codeshift 0.4.0__py3-none-any.whl → 0.7.0__py3-none-any.whl

codeshift/__init__.py

@@ -4,5 +4,5 @@ Codeshift - AI-powered CLI tool for migrating Python code to handle breaking dep
 Don't just flag the update. Fix the break.
 """
 
-__version__ = "0.2.0"
+__version__ = "0.7.0"
 __author__ = "Codeshift Team"

codeshift/cli/commands/auth.py

@@ -1,11 +1,10 @@
 """Authentication commands for Codeshift CLI."""
 
-import json
 import os
 import time
 import webbrowser
 from pathlib import Path
-from typing import Any, cast
+from typing import Any
 
 import click
 import httpx
@@ -15,11 +14,16 @@ from rich.progress import Progress, SpinnerColumn, TextColumn
 from rich.prompt import Confirm, Prompt
 from rich.table import Table
 
+from codeshift.utils.credential_store import (
+    CredentialDecryptionError,
+    get_credential_store,
+)
+
 console = Console()
 
-# Config directory for storing credentials
+# Config directory for storing credentials (kept for backward compatibility reference)
 CONFIG_DIR = Path.home() / ".config" / "codeshift"
-CREDENTIALS_FILE = CONFIG_DIR / "credentials.json"
+CREDENTIALS_FILE = CONFIG_DIR / "credentials.json"  # Legacy path
 
 
 def get_api_url() -> str:
@@ -28,28 +32,38 @@ def get_api_url() -> str:
 
 
 def load_credentials() -> dict[str, Any] | None:
-    """Load saved credentials from disk."""
-    if not CREDENTIALS_FILE.exists():
-        return None
+    """Load saved credentials from secure storage.
+
+    Automatically handles migration from plaintext to encrypted storage.
+
+    Returns:
+        Dictionary of credentials, or None if not found.
+    """
+    store = get_credential_store()
     try:
-        return cast(dict[str, Any], json.loads(CREDENTIALS_FILE.read_text()))
-    except (OSError, json.JSONDecodeError):
+        return store.load()
+    except CredentialDecryptionError as e:
+        console.print(
+            Panel(
+                f"[red]Could not decrypt credentials:[/] {e}\n\n"
+                "This may happen if credentials were created on a different machine.\n"
+                "Please run [cyan]codeshift login[/] to re-authenticate.",
+                title="Credential Error",
+            )
+        )
         return None
 
 
 def save_credentials(credentials: dict) -> None:
-    """Save credentials to disk."""
-    CONFIG_DIR.mkdir(parents=True, exist_ok=True)
-
-    # Set restrictive permissions
-    CREDENTIALS_FILE.write_text(json.dumps(credentials, indent=2))
-    os.chmod(CREDENTIALS_FILE, 0o600)
+    """Save credentials to secure encrypted storage."""
+    store = get_credential_store()
+    store.save(credentials)
 
 
 def delete_credentials() -> None:
-    """Delete saved credentials."""
-    if CREDENTIALS_FILE.exists():
-        CREDENTIALS_FILE.unlink()
+    """Delete saved credentials securely."""
+    store = get_credential_store()
+    store.delete()
 
 
 def get_api_key() -> str | None:
@@ -107,7 +121,8 @@ def login(
     2. API key: codeshift login -k pyr_xxxxx
     3. Device flow: codeshift login --device
 
-    Your credentials are stored in ~/.config/codeshift/credentials.json
+    Your credentials are stored securely in ~/.config/codeshift/credentials.enc
+    using AES encryption.
 
     Don't have an account? Run: codeshift register
     """
@@ -154,7 +169,8 @@ def register(
     Example:
       codeshift register -e user@example.com -p yourpassword
 
-    Your credentials are stored in ~/.config/codeshift/credentials.json
+    Your credentials are stored securely in ~/.config/codeshift/credentials.enc
+    using AES encryption.
     """
     # Check if already logged in
     existing = load_credentials()
@@ -211,7 +227,7 @@ def _register_account(email: str, password: str, full_name: str | None) -> None:
             if response.status_code == 200:
                 data = response.json()
 
-                # Save credentials
+                # Save credentials securely
                 save_credentials(
                     {
                         "api_key": data["api_key"],
@@ -275,7 +291,7 @@ def _login_with_api_key(api_key: str) -> None:
             if response.status_code == 200:
                 user = response.json()
 
