Comprehensive Code Analyzer

A powerful, extensible TypeScript/JavaScript code analyzer that provides SonarQube-style quality analysis, security scanning, and GDPR compliance checking.

Features

$3

- Cyclomatic & Cognitive Complexity - Advanced complexity metrics with configurable thresholds
- Maintainability Index - Halstead-based maintainability scoring
- Technical Debt Assessment - Quantified technical debt in minutes
- Code Duplication Detection - AST-based duplication analysis with refactoring suggestions
- Documentation Coverage - JSDoc analysis with quality scoring
- Naming Convention Validation - Configurable naming rules for functions, classes, variables

$3

- Vulnerability Scanning - Detection of common security vulnerabilities
- Secret Detection - API keys, passwords, and sensitive data detection
- Cryptographic Analysis - Weak encryption and hashing algorithm detection
- Input Validation - SQL injection, XSS, and other injection vulnerabilities

$3

- GDPR Compliance - Personal data handling and privacy compliance analysis
- Security Standards - OWASP Top 10 compliance checking
- Industry Standards - Configurable compliance framework support

$3

- SonarQube-style Gates - Configurable quality thresholds
- Rating System - A-E ratings for complexity, maintainability, and reliability
- Metrics Dashboard - Comprehensive project health metrics

Installation

$3

``bash
npm install -g @aitek/comprehensive-code-analyzer
`

$3

`bash
npm install --save-dev @aitek/comprehensive-code-analyzer
`

Quick Start

$3

`bash

Analyze current directory

code-analyzer analyze .

Analyze specific files

code-analyzer analyze src/components/*.ts

Generate HTML report

code-analyzer analyze . --format html --output report.html

Run specific analyzers only

code-analyzer analyze . --analyzers quality-analyzer,security-analyzer

Initialize configuration file

code-analyzer init
`

$3

`typescript
import { ComprehensiveCodeAnalyzer } from '@aitek/comprehensive-code-analyzer';

const analyzer = new ComprehensiveCodeAnalyzer();

// Analyze files
const report = await analyzer.analyze(['src/*/.ts'], {
analyzers: ['quality-analyzer', 'security-analyzer'],
format: 'json',
includeMetrics: true
});

console.log(Found ${report.summary.totalIssues} issues);
console.log(Quality Rating: ${report.summary.qualityRating});
console.log(Technical Debt: ${report.summary.technicalDebt} minutes);
`

Configuration

Create a .code-analyzer.json file in your project root:

`json
{
"analyzers": [
"quality-analyzer",
"security-analyzer",
"vulnerability-scanner",
"gdpr-compliance-analyzer"
],
"include": ["*/.{ts,js,tsx,jsx}"],
"exclude": ["node_modules/", "dist/", "*.test.{ts,js}"],
"thresholds": {
"cyclomaticComplexity": 10,
"cognitiveComplexity": 15,
"maintainabilityIndex": 20,
"technicalDebtRatio": 5,
"duplicatedLinesThreshold": 3
},
"qualityGates": {
"coverage": 80,
"duplicatedLines": 3,
"maintainabilityRating": "C",
"reliabilityRating": "B"
},
"reporting": {
"format": "json",
"includeMetrics": true,
"includeSuggestions": true
}
}
`

Available Analyzers

| Analyzer | Description |
|----------|-------------|
| quality-analyzer | Code quality, complexity, and maintainability analysis |
| security-analyzer | General security vulnerability detection |
| vulnerability-scanner | Known vulnerability and dependency scanning |
| cryptographic-analyzer | Cryptographic implementation analysis |
| secret-detector | Sensitive data and credential detection |
| gdpr-compliance-analyzer | GDPR and privacy compliance checking |

Output Formats

$3

`bash
code-analyzer analyze . --format json --output report.json
`

$3

`bash
code-analyzer analyze . --format html --output report.html
`

$3

`bash
code-analyzer analyze . --format markdown --output report.md
`

$3

`bash
code-analyzer analyze . --format sarif --output report.sarif
`

Quality Metrics

The analyzer provides comprehensive metrics including:

- Cyclomatic Complexity - Measure of code complexity
- Cognitive Complexity - Human-perceived complexity
- Maintainability Index - Overall maintainability score
- Technical Debt - Estimated time to fix issues
- Code Coverage - Test coverage analysis
- Duplication Percentage - Code duplication metrics
- Quality Ratings - A-E ratings for different aspects

Integration

$3

`yaml

GitHub Actions

- name: Code Analysis
run: |
npm install -g @aitek/comprehensive-code-analyzer
code-analyzer analyze . --format sarif --output results.sarif

- name: Upload SARIF
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: results.sarif
`

$3

`json
{
"husky": {
"hooks": {
"pre-commit": "code-analyzer analyze --analyzers quality-analyzer"
}
}
}
`

$3

Add to your VS Code tasks:

`json
{
"version": "2.0.0",
"tasks": [
{
"label": "Analyze Code Quality",
"type": "shell",
"command": "code-analyzer",
"args": ["analyze", ".", "--format", "json"],
"group": "build",
"presentation": {
"echo": true,
"reveal": "always"
}
}
]
}
`

Custom Analyzers

Extend the analyzer with custom rules:

`typescript
import { BaseAnalyzer, AnalysisResult, ParsedFile } from '@aitek/comprehensive-code-analyzer';

class CustomAnalyzer extends BaseAnalyzer {
readonly id = 'custom-analyzer';
readonly name = 'Custom Rules Analyzer';
readonly description = 'Custom business logic analysis';

async analyze(files: ParsedFile[]): Promise {
const issues = [];

for (const file of files) {
// Your custom analysis logic
if (this.violatesBusinessRule(file)) {
issues.push(this.createIssue(
'Business Rule Violation',
'Custom business rule violated',
file.path,
'Fix according to business requirements'
));
}
}

return this.createAnalysisResult(issues);
}

private violatesBusinessRule(file: ParsedFile): boolean {
// Your custom logic here
return false;
}
}

// Register custom analyzer
const analyzer = new ComprehensiveCodeAnalyzer();
analyzer.registerAnalyzer(new CustomAnalyzer());
`

API Reference

$3

Main analyzer class for running analysis.

#### Methods

- analyze(paths: string[], options?: AnalysisOptions): Promise
- getAvailableAnalyzers(): string[]
- registerAnalyzer(analyzer: Analyzer): void

$3

Configuration options for analysis.

`typescript
interface AnalysisOptions {
analyzers?: string[];
filePatterns?: string[];
format?: 'json' | 'html' | 'markdown' | 'sarif';
outputPath?: string;
includeMetrics?: boolean;
includeSuggestions?: boolean;
}
`

$3

Analysis results structure.

`typescript
interface AnalysisReport {
summary: {
totalFiles: number;
totalIssues: number;
criticalIssues: number;
highIssues: number;
mediumIssues: number;
lowIssues: number;
technicalDebt: number;
qualityRating: 'A' | 'B' | 'C' | 'D' | 'E';
};
results: AnalysisResult[];
metrics?: Record;
timestamp: string;
version: string;
}
`

Examples

$3

`bash

Analyze TypeScript project

code-analyzer analyze src/ --analyzers quality-analyzer

Generate detailed HTML report

code-analyzer analyze . --format html --output quality-report.html
`

$3

`bash

Run security analyzers only

code-analyzer analyze . --analyzers security-analyzer,vulnerability-scanner,secret-detector

SARIF output for security tools

code-analyzer analyze . --format sarif --output security.sarif
`

$3

`bash

Check GDPR compliance

code-analyzer analyze . --analyzers gdpr-compliance-analyzer --format markdown --output gdpr-report.md
`

$3

`bash

Fail build on high-priority issues

code-analyzer analyze . --analyzers quality-analyzer,security-analyzer || exit 1
``

Contributing

1. Fork the repository
2. Create a feature branch
3. Add tests for new functionality
4. Ensure all tests pass
5. Submit a pull request

License

MIT License - see LICENSE file for details.

Support

- 📖 Documentation
- 🐛 Issue Tracker
- 💬 Discussions

---

Made with ❤️ by the Aitek Development Team