Enterprise-grade security analysis core engine
Project description
CodeSecure Core (codesecure-core)
The codesecure-core package is the programmatic orchestration brain of the CodeSecure platform. It provides the centralized, stateless logic for executing security scanners, managing asynchronous jobs, and enriching findings with AI models.
🎯 Module Purpose
This package encapsulates the strict business logic of the platform, adhering to a "Thin Client" architecture. It does not export command-line (CLI) applications or MCP Transport interfaces directly. Instead, it provides a stable Python API (Singletons) designed to be consumed by other packages in the CodeSecure monorepo, such as codesecure-cli and codesecure-mcp.
📦 Local Installation
Because core has no dependency on the UI/CLI layer, it can be installed natively for programmatic API usage.
cd packages/core
python -m venv .venv
# Install the core logic with basic SAST scanners
pip install -e .
# [Optional] Install AI providers (Google Gemini or Kiro CLI dependencies)
pip install -e .[google,aws]
🔌 Exported APIs & Features
The Core package exposes Manager classes via the Singleton pattern:
ScannerEngine: Orchestrates local/container execution for Bandit, Semgrep, Checkov, detect-secrets, npm-audit, pip-audit, etc.from codesecure.scanners.engine import get_scanner_engine
JobManager: Async execution tracking, lock management, TTL limits, and progress percentages.from codesecure.jobs.manager import get_job_manager
AIProviderManager: Abstracts batch prompting against Gemini and Kiro. Calculates False Positive tracking dynamically.from codesecure.ai_providers.manager import get_ai_manager
🛠️ Integration Example
Here is how a downstream module (like the MCP server) imports and utilizes the core library programmatically:
import asyncio
from pathlib import Path
from codesecure.common.models import ScanMode, CloudProvider
from codesecure.scanners.engine import get_scanner_engine
async def programmatically_scan(target_dir: str):
scan_path = Path(target_dir).resolve()
engine = get_scanner_engine()
# Check available scanners
available = engine.get_available_scanners(ScanMode.LOCAL)
print(f"Scanners ready: {available}")
# Run a unified scan seamlessly combining multiple tools
result = await engine.run_scan(
path=scan_path,
mode=ScanMode.LOCAL,
cloud_provider=CloudProvider.NONE
)
print(f"Total findings discovered: {len(result.findings)}")
asyncio.run(programmatically_scan("./my_project"))
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file codesecure_core-1.0.10.tar.gz.
File metadata
- Download URL: codesecure_core-1.0.10.tar.gz
- Upload date:
- Size: 90.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
a303cd6d001179d7a14554be438eb636f305d2d084bbac28adc746f3a149d529
|
|
| MD5 |
d4a6ada8a278faa6f23521b05f5ec0f8
|
|
| BLAKE2b-256 |
c7de80cc1acae0c5cb34a82e5da325d2b4da9dfedfad5dbeb2648c0252ec826a
|
File details
Details for the file codesecure_core-1.0.10-py3-none-any.whl.
File metadata
- Download URL: codesecure_core-1.0.10-py3-none-any.whl
- Upload date:
- Size: 119.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
7b392decb1747db2fa9a42b03ebaf56aa7bfdb2daa0a22ad9307b62ff762b32a
|
|
| MD5 |
7cdc2f35cbc30fb91eca4293de1bc360
|
|
| BLAKE2b-256 |
254ad996a7b54b3bc826df80ef424b5a608fa29989ad65fe8bf04b3b22e8ef79
|
