codexray-analyser 0.1.0__py3-none-any.whl

codexray/__init__.py

@@ -0,0 +1,15 @@
+"""Public package API for codexray."""
+
+from .analyser import analyse_file_snippet, analyse_path, analyse_snippet
+from .config import AnalyserConfig
+from .models import AnalysisResult, Finding, GraphData
+
+__all__ = [
+    "AnalyserConfig",
+    "AnalysisResult",
+    "Finding",
+    "GraphData",
+    "analyse_path",
+    "analyse_snippet",
+    "analyse_file_snippet",
+]

codexray/analyser.py

@@ -0,0 +1,125 @@
+from __future__ import annotations
+
+from pathlib import Path
+
+from .config import AnalyserConfig
+from .graph import build_graph, merge_graphs
+from .limits import AnalyserLimitError
+from .models import AnalysisResult, Finding
+from .parsers import (
+    discover_input_files,
+    parse_notebook,
+    parse_python_source,
+    parse_requirements_text,
+    read_file_text,
+    select_line_range,
+)
+from .rules import RuleContext, run_requirements_rules, run_rules
+
+
+def analyse_path(path: str | Path, config: AnalyserConfig | None = None) -> AnalysisResult:
+    cfg = config or AnalyserConfig()
+    root = Path(path)
+    if not root.exists():
+        raise FileNotFoundError(f"Path does not exist: {root}")
+
+    if root.is_file():
+        files = [root]
+    else:
+        files = list(discover_input_files(root))
+
+    all_findings = []
+    graphs = []
+
+    for file_path in files:
+        suffix = file_path.suffix.lower()
+        if _is_requirements_file(file_path):
+            try:
+                source = read_file_text(file_path, cfg)
+                requirements = parse_requirements_text(source)
+                all_findings.extend(run_requirements_rules(requirements, file_path))
+            except (ValueError, OSError) as exc:
+                all_findings.append(_parsing_finding(file_path, str(exc)))
+            continue
+
+        if suffix not in {".py", ".ipynb"}:
+            continue
+
+        try:
+            source = _load_source(file_path, cfg)
+            tree = parse_python_source(source, cfg)
+            all_findings.extend(
+                run_rules(RuleContext(file_path=file_path, source=source, tree=tree))
+            )
+            graphs.append(build_graph(file_path, tree))
+        except (AnalyserLimitError, SyntaxError, OSError, ValueError) as exc:
+            all_findings.append(_parsing_finding(file_path, str(exc)))
+
+    return AnalysisResult(
+        findings=sorted(
+            all_findings, key=lambda item: (item.file_path, item.rule_id, item.line or 0)
+        ),
+        graph=merge_graphs(graphs),
+        metadata={
+            "analysed_path": str(root),
+            "offline_mode": not cfg.allow_network,
+            "files_analysed": len(files),
+        },
+    )
+
+
+def analyse_snippet(
+    source: str,
+    file_path: str = "snippet.py",
+    config: AnalyserConfig | None = None,
+) -> AnalysisResult:
+    cfg = config or AnalyserConfig()
+    tree = parse_python_source(source, cfg)
+    path = Path(file_path)
+    findings = run_rules(RuleContext(file_path=path, source=source, tree=tree))
+    graph = build_graph(path, tree)
+    return AnalysisResult(
+        findings=findings,
+        graph=graph,
+        metadata={"snippet": True, "offline_mode": not cfg.allow_network},
+    )
+
+
+def analyse_file_snippet(
+    path: str | Path,
+    start_line: int,
+    end_line: int,
+    config: AnalyserConfig | None = None,
+) -> AnalysisResult:
+    cfg = config or AnalyserConfig()
+    target = Path(path)
+    source = read_file_text(target, cfg)
+    snippet = select_line_range(source, start_line, end_line)
+    return analyse_snippet(snippet, file_path=str(target), config=cfg)
+
+
+def _load_source(path: Path, config: AnalyserConfig) -> str:
+    if path.suffix.lower() == ".ipynb":
+        return parse_notebook(path, config)
+    if path.suffix.lower() == ".py":
+        return read_file_text(path, config)
+    raise ValueError(f"Unsupported source type: {path.suffix}")
+
+
+def _is_requirements_file(path: Path) -> bool:
+    lower_name = path.name.lower()
+    return lower_name.startswith("requirements") and path.suffix.lower() in {
+        ".txt",
+        ".in",
+        ".cfg",
+    }
+
+
+def _parsing_finding(path: Path, error_message: str) -> Finding:
+    return Finding(
+        rule_id="PARSE001",
+        title="File parsing failed",
+        severity="medium",
+        message=error_message,
+        file_path=str(path),
+    )

