qgis-plugin-analyzer 1.4.0__tar.gz → 1.6.0__tar.gz

{qgis_plugin_analyzer-1.4.0/src/qgis_plugin_analyzer.egg-info → qgis_plugin_analyzer-1.6.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: qgis-plugin-analyzer
-Version: 1.4.0
+Version: 1.6.0
 Summary: A professional static analysis tool for QGIS (PyQGIS) plugins
 Author-email: geociencio <juanbernales@gmail.com>
 License: GPL-3.0-or-later
@@ -34,13 +34,16 @@ Dynamic: license-file
 ![License](https://img.shields.io/badge/License-GPLv3-blue.svg)
 ![Maintenance](https://img.shields.io/badge/Maintained%3F-yes-green.svg)
 ![Conventional Commits](https://img.shields.io/badge/Conventional%20Commits-1.0.0-yellow.svg?logo=git)
-![Quality Score](https://img.shields.io/badge/Module%20Stability-55.6%2F100-yellow)
-![Maintainability](https://img.shields.io/badge/Maintainability-100.0%2F100-brightgreen)
+![Quality Score](https://img.shields.io/badge/Module%20Stability-92.3%2F100-brightgreen)
+![Maintainability](https://img.shields.io/badge/Maintainability-84.1%2F100-green)
+![Security Score](https://img.shields.io/badge/Security--Bandit-98.7%2F100-brightgreen)
 
 The **QGIS Plugin Analyzer** is a static analysis tool designed specifically for QGIS (PyQGIS) plugin developers. Its goal is to elevate plugin quality by ensuring they follow community best practices and are optimized for AI-assisted development.
 
 ## ✨ Main Features
 
+- **Security Core (Bandit-inspired)**: Professional vulnerability scanning detecting `eval`, `exec`, shell injections, and SQL injection risks.
+- **Deep Entropy Secret Scanner**: Detects hardcoded API keys, passwords, and sensitive tokens using regex and information entropy.
 - **High-Performance Engine**: Parallel analysis powered by `ProcessPoolExecutor` for ultra-fast execution on multi-core systems.
 - **Project Auto-Detection**: Intelligently distinguishes between official QGIS Plugins and Generic Python Projects, tailoring validation logic accordingly.
 - **Advanced Ignore Engine**: Robust `.analyzerignore` support with non-anchored patterns and smart default excludes (`.venv`, `build`, etc.).
@@ -59,21 +62,21 @@ The **QGIS Plugin Analyzer** is a static analysis tool designed specifically for
 
 | Feature | **QGIS Plugin Analyzer** | flake8-qgis | Ruff (Standard) | Official Repo Bot |
 | :--- | :---: | :---: | :---: | :---: |
+| **Run Locally / Offline**| ✅ (Your Machine) | ✅ | ✅ | ❌ (Upload Only) |
 | **Static Linting** | ✅ (Ruff + Custom) | ✅ (flake8) | ✅ (General) | ✅ (Limited) |
 | **QGIS-Specific Rules**| ✅ (Precise AST) | ✅ (Regex/AST) | ❌ | ✅ |
 | **Interactive Auto-Fix**| ✅ | ❌ | ❌ | ❌ |
 | **Semantic Analysis**  | ✅ | ❌ | ❌ | ❌ |
-| **Compliance Checks**  | ✅ | ❌ | ❌ | ✅ |
-| **i18n / API Audit**   | ✅ | ❌ | ❌ | ✅ |
-| **Architecture Audit** | ✅ (UI/Core) | ❌ | ❌ | ❌ |
+| **Security Audit**     | ✅ (Bandit-style) | ❌ | ❌ | ✅ (Server-side) |
+| **Secret Scanning**    | ✅ (Entropy) | ❌ | ❌ | ✅ (Server-side) |
 | **HTML/MD Reports**    | ✅ | ❌ | ❌ | ❌ |
 | **AI Context Gen**      | ✅ (Project Brain) | ❌ | ❌ | ❌ |
 
 ### Key Differentiators
 
-1.  **High-Performance Hybrid Engine**: Combines multi-core AST processing with deep understanding of cross-file relationships and Qt-specific patterns.
-2.  **Safety-First Auto-Fixing**: AST-based transformations with Git status verification and interactive diff previews.
-3.  **Repository Compliance**: Local pre-checks to ensure your plugin passes the Official QGIS Repository policies.
+1.  **Shift Left (Run Locally)**: The biggest advantage is being able to run the **same high-standard checks** as the Official Repository *before* you upload your plugin. No more "reject-fix-upload" loops.
+2.  **High-Performance Hybrid Engine**: Combines multi-core AST processing with deep understanding of cross-file relationships and Qt-specific patterns.
+3.  **Safety-First Auto-Fixing**: AST-based transformations with Git status verification and interactive diff previews.
 4.  **Zero Runtime Stack**: Minimal footprint, ultra-fast execution, and easy CI integration.
 5.  **AI-Centric Design**: Built to help developers and AI agents understand complex QGIS plugins instantly.
 