-                # Save credentials
+                # Save credentials securely
                 save_credentials(
                     {
                         "api_key": api_key,
@@ -327,7 +343,7 @@ def _login_with_password(email: str, password: str) -> None:
             if response.status_code == 200:
                 data = response.json()
 
-                # Save credentials
+                # Save credentials securely
                 save_credentials(
                     {
                         "api_key": data["api_key"],
@@ -422,7 +438,7 @@ def _login_with_device_code() -> None:
                     if response.status_code == 200:
                         data = response.json()
 
-                        # Save credentials
+                        # Save credentials securely
                         save_credentials(
                             {
                                 "api_key": data["api_key"],
@@ -487,7 +503,7 @@ def logout() -> None:
         except httpx.RequestError:
             pass
 
-    # Delete local credentials
+    # Delete local credentials securely
     delete_credentials()
 
     console.print("[green]Successfully logged out[/]")

codeshift/cli/commands/health.py

@@ -0,0 +1,244 @@
+"""CLI command for codebase health scoring."""
+
+import sys
+from pathlib import Path
+
+import click
+from rich.console import Console
+from rich.panel import Panel
+from rich.table import Table
+
+from codeshift.health.calculator import HealthCalculator
+from codeshift.health.models import HealthGrade, HealthScore, MetricCategory
+from codeshift.health.report import generate_json_report, save_html_report, save_json_report
+
+console = Console()
+
+
+@click.command()
+@click.option(
+    "--path",
+    "-p",
+    type=click.Path(exists=True, file_okay=False, dir_okay=True),
+    default=".",
+    help="Path to the project (default: current directory)",
+)
+@click.option(
+    "--report",
+    "-r",
+    type=click.Choice(["json", "html"]),
+    help="Generate a detailed report in the specified format",
+)
+@click.option(
+    "--output",
+    "-o",
+    type=click.Path(),
+    help="Output file path for the report (default: health_report.<format>)",
+)
+@click.option(
+    "--ci",
+    is_flag=True,
+    help="CI mode: exit with non-zero status if score is below threshold",
+)
+@click.option(
+    "--threshold",
+    type=int,
+    default=70,
+    help="Minimum score for CI mode (default: 70)",
+)
+@click.option(
+    "--verbose",
+    "-v",
+    is_flag=True,
+    help="Show detailed output including all dependencies",
+)
+def health(
+    path: str,
+    report: str | None,
+    output: str | None,
+    ci: bool,
+    threshold: int,
+    verbose: bool,
+) -> None:
+    """Analyze codebase health and generate a score.
+
+    Evaluates your project across five dimensions:
+    - Dependency Freshness (30%): How up-to-date are your dependencies?
+    - Security (25%): Known vulnerabilities in dependencies
+    - Migration Readiness (20%): Tier 1/2 support coverage
+    - Test Coverage (15%): Percentage of code covered by tests
+    - Documentation (10%): Type hints and docstrings
+
+    \b
+    Examples:
+        codeshift health                     # Show health summary
+        codeshift health --report html       # Generate HTML report
+        codeshift health --report json -o report.json
+        codeshift health --ci --threshold 70 # CI mode
+
+    """
+    project_path = Path(path).resolve()
+
+    with console.status("[bold blue]Analyzing codebase health..."):
+        calculator = HealthCalculator()
+        score = calculator.calculate(project_path)
+
+    # Handle report generation
+    if report:
+        output_path = Path(output) if output else Path(f"health_report.{report}")
+
+        if report == "json":
+            save_json_report(score, output_path)
+            console.print(f"[green]JSON report saved to:[/] {output_path}")
+        elif report == "html":
+            save_html_report(score, output_path)
+            console.print(f"[green]HTML report saved to:[/] {output_path}")
+
+        # In CI mode with report, also output JSON to stdout
+        if ci:
+            console.print(generate_json_report(score))
+    else:
+        # Display rich table output
+        _display_health_summary(score, verbose)
+
+    # CI mode exit code handling
+    if ci:
+        if score.overall_score < threshold:
+            console.print(
+                f"\n[red]CI Check Failed:[/] Score {score.overall_score:.1f} is below threshold {threshold}"
+            )
+            sys.exit(1)
+        else:
+            console.print(
+                f"\n[green]CI Check Passed:[/] Score {score.overall_score:.1f} meets threshold {threshold}"
+            )
+            sys.exit(0)
+
+
+def _display_health_summary(score: HealthScore, verbose: bool) -> None:
+    """Display the health score summary in the terminal.
+
+    Args:
+        score: HealthScore object
+        verbose: Whether to show detailed output
+    """
+    # Grade panel
+    grade_style = _get_grade_style(score.grade)
+    console.print(
+        Panel(
+            f"[{grade_style}]Grade {score.grade.value}[/] - {score.overall_score:.1f}/100",
+            title="[bold]Codebase Health Score[/]",
+            subtitle=str(score.project_path),
+        )
+    )
+
+    # Metrics table
+    table = Table(title="Metrics Breakdown", show_header=True)
+    table.add_column("Category", style="cyan")
+    table.add_column("Score", justify="right")
+    table.add_column("Weight", justify="right", style="dim")
+    table.add_column("Details")
+
+    # Sort by score (lowest first) to highlight problem areas
+    sorted_metrics = sorted(score.metrics, key=lambda m: m.score)
+
+    for metric in sorted_metrics:
+        score_style = _get_score_style(metric.score)
+        weight_pct = f"{metric.weight * 100:.0f}%"
+        table.add_row(
+            _format_category(metric.category),
+            f"[{score_style}]{metric.score:.1f}[/]",
+            weight_pct,
+            metric.description,
+        )
+
+    console.print(table)
+
+    # Recommendations
+    if score.top_recommendations:
+        console.print("\n[bold]Top Recommendations:[/]")
+        for i, rec in enumerate(score.top_recommendations, 1):
+            console.print(f"  {i}. {rec}")
+
+    # Verbose: show dependencies
+    if verbose and score.dependencies:
+        console.print()
+        deps_table = Table(title="Dependencies", show_header=True)
+        deps_table.add_column("Package", style="cyan")
+        deps_table.add_column("Current")
+        deps_table.add_column("Latest")
+        deps_table.add_column("Status")
+        deps_table.add_column("Migration")
+        deps_table.add_column("Vulns", justify="right")
+
+        for dep in score.dependencies:
+            status = "[green]✓[/]" if not dep.is_outdated else "[yellow]↑[/]"
+            tier = (
+                "[green]Tier 1[/]"
+                if dep.has_tier1_support
+                else ("[cyan]Tier 2[/]" if dep.has_tier2_support else "[dim]-[/]")
+            )
+            vuln_count = len(dep.vulnerabilities)
+            vuln_style = "green" if vuln_count == 0 else "red"
+
+            deps_table.add_row(
+                dep.name,
+                dep.current_version or "?",
+                dep.latest_version or "?",
+                status,
+                tier,
+                f"[{vuln_style}]{vuln_count}[/]",
+            )
+
+        console.print(deps_table)
+
+    # Show vulnerabilities summary if any
+    if score.vulnerabilities:
+        console.print()
+        console.print(
+            f"[bold red]Security Alert:[/] {len(score.vulnerabilities)} vulnerabilities found"
+        )
+        for vuln in score.vulnerabilities[:3]:
+            console.print(
+                f"  - [{vuln.severity.value.upper()}] {vuln.package}: {vuln.vulnerability_id}"
+            )
+        if len(score.vulnerabilities) > 3:
+            console.print(f"  ... and {len(score.vulnerabilities) - 3} more")
+
+
+def _get_grade_style(grade: HealthGrade) -> str:
+    """Get Rich style for a grade."""
+    styles = {
+        HealthGrade.A: "bold green",
+        HealthGrade.B: "bold cyan",
+        HealthGrade.C: "bold yellow",
+        HealthGrade.D: "bold orange1",
+        HealthGrade.F: "bold red",
+    }
+    return styles.get(grade, "white")
+
+
+def _get_score_style(score: float) -> str:
+    """Get Rich style for a numeric score."""
+    if score >= 90:
+        return "green"
+    elif score >= 80:
+        return "cyan"
+    elif score >= 70:
+        return "yellow"
+    elif score >= 60:
+        return "orange1"
+    else:
+        return "red"
+
+
+def _format_category(category: MetricCategory) -> str:
+    """Format category for display."""
+    names = {
+        MetricCategory.FRESHNESS: "Freshness",
+        MetricCategory.SECURITY: "Security",
+        MetricCategory.MIGRATION_READINESS: "Migration Ready",
+        MetricCategory.TEST_COVERAGE: "Test Coverage",
+        MetricCategory.DOCUMENTATION: "Documentation",
+    }
+    return names.get(category, category.value)

