python-code-quality 0.1.16__py3-none-any.whl → 0.2.2__py3-none-any.whl

py_cq/cli.py

@@ -10,26 +10,24 @@ analysis.
 Helper functions such as `format_as_table` convert the aggregated tool
 results into a Rich Table for convenient console display.
 """
-import copy
+
 import io
 import json
 import logging
+import time
 import tomllib
 from enum import Enum
-from importlib import import_module
 from importlib.metadata import requires, version
 from pathlib import Path
 
+import tomlkit
 import typer
 from rich.console import Console
 from rich.logging import RichHandler
 from rich.table import Table
 
-from py_cq.config import load_user_config
-from py_cq.execution_engine import _cache as tool_cache
-from py_cq.execution_engine import run_tools
+from py_cq.api import CQ, _apply_user_config
 from py_cq.language_detector import detect_language
-from py_cq.localtypes import ToolConfig
 from py_cq.metric_aggregator import aggregate_metrics
 from py_cq.table_formatter import format_as_table
 from py_cq.tool_registry import tool_registry
@@ -45,60 +43,27 @@ app = typer.Typer(
     epilog=(
         "Examples:\n\n"
         "  cq check .          # full table with all metrics (default)\n\n"
-        "  cq check . -o llm   # top defect as markdown (primary LLM workflow)\n\n"
-        "  cq check . -o score # numeric score only\n\n"
-        "  cq check . -o json  # parsed metrics as json\n\n"
-        "  cq check . -o raw   # unprocessed tool output as json\n\n"
-        "  cq config .         # show effective tool configuration"
+        "  cq check . -o llm      # top defect as markdown (primary LLM workflow)\n\n"
+        "  cq check . -o llm-json # top defect as JSON with fingerprint for automation\n\n"
+        "  cq check . -o score    # numeric score only\n\n"
+        "  cq check . -o json     # parsed metrics as json\n\n"
+        "  cq check . -o raw      # unprocessed tool output as json\n\n"
+        "  cq config              # show effective tool configuration\n"
+        "  cq config --path .     # show configuration for current project\n\n"
+        "  cq config set radon-hal --warning 0.45 --error 0.25  # set thresholds\n\n"
+        "  cq config set radon-hal --error 0.25 --path .        # set with path"
     ),
 )
 
 
-def _apply_user_config(base: dict[str, ToolConfig], user_cfg: dict) -> dict[str, ToolConfig]:
-    """Return a modified copy of base with user overrides applied.
-
-    Supports:
-      - ``disable``: list of tool IDs to remove
-      - ``thresholds.<tool_id>.warning`` / ``.error``: override per-tool thresholds
-      - ``tools.<tool_id>``: declare new tools (or override built-ins)
-    """
-    registry = {k: copy.copy(v) for k, v in base.items()}
-    for tool_id in user_cfg.get("disable", []):
-        registry.pop(tool_id, None)
-    for tool_id, thresholds in user_cfg.get("thresholds", {}).items():
-        if tool_id in registry:
-            if "warning" in thresholds:
-                registry[tool_id].warning_threshold = float(thresholds["warning"])
-            if "error" in thresholds:
-                registry[tool_id].error_threshold = float(thresholds["error"])
-    for tool_id, tool_data in user_cfg.get("tools", {}).items():
-        try:
-            parser_name = tool_data["parser"]
-            module = import_module(f"py_cq.parsers.{parser_name.lower()}")
-            parser_class = getattr(module, parser_name)
-            registry[tool_id] = ToolConfig(
-                name=tool_id,
-                command=tool_data["command"],
-                parser_class=parser_class,
-                order=tool_data["order"],
-                warning_threshold=tool_data["warning_threshold"],
-                error_threshold=tool_data["error_threshold"],
-                run_in_target_env=tool_data.get("run_in_target_env", False),
-                extra_deps=tool_data.get("extra_deps", []),
-                parser_config=tool_data.get("parser_config", {}),
-                exclude_format=tool_data.get("exclude_format", ""),
-            )
-        except KeyError as e:
-            raise typer.BadParameter(f"[tool.cq.tools.{tool_id}] missing required field {e}")
-    return registry
-
-
 class OutputMode(str, Enum):
     """Enum of output types."""
+
     TABLE = "table"
     SCORE = "score"
     JSON = "json"
     LLM = "llm"
+    LLM_JSON = "llm-json"
     RAW = "raw"
 