@@ -129,7 +132,7 @@ You can run `qgis-plugin-analyzer` automatically before every commit to ensure q
 
 ```yaml
   - repo: https://github.com/geociencio/qgis-plugin-analyzer
-    rev: v1.4.0  # Use the latest tag
+    rev: main  # Use 'main' for latest features or a specific tag like v1.5.0
     hooks:
       - id: qgis-plugin-analyzer
 ```
@@ -188,6 +191,7 @@ Audits an existing QGIS plugin repository.
 | :--- | :--- | :--- |
 | `project_path` | **(Required)** Path to the plugin directory to analyze. | N/A |
 | `-o`, `--output` | Directory where HTML/Markdown reports will be saved. | `./analysis_results` |
+| `-r`, `--report` | Explicitly generate detailed HTML/Markdown reports. | `False` |
 | `-p`, `--profile`| Configuration profile from `pyproject.toml` (`default`, `release`). | `default` |
 
 ### `qgis-analyzer fix`
@@ -210,6 +214,18 @@ Shows a professional, color-coded summary of findings directly in your terminal.
 | `-b`, `--by` | Granularity of the summary: `total`, `modules`, `functions`, `classes`. | `total` |
 | `-i`, `--input` | Path to the `project_context.json` file to summarize. | `analysis_results/project_context.json` |
 
