repocrunch 0.1.0__tar.gz

repocrunch-0.1.0/.env.example

@@ -0,0 +1 @@
+GITHUB_TOKEN=ghp_...

repocrunch-0.1.0/.github/workflows/publish.yml

@@ -0,0 +1,24 @@
+name: Publish to PyPI
+
+on:
+  release:
+    types: [published]
+
+permissions:
+  id-token: write
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    environment: pypi
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v5
+
+      - name: Build
+        run: uv build
+
+      - name: Publish to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1

repocrunch-0.1.0/.gitignore

@@ -0,0 +1,16 @@
+__pycache__/
+*.py[cod]
+*$py.class
+*.egg-info/
+dist/
+build/
+.eggs/
+*.egg
+.venv/
+venv/
+.env
+.pytest_cache/
+.coverage
+htmlcov/
+.mypy_cache/
+.ruff_cache/

repocrunch-0.1.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Kim
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

repocrunch-0.1.0/PKG-INFO

@@ -0,0 +1,218 @@
+Metadata-Version: 2.4
+Name: repocrunch
+Version: 0.1.0
+Summary: Analyze GitHub repos into structured JSON. No AI, fully deterministic.
+Project-URL: Homepage, https://github.com/repocrunch/repocrunch
+Project-URL: Repository, https://github.com/repocrunch/repocrunch
+Author: Kim
+License-Expression: MIT
+License-File: LICENSE
+Keywords: analysis,devtools,github,repository
+Classifier: Development Status :: 3 - Alpha
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Requires-Python: >=3.11
+Requires-Dist: httpx>=0.27
+Requires-Dist: pydantic>=2.0
+Provides-Extra: all
+Requires-Dist: fastapi>=0.115; extra == 'all'
+Requires-Dist: fastmcp>=0.1; extra == 'all'
+Requires-Dist: typer>=0.12; extra == 'all'
+Requires-Dist: uvicorn>=0.30; extra == 'all'
+Provides-Extra: api
+Requires-Dist: fastapi>=0.115; extra == 'api'
+Requires-Dist: uvicorn>=0.30; extra == 'api'
+Provides-Extra: cli
+Requires-Dist: typer>=0.12; extra == 'cli'
+Provides-Extra: dev
+Requires-Dist: pytest-asyncio>=0.24; extra == 'dev'
+Requires-Dist: pytest-cov>=5.0; extra == 'dev'
+Requires-Dist: pytest-httpx>=0.30; extra == 'dev'
+Requires-Dist: pytest>=8.0; extra == 'dev'
+Provides-Extra: mcp
+Requires-Dist: fastmcp>=0.1; extra == 'mcp'
+Description-Content-Type: text/markdown
+
+# RepoCrunch
+
+Analyze any public GitHub repository into structured JSON. No AI, no LLMs — fully deterministic.
+
+Give it a repo, get back tech stack, dependencies, architecture, health metrics, and security signals in clean, consistent JSON. Use it as a Python library, CLI tool, REST API, or MCP server.
+
+## Quick Start
+
+Requires **Python 3.11+** and [uv](https://github.com/astral-sh/uv).
+
+```bash
+# Install
+git clone https://github.com/kimwwk/repocrunch.git
+cd repocrunch
+uv venv && uv pip install -e ".[all]"
+
+# Analyze a repo
+repocrunch analyze astral-sh/uv --pretty
+```
+
+Or install just what you need:
+
+```bash
+uv pip install -e "."          # Library only (httpx + pydantic)
+uv pip install -e ".[cli]"     # + CLI
+uv pip install -e ".[api]"     # + REST API
+uv pip install -e ".[mcp]"     # + MCP server
+uv pip install -e ".[all]"     # Everything
+```
+
+### Set a GitHub Token (optional)
+
+Without a token you get 60 API calls/hour. With one, 5,000/hour.
+
+```bash
+export GITHUB_TOKEN=ghp_...
+```
+
+## Usage
+
+### CLI
+
+```bash
+repocrunch analyze fastapi/fastapi --pretty          # Full analysis, pretty JSON
+repocrunch analyze facebook/react -f tech_stack       # Single field
+repocrunch analyze https://github.com/gin-gonic/gin   # Full URL works too
+repocrunch serve                                       # Start REST API on :8000
+repocrunch mcp                                         # Start MCP server (STDIO)
+```
+
+### Python Library
+
+```python
+from repocrunch import analyze, analyze_sync
+
+# Async
+result = await analyze("fastapi/fastapi")
+
+# Sync
+result = analyze_sync("pallets/flask")
+
+print(result.summary.stars)
+print(result.tech_stack.framework)
+print(result.model_dump_json(indent=2))
+```
+
+### REST API
+
+```bash
+repocrunch serve
+
+# Then:
+curl "http://localhost:8000/analyze?repo=fastapi/fastapi" | python -m json.tool
+curl "http://localhost:8000/health"
+curl "http://localhost:8000/docs"    # OpenAPI docs
+```
+
+### MCP Server (for Claude, Cursor, etc.)
+
+```bash
+repocrunch mcp    # Starts STDIO transport
+```
+
+## Sample Output
+
+```bash
+$ repocrunch analyze pallets/flask --pretty
+```
+
+```json
+{
+  "schema_version": "1",
+  "repo": "pallets/flask",
+  "url": "https://github.com/pallets/flask",
+  "analyzed_at": "2026-02-08T19:07:31Z",
+  "summary": {
+    "stars": 71143,
+    "forks": 16697,
+    "watchers": 2092,
+    "last_commit": "2026-02-06T21:23:01Z",
+    "age_days": 5787,
+    "license": "BSD-3-Clause",
+    "primary_language": "Python",
+    "languages": { "Python": 99.9, "HTML": 0.1 }
+  },
+  "tech_stack": {
+    "runtime": "Python",
+    "framework": null,
+    "package_manager": "pip",
+    "dependencies": { "direct": 6, "dev": 0 },
+    "key_deps": ["blinker", "click", "itsdangerous", "jinja2", "markupsafe", "werkzeug"]
+  },
+  "architecture": {
+    "monorepo": false,
+    "docker": false,
+    "ci_cd": ["GitHub Actions"],
+    "test_framework": "pytest",
+    "has_tests": true
+  },
+  "health": {
+    "open_issues": 2,
+    "open_prs": 0,
+    "contributors": 862,
+    "commit_frequency": "daily",
+    "maintenance_status": "actively_maintained"
+  },
+  "security": {
+    "has_env_file": false,
+    "dependabot_enabled": false,
+    "branch_protection": false,
+    "security_policy": false
+  },
+  "warnings": [
+    "Branch protection status unknown (requires admin access or authenticated request)"
+  ]
+}
+```
+
+## Supported Ecosystems
+
+| Language | Manifest Files | Package Manager Detection |
+|----------|---------------|--------------------------|
+| JavaScript / TypeScript | `package.json` | npm, yarn, pnpm, bun (from lockfiles) |
+| Python | `pyproject.toml`, `requirements.txt` | pip, poetry, uv, pdm, pipenv |
+| Rust | `Cargo.toml` | cargo |
+| Go | `go.mod` | go |
+| Java / Kotlin | `pom.xml`, `build.gradle`, `build.gradle.kts` | maven, gradle |
+| Ruby | `Gemfile` | bundler |
+| C / C++ | `CMakeLists.txt` | cmake |
+
+Framework detection covers 40+ frameworks across all supported ecosystems (FastAPI, Django, React, Next.js, Spring Boot, Rails, Gin, Actix, and many more).
+
+## What It Detects
+
+| Category | Signals |
+|----------|---------|
+| **Summary** | Stars, forks, watchers, age, license, languages |
+| **Tech Stack** | Runtime, framework, package manager, direct/dev dependency count, key deps |
+| **Architecture** | Monorepo, Docker, CI/CD platform, test framework |
+| **Health** | Commit frequency (daily/weekly/monthly/sporadic/inactive), maintenance status, contributors, open issues |
+| **Security** | `.env` file committed, Dependabot enabled, branch protection, SECURITY.md present |
+
+## Roadmap
+
+Not yet implemented, but planned:
+
+- **Secrets regex scanning** — detect leaked API keys, tokens, passwords in the file tree
+- **Architecture type classification** — library vs. application vs. framework
+- **API rate limiting** — per-key throttling for the REST API
+- **Private repo support** — authenticated analysis of private repositories
+- **npm/npx package** — `npx repocrunch analyze owner/repo`
+- **Vulnerability scanning** — known CVE detection in dependencies
+- **Comparison mode** — side-by-side analysis of multiple repos
+- **Historical tracking** — track how a repo's health changes over time
+- **PyPI / npm publishing** — `pip install repocrunch` / `npm install repocrunch`
+- **Platform deployments** — Apify Store, Smithery, mcp.so, RapidAPI
+
+## License
+
+MIT

