Skip to content

AvixoSec/codesight

BranchesTags

Repository files navigation

CodeSight

Code analysis CLI — reviews, bugs, docs, and refactoring from your terminal.

CodeSight connects to LLM APIs (OpenAI, Anthropic, Google) for code review, bug hunting, docs, and refactoring. Works with any language.

CI Python 3.10+ License: MIT

What it does

  • codesight review — code review with severity-tagged issues (crit/warn/info)
  • codesight bugs — find logic errors, race conditions, resource leaks
  • codesight scan . — scan an entire directory with progress bar
  • codesight docs — auto-generate docstrings and module docs
  • codesight explain — plain-language breakdown of complex code
  • codesight refactor — refactoring suggestions with before/after diffs

Demo

$ codesight review auth/login.py

╭──────────────────────────────────────────────────────────╮
│  CodeSight  REVIEW  OpenAI (gpt-5.4)                     │
│                                          1,247 tokens    │
╰──────────────────────────────────────────────────────────╯

## Summary
Authentication module with 3 issues found.

## Issues
[crit] ln 42 — JWT secret is hardcoded: SECRET = "admin123"
[crit] ln 87 — f-string in SQL query → injection risk
[warn] ln 15 — hashlib imported but never used

## Suggestions
- Move JWT secret to environment variable
- Use parameterized queries for all SQL operations
- Remove unused import to reduce attack surface

Quick Start

# Install
pip install codesight

# Configure your provider
codesight config

# Run a review
codesight review src/main.py

# Detect bugs
codesight bugs lib/parser.py

# Scan a whole project
codesight scan . --task review
codesight scan src/ --ext .py .js

# Generate docs
codesight docs utils/helpers.py

Provider Support

Provider Models Setup
OpenAI GPT-5.4, GPT-5.3-Codex OPENAI_API_KEY
Anthropic Claude Opus 4.6, Claude Sonnet 4.6 ANTHROPIC_API_KEY
Google Vertex AI Gemini 3.1 Pro, Gemini 3.1 Flash GOOGLE_CLOUD_PROJECT + ADC

Configuration

CodeSight stores config in ~/.codesight/config.json. You can configure it interactively:

codesight config

Or set environment variables:

export OPENAI_API_KEY="sk-..."
export CODESIGHT_MODEL="gpt-5.4"
codesight review my_file.py

Switch providers on the fly:

codesight review my_file.py --provider anthropic
codesight bugs my_file.py --provider google
codesight explain my_file.py --provider openai

Architecture

codesight/
├── __init__.py
├── __main__.py
├── cli.py
├── config.py
├── analyzer.py
└── providers/
    ├── base.py
    ├── factory.py
    ├── openai_provider.py
    ├── anthropic_provider.py
    └── google_provider.py

Development

git clone https://github.com/AvixoSec/codesight.git
cd codesight
pip install -e ".[dev]"
pytest tests/ -v
ruff check codesight/

Roadmap

  • codesight scan . — analyze a whole directory
  • codesight diff — review only git-changed files
  • Context compression — code maps to reduce token usage
  • Exit codes for CI/CD (0 = clean, 1 = warnings, 2 = critical)
  • Streaming output for large files
  • Cost tracking per query
  • GitHub Action
  • Custom prompt templates
  • Publish to PyPI

License

MIT — see LICENSE.

About

AI-powered code analysis CLI

Resources

Readme

License

MIT license

Contributing

Contributing
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages