A structural review layer for Python — baseline-aware, deterministic, built for CI and AI agents

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for orenlab from gravatar.com orenlab

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: MPL-2.0 AND MIT
    SPDX License Expression
  • Author: Den Rozhnovskiy
  • Maintainer: Den Rozhnovskiy
  • Tags python , ast , cfg , code-clone , duplication , static-analysis , architecture , control-flow , ci
  • Requires: Python >=3.10
  • Provides-Extra: mcp , dev
Classifiers
Report project as malware

Project description

CodeClone

A structural review layer for Python — baseline-aware, deterministic, built for CI and AI agents

PyPI Tests Benchmark Python

CodeClone adds a control layer between analysis and CI: it isolates structural regressions from historical debt, so merges are blocked only by what actually got worse.

The same analysis pipeline powers CLI reports, CI checks, the MCP server, and native IDE/agent clients — so humans and AI agents operate on identical, deterministic facts.

Features

Control & governance

  • Baseline governance — separates accepted legacy debt from new regressions; CI fails only on what changed
  • CI-first — deterministic output, stable ordering, exit code contract, pre-commit support
  • Reports — interactive HTML, JSON, Markdown, SARIF, and text from one canonical report

Detection & analysis

  • Clone detection — function (CFG fingerprint), block (statement windows), and segment (report-only) clones
  • Structural findings — duplicated branch families, clone guard/exit divergence, and clone-cohort drift
  • Quality metrics — cyclomatic complexity, coupling (CBO), cohesion (LCOM4), dependency cycles, adaptive depth profile, dead code, health score, and overloaded-module profiling
  • Adoption & API — type/docstring annotation coverage, public API surface inventory and baseline diff
  • Coverage Join — fuse external Cobertura XML into the current run to surface coverage hotspots and scope gaps
  • Security Surfaces — report-only inventory of security-relevant capability boundaries without vulnerability claims

Surfaces & integrations

  • MCP control surface — triage-first agent and IDE interface over the same canonical pipeline; read-only by contract
  • IDE & agent clients — VS Code extension, Claude Desktop bundle, and Codex plugin over the same MCP contract

Performance

  • Fast — incremental caching, parallel processing, warm-run optimization

Quick Start

uv tool install codeclone

codeclone .                    # analyze
codeclone . --html             # HTML report
codeclone . --html --open-html-report
codeclone . --json --md --sarif --text
codeclone . --ci               # CI mode

Run without installing:

uvx codeclone@latest .

CI Workflow

# 1. Generate and commit the baseline
codeclone . --update-baseline

# 2. Enforce it in CI
codeclone . --ci

--ci equals --fail-on-new --no-color --quiet. When a trusted metrics baseline is loaded, CI mode also enables --fail-on-new-metrics.

Exit codes:

Code Meaning
0 Success
2 Contract error — untrusted baseline, invalid config, unreadable sources in CI
3 Gating failure — new clones or metric threshold exceeded
5 Internal error

Contract errors (2) take precedence over gating failures (3).

Reports

codeclone . --html
codeclone . --json
codeclone . --md
codeclone . --sarif
codeclone . --text

All formats are rendered from one canonical report payload.

Report contract: https://orenlab.github.io/codeclone/book/08-report/

MCP and Native Clients

uv tool install "codeclone[mcp]"

codeclone-mcp --transport stdio

The MCP server is read-only by contract: it never mutates source files, baselines, cache, or repository state.

Surface Link
VS Code extension https://marketplace.visualstudio.com/items?itemName=orenlab.codeclone
Claude Desktop bundle https://github.com/orenlab/codeclone/tree/main/extensions/claude-desktop-codeclone
Codex plugin https://github.com/orenlab/codeclone/tree/main/plugins/codeclone

MCP docs: https://orenlab.github.io/codeclone/book/20-mcp-interface/

Configuration

[tool.codeclone]
baseline = "codeclone.baseline.json"
min_loc = 10
min_stmt = 6
block_min_loc = 20
block_min_stmt = 8
fail_on_new = true
fail_cycles = true
fail_dead_code = true
fail_health = 80

Precedence: CLI flags > pyproject.toml > built-in defaults.

Config reference: https://orenlab.github.io/codeclone/book/04-config-and-defaults/

License

  • Code: MPL-2.0 (LICENSE)
  • Documentation and docs-site content: MIT (LICENSE-MIT)

License scope map: https://github.com/orenlab/codeclone/blob/main/LICENSES.md

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for orenlab from gravatar.com orenlab

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: MPL-2.0 AND MIT
    SPDX License Expression
  • Author: Den Rozhnovskiy
  • Maintainer: Den Rozhnovskiy
  • Tags python , ast , cfg , code-clone , duplication , static-analysis , architecture , control-flow , ci
  • Requires: Python >=3.10
  • Provides-Extra: mcp , dev
Classifiers

Release history Release notifications | RSS feed

This version

2.0.2

2.0.1

2.0.0

2.0.0b7 pre-release

2.0.0b6 pre-release

2.0.0b5 pre-release

2.0.0b4 pre-release

2.0.0b3 pre-release

2.0.0b2 pre-release

2.0.0b1 pre-release

1.4.4

1.4.3

1.4.2

1.4.1

1.4.0

1.3.0

1.2.1

1.2.0

1.1.0

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

codeclone-2.0.2.tar.gz (594.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

codeclone-2.0.2-py3-none-any.whl (478.4 kB view details)

Uploaded Python 3

File details

Details for the file codeclone-2.0.2.tar.gz.

File metadata

  • Download URL: codeclone-2.0.2.tar.gz
  • Upload date:
  • Size: 594.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for codeclone-2.0.2.tar.gz
Algorithm Hash digest
SHA256 d728147d98a98da10cd2e06210a0e7d9362bd56bb4dec4d2aaf320259e0c4677
MD5 814e038ec3bff05bcdbfc0f5bb9e1319
BLAKE2b-256 91bb01b330119024c30e4ae70ef958d73b2405efe7d8da55ebaa26954f553979

See more details on using hashes here.

Provenance

The following attestation bundles were made for codeclone-2.0.2.tar.gz:

Publisher: publish.yml on orenlab/codeclone

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file codeclone-2.0.2-py3-none-any.whl.

File metadata

  • Download URL: codeclone-2.0.2-py3-none-any.whl
  • Upload date:
  • Size: 478.4 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for codeclone-2.0.2-py3-none-any.whl
Algorithm Hash digest
SHA256 6967a604a5ad9f0b8975ea6a753bd9035519f01f5b314da99e33dcbd16e79340
MD5 4210b9b8eda35317ed71d9014b6616a2
BLAKE2b-256 c5b17e71f3fce294e679702ab37d4b2073a203517f5b11220bb16f4edaa93335

See more details on using hashes here.

Provenance

The following attestation bundles were made for codeclone-2.0.2-py3-none-any.whl:

Publisher: publish.yml on orenlab/codeclone

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page