repocrunch-0.1.0/README.md

@@ -0,0 +1,180 @@
+# RepoCrunch
+
+Analyze any public GitHub repository into structured JSON. No AI, no LLMs — fully deterministic.
+
+Give it a repo, get back tech stack, dependencies, architecture, health metrics, and security signals in clean, consistent JSON. Use it as a Python library, CLI tool, REST API, or MCP server.
+
+## Quick Start
+
+Requires **Python 3.11+** and [uv](https://github.com/astral-sh/uv).
+
+```bash
+# Install
+git clone https://github.com/kimwwk/repocrunch.git
+cd repocrunch
+uv venv && uv pip install -e ".[all]"
+
+# Analyze a repo
+repocrunch analyze astral-sh/uv --pretty
+```
+
+Or install just what you need:
+
+```bash
+uv pip install -e "."          # Library only (httpx + pydantic)
+uv pip install -e ".[cli]"     # + CLI
+uv pip install -e ".[api]"     # + REST API
+uv pip install -e ".[mcp]"     # + MCP server
+uv pip install -e ".[all]"     # Everything
+```
+
+### Set a GitHub Token (optional)
+
+Without a token you get 60 API calls/hour. With one, 5,000/hour.
+
+```bash
+export GITHUB_TOKEN=ghp_...
+```
+
+## Usage
+
+### CLI
+
+```bash
+repocrunch analyze fastapi/fastapi --pretty          # Full analysis, pretty JSON
+repocrunch analyze facebook/react -f tech_stack       # Single field
+repocrunch analyze https://github.com/gin-gonic/gin   # Full URL works too
+repocrunch serve                                       # Start REST API on :8000
+repocrunch mcp                                         # Start MCP server (STDIO)
+```
+
+### Python Library
+
+```python
+from repocrunch import analyze, analyze_sync
+
+# Async
+result = await analyze("fastapi/fastapi")
+
+# Sync
+result = analyze_sync("pallets/flask")
+
+print(result.summary.stars)
+print(result.tech_stack.framework)
+print(result.model_dump_json(indent=2))
+```
+
+### REST API
+
+```bash
+repocrunch serve
+
+# Then:
+curl "http://localhost:8000/analyze?repo=fastapi/fastapi" | python -m json.tool
+curl "http://localhost:8000/health"
+curl "http://localhost:8000/docs"    # OpenAPI docs
+```
+
+### MCP Server (for Claude, Cursor, etc.)
+
+```bash
+repocrunch mcp    # Starts STDIO transport
+```
+
+## Sample Output
+
+```bash
+$ repocrunch analyze pallets/flask --pretty
+```
+
+```json
+{
+  "schema_version": "1",
+  "repo": "pallets/flask",
+  "url": "https://github.com/pallets/flask",
+  "analyzed_at": "2026-02-08T19:07:31Z",
+  "summary": {
+    "stars": 71143,
+    "forks": 16697,
+    "watchers": 2092,
+    "last_commit": "2026-02-06T21:23:01Z",
+    "age_days": 5787,
+    "license": "BSD-3-Clause",
+    "primary_language": "Python",
+    "languages": { "Python": 99.9, "HTML": 0.1 }
+  },
+  "tech_stack": {
+    "runtime": "Python",
+    "framework": null,
+    "package_manager": "pip",