 
@@ -106,13 +71,11 @@ def _version_callback(value: bool) -> None:
     if not value:
         return
     import re
-    import sys
-    if isinstance(sys.stdout,  io.TextIOWrapper):  # pragma: no branch
-        sys.stdout.reconfigure(encoding="utf-8")
+
     pkg = "python-code-quality"
     pkg_version = version(pkg)
     dep_versions: list[tuple[str, str]] = []
-    for req in (requires(pkg) or []):
+    for req in requires(pkg) or []:
         if "; extra ==" in req:
             continue
         dep_name = re.split(r"[>=<!;\s\[]", req)[0]
@@ -122,17 +85,28 @@ def _version_callback(value: bool) -> None:
             pass
     typer.echo(f"{pkg} v{pkg_version}")
     for dep_name, dep_ver in sorted(dep_versions):
-        typer.echo(f"\u251c\u2500\u2500 {dep_name} v{dep_ver}")
+        typer.echo(f"+-- {dep_name} v{dep_ver}")
     raise typer.Exit()
 
 
 @app.callback()
 def callback(
     _: bool = typer.Option(
-        False, "--version", "-V", callback=_version_callback, is_eager=True, help="Show version and dependencies"
+        False,
+        "--version",
+        "-V",
+        callback=_version_callback,
+        is_eager=True,
+        help="Show version and dependencies",
     ),
 ) -> None:
     """Feed the results from 11+ code quality tools to an LLM. Try: cq check . -o llm"""
+    import sys
+
+    if isinstance(sys.stdout, io.TextIOWrapper):
+        sys.stdout.reconfigure(encoding="utf-8")
+
+
 console = Console()
 
 
@@ -140,7 +114,10 @@ console = Console()
 def check(
     path: str = typer.Argument(".", help="Path to Python file or project directory"),
     output: OutputMode = typer.Option(
-        OutputMode.TABLE, "--output", "-o", help="Output mode: table (default), score, json, llm"
+        OutputMode.TABLE,
+        "--output",
+        "-o",
+        help="Output mode: table (default), score, json, llm",
     ),
     log_level: str = typer.Option(
         "CRITICAL",
@@ -151,10 +128,15 @@ def check(
         False, "--clear-cache", help="Clear cached tool results before running"
     ),
     workers: int = typer.Option(
-        0, "--workers", help="Max parallel workers (default: one per tool, use 1 for sequential)"
+        0,
+        "--workers",
+        help="Max parallel workers (default: one per tool, use 1 for sequential)",
     ),
     language: str | None = typer.Option(
-        None, "--language", "-l", help="Override language detection (e.g. python, typescript, rust)"
+        None,
+        "--language",
+        "-l",
+        help="Override language detection (e.g. python, typescript, rust)",
     ),
     only: str | None = typer.Option(
         None, "--only", help="Comma-separated tool IDs to run (e.g. ruff,ty,pytest)"
@@ -165,8 +147,20 @@ def check(
     exclude: str | None = typer.Option(
         None, "--exclude", help="Comma-separated paths to exclude (e.g. demo,docs)"
     ),
+    hint: bool = typer.Option(
+        False, "--hint", help="Append 'run cq again to verify' to -o llm output"
+    ),
+    limit: int = typer.Option(
+        1, "--limit", help="Number of issues to show with -o llm (default: 1)"
+    ),
+    silence: list[str] = typer.Option(
+        [],
+        "--silence",
+        "-s",
+        help="Silence issues from -o llm output (e.g. -s src/foo.py or -s src/foo.py:42:E501)",
+    ),
 ):
-    """Feed the results from 11+ code quality tools to an LLM. Try: cq check . -o llm""" # --help
+    """Feed the results from 11+ code quality tools to an LLM. Try: cq check . -o llm"""  # --help
     path_obj = Path(path)
     if not path_obj.exists():
         raise typer.BadParameter(f"Path does not exist: {path}")
@@ -180,9 +174,6 @@ def check(
         )
         raise typer.Exit(0)
 
-    # Python path (or unknown — fall through to existing validation).
-    # Note: --language python still requires pyproject.toml; the flag selects
-    # the tool set, not the input validation rules.
     if path_obj.is_file():
         if path_obj.suffix != ".py":
             raise typer.BadParameter(f"File must be a Python file (.py): {path}")
@@ -190,39 +181,69 @@ def check(
         if not (path_obj / "pyproject.toml").exists():
             raise typer.BadParameter(f"Directory must contain pyproject.toml: {path}")
     log.setLevel(log_level)
-    user_cfg = load_user_config(path_obj)
-    context_lines: int = int(user_cfg.get("context_lines", 15))
-    effective_registry = _apply_user_config(tool_registry, user_cfg)
-    if only:
-        keep = set(only.split(","))
-        effective_registry = {k: v for k, v in effective_registry.items() if k in keep}
-    if skip:
-        drop = set(skip.split(","))
-        effective_registry = {k: v for k, v in effective_registry.items() if k not in drop}
-    config_excludes: list[str] = user_cfg.get("exclude", [])
-    cli_excludes: list[str] = [e.strip() for e in exclude.split(",")] if exclude else []
-    excludes = list(dict.fromkeys(config_excludes + cli_excludes))
-    if clear_cache:
-        tool_cache.clear()
-    tool_results = run_tools(effective_registry.values(), path, workers, early_exit=(output == OutputMode.LLM), excludes=excludes)
-    # for tr in tool_results:
-    #     log.debug(json.dumps(tr.to_dict(), indent=2))
-    combined_metrics = aggregate_metrics(path=path, metrics=tool_results)
+
+    only_list = [t.strip() for t in only.split(",")] if only else None
+    skip_list = [t.strip() for t in skip.split(",")] if skip else None
+    exclude_list = [e.strip() for e in exclude.split(",")] if exclude else None
+
+    try:
+        cq = CQ(
+            path_obj,
+            only=only_list,
+            skip=skip_list,
+            exclude=exclude_list,
+            workers=workers,
+            clear_cache=clear_cache,
+        )
+    except ValueError as e:
+        raise typer.BadParameter(str(e))
+
+    is_llm = output in (OutputMode.LLM, OutputMode.LLM_JSON)
+    t0 = time.perf_counter()
+    tool_results = cq.raw(early_exit=is_llm)
+    total_s = time.perf_counter() - t0
+    combined = aggregate_metrics(path, tool_results)
+
     if output == OutputMode.SCORE:
-        console.print(combined_metrics.score)
+        console.print(combined.score)
     elif output == OutputMode.JSON:
         print(json.dumps([tr.to_dict() for tr in tool_results], indent=2))
     elif output == OutputMode.RAW:
         print(json.dumps([tr.raw.to_dict() for tr in tool_results], indent=2))
     elif output == OutputMode.LLM:
-        # log.setLevel("CRITICAL")
         from py_cq.llm_formatter import format_for_llm
-        print(format_for_llm(effective_registry, combined_metrics, context_lines=context_lines))
+
+        print(
+            format_for_llm(
+                cq._registry,
+                combined,
+                context_lines=cq._context_lines,
+                hint=hint,
+                limit=limit,
+                silence=silence,
+            )
+        )
+    elif output == OutputMode.LLM_JSON:
+        from py_cq.llm_formatter import format_for_llm_json
+
+        print(
+            json.dumps(
+                format_for_llm_json(
+                    cq._registry,
+                    combined,
+                    context_lines=cq._context_lines,
+                    hint=hint,
+                    limit=limit,
+                    silence=silence,
+                    project_root=cq._project_root,
+                )
+            )
+        )
     else:
         console.print(f"[bold green]{path_obj.resolve()}[/]")
-        console.print(format_as_table(combined_metrics, effective_registry))
+        console.print(format_as_table(combined, cq._registry, total_s=total_s))
 
