{"id":49624857,"url":"https://github.com/randomcodespace/codeiq","last_synced_at":"2026-05-05T05:04:38.562Z","repository":{"id":347477069,"uuid":"1194185346","full_name":"RandomCodeSpace/codeiq","owner":"RandomCodeSpace","description":"CLI + server for a deterministic code knowledge graph. 97 detectors across 35+ languages, Neo4j Embedded, Spring AI MCP server, REST API, and web UI. Pure static analysis — no AI, no external APIs, no telemetry.","archived":false,"fork":false,"pushed_at":"2026-05-03T16:03:51.000Z","size":8431,"stargazers_count":0,"open_issues_count":1,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-05-03T17:35:05.356Z","etag":null,"topics":["code-analysis","code-intelligence","graph-database","java","knowledge-graph","mcp-server","neo4j","static-analysis"],"latest_commit_sha":null,"homepage":null,"language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/RandomCodeSpace.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-03-28T02:47:47.000Z","updated_at":"2026-05-03T15:57:43.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/RandomCodeSpace/codeiq","commit_stats":null,"previous_names":["randomcodespace/code-iq","randomcodespace/codeiq"],"tags_count":56,"template":false,"template_full_name":null,"purl":"pkg:github/RandomCodeSpace/codeiq","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RandomCodeSpace%2Fcodeiq","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RandomCodeSpace%2Fcodeiq/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RandomCodeSpace%2Fcodeiq/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RandomCodeSpace%2Fcodeiq/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/RandomCodeSpace","download_url":"https://codeload.github.com/RandomCodeSpace/codeiq/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RandomCodeSpace%2Fcodeiq/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32636108,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-04T10:08:07.713Z","status":"online","status_checked_at":"2026-05-05T02:00:06.033Z","response_time":54,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["code-analysis","code-intelligence","graph-database","java","knowledge-graph","mcp-server","neo4j","static-analysis"],"created_at":"2026-05-05T05:04:34.589Z","updated_at":"2026-05-05T05:04:38.545Z","avatar_url":"https://github.com/RandomCodeSpace.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003ch1 align=\"center\"\u003ecodeiq\u003c/h1\u003e\n  \u003cp align=\"center\"\u003e\n    \u003cstrong\u003eDeterministic code knowledge graph -- scans codebases to map services, endpoints, entities, infrastructure, auth patterns, and framework usage. No AI, pure static analysis.\u003c/strong\u003e\n  \u003c/p\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://central.sonatype.com/artifact/io.github.randomcodespace.iq/code-iq\"\u003e\u003cimg src=\"https://img.shields.io/maven-central/v/io.github.randomcodespace.iq/code-iq?style=flat-square\u0026logo=apachemaven\u0026label=Maven%20Central\" alt=\"Maven Central\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/RandomCodeSpace/codeiq/actions/workflows/ci-java.yml\"\u003e\u003cimg src=\"https://img.shields.io/github/actions/workflow/status/RandomCodeSpace/codeiq/ci-java.yml?branch=main\u0026style=flat-square\u0026logo=github\u0026label=CI\" alt=\"CI\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://www.oracle.com/java/technologies/downloads/\"\u003e\u003cimg src=\"https://img.shields.io/badge/Java-25-orange?style=flat-square\u0026logo=openjdk\u0026logoColor=white\" alt=\"Java 