+### `qgis-analyzer security`
+Performs a focused security scan on a file or directory.
+
+| Argument | Description | Default |
+| :--- | :--- | :--- |
+| `path` | **(Required)** Path to the file or directory to scan. | N/A |
+| `--deep` | Run more intensive (but slower) security checks. | `False` |
+| `-p`, `--profile`| Configuration profile. | `default` |
+
+### `qgis-analyzer version`
+Shows the current version of the analyzer.
+
 **Example:**
 ```bash
 # Executive summary
@@ -245,6 +261,7 @@ The development of this analyzer is based on official QGIS community guidelines,
 - **[QGIS Plugin Repository Requirements](https://plugins.qgis.org/publish/)**: Mandatory criteria for plugin approval in the official repository.
 - **[QGIS Coding Standards](https://docs.qgis.org/latest/en/docs/developer_guide/codingstandards.html)**: Core style and organization guidelines for the QGIS project.
 - **[QGIS HIG (Human Interface Guidelines)](https://docs.qgis.org/latest/en/docs/developer_guide/hig.html)**: Standards for consistent and accessible user interface design.
+- **[QGIS Security Scanning Documentation](https://plugins.qgis.org/docs/security-scanning)**: Official guide on automated security analysis (Bandit, detect-secrets) for plugins.
 
 ### Industry & Community Standards
 - **[flake8-qgis Rules](https://github.com/qgis/flake8-qgis)**: Community-driven linting rules for PyQGIS (QGS101-106).
@@ -254,6 +271,11 @@ The development of this analyzer is based on official QGIS community guidelines,
 - **[Conventional Commits](https://www.conventionalcommits.org/)**: Standard for clear, machine-readable commit history.
 - **[Keep a Changelog](https://keepachangelog.com/)**: Best practices for maintainable version history.
 
+### Security Standards
+- **[Bandit (PyCQA)](https://bandit.readthedocs.io/)**: The security rules implemented (B1xx - B6xx) are directly derived from the Bandit project's rule set for identifying common security issues in Python code.
+- **[CWE (Common Weakness Enumeration)](https://cwe.mitre.org/)**: Security findings are mapped to standard CWE IDs (e.g., CWE-78 Command Injection, CWE-89 SQL Injection) for industry-standard classification.
+- **[OWASP Top 10](https://owasp.org/www-project-top-ten/)**: The "Hardcoded Secret" and "Injection" checks align with critical OWASP vulnerabilities.
+
 ### Internal Resources
 - **[Detailed Rules Catalog](RULES.md)**: Full documentation of all audit rules implemented in this analyzer.
 - **[Standardized Scoring Metrics](docs/SCORING_STANDARDS.md)**: Mathematical logic and thresholds for project evaluation.

{qgis_plugin_analyzer-1.4.0 → qgis_plugin_analyzer-1.6.0}/README.md

@@ -6,13 +6,16 @@
 ![License](https://img.shields.io/badge/License-GPLv3-blue.svg)
 ![Maintenance](https://img.shields.io/badge/Maintained%3F-yes-green.svg)
 ![Conventional Commits](https://img.shields.io/badge/Conventional%20Commits-1.0.0-yellow.svg?logo=git)
-![Quality Score](https://img.shields.io/badge/Module%20Stability-55.6%2F100-yellow)
-![Maintainability](https://img.shields.io/badge/Maintainability-100.0%2F100-brightgreen)
+![Quality Score](https://img.shields.io/badge/Module%20Stability-92.3%2F100-brightgreen)
+![Maintainability](https://img.shields.io/badge/Maintainability-84.1%2F100-green)
+![Security Score](https://img.shields.io/badge/Security--Bandit-98.7%2F100-brightgreen)
 
 The **QGIS Plugin Analyzer** is a static analysis tool designed specifically for QGIS (PyQGIS) plugin developers. Its goal is to elevate plugin quality by ensuring they follow community best practices and are optimized for AI-assisted development.
 
 ## ✨ Main Features
 
+- **Security Core (Bandit-inspired)**: Professional vulnerability scanning detecting `eval`, `exec`, shell injections, and SQL injection risks.
+- **Deep Entropy Secret Scanner**: Detects hardcoded API keys, passwords, and sensitive tokens using regex and information entropy.
 - **High-Performance Engine**: Parallel analysis powered by `ProcessPoolExecutor` for ultra-fast execution on multi-core systems.
 - **Project Auto-Detection**: Intelligently distinguishes between official QGIS Plugins and Generic Python Projects, tailoring validation logic accordingly.
 - **Advanced Ignore Engine**: Robust `.analyzerignore` support with non-anchored patterns and smart default excludes (`.venv`, `build`, etc.).
@@ -31,21 +34,21 @@ The **QGIS Plugin Analyzer** is a static analysis tool designed specifically for
 
 | Feature | **QGIS Plugin Analyzer** | flake8-qgis | Ruff (Standard) | Official Repo Bot |
 | :--- | :---: | :---: | :---: | :---: |
+| **Run Locally / Offline**| ✅ (Your Machine) | ✅ | ✅ | ❌ (Upload Only) |
 | **Static Linting** | ✅ (Ruff + Custom) | ✅ (flake8) | ✅ (General) | ✅ (Limited) |
 | **QGIS-Specific Rules**| ✅ (Precise AST) | ✅ (Regex/AST) | ❌ | ✅ |
 | **Interactive Auto-Fix**| ✅ | ❌ | ❌ | ❌ |
 | **Semantic Analysis**  | ✅ | ❌ | ❌ | ❌ |
-| **Compliance Checks**  | ✅ | ❌ | ❌ | ✅ |
-| **i18n / API Audit**   | ✅ | ❌ | ❌ | ✅ |
-| **Architecture Audit** | ✅ (UI/Core) | ❌ | ❌ | ❌ |
+| **Security Audit**     | ✅ (Bandit-style) | ❌ | ❌ | ✅ (Server-side) |
+| **Secret Scanning**    | ✅ (Entropy) | ❌ | ❌ | ✅ (Server-side) |
 | **HTML/MD Reports**    | ✅ | ❌ | ❌ | ❌ |
 | **AI Context Gen**      | ✅ (Project Brain) | ❌ | ❌ | ❌ |
 
 ### Key Differentiators
 
-1.  **High-Performance Hybrid Engine**: Combines multi-core AST processing with deep understanding of cross-file relationships and Qt-specific patterns.
-2.  **Safety-First Auto-Fixing**: AST-based transformations with Git status verification and interactive diff previews.
-3.  **Repository Compliance**: Local pre-checks to ensure your plugin passes the Official QGIS Repository policies.
+1.  **Shift Left (Run Locally)**: The biggest advantage is being able to run the **same high-standard checks** as the Official Repository *before* you upload your plugin. No more "reject-fix-upload" loops.
+2.  **High-Performance Hybrid Engine**: Combines multi-core AST processing with deep understanding of cross-file relationships and Qt-specific patterns.
+3.  **Safety-First Auto-Fixing**: AST-based transformations with Git status verification and interactive diff previews.
 4.  **Zero Runtime Stack**: Minimal footprint, ultra-fast execution, and easy CI integration.
 5.  **AI-Centric Design**: Built to help developers and AI agents understand complex QGIS plugins instantly.
 
@@ -101,7 +104,7 @@ You can run `qgis-plugin-analyzer` automatically before every commit to ensure q
 