-    tool_by_name = {tc.name: tc for tc in effective_registry.values()}
+    tool_by_name = {tc.name: tc for tc in cq._registry.values()}
     if any(
         min(tr.metrics.values()) < tool_by_name[tr.raw.tool_name].error_threshold
         for tr in tool_results
@@ -231,11 +252,20 @@ def check(
         raise typer.Exit(code=1)
 
 
-@app.command()
+config_app = typer.Typer(help="Show or modify tool configuration")
+app.add_typer(config_app, name="config")
+
+
+@config_app.callback(invoke_without_command=True)
 def config(
-    path: str = typer.Argument(".", help="Path to Python file or project directory"),
+    ctx: typer.Context,
+    path: str = typer.Option(
+        ".", "--path", "-p", help="Path to Python file or project directory"
+    ),
 ) -> None:
     """Show the effective tool configuration for a project."""
+    if ctx.invoked_subcommand is not None:
+        return
     path_obj = Path(path).resolve()
     toml_path = (
         path_obj.parent / "pyproject.toml"
@@ -259,7 +289,10 @@ def config(
 
     console.print(f"Config: [bold]{toml_path}[/bold] ({status_text})\n")
 
-    effective_registry = _apply_user_config(tool_registry, user_cfg)
+    try:
+        effective_registry = _apply_user_config(tool_registry, user_cfg)
+    except ValueError as e:
+        raise typer.BadParameter(str(e))
     disabled_ids = set(tool_registry.keys()) - set(effective_registry.keys())
 
     table = Table()
@@ -270,7 +303,10 @@ def config(
     table.add_column("Status", justify="center")
 
     all_tool_ids = set(tool_registry) | set(effective_registry)
-    for tool_id in sorted(all_tool_ids, key=lambda t: (effective_registry.get(t) or tool_registry[t]).order):
+    for tool_id in sorted(
+        all_tool_ids,
+        key=lambda t: (effective_registry.get(t) or tool_registry[t]).order,
+    ):
         tc = effective_registry.get(tool_id) or tool_registry[tool_id]
         is_disabled = tool_id in disabled_ids
         status = "[red]disabled[/red]" if is_disabled else "[green]enabled[/green]"
@@ -285,3 +321,93 @@ def config(
     console.print(table)
 