25\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/RandomCodeSpace/codeiq/blob/main/LICENSE\"\u003e\u003cimg src=\"https://img.shields.io/github/license/RandomCodeSpace/codeiq?style=flat-square\u0026label=License\" alt=\"MIT License\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/RandomCodeSpace/codeiq/actions/workflows/security.yml\"\u003e\u003cimg src=\"https://img.shields.io/github/actions/workflow/status/RandomCodeSpace/codeiq/security.yml?branch=main\u0026style=flat-square\u0026logo=github\u0026label=Security%20%28OSS-CLI%29\" alt=\"Security (OSV-Scanner + Trivy + Semgrep + Gitleaks + jscpd + SBOM)\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://api.securityscorecards.dev/projects/github.com/RandomCodeSpace/codeiq\"\u003e\u003cimg src=\"https://api.securityscorecards.dev/projects/github.com/RandomCodeSpace/codeiq/badge\" alt=\"OpenSSF Scorecard\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://www.bestpractices.dev/projects/12650\"\u003e\u003cimg src=\"https://www.bestpractices.dev/projects/12650/badge\" alt=\"OpenSSF Best Practices\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/RandomCodeSpace/codeiq\"\u003e\u003cimg src=\"https://img.shields.io/badge/detectors-97-brightgreen?style=flat-square\u0026logo=codefactor\u0026logoColor=white\" alt=\"97 Detectors\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/RandomCodeSpace/codeiq\"\u003e\u003cimg src=\"https://img.shields.io/badge/languages-35%2B-blue?style=flat-square\u0026logo=stackblitz\u0026logoColor=white\" alt=\"35+ Languages\"\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n---\n\n## Quick Start\n\n```bash\n# Build from source (requires Java 25+, Maven 3.9+)\ngit clone https://github.com/RandomCodeSpace/codeiq.git\ncd codeiq\nmvn clean package -DskipTests\n\n# Analyze a codebase\njava -jar target/code-iq-*-cli.jar analyze /path/to/repo\n\n# Start server (REST API + MCP + React UI)\njava -jar target/code-iq-*-cli.jar serve /path/to/repo\n# Open http://localhost:8080\n```\n\n## How It Works\n\ncodeiq scans source files using 99 detectors across 35+ languages, builds a knowledge graph of code relationships, and serves it via REST API, MCP server, and React UI.\n\n```mermaid\ngraph TD\n    subgraph \"1. Index\"\n        A[File Discovery] --\u003e|git ls-files| B[Parsing Layer]\n        B --\u003e|JavaParser / ANTLR / Regex| C[99 Detectors]\n        C --\u003e|Virtual Threads| D[Graph Builder]\n        D --\u003e E[(H2 Cache)]\n    end\n\n    subgraph \"2. Enrich\"\n        E --\u003e F[Neo4j Bulk Load]\n        F --\u003e G[Cross-file Linkers]\n        G --\u003e H[Layer Classifier]\n        H --\u003e I[Service Detector]\n        I --\u003e J[(Neo4j Graph)]\n    end\n\n    subgraph \"3. Serve\"\n        J --\u003e K[REST API - 37 endpoints]\n        J --\u003e L[MCP Server - 34 tools]\n        J --\u003e M[React UI - 4 pages]\n    end\n```\n\n### Three-Command Pipeline\n\nFor large codebases or memory-constrained environments:\n\n```bash\n# 1. Index: batched H2 streaming, low memory (~1-2GB for 20K files)\njava -jar code-iq-*-cli.jar index /path/to/repo --batch-size 500\n\n# 2. Enrich: load H2 into Neo4j, run linkers + classifier + topology\njava -jar code-iq-*-cli.jar enrich /path/to/repo\n\n# 3. Serve: REST API + MCP + React UI\njava -jar code-iq-*-cli.jar serve /path/to/repo\n```\n\nFor small codebases, `analyze` does everything in one step:\n\n```bash\njava -jar code-iq-*-cli.jar analyze /path/to/repo\n```\n\n## CLI Commands\n\n| Command | Description |\n|---------|-------------|\n| `analyze [path]` | Scan and build knowledge graph (in-memory, all-in-one) |\n| `index [path]` | Memory-efficient batched indexing to H2 |\n| `enrich [path]` | Load H2 into Neo4j with linkers + classifier + topology |\n| `serve [path]` | Start React UI + REST API + MCP server |\n| `stats [path]` | Rich categorized statistics |\n| `graph [path]` | Export graph (JSON, YAML, Mermaid, DOT) |\n| `query [path]` | Query relationships (consumers, producers, callers) |\n| `find [what] [path]` | Preset queries (endpoints, guards, entities, topics) |\n| `cypher [query]` | Execute raw Cypher queries against Neo4j |\n| `topology [path]` | Service topology (blast radius, circular deps, bottlenecks) |\n| `flow [path]` | Architecture flow diagrams |\n| `bundle [path]` | Package graph + source into distributable ZIP |\n| `cache [action]` | Manage analysis cache |\n| `plugins [action]` | List/inspect detectors, suggest config |\n| `version` | Show version info |\n\n## Server\n\n```bash\njava -jar target/code-iq-*-cli.jar serve /path/to/repo --port 8080\n```\n\n```mermaid\ngraph LR\n    subgraph \"http://localhost:8080\"\n        A[\"/ React UI\"] --- B[\"/api REST API\"]\n        B --- C[\"/mcp MCP Server\"]\n    end\n```\n\n| Interface | Description |\n|-----------|-------------|\n| **React UI** (`/`) | Dashboard (stats + charts), Codebase Map (ECharts treemap), Explorer (node browser), MCP Console (tool invocationgrams, MCP Console, API Docs |\n| **REST API** (`/api`) | 37 endpoints -- stats, nodes, edges, topology, triage, search, flow |\n| **MCP Server** (`/mcp`) | 34 tools via Spring AI streamable HTTP for AI-powered code triage |\n\n## Supported Frameworks\n\n| Language | Frameworks \u0026 Patterns |\n|----------|----------------------|\n| **Java** | Spring REST, Spring Security, JPA/Hibernate, Kafka, RabbitMQ, JMS, gRPC, JAX-RS, WebSocket, Quarkus, Micronaut |\n| **Python** | Flask, Django (views + models + auth), FastAPI (routes + auth), SQLAlchemy, Celery, Pydantic |\n| **TypeScript** | Express, NestJS, Fastify, Remix, GraphQL, TypeORM, Prisma, Sequelize, Mongoose, KafkaJS, Passport/JWT |\n| **Frontend** | React, Vue, Angular, Svelte components and routes |\n| **Go** | Gin, Echo, Chi, gorilla/mux, net/http, GORM, sqlx |\n| **C#** | Entity Framework Core, Minimal APIs, ASP.NET Core |\n| **Rust** | Actix-web, Axum |\n| **Kotlin** | Ktor routes |\n| **Infra** | Terraform, Kubernetes, Docker Compose, Dockerfile, Bicep, Helm, GitHub Actions, GitLab CI, CloudFormation |\n| **Auth** | Spring Security, Django Auth, FastAPI Auth, NestJS Guards, Passport/JWT, K8s RBAC, LDAP |\n\n## Service Topology\n\nAppDynamics-style service topology from static code analysis:\n\n```bash\n# View service topology\njava -jar code-iq-*-cli.jar topology /path/to/monorepo\n\n# Blast radius analysis\njava -jar code-iq-*-cli.jar topology /path/to/repo --blast-radius service-name\n\n# Multi-repo support\njava -jar code-iq-*-cli.jar index /repo1 --graph /shared --service-name frontend\njava -jar code-iq-*-cli.jar index /repo2 --graph /shared --service-name backend\njava -jar code-iq-*-cli.jar serve /shared\n```\n\n## Configuration\n\ncodeiq is configured by a single YAML file at the repo root: **`codeiq.yml`**.\nEvery field is optional; omitted fields fall back to the in-code defaults\n(`ConfigDefaults.builtIn()`). See\n[`docs/codeiq.yml.example`](docs/codeiq.yml.example) for the full reference\nwith inline documentation. All keys are **snake_case**; camelCase spellings\nare accepted as deprecated aliases for one release and log a WARN on load.