codejury 1.0.0__tar.gz → 1.1.0__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (167) hide show
  1. {codejury-1.0.0 → codejury-1.1.0}/PKG-INFO +79 -25
  2. {codejury-1.0.0 → codejury-1.1.0}/README.md +73 -24
  3. {codejury-1.0.0 → codejury-1.1.0}/codejury/cli.py +205 -49
  4. {codejury-1.0.0 → codejury-1.1.0}/codejury/detection.py +6 -3
  5. codejury-1.1.0/codejury/domains/__init__.py +9 -0
  6. codejury-1.1.0/codejury/domains/base.py +153 -0
  7. codejury-1.1.0/codejury/domains/evm/__init__.py +74 -0
  8. codejury-1.1.0/codejury/domains/evm/detection.yaml +13 -0
  9. codejury-1.1.0/codejury/domains/evm/facts/__init__.py +5 -0
  10. codejury-1.1.0/codejury/domains/evm/facts/call_path.py +93 -0
  11. codejury-1.1.0/codejury/domains/evm/facts/slither.py +151 -0
  12. codejury-1.1.0/codejury/domains/evm/knowledge/guides/languages/solidity.md +52 -0
  13. codejury-1.1.0/codejury/domains/evm/knowledge/index.md +32 -0
  14. codejury-1.1.0/codejury/domains/evm/knowledge/vulnerabilities/access-control.md +40 -0
  15. codejury-1.1.0/codejury/domains/evm/knowledge/vulnerabilities/accounting-precision.md +35 -0
  16. codejury-1.1.0/codejury/domains/evm/knowledge/vulnerabilities/denial-of-service.md +37 -0
  17. codejury-1.1.0/codejury/domains/evm/knowledge/vulnerabilities/oracle-price-manipulation.md +34 -0
  18. codejury-1.1.0/codejury/domains/evm/knowledge/vulnerabilities/proxy-delegatecall.md +41 -0
  19. codejury-1.1.0/codejury/domains/evm/knowledge/vulnerabilities/reentrancy.md +38 -0
  20. codejury-1.1.0/codejury/domains/evm/knowledge/vulnerabilities/signature-replay.md +37 -0
  21. codejury-1.1.0/codejury/domains/evm/knowledge/vulnerabilities/unchecked-low-level-call.md +35 -0
  22. codejury-1.1.0/codejury/domains/evm/playbook/false-positive-traps.md +82 -0
  23. codejury-1.1.0/codejury/domains/evm/playbook/methodology.md +160 -0
  24. codejury-1.1.0/codejury/domains/evm/playbook/severity-rubric.md +48 -0
  25. codejury-1.1.0/codejury/domains/evm/playbook/slash-command.md +92 -0
  26. codejury-1.1.0/codejury/domains/evm/playbook/unit-review.md +109 -0
  27. codejury-1.1.0/codejury/domains/evm/poc.py +41 -0
  28. codejury-1.1.0/codejury/domains/registry.py +56 -0
  29. codejury-1.1.0/codejury/domains/web/__init__.py +57 -0
  30. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/guides/languages/python.md +0 -2
  31. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/guides/protocols/oauth.md +1 -1
  32. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/cross-site-request-forgery.md +14 -0
  33. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/server-side-request-forgery.md +2 -2
  34. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/playbook/false-positive-traps.md +4 -4
  35. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/playbook/methodology.md +7 -5
  36. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/playbook/slash-command.md +14 -8
  37. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/playbook/unit-review.md +14 -7
  38. {codejury-1.0.0 → codejury-1.1.0}/codejury/guides.py +2 -0
  39. {codejury-1.0.0 → codejury-1.1.0}/codejury/providers/anthropic.py +43 -9
  40. codejury-1.1.0/codejury/providers/factory.py +59 -0
  41. {codejury-1.0.0 → codejury-1.1.0}/codejury/providers/litellm.py +7 -3
  42. codejury-1.1.0/codejury/providers/openai.py +86 -0
  43. codejury-1.1.0/codejury/providers/retry.py +155 -0
  44. codejury-1.1.0/codejury/resources.py +29 -0
  45. {codejury-1.0.0 → codejury-1.1.0}/codejury/review/diff/adversarial.py +24 -7
  46. codejury-1.0.0/codejury/review/diff/engine.py → codejury-1.1.0/codejury/review/diff/audit.py +27 -11
  47. codejury-1.0.0/codejury/review/diff/runner.py → codejury-1.1.0/codejury/review/diff/engine.py +11 -3
  48. {codejury-1.0.0 → codejury-1.1.0}/codejury/review/diff/prompts.py +17 -34
  49. {codejury-1.0.0 → codejury-1.1.0}/codejury/review/diff/vulnerabilities.py +30 -1
  50. {codejury-1.0.0 → codejury-1.1.0}/codejury/review/repo/agent.py +12 -11
  51. codejury-1.1.0/codejury/review/repo/engine.py +703 -0
  52. {codejury-1.0.0 → codejury-1.1.0}/codejury/review/repo/gate.py +5 -5
  53. {codejury-1.0.0 → codejury-1.1.0}/codejury/review/repo/model.py +9 -10
  54. codejury-1.1.0/codejury/review/repo/pass_loop.py +103 -0
  55. {codejury-1.0.0 → codejury-1.1.0}/codejury/review/repo/paths.py +1 -1
  56. {codejury-1.0.0 → codejury-1.1.0}/codejury/review/repo/reviewer.py +55 -53
  57. {codejury-1.0.0 → codejury-1.1.0}/codejury/review/repo/scaffold.py +145 -35
  58. codejury-1.1.0/codejury/review/repo/severity.py +36 -0
  59. codejury-1.1.0/codejury/review/repo/shapes.py +106 -0
