Spaces:

unit731
/

cyber_llm

Running

App Files Files Community

cyber_llm / src /analysis /code_reviewer.py

unit731

Upload core Cyber-LLM platform components

23804b3 verified 7 days ago

raw

history blame contribute delete

42 kB

	"""
	Code Review and Analysis Suite for Cyber-LLM
	Advanced static analysis, security review, and optimization identification

	Author: Muzan Sano <[email protected]>
	"""

	import ast
	import re
	import os
	import json
	import asyncio
	import logging
	from pathlib import Path
	from typing import Dict, List, Any, Optional, Set, Tuple
	from dataclasses import dataclass, field
	from datetime import datetime
	import subprocess
	from collections import defaultdict, Counter

	# Security analysis imports
	import bandit
	from bandit.core.config import BanditConfig
	from bandit.core.manager import BanditManager

	# Code quality imports
	try:
	import pylint.lint
	import flake8.api.legacy as flake8
	from mypy import api as mypy_api
	except ImportError:
	print("Install code quality tools: pip install pylint flake8 mypy")

	@dataclass
	class CodeIssue:
	"""Represents a code issue found during analysis"""
	file_path: str
	line_number: int
	severity: str # critical, high, medium, low, info
	issue_type: str # security, performance, maintainability, style, bug
	description: str
	recommendation: str
	confidence: float = 1.0
	cwe_id: Optional[str] = None # Common Weakness Enumeration ID

	@dataclass
	class ReviewResults:
	"""Complete code review results"""
	total_files_analyzed: int
	total_lines_analyzed: int
	issues: List[CodeIssue] = field(default_factory=list)
	metrics: Dict[str, Any] = field(default_factory=dict)
	security_score: float = 0.0
	maintainability_score: float = 0.0
	performance_score: float = 0.0
	overall_score: float = 0.0

	class SecurityAnalyzer:
	"""Advanced security analysis for cybersecurity applications"""

	def __init__(self):
	self.logger = logging.getLogger("security_analyzer")

	# Custom security patterns for cybersecurity tools
	self.security_patterns = {
	"hardcoded_credentials": [
	r"password\s=\s['\"][^'\"]{3,}['\"]",
	r"api_key\s=\s['\"][^'\"]{10,}['\"]",
	r"secret\s=\s['\"][^'\"]{8,}['\"]",
	r"token\s=\s['\"][^'\"]{16,}['\"]"
	],
	"command_injection": [
	r"os\.system\s*\(",
	r"subprocess\.call\s*\(",
	r"subprocess\.run\s*\(",
	r"eval\s*\(",
	r"exec\s*\("
	],
	"sql_injection": [
	r"execute\s\(\s['\"].%s.['\"]",
	r"cursor\.execute\s\(\s[f]?['\"].\{.\}.*['\"]"
	],
	"path_traversal": [
	r"open\s\(\s.\+.\)",
	r"file\s\(\s.\+.\)",
	r"\.\./"
	],
	"insecure_random": [
	r"random\.random\(\)",
	r"random\.choice\(",
	r"random\.randint\("
	]
	}

	async def analyze_security(self, file_paths: List[str]) -> List[CodeIssue]:
	"""Comprehensive security analysis"""

	security_issues = []

	for file_path in file_paths:
	if not file_path.endswith('.py'):
	continue

	self.logger.info(f"Security analysis: {file_path}")

	try:
	# Read file content
	with open(file_path, 'r', encoding='utf-8') as f:
	content = f.read()

	# Pattern-based security analysis
	pattern_issues = await self._analyze_security_patterns(file_path, content)
	security_issues.extend(pattern_issues)

	# AST-based security analysis
	ast_issues = await self._analyze_ast_security(file_path, content)
	security_issues.extend(ast_issues)

	# Bandit integration for comprehensive security scanning
	bandit_issues = await self._run_bandit_analysis(file_path)
	security_issues.extend(bandit_issues)

	except Exception as e:
	self.logger.error(f"Error analyzing {file_path}: {str(e)}")
	security_issues.append(CodeIssue(
	file_path=file_path,
	line_number=0,
	severity="medium",
	issue_type="security",
	description=f"Analysis error: {str(e)}",
	recommendation="Manual review required"
	))

	return security_issues

	async def _analyze_security_patterns(self, file_path: str, content: str) -> List[CodeIssue]:
	"""Pattern-based security vulnerability detection"""

	issues = []
	lines = content.split('\n')