codexray/cli.py

@@ -0,0 +1,71 @@
+from __future__ import annotations
+
+import argparse
+import json
+from dataclasses import asdict
+from pathlib import Path
+
+from .analyser import analyse_file_snippet, analyse_path, analyse_snippet
+from .config import AnalyserConfig
+
+
+def main() -> int:
+    parser = argparse.ArgumentParser(
+        prog="codexray",
+        description="Offline-first static analysis for Python files and notebooks.",
+    )
+    parser.add_argument(
+        "target", nargs="?", help="Path to file or directory to analyse"
+    )
+    parser.add_argument("--snippet", help="Inline Python snippet to analyse")
+    parser.add_argument(
+        "--start-line", type=int, help="Start line for target file snippet analysis"
+    )
+    parser.add_argument(
+        "--end-line", type=int, help="End line for target file snippet analysis"
+    )
+    parser.add_argument("--output", help="Write JSON result to this path")
+    parser.add_argument(
+        "--allow-network", action="store_true", help="Enable network-dependent features"
+    )
+    parser.add_argument("--max-file-bytes", type=int, default=2 * 1024 * 1024)
+    parser.add_argument("--max-snippet-chars", type=int, default=50_000)
+
+    args = parser.parse_args()
+
+    if not args.target and not args.snippet:
+        parser.error("Provide a target path or use --snippet")
+
+    config = AnalyserConfig(
+        allow_network=args.allow_network,
+        max_file_size_bytes=args.max_file_bytes,
+        max_snippet_chars=args.max_snippet_chars,
+    )
+
+    if args.snippet:
+        result = analyse_snippet(args.snippet, config=config)
+    elif args.start_line is not None and args.end_line is not None:
+        if not args.target:
+            parser.error("Line-range analysis requires a file target")
+        result = analyse_file_snippet(
+            Path(args.target),
+            start_line=args.start_line,
+            end_line=args.end_line,
+            config=config,
+        )
+    else:
+        result = analyse_path(Path(args.target), config=config)
+
+    payload = asdict(result)
+    rendered = json.dumps(payload, indent=2)
+
+    if args.output:
+        Path(args.output).write_text(rendered, encoding="utf-8")
+    else:
+        print(rendered)
+
+    return 0
+
+
+if __name__ == "__main__":
+    raise SystemExit(main())

codexray/config.py

@@ -0,0 +1,13 @@
+from dataclasses import dataclass
+
+
+@dataclass(slots=True)
+class AnalyserConfig:
+    """Runtime safety controls and feature flags."""
+
+    allow_network: bool = False
+    max_file_size_bytes: int = 2 * 1024 * 1024
+    max_notebook_cells: int = 500
+    max_notebook_json_bytes: int = 5 * 1024 * 1024
+    max_ast_nodes: int = 200_000
+    max_snippet_chars: int = 50_000