  60. {codejury-1.0.0 → codejury-1.1.0}/codejury/review/repo/union.py +63 -19
  61. codejury-1.1.0/codejury/review/repo/verifier.py +355 -0
  62. {codejury-1.0.0 → codejury-1.1.0}/codejury.egg-info/PKG-INFO +79 -25
  63. codejury-1.1.0/codejury.egg-info/SOURCES.txt +147 -0
  64. {codejury-1.0.0 → codejury-1.1.0}/codejury.egg-info/requires.txt +4 -0
  65. {codejury-1.0.0 → codejury-1.1.0}/pyproject.toml +6 -2
  66. codejury-1.1.0/tests/test_anthropic_provider.py +108 -0
  67. codejury-1.0.0/tests/test_openai_format.py → codejury-1.1.0/tests/test_chat_format.py +1 -1
  68. {codejury-1.0.0 → codejury-1.1.0}/tests/test_cli.py +62 -11
  69. {codejury-1.0.0 → codejury-1.1.0}/tests/test_diff_adversarial.py +9 -6
  70. codejury-1.0.0/tests/test_diff_engine.py → codejury-1.1.0/tests/test_diff_audit.py +6 -6
  71. codejury-1.1.0/tests/test_domains.py +251 -0
  72. codejury-1.1.0/tests/test_evals.py +497 -0
  73. {codejury-1.0.0 → codejury-1.1.0}/tests/test_guides.py +1 -1
  74. codejury-1.1.0/tests/test_json_parse.py +79 -0
  75. {codejury-1.0.0 → codejury-1.1.0}/tests/test_litellm_provider.py +32 -1
  76. codejury-1.1.0/tests/test_openai_provider.py +108 -0
  77. codejury-1.1.0/tests/test_provider_factory.py +31 -0
  78. {codejury-1.0.0 → codejury-1.1.0}/tests/test_repo_agent.py +1 -1
  79. codejury-1.1.0/tests/test_repo_engine.py +510 -0
  80. {codejury-1.0.0 → codejury-1.1.0}/tests/test_repo_gate.py +6 -5
  81. {codejury-1.0.0 → codejury-1.1.0}/tests/test_repo_pass_loop.py +89 -1
  82. codejury-1.1.0/tests/test_repo_paths.py +42 -0
  83. codejury-1.1.0/tests/test_repo_scaffold.py +352 -0
  84. codejury-1.1.0/tests/test_repo_severity.py +23 -0
  85. codejury-1.1.0/tests/test_repo_union.py +281 -0
  86. codejury-1.1.0/tests/test_repo_verifier.py +193 -0
  87. codejury-1.1.0/tests/test_retry_provider.py +191 -0
  88. {codejury-1.0.0 → codejury-1.1.0}/tests/test_vulnerabilities.py +31 -0
  89. codejury-1.0.0/codejury/providers/factory.py +0 -33
  90. codejury-1.0.0/codejury/providers/openai.py +0 -59
  91. codejury-1.0.0/codejury/providers/retry.py +0 -64
  92. codejury-1.0.0/codejury/resources.py +0 -28
  93. codejury-1.0.0/codejury/review/repo/engine.py +0 -393
  94. codejury-1.0.0/codejury/review/repo/pass_loop.py +0 -80
  95. codejury-1.0.0/codejury/review/repo/severity.py +0 -68
  96. codejury-1.0.0/codejury/review/repo/verifier.py +0 -148
  97. codejury-1.0.0/codejury.egg-info/SOURCES.txt +0 -117
  98. codejury-1.0.0/tests/test_anthropic_provider.py +0 -54
  99. codejury-1.0.0/tests/test_json_parse.py +0 -41
  100. codejury-1.0.0/tests/test_openai_provider.py +0 -43
  101. codejury-1.0.0/tests/test_repo_engine.py +0 -293
  102. codejury-1.0.0/tests/test_repo_scaffold.py +0 -179
  103. codejury-1.0.0/tests/test_repo_severity.py +0 -37
  104. codejury-1.0.0/tests/test_repo_union.py +0 -104
  105. codejury-1.0.0/tests/test_repo_verifier.py +0 -95
  106. codejury-1.0.0/tests/test_retry_provider.py +0 -76
  107. {codejury-1.0.0 → codejury-1.1.0}/LICENSE +0 -0
  108. {codejury-1.0.0 → codejury-1.1.0}/codejury/__init__.py +0 -0
  109. {codejury-1.0.0 → codejury-1.1.0}/codejury/__main__.py +0 -0
  110. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/detection.yaml +0 -0
  111. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/guides/frameworks/go/echo.md +0 -0
  112. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/guides/frameworks/go/gin.md +0 -0
  113. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/guides/frameworks/javascript/express.md +0 -0
  114. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/guides/frameworks/javascript/nestjs.md +0 -0
  115. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/guides/frameworks/python/celery.md +0 -0
  116. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/guides/frameworks/python/django.md +0 -0
  117. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/guides/frameworks/python/fastapi.md +0 -0
  118. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/guides/frameworks/python/flask.md +0 -0
  119. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/guides/languages/go.md +0 -0
  120. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/guides/languages/javascript.md +0 -0
  121. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/guides/languages/typescript.md +0 -0
  122. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/index.md +0 -0
  123. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/business-logic.md +0 -0
  124. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/code-injection.md +0 -0
  125. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/command-injection.md +0 -0
  126. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/cross-site-scripting.md +0 -0
