/codejury/providers/openai.py +0 -59
- codejury-1.0.0/codejury/providers/retry.py +0 -64
- codejury-1.0.0/codejury/resources.py +0 -28
- codejury-1.0.0/codejury/review/repo/engine.py +0 -393
- codejury-1.0.0/codejury/review/repo/pass_loop.py +0 -80
- codejury-1.0.0/codejury/review/repo/severity.py +0 -68
- codejury-1.0.0/codejury/review/repo/verifier.py +0 -148
- codejury-1.0.0/codejury.egg-info/SOURCES.txt +0 -117
- codejury-1.0.0/tests/test_anthropic_provider.py +0 -54
- codejury-1.0.0/tests/test_json_parse.py +0 -41
- codejury-1.0.0/tests/test_openai_provider.py +0 -43
- codejury-1.0.0/tests/test_repo_engine.py +0 -293
- codejury-1.0.0/tests/test_repo_scaffold.py +0 -179
- codejury-1.0.0/tests/test_repo_severity.py +0 -37
- codejury-1.0.0/tests/test_repo_union.py +0 -104
- codejury-1.0.0/tests/test_repo_verifier.py +0 -95
- codejury-1.0.0/tests/test_retry_provider.py +0 -76
- {codejury-1.0.0 → codejury-1.1.0}/LICENSE +0 -0
- {codejury-1.0.0 → codejury-1.1.0}/codejury/__init__.py +0 -0
- {codejury-1.0.0 → codejury-1.1.0}/codejury/__main__.py +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/detection.yaml +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/guides/frameworks/go/echo.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/guides/frameworks/go/gin.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/guides/frameworks/javascript/express.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/guides/frameworks/javascript/nestjs.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/guides/frameworks/python/celery.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/guides/frameworks/python/django.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/guides/frameworks/python/fastapi.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/guides/frameworks/python/flask.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/guides/languages/go.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/guides/languages/javascript.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/guides/languages/typescript.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/index.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/business-logic.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/code-injection.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/command-injection.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/cross-site-scripting.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/hardcoded-secrets.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/http-response-splitting.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/improper-authentication.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/information-exposure.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/insecure-cryptography.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/insecure-deserialization.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/insecure-direct-object-reference.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/insecure-session-management.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/insecure-transport.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/jwt-validation.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/mass-assignment.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/missing-authorization.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/open-redirect.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/path-traversal.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/race-condition.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/replay-attack.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/server-side-template-injection.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/sql-injection.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/xml-external-entity.md +0 -0
- {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/playbook/severity-rubric.md +0 -0
- {codejury-1.0.0 → codejury-1.1.0}/codejury/finding.py +0 -0
- {codejury-1.0.0 → codejury-1.1.0}/codejury/json_parse.py +0 -0
- {codejury-1.0.0 → codejury-1.1.0}/codejury/markdown_docs.py +0 -0
- {codejury-1.0.0 → codejury-1.1.0}/codejury/providers/__init__.py +0 -0
- {codejury-1.0.0 → codejury-1.1.0}/codejury/providers/base.py +0 -0
- /codejury-1.0.0/codejury/providers/openai_format.py → /codejury-1.1.0/codejury/providers/chat_format.py +0 -0
- {codejury-1.0.0 → codejury-1.1.0}/codejury/providers/mock.py +0 -0
- {codejury-1.0.0 → codejury-1.1.0}/codejury/report.py +0 -0
- {codejury-1.0.0 → codejury-1.1.0}/codejury/review/__init__.py +0 -0
- {codejury-1.0.0 → codejury-1.1.0}/codejury/review/diff/__init__.py +0 -0
- {codejury-1.0.0 → codejury-1.1.0}/codejury/review/diff/filter.py +0 -0
- {codejury-1.0.0 → codejury-1.1.0}/codejury/review/repo/__init__.py +0 -0
- {codejury-1.0.0 → codejury-1.1.0}/codejury/severity.py +0 -0
- {codejury-1.0.0 → codejury-1.1.0}/codejury.egg-info/dependency_links.txt +0 -0
- {codejury-1.0.0 → codejury-1.1.0}/codejury.egg-info/entry_points.txt +0 -0
- {codejury-1.0.0 → codejury-1.1.0}/codejury.egg-info/top_level.txt +0 -0
- {codejury-1.0.0 → codejury-1.1.0}/setup.cfg +0 -0
- {codejury-1.0.0 → codejury-1.1.0}/tests/test_detection.py +0 -0
- {codejury-1.0.0 → codejury-1.1.0}/tests/test_markdown_docs.py +0 -0
- {codejury-1.0.0 → codejury-1.1.0}/tests/test_repo_model.py +0 -0
- {codejury-1.0.0 → codejury-1.1.0}/tests/test_report.py +0 -0
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: codejury
|
|
3
|
-
Version: 1.
