Launch Week Day 3: Introducing Organization Notifications in Socket.Learn More →

Book a Demo Sign in

code-analyzer-b

Package Overview

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

code-analyzer-b

A tool to analyze code repositories for security vulnerabilities using DeepSeek AI

PyPI

Version: 0.2.4

Maintainers: 1

Code Analyzer

   ██████╗ ██████╗ ██████╗ ███████╗    █████╗ ███╗   ██╗ █████╗ ██╗   ██╗   ██╗ ███████╗███████╗██████╗ 
  ██╔════╝██╔═══██╗██╔══██╗██╔════╝   ██╔══██╗████╗  ██║██╔══██╗██║   ╚██╗ ██╔╝ ╚══███╔╝██╔════╝██╔══██╗
  ██║     ██║   ██║██║  ██║█████╗     ███████║██╔██╗ ██║███████║██║    ╚████╔╝    ███╔╝ █████╗  ██████╔╝
  ██║     ██║   ██║██║  ██║██╔══╝     ██╔══██║██║╚██╗██║██╔══██║██║      ██╔╝    ███╔╝  ██╔══╝  ██╔══██╗
  ╚██████╗╚██████╔╝██████╔╝███████╗██╗██║  ██║██║ ╚████║██║  ██║███████╗ ██║    ███████╗███████╗██║  ██║
   ╚═════╝ ╚═════╝ ╚═════╝ ╚══════╝╚═╝╚═╝  ╚═╝╚═╝  ╚═══╝╚═╝  ╚═╝╚══════╝ ╚═╝    ╚══════╝╚══════╝╚═╝  ╚═╝

Code Analyzer 🛡️ is a powerful command-line tool for analyzing code repositories for security vulnerabilities 🐛 and bugs. It leverages the DeepSeek API 🤖 to provide AI-powered insights into your codebase, helping you identify and address potential issues efficiently.

Version: 0.2.x 🚀

📦 Installation

To install Code Analyzer version 0.2.x, use pip:

pip install code-analyzer==0.2.x

After installation, set up your DeepSeek API key 🔑:

code_analyzer setup

Follow the prompts to enter your API key. You can obtain a key from DeepSeek.

🕵️ Usage

Analyzing a GitHub Repository 🌐

To analyze a public GitHub repository:

code_analyzer analyze https://github.com/user/repo

For private repositories, use the --git-token option with a GitHub access token 🔒:

code_analyzer analyze https://github.com/user/private-repo --git-token YOUR_TOKEN

Analyzing a Local Directory 📁

To analyze a local directory:

code_analyzer analyze /path/to/local/repo

Or, to analyze the current directory:

code_analyzer analyze .

⚙️ Options

-o, --output FILE 💾: Save the report to a file (supports .txt, .md, .html, .json, .sarif)
-f, --format FORMAT 🎨: Specify the output format (txt, md, html, json, sarif)
--verbose 📣: Enable detailed output for debugging
--no-details 🚫: Exclude detailed findings from the report
--lang LANG 🌍: Set the report language (en, uz, zh, ru)
--no-stream 🤐: Suppress console output and save directly to the output file

Example with options:

code_analyzer analyze . --output report.sarif --format sarif --no-stream --lang zh

✨ Features

🤖 AI-Powered Analysis: Utilizes DeepSeek's API for intelligent code analysis
🌐 Multi-Language Support: Reports available in English, Uzbek, Chinese, and Russian
⚡ CI/CD Integration: Easily integrates with GitHub Actions for automated code scanning
📄 Flexible Output: Supports multiple report formats, including SARIF for GitHub code scanning
💻 Local and Remote Analysis: Analyze both local directories and remote GitHub repositories

🔍 For more information, visit the GitHub repository🐙

FAQs

What is code-analyzer-b?

Is code-analyzer-b well maintained?

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install