	for category, patterns in self.security_patterns.items():
	for pattern in patterns:
	for line_num, line in enumerate(lines, 1):
	if re.search(pattern, line, re.IGNORECASE):
	severity, recommendation = self._get_security_severity(category, line)

	issues.append(CodeIssue(
	file_path=file_path,
	line_number=line_num,
	severity=severity,
	issue_type="security",
	description=f"Potential {category.replace('_', ' ')}: {line.strip()}",
	recommendation=recommendation,
	confidence=0.8
	))

	return issues

	async def _analyze_ast_security(self, file_path: str, content: str) -> List[CodeIssue]:
	"""AST-based security analysis for complex patterns"""

	issues = []

	try:
	tree = ast.parse(content)

	class SecurityVisitor(ast.NodeVisitor):
	def __init__(self):
	self.issues = []

	def visit_Call(self, node):
	# Check for dangerous function calls
	if isinstance(node.func, ast.Name):
	func_name = node.func.id

	if func_name in ['eval', 'exec']:
	self.issues.append(CodeIssue(
	file_path=file_path,
	line_number=node.lineno,
	severity="critical",
	issue_type="security",
	description=f"Dangerous function call: {func_name}",
	recommendation="Avoid using eval/exec, use safer alternatives",
	cwe_id="CWE-94"
	))

	elif isinstance(node.func, ast.Attribute):
	if (isinstance(node.func.value, ast.Name) and
	node.func.value.id == 'os' and
	node.func.attr == 'system'):

	self.issues.append(CodeIssue(
	file_path=file_path,
	line_number=node.lineno,
	severity="high",
	issue_type="security",
	description="Command injection risk: os.system()",
	recommendation="Use subprocess with shell=False",
	cwe_id="CWE-78"
	))

	self.generic_visit(node)

	def visit_Import(self, node):
	for alias in node.names:
	if alias.name in ['pickle', 'cPickle']:
	self.issues.append(CodeIssue(
	file_path=file_path,
	line_number=node.lineno,
	severity="medium",
	issue_type="security",
	description="Insecure deserialization: pickle import",
	recommendation="Use json or safer serialization methods",
	cwe_id="CWE-502"
	))

	self.generic_visit(node)

	visitor = SecurityVisitor()
	visitor.visit(tree)
	issues.extend(visitor.issues)

	except SyntaxError as e:
	issues.append(CodeIssue(
	file_path=file_path,
	line_number=e.lineno or 0,
	severity="high",
	issue_type="security",
	description=f"Syntax error prevents security analysis: {str(e)}",
	recommendation="Fix syntax errors before security analysis"
	))

	return issues

	async def _run_bandit_analysis(self, file_path: str) -> List[CodeIssue]:
	"""Run Bandit security scanner"""

	issues = []

	try:
	# Configure Bandit
	config = BanditConfig()
	manager = BanditManager(config, 'file')
	manager.discover_files([file_path])
	manager.run_tests()

	# Convert Bandit results to CodeIssue format
	for result in manager.get_issue_list():
	issues.append(CodeIssue(
	file_path=result.filename,
	line_number=result.lineno,
	severity=result.severity,
	issue_type="security",
	description=result.text,
	recommendation=f"Bandit {result.test_id}: {result.text}",
	confidence=self._convert_bandit_confidence(result.confidence),
	cwe_id=getattr(result, 'cwe_id', None)
	))

	except Exception as e:
	self.logger.warning(f"Bandit analysis failed for {file_path}: {str(e)}")

	return issues

	def _get_security_severity(self, category: str, line: str) -> Tuple[str, str]:
	"""Get severity and recommendation for security issue"""

	severity_map = {
	"hardcoded_credentials": ("critical", "Use environment variables or secure vaults"),
	"command_injection": ("critical", "Use parameterized commands and input validation"),
	"sql_injection": ("critical", "Use parameterized queries and prepared statements"),
	"path_traversal": ("high", "Validate and sanitize file paths"),
	"insecure_random": ("medium", "Use cryptographically secure random functions")
	}

	return severity_map.get(category, ("medium", "Review for security implications"))

	def _convert_bandit_confidence(self, confidence: str) -> float:
	"""Convert Bandit confidence to numeric value"""

	confidence_map = {
	"HIGH": 0.9,
	"MEDIUM": 0.7,
	"LOW": 0.5
	}

	return confidence_map.get(confidence, 0.6)

	class PerformanceAnalyzer:
	"""Performance analysis and optimization identification"""

