osscodeiq 0.0.0__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- osscodeiq-0.0.0/.github/workflows/beta.yml +110 -0
- osscodeiq-0.0.0/.github/workflows/ci.yml +31 -0
- osscodeiq-0.0.0/.github/workflows/publish.yml +151 -0
- osscodeiq-0.0.0/.github/workflows/sbom.yml +75 -0
- osscodeiq-0.0.0/.github/workflows/sonarcloud.yml +39 -0
- osscodeiq-0.0.0/.gitignore +61 -0
- osscodeiq-0.0.0/CLAUDE.md +135 -0
- osscodeiq-0.0.0/LICENSE +21 -0
- osscodeiq-0.0.0/PKG-INFO +30 -0
- osscodeiq-0.0.0/README.md +226 -0
- osscodeiq-0.0.0/pyproject.toml +50 -0
- osscodeiq-0.0.0/setup.cfg +4 -0
- osscodeiq-0.0.0/sonar-project.properties +11 -0
- osscodeiq-0.0.0/src/osscodeiq/__init__.py +0 -0
- osscodeiq-0.0.0/src/osscodeiq/analyzer.py +467 -0
- osscodeiq-0.0.0/src/osscodeiq/cache/__init__.py +0 -0
- osscodeiq-0.0.0/src/osscodeiq/cache/hasher.py +23 -0
- osscodeiq-0.0.0/src/osscodeiq/cache/store.py +300 -0
- osscodeiq-0.0.0/src/osscodeiq/classifiers/__init__.py +0 -0
- osscodeiq-0.0.0/src/osscodeiq/classifiers/layer_classifier.py +69 -0
- osscodeiq-0.0.0/src/osscodeiq/cli.py +721 -0
- osscodeiq-0.0.0/src/osscodeiq/config.py +113 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/__init__.py +0 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/auth/__init__.py +0 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/auth/certificate_auth.py +139 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/auth/ldap_auth.py +89 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/auth/session_header_auth.py +120 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/base.py +41 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/config/__init__.py +0 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/config/batch_structure.py +128 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/config/cloudformation.py +183 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/config/docker_compose.py +179 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/config/github_actions.py +150 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/config/gitlab_ci.py +216 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/config/helm_chart.py +187 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/config/ini_structure.py +101 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/config/json_structure.py +72 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/config/kubernetes.py +305 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/config/kubernetes_rbac.py +212 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/config/openapi.py +194 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/config/package_json.py +99 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/config/properties_detector.py +108 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/config/pyproject_toml.py +169 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/config/sql_structure.py +155 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/config/toml_structure.py +93 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/config/tsconfig_json.py +105 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/config/yaml_structure.py +82 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/cpp/__init__.py +0 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/cpp/cpp_structures.py +192 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/csharp/__init__.py +0 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/csharp/csharp_efcore.py +184 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/csharp/csharp_minimal_apis.py +156 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/csharp/csharp_structures.py +317 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/docs/__init__.py +0 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/docs/markdown_structure.py +117 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/frontend/__init__.py +0 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/frontend/angular_components.py +177 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/frontend/frontend_routes.py +259 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/frontend/react_components.py +148 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/frontend/svelte_components.py +84 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/frontend/vue_components.py +150 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/generic/__init__.py +1 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/generic/imports_detector.py +413 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/go/__init__.py +0 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/go/go_orm.py +202 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/go/go_structures.py +162 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/go/go_web.py +157 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/iac/__init__.py +0 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/iac/bicep.py +135 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/iac/dockerfile.py +182 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/iac/terraform.py +188 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/java/__init__.py +0 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/java/azure_functions.py +424 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/java/azure_messaging.py +350 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/java/class_hierarchy.py +349 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/java/config_def.py +82 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/java/cosmos_db.py +105 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/java/graphql_resolver.py +188 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/java/grpc_service.py +142 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/java/ibm_mq.py +178 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/java/jaxrs.py +160 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/java/jdbc.py +196 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/java/jms.py +116 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/java/jpa_entity.py +143 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/java/kafka.py +113 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/java/kafka_protocol.py +70 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/java/micronaut.py +248 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/java/module_deps.py +191 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/java/public_api.py +206 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/java/quarkus.py +176 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/java/rabbitmq.py +150 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/java/raw_sql.py +136 