|
|
3
|
+
Version: 1.1.0
|
|
4
4
|
Summary: AI-assisted security review for code diffs and whole repositories.
|
|
5
5
|
Author: AISecLabs
|
|
6
6
|
License-Expression: MIT
|
|
@@ -14,6 +14,8 @@ Classifier: Intended Audience :: Developers
|
|
|
14
14
|
Classifier: Topic :: Security
|
|
15
15
|
Classifier: Topic :: Software Development :: Quality Assurance
|
|
16
16
|
Classifier: Programming Language :: Python :: 3.12
|
|
17
|
+
Classifier: Programming Language :: Python :: 3.13
|
|
18
|
+
Classifier: Programming Language :: Python :: 3.14
|
|
17
19
|
Classifier: Operating System :: OS Independent
|
|
18
20
|
Requires-Python: >=3.12
|
|
19
21
|
Description-Content-Type: text/markdown
|
|
@@ -30,12 +32,15 @@ Provides-Extra: all
|
|
|
30
32
|
Requires-Dist: anthropic>=0.40; extra == "all"
|
|
31
33
|
Requires-Dist: openai>=1.0; extra == "all"
|
|
32
34
|
Requires-Dist: litellm>=1.0; extra == "all"
|
|
35
|
+
Provides-Extra: evm
|
|
36
|
+
Requires-Dist: slither-analyzer>=0.10; extra == "evm"
|
|
37
|
+
Requires-Dist: web3>=6.0; extra == "evm"
|
|
33
38
|
Provides-Extra: dev
|
|
34
39
|
Requires-Dist: pytest>=8.0; extra == "dev"
|
|
35
40
|
Requires-Dist: jsonschema>=4.0; extra == "dev"
|
|
36
41
|
Dynamic: license-file
|
|
37
42
|
|
|
38
|
-
```
|
|
43
|
+
```text
|
|
39
44
|
██████╗ ██████╗ ██████╗ ███████╗ ██╗██╗ ██╗██████╗ ██╗ ██╗
|
|
40
45
|
██╔════╝██╔═══██╗██╔══██╗██╔════╝ ██║██║ ██║██╔══██╗╚██╗ ██╔╝
|
|
41
46
|
██║ ██║ ██║██║ ██║█████╗ ██║██║ ██║██████╔╝ ╚████╔╝
|
|
@@ -44,6 +49,11 @@ Dynamic: license-file
|
|
|
44
49
|
╚═════╝ ╚═════╝ ╚═════╝ ╚══════╝ ╚════╝ ╚═════╝ ╚═╝ ╚═╝ ╚═╝
|
|
45
50
|
```
|
|
46
51
|
|
|
52
|
+
[](https://github.com/aiseclabs/codejury/actions/workflows/test.yml)
|
|
53
|
+
[](https://pypi.org/project/codejury/)
|
|
54
|
+
[](https://pypi.org/project/codejury/)
|
|
55
|
+
[](https://github.com/aiseclabs/codejury/blob/main/LICENSE)
|
|
56
|
+
|
|
47
57
|
AI-assisted security review for code diffs and whole repositories.