+    "dependencies": { "direct": 6, "dev": 0 },
+    "key_deps": ["blinker", "click", "itsdangerous", "jinja2", "markupsafe", "werkzeug"]
+  },
+  "architecture": {
+    "monorepo": false,
+    "docker": false,
+    "ci_cd": ["GitHub Actions"],
+    "test_framework": "pytest",
+    "has_tests": true
+  },
+  "health": {
+    "open_issues": 2,
+    "open_prs": 0,
+    "contributors": 862,
+    "commit_frequency": "daily",
+    "maintenance_status": "actively_maintained"
+  },
+  "security": {
+    "has_env_file": false,
+    "dependabot_enabled": false,
+    "branch_protection": false,
+    "security_policy": false
+  },
+  "warnings": [
+    "Branch protection status unknown (requires admin access or authenticated request)"
+  ]
+}
+```
+
+## Supported Ecosystems
+
+| Language | Manifest Files | Package Manager Detection |
+|----------|---------------|--------------------------|
+| JavaScript / TypeScript | `package.json` | npm, yarn, pnpm, bun (from lockfiles) |
+| Python | `pyproject.toml`, `requirements.txt` | pip, poetry, uv, pdm, pipenv |
+| Rust | `Cargo.toml` | cargo |
+| Go | `go.mod` | go |
+| Java / Kotlin | `pom.xml`, `build.gradle`, `build.gradle.kts` | maven, gradle |
+| Ruby | `Gemfile` | bundler |
+| C / C++ | `CMakeLists.txt` | cmake |
+
+Framework detection covers 40+ frameworks across all supported ecosystems (FastAPI, Django, React, Next.js, Spring Boot, Rails, Gin, Actix, and many more).
+
+## What It Detects
+
+| Category | Signals |
+|----------|---------|
+| **Summary** | Stars, forks, watchers, age, license, languages |
+| **Tech Stack** | Runtime, framework, package manager, direct/dev dependency count, key deps |
+| **Architecture** | Monorepo, Docker, CI/CD platform, test framework |
+| **Health** | Commit frequency (daily/weekly/monthly/sporadic/inactive), maintenance status, contributors, open issues |
+| **Security** | `.env` file committed, Dependabot enabled, branch protection, SECURITY.md present |
+
+## Roadmap
+
+Not yet implemented, but planned:
+
+- **Secrets regex scanning** — detect leaked API keys, tokens, passwords in the file tree
+- **Architecture type classification** — library vs. application vs. framework
+- **API rate limiting** — per-key throttling for the REST API
+- **Private repo support** — authenticated analysis of private repositories
+- **npm/npx package** — `npx repocrunch analyze owner/repo`
+- **Vulnerability scanning** — known CVE detection in dependencies
+- **Comparison mode** — side-by-side analysis of multiple repos
+- **Historical tracking** — track how a repo's health changes over time
+- **PyPI / npm publishing** — `pip install repocrunch` / `npm install repocrunch`
+- **Platform deployments** — Apify Store, Smithery, mcp.so, RapidAPI
+
+## License
+
+MIT