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/java/repository.py +131 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/java/rmi.py +129 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/java/spring_events.py +117 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/java/spring_rest.py +168 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/java/spring_security.py +212 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/java/tibco_ems.py +193 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/java/websocket.py +188 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/kotlin/__init__.py +0 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/kotlin/kotlin_structures.py +124 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/kotlin/ktor_routes.py +163 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/proto/__init__.py +0 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/proto/proto_structure.py +153 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/python/__init__.py +0 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/python/celery_tasks.py +88 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/python/django_auth.py +132 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/python/django_models.py +157 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/python/django_views.py +74 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/python/fastapi_auth.py +143 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/python/fastapi_routes.py +68 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/python/flask_routes.py +67 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/python/kafka_python.py +175 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/python/pydantic_models.py +115 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/python/python_structures.py +234 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/python/sqlalchemy_models.py +82 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/registry.py +100 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/rust/__init__.py +0 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/rust/actix_web.py +234 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/rust/rust_structures.py +174 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/scala/__init__.py +0 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/scala/scala_structures.py +128 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/shell/__init__.py +0 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/shell/bash_detector.py +127 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/shell/powershell_detector.py +118 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/typescript/__init__.py +0 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/typescript/express_routes.py +55 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/typescript/fastify_routes.py +156 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/typescript/graphql_resolvers.py +100 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/typescript/kafka_js.py +164 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/typescript/mongoose_orm.py +151 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/typescript/nestjs_controllers.py +99 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/typescript/nestjs_guards.py +138 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/typescript/passport_jwt.py +133 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/typescript/prisma_orm.py +96 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/typescript/remix_routes.py +160 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/typescript/sequelize_orm.py +136 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/typescript/typeorm_entities.py +86 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/typescript/typescript_structures.py +185 -0
- osscodeiq-0.0.0/src/osscodeiq/detectors/utils.py +49 -0
- osscodeiq-0.0.0/src/osscodeiq/discovery/__init__.py +11 -0
- osscodeiq-0.0.0/src/osscodeiq/discovery/change_detector.py +97 -0
- osscodeiq-0.0.0/src/osscodeiq/discovery/file_discovery.py +342 -0
- osscodeiq-0.0.0/src/osscodeiq/flow/__init__.py +0 -0
- osscodeiq-0.0.0/src/osscodeiq/flow/engine.py +78 -0
- osscodeiq-0.0.0/src/osscodeiq/flow/models.py +72 -0
- osscodeiq-0.0.0/src/osscodeiq/flow/renderer.py +127 -0
- osscodeiq-0.0.0/src/osscodeiq/flow/templates/interactive.html +252 -0
- osscodeiq-0.0.0/src/osscodeiq/flow/vendor/cytoscape-dagre.min.js +8 -0
- osscodeiq-0.0.0/src/osscodeiq/flow/vendor/cytoscape.min.js +32 -0
- osscodeiq-0.0.0/src/osscodeiq/flow/vendor/dagre.min.js +3809 -0
- osscodeiq-0.0.0/src/osscodeiq/flow/views.py +357 -0
- osscodeiq-0.0.0/src/osscodeiq/graph/__init__.py +0 -0
- osscodeiq-0.0.0/src/osscodeiq/graph/backend.py +52 -0
- osscodeiq-0.0.0/src/osscodeiq/graph/backends/__init__.py +23 -0
- osscodeiq-0.0.0/src/osscodeiq/graph/backends/kuzu.py +576 -0
- osscodeiq-0.0.0/src/osscodeiq/graph/backends/networkx.py +135 -0
- osscodeiq-0.0.0/src/osscodeiq/graph/backends/sqlite_backend.py +406 -0
- osscodeiq-0.0.0/src/osscodeiq/graph/builder.py +297 -0
- osscodeiq-0.0.0/src/osscodeiq/graph/query.py +228 -0
- osscodeiq-0.0.0/src/osscodeiq/graph/store.py +183 -0
- osscodeiq-0.0.0/src/osscodeiq/graph/views.py +231 -0
- osscodeiq-0.0.0/src/osscodeiq/models/__init__.py +17 -0
- osscodeiq-0.0.0/src/osscodeiq/models/graph.py +116 -0
- osscodeiq-0.0.0/src/osscodeiq/output/__init__.py +0 -0
- osscodeiq-0.0.0/src/osscodeiq/output/dot.py +171 -0
- osscodeiq-0.0.0/src/osscodeiq/output/mermaid.py +160 -0
- osscodeiq-0.0.0/src/osscodeiq/output/safety.py +58 -0
- osscodeiq-0.0.0/src/osscodeiq/output/serializers.py +42 -0
- osscodeiq-0.0.0/src/osscodeiq/parsing/__init__.py +5 -0
- osscodeiq-0.0.0/src/osscodeiq/parsing/languages/__init__.py +0 -0
- osscodeiq-0.0.0/src/osscodeiq/parsing/languages/base.py +23 -0
- osscodeiq-0.0.0/src/osscodeiq/parsing/languages/java.py +68 -0
- osscodeiq-0.0.0/src/osscodeiq/parsing/languages/python.py +57 -0
- osscodeiq-0.0.0/src/osscodeiq/parsing/languages/typescript.py +95 -0
- osscodeiq-0.0.0/src/osscodeiq/parsing/parser_manager.py +125 -0
- osscodeiq-0.0.0/src/osscodeiq/parsing/structured/__init__.py +0 -0
- osscodeiq-0.0.0/src/osscodeiq/parsing/structured/gradle_parser.py +78 -0
- osscodeiq-0.0.0/src/osscodeiq/parsing/structured/json_parser.py +24 -0
- osscodeiq-0.0.0/src/osscodeiq/parsing/structured/properties_parser.py +56 -0
- osscodeiq-0.0.0/src/osscodeiq/parsing/structured/sql_parser.py +54 -0
- osscodeiq-0.0.0/src/osscodeiq/parsing/structured/xml_parser.py +148 -0
- osscodeiq-0.0.0/src/osscodeiq/parsing/structured/yaml_parser.py +38 -0
- osscodeiq-0.0.0/src/osscodeiq/server/__init__.py +7 -0