|
|
48
58
|
|
|
49
59
|
The tool has two review paths:
|
|
@@ -53,8 +63,10 @@ The tool has two review paths:
|
|
|
53
63
|
candidates, verifies findings, and checks coverage with a gate.
|
|
54
64
|
|
|
55
65
|
Security knowledge is data. Vulnerability classes, language guides, framework guides, and
|
|
56
|
-
protocol guides live in markdown under
|
|
57
|
-
|
|
66
|
+
protocol guides live in markdown under each review domain's `knowledge/` directory, for
|
|
67
|
+
example `codejury/domains/web/knowledge/`, so adding a stack or class is usually a data
|
|
68
|
+
change rather than a Python code change. The `web` domain is the default and `evm` reviews
|
|
69
|
+
Solidity smart contracts, selected with `--domain` or detected automatically.
|
|
58
70
|
|
|
59
71
|
## Install
|
|
60
72
|
|
|
@@ -75,16 +87,31 @@ codejury install-slash-command --agent codex # Codex
|
|
|
75
87
|
`install-slash-command` copies `/codejury-review-repo` into the selected agent's command
|
|
76
88
|
directory. Pass `--dir` to install it somewhere else.
|
|
77
89
|
|
|
78
|
-
## Configure
|
|
90
|
+
## Configure a Model Backend
|
|
79
91
|
|
|
80
92
|
Set a provider key through flags or environment variables:
|
|
81
93
|
|
|
82
94
|
```bash
|
|
83
95
|
export CODEJURY_API_KEY=...
|
|
84
|
-
export CODEJURY_MODEL=claude-
|
|
96
|
+
export CODEJURY_MODEL=claude-opus-4-8
|
|
85
97
|
export CODEJURY_API_BASE=... # optional gateway or proxy
|
|
86
98
|
```
|
|
87
99
|
|
|
100
|
+
Repo Review uses a second, deliberately different model for two roles at once. On the recall
|
|
101
|
+
side it finds alongside the main model, so the union takes whatever either catches and a
|
|
102
|
+
single model's blind spot no longer caps recall. On the precision side it must agree before a
|
|
103
|
+
candidate is refuted, so a deletion needs two models with uncorrelated blind spots and no lone
|
|
104
|
+
skeptic drops a real finding. Point it at a cross-vendor model. With none set, both models
|
|
105
|
+
collapse to one, the finder is single-model and the verify stage keeps every candidate, the
|
|
106
|
+
recall-safe default.
|
|
107
|
+
|
|
108
|
+
```bash
|
|
109
|
+
export CODEJURY_CHECKER_PROVIDER=openai # default
|
|
110
|
+
export CODEJURY_CHECKER_MODEL=... # a different model from CODEJURY_MODEL
|
|
111
|
+
export CODEJURY_CHECKER_API_KEY=...
|
|
112
|
+
export CODEJURY_CHECKER_API_BASE=... # optional
|
|
113
|
+
```
|
|
114
|
+
|
|
88
115
|
The tool does not auto-load `.env`.
|
|
89
116
|
|
|
90
117
|
Useful flags:
|
|
@@ -122,19 +149,19 @@ Diff Review is the fast coded path. It audits a unified diff with either a stand
|
|
|
122
149
|
single model call or an adversarial Finder, Challenger, and Judge pass.
|
|
123
150
|
|
|
124
151
|
```bash
|
|
125
|
-
#
|
|
152
|
+
# review a diff file
|
|
126
153
|
codejury review diff --file changes.diff
|
|
127
154
|
|
|
128
|
-
#
|
|
155
|
+
# review a git range
|
|
129
156
|
codejury review diff --repo /path/to/app --git-range origin/main...HEAD
|
|
130
157
|
|
|
131
|
-
#
|
|
158
|
+
# review stdin
|
|
132
159
|
git diff HEAD~1 | codejury review diff
|
|
133
160
|
|
|
134
|
-
#
|
|
161
|
+
# use adversarial mode for extra recall on subtle cross-file logic
|
|
135
162
|
codejury review diff --file changes.diff --mode adversarial
|
|
136
163
|
|
|
137
|
-
#
|
|
164
|
+
# emit SARIF and fail on HIGH or CRITICAL findings
|
|
138
165
|
codejury review diff --file changes.diff --format sarif --fail-on high
|
|
139
166
|
```
|
|
140
167
|
|
|
@@ -156,12 +183,16 @@ codejury review repo /path/to/repo
|
|
|
156
183
|
The workspace contains:
|
|
157
184
|
|
|
158
185
|
```text
|
|
159
|
-
inventory/ attack surface, authorization model,
|
|
186
|
+
inventory/ attack surface, authorization model, seeded entrypoints, severity rubric
|
|
160
187
|
units/ one review unit per candidate entrypoint
|
|
161
|
-
|
|
188
|
+
candidates/ agent proposals, one write-up per candidate finding
|
|
189
|
+
findings/ confirmed findings, written by finalize
|
|
162
190
|
pocs/ runnable PoCs, when available
|
|
191
|
+
findings.json ranked machine-readable findings
|
|
163
192
|
METHODOLOGY.md full review process
|
|
164
193
|
_stack.md detected stack notes
|
|
194
|
+
_refuted.md refuted candidates and why
|
|
195
|
+
_pocs.md PoC reconciliation, planned versus delivered
|
|
165
196
|
```
|
|
166
197
|
|
|
167
198
|
Then run the interactive slash command in Claude Code or Codex:
|
|
@@ -181,9 +212,10 @@ codejury review repo /path/to/repo --finalize
|
|
|
181
212
|
codejury review repo /path/to/repo --gate
|
|
182
213
|
```
|
|
183
214
|
|
|
184
|
-
`--finalize` deduplicates
|
|
185
|
-
`
|
|
186
|
-
|
|
215
|
+
`--finalize` deduplicates candidate files, verifies survivors, writes the confirmed
|
|
216
|
+
`findings/`, records refuted candidates in `_refuted.md` and PoC reconciliation in
|
|
217
|
+
`_pocs.md`, and writes ranked `findings.json`. `--gate` fails until the workspace has an
|
|
218
|
+
enumerated surface, reviewed units, and calibrated candidates.
|
|
187
219
|
|
|
188
220
|
For a headless run, use:
|
|
189
221
|
|
|
@@ -191,18 +223,40 @@ For a headless run, use:
|
|
|
191
223
|
codejury review repo /path/to/repo --run
|
|
192
224
|
```
|
|
193
225
|
|
|
194
|
-
|
|
195
|
-
|
|
226
|
+
### Review Strategy
|
|
227
|
+
|
|
228
|
+
A `--run` chooses how each unit is reviewed:
|
|
229
|
+
|
|
230
|
+
- `--reviewer model` is the default. It makes one grounded model call per unit. Add
|
|
231
|
+
`--facts` to ground that call in a tool-extracted call graph, storage layout, and read
|
|
232
|
+
and write sets when the domain binds a facts backend, such as the EVM Slither backend.
|
|
233
|
+
This is what gives a smart contract review its call relationships, so prefer
|
|
234
|
+
`--run --facts` on Solidity.
|
|
235
|
+
- `--reviewer claude-cli` runs each unit and its verification as a headless `claude -p`
|
|
236
|
+
agent that reads and traces the files itself with read-only tools, using your Claude Code
|
|
237
|
+
access and no provider key. Use it when you want a tool-using agent rather than a single
|
|
238
|
+
grounded call.
|
|
239
|
+
|
|
240
|
+
Add `--checker-model`, a different model from `--model`, to enable cross-model
|
|
241
|
+
verification. It finds alongside the main model on the recall side and must agree before a
|
|
242
|
+
finding is dropped on the precision side. With none set, the verify stage refutes nothing,
|
|
243
|
+
the recall-safe default.
|
|
196
244
|
|
|
197
245
|
## Supported Knowledge
|
|
198
246
|
|
|
199
|
-
|
|
247
|
+
The tool selects a review domain with `--domain`, `auto` by default. The `web` domain is
|
|
248
|
+
the default for application code. The `evm` domain reviews Solidity smart contracts for
|
|
249
|
+
classes such as reentrancy, access control, oracle manipulation, accounting precision, and
|
|
250
|
+
signature replay.
|
|
251
|
+
|
|
252
|
+
Current guide coverage in the web domain includes:
|
|
200
253
|
|
|
201
254
|
- Python: Django, Flask, FastAPI, Celery
|
|
202
255
|
- Go: Gin, Echo
|
|
203
256
|
- JavaScript and TypeScript: Express, NestJS
|
|
204
257
|
- Protocols: OAuth and OIDC
|
|
205
258
|
|
|
259
|
+
The evm domain ships a Solidity guide and the smart contract vulnerability classes above.
|
|
206
260
|
Unguided stacks still work, but the agent relies more on general methodology and model
|
|
207
261
|
knowledge.
|
|
208
262
|
|
|
@@ -221,7 +275,7 @@ The tool is intentionally scoped to real exploitable application security issues
|
|
|
221
275
|
not report dependency CVEs, style notes, generic best practices, speculation, or risks that
|
|
222
276
|
only matter if production configuration leaks.
|
|
223
277
|
|
|
224
|
-
## Model
|
|
278
|
+
## Model and Mode Guidance
|
|
225
279
|
|
|
226
280
|
Detection quality is dominated by model quality first, then mode.
|
|
227
281
|
|
|
@@ -241,18 +295,18 @@ cp examples/codejury-pr-review.yml .github/workflows/codejury-pr-review.yml
|
|
|
241
295
|
Add `CODEJURY_API_KEY` as a repository secret. The workflow reviews the pull request diff,
|
|
242
296
|
uploads SARIF to code scanning, and fails on HIGH or CRITICAL findings.
|
|
243
297
|
|
|
244
|
-
## Extend
|
|
298
|
+
## Extend the Knowledge
|
|
245
299
|
|
|
246
300
|
Add security knowledge as markdown:
|
|
247
301
|
|
|
248
302
|
- Vulnerability class:
|
|
249
|
-
`codejury/knowledge/vulnerabilities/<id>.md`
|
|
303
|
+
`codejury/domains/<domain>/knowledge/vulnerabilities/<id>.md`
|
|
250
304
|
- Language guide:
|
|
251
|
-
`codejury/knowledge/guides/languages/<language>.md`
|
|
305
|
+
`codejury/domains/<domain>/knowledge/guides/languages/<language>.md`
|
|
252
306
|
- Framework guide:
|
|
253
|
-
`codejury/knowledge/guides/frameworks/<language>/<framework>.md`
|
|
307
|
+
`codejury/domains/<domain>/knowledge/guides/frameworks/<language>/<framework>.md`
|
|
254
308
|
- Protocol guide:
|
|
255
|
-
`codejury/knowledge/guides/protocols/<protocol>.md`
|
|
309
|
+
`codejury/domains/<domain>/knowledge/guides/protocols/<protocol>.md`
|
|
256
310
|
|
|
257
311
|
Keep frontmatter and detection signals data-driven. Avoid adding language, framework, or
|
|
258
312
|
vulnerability-specific detection logic to Python unless the engine itself needs a generic
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
```
|
|
1
|
+
```text
|
|
2
2
|
██████╗ ██████╗ ██████╗ ███████╗ ██╗██╗ ██╗██████╗ ██╗ ██╗
|
|
3
3
|
██╔════╝██╔═══██╗██╔══██╗██╔════╝ ██║██║ ██║██╔══██╗╚██╗ ██╔╝
|
|
4
4
|
██║ ██║ ██║██║ ██║█████╗ ██║██║ ██║██████╔╝ ╚████╔╝
|
|
@@ -7,6 +7,11 @@
|
|
|
7
7
|
╚═════╝ ╚═════╝ ╚═════╝ ╚══════╝ ╚════╝ ╚═════╝ ╚═╝ ╚═╝ ╚═╝
|
|
8
8
|
```
|
|
9
9
|
|
|
10
|
+
[](https://github.com/aiseclabs/codejury/actions/workflows/test.yml)
|
|
11
|
+
[](https://pypi.org/project/codejury/)
|
|
12
|
+
[](https://pypi.org/project/codejury/)
|
|
13
|
+
[](https://github.com/aiseclabs/codejury/blob/main/LICENSE)
|
|
14
|
+
|
|
10
15
|
AI-assisted security review for code diffs and whole repositories.
