https://github.com/rudra496/codevista
๐ CodeVista โ AI-powered code analysis & visualization tool. Understand complex codebases instantly. Dependency graphs, architecture insights & quality metrics.
https://github.com/rudra496/codevista
ci-cd code-analysis code-metrics code-quality code-review code-security code-smell developer-tools devsecops hacktoberfest html-reports linter open-source python sast security-audit software-quality static-analysis technical-debt vulnerability
Last synced: 1 day ago
JSON representation
๐ CodeVista โ AI-powered code analysis & visualization tool. Understand complex codebases instantly. Dependency graphs, architecture insights & quality metrics.
- Host: GitHub
- URL: https://github.com/rudra496/codevista
- Owner: rudra496
- License: mit
- Created: 2026-03-26T21:51:11.000Z (3 months ago)
- Default Branch: master
- Last Pushed: 2026-06-05T22:12:54.000Z (4 days ago)
- Last Synced: 2026-06-05T22:20:40.048Z (4 days ago)
- Topics: ci-cd, code-analysis, code-metrics, code-quality, code-review, code-security, code-smell, developer-tools, devsecops, hacktoberfest, html-reports, linter, open-source, python, sast, security-audit, software-quality, static-analysis, technical-debt, vulnerability
- Language: Python
- Homepage: https://rudra496.github.io/codevista
- Size: 441 KB
- Stars: 5
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- Contributing: CONTRIBUTING.md
- Funding: .github/FUNDING.yml
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
- Security: SECURITY.md
- Support: SUPPORT.md
- Roadmap: ROADMAP.md
Awesome Lists containing this project
README
โโโโโโโ โโโโโโโ โโโโ โโโ โโโโโโโ โโโโโโโโโโโ โโโโโโโ โโโ โโโโโโโโโโโโ
โโโโโโโโโโโโโโโโโโโโโโ โโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโ โโโ โโโโโโโโโโโโ
โโโ โโโโโโโโโโโโโโโโโ โโโโโโ โโโโโโโโโโโโโโโโโโ โโโโโโโโโโโโ โโโ
โโโ โโโโโโโโโโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโ โโโโโโโโโโโ โโโ
โโโโโโโโโโโโ โโโโโโ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โโโ โโโ
โโโโโโโ โโโ โโโโโโ โโโโโ โโโโโโโ โโโโโโโโโโโ โโโโโโโ โโโ โโโ โโโ
CodeVista โ Code Analysis & Security Scanner
Deep analytics for your code โ a powerful static analysis tool
Beautiful interactive codebase visualizations โ single HTML, zero dependencies.
---
## โจ What is CodeVista?
CodeVista analyzes your codebase and generates a **stunning single-page HTML report** โ no server, no internet, no external dependencies. Just share one file and everyone can explore your code visually.
## ๐ Quick Start
```bash
pip install codevista
codevista analyze ./my-project/
```
That's it. Open `report.html` in any browser. No server needed.
## ๐ฆ Installation
```bash
pip install codevista
```
Zero external dependencies โ pure Python stdlib.
## ๐ฏ Commands
| Command | Description |
|---------|-------------|
| `codevista analyze ./project/` | Full analysis with all features |
| `codevista analyze ./project/ -o report.html` | Custom output path |
| `codevista analyze ./project/ --no-git` | Skip git analysis |
| `codevista analyze ./project/ --depth 3` | Limit directory depth |
| `codevista quick ./project/` | Fast analysis (~3 seconds) |
| `codevista serve ./project/ --port 8080` | Serve report on HTTP server |
| `codevista compare ./v1/ ./v2/` | Compare two codebases |
| `codevista watch ./project/` | Re-analyze on file changes |
| `codevista smells ./project/` | Detect code smells and anti-patterns |
| `codevista architecture ./project/` | Detect architecture patterns |
| `codevista code-age ./project/` | Analyze file age, churn, and risk |
| `codevista export ./project/ -f sarif` | Export as SARIF for CI |
| `codevista export ./project/ --all` | Export to all formats |
| `codevista health ./project/` | Health score only |
| `codevista security ./project/` | Security scan only |
| `codevista deps ./project/` | Dependency analysis |
| `codevista git-stats ./project/` | Git repository statistics |
| `codevista languages ./project/` | Language distribution breakdown |
| `codevista complexity ./project/` | Complexity analysis and top functions |
| `codevista snapshot ./project/` | Save analysis snapshot for trend tracking |
| `codevista trends ./project/` | Show project health trends over time |
| `codevista diff-snapshots ./project/ 1 2` | Compare two snapshots |
| `codevista team ./project/` | Team productivity & collaboration analysis |
| `codevista ci-output ./project/ -f sarif` | CI/CD output (SARIF, Checkstyle, etc.) |
| `codevista decay ./project/` | Architectural decay analysis |
| `codevista dna ./project/` | Generate CodeDNA fingerprint |
| `codevista lint ./project/` | Language-specific lint rules |
## ๐ What It Analyzes
### ๐๏ธ Architecture Map
- File dependency graph โ who imports whom
- Interactive directory tree with line counts
- Module cluster detection
### ๐ Code Metrics
- Lines of code per file (interactive bar chart)
- Cyclomatic complexity (hot spot detection)
- Code duplication detection (hash-based)
- Comment coverage tracking
- File size distribution
### ๐งฉ Technology Detection
- Language detection (65+ languages)
- Framework detection (React, Django, Flask, Express, etc.)
- Dependency inventory with versions
### ๐ฅ Health Score
- Overall health: 0-100 (composite score)
- Per-category: readability, complexity, duplication, coverage, security, dependencies
- Color-coded indicators (green/yellow/red)
- Specific improvement recommendations
### ๐ Security Scan
- Hardcoded secrets (AWS, GitHub, Stripe, API keys, passwords, tokens)
- Dangerous functions (eval, exec, shell=True, pickle)
- Private key detection
- Severity scoring (critical/high/medium/low)
### ๐ฅ Git Insights
- Contribution heatmap (52-week calendar)
- Top contributors with commit share
- Most active files
- Commit statistics
### ๐ Code Smell Detection
CodeVista detects **19 categories of code smells** that go beyond typical linters:
| Smell | Description |
|-------|-------------|
| **God Classes** | Classes with too many methods/fields/responsibilities |
| **Long Parameter Lists** | Functions with too many params, especially with `=None` |
| **Feature Envy** | Methods using another class's data more than their own |
| **Divergent Change** | Classes modified for multiple unrelated reasons |
| **Shotgun Surgery** | Single logical change requiring edits across many files |
| **Parallel Inheritance** | Adding a subclass of A always requires subclassing B |
| **Speculative Generality** | Unused abstractions, abstract methods never overridden |
| **Temporary Fields** | Instance variables set only in certain methods |
| **Message Chains** | Long dot chains: `a.b.c.d.e.f` |
| **Middle Man** | Classes that only delegate to another class |
| **Comment Smells** | Comments describing WHAT code does, not WHY |
| **Dead Code** | Variables assigned but never read, functions never called |
| **Magic Numbers** | Unnamed numeric literals scattered in code |
| **Copy-Paste Code** | Near-duplicate blocks within and across files |
| **Missing Error Handling** | I/O operations without try/catch or error checks |
| **Inconsistent Naming** | Mixing camelCase and snake_case conventions |
| **Boolean Parameters** | Flags indicating method should be split |
| **isinstance Chains** | Type checking chains suggesting missing polymorphism |
Each smell comes with severity, location, and **actionable remediation advice**.
```bash
codevista smells ./my-project/
```
### ๐๏ธ Architecture Pattern Detection
Automatically identifies architectural patterns from project structure and code:
- **MVC / MVVM / MVP** โ UI patterns
- **Layered Architecture** โ presentation, business, data layers
- **Clean Architecture** โ entities, use cases, controllers, adapters
- **Hexagonal** โ ports & adapters pattern
- **Repository Pattern** โ data access mediation
- **Service Layer** โ application boundary with coordinating operations
- **CQRS** โ command/query separation
- **Event-Driven** โ event publishers, subscribers, handlers
- **Microservices** โ independent service architecture
- **Singleton / Factory / Strategy / Observer / Decorator** โ design patterns
- **Dependency Injection** โ DI framework and manual injection
Includes architecture quality scoring (organization, coupling, modularity, balance) and text-based architecture diagrams.
```bash
codevista architecture ./my-project/
```
### ๐
Code Age & Risk Analysis
Track file age, change frequency, and identify files most likely to have bugs:
| Category | Description |
|----------|-------------|
| ๐ฅ **Hot** | Changed in the last 7 days |
| ๐ค๏ธ **Warm** | Changed in the last 30 days |
| โ๏ธ **Cold** | Changed 30-365 days ago |
| ๐ง **Cold Stable** | Old but few changes (stable) |
| ๐ **Dead** | Unchanged for >1 year |
**Risk Analysis** correlates age ร complexity ร churn to identify the files most likely to contain bugs:
- Files with high age, high complexity, and high change frequency get the highest risk scores
- Statistical correlation analysis between age, complexity, and churn
- Actionable recommendations for high-risk files
```bash
codevista code-age ./my-project/
```
## ๐ Trend Analysis
Track code quality over time with snapshots and trend visualization.
### How It Works
1. **Save snapshots** after each analysis run
2. **Compare snapshots** to see how your codebase evolves
3. **Get alerted** when metrics cross critical thresholds
4. **Track technical debt** ratio over time
```bash
# Save a snapshot of the current state
codevista snapshot ./my-project/
# Save with a label
codevista snapshot ./my-project/ --label "before-refactor"
# View trends
codevista trends ./my-project/
# Compare two specific snapshots
codevista diff-snapshots ./my-project/ 1 2
```
### ASCII Timeline Example
```
๐ Health Score Timeline
100 โคโโโโโโโโโโโโโโโโโโโโ
โโโโโโโโโโโโโโโโโโโโโ
โโโโโโโโโโโโโโโโโโโโโ
โโโโโโโโโโโโโโโโโโโโโ
โโโโโโโโโโโโโโโโโโโโโ
โโโโโโโโโโโโโโโโโโโโโ
โโโโโโโโโโโโโโโโโโโโโ
โโโโโโโโโโโโโโโโโโโโโ
โโโโโโโโโโโโโโโโโโโโโ
โโโโโโโโโโโโโโโโโโโโโ
โโโโโโโโโโโโโโโโโโโโโ
โโโโโโโโโโโโโโโโโโโโโ
0 โคโโโโโโโโโโโโโโโโโโโโโ
Current: 78/100 โ
```
### Features
- **Trend arrows**: โ improving, โ degrading, โ stable
- **Threshold alerts**: Get warned when health drops or security issues spike
- **Technical debt tracking**: Monitor debt ratio over time
- **Review cadence**: Suggests optimal review frequency based on change rate
- **Code age distribution**: Track how your codebase ages
## ๐ฅ Team Metrics
Analyze developer productivity and collaboration patterns.
```bash
codevista team ./my-project/
```
### What It Analyzes
| Metric | Description |
|--------|-------------|
| **Lines per Author** | Added/removed/net per developer |
| **Commit Frequency** | Commits per day, burst vs steady patterns |
| **Files Touched** | Unique files per author |
| **Bus Factor** | People needed to understand 50% of code |
| **Code Ownership** | Pie chart data showing contribution share |
| **Review Coverage** | Estimate from commit messages |
| **Pair Programming** | Co-authored commit detection |
| **Time Zone Distribution** | When the team commits |
| **Onboarding Complexity** | How hard for a new contributor to ramp up |
### ๐๏ธ Architectural Decay Detector
Track how your codebase degrades over time using git history. Detects growing complexity, increasing coupling, code duplication, and predicts future state.
```bash
codevista decay ./my-project/
```
**What it analyzes:**
| Metric | Description |
|--------|-------------|
| **Complexity Growth** | How cyclomatic complexity changes across commits |
| **Coupling Growth** | How module interdependencies grow over time |
| **Duplication Growth** | Code duplication ratio changes |
| **Debt Velocity** | Technical debt accumulation rate per week |
| **Decay Hotspots** | Files degrading fastest (ranked by decay score) |
| **Predictions** | Linear regression forecasts for 12 weeks ahead |
| **Inflection Points** | Key commits where quality shifted significantly |
| **Interventions** | Prioritized refactoring recommendations |
**ASCII Report Example:**
```
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ ๐๏ธ ARCHITECTURAL DECAY ANALYSIS โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฃ
โ Repository: my-project โ
โ Is Git: Yes โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
๐ COMPLEXITY GROWTH
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
2026-01-15 avg CC: 8.2 [โโโโโโโโโโโโโโโโโโโโโโ]
2026-02-01 avg CC: 9.5 [โโโโโโโโโโโโโโโโโโโโโโ]
2026-02-15 avg CC: 11.3 [โโโโโโโโโโโโโโโโโโโโโโ]
2026-03-01 avg CC: 13.8 [โโโโโโโโโโโโโโโโโโโโโโ]
Trend: ๐ GROWING
๐ฅ DECAY HOTSPOTS (top 10)
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
๐ด 1. 45.2 [โโโโโโโโโโโโโโโโโโโโโโ] src/core/engine.py
๐ 2. 28.7 [โโโโโโโโโโโโโโโโโโโโโโ] src/api/handler.js
๐ก 3. 12.4 [โโโโโโโโโโโโโโโโโโโโโโ] src/utils/parser.py
๐ฎ PREDICTIONS (12 weeks forward)
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Avg complexity: 18.5
Debt lines: 2450
Confidence: moderate
๐ก RECOMMENDED INTERVENTIONS
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
๐ด [CRITICAL] src/core/engine.py
Action: refactor
break into smaller functions/modules; stabilize โ changes are volatile
```
### ๐งฌ CodeDNA Fingerprinter
Create unique DNA fingerprints for codebases โ identify projects, detect forks, spot cloned code.
```bash
# Generate fingerprint with ASCII barcode
codevista dna ./my-project/
# Save fingerprint for later comparison
codevista dna ./my-project/ --save fingerprint.json
# Compare two projects
codevista dna ./project-a/ --compare fingerprint.json
# Detect cloned files
codevista dna ./my-project/ --clones
```
**What it captures:**
| Component | Description |
|-----------|-------------|
| **Hash Patterns** | SHA-based profile of code structure patterns |
| **Language Distribution** | Language mix signature |
| **Complexity Distribution** | Complexity bucket fingerprint |
| **Dependency Topology** | Import graph topology hash |
| **Naming Conventions** | camelCase/snake_case/PascalCase ratios |
| **Comment Density** | Documentation coverage fingerprint |
| **Function Size** | Function size distribution |
| **File Size** | File size distribution |
| **Clone Detection** | Exact and near-clone detection via block hashing |
**Barcode Example:**
```
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ ๐งฌ CodeDNA Barcode โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโค
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโค
โ Project: my-project files: 42โ
โ Languages: Python 45.2%, JS 30.1%, HTML 15.3% โ
โ Naming: snake_case โ
โ Hash: a3f7c2b1e9d04586 โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Compact: [โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ]
a3f7c2b1e9d045867f2a9c3d1e8b4f6a...
```
## ๐ Lint Rules
CodeVista includes **36 language-specific lint rules** across 5 languages, enforcing popular style guides:
```bash
# Lint entire project
codevista lint ./my-project/
# Lint specific file
codevista lint ./src/app.py
# Filter by language
codevista lint ./project/ -l python -l javascript
# Filter by severity
codevista lint ./project/ -s error -s warning
# Include/exclude specific rules
codevista lint ./project/ --include-rule PY001 --exclude-rule PY010
# JSON output for CI
codevista lint ./project/ --json
# List all available rules
codevista lint --rules
```
### Supported Languages & Rules
| Language | Style Guide | Rules | Severity |
|----------|------------|-------|----------|
| **Python** | PEP 8 / Black | PY001โPY011 (11 rules) | error/warning/info |
| **JavaScript** | Airbnb | JS001โJS009 (9 rules) | error/warning/info |
| **TypeScript** | Airbnb (shared) | JS001โJS009 (9 rules) | error/warning/info |
| **Go** | gofmt | GO001โGO005 (5 rules) | error/warning |
| **Rust** | clippy-lite | RS001โRS005 (5 rules) | error/warning/info |
| **Java** | Google Style | JA001โJA006 (6 rules) | error/warning/info |
### Python (PEP 8 / Black)
| Rule | Severity | Description |
|------|----------|-------------|
| PY001 | warning | Max line length (88 for Black) |
| PY002 | error | No wildcard imports (`from x import *`) |
| PY003 | info | Import order: stdlib โ third-party โ local, alphabetized |
