7000pctAUTO/ai-code-refactor-cli
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
Files
6b96b8360b1dccfbb2a53e5ead2beba4dbf3293a
ai-code-refactor-cli/README.md
7000pctAUTO 216563b0bf
Some checks failed
CI / test (push) Has been cancelled
Details
CI / build (push) Has been cancelled
Details
Add project configuration files: LICENSE, README, pyproject.toml, requirements
2026-01-29 23:07:40 +00:00

240 lines
5.9 KiB
Markdown
Raw Blame History

# AI Code Refactor CLI
A CLI tool that analyzes AI-generated code for security vulnerabilities, anti-patterns, and performance issues while offering automatic refactoring. Supports Python, JavaScript, and TypeScript with configurable rule sets and a `--fix` flag for auto-remediation.
## Features
- **Security Vulnerability Scanning**: Detect SQL injection, eval/exec usage, path traversal, and more
- **Anti-Pattern Detection**: Identify exception swallowing, magic numbers, deep nesting, long functions
- **Hardcoded Secret Detection**: Find API keys, passwords, tokens hardcoded in source files
- **Performance Issue Detection**: Identify inefficient loops, redundant operations, unnecessary copies
- **Auto-Refactoring**: Automatically fix detected issues with the `--fix` flag
- **Multi-Language Support**: Python, JavaScript, and TypeScript analysis
- **Configurable Rules**: Enable/disable rules via YAML configuration files
- **Rich Output**: Colorful terminal output with severity levels and JSON export for CI/CD
## Installation
### From Source
```bash
git clone https://github.com/yourusername/ai-code-refactor-cli.git
cd ai-code-refactor-cli
pip install -e .
```
### Using pip
```bash
pip install ai-code-refactor-cli
```
## Quick Start
### Analyze a file
```bash
aicoderef analyze path/to/your/code.py
```
### Analyze a directory
```bash
aicoderef analyze path/to/your/project/
```
### Auto-fix issues
```bash
aicoderef analyze path/to/your/code.py --fix
```
### JSON output for CI/CD
```bash
aicoderef analyze path/to/your/code.py --json
```
## Configuration
Create a `.aicoderc.yaml` file in your project root or `~/.aicoderc.yaml` for user-level settings:
```yaml
version: "1.0"
name: "custom-rules"
rules:
security.sql_injection:
enabled: true
severity: critical
security.eval_usage:
enabled: true
severity: critical
secret.hardcoded_secret:
enabled: true
severity: critical
antipattern.magic_number:
enabled: true
severity: low
output:
format: "rich"
show_summary: true
```
## Usage
### Commands
#### `analyze`
Analyze code for issues:
```bash
aicoderef analyze [OPTIONS] PATH
Options:
--json Output results as JSON
--config FILE Path to config file
--fix Automatically fix detected issues
```
#### `fix`
Automatically fix detected issues:
```bash
aicoderef fix [OPTIONS] PATH
Options:
--config FILE Path to config file
```
#### `rules`
List all available rules:
```bash
aicoderef rules
```
#### `languages`
List supported languages:
```bash
aicoderef languages
```
## Rules
### Security Rules (Critical/High)
| Rule ID | Description | Severity |
|---------|-------------|----------|
| `security.sql_injection` | Detect SQL injection patterns | Critical |
| `security.eval_usage` | Detect eval/exec usage | Critical |
| `security.path_traversal` | Detect path traversal | High |
### Anti-Pattern Rules (Medium/Low)
| Rule ID | Description | Severity |
|---------|-------------|----------|
| `antipattern.exception_swallow` | Empty except clause | Medium |
| `antipattern.magic_number` | Magic numbers in code | Low |
| `antipattern.deep_nesting` | Deep code nesting | Medium |
| `antipattern.long_function` | Functions too long | Medium |
### Secret Detection Rules (Critical)
| Rule ID | Description | Severity |
|---------|-------------|----------|
| `secret.hardcoded_secret` | Hardcoded API keys, passwords | Critical |
### Performance Rules (Medium/Low)
| Rule ID | Description | Severity |
|---------|-------------|----------|
| `performance.inefficient_loop` | Inefficient loop patterns | Medium |
| `performance.redundant_operation` | Redundant type conversions | Low |
| `performance.unnecessary_copy` | Unnecessary list copies | Low |
## Auto-Fixing
When using `--fix`, the tool will:
1. Create a backup of the original file (`.bak` extension)
2. Apply safe fixes for detected issues
3. Report what was fixed
### Fixable Rules
- `security.sql_injection` - Converts to parameterized queries
- `security.eval_usage` - Comments out dangerous calls
- `antipattern.exception_swallow` - Adds exception logging
- `antipattern.magic_number` - Replaces with named constants
- `performance.redundant_operation` - Removes redundant calls
## Examples
### Security Scanning
```bash
$ aicoderef analyze suspicious_code.py
╭─ suspicious_code.py ───────────────────────────────────────╮
│ Severity │ Line │ Rule │ Message │
├──────────┼──────┼───────────────────┼──────────────────────┼
│ critical │ 3 │ sql_injection │ SQL injection... │
│ critical │ 5 │ eval_usage │ Dangerous eval... │
│ critical │ 7 │ hardcoded_secret │ AWS key found... │
╰────────────────────────────────────────────────────────────╯
Analysis Summary
Files analyzed: 1
Files with issues: 1
Total issues: 3
Critical: 3
High: 0
Medium: 0
Low: 0
```
### JSON Output
```bash
$ aicoderef analyze code.py --json
{
"files_analyzed": 1,
"files_with_issues": 1,
"results": [
{
"file": "code.py",
"findings_count": 2,
"summary": {
"critical": 1,
"high": 0,
"medium": 1,
"low": 0,
"total": 2
},
"findings": [...]
}
]
}
```
## Contributing
1. Fork the repository
2. Create a feature branch (`git checkout -b feature/amazing-feature`)
3. Commit your changes (`git commit -m 'Add amazing feature'`)
4. Push to the branch (`git push origin feature/amazing-feature`)
5. Open a Pull Request
## License
This project is licensed under the MIT License - see the LICENSE file for details.
Reference in New Issue View Git Blame Copy Permalink