|
|
11
16
|
|
|
12
17
|
The tool has two review paths:
|
|
@@ -16,8 +21,10 @@ The tool has two review paths:
|
|
|
16
21
|
candidates, verifies findings, and checks coverage with a gate.
|
|
17
22
|
|
|
18
23
|
Security knowledge is data. Vulnerability classes, language guides, framework guides, and
|
|
19
|
-
protocol guides live in markdown under
|
|
20
|
-
|
|
24
|
+
protocol guides live in markdown under each review domain's `knowledge/` directory, for
|
|
25
|
+
example `codejury/domains/web/knowledge/`, so adding a stack or class is usually a data
|
|
26
|
+
change rather than a Python code change. The `web` domain is the default and `evm` reviews
|
|
27
|
+
Solidity smart contracts, selected with `--domain` or detected automatically.
|
|
21
28
|
|
|
22
29
|
## Install
|
|
23
30
|
|
|
@@ -38,16 +45,31 @@ codejury install-slash-command --agent codex # Codex
|
|
|
38
45
|
`install-slash-command` copies `/codejury-review-repo` into the selected agent's command
|
|
39
46
|
directory. Pass `--dir` to install it somewhere else.
|
|
40
47
|
|
|
41
|
-
## Configure
|
|
48
|
+
## Configure a Model Backend
|
|
42
49
|
|
|
43
50
|
Set a provider key through flags or environment variables:
|
|
44
51
|
|
|
45
52
|
```bash
|
|
46
53
|
export CODEJURY_API_KEY=...
|
|
47
|
-
export CODEJURY_MODEL=claude-
|
|
54
|
+
export CODEJURY_MODEL=claude-opus-4-8
|
|
48
55
|
export CODEJURY_API_BASE=... # optional gateway or proxy
|
|
49
56
|
```
|
|
50
57
|
|
|
58
|
+
Repo Review uses a second, deliberately different model for two roles at once. On the recall
|
|
59
|
+
side it finds alongside the main model, so the union takes whatever either catches and a
|
|
60
|
+
single model's blind spot no longer caps recall. On the precision side it must agree before a
|
|
61
|
+
candidate is refuted, so a deletion needs two models with uncorrelated blind spots and no lone
|
|
62
|
+
skeptic drops a real finding. Point it at a cross-vendor model. With none set, both models
|
|
63
|
+
collapse to one, the finder is single-model and the verify stage keeps every candidate, the
|
|
64
|
+
recall-safe default.
|
|
65
|
+
|
|
66
|
+
```bash
|
|
67
|
+
export CODEJURY_CHECKER_PROVIDER=openai # default
|
|
68
|
+
export CODEJURY_CHECKER_MODEL=... # a different model from CODEJURY_MODEL
|
|
69
|
+
export CODEJURY_CHECKER_API_KEY=...
|
|
70
|
+
export CODEJURY_CHECKER_API_BASE=... # optional
|
|
71
|
+
```
|
|
72
|
+
|
|
51
73
|
The tool does not auto-load `.env`.
|
|
52
74
|
|
|
53
75
|
Useful flags:
|
|
@@ -85,19 +107,19 @@ Diff Review is the fast coded path. It audits a unified diff with either a stand
|
|
|
85
107
|
single model call or an adversarial Finder, Challenger, and Judge pass.
