7000pctAUTO/ai-code-refactor-cli
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
7 Commits 1 Branch 1 Tag
dab82fc444df5ccb9b4d7aa06077e51ddd2b4e33
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE

README.md

AI Code Refactor CLI

A CLI tool that analyzes AI-generated code for security vulnerabilities, anti-patterns, and performance issues while offering automatic refactoring. Supports Python, JavaScript, and TypeScript with configurable rule sets and a --fix flag for auto-remediation.

Features

  • Security Vulnerability Scanning: Detect SQL injection, eval/exec usage, path traversal, and more
  • Anti-Pattern Detection: Identify exception swallowing, magic numbers, deep nesting, long functions
  • Hardcoded Secret Detection: Find API keys, passwords, tokens hardcoded in source files
  • Performance Issue Detection: Identify inefficient loops, redundant operations, unnecessary copies
  • Auto-Refactoring: Automatically fix detected issues with the --fix flag
  • Multi-Language Support: Python, JavaScript, and TypeScript analysis
  • Configurable Rules: Enable/disable rules via YAML configuration files
  • Rich Output: Colorful terminal output with severity levels and JSON export for CI/CD

Installation

From Source

git clone https://github.com/yourusername/ai-code-refactor-cli.git
cd ai-code-refactor-cli
pip install -e .

Using pip

pip install ai-code-refactor-cli

Quick Start

Analyze a file

aicoderef analyze path/to/your/code.py

Analyze a directory

aicoderef analyze path/to/your/project/

Auto-fix issues

aicoderef analyze path/to/your/code.py --fix

JSON output for CI/CD

aicoderef analyze path/to/your/code.py --json

Configuration

Create a .aicoderc.yaml file in your project root or ~/.aicoderc.yaml for user-level settings:

version: "1.0"
name: "custom-rules"

rules:
  security.sql_injection:
    enabled: true
    severity: critical

  security.eval_usage:
    enabled: true
    severity: critical

  secret.hardcoded_secret:
    enabled: true
    severity: critical

  antipattern.magic_number:
    enabled: true
    severity: low

output:
  format: "rich"
  show_summary: true

Usage

Commands

analyze

Analyze code for issues:

aicoderef analyze [OPTIONS] PATH

Options:
  --json            Output results as JSON
  --config FILE     Path to config file
  --fix             Automatically fix detected issues

fix

Automatically fix detected issues:

aicoderef fix [OPTIONS] PATH

Options:
  --config FILE     Path to config file

rules

List all available rules:

aicoderef rules

languages

List supported languages:

aicoderef languages

Rules

Security Rules (Critical/High)

Rule ID Description Severity
security.sql_injection Detect SQL injection patterns Critical
security.eval_usage Detect eval/exec usage Critical
security.path_traversal Detect path traversal High

Anti-Pattern Rules (Medium/Low)

Rule ID Description Severity
antipattern.exception_swallow Empty except clause Medium
antipattern.magic_number Magic numbers in code Low
antipattern.deep_nesting Deep code nesting Medium
antipattern.long_function Functions too long Medium

Secret Detection Rules (Critical)

Rule ID Description Severity
secret.hardcoded_secret Hardcoded API keys, passwords Critical

Performance Rules (Medium/Low)

Rule ID Description Severity
performance.inefficient_loop Inefficient loop patterns Medium
performance.redundant_operation Redundant type conversions Low
performance.unnecessary_copy Unnecessary list copies Low

Auto-Fixing

When using --fix, the tool will:

  1. Create a backup of the original file (.bak extension)
  2. Apply safe fixes for detected issues
  3. Report what was fixed

Fixable Rules

  • security.sql_injection - Converts to parameterized queries
  • security.eval_usage - Comments out dangerous calls
  • antipattern.exception_swallow - Adds exception logging
  • antipattern.magic_number - Replaces with named constants
  • performance.redundant_operation - Removes redundant calls

Examples

Security Scanning

$ aicoderef analyze suspicious_code.py
╭─ suspicious_code.py ───────────────────────────────────────╮
│ Severity │ Line │ Rule              │ Message              │
├──────────┼──────┼───────────────────┼──────────────────────┼
│ critical │ 3    │ sql_injection     │ SQL injection...     │
│ critical │ 5    │ eval_usage        │ Dangerous eval...    │
│ critical │ 7    │ hardcoded_secret  │ AWS key found...     │
╰────────────────────────────────────────────────────────────╯

Analysis Summary
  Files analyzed: 1
  Files with issues: 1
  Total issues: 3
  Critical: 3
  High: 0
  Medium: 0
  Low: 0

JSON Output

$ aicoderef analyze code.py --json
{
  "files_analyzed": 1,
  "files_with_issues": 1,
  "results": [
    {
      "file": "code.py",
      "findings_count": 2,
      "summary": {
        "critical": 1,
        "high": 0,
        "medium": 1,
        "low": 0,
        "total": 2
      },
      "findings": [...]
    }
  ]
}

Contributing

  1. Fork the repository
  2. Create a feature branch (git checkout -b feature/amazing-feature)
  3. Commit your changes (git commit -m 'Add amazing feature')
  4. Push to the branch (git push origin feature/amazing-feature)
  5. Open a Pull Request

License

This project is licensed under the MIT License - see the LICENSE file for details.

Reference in New Issue View Git Blame Copy Permalink
Description
Create Gitea repository for ai-code-refactor-cli
Readme MIT 69 KiB
Releases 1
v0.1.0 Latest
2026-01-29 23:14:10 +00:00
Languages
Python 100%