AI-powered code vulnerability scanner for GitHub repositories
Project description
CodeAnalyzer 🔍 | AI-Powered Code Security Analysis
Enterprise-grade static code analysis with AI-powered vulnerability detection and SARIF export
pip install code-analyzer-b==0.1.8
🚀 Features
- AI-Powered Analysis - DeepSeek integration for intelligent vulnerability detection
- Multi-Format Reports - SARIF, HTML, JSON, Markdown, and plaintext outputs
- CI/CD Ready - Seamless integration with GitHub Actions, GitLab CI, and Jenkins
- Enterprise Security - CWE tracking, OWASP Top 10 mapping, GDPR compliance
- Performance Optimized - Analyze 100+ files/minute with minimal resource usage
📦 Quick Start
1. Installation
pip install code-analyzer-b
2. Configuration
code_analyzer setup
🔑 Enter your DeepSeek API key: sk-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
3. Analyze Repository
code_analyzer analyze https://github.com/your/repo --output report.html
🛠️ Advanced Usage
GitHub Integration
code_analyzer analyze . \
--format sarif \
--git-token $GITHUB_TOKEN \
--output results.sarif
CI/CD Pipeline Example
- name: Run Security Scan
uses: code-analyzer/action@v1
with:
output_format: 'sarif'
output_file: 'analysis.sarif'
- name: Upload Results
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: analysis.sarif
📊 Supported Formats
| Format | Command Flag | CI/CD Integration | Example Use Case |
|---|---|---|---|
| SARIF 2.1.0 | --format sarif |
GitHub CodeQL | Enterprise security pipelines |
| HTML | --format html |
Reports | Developer summaries |
| JSON | --format json |
API Integration | Custom tooling |
| Markdown | --format md |
Documentation | Project wikis |
| Plaintext | --format txt |
Quick Checks | Terminal review |
🔒 Security Standards
- SARIF 2.1.0 Compliance
- CWE 2023 Taxonomy
- OWASP ASVS 4.0.3 Alignment
- MITRE ATT&CK Framework Mapping
📈 Performance Metrics (v0.1.5)
| Metric | Value | Improvement |
|---|---|---|
| Analysis Speed | 120 files/min | +15% |
| Vulnerability Detection | 92% accuracy | +8% |
| Memory Footprint | <500MB | -30% |
| Supported Languages | 15+ | +5 |
💡 Pro Tips
# Analyze private repository
code_analyzer analyze https://github.com/private/repo --git-token=ghp_xxxx
# Generate multiple report formats
code_analyzer analyze . --output report.html --format json
📧 Support
Empowering secure development at scale since 2024
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
code_analyzer_b-0.1.8.tar.gz
(10.9 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file code_analyzer_b-0.1.8.tar.gz.
File metadata
- Download URL: code_analyzer_b-0.1.8.tar.gz
- Upload date:
- Size: 10.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
42ca9dd116a2a6bf4358edf32047d82be828adec43ad89f84ad4bcae16d6ee02
|
|
| MD5 |
2f22cb9a2e34754124d2968998eaadae
|
|
| BLAKE2b-256 |
0bc66e614f72410f7c1b52abd64b3e9af8ec554f69c05b5cf36cd293fef2f24c
|
File details
Details for the file code_analyzer_b-0.1.8-py3-none-any.whl.
File metadata
- Download URL: code_analyzer_b-0.1.8-py3-none-any.whl
- Upload date:
- Size: 11.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
be10e5aa8d7e87b9c3f0d76d9548c1726cf99f1d4e4a40e9e59dd5f1d3c691ba
|
|
| MD5 |
6dab6f7f173f13e3e7c7c749c9889c7d
|
|
| BLAKE2b-256 |
016c4109dc5689220e9b5a533040965f9eeb5533564c250e554f4237ec22969c
|