- osscodeiq-0.0.0/src/osscodeiq/server/app.py +53 -0
- osscodeiq-0.0.0/src/osscodeiq/server/mcp_server.py +174 -0
- osscodeiq-0.0.0/src/osscodeiq/server/middleware.py +16 -0
- osscodeiq-0.0.0/src/osscodeiq/server/routes.py +184 -0
- osscodeiq-0.0.0/src/osscodeiq/server/service.py +445 -0
- osscodeiq-0.0.0/src/osscodeiq/server/templates/welcome.html +56 -0
- osscodeiq-0.0.0/src/osscodeiq.egg-info/PKG-INFO +30 -0
- osscodeiq-0.0.0/src/osscodeiq.egg-info/SOURCES.txt +331 -0
- osscodeiq-0.0.0/src/osscodeiq.egg-info/dependency_links.txt +1 -0
- osscodeiq-0.0.0/src/osscodeiq.egg-info/entry_points.txt +2 -0
- osscodeiq-0.0.0/src/osscodeiq.egg-info/requires.txt +26 -0
- osscodeiq-0.0.0/src/osscodeiq.egg-info/top_level.txt +1 -0
- osscodeiq-0.0.0/tests/__init__.py +0 -0
- osscodeiq-0.0.0/tests/classifiers/__init__.py +0 -0
- osscodeiq-0.0.0/tests/classifiers/test_layer_classifier.py +79 -0
- osscodeiq-0.0.0/tests/conftest.py +209 -0
- osscodeiq-0.0.0/tests/detectors/__init__.py +0 -0
- osscodeiq-0.0.0/tests/detectors/auth/__init__.py +0 -0
- osscodeiq-0.0.0/tests/detectors/auth/test_certificate_auth.py +231 -0
- osscodeiq-0.0.0/tests/detectors/auth/test_ldap_auth.py +203 -0
- osscodeiq-0.0.0/tests/detectors/auth/test_session_header_auth.py +227 -0
- osscodeiq-0.0.0/tests/detectors/config/__init__.py +1 -0
- osscodeiq-0.0.0/tests/detectors/config/test_cloudformation.py +377 -0
- osscodeiq-0.0.0/tests/detectors/config/test_docker_compose.py +85 -0
- osscodeiq-0.0.0/tests/detectors/config/test_github_actions.py +87 -0
- osscodeiq-0.0.0/tests/detectors/config/test_gitlab_ci.py +66 -0
- osscodeiq-0.0.0/tests/detectors/config/test_helm_chart.py +274 -0
- osscodeiq-0.0.0/tests/detectors/config/test_json_structure.py +52 -0
- osscodeiq-0.0.0/tests/detectors/config/test_kubernetes_rbac.py +320 -0
- osscodeiq-0.0.0/tests/detectors/config/test_package_json.py +80 -0
- osscodeiq-0.0.0/tests/detectors/config/test_yaml_structure.py +64 -0
- osscodeiq-0.0.0/tests/detectors/cpp/__init__.py +0 -0
- osscodeiq-0.0.0/tests/detectors/cpp/test_cpp_structures.py +141 -0
- osscodeiq-0.0.0/tests/detectors/csharp/__init__.py +0 -0
- osscodeiq-0.0.0/tests/detectors/csharp/test_csharp_efcore.py +186 -0
- osscodeiq-0.0.0/tests/detectors/csharp/test_csharp_minimal_apis.py +184 -0
- osscodeiq-0.0.0/tests/detectors/csharp/test_csharp_structures.py +96 -0
- osscodeiq-0.0.0/tests/detectors/docs/__init__.py +0 -0
- osscodeiq-0.0.0/tests/detectors/docs/test_markdown_structure.py +77 -0
- osscodeiq-0.0.0/tests/detectors/frontend/__init__.py +0 -0
- osscodeiq-0.0.0/tests/detectors/frontend/test_angular_components.py +308 -0
- osscodeiq-0.0.0/tests/detectors/frontend/test_frontend_routes.py +299 -0
- osscodeiq-0.0.0/tests/detectors/frontend/test_react_components.py +291 -0
- osscodeiq-0.0.0/tests/detectors/frontend/test_svelte_components.py +187 -0
- osscodeiq-0.0.0/tests/detectors/frontend/test_vue_components.py +261 -0
- osscodeiq-0.0.0/tests/detectors/go/__init__.py +0 -0
- osscodeiq-0.0.0/tests/detectors/go/test_go_orm.py +224 -0
- osscodeiq-0.0.0/tests/detectors/go/test_go_structures.py +95 -0
- osscodeiq-0.0.0/tests/detectors/go/test_go_web.py +226 -0
- osscodeiq-0.0.0/tests/detectors/iac/__init__.py +0 -0
- osscodeiq-0.0.0/tests/detectors/iac/test_dockerfile.py +90 -0
- osscodeiq-0.0.0/tests/detectors/iac/test_terraform.py +100 -0
- osscodeiq-0.0.0/tests/detectors/java/__init__.py +0 -0
- osscodeiq-0.0.0/tests/detectors/java/test_class_hierarchy.py +111 -0
- osscodeiq-0.0.0/tests/detectors/java/test_grpc_service.py +105 -0
- osscodeiq-0.0.0/tests/detectors/java/test_jpa_entity.py +137 -0
- osscodeiq-0.0.0/tests/detectors/java/test_kafka.py +107 -0
- osscodeiq-0.0.0/tests/detectors/java/test_micronaut.py +234 -0
- osscodeiq-0.0.0/tests/detectors/java/test_module_deps.py +126 -0
- osscodeiq-0.0.0/tests/detectors/java/test_public_api.py +123 -0
- osscodeiq-0.0.0/tests/detectors/java/test_quarkus.py +229 -0
- osscodeiq-0.0.0/tests/detectors/java/test_raw_sql.py +120 -0
- osscodeiq-0.0.0/tests/detectors/java/test_spring_events.py +115 -0
- osscodeiq-0.0.0/tests/detectors/java/test_spring_rest.py +141 -0
- osscodeiq-0.0.0/tests/detectors/java/test_spring_security.py +218 -0
- osscodeiq-0.0.0/tests/detectors/kotlin/__init__.py +0 -0
- osscodeiq-0.0.0/tests/detectors/kotlin/test_ktor_routes.py +164 -0
- osscodeiq-0.0.0/tests/detectors/python/__init__.py +0 -0
- osscodeiq-0.0.0/tests/detectors/python/test_celery_tasks.py +105 -0
- osscodeiq-0.0.0/tests/detectors/python/test_django_auth.py +197 -0
- osscodeiq-0.0.0/tests/detectors/python/test_django_models.py +161 -0
- osscodeiq-0.0.0/tests/detectors/python/test_django_views.py +102 -0
- osscodeiq-0.0.0/tests/detectors/python/test_fastapi_auth.py +189 -0
- osscodeiq-0.0.0/tests/detectors/python/test_fastapi_routes.py +124 -0
- osscodeiq-0.0.0/tests/detectors/python/test_flask_routes.py +96 -0
- osscodeiq-0.0.0/tests/detectors/python/test_kafka_python.py +213 -0
- osscodeiq-0.0.0/tests/detectors/python/test_pydantic_models.py +162 -0
- osscodeiq-0.0.0/tests/detectors/python/test_python_structures.py +239 -0
- osscodeiq-0.0.0/tests/detectors/python/test_sqlalchemy_models.py +120 -0
- osscodeiq-0.0.0/tests/detectors/rust/__init__.py +0 -0
- osscodeiq-0.0.0/tests/detectors/rust/test_actix_web.py +271 -0
- osscodeiq-0.0.0/tests/detectors/shell/__init__.py +0 -0
- osscodeiq-0.0.0/tests/detectors/shell/test_powershell_detector.py +129 -0
- osscodeiq-0.0.0/tests/detectors/typescript/__init__.py +1 -0
- osscodeiq-0.0.0/tests/detectors/typescript/test_express_routes.py +91 -0
- osscodeiq-0.0.0/tests/detectors/typescript/test_fastify_routes.py +152 -0
- osscodeiq-0.0.0/tests/detectors/typescript/test_graphql_resolvers.py +108 -0
- osscodeiq-0.0.0/tests/detectors/typescript/test_kafka_js.py +182 -0
- osscodeiq-0.0.0/tests/detectors/typescript/test_mongoose_orm.py +188 -0
- osscodeiq-0.0.0/tests/detectors/typescript/test_nestjs_controllers.py +114 -0
- osscodeiq-0.0.0/tests/detectors/typescript/test_nestjs_guards.py +165 -0
- osscodeiq-0.0.0/tests/detectors/typescript/test_passport_jwt.py +182 -0
- osscodeiq-0.0.0/tests/detectors/typescript/test_prisma_orm.py +161 -0
- osscodeiq-0.0.0/tests/detectors/typescript/test_remix_routes.py +193 -0
- osscodeiq-0.0.0/tests/detectors/typescript/test_sequelize_orm.py +175 -0
- osscodeiq-0.0.0/tests/detectors/typescript/test_typeorm_entities.py +123 -0
- osscodeiq-0.0.0/tests/detectors/typescript/test_typescript_structures.py +255 -0
- osscodeiq-0.0.0/tests/fixtures/java/ApiKeys.java +15 -0
- osscodeiq-0.0.0/tests/fixtures/java/ConnectorsResource.java +33 -0
- osscodeiq-0.0.0/tests/fixtures/java/ConsumerConfig.java +25 -0