 
+@config_app.command("set")
+def config_set(
+    tool_id: str = typer.Argument(..., help="Tool ID (e.g. radon-hal, ruff)"),
+    warning: float | None = typer.Option(
+        None, "--warning", "-w", help="Warning threshold (0-1)"
+    ),
+    error: float | None = typer.Option(
+        None, "--error", "-e", help="Error threshold (0-1)"
+    ),
+    path: str = typer.Option(".", "--path", "-p", help="Path to project directory"),
+) -> None:
+    """Set warning/error thresholds for a tool in pyproject.toml."""
+    if warning is None and error is None:
+        raise typer.BadParameter("At least one of --warning or --error is required")
+
+    if tool_id not in tool_registry:
+        available = ", ".join(sorted(tool_registry))
+        raise typer.BadParameter(
+            f"Unknown tool: {tool_id!r}. Available tools: {available}"
+        )
+
+    path_obj = Path(path).resolve()
+    if not path_obj.is_dir():
+        raise typer.BadParameter(f"Path must be a directory: {path}")
+
+    toml_path = path_obj / "pyproject.toml"
+    if not toml_path.exists():
+        raise typer.BadParameter(f"No pyproject.toml found at {toml_path}")
+
+    with toml_path.open("r", encoding="utf-8") as f:
+        doc = tomlkit.parse(f.read())
+
+    if "tool" not in doc:
+        doc["tool"] = tomlkit.table()
+    tool_tbl = doc["tool"]
+    if "cq" not in tool_tbl:
+        tool_tbl["cq"] = tomlkit.table()
+    cq_tbl = tool_tbl["cq"]
+    if "thresholds" not in cq_tbl:
+        cq_tbl["thresholds"] = tomlkit.table()
+    thresholds = cq_tbl["thresholds"]
+
+    if tool_id in thresholds:
+        entry = thresholds[tool_id]
+    else:
+        entry = tomlkit.inline_table()
+
+    if warning is not None:
+        entry["warning"] = warning
+    if error is not None:
+        entry["error"] = error
+    thresholds[tool_id] = entry
+
+    with toml_path.open("w", encoding="utf-8") as f:
+        f.write(tomlkit.dumps(doc))
+
+    parts = []
+    if warning is not None:
+        parts.append(f"warning={warning}")
+    if error is not None:
+        parts.append(f"error={error}")
+    console.print(
+        f"[green]Set {tool_id} thresholds ({', '.join(parts)}) in {toml_path}[/green]"
+    )
+
+    from py_cq.execution_engine import _cache
+
+    _cache.clear()
+    console.print("[dim]Tool cache cleared[/dim]")
+
+
+@app.command()
+def is_fixed(
+    fingerprint: str = typer.Argument(
+        ...,
+        help="Fingerprint from -o llm-json output (tool::project::path[::line[::code]])",
+    ),
+) -> None:
+    """Return True if the fingerprinted issue is no longer present."""
+    try:
+        cq = CQ(".")
+        fixed = cq.is_fixed(fingerprint)
+    except ValueError as e:
+        raise typer.BadParameter(str(e))
+
+    if fixed:
+        typer.echo("FIXED")
+    else:
+        typer.echo(f"FAILED: {fingerprint}")
+        raise typer.Exit(1)