| PY004 | info | Two blank lines before top-level definitions |
| PY005 | info | One blank line before methods |
| PY006 | info | Spaces around operators |
| PY007 | info | Prefer f-strings over `.format()` / %-formatting |
| PY008 | info | Type hints on public functions |
| PY009 | warning | Naming conventions (snake_case, PascalCase, UPPER_CASE) |
| PY010 | info | No trailing whitespace |
| PY011 | warning | No multiple statements on one line |
### JavaScript/TypeScript (Airbnb)
| Rule | Severity | Description |
|------|----------|-------------|
| JS001 | error | No `var` โ use `const` or `let` |
| JS002 | info | Prefer template literals over string concatenation |
| JS003 | info | Use arrow functions for callbacks |
| JS004 | warning | Use `===` instead of `==` |
| JS005 | warning | 2-space indentation (no tabs) |
| JS006 | warning | No unused variables |
| JS007 | info | Prefer destructuring for repeated property access |
| JS008 | info | Use object shorthand syntax |
| JS009 | info | Trailing comma conventions |
### Go (gofmt)
| Rule | Severity | Description |
|------|----------|-------------|
| GO001 | error | Tab indentation required |
| GO002 | error | No unused imports |
| GO003 | warning | Exported names must have doc comment |
| GO004 | error | Error handling โ do not discard errors |
| GO005 | warning | No variable shadowing in inner scopes |
### Rust (clippy-lite)
| Rule | Severity | Description |
|------|----------|-------------|
| RS001 | error | No `.unwrap()` in production code |
| RS002 | warning | Use Option/Result properly (no `is_some().unwrap()`) |
| RS003 | error | No mutable statics |
| RS004 | info | Lint suppressions should be avoided |
| RS005 | error | Naming conventions (snake_case functions/vars) |
### Java (Google Style)
| Rule | Severity | Description |
|------|----------|-------------|
| JA001 | error | 4-space indentation (no tabs) |
| JA002 | warning | Javadoc on public methods |
| JA003 | error | No wildcard imports |
| JA004 | error | Braces required for control statements |
| JA005 | warning | Catch specific exceptions |
| JA006 | info | Use logger instead of `System.out.print` |
### Exit Codes
| Code | Meaning |
|------|---------|
| `0` | Clean โ no violations |
| `2` | Errors found |
## ๐ค Export Formats
Export analysis results in multiple formats for different use cases:
| Format | Use Case | Command |
|--------|----------|---------|
| **HTML** | Interactive report in browser | `codevista export . -f html` |
| **JSON** | Programmatic access, APIs | `codevista export . -f json` |
| **Markdown** | Documentation, READMEs, wikis | `codevista export . -f markdown` |
| **SARIF** | GitHub Code Scanning, CI/CD | `codevista export . -f sarif` |
| **CSV** | Spreadsheets, data analysis | `codevista export . -f csv` |
| **YAML** | CODE_METRICS format | `codevista export . -f yaml` |
| **PDF** | Printable reports | `codevista export . -f pdf` |
| **All formats** | Everything at once | `codevista export . --all` |
```bash
# CI integration with GitHub Code Scanning
codevista export ./project/ -f sarif -o results.sarif.json
# Export everything
codevista export ./project/ -o ./reports/codevista --all
```
## ๐ CI/CD Integration
CodeVista provides dedicated CI output formats with threshold-based pass/fail.
### Supported Formats
| Format | Platform | Command |
|--------|----------|---------|
| **SARIF** | GitHub Code Scanning | `codevista ci-output . -f sarif` |
| **GitLab Code Quality** | GitLab | `codevista ci-output . -f gitlab` |
| **Checkstyle XML** | Jenkins, GitHub Actions | `codevista ci-output . -f checkstyle` |
| **JUnit XML** | Any CI with JUnit support | `codevista ci-output . -f junit` |
| **Markdown** | PR comments | `codevista ci-output . -f markdown` |
| **Terminal** | Quick terminal output | `codevista ci-output . -f terminal` |
### Exit Codes
| Code | Meaning | Description |
|------|---------|-------------|
| `0` | Clean | All thresholds passed |
| `1` | Warnings | Medium-severity threshold violations |
| `2` | Errors | High-severity violations (health, complexity) |
| `3` | Critical | Critical security issues or severe degradation |
### Threshold Configuration
Create `.codevista.json` in your project root:
```json
{
"max_security_critical": 0,
"max_security_high": 0,
"max_security_medium": 5,
"max_security_total": 10,
"max_avg_complexity": 10,
"max_technical_debt_ratio": 0.25,
"min_health_score": 60,
"max_duplicates": 10,
"max_circular_deps": 0,
"max_todo_count": 50
}
```
```bash
# Run with exit codes (CI will fail if thresholds violated)
codevista ci-output ./project/ -f sarif -o results.sarif.json
echo "Exit code: $?" # 0=clean, 1=warnings, 2=errors, 3=critical
```
## ๐ณ Docker
```bash
# Build
docker build -t codevista .