- osscodeiq-0.0.0/tests/fixtures/java/FetchRequest.java +33 -0
- osscodeiq-0.0.0/tests/fixtures/java/FetchResponse.java +18 -0
- osscodeiq-0.0.0/tests/fixtures/java/Order.java +35 -0
- osscodeiq-0.0.0/tests/fixtures/java/OrderController.java +39 -0
- osscodeiq-0.0.0/tests/fixtures/java/OrderEventHandler.java +40 -0
- osscodeiq-0.0.0/tests/fixtures/java/OrderRepository.java +20 -0
- osscodeiq-0.0.0/tests/fixtures/java/Serializer.java +8 -0
- osscodeiq-0.0.0/tests/fixtures/java/StringSerializer.java +8 -0
- osscodeiq-0.0.0/tests/fixtures/java/pom.xml +31 -0
- osscodeiq-0.0.0/tests/fixtures/python/app.py +34 -0
- osscodeiq-0.0.0/tests/fixtures/python/models.py +41 -0
- osscodeiq-0.0.0/tests/fixtures/typescript/user.controller.ts +33 -0
- osscodeiq-0.0.0/tests/fixtures/typescript/user.entity.ts +23 -0
- osscodeiq-0.0.0/tests/flow/__init__.py +0 -0
- osscodeiq-0.0.0/tests/flow/test_engine.py +96 -0
- osscodeiq-0.0.0/tests/flow/test_flow_edge_cases.py +201 -0
- osscodeiq-0.0.0/tests/flow/test_models.py +49 -0
- osscodeiq-0.0.0/tests/flow/test_renderer.py +85 -0
- osscodeiq-0.0.0/tests/flow/test_views.py +383 -0
- osscodeiq-0.0.0/tests/server/__init__.py +0 -0
- osscodeiq-0.0.0/tests/server/test_service.py +225 -0
- osscodeiq-0.0.0/tests/test_detectors/__init__.py +0 -0
- osscodeiq-0.0.0/tests/test_detectors/test_cpp_detectors.py +48 -0
- osscodeiq-0.0.0/tests/test_detectors/test_csharp_detectors.py +142 -0
- osscodeiq-0.0.0/tests/test_detectors/test_generic_detectors.py +131 -0
- osscodeiq-0.0.0/tests/test_detectors/test_go_detectors.py +124 -0
- osscodeiq-0.0.0/tests/test_detectors/test_iac_detectors.py +38 -0
- osscodeiq-0.0.0/tests/test_detectors/test_java_detectors.py +550 -0
- osscodeiq-0.0.0/tests/test_detectors/test_python_detectors.py +36 -0
- osscodeiq-0.0.0/tests/test_detectors/test_shell_detectors.py +45 -0
- osscodeiq-0.0.0/tests/test_detectors/test_terraform_detectors.py +138 -0
- osscodeiq-0.0.0/tests/test_detectors/test_typescript_detectors.py +37 -0
- osscodeiq-0.0.0/tests/test_discovery/__init__.py +0 -0
- osscodeiq-0.0.0/tests/test_edge_cases.py +101 -0
- osscodeiq-0.0.0/tests/test_graph/__init__.py +0 -0
- osscodeiq-0.0.0/tests/test_graph/test_builder.py +57 -0
- osscodeiq-0.0.0/tests/test_graph/test_models.py +81 -0
- osscodeiq-0.0.0/tests/test_graph/test_query.py +101 -0
- osscodeiq-0.0.0/tests/test_graph/test_store.py +150 -0
- osscodeiq-0.0.0/tests/test_graph/test_views.py +63 -0
- osscodeiq-0.0.0/tests/test_graph_edge_cases.py +190 -0
- osscodeiq-0.0.0/tests/test_output/__init__.py +0 -0
- osscodeiq-0.0.0/tests/test_output/test_dot.py +29 -0
- osscodeiq-0.0.0/tests/test_output/test_mermaid.py +62 -0
- osscodeiq-0.0.0/tests/test_output/test_safety.py +27 -0
- osscodeiq-0.0.0/tests/test_output/test_serializers.py +48 -0
- osscodeiq-0.0.0/tests/test_parsing/__init__.py +0 -0
- osscodeiq-0.0.0/tests/test_thread_safety.py +157 -0
- osscodeiq-0.0.0/uv.lock +1994 -0
|
@@ -0,0 +1,110 @@
|
|
|
1
|
+
name: Publish Beta
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
branches: [main]
|
|
6
|
+
paths:
|
|
7
|
+
- "src/**"
|
|
8
|
+
- "tests/**"
|
|
9
|
+
- "pyproject.toml"
|
|
10
|
+
workflow_dispatch:
|
|
11
|
+
|
|
12
|
+
permissions:
|
|
13
|
+
contents: write
|
|
14
|
+
packages: write
|
|
15
|
+
|
|
16
|
+
jobs:
|
|
17
|
+
build-and-publish:
|
|
18
|
+
name: Build & publish beta
|
|
19
|
+
runs-on: ubuntu-latest
|
|
20
|
+
steps:
|
|
21
|
+
- uses: actions/checkout@v4
|
|
22
|
+
with:
|
|
23
|
+
fetch-depth: 0
|
|
24
|
+
|
|
25
|
+
- name: Set up Python
|
|
26
|
+
uses: actions/setup-python@v5
|
|
27
|
+
with:
|
|
28
|
+
python-version: "3.12"
|
|
29
|
+
|
|
30
|
+
- name: Install build tools
|
|
31
|
+
run: pip install build tomli
|
|
32
|
+
|
|
33
|
+
- name: Compute beta version
|
|
34
|
+
id: version
|
|
35
|
+
run: |
|
|
36
|
+
# Derive base version from latest stable release tag (e.g. v0.0.1 -> 0.0.1)
|
|
37
|
+
STABLE_TAG=$(git tag -l "v[0-9]*.[0-9]*.[0-9]*" --sort=-v:refname | grep -vE 'b[0-9]+$' | head -n1)
|
|
38
|
+
if [ -n "$STABLE_TAG" ]; then
|
|
39
|
+
BASE="${STABLE_TAG#v}"
|
|
40
|
+
else
|
|
41
|
+
BASE=$(python3 -c "import tomli; print(tomli.load(open('pyproject.toml','rb'))['project']['version'])")
|
|
42
|
+
fi
|
|
43
|
+
# Find latest beta tag number (PEP 440: v0.0.1b0, v0.0.1b1, ...)
|
|
44
|
+
LATEST=$(git tag -l "v${BASE}b*" --sort=-v:refname | head -n1)
|
|
45
|
+
if [ -n "$LATEST" ]; then
|
|
46
|
+
LAST_NUM=$(echo "$LATEST" | sed "s/v${BASE}b//")
|
|
47
|
+
BETA_NUM=$((LAST_NUM + 1))
|
|
48
|
+
else
|
|
49
|
+
BETA_NUM=0
|
|
50
|
+
fi
|
|
51
|
+
PEP_VERSION="${BASE}b${BETA_NUM}"
|
|
52
|
+
SHORT_SHA=$(git rev-parse --short HEAD)
|
|
53
|
+
echo "version=$PEP_VERSION" >> "$GITHUB_OUTPUT"
|
|
54
|
+
echo "tag=v${PEP_VERSION}" >> "$GITHUB_OUTPUT"
|
|
55
|
+
echo "sha=$SHORT_SHA" >> "$GITHUB_OUTPUT"
|
|
56
|
+
echo "Beta version: v${PEP_VERSION} @ ${SHORT_SHA}"
|
|
57
|
+
|
|
58
|
+
- name: Patch version in pyproject.toml
|
|
59
|
+
env:
|
|
60
|
+
BETA_VERSION: ${{ steps.version.outputs.version }}
|
|
61
|
+
run: |
|
|
62
|
+
python3 << 'PYEOF'
|
|
63
|
+
import os, re
|
|
64
|
+
ver = os.environ["BETA_VERSION"]
|
|
65
|
+
with open("pyproject.toml", "r") as f:
|
|
66
|
+
content = f.read()
|
|
67
|
+
content = re.sub(r'version\s*=\s*"[^"]+"', f'version = "{ver}"', content, count=1)
|
|
68
|
+
with open("pyproject.toml", "w") as f:
|
|
69
|
+
f.write(content)
|
|
70
|
+
PYEOF
|
|
71
|
+
|
|
72
|
+
- name: Build wheel and sdist
|
|
73
|
+
run: python -m build
|
|
74
|
+
|
|
75
|
+
- name: Verify wheel
|
|
76
|
+
run: |
|
|
77
|
+
pip install dist/*.whl
|
|
78
|
+
python -c "import importlib.metadata; print(f'Built: {importlib.metadata.version(\"osscodeiq\")}')"
|
|
79
|
+
python -c "from osscodeiq.detectors.registry import DetectorRegistry; r = DetectorRegistry(); r.load_builtin_detectors(); print(f'{len(r.all_detectors())} detectors')"
|
|
80
|
+
|
|
81
|
+
- name: Delete existing beta tag (if any)
|
|
82
|
+
env:
|
|
83
|
+
BETA_TAG: ${{ steps.version.outputs.tag }}
|
|
84
|
+
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
85
|
+
run: |
|
|
86
|
+
gh release delete "$BETA_TAG" --yes 2>/dev/null || true
|
|
87
|
+
git push origin ":refs/tags/$BETA_TAG" 2>/dev/null || true
|
|
88
|
+
|
|
89
|
+
- name: Create beta release with wheel
|
|
90
|
+
env:
|
|
91
|
+
BETA_TAG: ${{ steps.version.outputs.tag }}
|
|
92
|
+
BETA_PEP: ${{ steps.version.outputs.version }}
|
|
93
|
+
BETA_SHA: ${{ steps.version.outputs.sha }}
|
|
94
|
+
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
95
|
+
run: |
|
|
96
|
+
gh release create "$BETA_TAG" dist/* \
|
|
97
|
+
--title "${BETA_PEP} (${BETA_SHA})" \
|
|
98
|
+
--notes "Auto-generated beta build from commit $BETA_SHA.
