# AI Code Refactor CLI

A CLI tool that analyzes AI-generated code for security vulnerabilities, anti-patterns, and performance issues while offering automatic refactoring. Supports Python, JavaScript, and TypeScript with configurable rule sets and a `--fix` flag for auto-remediation.

## Features

- **Security Vulnerability Scanning**: Detect SQL injection, eval/exec usage, path traversal, and more
- **Anti-Pattern Detection**: Identify exception swallowing, magic numbers, deep nesting, long functions
- **Hardcoded Secret Detection**: Find API keys, passwords, tokens hardcoded in source files
- **Performance Issue Detection**: Identify inefficient loops, redundant operations, unnecessary copies
- **Auto-Refactoring**: Automatically fix detected issues with the `--fix` flag
- **Multi-Language Support**: Python, JavaScript, and TypeScript analysis
- **Configurable Rules**: Enable/disable rules via YAML configuration files
- **Rich Output**: Colorful terminal output with severity levels and JSON export for CI/CD

## Installation

### From Source

```bash
git clone https://github.com/yourusername/ai-code-refactor-cli.git
cd ai-code-refactor-cli
pip install -e .
```

### Using pip

```bash
pip install ai-code-refactor-cli
```

## Quick Start

### Analyze a file

```bash
aicoderef analyze path/to/your/code.py
```

### Analyze a directory

```bash
aicoderef analyze path/to/your/project/
```

### Auto-fix issues

```bash
aicoderef analyze path/to/your/code.py --fix
```

### JSON output for CI/CD

```bash
aicoderef analyze path/to/your/code.py --json
```

## Configuration

Create a `.aicoderc.yaml` file in your project root or `~/.aicoderc.yaml` for user-level settings:

```yaml
version: "1.0"
name: "custom-rules"

rules:
  security.sql_injection:
    enabled: true
    severity: critical

  security.eval_usage:
    enabled: true
    severity: critical

  secret.hardcoded_secret:
    enabled: true
    severity: critical

  antipattern.magic_number:
    enabled: true
    severity: low

output:
  format: "rich"
  show_summary: true
```

## Usage

### Commands

#### `analyze`

Analyze code for issues:

```bash
aicoderef analyze [OPTIONS] PATH

Options:
  --json            Output results as JSON
  --config FILE     Path to config file
  --fix             Automatically fix detected issues
```

#### `fix`

Automatically fix detected issues:

```bash
aicoderef fix [OPTIONS] PATH

Options:
  --config FILE     Path to config file
```

#### `rules`

List all available rules:

```bash
aicoderef rules
```

#### `languages`

List supported languages:

```bash
aicoderef languages
```

## Rules

### Security Rules (Critical/High)

| Rule ID | Description | Severity |
|---------|-------------|----------|
| `security.sql_injection` | Detect SQL injection patterns | Critical |
| `security.eval_usage` | Detect eval/exec usage | Critical |
| `security.path_traversal` | Detect path traversal | High |

### Anti-Pattern Rules (Medium/Low)

| Rule ID | Description | Severity |
|---------|-------------|----------|
| `antipattern.exception_swallow` | Empty except clause | Medium |
| `antipattern.magic_number` | Magic numbers in code | Low |
| `antipattern.deep_nesting` | Deep code nesting | Medium |
| `antipattern.long_function` | Functions too long | Medium |

### Secret Detection Rules (Critical)

| Rule ID | Description | Severity |
|---------|-------------|----------|
| `secret.hardcoded_secret` | Hardcoded API keys, passwords | Critical |

### Performance Rules (Medium/Low)

| Rule ID | Description | Severity |
|---------|-------------|----------|
| `performance.inefficient_loop` | Inefficient loop patterns | Medium |
| `performance.redundant_operation` | Redundant type conversions | Low |
| `performance.unnecessary_copy` | Unnecessary list copies | Low |

## Auto-Fixing

When using `--fix`, the tool will:

1. Create a backup of the original file (`.bak` extension)
2. Apply safe fixes for detected issues
3. Report what was fixed

### Fixable Rules

- `security.sql_injection` - Converts to parameterized queries
- `security.eval_usage` - Comments out dangerous calls
- `antipattern.exception_swallow` - Adds exception logging
- `antipattern.magic_number` - Replaces with named constants
- `performance.redundant_operation` - Removes redundant calls

## Examples

### Security Scanning

```bash
$ aicoderef analyze suspicious_code.py
╭─ suspicious_code.py ───────────────────────────────────────╮
│ Severity │ Line │ Rule              │ Message              │
├──────────┼──────┼───────────────────┼──────────────────────┼
│ critical │ 3    │ sql_injection     │ SQL injection...     │
│ critical │ 5    │ eval_usage        │ Dangerous eval...    │
│ critical │ 7    │ hardcoded_secret  │ AWS key found...     │
╰────────────────────────────────────────────────────────────╯

Analysis Summary
  Files analyzed: 1
  Files with issues: 1
  Total issues: 3
  Critical: 3
  High: 0
  Medium: 0
  Low: 0
```

### JSON Output

```bash
$ aicoderef analyze code.py --json
{
  "files_analyzed": 1,
  "files_with_issues": 1,
  "results": [
    {
      "file": "code.py",
      "findings_count": 2,
      "summary": {
        "critical": 1,
        "high": 0,
        "medium": 1,
        "low": 0,
        "total": 2
      },
      "findings": [...]
    }
  ]
}
```

## Contributing

1. Fork the repository
2. Create a feature branch (`git checkout -b feature/amazing-feature`)
3. Commit your changes (`git commit -m 'Add amazing feature'`)
4. Push to the branch (`git push origin feature/amazing-feature`)
5. Open a Pull Request

## License

This project is licensed under the MIT License - see the LICENSE file for details.