codexray/graph.py

@@ -0,0 +1,101 @@
+from __future__ import annotations
+
+import ast
+from pathlib import Path
+
+from .models import GraphData, GraphEdge, GraphNode
+
+
+def build_graph(file_path: Path, tree: ast.AST) -> GraphData:
+    graph = GraphData()
+    file_node = _file_node_id(file_path)
+    graph.nodes.append(GraphNode(node_id=file_node, kind="file", label=str(file_path)))
+
+    import_nodes: set[str] = set()
+    function_nodes: set[str] = set()
+
+    call_targets: set[str] = set()
+
+    for node in ast.walk(tree):
+        if isinstance(node, ast.Import):
+            for alias in node.names:
+                module = alias.name
+                import_id = f"import:{module}"
+                if import_id not in import_nodes:
+                    graph.nodes.append(GraphNode(node_id=import_id, kind="import", label=module))
+                    import_nodes.add(import_id)
+                graph.edges.append(
+                    GraphEdge(source=file_node, target=import_id, relation="imports")
+                )
+
+        if isinstance(node, ast.ImportFrom) and node.module:
+            module = node.module
+            import_id = f"import:{module}"
+            if import_id not in import_nodes:
+                graph.nodes.append(GraphNode(node_id=import_id, kind="import", label=module))
+                import_nodes.add(import_id)
+            graph.edges.append(
+                GraphEdge(source=file_node, target=import_id, relation="imports")
+            )
+
+        if isinstance(node, ast.FunctionDef):
+            fn_id = f"function:{file_path}:{node.name}"
+            if fn_id not in function_nodes:
+                graph.nodes.append(GraphNode(node_id=fn_id, kind="function", label=node.name))
+                function_nodes.add(fn_id)
+            graph.edges.append(GraphEdge(source=file_node, target=fn_id, relation="contains"))
+
+            for child in ast.walk(node):
+                if not isinstance(child, ast.Call):
+                    continue
+                callee = _get_call_name(child)
+                if not callee:
+                    continue
+                call_id = f"import:{callee}"
+                if call_id not in call_targets:
+                    graph.nodes.append(GraphNode(node_id=call_id, kind="import", label=callee))
+                    call_targets.add(call_id)
+                graph.edges.append(GraphEdge(source=fn_id, target=call_id, relation="calls"))
+
+    return graph
+
+
+def merge_graphs(graphs: list[GraphData]) -> GraphData:
+    merged = GraphData()
+    seen_nodes: set[str] = set()
+    seen_edges: set[tuple[str, str, str]] = set()
+
+    for graph in graphs:
+        for node in graph.nodes:
+            if node.node_id in seen_nodes:
+                continue
+            merged.nodes.append(node)
+            seen_nodes.add(node.node_id)
+
+        for edge in graph.edges:
+            key = (edge.source, edge.target, edge.relation)
+            if key in seen_edges:
+                continue
+            merged.edges.append(edge)
+            seen_edges.add(key)
+
+    return merged
+
+
+def _file_node_id(path: Path) -> str:
+    return f"file:{path}"
+
+
+def _get_call_name(node: ast.Call) -> str:
+    if isinstance(node.func, ast.Name):
+        return node.func.id
+    if isinstance(node.func, ast.Attribute):
+        segments: list[str] = []
+        current: ast.AST = node.func
+        while isinstance(current, ast.Attribute):
+            segments.append(current.attr)
+            current = current.value
+        if isinstance(current, ast.Name):
+            segments.append(current.id)
+            return ".".join(reversed(segments))
+    return ""

codexray/limits.py

@@ -0,0 +1,25 @@
+from __future__ import annotations
+
+import ast
+
+from .config import AnalyserConfig
+
+
+class AnalyserLimitError(ValueError):
+    """Raised when user input exceeds configured safety limits."""
+
+
+def enforce_text_limit(text: str, max_chars: int, context: str) -> None:
+    if len(text) > max_chars:
+        raise AnalyserLimitError(f"{context} exceeds {max_chars} characters")
+
+
+def enforce_bytes_limit(size_bytes: int, max_bytes: int, context: str) -> None:
+    if size_bytes > max_bytes:
+        raise AnalyserLimitError(f"{context} exceeds {max_bytes} bytes")
+
+
+def enforce_ast_limit(tree: ast.AST, config: AnalyserConfig) -> None:
+    node_count = sum(1 for _ in ast.walk(tree))
+    if node_count > config.max_ast_nodes:
+        raise AnalyserLimitError(f"AST exceeds configured node limit ({config.max_ast_nodes})")