	def __init__(self):
	self.logger = logging.getLogger("performance_analyzer")

	self.performance_patterns = {
	"inefficient_loops": [
	r"for.in.range\(len\(",
	r"while.*len\("
	],
	"string_concatenation": [
	r"\+\s['\"].['\"]",
	r".\+=.['\"]"
	],
	"global_variables": [
	r"^global\s+\w+"
	],
	"nested_loops": [], # Detected via AST
	"database_queries_in_loops": [], # Detected via AST
	}

	async def analyze_performance(self, file_paths: List[str]) -> List[CodeIssue]:
	"""Comprehensive performance analysis"""

	performance_issues = []

	for file_path in file_paths:
	if not file_path.endswith('.py'):
	continue

	self.logger.info(f"Performance analysis: {file_path}")

	try:
	with open(file_path, 'r', encoding='utf-8') as f:
	content = f.read()

	# Pattern-based analysis
	pattern_issues = await self._analyze_performance_patterns(file_path, content)
	performance_issues.extend(pattern_issues)

	# AST-based analysis for complex patterns
	ast_issues = await self._analyze_ast_performance(file_path, content)
	performance_issues.extend(ast_issues)

	except Exception as e:
	self.logger.error(f"Error analyzing {file_path}: {str(e)}")

	return performance_issues

	async def _analyze_performance_patterns(self, file_path: str, content: str) -> List[CodeIssue]:
	"""Pattern-based performance issue detection"""

	issues = []
	lines = content.split('\n')

	for category, patterns in self.performance_patterns.items():
	if not patterns: # Skip empty pattern lists
	continue

	for pattern in patterns:
	for line_num, line in enumerate(lines, 1):
	if re.search(pattern, line):
	severity, recommendation = self._get_performance_severity(category)

	issues.append(CodeIssue(
	file_path=file_path,
	line_number=line_num,
	severity=severity,
	issue_type="performance",
	description=f"Performance issue - {category.replace('_', ' ')}: {line.strip()}",
	recommendation=recommendation
	))

	return issues

	async def _analyze_ast_performance(self, file_path: str, content: str) -> List[CodeIssue]:
	"""AST-based performance analysis"""

	issues = []

	try:
	tree = ast.parse(content)

	class PerformanceVisitor(ast.NodeVisitor):
	def __init__(self):
	self.issues = []
	self.loop_depth = 0
	self.in_loop = False

	def visit_For(self, node):
	self.loop_depth += 1
	old_in_loop = self.in_loop
	self.in_loop = True

	# Check for nested loops
	if self.loop_depth > 2:
	self.issues.append(CodeIssue(
	file_path=file_path,
	line_number=node.lineno,
	severity="medium",
	issue_type="performance",
	description="Deeply nested loops detected",
	recommendation="Consider algorithm optimization or breaking into functions"
	))

	self.generic_visit(node)
	self.loop_depth -= 1
	self.in_loop = old_in_loop

	def visit_While(self, node):
	self.loop_depth += 1
	old_in_loop = self.in_loop
	self.in_loop = True

	if self.loop_depth > 2:
	self.issues.append(CodeIssue(
	file_path=file_path,
	line_number=node.lineno,
	severity="medium",
	issue_type="performance",
	description="Deeply nested while loops detected",
	recommendation="Consider algorithm optimization"
	))

	self.generic_visit(node)
	self.loop_depth -= 1
	self.in_loop = old_in_loop

	def visit_Call(self, node):
	# Check for database calls in loops
	if self.in_loop and isinstance(node.func, ast.Attribute):
	method_name = node.func.attr
	if method_name in ['execute', 'query', 'find', 'get']:
	self.issues.append(CodeIssue(
	file_path=file_path,
	line_number=node.lineno,
	severity="high",
	issue_type="performance",
	description="Potential database query in loop",
	recommendation="Move query outside loop or use batch operations"
	))

	self.generic_visit(node)

	visitor = PerformanceVisitor()
	visitor.visit(tree)
	issues.extend(visitor.issues)

	except SyntaxError:
	pass # Skip files with syntax errors

	return issues

	def _get_performance_severity(self, category: str) -> Tuple[str, str]:
	"""Get severity and recommendation for performance issue"""

	severity_map = {
	"inefficient_loops": ("medium", "Use enumerate() or direct iteration"),
	"string_concatenation": ("low", "Use string formatting or join() for multiple concatenations"),
	"global_variables": ("low", "Consider using class attributes or function parameters"),
	"nested_loops": ("medium", "Optimize algorithm complexity"),
	"database_queries_in_loops": ("high", "Use batch operations or optimize query placement")
	}

	return severity_map.get(category, ("low", "Review for performance implications"))

	class MaintainabilityAnalyzer:
	"""Code maintainability and quality analysis"""

	def __init__(self):
	self.logger = logging.getLogger("maintainability_analyzer")

	async def analyze_maintainability(self, file_paths: List[str]) -> Tuple[List[CodeIssue], Dict[str, Any]]:
	"""Comprehensive maintainability analysis"""

	maintainability_issues = []
	metrics = {
	"complexity_metrics": {},
	"documentation_coverage": 0.0,
	"code_duplication": {},
	"naming_conventions": {}
	}

	for file_path in file_paths:
	if not file_path.endswith('.py'):
	continue

	self.logger.info(f"Maintainability analysis: {file_path}")

	try:
	with open(file_path, 'r', encoding='utf-8') as f:
	content = f.read()

	# Complexity analysis
	complexity_issues, complexity_metrics = await self._analyze_complexity(file_path, content)
	maintainability_issues.extend(complexity_issues)
	metrics["complexity_metrics"][file_path] = complexity_metrics

	# Documentation analysis
	doc_issues, doc_metrics = await self._analyze_documentation(file_path, content)
	maintainability_issues.extend(doc_issues)

	# Code duplication detection
	duplication_issues = await self._detect_code_duplication(file_path, content)
	maintainability_issues.extend(duplication_issues)

	except Exception as e:
	self.logger.error(f"Error analyzing {file_path}: {str(e)}")

	return maintainability_issues, metrics

	async def _analyze_complexity(self, file_path: str, content: str) -> Tuple[List[CodeIssue], Dict[str, Any]]:
	"""Analyze cyclomatic complexity and other complexity metrics"""

	issues = []
	metrics = {
	"cyclomatic_complexity": 0,
	"lines_of_code": 0,
	"function_count": 0,
	"class_count": 0,
	"max_function_complexity": 0
	}

	try:
	tree = ast.parse(content)

	class ComplexityVisitor(ast.NodeVisitor):
	def __init__(self):
	self.complexity = 1 # Base complexity
	self.function_complexities = []
	self.function_count = 0
	self.class_count = 0
	self.current_function = None
	self.current_complexity = 1

	def visit_FunctionDef(self, node):
	self.function_count += 1
	old_complexity = self.current_complexity
	old_function = self.current_function

	self.current_function = node.name
	self.current_complexity = 1

	self.generic_visit(node)

	# Check if function complexity is too high
	if self.current_complexity > 10:
	issues.append(CodeIssue(
	file_path=file_path,
	line_number=node.lineno,
	severity="medium",
	issue_type="maintainability",
	description=f"High cyclomatic complexity in function '{node.name}': {self.current_complexity}",
	recommendation="Consider breaking down function into smaller functions"
	))

	self.function_complexities.append(self.current_complexity)
	self.current_complexity = old_complexity
	self.current_function = old_function

	def visit_ClassDef(self, node):
	self.class_count += 1
	self.generic_visit(node)

	def visit_If(self, node):
	self.current_complexity += 1
	self.generic_visit(node)

	def visit_For(self, node):
	self.current_complexity += 1
	self.generic_visit(node)

	def visit_While(self, node):
	self.current_complexity += 1
	self.generic_visit(node)

	def visit_Try(self, node):
	self.current_complexity += len(node.handlers)
	self.generic_visit(node)

	visitor = ComplexityVisitor()
	visitor.visit(tree)

	lines = content.split('\n')
	metrics["lines_of_code"] = len([line for line in lines if line.strip() and not line.strip().startswith('#')])
	metrics["function_count"] = visitor.function_count
	metrics["class_count"] = visitor.class_count
	metrics["cyclomatic_complexity"] = sum(visitor.function_complexities) if visitor.function_complexities else 1
	metrics["max_function_complexity"] = max(visitor.function_complexities) if visitor.function_complexities else 0

	except SyntaxError:
	pass # Skip files with syntax errors

	return issues, metrics

	async def _analyze_documentation(self, file_path: str, content: str) -> Tuple[List[CodeIssue], Dict[str, Any]]:
	"""Analyze documentation coverage and quality"""