repocrunch-0.1.0/pyproject.toml

@@ -0,0 +1,54 @@
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"
+
+[project]
+name = "repocrunch"
+version = "0.1.0"
+description = "Analyze GitHub repos into structured JSON. No AI, fully deterministic."
+readme = "README.md"
+license = "MIT"
+requires-python = ">=3.11"
+authors = [{ name = "Kim" }]
+keywords = ["github", "repository", "analysis", "devtools"]
+classifiers = [
+    "Development Status :: 3 - Alpha",
+    "Intended Audience :: Developers",
+    "License :: OSI Approved :: MIT License",
+    "Programming Language :: Python :: 3.11",
+    "Programming Language :: Python :: 3.12",
+    "Programming Language :: Python :: 3.13",
+]
+dependencies = [
+    "httpx>=0.27",
+    "pydantic>=2.0",
+]
+
+[project.optional-dependencies]
+cli = ["typer>=0.12"]
+api = ["fastapi>=0.115", "uvicorn>=0.30"]
+mcp = ["fastmcp>=0.1"]
+all = ["repocrunch[cli,api,mcp]"]
+dev = [
+    "pytest>=8.0",
+    "pytest-httpx>=0.30",
+    "pytest-asyncio>=0.24",
+    "pytest-cov>=5.0",
+]
+
+[project.scripts]
+repocrunch = "repocrunch.cli:app"
+
+[project.urls]
+Homepage = "https://github.com/repocrunch/repocrunch"
+Repository = "https://github.com/repocrunch/repocrunch"
+
+[tool.hatch.build.targets.wheel]
+packages = ["src/repocrunch"]
+
+[tool.pytest.ini_options]
+asyncio_mode = "auto"
+testpaths = ["tests"]
+
+[tool.ruff]
+target-version = "py311"

repocrunch-0.1.0/smithery.yaml

@@ -0,0 +1,5 @@
+name: repocrunch
+description: Analyze GitHub repos into structured JSON
+version: 0.1.0
+transport: stdio
+command: repocrunch mcp

repocrunch-0.1.0/src/repocrunch/__init__.py

@@ -0,0 +1,27 @@
+"""RepoCrunch — Analyze GitHub repos into structured JSON."""
+
+from __future__ import annotations
+
+import asyncio
+
+from repocrunch.analyzer import analyze_repo
+from repocrunch.models import SCHEMA_VERSION, RepoAnalysis
+
+__version__ = "0.1.0"
+__all__ = ["analyze", "analyze_sync", "RepoAnalysis", "SCHEMA_VERSION", "__version__"]
+
+
+async def analyze(
+    repo: str,
+    token: str | None = None,
+) -> RepoAnalysis:
+    """Analyze a GitHub repo asynchronously."""
+    return await analyze_repo(repo, token=token)
+
+
+def analyze_sync(
+    repo: str,
+    token: str | None = None,
+) -> RepoAnalysis:
+    """Analyze a GitHub repo synchronously."""
+    return asyncio.run(analyze_repo(repo, token=token))

