
Research
Security News
The Growing Risk of Malicious Browser Extensions
Socket researchers uncover how browser extensions in trusted stores are used to hijack sessions, redirect traffic, and manipulate user behavior.
Kotemari: A Python library and CLI tool to analyze codebases, understand dependencies, and generate accurate context for LLMs. Simplifies RAG generation for coding tasks.
Kotemari is a Python library designed to analyze your Python project structure, understand dependencies, and intelligently generate context for Large Language Models (LLMs) like GPT. 🧠 Its core purpose is to be integrated into other development tools (like IDE extensions, analysis scripts, or chat interfaces) to provide on-demand project insights and context. It also features real-time file monitoring to keep the analysis up-to-date effortlessly! ✨
Integrating project understanding capabilities into tools or automating context generation for LLMs can be complex. Kotemari simplifies this by providing a robust Python API that:
import
statements..kotemari.yml
file, respecting .gitignore
rules.Kotemari empowers your tools by providing sophisticated project analysis capabilities through a simple and effective Python API. 🎉
Kotemari is currently under development. To install the development version:
git clone https://github.com/<YOUR_GITHUB_USERNAME>/kotemari.git
cd kotemari
# Using venv
python -m venv .venv
source .venv/bin/activate # On Windows use `.venv\Scripts\activate`
# Or using uv (recommended)
uv venv
source .venv/bin/activate # On Windows use `.venv\Scripts\activate`
# Using pip
pip install -e .[dev]
# Or using uv
uv pip install -e .[dev]
(Once released, installation will be as simple as pip install kotemari
)
Using Kotemari in your Python code is straightforward:
import logging
from pathlib import Path
from kotemari import Kotemari
# Optional: Configure logging to see Kotemari's internal activity
logging.basicConfig(level=logging.INFO, format='[%(levelname)s] %(name)s: %(message)s')
# 1. Initialize Kotemari with your project's root directory
project_path = Path("./your/project/path") # <-- Change this!
kotemari = Kotemari(project_path)
# 2. Analyze the project (builds initial cache and dependency graph)
print("Analyzing project...")
kotemari.analyze_project()
print("Analysis complete!")
# 3. Get a list of analyzed files (FileInfo objects)
print("\nAnalyzed Files:")
all_files = kotemari.list_files()
for file_info in all_files[:5]: # Print first 5 for brevity
print(f"- {file_info.path.relative_to(project_path)} (Hash: {file_info.hash[:7]}...)")
# 4. Get dependencies of a specific file
target_file = project_path / "src/module_a.py" # Example
print(f"\nDependencies of {target_file.name}:")
try:
dependencies = kotemari.get_dependencies(target_file)
if dependencies:
for dep_path in dependencies:
print(f"- {dep_path.relative_to(project_path)}")
else:
print("- No direct dependencies found.")
except FileNotFoundError:
print(f"- File {target_file.name} not found in analysis results.")
# 5. Get files that depend ON a specific file (reverse dependencies)
dependent_on_file = project_path / "src/utils.py" # Example
print(f"\nFiles depending on {dependent_on_file.name}:")
try:
reverse_deps = kotemari.get_reverse_dependencies(dependent_on_file)
if reverse_deps:
for rev_dep_path in reverse_deps:
print(f"- {rev_dep_path.relative_to(project_path)}")
else:
print("- No files directly depend on this.")
except FileNotFoundError:
print(f"- File {dependent_on_file.name} not found in analysis results.")
# 6. Generate formatted context for LLM (target file + dependencies)
context_file = project_path / "src/main_logic.py" # Example
print(f"\nGenerating context for {context_file.name}:")
try:
context_string = kotemari.get_context(context_file)
print("--- Context Start ---")
print(context_string[:500] + "... (truncated)") # Print start for brevity
print("--- Context End ---")
except FileNotFoundError:
print(f"- File {context_file.name} not found.")
except Exception as e:
print(f"An error occurred: {e}")
# 7. Optional: Start background file watching for real-time updates
# Kotemari will automatically update its internal state when files change.
print("\nStarting file watcher (runs in background)...")
kotemari.start_watching()
# --- Your application logic here ---
# You can now query kotemari methods (list_files, get_dependencies, etc.)
# and get up-to-date results reflecting any file changes.
print("Watcher is running. Modify project files to see updates (check logs if INFO enabled).")
input("Press Enter to stop watching and exit...\n")
print("Stopping watcher...")
kotemari.stop_watching()
print("Watcher stopped.")
Kotemari(project_root, config_path=None, use_cache=True, log_level=logging.WARNING)
: Initialize the analyzer.analyze_project()
: Performs the initial full analysis.list_files()
: Returns List[FileInfo]
for all tracked files.get_dependencies(file_path: Path)
: Returns Set[Path]
of files the target file imports.get_reverse_dependencies(file_path: Path)
: Returns Set[Path]
of files that import the target file.get_context(file_path: Path, include_dependencies=True, formatter=...)
: Generates a context string.start_watching()
/ stop_watching()
: Controls the background file monitor.clear_cache()
: Removes cached analysis results.Kotemari also provides a basic command-line interface for quick checks and simple tasks:
# Activate environment
source .venv/bin/activate # Or .venv\Scripts\activate
# Basic commands
kotemari analyze
kotemari list
kotemari tree
kotemari dependencies <path/to/file.py>
kotemari context <path/to/file1.py> [<path/to/file2.py>...]
# Get help
kotemari --help
kotemari analyze --help
Interested in contributing?
pytest
pytest --cov=src/kotemari
Please refer to CONTRIBUTING.md
(to be created) for contribution guidelines.
This project is licensed under the MIT License - see the LICENSE file for details.
Let Kotemari simplify your Python project analysis! 🌳
FAQs
Kotemari: A Python library and CLI tool to analyze codebases, understand dependencies, and generate accurate context for LLMs. Simplifies RAG generation for coding tasks.
We found that kotemari demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover how browser extensions in trusted stores are used to hijack sessions, redirect traffic, and manipulate user behavior.
Research
Security News
An in-depth analysis of credential stealers, crypto drainers, cryptojackers, and clipboard hijackers abusing open source package registries to compromise Web3 development environments.
Security News
pnpm 10.12.1 introduces a global virtual store for faster installs and new options for managing dependencies with version catalogs.