 ```yaml
   - repo: https://github.com/geociencio/qgis-plugin-analyzer
-    rev: v1.4.0  # Use the latest tag
+    rev: main  # Use 'main' for latest features or a specific tag like v1.5.0
     hooks:
       - id: qgis-plugin-analyzer
 ```
@@ -160,6 +163,7 @@ Audits an existing QGIS plugin repository.
 | :--- | :--- | :--- |
 | `project_path` | **(Required)** Path to the plugin directory to analyze. | N/A |
 | `-o`, `--output` | Directory where HTML/Markdown reports will be saved. | `./analysis_results` |
+| `-r`, `--report` | Explicitly generate detailed HTML/Markdown reports. | `False` |
 | `-p`, `--profile`| Configuration profile from `pyproject.toml` (`default`, `release`). | `default` |
 
 ### `qgis-analyzer fix`
@@ -182,6 +186,18 @@ Shows a professional, color-coded summary of findings directly in your terminal.
 | `-b`, `--by` | Granularity of the summary: `total`, `modules`, `functions`, `classes`. | `total` |
 | `-i`, `--input` | Path to the `project_context.json` file to summarize. | `analysis_results/project_context.json` |
 
+### `qgis-analyzer security`
+Performs a focused security scan on a file or directory.
+
+| Argument | Description | Default |
+| :--- | :--- | :--- |
+| `path` | **(Required)** Path to the file or directory to scan. | N/A |
+| `--deep` | Run more intensive (but slower) security checks. | `False` |
+| `-p`, `--profile`| Configuration profile. | `default` |
+
+### `qgis-analyzer version`
+Shows the current version of the analyzer.
+
 **Example:**
 ```bash
 # Executive summary
@@ -217,6 +233,7 @@ The development of this analyzer is based on official QGIS community guidelines,
 - **[QGIS Plugin Repository Requirements](https://plugins.qgis.org/publish/)**: Mandatory criteria for plugin approval in the official repository.
 - **[QGIS Coding Standards](https://docs.qgis.org/latest/en/docs/developer_guide/codingstandards.html)**: Core style and organization guidelines for the QGIS project.
 - **[QGIS HIG (Human Interface Guidelines)](https://docs.qgis.org/latest/en/docs/developer_guide/hig.html)**: Standards for consistent and accessible user interface design.
+- **[QGIS Security Scanning Documentation](https://plugins.qgis.org/docs/security-scanning)**: Official guide on automated security analysis (Bandit, detect-secrets) for plugins.
 
 ### Industry & Community Standards
 - **[flake8-qgis Rules](https://github.com/qgis/flake8-qgis)**: Community-driven linting rules for PyQGIS (QGS101-106).
@@ -226,6 +243,11 @@ The development of this analyzer is based on official QGIS community guidelines,
 - **[Conventional Commits](https://www.conventionalcommits.org/)**: Standard for clear, machine-readable commit history.
 - **[Keep a Changelog](https://keepachangelog.com/)**: Best practices for maintainable version history.
 
+### Security Standards
+- **[Bandit (PyCQA)](https://bandit.readthedocs.io/)**: The security rules implemented (B1xx - B6xx) are directly derived from the Bandit project's rule set for identifying common security issues in Python code.
+- **[CWE (Common Weakness Enumeration)](https://cwe.mitre.org/)**: Security findings are mapped to standard CWE IDs (e.g., CWE-78 Command Injection, CWE-89 SQL Injection) for industry-standard classification.
+- **[OWASP Top 10](https://owasp.org/www-project-top-ten/)**: The "Hardcoded Secret" and "Injection" checks align with critical OWASP vulnerabilities.
+
 ### Internal Resources
 - **[Detailed Rules Catalog](RULES.md)**: Full documentation of all audit rules implemented in this analyzer.
 - **[Standardized Scoring Metrics](docs/SCORING_STANDARDS.md)**: Mathematical logic and thresholds for project evaluation.