repocrunch-0.1.0/src/repocrunch/analyzer.py

@@ -0,0 +1,91 @@
+"""Orchestrator: parse input → gather data → run extractors → assemble result."""
+
+from __future__ import annotations
+
+import asyncio
+import re
+from datetime import datetime, timezone
+
+from repocrunch.client import GitHubClient
+from repocrunch.extractors.architecture import extract_architecture
+from repocrunch.extractors.health import extract_health
+from repocrunch.extractors.metadata import extract_metadata
+from repocrunch.extractors.security import extract_security
+from repocrunch.extractors.tech_stack import extract_tech_stack
+from repocrunch.models import RepoAnalysis
+
+
+def parse_repo_input(raw: str) -> tuple[str, str]:
+    """Parse 'owner/repo' or a GitHub URL into (owner, repo)."""
+    raw = raw.strip().rstrip("/")
+
+    # Full URL
+    match = re.match(r"https?://github\.com/([^/]+)/([^/]+?)(?:\.git)?$", raw)
+    if match:
+        return match.group(1), match.group(2)
+
+    # owner/repo shorthand
+    match = re.match(r"^([A-Za-z0-9_.-]+)/([A-Za-z0-9_.-]+)$", raw)
+    if match:
+        return match.group(1), match.group(2)
+
+    raise ValueError(f"Cannot parse repo input: {raw!r}. Use 'owner/repo' or a GitHub URL.")
+
+
+async def analyze_repo(
+    repo_input: str,
+    token: str | None = None,
+    client: GitHubClient | None = None,
+) -> RepoAnalysis:
+    """Analyze a GitHub repo and return structured results."""
+    owner, repo = parse_repo_input(repo_input)
+    warnings: list[str] = []
+
+    owns_client = client is None
+    if owns_client:
+        client = GitHubClient(token=token)
+
+    try:
+        # Phase 1: parallel fetch of repo metadata, languages, and file tree
+        repo_data, languages, tree_data = await asyncio.gather(
+            client.get(f"/repos/{owner}/{repo}"),
+            client.get(f"/repos/{owner}/{repo}/languages"),
+            client.get(f"/repos/{owner}/{repo}/git/trees/HEAD", params={"recursive": "1"}),
+        )
+
+        if repo_data is None:
+            raise ValueError(f"Repository not found: {owner}/{repo}")
+
+        tree_data = tree_data or {"tree": []}
+        languages = languages or {}
+        primary_language = repo_data.get("language")
+
+        # Phase 2: parallel extraction (async extractors run concurrently)
+        summary = extract_metadata(repo_data, languages)
+
+        tech_stack, health, security = await asyncio.gather(
+            extract_tech_stack(client, owner, repo, tree_data, primary_language),
+            extract_health(client, owner, repo, repo_data),
+            extract_security(client, owner, repo, tree_data, repo_data, warnings),
+        )
+
+        # Architecture is sync — run after tech_stack so we have deps for test detection
+        architecture = extract_architecture(tree_data, tech_stack.key_deps)
+
+        # Collect client warnings
+        warnings.extend(client.warnings)
+
+        return RepoAnalysis(
+            repo=f"{owner}/{repo}",
+            url=f"https://github.com/{owner}/{repo}",
+            analyzed_at=datetime.now(timezone.utc),
+            summary=summary,
+            tech_stack=tech_stack,
+            architecture=architecture,
+            health=health,
+            security=security,
+            warnings=warnings,
+        )
+    finally:
+        if owns_client:
+            await client.close()

repocrunch-0.1.0/src/repocrunch/api.py

@@ -0,0 +1,44 @@
+"""FastAPI REST API for RepoCrunch."""
+
+from __future__ import annotations
+
+from fastapi import FastAPI, HTTPException, Query
+from fastapi.middleware.cors import CORSMiddleware
+
+from repocrunch import __version__
+from repocrunch.analyzer import analyze_repo
+from repocrunch.client import RateLimitError
+
+app = FastAPI(
+    title="RepoCrunch",
+    version=__version__,
+    description="Analyze GitHub repos into structured JSON.",
+)
+
+app.add_middleware(
+    CORSMiddleware,
+    allow_origins=["*"],
+    allow_methods=["GET"],
+    allow_headers=["*"],
+)
+
+
+@app.get("/analyze")
+async def analyze(
+    repo: str = Query(description="GitHub repo as 'owner/repo' or URL"),
+    github_token: str | None = Query(None, description="GitHub token for higher rate limits"),
+):
+    try:
+        result = await analyze_repo(repo, token=github_token)
+        return result.model_dump(mode="json")
+    except ValueError as e:
+        raise HTTPException(status_code=400, detail=str(e))
+    except RateLimitError:
+        raise HTTPException(status_code=429, detail="GitHub API rate limit exhausted")
+    except Exception as e:
+        raise HTTPException(status_code=500, detail=str(e))
+
+
+@app.get("/health")
+async def health():
+    return {"status": "ok", "version": __version__}