AI-powered code vulnerability scanner for GitHub repositories
Project description
CodeAnalyzer 🔍 | AI-Powered Code Security Analysis
Enterprise-grade static code analysis with AI-powered vulnerability detection and SARIF export
pip install code-analyzer-b==0.1.7
🚀 Features
- AI-Powered Analysis - DeepSeek integration for intelligent vulnerability detection
- Multi-Format Reports - SARIF, HTML, JSON, Markdown, and plaintext outputs
- CI/CD Ready - Seamless integration with GitHub Actions, GitLab CI, and Jenkins
- Enterprise Security - CWE tracking, OWASP Top 10 mapping, GDPR compliance
- Performance Optimized - Analyze 100+ files/minute with minimal resource usage
📦 Quick Start
1. Installation
pip install code-analyzer-b
2. Configuration
code_analyzer setup
🔑 Enter your DeepSeek API key: sk-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
3. Analyze Repository
code_analyzer analyze https://github.com/your/repo --output report.html
🛠️ Advanced Usage
GitHub Integration
code_analyzer analyze . \
--format sarif \
--git-token $GITHUB_TOKEN \
--output results.sarif
CI/CD Pipeline Example
- name: Run Security Scan
uses: code-analyzer/action@v1
with:
output_format: 'sarif'
output_file: 'analysis.sarif'
- name: Upload Results
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: analysis.sarif
📊 Supported Formats
| Format | Command Flag | CI/CD Integration | Example Use Case |
|---|---|---|---|
| SARIF 2.1.0 | --format sarif |
GitHub CodeQL | Enterprise security pipelines |
| HTML | --format html |
Reports | Developer summaries |
| JSON | --format json |
API Integration | Custom tooling |
| Markdown | --format md |
Documentation | Project wikis |
| Plaintext | --format txt |
Quick Checks | Terminal review |
🔒 Security Standards
- SARIF 2.1.0 Compliance
- CWE 2023 Taxonomy
- OWASP ASVS 4.0.3 Alignment
- MITRE ATT&CK Framework Mapping
📈 Performance Metrics (v0.1.5)
| Metric | Value | Improvement |
|---|---|---|
| Analysis Speed | 120 files/min | +15% |
| Vulnerability Detection | 92% accuracy | +8% |
| Memory Footprint | <500MB | -30% |
| Supported Languages | 15+ | +5 |
💡 Pro Tips
# Analyze private repository
code_analyzer analyze https://github.com/private/repo --git-token=ghp_xxxx
# Generate multiple report formats
code_analyzer analyze . --output report.html --format json
📧 Support
Empowering secure development at scale since 2024
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
code_analyzer_b-0.1.7.tar.gz
(11.0 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file code_analyzer_b-0.1.7.tar.gz.
File metadata
- Download URL: code_analyzer_b-0.1.7.tar.gz
- Upload date:
- Size: 11.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
6c01685649ca41314305d80f32504867cc62b721f69f0235d66a808328d43b06
|
|
| MD5 |
e97c70018300afbe1d63d858d86a709a
|
|
| BLAKE2b-256 |
60fe0fca334ea109ae3e318e89cc55a5a71a44cbea1cbb522623944ebbadf6fa
|
File details
Details for the file code_analyzer_b-0.1.7-py3-none-any.whl.
File metadata
- Download URL: code_analyzer_b-0.1.7-py3-none-any.whl
- Upload date:
- Size: 11.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
19a1c4087c049d47b8747dbd550cddc73cef6efbcd73e2d1ebf90ec8ca2b8f22
|
|
| MD5 |
bcb2342fa748fde1e5b19797b6fe247e
|
|
| BLAKE2b-256 |
2b32bf0a11e87b7e45528588e545044c8681c255d48777c3a11dc0ed9e30069d
|