codeshift/cli/commands/upgrade.py

@@ -18,12 +18,8 @@ from codeshift.knowledge import (
     is_tier_1_library,
 )
 from codeshift.knowledge_base import KnowledgeBaseLoader
-from codeshift.migrator.ast_transforms import TransformChange, TransformResult, TransformStatus
-from codeshift.migrator.transforms.fastapi_transformer import transform_fastapi
-from codeshift.migrator.transforms.pandas_transformer import transform_pandas
-from codeshift.migrator.transforms.pydantic_v1_to_v2 import transform_pydantic_v1_to_v2
-from codeshift.migrator.transforms.requests_transformer import transform_requests
-from codeshift.migrator.transforms.sqlalchemy_transformer import transform_sqlalchemy
+from codeshift.knowledge_base.models import LibraryKnowledge
+from codeshift.migrator.ast_transforms import TransformResult, TransformStatus
 from codeshift.scanner import CodeScanner, DependencyParser
 from codeshift.utils.config import ProjectConfig
 
@@ -81,6 +77,11 @@ def save_state(project_path: Path, state: dict) -> None:
     is_flag=True,
     help="Show detailed output",
 )
+@click.option(
+    "--force-llm",
+    is_flag=True,
+    help="Force LLM migration even for libraries with AST transforms",
+)
 def upgrade(
     library: str,
     target: str,
@@ -88,6 +89,7 @@ def upgrade(
     file: str | None,
     dry_run: bool,
     verbose: bool,
+    force_llm: bool,
 ) -> None:
     """Analyze your codebase and propose changes for a library upgrade.
 
@@ -100,34 +102,44 @@ def upgrade(
     project_path = Path(path).resolve()
     project_config = ProjectConfig.from_pyproject(project_path)
 
-    # Check quota before starting (allow offline for Tier 1 libraries)
+    # Check quota before starting (allow offline for Tier 1 libraries unless force-llm)
     is_tier1 = is_tier_1_library(library)
     try:
-        check_quota("file_migrated", quantity=1, allow_offline=is_tier1)
+        check_quota("file_migrated", quantity=1, allow_offline=is_tier1 and not force_llm)
     except QuotaError as e:
         show_quota_exceeded_message(e)
         raise SystemExit(1) from e
 
-    # Load knowledge base
+    # Load knowledge base (optional - YAML may not exist for all libraries)
     loader = KnowledgeBaseLoader()
+    knowledge: LibraryKnowledge | None = None
 
     try:
         knowledge = loader.load(library)
-    except FileNotFoundError as e:
-        console.print(f"[red]Error:[/] {e}")
-        console.print(f"\nSupported libraries: {', '.join(loader.get_supported_libraries())}")
-        raise SystemExit(1) from e
+    except FileNotFoundError:
+        if verbose:
+            console.print(
+                f"[dim]No knowledge base YAML for {library} - using generated knowledge[/]"
+            )
 
-    # Check if migration is supported
-    # For now, we'll allow any version since we're doing a general migration
-    console.print(
-        Panel(
-            f"[bold]Upgrading {knowledge.display_name}[/] to version [cyan]{target}[/]\n\n"
-            f"{knowledge.description}\n"
-            f"Migration guide: {knowledge.migration_guide_url or 'N/A'}",
-            title="Codeshift Migration",
+    # Display migration info with fallback for missing YAML
+    if knowledge:
+        console.print(
+            Panel(
+                f"[bold]Upgrading {knowledge.display_name}[/] to version [cyan]{target}[/]\n\n"
+                f"{knowledge.description}\n"
+                f"Migration guide: {knowledge.migration_guide_url or 'N/A'}",
+                title="Codeshift Migration",
+            )
+        )
+    else:
+        console.print(
+            Panel(
+                f"[bold]Upgrading {library}[/] to version [cyan]{target}[/]\n\n"
+                "Using AI-powered migration (no static knowledge base available)",
+                title="Codeshift Migration",
+            )
         )
-    )
 
     # Step 1: Parse dependencies
     with Progress(
@@ -271,7 +283,25 @@ def upgrade(
         console.print(f"\n[yellow]No {library} imports found in the codebase.[/]")
         return
 