  127. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/hardcoded-secrets.md +0 -0
  128. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/http-response-splitting.md +0 -0
  129. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/improper-authentication.md +0 -0
  130. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/information-exposure.md +0 -0
  131. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/insecure-cryptography.md +0 -0
  132. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/insecure-deserialization.md +0 -0
  133. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/insecure-direct-object-reference.md +0 -0
  134. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/insecure-session-management.md +0 -0
  135. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/insecure-transport.md +0 -0
  136. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/jwt-validation.md +0 -0
  137. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/mass-assignment.md +0 -0
  138. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/missing-authorization.md +0 -0
  139. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/open-redirect.md +0 -0
  140. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/path-traversal.md +0 -0
  141. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/race-condition.md +0 -0
  142. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/replay-attack.md +0 -0
  143. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/server-side-template-injection.md +0 -0
  144. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/sql-injection.md +0 -0
  145. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/knowledge/vulnerabilities/xml-external-entity.md +0 -0
  146. {codejury-1.0.0/codejury → codejury-1.1.0/codejury/domains/web}/playbook/severity-rubric.md +0 -0
  147. {codejury-1.0.0 → codejury-1.1.0}/codejury/finding.py +0 -0
  148. {codejury-1.0.0 → codejury-1.1.0}/codejury/json_parse.py +0 -0
  149. {codejury-1.0.0 → codejury-1.1.0}/codejury/markdown_docs.py +0 -0
  150. {codejury-1.0.0 → codejury-1.1.0}/codejury/providers/__init__.py +0 -0
  151. {codejury-1.0.0 → codejury-1.1.0}/codejury/providers/base.py +0 -0
  152. /codejury-1.0.0/codejury/providers/openai_format.py → /codejury-1.1.0/codejury/providers/chat_format.py +0 -0
  153. {codejury-1.0.0 → codejury-1.1.0}/codejury/providers/mock.py +0 -0
  154. {codejury-1.0.0 → codejury-1.1.0}/codejury/report.py +0 -0
  155. {codejury-1.0.0 → codejury-1.1.0}/codejury/review/__init__.py +0 -0
  156. {codejury-1.0.0 → codejury-1.1.0}/codejury/review/diff/__init__.py +0 -0
  157. {codejury-1.0.0 → codejury-1.1.0}/codejury/review/diff/filter.py +0 -0
  158. {codejury-1.0.0 → codejury-1.1.0}/codejury/review/repo/__init__.py +0 -0
  159. {codejury-1.0.0 → codejury-1.1.0}/codejury/severity.py +0 -0
  160. {codejury-1.0.0 → codejury-1.1.0}/codejury.egg-info/dependency_links.txt +0 -0
  161. {codejury-1.0.0 → codejury-1.1.0}/codejury.egg-info/entry_points.txt +0 -0
  162. {codejury-1.0.0 → codejury-1.1.0}/codejury.egg-info/top_level.txt +0 -0
  163. {codejury-1.0.0 → codejury-1.1.0}/setup.cfg +0 -0
  164. {codejury-1.0.0 → codejury-1.1.0}/tests/test_detection.py +0 -0
  165. {codejury-1.0.0 → codejury-1.1.0}/tests/test_markdown_docs.py +0 -0
  166. {codejury-1.0.0 → codejury-1.1.0}/tests/test_repo_model.py +0 -0
  167. {codejury-1.0.0 → codejury-1.1.0}/tests/test_report.py +0 -0
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: codejury
3
- Version: 1.0.0
3
+ Version: 1.1.0
4
4
  Summary: AI-assisted security review for code diffs and whole repositories.
5
5
  Author: AISecLabs
6
6
  License-Expression: MIT
@@ -14,6 +14,8 @@ Classifier: Intended Audience :: Developers
14
14
  Classifier: Topic :: Security
15
15
  Classifier: Topic :: Software Development :: Quality Assurance
16
16
  Classifier: Programming Language :: Python :: 3.12
17
+ Classifier: Programming Language :: Python :: 3.13
18
+ Classifier: Programming Language :: Python :: 3.14
17
19
  Classifier: Operating System :: OS Independent
18
20
  Requires-Python: >=3.12
19
21
  Description-Content-Type: text/markdown
@@ -30,12 +32,15 @@ Provides-Extra: all
30
32
  Requires-Dist: anthropic>=0.40; extra == "all"
31
33
  Requires-Dist: openai>=1.0; extra == "all"
32
34
  Requires-Dist: litellm>=1.0; extra == "all"
35
+ Provides-Extra: evm
36
+ Requires-Dist: slither-analyzer>=0.10; extra == "evm"
37
+ Requires-Dist: web3>=6.0; extra == "evm"
33
38
  Provides-Extra: dev
34
39
  Requires-Dist: pytest>=8.0; extra == "dev"
35
40
  Requires-Dist: jsonschema>=4.0; extra == "dev"
36
41
  Dynamic: license-file
37
42
 
38
- ```
43
+ ```text
39
44
  ██████╗ ██████╗ ██████╗ ███████╗ ██╗██╗ ██╗██████╗ ██╗ ██╗
40
45
  ██╔════╝██╔═══██╗██╔══██╗██╔════╝ ██║██║ ██║██╔══██╗╚██╗ ██╔╝
41
46
  ██║ ██║ ██║██║ ██║█████╗ ██║██║ ██║██████╔╝ ╚████╔╝
@@ -44,6 +49,11 @@ Dynamic: license-file
44
49
  ╚═════╝ ╚═════╝ ╚═════╝ ╚══════╝ ╚════╝ ╚═════╝ ╚═╝ ╚═╝ ╚═╝
45
50
  ```
46
51
 
52
+ [![Tests](https://img.shields.io/github/actions/workflow/status/aiseclabs/codejury/test.yml?label=tests)](https://github.com/aiseclabs/codejury/actions/workflows/test.yml)
53
+ [![PyPI](https://img.shields.io/pypi/v/codejury)](https://pypi.org/project/codejury/)
54
+ [![Python](https://img.shields.io/pypi/pyversions/codejury)](https://pypi.org/project/codejury/)
55
+ [![License: MIT](https://img.shields.io/pypi/l/codejury)](https://github.com/aiseclabs/codejury/blob/main/LICENSE)
56
+
47
57
  AI-assisted security review for code diffs and whole repositories.
48
58
 
49
59
  The tool has two review paths:
@@ -53,8 +63,10 @@ The tool has two review paths:
53
63
  candidates, verifies findings, and checks coverage with a gate.
54
64
 
55
65
  Security knowledge is data. Vulnerability classes, language guides, framework guides, and
56
- protocol guides live in markdown under `codejury/knowledge/`, so adding a stack or class is
57
- usually a data change rather than a Python code change.
66
+ protocol guides live in markdown under each review domain's `knowledge/` directory, for
67
+ example `codejury/domains/web/knowledge/`, so adding a stack or class is usually a data
68
+ change rather than a Python code change. The `web` domain is the default and `evm` reviews
69
+ Solidity smart contracts, selected with `--domain` or detected automatically.
58
70
 
59
71
  ## Install
60
72
 
@@ -75,16 +87,31 @@ codejury install-slash-command --agent codex # Codex
75
87
  `install-slash-command` copies `/codejury-review-repo` into the selected agent's command
76
88
  directory. Pass `--dir` to install it somewhere else.
77
89
 
78
- ## Configure A Model Backend
90
+ ## Configure a Model Backend
79
91
 
80
92
  Set a provider key through flags or environment variables:
81
93
 
82
94
  ```bash
83
95
  export CODEJURY_API_KEY=...
84
- export CODEJURY_MODEL=claude-sonnet-4-6
96
+ export CODEJURY_MODEL=claude-opus-4-8
85
97
  export CODEJURY_API_BASE=... # optional gateway or proxy
86
98
  ```
87
99
 
100
+ Repo Review uses a second, deliberately different model for two roles at once. On the recall
101
+ side it finds alongside the main model, so the union takes whatever either catches and a
102
+ single model's blind spot no longer caps recall. On the precision side it must agree before a
103
+ candidate is refuted, so a deletion needs two models with uncorrelated blind spots and no lone
104
+ skeptic drops a real finding. Point it at a cross-vendor model. With none set, both models
105
+ collapse to one, the finder is single-model and the verify stage keeps every candidate, the
106
+ recall-safe default.
107
+
108
+ ```bash
109
+ export CODEJURY_CHECKER_PROVIDER=openai # default
110
+ export CODEJURY_CHECKER_MODEL=... # a different model from CODEJURY_MODEL
111
+ export CODEJURY_CHECKER_API_KEY=...
112
+ export CODEJURY_CHECKER_API_BASE=... # optional
113
+ ```
114
+
88
115
  The tool does not auto-load `.env`.
89
116
 
90
117
  Useful flags:
@@ -122,19 +149,19 @@ Diff Review is the fast coded path. It audits a unified diff with either a stand
122
149
  single model call or an adversarial Finder, Challenger, and Judge pass.
123
150
 
124
151
  ```bash
125
- # Review a diff file
152
+ # review a diff file
126
153
  codejury review diff --file changes.diff
127
154
 
128
- # Review a git range
155
+ # review a git range
129
156
  codejury review diff --repo /path/to/app --git-range origin/main...HEAD
130
157
 
131
- # Review stdin
158
+ # review stdin
132
159
  git diff HEAD~1 | codejury review diff
133
160
 
134
- # Use adversarial mode for extra recall on subtle cross-file logic
161
+ # use adversarial mode for extra recall on subtle cross-file logic
135
162
  codejury review diff --file changes.diff --mode adversarial
136
163
 
137
- # Emit SARIF and fail on HIGH or CRITICAL findings
164
+ # emit SARIF and fail on HIGH or CRITICAL findings
138
165
  codejury review diff --file changes.diff --format sarif --fail-on high
139
166
  ```
140
167
 
@@ -156,12 +183,16 @@ codejury review repo /path/to/repo
156
183
  The workspace contains:
157
184
 
158
185
  ```text
159
- inventory/ attack surface, authorization model, candidates, severity rubric
186
+ inventory/ attack surface, authorization model, seeded entrypoints, severity rubric
160
187
  units/ one review unit per candidate entrypoint
161
- issues/ issue write-ups
188
+ candidates/ agent proposals, one write-up per candidate finding
189
+ findings/ confirmed findings, written by finalize
162
190
  pocs/ runnable PoCs, when available
191
+ findings.json ranked machine-readable findings
163
192
  METHODOLOGY.md full review process
164
193
  _stack.md detected stack notes
194
+ _refuted.md refuted candidates and why
195
+ _pocs.md PoC reconciliation, planned versus delivered
165
196
  ```
166
197
 
167
198
  Then run the interactive slash command in Claude Code or Codex:
@@ -181,9 +212,10 @@ codejury review repo /path/to/repo --finalize
181
212
  codejury review repo /path/to/repo --gate
182
213
  ```
183
214
 
184
- `--finalize` deduplicates issue files, verifies survivors, records refuted candidates in
185
- `_refuted.md`, and writes ranked `findings.json`. `--gate` fails until the workspace has
186
- an enumerated surface, reviewed units, and calibrated findings.
215
+ `--finalize` deduplicates candidate files, verifies survivors, writes the confirmed
216
+ `findings/`, records refuted candidates in `_refuted.md` and PoC reconciliation in
217
+ `_pocs.md`, and writes ranked `findings.json`. `--gate` fails until the workspace has an
218
+ enumerated surface, reviewed units, and calibrated candidates.
187
219
 