	issues = []
	metrics = {"documented_functions": 0, "total_functions": 0}

	try:
	tree = ast.parse(content)

	class DocVisitor(ast.NodeVisitor):
	def __init__(self):
	self.total_functions = 0
	self.documented_functions = 0

	def visit_FunctionDef(self, node):
	self.total_functions += 1

	# Check if function has docstring
	if (node.body and
	isinstance(node.body[0], ast.Expr) and
	isinstance(node.body[0].value, ast.Str)):
	self.documented_functions += 1
	else:
	# Only report missing docstrings for non-private functions
	if not node.name.startswith('_'):
	issues.append(CodeIssue(
	file_path=file_path,
	line_number=node.lineno,
	severity="low",
	issue_type="maintainability",
	description=f"Missing docstring for function '{node.name}'",
	recommendation="Add descriptive docstring"
	))

	self.generic_visit(node)

	def visit_ClassDef(self, node):
	# Check if class has docstring
	if not (node.body and
	isinstance(node.body[0], ast.Expr) and
	isinstance(node.body[0].value, ast.Str)):
	issues.append(CodeIssue(
	file_path=file_path,
	line_number=node.lineno,
	severity="low",
	issue_type="maintainability",
	description=f"Missing docstring for class '{node.name}'",
	recommendation="Add descriptive class docstring"
	))

	self.generic_visit(node)

	visitor = DocVisitor()
	visitor.visit(tree)

	metrics["documented_functions"] = visitor.documented_functions
	metrics["total_functions"] = visitor.total_functions

	except SyntaxError:
	pass

	return issues, metrics

	async def _detect_code_duplication(self, file_path: str, content: str) -> List[CodeIssue]:
	"""Detect code duplication patterns"""

	issues = []
	lines = content.split('\n')

	# Simple line-based duplication detection
	line_counts = Counter()

	for line_num, line in enumerate(lines, 1):
	stripped = line.strip()
	if len(stripped) > 20 and not stripped.startswith('#'): # Ignore short lines and comments
	line_counts[stripped] += 1

	if line_counts[stripped] == 3: # Report after 3 occurrences
	issues.append(CodeIssue(
	file_path=file_path,
	line_number=line_num,
	severity="low",
	issue_type="maintainability",
	description=f"Potential code duplication: {stripped[:50]}...",
	recommendation="Consider extracting common code into functions"
	))

	return issues

	class ComprehensiveCodeReviewer:
	"""Main code review orchestrator"""

	def __init__(self):
	self.logger = logging.getLogger("code_reviewer")
	self.security_analyzer = SecurityAnalyzer()
	self.performance_analyzer = PerformanceAnalyzer()
	self.maintainability_analyzer = MaintainabilityAnalyzer()

	async def conduct_comprehensive_review(self, project_path: str,
	include_patterns: Optional[List[str]] = None,
	exclude_patterns: Optional[List[str]] = None) -> ReviewResults:
	"""Conduct comprehensive code review"""

	self.logger.info(f"Starting comprehensive code review of {project_path}")
	start_time = datetime.now()

	# Discover files to analyze
	file_paths = await self._discover_files(project_path, include_patterns, exclude_patterns)

	if not file_paths:
	self.logger.warning("No files found for analysis")
	return ReviewResults(0, 0)

	self.logger.info(f"Analyzing {len(file_paths)} files")

	# Calculate total lines
	total_lines = 0
	for file_path in file_paths:
	try:
	with open(file_path, 'r', encoding='utf-8') as f:
	total_lines += len(f.readlines())
	except:
	pass

	# Run all analyzers concurrently
	security_task = asyncio.create_task(self.security_analyzer.analyze_security(file_paths))
	performance_task = asyncio.create_task(self.performance_analyzer.analyze_performance(file_paths))
	maintainability_task = asyncio.create_task(self.maintainability_analyzer.analyze_maintainability(file_paths))

	# Wait for all analyses to complete
	security_issues = await security_task
	performance_issues = await performance_task
	maintainability_issues, maintainability_metrics = await maintainability_task

	# Combine all issues
	all_issues = security_issues + performance_issues + maintainability_issues

	# Calculate scores
	security_score = await self._calculate_security_score(security_issues)
	maintainability_score = await self._calculate_maintainability_score(maintainability_issues)
	performance_score = await self._calculate_performance_score(performance_issues)

	overall_score = (security_score + maintainability_score + performance_score) / 3

	# Create comprehensive results
	results = ReviewResults(
	total_files_analyzed=len(file_paths),
	total_lines_analyzed=total_lines,
	issues=all_issues,
	metrics=maintainability_metrics,
	security_score=security_score,
	maintainability_score=maintainability_score,
	performance_score=performance_score,
	overall_score=overall_score
	)