-    # Step 4: Apply transforms
+    # Step 4: Apply transforms using MigrationEngine
+    # Import here to avoid circular dependency (upgrade.py -> migrator -> llm_migrator -> api_client -> auth -> cli -> upgrade.py)
+    from codeshift.migrator import get_migration_engine
+
+    engine = get_migration_engine()
+
+    # Check auth for non-Tier1 libraries or force-llm mode
+    llm_required = force_llm or not is_tier1
+    if llm_required and not engine.llm_migrator.is_available:
+        console.print(
+            Panel(
+                f"[yellow]LLM migration required for {library}[/]\n\n"
+                "Run [cyan]codeshift login[/] and upgrade to Pro tier for LLM features.",
+                title="Authentication Required",
+            )
+        )
+        if not is_tier1:
+            raise SystemExit(1)
+
     with Progress(
         SpinnerColumn(),
         TextColumn("[progress.description]{task.description}"),
@@ -286,45 +316,28 @@ def upgrade(
 
         results: list[TransformResult] = []
 
+        def migration_progress(msg: str) -> None:
+            progress.update(task, description=msg)
+
         for file_path in files_to_transform:
             try:
                 source_code = file_path.read_text()
 
-                # Select transformer based on library
-                transform_func = {
-                    "pydantic": transform_pydantic_v1_to_v2,
-                    "fastapi": transform_fastapi,
-                    "sqlalchemy": transform_sqlalchemy,
-                    "pandas": transform_pandas,
-                    "requests": transform_requests,
-                }.get(library)
-
-                if transform_func:
-                    transformed_code, changes = transform_func(source_code)
-                    # Create TransformResult from the function output
-                    result = TransformResult(
-                        file_path=file_path,
-                        status=TransformStatus.SUCCESS if changes else TransformStatus.NO_CHANGES,
-                        original_code=source_code,
-                        transformed_code=transformed_code,
-                        changes=[
-                            TransformChange(
-                                description=c.description,
-                                line_number=c.line_number,
-                                original=c.original,
-                                replacement=c.replacement,
-                                transform_name=c.transform_name,
-                                confidence=getattr(c, "confidence", 1.0),
-                            )
-                            for c in changes
-                        ],
-                    )
-                else:
-                    console.print(f"[yellow]Warning:[/] No transformer available for {library}")
-                    continue
+                result = engine.run_migration(
+                    code=source_code,
+                    file_path=file_path,
+                    library=library,
+                    old_version=current_version or "1.0",
+                    new_version=target,
+                    knowledge_base=generated_kb,
+                    progress_callback=migration_progress if verbose else None,
+                )
 
                 if result.has_changes:
                     results.append(result)
+                elif result.errors:
+                    for error in result.errors:
+                        console.print(f"[yellow]Warning ({file_path.name}):[/] {error}")
 
             except Exception as e:
                 console.print(f"[red]Error processing {file_path}:[/] {e}")

codeshift/cli/main.py

@@ -15,6 +15,7 @@ from codeshift.cli.commands.auth import (
     whoami,
 )
 from codeshift.cli.commands.diff import diff
+from codeshift.cli.commands.health import health
 from codeshift.cli.commands.scan import scan
 from codeshift.cli.commands.upgrade import upgrade
 from codeshift.cli.commands.upgrade_all import upgrade_all
@@ -46,6 +47,7 @@ cli.add_command(upgrade)
 cli.add_command(upgrade_all)
 cli.add_command(diff)
 cli.add_command(apply)
+cli.add_command(health)
 
 # Auth commands
 cli.add_command(register)

codeshift/health/__init__.py

@@ -0,0 +1,50 @@
+"""Codebase health scoring module.
+
+This module provides health scoring capabilities for Python projects,
+analyzing dependency freshness, security, migration readiness, test
+coverage, and documentation quality.
+
+Example:
+    >>> from codeshift.health import HealthCalculator
+    >>> calculator = HealthCalculator()
+    >>> score = calculator.calculate(Path("."))
+    >>> print(score.summary)
+    🟢 Grade A (92.5/100)
+"""
+
+from codeshift.health.calculator import HealthCalculator
+from codeshift.health.models import (
+    DependencyHealth,
+    HealthGrade,
+    HealthReport,
+    HealthScore,
+    MetricCategory,
+    MetricResult,
+    SecurityVulnerability,
+    VulnerabilitySeverity,
+)
+from codeshift.health.report import (
+    generate_html_report,
+    generate_json_report,
+    save_html_report,
+    save_json_report,
+)
+
+__all__ = [
+    # Main calculator
+    "HealthCalculator",
+    # Models
+    "DependencyHealth",
+    "HealthGrade",
+    "HealthReport",
+    "HealthScore",
+    "MetricCategory",
+    "MetricResult",
+    "SecurityVulnerability",
+    "VulnerabilitySeverity",
+    # Report functions
+    "generate_html_report",
+    "generate_json_report",
+    "save_html_report",
+    "save_json_report",
+]