188
220
  For a headless run, use:
189
221
 
@@ -191,18 +223,40 @@ For a headless run, use:
191
223
  codejury review repo /path/to/repo --run
192
224
  ```
193
225
 
194
- Use `--reviewer claude-cli` only when you want the Claude Code backend to run unit reviews
195
- and verification through local Claude CLI access.
226
+ ### Review Strategy
227
+
228
+ A `--run` chooses how each unit is reviewed:
229
+
230
+ - `--reviewer model` is the default. It makes one grounded model call per unit. Add
231
+ `--facts` to ground that call in a tool-extracted call graph, storage layout, and read
232
+ and write sets when the domain binds a facts backend, such as the EVM Slither backend.
233
+ This is what gives a smart contract review its call relationships, so prefer
234
+ `--run --facts` on Solidity.
235
+ - `--reviewer claude-cli` runs each unit and its verification as a headless `claude -p`
236
+ agent that reads and traces the files itself with read-only tools, using your Claude Code
237
+ access and no provider key. Use it when you want a tool-using agent rather than a single
238
+ grounded call.
239
+
240
+ Add `--checker-model`, a different model from `--model`, to enable cross-model
241
+ verification. It finds alongside the main model on the recall side and must agree before a
242
+ finding is dropped on the precision side. With none set, the verify stage refutes nothing,
243
+ the recall-safe default.
196
244
 
197
245
  ## Supported Knowledge
198
246
 
199
- Current guide coverage includes:
247
+ The tool selects a review domain with `--domain`, `auto` by default. The `web` domain is
248
+ the default for application code. The `evm` domain reviews Solidity smart contracts for
249
+ classes such as reentrancy, access control, oracle manipulation, accounting precision, and
250
+ signature replay.
251
+
252
+ Current guide coverage in the web domain includes:
200
253
 
201
254
  - Python: Django, Flask, FastAPI, Celery
202
255
  - Go: Gin, Echo
203
256
  - JavaScript and TypeScript: Express, NestJS
204
257
  - Protocols: OAuth and OIDC
205
258
 
259
+ The evm domain ships a Solidity guide and the smart contract vulnerability classes above.
206
260
  Unguided stacks still work, but the agent relies more on general methodology and model
207
261
  knowledge.
208
262
 
@@ -221,7 +275,7 @@ The tool is intentionally scoped to real exploitable application security issues
221
275
  not report dependency CVEs, style notes, generic best practices, speculation, or risks that
222
276
  only matter if production configuration leaks.
223
277
 
224
- ## Model And Mode Guidance
278
+ ## Model and Mode Guidance
225
279
 
226
280
  Detection quality is dominated by model quality first, then mode.
227
281
 
@@ -241,18 +295,18 @@ cp examples/codejury-pr-review.yml .github/workflows/codejury-pr-review.yml
241
295
  Add `CODEJURY_API_KEY` as a repository secret. The workflow reviews the pull request diff,
242
296
  uploads SARIF to code scanning, and fails on HIGH or CRITICAL findings.
243
297
 
244
- ## Extend The Knowledge
298
+ ## Extend the Knowledge
245
299
 
246
300
  Add security knowledge as markdown:
247
301
 
248
302
  - Vulnerability class:
249
- `codejury/knowledge/vulnerabilities/<id>.md`
303
+ `codejury/domains/<domain>/knowledge/vulnerabilities/<id>.md`
250
304
  - Language guide:
251
- `codejury/knowledge/guides/languages/<language>.md`
305
+ `codejury/domains/<domain>/knowledge/guides/languages/<language>.md`
252
306
  - Framework guide:
253
- `codejury/knowledge/guides/frameworks/<language>/<framework>.md`
307
+ `codejury/domains/<domain>/knowledge/guides/frameworks/<language>/<framework>.md`
254
308
  - Protocol guide:
255
- `codejury/knowledge/guides/protocols/<protocol>.md`
309
+ `codejury/domains/<domain>/knowledge/guides/protocols/<protocol>.md`
256
310
 
257
311
  Keep frontmatter and detection signals data-driven. Avoid adding language, framework, or
258
312
  vulnerability-specific detection logic to Python unless the engine itself needs a generic
@@ -1,4 +1,4 @@
1
- ```
1
+ ```text
2
2
  ██████╗ ██████╗ ██████╗ ███████╗ ██╗██╗ ██╗██████╗ ██╗ ██╗
3
3
  ██╔════╝██╔═══██╗██╔══██╗██╔════╝ ██║██║ ██║██╔══██╗╚██╗ ██╔╝
4
4
  ██║ ██║ ██║██║ ██║█████╗ ██║██║ ██║██████╔╝ ╚████╔╝
@@ -7,6 +7,11 @@
7
7
  ╚═════╝ ╚═════╝ ╚═════╝ ╚══════╝ ╚════╝ ╚═════╝ ╚═╝ ╚═╝ ╚═╝
8
8
  ```
9
9
 
10
+ [![Tests](https://img.shields.io/github/actions/workflow/status/aiseclabs/codejury/test.yml?label=tests)](https://github.com/aiseclabs/codejury/actions/workflows/test.yml)
11
+ [![PyPI](https://img.shields.io/pypi/v/codejury)](https://pypi.org/project/codejury/)
12
+ [![Python](https://img.shields.io/pypi/pyversions/codejury)](https://pypi.org/project/codejury/)
13
+ [![License: MIT](https://img.shields.io/pypi/l/codejury)](https://github.com/aiseclabs/codejury/blob/main/LICENSE)
14
+
10
15
  AI-assisted security review for code diffs and whole repositories.
11
16
 
