github-package-analyzer

GitHub Package Analyzer

A powerful tool to analyze GitHub repositories for package implementation and code quality using the GitHub API and OpenAI's GPT models.

Features

• Analyzes package.json dependencies
• Verifies actual package implementation in code
• Evaluates code quality using AI
• Generates detailed reports with scores and suggestions
• Traverses entire repository structure
• Supports multiple package analysis patterns

Installation

npm install github-package-analyzer

Configuration

You'll need to set up authentication tokens for both GitHub and OpenAI:

• GitHub Personal Access Token
• OpenAI API Key

Usage

Basic usage example:

const PackageAnalyzer = require('github-package-analyzer');

const analyzer = new PackageAnalyzer({
    githubToken: 'your-github-token',
    openaiKey: 'your-openai-key'
});

const result = await analyzer.analyze('owner', 'repo', ['react', 'express']);
console.log(JSON.stringify(result, null, 2));

Analysis Features

The analyzer performs several types of analysis:

• Dependency Check: Verifies if required packages are listed in package.json
• Implementation Check: Searches for actual usage of packages in code
• Code Quality Analysis: Uses AI to evaluate:
  • Best practices
  • Error handling
  • Performance considerations
  • Security implications
  • Code organization
• Implementation Quality: Evaluates:
  • Feature utilization
  • Integration patterns
  • Configuration
  • Package-specific best practices

Output

The analyzer generates a comprehensive report including:

• Overall pass/fail status
• Summary scores and grades
• Detailed analysis per package
• Implementation quality metrics
• AI-generated suggestions for improvement

Example report structure:

{
    "passed": true,
    "summary": {
        "totalScore": 85,
        "averageScore": 85,
        "grade": "B"
    },
    "details": {
        "dependencies": [],
        "implementation": [],
        "codeQuality": [],
        "suggestions": []
    }
}

Supported Packages

Currently supports analysis patterns for:

• React
• Express

More package patterns can be added by extending the patterns object in the checkImplementation method.

Reference to patterns implementation:

const patterns = {
    'react': {
        filePatterns: ['.jsx', '.tsx', '.js', '.ts'],
        codePatterns: ['import { useState }', 'from "react"']
    },
    'express': {
        filePatterns: ['.js'],
        codePatterns: ['require("express")', 'import express']
    }
    // Add more package patterns as needed
};

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

License

MIT License - see LICENSE file for details.

Author

Tom Tarpey

Security Note

⚠️ Never commit your API keys or tokens to version control. Use environment variables or secure configuration management for sensitive credentials.