{qgis_plugin_analyzer-1.4.0 → qgis_plugin_analyzer-1.6.0}/pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "qgis-plugin-analyzer"
-version = "1.4.0"
+version = "1.6.0"
 description = "A professional static analysis tool for QGIS (PyQGIS) plugins"
 readme = "README.md"
 requires-python = ">=3.8"
@@ -43,6 +43,10 @@ dev = [
     "ruff>=0.9.0",
     "mypy>=1.0.0",
     "qgis-stubs>=0.1",
+    "pytest>=8.3.5",
+    "PyYAML>=6.0",
+    "types-pyyaml>=6.0.12.20241230",
+    "build>=1.2.2.post1",
 ]
 
 [tool.mypy]
@@ -56,7 +60,7 @@ disallow_untyped_defs = false # Gradual adoption
 [tool.ruff]
 line-length = 100
 target-version = "py38"
-exclude = ["src/analyzer/templates"]
+exclude = ["src/analyzer/templates", ".ai-context"]
 
 [tool.ruff.lint]
 select = ["E", "F", "W", "I", "N", "UP", "B"]
@@ -64,6 +68,7 @@ ignore = ["E701", "E501"] # Permite if cond: statement y líneas largas
 
 [tool.ruff.lint.per-file-ignores]
 "src/analyzer/reporters.py" = ["F401", "F403", "F405"] # Dominate usa mucho import *
+"src/analyzer/visitors/*.py" = ["N802"] # visit_* methods are part of ast.NodeVisitor API
 
 [tool.qgis-analyzer.profiles.default]
 strict = false

{qgis_plugin_analyzer-1.4.0 → qgis_plugin_analyzer-1.6.0}/src/analyzer/__init__.py

@@ -16,4 +16,5 @@
 #  *   the Free Software Foundation; either version 2 of the License, or     *
 #  *   (at your option) any later version.                                   *
 #  *                                                                         *
-#  ***************************************************************************/
+#
+__version__ = "1.5.0"

qgis_plugin_analyzer-1.6.0/src/analyzer/cli/__init__.py

@@ -0,0 +1,14 @@
+"""CLI package for QGIS Plugin Analyzer."""
+
+import sys
+
+from .app import CLIApp
+
+
+def main() -> None:
+    """Main entry point for the QGIS Plugin Analyzer CLI."""
+    app = CLIApp()
+    sys.exit(app.run())
+
+
+__all__ = ["CLIApp", "main"]