12
17
  The tool has two review paths:
@@ -16,8 +21,10 @@ The tool has two review paths:
16
21
  candidates, verifies findings, and checks coverage with a gate.
17
22
 
18
23
  Security knowledge is data. Vulnerability classes, language guides, framework guides, and
19
- protocol guides live in markdown under `codejury/knowledge/`, so adding a stack or class is
20
- usually a data change rather than a Python code change.
24
+ protocol guides live in markdown under each review domain's `knowledge/` directory, for
25
+ example `codejury/domains/web/knowledge/`, so adding a stack or class is usually a data
26
+ change rather than a Python code change. The `web` domain is the default and `evm` reviews
27
+ Solidity smart contracts, selected with `--domain` or detected automatically.
21
28
 
22
29
  ## Install
23
30
 
@@ -38,16 +45,31 @@ codejury install-slash-command --agent codex # Codex
38
45
  `install-slash-command` copies `/codejury-review-repo` into the selected agent's command
39
46
  directory. Pass `--dir` to install it somewhere else.
40
47
 
41
- ## Configure A Model Backend
48
+ ## Configure a Model Backend
42
49
 
43
50
  Set a provider key through flags or environment variables:
44
51
 
45
52
  ```bash
46
53
  export CODEJURY_API_KEY=...
47
- export CODEJURY_MODEL=claude-sonnet-4-6
54
+ export CODEJURY_MODEL=claude-opus-4-8
48
55
  export CODEJURY_API_BASE=... # optional gateway or proxy
49
56
  ```
50
57
 
58
+ Repo Review uses a second, deliberately different model for two roles at once. On the recall
59
+ side it finds alongside the main model, so the union takes whatever either catches and a
60
+ single model's blind spot no longer caps recall. On the precision side it must agree before a
61
+ candidate is refuted, so a deletion needs two models with uncorrelated blind spots and no lone
62
+ skeptic drops a real finding. Point it at a cross-vendor model. With none set, both models
63
+ collapse to one, the finder is single-model and the verify stage keeps every candidate, the
64
+ recall-safe default.
65
+
66
+ ```bash
67
+ export CODEJURY_CHECKER_PROVIDER=openai # default
68
+ export CODEJURY_CHECKER_MODEL=... # a different model from CODEJURY_MODEL
69
+ export CODEJURY_CHECKER_API_KEY=...
70
+ export CODEJURY_CHECKER_API_BASE=... # optional
71
+ ```
72
+
51
73
  The tool does not auto-load `.env`.
52
74
 
53
75
  Useful flags:
@@ -85,19 +107,19 @@ Diff Review is the fast coded path. It audits a unified diff with either a stand
85
107
  single model call or an adversarial Finder, Challenger, and Judge pass.
86
108
 
87
109
  ```bash
88
- # Review a diff file
110
+ # review a diff file
89
111
  codejury review diff --file changes.diff
90
112
 
91
- # Review a git range
113
+ # review a git range
92
114
  codejury review diff --repo /path/to/app --git-range origin/main...HEAD
93
115
 
94
- # Review stdin
116
+ # review stdin
95
117
  git diff HEAD~1 | codejury review diff
96
118
 
97
- # Use adversarial mode for extra recall on subtle cross-file logic
119
+ # use adversarial mode for extra recall on subtle cross-file logic
98
120
  codejury review diff --file changes.diff --mode adversarial
99
121
 
100
- # Emit SARIF and fail on HIGH or CRITICAL findings
122
+ # emit SARIF and fail on HIGH or CRITICAL findings
101
123
  codejury review diff --file changes.diff --format sarif --fail-on high
102
124
  ```
103
125
 
@@ -119,12 +141,16 @@ codejury review repo /path/to/repo
119
141
  The workspace contains:
120
142
 
121
143
  ```text
122
- inventory/ attack surface, authorization model, candidates, severity rubric
144
+ inventory/ attack surface, authorization model, seeded entrypoints, severity rubric
123
145
  units/ one review unit per candidate entrypoint
124
- issues/ issue write-ups
146
+ candidates/ agent proposals, one write-up per candidate finding
147
+ findings/ confirmed findings, written by finalize
125
148
  pocs/ runnable PoCs, when available
149
+ findings.json ranked machine-readable findings
126
150
  METHODOLOGY.md full review process
127
151
  _stack.md detected stack notes
152
+ _refuted.md refuted candidates and why
153
+ _pocs.md PoC reconciliation, planned versus delivered
128
154
  ```
129
155
 