|
|
86
108
|
|
|
87
109
|
```bash
|
|
88
|
-
#
|
|
110
|
+
# review a diff file
|
|
89
111
|
codejury review diff --file changes.diff
|
|
90
112
|
|
|
91
|
-
#
|
|
113
|
+
# review a git range
|
|
92
114
|
codejury review diff --repo /path/to/app --git-range origin/main...HEAD
|
|
93
115
|
|
|
94
|
-
#
|
|
116
|
+
# review stdin
|
|
95
117
|
git diff HEAD~1 | codejury review diff
|
|
96
118
|
|
|
97
|
-
#
|
|
119
|
+
# use adversarial mode for extra recall on subtle cross-file logic
|
|
98
120
|
codejury review diff --file changes.diff --mode adversarial
|
|
99
121
|
|
|
100
|
-
#
|
|
122
|
+
# emit SARIF and fail on HIGH or CRITICAL findings
|
|
101
123
|
codejury review diff --file changes.diff --format sarif --fail-on high
|
|
102
124
|
```
|
|
103
125
|
|
|
@@ -119,12 +141,16 @@ codejury review repo /path/to/repo
|
|
|
119
141
|
The workspace contains:
|
|
120
142
|
|
|
121
143
|
```text
|
|
122
|
-
inventory/ attack surface, authorization model,
|
|
144
|
+
inventory/ attack surface, authorization model, seeded entrypoints, severity rubric
|
|
123
145
|
units/ one review unit per candidate entrypoint
|
|
124
|
-
|
|
146
|
+
candidates/ agent proposals, one write-up per candidate finding
|
|
147
|
+
findings/ confirmed findings, written by finalize
|
|
125
148
|
pocs/ runnable PoCs, when available
|
|
149
|
+
findings.json ranked machine-readable findings
|
|
126
150
|
METHODOLOGY.md full review process
|
|
127
151
|
_stack.md detected stack notes
|
|
152
|
+
_refuted.md refuted candidates and why
|
|
153
|
+
_pocs.md PoC reconciliation, planned versus delivered
|
|
128
154
|
```
|
|
129
155
|
|
|
130
156
|
Then run the interactive slash command in Claude Code or Codex:
|
|
@@ -144,9 +170,10 @@ codejury review repo /path/to/repo --finalize
|
|
|
144
170
|
codejury review repo /path/to/repo --gate
|
|
145
171
|
```
|
|
146
172
|
|
|
147
|
-
`--finalize` deduplicates
|
|
148
|
-
`
|
|
149
|
-
|
|
173
|
+
`--finalize` deduplicates candidate files, verifies survivors, writes the confirmed
|
|
174
|
+
`findings/`, records refuted candidates in `_refuted.md` and PoC reconciliation in
|
|
175
|
+
`_pocs.md`, and writes ranked `findings.json`. `--gate` fails until the workspace has an
|
|
176
|
+
enumerated surface, reviewed units, and calibrated candidates.
|
|
150
177
|
|
|
151
178
|
For a headless run, use:
|
|
152
179
|
|
|
@@ -154,18 +181,40 @@ For a headless run, use:
|
|
|
154
181
|
codejury review repo /path/to/repo --run
|
|
155
182
|
```
|
|
156
183
|
|
|
157
|
-
|
|
158
|
-
|
|
184
|
+
### Review Strategy
|
|
185
|
+
|
|
186
|
+
A `--run` chooses how each unit is reviewed:
|
|
187
|
+
|
|
188
|
+
- `--reviewer model` is the default. It makes one grounded model call per unit. Add
|
|
189
|
+
`--facts` to ground that call in a tool-extracted call graph, storage layout, and read
|
|
190
|
+
and write sets when the domain binds a facts backend, such as the EVM Slither backend.
|
|
191
|
+
This is what gives a smart contract review its call relationships, so prefer
|
|
192
|
+
`--run --facts` on Solidity.