# Analyze a project
docker run --rm -v $(pwd):/workspace codevista analyze /workspace
# Use docker-compose
docker-compose up
```
The Docker image uses multi-stage builds for minimal size, runs as non-root, and includes `wkhtmltopdf` for PDF export.
## ๐จ Report Features
- **Single HTML file** โ share anywhere, works offline forever
- **Dark/light mode** toggle
- **Interactive tables** โ sort by any column, filter by language, search
- **Inline SVG charts** โ no external JS libraries
- **Collapsible sections**
- **Print-friendly**
- **Responsive** โ works on mobile
## ๐ Comparison
| Feature | CodeVista | SonarQube | CodeClimate | lizard |
|---------|-----------|-----------|-------------|--------|
| Setup | `pip install` | Docker/Server | SaaS / CLI | `pip install` |
| Dependencies | **Zero** | Heavy (Java + DB) | Docker (CLI) | None |
| Output | **Single HTML** | Web UI | Web UI | CLI text |
| Offline | โ
| โ | โ | โ
|
| Security scan | โ
60+ patterns | โ
extensive | โ
plugins | โ |
| Git analysis | โ
| โ
| โ
| โ |
| Visual charts | โ
inline SVG | โ
| โ
| โ |
| Code smell detection | โ
19 categories | โ
extensive | โ
maintainability | โ |
| Architecture patterns | โ
**12+ patterns** | โ | โ | โ |
| Code age analysis | โ
| Partial | โ | โ |
| SARIF export | โ
| โ
| โ | โ |
| Cost | **Free** | Free/Paid | Paid | Free |
| Server needed | **No** | Yes | Yes | No |
> **Note:** SonarQube and CodeClimate are mature enterprise tools with deeper language coverage and IDE integrations. CodeVista differentiates by being zero-setup, offline-capable, and producing shareable single-file HTML reports โ ideal for quick audits, CI pipelines, and open-source projects.
## ๐ What Makes CodeVista Unique
1. **Zero dependencies** โ pure Python stdlib, no pip install headaches
2. **Single HTML output** โ share one file, works offline forever, no server
3. **Code smell detection** โ 19 smell categories with AST-level Python analysis
4. **Architecture pattern detection** โ identifies 12+ patterns from structure + code
5. **Code age ร risk correlation** โ statistical analysis of age, complexity, and churn
6. **Multi-format export** โ HTML, JSON, Markdown, SARIF, CSV, YAML, PDF
7. **Docker support** โ multi-stage build, non-root user, PDF-ready
8. **Beautiful design** โ dark mode, glassmorphism, inline SVG charts, animations
9. **Works on any codebase** โ 65+ languages, no configuration needed
10. **CI/CD ready** โ SARIF export for GitHub Code Scanning integration
## ๐๏ธ Architecture
```
codevista/
โโโ cli.py # CLI interface (argparse)
โโโ analyzer.py # Core analysis engine
โโโ report.py # HTML report generator
โโโ metrics.py # Health scores & recommendations
โโโ smells.py # Code smell detection (19 categories)
โโโ architecture.py # Architecture pattern detector
โโโ code_age.py # Code age & risk analysis
โโโ export.py # Multi-format export (HTML/JSON/MD/SARIF/CSV/YAML/PDF)
โโโ security.py # Secret/vulnerability scanning
โโโ dependencies.py # Dependency parsing & analysis
โโโ git_analysis.py # Git stats extraction
โโโ trends.py # Trend analysis & snapshot tracking
โโโ team.py # Team metrics & collaboration analysis
โโโ integrations.py # CI/CD output (SARIF, Checkstyle, JUnit, GitLab)
โโโ decay.py # Architectural decay detector
โโโ codedna.py # CodeDNA fingerprinter
โโโ lint_rules.py # Language-specific lint rules (PEP 8, Airbnb, gofmt, clippy, Google)
โโโ languages.py # Language definitions & colors
โโโ config.py # Configuration & ignore patterns
โโโ utils.py # Utilities & color schemes
โโโ templates/ # HTML templates
```
## ๐ ๏ธ Tech Stack
- **Python 3.9+** (stdlib only)
- **Inline SVG** for all charts
- **CSS custom properties** for theming
- **Vanilla JavaScript** for interactivity
- **AST parsing** for deep code analysis (Python)
## ๐ค Contributing
1. Fork it
2. Create your feature branch (`git checkout -b feature/amazing`)
3. Commit your changes (`git commit -m 'Add amazing feature'`)
4. Push to the branch (`git push origin feature/amazing`)
5. Open a Pull Request
## โญ Star History
## ๐ License
MIT ยฉ 2026 โ see [LICENSE](LICENSE)