130
156
  Then run the interactive slash command in Claude Code or Codex:
@@ -144,9 +170,10 @@ codejury review repo /path/to/repo --finalize
144
170
  codejury review repo /path/to/repo --gate
145
171
  ```
146
172
 
147
- `--finalize` deduplicates issue files, verifies survivors, records refuted candidates in
148
- `_refuted.md`, and writes ranked `findings.json`. `--gate` fails until the workspace has
149
- an enumerated surface, reviewed units, and calibrated findings.
173
+ `--finalize` deduplicates candidate files, verifies survivors, writes the confirmed
174
+ `findings/`, records refuted candidates in `_refuted.md` and PoC reconciliation in
175
+ `_pocs.md`, and writes ranked `findings.json`. `--gate` fails until the workspace has an
176
+ enumerated surface, reviewed units, and calibrated candidates.
150
177
 
151
178
  For a headless run, use:
152
179
 
@@ -154,18 +181,40 @@ For a headless run, use:
154
181
  codejury review repo /path/to/repo --run
155
182
  ```
156
183
 
157
- Use `--reviewer claude-cli` only when you want the Claude Code backend to run unit reviews
158
- and verification through local Claude CLI access.
184
+ ### Review Strategy
185
+
186
+ A `--run` chooses how each unit is reviewed:
187
+
188
+ - `--reviewer model` is the default. It makes one grounded model call per unit. Add
189
+ `--facts` to ground that call in a tool-extracted call graph, storage layout, and read
190
+ and write sets when the domain binds a facts backend, such as the EVM Slither backend.
191
+ This is what gives a smart contract review its call relationships, so prefer
192
+ `--run --facts` on Solidity.
193
+ - `--reviewer claude-cli` runs each unit and its verification as a headless `claude -p`
194
+ agent that reads and traces the files itself with read-only tools, using your Claude Code
195
+ access and no provider key. Use it when you want a tool-using agent rather than a single
196
+ grounded call.
197
+
198
+ Add `--checker-model`, a different model from `--model`, to enable cross-model
199
+ verification. It finds alongside the main model on the recall side and must agree before a
200
+ finding is dropped on the precision side. With none set, the verify stage refutes nothing,
201
+ the recall-safe default.
159
202
 
160
203
  ## Supported Knowledge
161
204
 
162
- Current guide coverage includes:
205
+ The tool selects a review domain with `--domain`, `auto` by default. The `web` domain is
206
+ the default for application code. The `evm` domain reviews Solidity smart contracts for
207
+ classes such as reentrancy, access control, oracle manipulation, accounting precision, and
208
+ signature replay.
209
+
210
+ Current guide coverage in the web domain includes:
163
211
 
164
212
  - Python: Django, Flask, FastAPI, Celery
165
213
  - Go: Gin, Echo
166
214
  - JavaScript and TypeScript: Express, NestJS
167
215
  - Protocols: OAuth and OIDC
168
216
 
217
+ The evm domain ships a Solidity guide and the smart contract vulnerability classes above.
169
218
  Unguided stacks still work, but the agent relies more on general methodology and model
170
219
  knowledge.
171
220
 
@@ -184,7 +233,7 @@ The tool is intentionally scoped to real exploitable application security issues
184
233
  not report dependency CVEs, style notes, generic best practices, speculation, or risks that
185
234
  only matter if production configuration leaks.
186
235
 
187
- ## Model And Mode Guidance
236
+ ## Model and Mode Guidance
188
237
 
189
238
  Detection quality is dominated by model quality first, then mode.
190
239
 
@@ -204,18 +253,18 @@ cp examples/codejury-pr-review.yml .github/workflows/codejury-pr-review.yml
204
253
  Add `CODEJURY_API_KEY` as a repository secret. The workflow reviews the pull request diff,
205
254
  uploads SARIF to code scanning, and fails on HIGH or CRITICAL findings.
206
255
 
207
- ## Extend The Knowledge
256
+ ## Extend the Knowledge
208
257
 
209
258
  Add security knowledge as markdown:
210
259
 
211
260
  - Vulnerability class:
212
- `codejury/knowledge/vulnerabilities/<id>.md`
261
+ `codejury/domains/<domain>/knowledge/vulnerabilities/<id>.md`
213
262
  - Language guide:
214
- `codejury/knowledge/guides/languages/<language>.md`
263
+ `codejury/domains/<domain>/knowledge/guides/languages/<language>.md`
215
264
  - Framework guide:
216
- `codejury/knowledge/guides/frameworks/<language>/<framework>.md`
265
+ `codejury/domains/<domain>/knowledge/guides/frameworks/<language>/<framework>.md`
217
266
  - Protocol guide:
218
- `codejury/knowledge/guides/protocols/<protocol>.md`
267
+ `codejury/domains/<domain>/knowledge/guides/protocols/<protocol>.md`
219
268
 
220
269
  Keep frontmatter and detection signals data-driven. Avoid adding language, framework, or
221
270
  vulnerability-specific detection logic to Python unless the engine itself needs a generic