py_cq/config/config.toml

@@ -0,0 +1,95 @@
+[python.compile]
+command = "{python} -m compileall -r 10 -j 8 \"{context_path}\" -x .*venv|\\.claude"
+parser = "CompileParser"
+order = 1
+warning_threshold = 0.9999
+error_threshold = 0.9999
+
+[python.ruff]
+command = "{python} -m ruff check --output-format concise --no-cache \"{context_path}\" --exclude .claude{exclude}"
+exclude_format = " --exclude {path}"
+parser = "RuffParser"
+order = 2
+warning_threshold = 0.9999
+error_threshold = 0.9
+
+[python.ty]
+command = "{python} -m ty check --output-format concise --color never \"{context_path}\" --exclude .claude{exclude}"
+exclude_format = " --exclude {path}"
+parser = "TyParser"
+order = 3
+warning_threshold = 0.9999
+error_threshold = 0.8
+run_in_target_env = true
+extra_deps = ["ty"]
+
+[python.bandit]
+command = "{python} -m bandit -r {scan_targets} -f json -q -s B101 --severity-level medium{exclude}"
+scan_exclude_names = [".venv", ".claude", "tests"]
+exclude_format = " --exclude {abs_native_path}"
+parser = "BanditParser"
+order = 4
+warning_threshold = 0.9999
+error_threshold = 0.8
+
+[python.pytest]
+command = "{python} -m pytest -vv \"{context_path}\" --ignore .claude{exclude}"
+exclude_format = " --ignore {path}"
+parser = "PytestParser"
+order = 5
+warning_threshold = 1.0
+error_threshold = 1.0
+run_in_target_env = true
+extra_deps = ["pytest"]
+skip_for_file = true
+
+[python.coverage]
+command = "{python} -m coverage run --omit=*/tests/*,*/test_*.py -m pytest \"{context_path}\" --ignore .claude{exclude} && {python} -m coverage report --show-missing --omit=*/tests/*,*/test_*.py"
+exclude_format = " --ignore {path}"
+parser = "CoverageParser"
+order = 6
+warning_threshold = 0.9
+error_threshold = 0.5
+run_in_target_env = true
+extra_deps = ["coverage", "pytest"]
+skip_for_file = true
+
+[python.radon-cc]
+command = "{python} -m radon cc --json --exclude '.claude/**' \"{context_path}\""
+parser = "ComplexityParser"
+order = 7
+warning_threshold = 0.6
+error_threshold = 0.4
+
+[python.radon-mi]
+command = "{python} -m radon mi -s --json --exclude '.claude/**' \"{context_path}\""
+parser = "MaintainabilityParser"
+order = 8
+warning_threshold = 0.6
+error_threshold = 0.4
+
+[python.radon-hal]
+command = "{python} -m radon hal -f --json --exclude '.claude/**' \"{context_path}\""
+parser = "HalsteadParser"
+order = 9
+warning_threshold = 0.5
+error_threshold = 0.3
+
+[python.vulture]
+command = "{python} -m vulture \"{context_path}\" --min-confidence 80 --exclude .venv,dist,.*_cache,docs,.git,.claude{exclude}"
+exclude_format = ",{path}"
+parser = "VultureParser"
+order = 10
+warning_threshold = 0.9999
+error_threshold = 0.8
+
+[python.interrogate]
+command = "{python} -m interrogate \"{context_path}\" -e .claude{exclude} -v --fail-under 0"
+exclude_format = " -e {path}"
+parser = "InterrogateParser"
+order = 11
+warning_threshold = 0.8
+error_threshold = 0.3
+
+[python.interrogate.parser_config]
+skip_empty_init = true

py_cq/context_hash.py

@@ -44,15 +44,22 @@ def get_sigs(path: str):
     items = []
     with os.scandir(path) as entries:
         for entry in entries:
-            if entry.is_file() and entry.name.endswith(".py"):
-                stat_info = entry.stat()
+            # Use follow_symlinks=False to prevent cache poisoning from
+            # symlinks pointing outside the project tree (M-2)
+            if entry.is_file(follow_symlinks=False) and entry.name.endswith(".py"):
+                stat_info = entry.stat(follow_symlinks=False)
                 items.append(f"{entry.path}:{stat_info.st_size}:{stat_info.st_mtime}")
-            if entry.is_dir() and entry.name not in [".venv", "venv", "__pycache__"]:
+            if entry.is_dir(follow_symlinks=False) and entry.name not in [
+                ".venv",
+                "venv",
+                "__pycache__",
+                ".git",
+            ]:
                 items.extend(get_sigs(entry.path))
     return items
 
 
-def get_context_hash(path: str):
+def get_context_hash(path: str) -> str:
     """Compute an MD5 hash that uniquely identifies a file or directory.
 
     The hash is derived from a signature string. For a file, the signature consists of
@@ -72,10 +79,13 @@ def get_context_hash(path: str):
         >>> get_context_hash('/tmp/example.txt')
         '5d41402abc4b2a76b9719d911017c592'
     """
-    sig = "empty"
+    h = hashlib.md5()  # nosec
     if os.path.isfile(path):
         s = os.stat(path)
-        sig = f"{path}:{s.st_size}:{s.st_mtime}"
+        h.update(f"{path}:{s.st_size}:{s.st_mtime}".encode())
     elif os.path.isdir(path):
-        sig = "".join(get_sigs(path=path))
-    return f"{hashlib.md5(sig.encode('utf-8')).hexdigest()}" # nosec
+        for sig in sorted(get_sigs(path)):
+            h.update(sig.encode())
+    else:
+        h.update(b"empty")
+    return h.hexdigest()