codexray/models.py

@@ -0,0 +1,42 @@
+from dataclasses import dataclass, field
+from typing import Literal
+
+Severity = Literal["low", "medium", "high", "critical"]
+
+
+@dataclass(slots=True)
+class Finding:
+    rule_id: str
+    title: str
+    severity: Severity
+    message: str
+    file_path: str
+    line: int | None = None
+    column: int | None = None
+
+
+@dataclass(slots=True)
+class GraphNode:
+    node_id: str
+    kind: Literal["file", "import", "function"]
+    label: str
+
+
+@dataclass(slots=True)
+class GraphEdge:
+    source: str
+    target: str
+    relation: Literal["imports", "calls", "contains"]
+
+
+@dataclass(slots=True)
+class GraphData:
+    nodes: list[GraphNode] = field(default_factory=list)
+    edges: list[GraphEdge] = field(default_factory=list)
+
+
+@dataclass(slots=True)
+class AnalysisResult:
+    findings: list[Finding] = field(default_factory=list)
+    graph: GraphData = field(default_factory=GraphData)
+    metadata: dict[str, str | int | bool] = field(default_factory=dict)

codexray/offline.py

@@ -0,0 +1,12 @@
+from .config import AnalyserConfig
+
+
+class NetworkAccessError(RuntimeError):
+    """Raised when a network-required feature is requested in offline mode."""
+
+
+def require_network(config: AnalyserConfig) -> None:
+    if not config.allow_network:
+        raise NetworkAccessError(
+            "Network features are disabled. Set allow_network=True to enable outbound calls."
+        )

codexray/parsers.py

@@ -0,0 +1,94 @@
+from __future__ import annotations
+
+import ast
+import json
+from collections.abc import Iterable
+from pathlib import Path
+
+from .config import AnalyserConfig
+from .limits import (
+    AnalyserLimitError,
+    enforce_ast_limit,
+    enforce_bytes_limit,
+    enforce_text_limit,
+)
+
+SUPPORTED_SUFFIXES = {".py", ".ipynb", ".txt", ".in", ".cfg"}
+
+
+def read_file_text(path: Path, config: AnalyserConfig) -> str:
+    size = path.stat().st_size
+    enforce_bytes_limit(size, config.max_file_size_bytes, f"File {path}")
+    return path.read_text(encoding="utf-8", errors="strict")
+
+
+def parse_python_source(source: str, config: AnalyserConfig) -> ast.AST:
+    enforce_text_limit(source, config.max_snippet_chars, "Python source")
+    tree = ast.parse(source)
+    enforce_ast_limit(tree, config)
+    return tree
+
+
+def parse_notebook(path: Path, config: AnalyserConfig) -> str:
+    size = path.stat().st_size
+    enforce_bytes_limit(size, config.max_notebook_json_bytes, f"Notebook {path}")
+    raw = path.read_text(encoding="utf-8")
+    try:
+        notebook = json.loads(raw)
+    except json.JSONDecodeError as exc:
+        raise AnalyserLimitError(f"Notebook JSON is invalid: {exc}") from exc
+    cells = notebook.get("cells", [])
+    if not isinstance(cells, list):
+        raise AnalyserLimitError("Notebook cells payload is invalid")
+    if len(cells) > config.max_notebook_cells:
+        raise AnalyserLimitError(
+            f"Notebook has {len(cells)} cells, over max {config.max_notebook_cells}"
+        )
+
+    lines: list[str] = []
+    for cell in cells:
+        if cell.get("cell_type") != "code":
+            continue
+        source = cell.get("source", [])
+        if isinstance(source, list):
+            joined = "".join(str(part) for part in source)
+        else:
+            joined = str(source)
+        if joined.strip():
+            lines.append(joined)
+    source = "\n\n".join(lines)
+    enforce_text_limit(source, config.max_snippet_chars, "Notebook extracted code")
+    return source
+
+
+def parse_requirements_text(text: str) -> list[str]:
+    dependencies: list[str] = []
+    for raw_line in text.splitlines():
+        line = raw_line.strip()
+        if not line or line.startswith("#"):
+            continue
+        if line.startswith("--"):
+            continue
+        dependencies.append(line)
+    return dependencies
+
+
+def select_line_range(source: str, start_line: int, end_line: int) -> str:
+    if start_line < 1 or end_line < start_line:
+        raise ValueError("Invalid line range")
+    lines = source.splitlines()
+    if end_line > len(lines):
+        raise ValueError("Requested line range exceeds file length")
+    return "\n".join(lines[start_line - 1 : end_line])
+
+
+def discover_input_files(root: Path) -> Iterable[Path]:
+    for path in root.rglob("*"):
+        if not path.is_file():
+            continue
+        if any(part.startswith(".") for part in path.parts):
+            continue
+        if any(part in {"venv", ".venv", "__pycache__", "node_modules"} for part in path.parts):
+            continue
+        if path.suffix.lower() in SUPPORTED_SUFFIXES:
+            yield path

codexray/rules.py

@@ -0,0 +1,127 @@
+from __future__ import annotations
+
+import ast
+from dataclasses import dataclass
+from pathlib import Path
+
+from .models import Finding
+
+
+@dataclass(slots=True)
+class RuleContext:
+    file_path: Path
+    source: str
+    tree: ast.AST
+
+
+class _ShellCallVisitor(ast.NodeVisitor):
+    def __init__(self) -> None:
+        self.hits: list[tuple[int, int]] = []
+
+    def visit_Call(self, node: ast.Call) -> None:
+        func_name = _get_call_name(node)
+        if func_name in {"os.system", "subprocess.call", "subprocess.run", "subprocess.Popen"}:
+            self.hits.append((node.lineno, node.col_offset))
+        self.generic_visit(node)
+
+
+class _DangerousBuiltinsVisitor(ast.NodeVisitor):
+    def __init__(self) -> None:
+        self.hits: list[tuple[str, int, int]] = []
+
+    def visit_Call(self, node: ast.Call) -> None:
+        func_name = _get_call_name(node)
+        if func_name in {"eval", "exec"}:
+            self.hits.append((func_name, node.lineno, node.col_offset))
+        self.generic_visit(node)
+
+
+def _get_call_name(node: ast.Call) -> str:
+    func = node.func
+    if isinstance(func, ast.Name):
+        return func.id
+    if isinstance(func, ast.Attribute):
+        parts: list[str] = []
+        current: ast.AST = func
+        while isinstance(current, ast.Attribute):
+            parts.append(current.attr)
+            current = current.value
+        if isinstance(current, ast.Name):
+            parts.append(current.id)
+            return ".".join(reversed(parts))
+    return ""
+
+
+def run_rules(ctx: RuleContext) -> list[Finding]:
+    findings: list[Finding] = []
+
+    shell_visitor = _ShellCallVisitor()
+    shell_visitor.visit(ctx.tree)
+    for line, col in shell_visitor.hits:
+        findings.append(
+            Finding(
+                rule_id="SEC001",
+                title="Shell command execution",
+                severity="high",
+                message="Shell execution can be dangerous with untrusted input.",
+                file_path=str(ctx.file_path),
+                line=line,
+                column=col,
+            )
+        )
+
+    builtin_visitor = _DangerousBuiltinsVisitor()
+    builtin_visitor.visit(ctx.tree)
+    for func_name, line, col in builtin_visitor.hits:
+        findings.append(
+            Finding(
+                rule_id="SEC002",
+                title=f"Dangerous builtin {func_name}",
+                severity="critical",
+                message=f"Avoid {func_name} on untrusted content.",
+                file_path=str(ctx.file_path),
+                line=line,
+                column=col,
+            )
+        )
+
+    if "verify=False" in ctx.source:
+        findings.append(
+            Finding(
+                rule_id="SEC003",
+                title="TLS verification disabled",
+                severity="high",
+                message="requests verify=False weakens TLS protection.",
+                file_path=str(ctx.file_path),
+            )
+        )
+
+    if "TODO" in ctx.source:
+        findings.append(
+            Finding(
+                rule_id="QLT001",
+                title="Unresolved TODO",
+                severity="low",
+                message="TODO comments should be tracked before release.",
+                file_path=str(ctx.file_path),
+            )
+        )
+
+    return findings
+
+
+def run_requirements_rules(requirements: list[str], file_path: Path) -> list[Finding]:
+    findings: list[Finding] = []
+    for dep in requirements:
+        # Prefer pinned dependencies for reproducibility and easier CVE response.
+        if "==" not in dep:
+            findings.append(
+                Finding(
+                    rule_id="DEP001",
+                    title="Unpinned dependency",
+                    severity="medium",
+                    message=f"Dependency '{dep}' is not pinned with ==.",
+                    file_path=str(file_path),
+                )
+            )
+    return findings