## ๐ก Why CodeVista?
- **Zero dependencies** โ Pure Python, no Node.js, no databases, no external tools
- **65+ languages** โ Works with virtually any codebase out of the box
- **Stunning HTML reports** โ Beautiful, interactive reports you'll actually want to read
- **Security-first** โ 60+ secret detection patterns including Stripe, AWS, GitHub tokens
- **Unique features** โ CodeDNA fingerprinting and architectural decay detection (no other tool has this)
- **CI/CD ready** โ SARIF, Checkstyle, and JUnit XML output formats
## ๐ฅ Use Cases
| Use Case | How |
|----------|-----|
| **Individual Developers** | Get a health score for your project, find security issues |
| **Engineering Teams** | Track code quality trends, compare team member metrics |
| **CI/CD Pipelines** | Generate SARIF reports for GitHub Code Scanning |
| **Open Source Maintainers** | Analyze PR quality, detect code smells automatically |
| **Code Reviews** | Get automated feedback on architecture, complexity, and duplication |
| **Education** | Teach code quality concepts with visual, interactive reports |
## ๐ Other Projects
Check out more open-source tools:
| Project | Description | Stars |
|---------|-------------|-------|
| [๐ก๏ธ AI Code Trust Validator](https://github.com/rudra496/ai-code-trust-validator) | Detect security flaws, hallucinations & logic errors in AI-generated code |  |
| [๐ค TermMind](https://github.com/rudra496/termmind) | AI-powered terminal assistant with 7 providers |  |
---
## ๐ Connect
- [](https://github.com/rudra496)
- [](https://www.linkedin.com/in/rudrasarker)
- [](https://x.com/Rudra496)
- [](https://www.facebook.com/rudrasarker130)
- [](https://youtube.com/@rudrasarker9732)
- [](https://dev.to/rudra_sarker)
- [](https://www.researchgate.net/profile/Rudra-Sarker-3)
---
Built with โค๏ธ by rudra496 ยท LinkedIn
MIT License ยท Free & Open Source Forever
---
## More Open Source Projects
| Project | Stars | Description |
|---------|-------|-------------|
| [StealthHumanizer](https://github.com/rudra496/StealthHumanizer) |  | Free AI text humanizer โ 13 providers, no login |
| [EdgeBrain](https://github.com/rudra496/EdgeBrain) |  | Edge AI inference โ sub-100ms, no cloud |
| [DevRoadmaps](https://github.com/rudra496/devroadmaps) |  | 17 career paths, 1700+ free resources |
| [Nexus Agent](https://github.com/rudra496/nexus-agent) |  | Self-evolving local AI agent framework |
| [MindWell](https://github.com/rudra496/mindwell) |  | Free mental health support platform |
| [ScienceLab 3D](https://github.com/rudra496/sciencelab3d) |  | 40+ virtual STEM experiments |
| [SightlineAI](https://github.com/rudra496/sightlineai) |  | AI smart glasses for the blind |
---
**[โญ Star this repo](../../stargazers) ยท [๐ด Fork it](../../fork) ยท [๐ค Follow @rudra496](https://github.com/rudra496)**
## Connect
- [](https://github.com/rudra496)
- [](https://www.linkedin.com/in/rudrasarker)
- [](https://x.com/Rudra496)
- [](https://youtube.com/@rudrasarker9732)
- [](https://dev.to/rudra_sarker)