\n\n### Resolution order (last wins)\n\n1. Built-in defaults\n2. `~/.codeiq/config.yml` (user-global)\n3. `./codeiq.yml` (project)\n4. Environment variables: `CODEIQ_\u003cSECTION\u003e_\u003cKEY\u003e` (e.g. `CODEIQ_SERVING_PORT=9090`,\n   `CODEIQ_MCP_AUTH_MODE=bearer`, `CODEIQ_INDEXING_BATCH_SIZE=1000`). Nested\n   keys are flattened with underscores; values parse as YAML scalars.\n5. CLI flags on `codeiq \u003ccommand\u003e`\n\n### Commands\n\n```bash\ncodeiq config validate              # Validate ./codeiq.yml, exit 1 on error\ncodeiq config validate -p custom.yml\ncodeiq config explain                # Print each effective value + its source layer\n```\n\n### Minimal example\n\n```yaml\nproject:\n  name: my-service\n  root: .\n\nindexing:\n  exclude: ['**/node_modules/**', '**/build/**', '**/dist/**']\n  cache_dir: .codeiq/cache\n  batch_size: 500\n\nserving:\n  port: 8080\n  bind_address: 0.0.0.0\n\nmcp:\n  enabled: true\n  transport: http\n```\n\n### Spring-owned keys (stay in `application.yml`)\n\nA handful of keys drive Spring's `@ConditionalOnProperty` / `@Value` wiring\nand have not been migrated into `codeiq.yml`. Keep them in\n`src/main/resources/application.yml`:\n\n- `codeiq.neo4j.enabled` -- profile-conditional Neo4j toggle (`false` under\n  the `indexing` profile, `true` under `serving`).\n- `codeiq.neo4j.bolt.port` -- embedded Neo4j Bolt listener port.\n- `codeiq.cors.allowed-origin-patterns` -- CORS allow-list for the REST API.\n- `codeiq.ui.enabled` -- toggles the React SPA static resource handler.\n\nEverything else belongs in `codeiq.yml`. `UnifiedConfigBeans` bridges the\ntwo worlds for values that exist in both.\n\nSee `docs/codeiq.yml.example` for the full schema.\n\n## Graph Model\n\n```mermaid\ngraph LR\n    subgraph \"Node Types (34)\"\n        direction TB\n        N1[service] --- N2[endpoint]\n        N2 --- N3[class]\n        N3 --- N4[method]\n        N4 --- N5[entity]\n        N5 --- N6[topic / queue]\n        N6 --- N7[guard / middleware]\n        N7 --- N8[config_file]\n    end\n\n    subgraph \"Edge Types (28)\"\n        direction TB\n        E1[calls] --- E2[imports]\n        E2 --- E3[depends_on]\n        E3 --- E4[produces / consumes]\n        E4 --- E5[queries / connects_to]\n        E5 --- E6[extends / implements]\n        E6 --- E7[protects / contains]\n    end\n```\n\n## Benchmarks\n\n| Project | Files | Nodes | Edges | Time |\n|---------|-------|-------|-------|------|\n| kubernetes | 20,240 | 193,391 | 349,707 | 9s |\n| kafka | 6,919 | 62,692 | 120,422 | 50s |\n| django | 3,467 | 51,402 | 99,086 | 54s |\n| spring-boot | 10,524 | 27,993 | 39,776 | 27s |\n| fastapi | 2,740 | 25,475 | 30,430 | 10s |\n| nest | 2,037 | 5,757 | 11,904 | 1s |\n\nAll results are 100% deterministic across runs.\n\n## Development\n\n```bash\ngit clone https://github.com/RandomCodeSpace/codeiq.git\ncd codeiq\nmvn clean package    # Build + test (3,270 tests across 236 files)\nmvn test             # Tests only\n```\n\n### Maven Dependency\n\n```xml\n\u003cdependency\u003e\n    \u003cgroupId\u003eio.github.randomcodespace.iq\u003c/groupId\u003e\n    \u003cartifactId\u003ecode-iq\u003c/artifactId\u003e\n    \u003cversion\u003e0.0.1-beta.0\u003c/version\u003e\n\u003c/dependency\u003e\n```\n\n## License\n\nMIT License. See [LICENSE](LICENSE) for details.\n\n---\n\n\u003cp align=\"center\"\u003e\n  Built with intelligence. No AI required.\n\u003c/p\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frandomcodespace%2Fcodeiq","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frandomcodespace%2Fcodeiq","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frandomcodespace%2Fcodeiq/lists"}