|
|
99
|
+
|
|
100
|
+
**Install:**
|
|
101
|
+
\`\`\`bash
|
|
102
|
+
pip install https://github.com/RandomCodeSpace/code-iq/releases/download/${BETA_TAG}/osscodeiq-${BETA_PEP}-py3-none-any.whl
|
|
103
|
+
\`\`\`
|
|
104
|
+
|
|
105
|
+
**Or with osscodeiq CLI:**
|
|
106
|
+
\`\`\`bash
|
|
107
|
+
osscodeiq version
|
|
108
|
+
osscodeiq analyze /path/to/repo
|
|
109
|
+
\`\`\`" \
|
|
110
|
+
--prerelease
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
name: CI
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
branches: [main]
|
|
6
|
+
pull_request:
|
|
7
|
+
branches: [main]
|
|
8
|
+
|
|
9
|
+
permissions:
|
|
10
|
+
contents: read
|
|
11
|
+
|
|
12
|
+
jobs:
|
|
13
|
+
test:
|
|
14
|
+
runs-on: ubuntu-latest
|
|
15
|
+
strategy:
|
|
16
|
+
matrix:
|
|
17
|
+
python-version: ["3.11", "3.12"]
|
|
18
|
+
|
|
19
|
+
steps:
|
|
20
|
+
- uses: actions/checkout@v4
|
|
21
|
+
|
|
22
|
+
- name: Set up Python
|
|
23
|
+
uses: actions/setup-python@v5
|
|
24
|
+
with:
|
|
25
|
+
python-version: ${{ matrix.python-version }}
|
|
26
|
+
|
|
27
|
+
- name: Install dependencies
|
|
28
|
+
run: pip install -e ".[dev]"
|
|
29
|
+
|
|
30
|
+
- name: Run tests
|
|
31
|
+
run: pytest --tb=short -q
|
|
@@ -0,0 +1,151 @@
|
|
|
1
|
+
name: Publish to PyPI
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
workflow_dispatch:
|
|
5
|
+
inputs:
|
|
6
|
+
version:
|
|
7
|
+
description: "Release version (e.g. 0.1.0)"
|
|
8
|
+
required: true
|
|
9
|
+
type: string
|
|
10
|
+
dry_run:
|
|
11
|
+
description: "Dry run (build + test only, no upload)"
|
|
12
|
+
type: boolean
|
|
13
|
+
default: false
|
|
14
|
+
|
|
15
|
+
permissions:
|
|
16
|
+
contents: read
|
|
17
|
+
id-token: write
|
|
18
|
+
|
|
19
|
+
jobs:
|
|
20
|
+
build:
|
|
21
|
+
name: Build wheel & sdist
|
|
22
|
+
runs-on: ubuntu-latest
|
|
23
|
+
steps:
|
|
24
|
+
- uses: actions/checkout@v4
|
|
25
|
+
|
|
26
|
+
- name: Set up Python
|
|
27
|
+
uses: actions/setup-python@v5
|
|
28
|
+
with:
|
|
29
|
+
python-version: "3.12"
|
|
30
|
+
|
|
31
|
+
- name: Install build tools
|
|
32
|
+
run: pip install build
|
|
33
|
+
|
|
34
|
+
- name: Build wheel and sdist
|
|
35
|
+
run: python -m build
|
|
36
|
+
|
|
37
|
+
- name: Verify wheel contents
|
|
38
|
+
run: |
|
|
39
|
+
pip install dist/*.whl
|
|
40
|
+
python -c "from osscodeiq.detectors.registry import DetectorRegistry; r = DetectorRegistry(); r.load_builtin_detectors(); print(f'Build OK: {len(r.all_detectors())} detectors')"
|
|
41
|
+
|
|
42
|
+
- name: Upload build artifacts
|
|
43
|
+
uses: actions/upload-artifact@v4
|
|
44
|
+
with:
|
|
45
|
+
name: dist
|
|
46
|
+
path: dist/
|
|
47
|
+
|
|
48
|
+
test-os:
|
|
49
|
+
name: "${{ matrix.os }} / Python ${{ matrix.python }}"
|
|
50
|
+
needs: build
|
|
51
|
+
strategy:
|
|
52
|
+
fail-fast: false
|
|
53
|
+
matrix:
|
|
54
|
+
include:
|
|
55
|
+
# Windows 10/11
|
|
56
|
+
- { os: windows-latest, python: "3.11" }
|
|
57
|
+
- { os: windows-latest, python: "3.12" }
|
|
58
|
+
- { os: windows-latest, python: "3.13" }
|
|
59
|
+
# macOS (Apple Silicon + Intel)
|
|
60
|
+
- { os: macos-latest, python: "3.11" }
|
|
61
|
+
- { os: macos-latest, python: "3.12" }
|
|
62
|
+
- { os: macos-latest, python: "3.13" }
|
|
63
|
+
# Ubuntu / Linux
|
|
64
|
+
- { os: ubuntu-latest, python: "3.11" }
|
|
65
|
+
- { os: ubuntu-latest, python: "3.12" }
|
|
66
|
+
- { os: ubuntu-latest, python: "3.13" }
|
|
67
|
+
- { os: ubuntu-22.04, python: "3.11" }
|
|
68
|
+
- { os: ubuntu-22.04, python: "3.12" }
|
|
69
|
+
runs-on: ${{ matrix.os }}
|
|
70
|
+
steps:
|
|
71
|
+
- name: Download artifacts
|
|
72
|
+
uses: actions/download-artifact@v4
|
|
73
|
+
with:
|
|
74
|
+
name: dist
|
|
75
|
+
path: dist/
|
|
76
|
+
|
|
77
|
+
- name: Set up Python
|
|
78
|
+
uses: actions/setup-python@v5
|
|
79
|
+
with:
|
|
80
|
+
python-version: ${{ matrix.python }}
|
|
81
|
+
|
|
82
|
+
- name: Install from wheel (no root, no system deps)
|
|
83
|
+
shell: bash
|
|
84
|
+
run: pip install dist/*.whl
|
|
85
|
+
|
|
86
|
+
- name: Verify CLI
|
|
87
|
+
run: osscodeiq --help
|
|
88
|
+
|
|
89
|
+
- name: Verify detectors
|
|
90
|
+
run: python -c "from osscodeiq.detectors.registry import DetectorRegistry; r = DetectorRegistry(); r.load_builtin_detectors(); print(f'{len(r.all_detectors())} detectors')"
|
|
91
|
+
|
|
92
|
+
test-container:
|
|
93
|
+
name: "${{ matrix.name }}"
|
|
94
|
+
needs: build
|
|
95
|
+
runs-on: ubuntu-latest
|
|
96
|
+
strategy:
|
|
97
|
+
fail-fast: false
|
|
98
|
+
matrix:
|
|
99
|
+
include:
|
|
100
|
+
# RHEL / UBI — pip install only, NO root, NO dnf
|
|
101
|
+
- { name: "UBI 8 / RHEL 8 (Python 3.11)", container: "registry.access.redhat.com/ubi8/python-311:latest" }
|
|
102
|
+
- { name: "UBI 9 / RHEL 9 (Python 3.11)", container: "registry.access.redhat.com/ubi9/python-311:latest" }
|
|
103
|
+
- { name: "UBI 9 / RHEL 9 (Python 3.12)", container: "registry.access.redhat.com/ubi9/python-312:latest" }
|
|
104
|
+
# Debian / Ubuntu slim
|
|
105
|
+
- { name: "Debian Bookworm (3.11)", container: "python:3.11-slim-bookworm" }
|
|
106
|
+
- { name: "Debian Bookworm (3.12)", container: "python:3.12-slim-bookworm" }
|
|
107
|
+
- { name: "Debian Bookworm (3.13)", container: "python:3.13-slim-bookworm" }
|
|
108
|
+
# Alpine (musl libc)
|
|
109
|
+
- { name: "Alpine (3.11)", container: "python:3.11-alpine" }
|
|
110
|
+
- { name: "Alpine (3.12)", container: "python:3.12-alpine" }