qgis_plugin_analyzer-1.6.0/src/analyzer/cli/app.py

@@ -0,0 +1,147 @@
+"""CLI Application orchestrator."""
+
+import argparse
+import pathlib
+import sys
+from typing import Dict, List, Optional
+
+from ..utils import logger, setup_logger
+from .base import BaseCommand
+from .commands import (
+    AnalyzeCommand,
+    FixCommand,
+    InitCommand,
+    ListRulesCommand,
+    SecurityCommand,
+    SummaryCommand,
+    VersionCommand,
+)
+
+
+class CLIApp:
+    """Main CLI application orchestrator.
+
+    Manages command registration, argument parsing, and execution.
+    """
+
+    def __init__(self):
+        """Initialize the CLI application with all available commands."""
+        self.commands: Dict[str, BaseCommand] = self._discover_commands()
+
+    def _discover_commands(self) -> Dict[str, BaseCommand]:
+        """Auto-discover and instantiate all command classes.
+
+        Returns:
+            Dictionary mapping command names to command instances.
+        """
+        command_classes: List[type[BaseCommand]] = [
+            AnalyzeCommand,
+            SecurityCommand,
+            FixCommand,
+            ListRulesCommand,
+            InitCommand,
+            SummaryCommand,
+            VersionCommand,
+        ]
+        return {cmd().name: cmd() for cmd in command_classes}
+
+    def _build_parser(self) -> argparse.ArgumentParser:
+        """Build the argument parser with all commands.
+
+        Returns:
+            Configured ArgumentParser instance.
+        """
+        from .. import __version__
+
+        parser = argparse.ArgumentParser(
+            description="QGIS Plugin Analyzer - A guardian for your PyQGIS code"
+        )
+        parser.add_argument("-v", "--version", action="version", version=f"%(prog)s {__version__}")
+        subparsers = parser.add_subparsers(dest="command", help="Command to execute")
+
+        # Register all commands
+        for cmd in self.commands.values():
+            cmd_parser = subparsers.add_parser(cmd.name, help=cmd.help)
+            cmd.configure_parser(cmd_parser)
+
+        return parser
+
+    def _parse_args(
+        self, parser: argparse.ArgumentParser, argv: Optional[List[str]] = None
+    ) -> argparse.Namespace:
+        """Parse command-line arguments with legacy support.
+
+        Args:
+            parser: The argument parser.
+            argv: Optional argument list (defaults to sys.argv).
+
+        Returns:
+            Parsed arguments namespace.
+        """
+        if argv is None:
+            argv = sys.argv[1:]
+
+        # Legacy support: default to 'analyze' if first arg is a path
+        if argv and argv[0] not in self.commands and not argv[0].startswith("-"):
+            argv.insert(0, "analyze")
+
+        return parser.parse_args(argv)
+
+    def _setup_logging(self, args: argparse.Namespace) -> None:
+        """Setup logging based on command arguments.
+
+        Args:
+            args: Parsed command-line arguments.
+        """
+        output_dir = pathlib.Path(getattr(args, "output", "./analysis_results")).resolve()
+        output_dir.mkdir(parents=True, exist_ok=True)
+        setup_logger(output_dir)
+
+    def _execute_command(self, args: argparse.Namespace) -> int:
+        """Execute the selected command.
+
+        Args:
+            args: Parsed command-line arguments.
+
+        Returns:
+            Exit code from command execution.
+        """
+        if not args.command or args.command not in self.commands:
+            return 1
+
+        command = self.commands[args.command]
+        return command.execute(args)
+
+    def run(self, argv: Optional[List[str]] = None) -> int:
+        """Run the CLI application.
+
+        Args:
+            argv: Optional argument list (defaults to sys.argv).
+
+        Returns:
+            Exit code (0 for success, non-zero for failure).
+        """
+        parser = self._build_parser()
+
+        try:
+            args = self._parse_args(parser, argv)
+
+            if not args.command:
+                parser.print_help()
+                return 0
+
+            self._setup_logging(args)
+            return self._execute_command(args)
+
+        except KeyboardInterrupt:
+            logger.info("\n⏹️ Analysis interrupted.")
+            return 1
+        except FileNotFoundError as e:
+            logger.error(f"Error: File not found: {e}")
+            return 1
+        except ValueError as e:
+            logger.error(f"Error: {e}")
+            return 1
+        except Exception as e:
+            logger.critical(f"Critical Error: {e}", exc_info=True)
+            return 1

qgis_plugin_analyzer-1.6.0/src/analyzer/cli/base.py

@@ -0,0 +1,93 @@
+"""Base command class for CLI commands."""
+
+import argparse
+import pathlib
+from abc import ABC, abstractmethod
+from typing import Optional
+
+
+class BaseCommand(ABC):
+    """Abstract base class for CLI commands.
+
+    Each command encapsulates its own argument configuration and execution logic.
+    """
+
+    @property
+    @abstractmethod
+    def name(self) -> str:
+        """Command name as it appears in the CLI.
+
+        Returns:
+            The command name string.
+        """
+
+    @property
+    @abstractmethod
+    def help(self) -> str:
+        """Help text for the command.
+
+        Returns:
+            A brief description of what the command does.
+        """
+
+    @abstractmethod
+    def configure_parser(self, parser: argparse.ArgumentParser) -> None:
+        """Configure command-specific arguments.
+
+        Args:
+            parser: The argument parser for this command.
+        """
+
+    @abstractmethod
+    def execute(self, args: argparse.Namespace) -> int:
+        """Execute the command.
+
+        Args:
+            args: Parsed command-line arguments.
+
+        Returns:
+            Exit code (0 for success, non-zero for failure).
+        """
+
+    def add_common_args(
+        self,
+        parser: argparse.ArgumentParser,
+        include_output: bool = True,
+        include_profile: bool = True,
+    ) -> None:
+        """Add common arguments shared across multiple commands.
+
+        Args:
+            parser: The argument parser to add arguments to.
+            include_output: Whether to include the --output argument.
+            include_profile: Whether to include the --profile argument.
+        """
+        if include_output:
+            parser.add_argument(
+                "-o",
+                "--output",
+                help="Output directory for reports",
+                default="./analysis_results",
+            )
+        if include_profile:
+            parser.add_argument(
+                "-p",
+                "--profile",
+                help="Configuration profile from pyproject.toml",
+                default="default",
+            )
+
+    def setup_output_dir(self, args: argparse.Namespace) -> Optional[pathlib.Path]:
+        """Setup and return the output directory if present in args.
+
+        Args:
+            args: Parsed command-line arguments.
+
+        Returns:
+            The resolved output directory path, or None if not applicable.
+        """
+        if hasattr(args, "output"):
+            output_dir = pathlib.Path(args.output).resolve()
+            output_dir.mkdir(parents=True, exist_ok=True)
+            return output_dir
+        return None