codexray_analyser-0.1.0.dist-info/METADATA

@@ -0,0 +1,177 @@
+Metadata-Version: 2.4
+Name: codexray-analyser
+Version: 0.1.0
+Summary: Offline-first static analyser for Python files and notebooks.
+Project-URL: Homepage, https://github.com/Merlins-Sanctum/codexray-analyser
+Project-URL: Repository, https://github.com/Merlins-Sanctum/codexray-analyser
+Project-URL: Issues, https://github.com/Merlins-Sanctum/codexray-analyser/issues
+Author: Mohammad Hamad
+License: MIT
+License-File: LICENSE
+Keywords: notebook,offline,python,security,static-analysis
+Classifier: Development Status :: 3 - Alpha
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Topic :: Security
+Classifier: Topic :: Software Development :: Quality Assurance
+Requires-Python: >=3.11
+Description-Content-Type: text/markdown
+
+# Codexray
+
+Codexray is an offline-first Python static analyser for `.py` and `.ipynb` files.
+It helps teams inspect security risks, code quality problems, and dependency patterns
+without sending source code outside the local machine.
+
+## What Codexray does
+
+- Scans Python files and notebooks.
+- Supports project-level scans, full file scans, and targeted line-range checks.
+- Produces a structured JSON report.
+- Builds a dependency graph view with nodes and edges.
+- Flags common security risks such as shell execution and dangerous builtins.
+
+## Privacy and security behavior
+
+- No telemetry.
+- No source upload.
+- Network features are disabled by default.
+- Strict input limits for file size, notebook size, snippet length, and AST depth.
+
+This tool is designed for local analysis workflows where proprietary code must stay on the client system.
+
+## Installation
+
+```bash
+pip install codexray-analyser
+```
+
+## Quick start with CLI
+
+Analyse a folder:
+
+```bash
+codexray ./my_project
+```
+
+Analyse a single file:
+
+```bash
+codexray ./my_project/app.py
+```
+
+Analyse a code snippet:
+
+```bash
+codexray --snippet "import os; os.system('whoami')"
+```
+
+Analyse only specific lines from one file:
+
+```bash
+codexray ./my_project/app.py --start-line 40 --end-line 80
+```
+
+Save output to JSON:
+
+```bash
+codexray ./my_project --output codexray-report.json
+```
+
+## Python API usage
+
+```python
+from codexray import analyse_file_snippet, analyse_path, analyse_snippet
+
+project_result = analyse_path("./my_project")
+snippet_result = analyse_snippet("import os\nos.system('whoami')")
+range_result = analyse_file_snippet("./my_project/app.py", 20, 50)
+```
+
+## Understanding the report
+
+Each result returns:
+
+- `findings`: list of detected issues.
+- `graph`: nodes and edges representing imports, files, and function relationships.
+- `metadata`: run information such as analysed path and offline mode state.
+
+Example finding shape:
+
+```json
+{
+  "rule_id": "SEC002",
+  "title": "Dangerous builtin eval",
+  "severity": "critical",
+  "message": "Avoid eval on untrusted content.",
+  "file_path": "src/app.py",
+  "line": 18,
+  "column": 4
+}
+```
+
+## Reading graph output
+
+Graph output contains:
+
+- `nodes`: entities such as files, imports, and functions
+- `edges`: relationships such as `imports`, `contains`, and `calls`
+
+Typical use:
+
+1. Run Codexray and save JSON output.
+2. Load `graph.nodes` and `graph.edges` into your graph viewer.
+3. Track dependency hotspots and risky call paths.
+
+## How to use findings to make code changes
+
+Recommended workflow:
+
+1. Sort findings by `severity`.
+2. Fix `critical` and `high` findings first.
+3. Re-run Codexray after each fix batch.
+4. Keep evidence by committing report diffs in your internal workflow.
+
+Examples:
+
+- `SEC001` shell execution:
+  - Replace dynamic shell calls with safe Python APIs.
+  - Avoid passing untrusted input to command execution.
+- `SEC002` dangerous builtin:
+  - Replace `eval` or `exec` with safe parsing and strict allow-lists.
+- `DEP001` unpinned dependency:
+  - Pin versions in requirements files with `==` where practical.
+
+## Troubleshooting
+
+- `File parsing failed`:
+  - Check syntax errors or unsupported file encoding.
+- `exceeds ... bytes/chars`:
+  - Increase limits in config for controlled internal usage.
+- Empty findings:
+  - Confirm the target path includes `.py` or `.ipynb` sources.
+
+## Local development
+
+```bash
+python -m pip install -e .
+python -m pip install pytest ruff bandit pip-audit build twine
+python -m ruff check .
+python -m pytest
+python -m bandit -q -r src
+python -m pip-audit
+python -m build
+python -m twine check dist/*
+```
+
+## Contributing
+
+Read `CONTRIBUTING.md` before opening a pull request.
+Security reports should follow `SECURITY.md`.
+
+## License
+
+MIT. See `LICENSE`.