|
|
111
|
+
# Fedora
|
|
112
|
+
- { name: "Fedora 40", container: "fedora:40" }
|
|
113
|
+
container:
|
|
114
|
+
image: ${{ matrix.container }}
|
|
115
|
+
steps:
|
|
116
|
+
- name: Download artifacts
|
|
117
|
+
uses: actions/download-artifact@v4
|
|
118
|
+
with:
|
|
119
|
+
name: dist
|
|
120
|
+
path: dist/
|
|
121
|
+
|
|
122
|
+
- name: Install Python (Amazon Linux / Fedora only)
|
|
123
|
+
if: contains(matrix.container, 'amazonlinux') || contains(matrix.container, 'fedora')
|
|
124
|
+
run: |
|
|
125
|
+
dnf install -y python3 python3-pip 2>/dev/null || yum install -y python3 python3-pip 2>/dev/null || true
|
|
126
|
+
|
|
127
|
+
- name: Install from wheel (no root system deps needed)
|
|
128
|
+
run: pip install dist/*.whl || pip3 install dist/*.whl
|
|
129
|
+
|
|
130
|
+
- name: Verify CLI
|
|
131
|
+
run: osscodeiq --help || python3 -m osscodeiq.cli --help
|
|
132
|
+
|
|
133
|
+
- name: Verify detectors
|
|
134
|
+
run: python3 -c "from osscodeiq.detectors.registry import DetectorRegistry; r = DetectorRegistry(); r.load_builtin_detectors(); print(f'{len(r.all_detectors())} detectors')"
|
|
135
|
+
|
|
136
|
+
publish-pypi:
|
|
137
|
+
name: Publish to PyPI
|
|
138
|
+
needs: [test-os, test-container]
|
|
139
|
+
runs-on: ubuntu-latest
|
|
140
|
+
if: inputs.dry_run == false
|
|
141
|
+
steps:
|
|
142
|
+
- name: Download artifacts
|
|
143
|
+
uses: actions/download-artifact@v4
|
|
144
|
+
with:
|
|
145
|
+
name: dist
|
|
146
|
+
path: dist/
|
|
147
|
+
|
|
148
|
+
- name: Publish to PyPI
|
|
149
|
+
uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # release/v1
|
|
150
|
+
with:
|
|
151
|
+
attestations: true
|
|
@@ -0,0 +1,75 @@
|
|
|
1
|
+
name: SBOM + Dependency Audit
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
branches: [main]
|
|
6
|
+
schedule:
|
|
7
|
+
- cron: "0 6 * * 1"
|
|
8
|
+
workflow_dispatch:
|
|
9
|
+
|
|
10
|
+
permissions:
|
|
11
|
+
contents: read
|
|
12
|
+
|
|
13
|
+
jobs:
|
|
14
|
+
sbom-and-audit:
|
|
15
|
+
name: Generate SBOM & scan dependencies
|
|
16
|
+
runs-on: ubuntu-latest
|
|
17
|
+
continue-on-error: true
|
|
18
|
+
steps:
|
|
19
|
+
- uses: actions/checkout@v4
|
|
20
|
+
|
|
21
|
+
- name: Set up Python
|
|
22
|
+
uses: actions/setup-python@v5
|
|
23
|
+
with:
|
|
24
|
+
python-version: "3.12"
|
|
25
|
+
|
|
26
|
+
- name: Install project + tools
|
|
27
|
+
run: |
|
|
28
|
+
pip install .
|
|
29
|
+
pip install pip-audit cyclonedx-bom pip-licenses
|
|
30
|
+
|
|
31
|
+
- name: Generate CycloneDX SBOM (JSON)
|
|
32
|
+
run: |
|
|
33
|
+
cyclonedx-py environment \
|
|
34
|
+
--output-format json \
|
|
35
|
+
--outfile sbom-cyclonedx.json \
|
|
36
|
+
2>&1 || cyclonedx-py --format json -o sbom-cyclonedx.json 2>&1 || true
|
|
37
|
+
echo "CycloneDX SBOM generated"
|
|
38
|
+
|
|
39
|
+
- name: Generate dependency list with licenses
|
|
40
|
+
run: |
|
|
41
|
+
pip-licenses --format=json --with-urls --with-description > dependencies-licenses.json
|
|
42
|
+
pip-licenses --format=plain --with-urls
|
|
43
|
+
echo ""
|
|
44
|
+
echo "=== License summary ==="
|
|
45
|
+
pip-licenses --summary
|
|
46
|
+
|
|
47
|
+
- name: Audit dependencies for vulnerabilities
|
|
48
|
+
run: |
|
|
49
|
+
echo "=== Scanning all installed packages (including transitive) ==="
|
|
50
|
+
pip-audit --desc --format=json --output=audit-report.json 2>&1 || true
|
|
51
|
+
echo ""
|
|
52
|
+
echo "=== Audit Results ==="
|
|
53
|
+
pip-audit --desc 2>&1 || true
|
|
54
|
+
|
|
55
|
+
- name: Count results
|
|
56
|
+
run: |
|
|
57
|
+
echo "=== Installed packages ==="
|
|
58
|
+
pip list --format=columns | wc -l
|
|
59
|
+
echo ""
|
|
60
|
+
echo "=== Direct dependencies ==="
|
|
61
|
+
python3 -c "import tomli; deps=tomli.load(open('pyproject.toml','rb'))['project']['dependencies']; print(f'{len(deps)} direct dependencies')"
|
|
62
|
+
echo ""
|
|
63
|
+
echo "=== Transitive dependencies ==="
|
|
64
|
+
pip list --format=json | python3 -c "import sys,json; pkgs=json.load(sys.stdin); print(f'{len(pkgs)} total packages installed (direct + transitive)')"
|
|
65
|
+
|
|
66
|
+
- name: Upload SBOM artifact
|
|
67
|
+
if: always()
|
|
68
|
+
uses: actions/upload-artifact@v4
|
|
69
|
+
with:
|
|
70
|
+
name: sbom-report
|
|
71
|
+
path: |
|
|
72
|
+
sbom-cyclonedx.json
|
|
73
|
+
dependencies-licenses.json
|
|
74
|
+
audit-report.json
|
|
75
|
+
retention-days: 90
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
name: SonarCloud Analysis
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
branches: [main]
|
|
6
|
+
pull_request:
|
|
7
|
+
branches: [main]
|
|
8
|
+
workflow_dispatch:
|
|
9
|
+
|
|
10
|
+
permissions:
|
|
11
|
+
contents: read
|
|
12
|
+
|
|
13
|
+
jobs:
|
|
14
|
+
sonarcloud:
|
|
15
|
+
name: SonarCloud Scan
|
|
16
|
+
runs-on: ubuntu-latest
|
|
17
|
+
continue-on-error: true
|
|
18
|
+
steps:
|
|
19
|
+
- uses: actions/checkout@v4
|
|
20
|
+
with:
|
|
21
|
+
fetch-depth: 0
|
|
22
|
+
|
|
23
|
+
- name: Set up Python
|
|
24
|
+
uses: actions/setup-python@v5
|
|
25
|
+
with:
|
|
26
|
+
python-version: "3.12"
|
|
27
|
+
|
|
28
|
+
- name: Install project + test deps
|
|
29
|
+
run: pip install -e ".[dev]"
|
|
30
|
+
|
|
31
|
+
- name: Run tests with coverage
|
|
32
|
+
run: |
|
|
33
|
+
pytest tests/ --cov=osscodeiq --cov-report=xml:coverage.xml --junitxml=test-results.xml -q || true
|
|
34
|
+
|
|
35
|
+
- name: SonarCloud Scan
|
|
36
|
+
uses: SonarSource/sonarqube-scan-action@v6
|
|
37
|
+
env:
|
|
38
|
+
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
|
|
39
|
+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
@@ -0,0 +1,61 @@
|
|
|
1
|
+
# Python
|
|
2
|
+
__pycache__/
|
|
3
|
+
*.py[cod]
|
|
4
|
+
*$py.class
|
|
5
|
+
*.so
|
|
6
|
+
*.egg-info/
|
|
7
|
+
*.egg
|
|
8
|
+
.eggs/
|
|
9
|
+
dist/
|
|
10
|
+
build/
|
|
11
|
+
sdist/
|
|
12
|
+
wheels/
|
|
13
|
+
*.whl
|
|
14
|
+
|
|
15
|
+
# Virtual environments
|
|
16
|
+
.venv/
|
|
17
|
+
venv/
|
|
18
|
+
env/
|
|
19
|
+
ENV/
|
|
20
|
+
|
|
21
|
+
# Testing
|
|
22
|
+
.pytest_cache/
|
|
23
|
+
.coverage
|
|
24
|
+
htmlcov/
|
|
25
|
+
.tox/
|
|
26
|
+
.nox/
|
|
27
|
+
|
|
28
|
+
# IDE
|
|
29
|
+
.idea/
|
|
30
|
+
.vscode/
|
|
31
|
+
*.swp
|
|
32
|
+
*.swo
|
|
33
|
+
*~
|
|
34
|
+
.project
|
|
35
|
+
.settings/
|
|
36
|
+
|
|
37
|
+
# OS
|
|
38
|
+
.DS_Store
|
|
39
|
+
Thumbs.db
|
|
40
|
+
|
|
41
|
+
# Project
|
|
42
|
+
.code-intelligence/
|
|
43
|
+
docs/superpowers/
|
|
44
|
+
docs/specs/
|
|
45
|
+
.code_intelligence_cache*/
|
|
46
|
+
*.db
|
|
47
|
+
*.db-wal
|
|
48
|
+
*.db-shm
|
|
49
|
+
|
|
50
|
+
# Environment & secrets
|
|
51
|
+
.env
|
|
52
|
+
.env.local
|
|
53
|
+
*.pem
|
|
54
|
+
*.key
|
|
55
|
+
|
|
56
|
+
# Logs
|
|
57
|
+
*.log
|
|
58
|
+
|
|
59
|
+
# Distribution
|
|
60
|
+
*.tar.gz
|
|
61
|
+
*.zip
|
|
@@ -0,0 +1,135 @@
|
|
|
1
|
+
# Code Intelligence — Project Instructions
|
|
2
|
+
|
|
3
|
+
## What This Project Is
|
|
4
|
+
|
|
5
|
+
A CLI tool that scans codebases to build a deterministic code knowledge graph. No AI, no external APIs — pure pattern matching. 72 detectors, 35 languages, 3 storage backends (NetworkX, SQLite, KuzuDB).
|
|
6
|
+
|
|
7
|
+
## Architecture
|
|
8
|
+
|
|
9
|
+
```
|
|
10
|
+
FileDiscovery → Parsers → Detectors → GraphBuilder (buffered) → Linkers → LayerClassifier → GraphStore (backend)
|
|
11
|
+
```
|
|
12
|
+
|
|
13
|
+
- **Detectors** follow the `Detector` Protocol in `detectors/base.py` — implement `name`, `supported_languages`, `detect(ctx) -> DetectorResult`
|
|
14
|
+
- **Backends** follow the `GraphBackend` Protocol in `graph/backend.py` — implement 16 methods. `CypherBackend` is optional for Cypher-capable backends.
|
|
15
|
+
- **GraphStore** is a facade delegating to a backend — never access backends directly
|
|
16
|
+
- **GraphBuilder** buffers all nodes and edges, flushes nodes first then edges (ensures cross-backend parity)
|
|
17
|
+
- **Linkers** run after all detectors, produce cross-file relationship edges
|
|
18
|
+
- **LayerClassifier** runs after linkers, sets `layer` property on every node
|
|
19
|
+
|
|
20
|
+
## Critical Rules
|
|
21
|
+
|
|
22
|
+
### Determinism is Non-Negotiable
|
|
23
|
+
- Same input MUST produce same output, every time, on every backend
|
|
24
|
+
- No set iteration without `sorted()` first
|
|
25
|
+
- No dependency on thread completion order (builder uses indexed result slots)
|
|
26
|
+
- All detectors must be stateless pure functions — no class-level mutable state
|
|
27
|
+
- Benchmark after every change: run 2+ times, assert identical node/edge counts
|
|
28
|
+
|
|
29
|
+
### Cross-Backend Data Parity
|
|
30
|
+
- All 3 backends (NetworkX, SQLite, KuzuDB) must produce identical node and edge counts
|
|
31
|
+
- Edges are only added if both source and target nodes exist
|
|
32
|
+
- Test parity after any change to builder, store, or backends
|
|
33
|
+
|
|
34
|
+
### Adding a New Detector
|
|
35
|
+
1. Create file in `detectors/<category>/my_detector.py`
|
|
36
|
+
2. Implement `Detector` protocol (name, supported_languages, detect method)
|
|
37
|
+
3. Add to the hardcoded list in `detectors/registry.py` (will be auto-discovered after tech debt cleanup)
|
|
38
|
+
4. Create test in `tests/detectors/<category>/test_my_detector.py`
|
|
39
|
+
5. Include a determinism test (run twice, assert identical output)
|
|
40
|
+
6. Run `pytest tests/ -x -q` — all tests must pass
|
|
41
|
+
|
|
42
|
+
### Adding a New Backend
|
|
43
|
+
1. Create file in `graph/backends/my_backend.py`
|
|
44
|
+
2. Implement `GraphBackend` protocol (16 methods)
|
|
45
|
+
3. Optionally implement `CypherBackend` for Cypher support
|
|
46
|
+
4. Add to factory in `graph/backends/__init__.py`
|
|
47
|
+
5. Add to `GraphConfig` backend choices in `config.py`
|
|
48
|
+
6. Test parity: same nodes/edges as NetworkX on the same input
|
|
49
|
+
|
|
50
|
+
## Code Conventions
|
|
51
|
+
|
|
52
|
+
- Python 3.11+, `from __future__ import annotations`
|
|
53
|
+
- Pydantic for data models, typer for CLI, rich for output
|
|
54
|
+
- Regex-based detection (no tree-sitter dependency for new detectors unless needed)
|
|
55
|
+
- `NodeKind` and `EdgeKind` enums in `models/graph.py` — add new values there
|
|
56
|
+
- ID format: `"{prefix}:{filepath}:{type}:{identifier}"` for cross-file uniqueness
|
|
57
|
+
- Properties dict for detector-specific metadata (`auth_type`, `framework`, `roles`, etc.)
|
|
58
|
+
- `layer` property on every node: `frontend | backend | infra | shared | unknown`
|
|
59
|
+
|
|
60
|
+
## Testing
|
|
61
|
+
|
|
62
|
+
- `pytest tests/ -x -q` — must always pass (currently 565 tests)
|
|
63
|
+
- Every detector needs: positive match test, negative match test, determinism test
|
|
64
|
+
- All detectors use shared `detectors/utils.py` — decode_text, find_line_number, etc.