|
|
193
|
+
- `--reviewer claude-cli` runs each unit and its verification as a headless `claude -p`
|
|
194
|
+
agent that reads and traces the files itself with read-only tools, using your Claude Code
|
|
195
|
+
access and no provider key. Use it when you want a tool-using agent rather than a single
|
|
196
|
+
grounded call.
|
|
197
|
+
|
|
198
|
+
Add `--checker-model`, a different model from `--model`, to enable cross-model
|
|
199
|
+
verification. It finds alongside the main model on the recall side and must agree before a
|
|
200
|
+
finding is dropped on the precision side. With none set, the verify stage refutes nothing,
|
|
201
|
+
the recall-safe default.
|
|
159
202
|
|
|
160
203
|
## Supported Knowledge
|
|
161
204
|
|
|
162
|
-
|
|
205
|
+
The tool selects a review domain with `--domain`, `auto` by default. The `web` domain is
|
|
206
|
+
the default for application code. The `evm` domain reviews Solidity smart contracts for
|
|
207
|
+
classes such as reentrancy, access control, oracle manipulation, accounting precision, and
|
|
208
|
+
signature replay.
|
|
209
|
+
|
|
210
|
+
Current guide coverage in the web domain includes:
|
|
163
211
|
|
|
164
212
|
- Python: Django, Flask, FastAPI, Celery
|
|
165
213
|
- Go: Gin, Echo
|
|
166
214
|
- JavaScript and TypeScript: Express, NestJS
|
|
167
215
|
- Protocols: OAuth and OIDC
|
|
168
216
|
|
|
217
|
+
The evm domain ships a Solidity guide and the smart contract vulnerability classes above.
|
|
169
218
|
Unguided stacks still work, but the agent relies more on general methodology and model
|
|
170
219
|
knowledge.
|
|
171
220
|
|
|
@@ -184,7 +233,7 @@ The tool is intentionally scoped to real exploitable application security issues
|
|
|
184
233
|
not report dependency CVEs, style notes, generic best practices, speculation, or risks that
|
|
185
234
|
only matter if production configuration leaks.
|
|
186
235
|
|
|
187
|
-
## Model
|
|
236
|
+
## Model and Mode Guidance
|
|
188
237
|
|
|
189
238
|
Detection quality is dominated by model quality first, then mode.
|
|
190
239
|
|
|
@@ -204,18 +253,18 @@ cp examples/codejury-pr-review.yml .github/workflows/codejury-pr-review.yml
|
|
|
204
253
|
Add `CODEJURY_API_KEY` as a repository secret. The workflow reviews the pull request diff,
|
|
205
254
|
uploads SARIF to code scanning, and fails on HIGH or CRITICAL findings.
|
|
206
255
|
|
|
207
|
-
## Extend
|
|
256
|
+
## Extend the Knowledge
|
|
208
257
|
|
|
209
258
|
Add security knowledge as markdown:
|
|
210
259
|
|
|
211
260
|
- Vulnerability class:
|
|
212
|
-
`codejury/knowledge/vulnerabilities/<id>.md`
|
|
261
|
+
`codejury/domains/<domain>/knowledge/vulnerabilities/<id>.md`
|
|
213
262
|
- Language guide:
|
|
214
|
-
`codejury/knowledge/guides/languages/<language>.md`
|
|
263
|
+
`codejury/domains/<domain>/knowledge/guides/languages/<language>.md`
|
|
215
264
|
- Framework guide:
|
|
216
|
-
`codejury/knowledge/guides/frameworks/<language>/<framework>.md`
|
|
265
|
+
`codejury/domains/<domain>/knowledge/guides/frameworks/<language>/<framework>.md`
|
|
217
266
|
- Protocol guide:
|
|
218
|
-
`codejury/knowledge/guides/protocols/<protocol>.md`
|
|
267
|
+
`codejury/domains/<domain>/knowledge/guides/protocols/<protocol>.md`
|
|
219
268
|
|
|
220
269
|
Keep frontmatter and detection signals data-driven. Avoid adding language, framework, or
|
|
221
270
|
vulnerability-specific detection logic to Python unless the engine itself needs a generic
|