codexray_analyser-0.1.0.dist-info/RECORD

@@ -0,0 +1,15 @@
+codexray/__init__.py,sha256=iaaRmrDgxz3PcnF4VymgisoUI7zVwMwAWECxXdpeK0s,366
+codexray/analyser.py,sha256=cgMiBpcxOqPIBHYSmGWstkELU64LfjZ4HEnbofTdXrA,3866
+codexray/cli.py,sha256=29_B-ecLTnqVy1SIPI0wKszhOfuIZzoMJm6rv8wsW_w,2255
+codexray/config.py,sha256=q0aKeM8a0kzISuAj0uIGA7O97ExQCk2ScaYc7aKm5v8,368
+codexray/graph.py,sha256=yRiUFTrlk6fucD7z0d3SSM5Hd0CqPRjuYXhM7Hfv6NE,3567
+codexray/limits.py,sha256=ReJpYF2pOzn3W0G6s_gQg3nWzpfrPYyaeNEJbJ8rJVM,817
+codexray/models.py,sha256=S2btOixsxzUsBM_Nyo9D1zRZgH0HdeZBJrFqpwKIApA,953
+codexray/offline.py,sha256=xUonP9SvDIF1ycPPZ0ZdeoeYNrHsHftVtHM1cbROoZU,382
+codexray/parsers.py,sha256=TWfrnZ3FWUPi3dZMVs_Ofgl_LnMCi8CHHC60abZ9s_8,3112
+codexray/rules.py,sha256=fOVEvULv_SitfAWiuQof2QgKzzaHeG-zwOvcpV1g8p8,3884
+codexray_analyser-0.1.0.dist-info/METADATA,sha256=ZKV18qou99Yy8j7o3WivzGqvXeMwm3D9MwrDekcStR4,4686
+codexray_analyser-0.1.0.dist-info/WHEEL,sha256=QccIxa26bgl1E6uMy58deGWi-0aeIkkangHcxk2kWfw,87
+codexray_analyser-0.1.0.dist-info/entry_points.txt,sha256=r9LzXd27RixDqAQCQzlViYrslbdW-_--N0SGQ0yMnXE,47
+codexray_analyser-0.1.0.dist-info/licenses/LICENSE,sha256=Xrr6RxAF66F3QmjiZOcEX8erMms2GYH6XVgYenOhV48,1071
+codexray_analyser-0.1.0.dist-info/RECORD,,

codexray_analyser-0.1.0.dist-info/WHEEL

@@ -0,0 +1,4 @@
+Wheel-Version: 1.0
+Generator: hatchling 1.29.0
+Root-Is-Purelib: true
+Tag: py3-none-any

codexray_analyser-0.1.0.dist-info/entry_points.txt

@@ -0,0 +1,2 @@
+[console_scripts]
+codexray = codexray.cli:main

codexray_analyser-0.1.0.dist-info/licenses/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Mohammad Hamad
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.