|
|
65
|
+
|
|
66
|
+
## Benchmark Requirements
|
|
67
|
+
|
|
68
|
+
**After every change**, run a clean benchmark on a small project to verify:
|
|
69
|
+
1. No performance regression (time should not increase significantly)
|
|
70
|
+
2. 100% determinism (2 runs produce identical node/edge counts)
|
|
71
|
+
3. Coverage doesn't decrease (file/node/edge counts should not drop)
|
|
72
|
+
|
|
73
|
+
**Benchmark procedure:**
|
|
74
|
+
```bash
|
|
75
|
+
rm -rf ~/projects/testDir/contoso-real-estate/.code-intelligence/
|
|
76
|
+
find ~/projects/testDir/contoso-real-estate -name ".code_intelligence_cache*" -delete
|
|
77
|
+
# Run twice
|
|
78
|
+
time code-intelligence analyze ~/projects/testDir/contoso-real-estate --full -j 8
|
|
79
|
+
time code-intelligence analyze ~/projects/testDir/contoso-real-estate --full -j 8
|
|
80
|
+
```
|
|
81
|
+
|
|
82
|
+
If `testDir/contoso-real-estate` is not available, clone an official secure project:
|
|
83
|
+
```bash
|
|
84
|
+
git clone --depth 1 https://github.com/Azure-Samples/contoso-real-estate.git ~/projects/testDir/contoso-real-estate
|
|
85
|
+
```
|
|
86
|
+
|
|
87
|
+
**Baseline (contoso-real-estate, 488 files):** 2,313 nodes, 2,905 edges, ~3.7s
|
|
88
|
+
- Cross-backend parity test on contoso-real-estate for data quality
|
|
89
|
+
|
|
90
|
+
## Key Files
|
|
91
|
+
|
|
92
|
+
| File | Purpose |
|
|
93
|
+
|------|---------|
|
|
94
|
+
| `detectors/base.py` | Detector protocol (42 lines) |
|
|
95
|
+
| `graph/backend.py` | GraphBackend + CypherBackend protocols |
|
|
96
|
+
| `graph/store.py` | GraphStore facade |
|
|
97
|
+
| `graph/builder.py` | GraphBuilder with buffered flush + linkers |
|
|
98
|
+
| `graph/backends/networkx.py` | Default in-memory backend |
|
|
99
|
+
| `graph/backends/kuzu.py` | KuzuDB embedded graph DB with Cypher |
|
|
100
|
+
| `graph/backends/sqlite_backend.py` | SQLite file-based backend |
|
|
101
|
+
| `classifiers/layer_classifier.py` | Deterministic layer classification |
|
|
102
|
+
| `models/graph.py` | NodeKind, EdgeKind, GraphNode, GraphEdge |
|
|
103
|
+
| `config.py` | Config with GraphConfig for backend selection |
|
|
104
|
+
| `analyzer.py` | Pipeline orchestrator |
|
|
105
|
+
| `cli.py` | CLI commands (analyze, graph, query, find, cypher, bundle, cache, plugins) |
|
|
106
|
+
|
|
107
|
+
## Tech Debt Resolved (Phase 2 — Complete)
|
|
108
|
+
|
|
109
|
+
- Registry auto-discovers detectors via `pkgutil.walk_packages()` — new detector = create file, done
|
|
110
|
+
- `imports_detector.py` split into `kotlin_structures.py`, `rust_structures.py`, `scala_structures.py` with fixed regexes
|
|
111
|
+
- 54 new tests added for 10 previously untested detectors (415 total tests)
|
|
112
|
+
- `_parse_structured()` uses `_STRUCTURED_PARSERS` dispatch dict
|
|
113
|
+
- Linker protocol uses `LinkResult(nodes, edges)` dataclass — no more private attribute hack
|
|
114
|
+
- 16 new extensions added (.html, .css, .mjs, .cjs, .jsonc, .groovy, .pyi, .razor, .cshtml, .adoc, etc.)
|
|
115
|
+
- Extensionless files supported via `_FILENAME_MAP` (Dockerfile, Makefile, go.mod, Jenkinsfile)
|
|
116
|
+
- Shared `detectors/utils.py` with `decode_text`, `iter_lines`, `find_line_number`, `filename`, `matches_filename`
|
|
117
|
+
|
|
118
|
+
## Adding a New Detector (Updated)
|
|
119
|
+
|
|
120
|
+
1. Create file in `detectors/<category>/my_detector.py`
|
|
121
|
+
2. Implement `Detector` protocol (name, supported_languages, detect method)
|
|
122
|
+
3. **No registry changes needed** — auto-discovered by package scanning
|
|
123
|
+
4. Create test in `tests/detectors/<category>/test_my_detector.py`
|
|
124
|
+
5. Include a determinism test (run twice, assert identical output)
|
|
125
|
+
6. Run `pytest tests/ -x -q` — all tests must pass
|
|
126
|
+
|
|
127
|
+
## Remaining Work
|
|
128
|
+
|
|
129
|
+
- Phase 3: Flow generator (GitLab CI, Helm, enhanced Dockerfile, Mermaid flow command)
|
|
130
|
+
- Phase 4: 30+ new framework detectors (Go web, EF Core, Prisma, Pydantic, etc.)
|
|
131
|
+
- KuzuDB bulk import optimization for edge insertion
|
|
132
|
+
|
|
133
|
+
## Updating This File
|
|
134
|
+
|
|
135
|
+
After significant changes (new detectors, new backends, architectural decisions, conventions learned), update this CLAUDE.md to reflect the current state. Keep it concise and actionable.
|
osscodeiq-0.0.0/LICENSE
ADDED
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
MIT License
|
|
2
|
+
|
|
3
|
+
Copyright (c) 2026 RandomCodeSpace
|
|
4
|
+
|
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
6
|
+
of this software and associated documentation files (the "Software"), to deal
|
|
7
|
+
in the Software without restriction, including without limitation the rights
|
|
8
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
9
|
+
copies of the Software, and to permit persons to whom the Software is
|
|
10
|
+
furnished to do so, subject to the following conditions:
|
|
11
|
+
|
|
12
|
+
The above copyright notice and this permission notice shall be included in all
|
|
13
|
+
copies or substantial portions of the Software.
|
|
14
|
+
|
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
17
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
18
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
19
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
20
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
21
|
+
SOFTWARE.
|
osscodeiq-0.0.0/PKG-INFO
ADDED
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
Metadata-Version: 2.4
|
|
2
|
+
Name: osscodeiq
|
|
3
|
+
Version: 0.0.0
|
|
4
|
+
Summary: CLI tool for intelligent code graph discovery and analysis
|
|
5
|
+
Requires-Python: >=3.11
|
|
6
|
+
License-File: LICENSE
|
|
7
|
+
Requires-Dist: typer>=0.9
|
|
8
|
+
Requires-Dist: rich>=13.0
|
|
9
|
+
Requires-Dist: tree-sitter>=0.23
|
|
10
|
+
Requires-Dist: tree-sitter-java>=0.23
|
|
11
|
+
Requires-Dist: tree-sitter-python>=0.23
|
|
12
|
+
Requires-Dist: tree-sitter-typescript>=0.23
|
|
13
|
+
Requires-Dist: tree-sitter-javascript>=0.23
|
|
14
|
+
Requires-Dist: networkx>=3.2
|
|
15
|
+
Requires-Dist: lxml>=5.0
|
|
16
|
+
Requires-Dist: pyyaml>=6.0
|
|
17
|
+
Requires-Dist: sqlparse>=0.5
|
|
18
|
+
Requires-Dist: pydantic>=2.0
|
|
19
|
+
Requires-Dist: pathspec>=0.11
|
|
20
|
+
Requires-Dist: fastapi>=0.115
|
|
21
|
+
Requires-Dist: uvicorn[standard]>=0.34
|
|
22
|
+
Requires-Dist: fastmcp>=2.0
|
|
23
|
+
Provides-Extra: dev
|
|
24
|
+
Requires-Dist: pytest>=8.0; extra == "dev"
|
|
25
|
+
Requires-Dist: pytest-cov>=5.0; extra == "dev"
|
|
26
|
+
Provides-Extra: kuzu
|
|
27
|
+
Requires-Dist: kuzu>=0.6; extra == "kuzu"
|
|
28
|
+
Provides-Extra: all-backends
|
|
29
|
+
Requires-Dist: kuzu>=0.6; extra == "all-backends"
|
|
30
|
+
Dynamic: license-file
|