qgis_plugin_analyzer-1.6.0/src/analyzer/cli/commands/__init__.py

@@ -0,0 +1,19 @@
+"""CLI commands package."""
+
+from .analyze import AnalyzeCommand
+from .fix import FixCommand
+from .init import InitCommand
+from .list_rules import ListRulesCommand
+from .security import SecurityCommand
+from .summary import SummaryCommand
+from .version import VersionCommand
+
+__all__ = [
+    "AnalyzeCommand",
+    "SecurityCommand",
+    "FixCommand",
+    "ListRulesCommand",
+    "InitCommand",
+    "SummaryCommand",
+    "VersionCommand",
+]

qgis_plugin_analyzer-1.6.0/src/analyzer/cli/commands/analyze.py

@@ -0,0 +1,47 @@
+"""Analyze command implementation."""
+
+import argparse
+
+from ...commands import handle_analyze
+from ..base import BaseCommand
+
+
+class AnalyzeCommand(BaseCommand):
+    """Command to analyze an existing QGIS plugin."""
+
+    @property
+    def name(self) -> str:
+        """Command name."""
+        return "analyze"
+
+    @property
+    def help(self) -> str:
+        """Command help text."""
+        return "Analyze an existing QGIS plugin"
+
+    def configure_parser(self, parser: argparse.ArgumentParser) -> None:
+        """Configure analyze command arguments.
+
+        Args:
+            parser: The argument parser for this command.
+        """
+        parser.add_argument("project_path", help="Path to the QGIS project to analyze")
+        self.add_common_args(parser)
+        parser.add_argument(
+            "-r",
+            "--report",
+            action="store_true",
+            help="Generate detailed HTML/Markdown reports",
+        )
+
+    def execute(self, args: argparse.Namespace) -> int:
+        """Execute the analyze command.
+
+        Args:
+            args: Parsed command-line arguments.
+
+        Returns:
+            Exit code (0 for success).
+        """
+        handle_analyze(args)
+        return 0

qgis_plugin_analyzer-1.6.0/src/analyzer/cli/commands/fix.py

@@ -0,0 +1,58 @@
+"""Fix command implementation."""
+
+import argparse
+
+from ...commands import handle_fix
+from ..base import BaseCommand
+
+
+class FixCommand(BaseCommand):
+    """Command to auto-fix common QGIS plugin issues."""
+
+    @property
+    def name(self) -> str:
+        """Command name."""
+        return "fix"
+
+    @property
+    def help(self) -> str:
+        """Command help text."""
+        return "Auto-fix common QGIS plugin issues"
+
+    def configure_parser(self, parser: argparse.ArgumentParser) -> None:
+        """Configure fix command arguments.
+
+        Args:
+            parser: The argument parser for this command.
+        """
+        parser.add_argument("path", type=str, help="Path to the QGIS plugin directory")
+        parser.add_argument(
+            "--dry-run",
+            action="store_true",
+            default=True,
+            help="Show proposed changes without applying (default: True)",
+        )
+        parser.add_argument("--apply", action="store_true", help="Apply fixes (disables dry-run)")
+        parser.add_argument(
+            "--auto-approve",
+            action="store_true",
+            help="Apply all fixes without confirmation",
+        )
+        self.add_common_args(parser, include_output=False)
+        parser.add_argument(
+            "--rules",
+            type=str,
+            help="Comma-separated list of rule IDs to fix",
+        )
+
+    def execute(self, args: argparse.Namespace) -> int:
+        """Execute the fix command.
+
+        Args:
+            args: Parsed command-line arguments.
+
+        Returns:
+            Exit code (0 for success).
+        """
+        handle_fix(args)
+        return 0