	# Generate review report
	await self._generate_review_report(results, project_path)

	duration = datetime.now() - start_time
	self.logger.info(f"Code review completed in {duration.total_seconds():.2f}s")
	self.logger.info(f"Overall score: {overall_score:.1f}/100")

	return results

	async def _discover_files(self, project_path: str,
	include_patterns: Optional[List[str]] = None,
	exclude_patterns: Optional[List[str]] = None) -> List[str]:
	"""Discover files to analyze"""

	file_paths = []
	project_path = Path(project_path)

	include_patterns = include_patterns or ['*.py']
	exclude_patterns = exclude_patterns or [
	'/venv/', '/env/', '/__pycache__/',
	'/node_modules/', '/./', '/.git/*'
	]

	def should_include(file_path: Path) -> bool:
	path_str = str(file_path)

	# Check exclude patterns
	for exclude in exclude_patterns:
	if exclude.replace('', '.') in path_str:
	return False

	# Check include patterns
	for include in include_patterns:
	if file_path.match(include):
	return True

	return False

	# Walk through project directory
	for root, dirs, files in os.walk(project_path):
	# Skip hidden and excluded directories
	dirs[:] = [d for d in dirs if not d.startswith('.') and d not in ['__pycache__', 'venv', 'env']]

	for file in files:
	file_path = Path(root) / file
	if should_include(file_path):
	file_paths.append(str(file_path))

	return file_paths

	async def _calculate_security_score(self, security_issues: List[CodeIssue]) -> float:
	"""Calculate security score based on issues found"""

	if not security_issues:
	return 100.0

	severity_weights = {
	"critical": -20,
	"high": -10,
	"medium": -5,
	"low": -2,
	"info": -1
	}

	total_deduction = sum(severity_weights.get(issue.severity, -1) for issue in security_issues)
	return max(0, 100 + total_deduction)

	async def _calculate_maintainability_score(self, maintainability_issues: List[CodeIssue]) -> float:
	"""Calculate maintainability score"""

	base_score = 100.0

	for issue in maintainability_issues:
	if issue.severity == "high":
	base_score -= 5
	elif issue.severity == "medium":
	base_score -= 3
	else:
	base_score -= 1

	return max(0, base_score)

	async def _calculate_performance_score(self, performance_issues: List[CodeIssue]) -> float:
	"""Calculate performance score"""

	base_score = 100.0

	for issue in performance_issues:
	if issue.severity == "high":
	base_score -= 8
	elif issue.severity == "medium":
	base_score -= 4
	else:
	base_score -= 2

	return max(0, base_score)

	async def _generate_review_report(self, results: ReviewResults, project_path: str):
	"""Generate comprehensive review report"""

	report = {
	"review_summary": {
	"project_path": project_path,
	"review_date": datetime.now().isoformat(),
	"files_analyzed": results.total_files_analyzed,
	"lines_analyzed": results.total_lines_analyzed,
	"total_issues": len(results.issues),
	"scores": {
	"security": results.security_score,
	"maintainability": results.maintainability_score,
	"performance": results.performance_score,
	"overall": results.overall_score
	}
	},
	"issue_breakdown": {
	"by_severity": {},
	"by_type": {},
	"by_file": {}
	},
	"recommendations": [],
	"detailed_issues": []
	}

	# Analyze issue breakdown
	severity_counts = Counter(issue.severity for issue in results.issues)
	type_counts = Counter(issue.issue_type for issue in results.issues)
	file_counts = Counter(issue.file_path for issue in results.issues)

	report["issue_breakdown"]["by_severity"] = dict(severity_counts)
	report["issue_breakdown"]["by_type"] = dict(type_counts)
	report["issue_breakdown"]["by_file"] = dict(file_counts.most_common(10)) # Top 10 files

	# Generate high-level recommendations
	if severity_counts.get("critical", 0) > 0:
	report["recommendations"].append("Address critical security vulnerabilities immediately")

	if severity_counts.get("high", 0) > 5:
	report["recommendations"].append("Focus on high-severity issues for immediate improvement")

	if results.security_score < 70:
	report["recommendations"].append("Conduct security training and implement secure coding practices")

	if results.maintainability_score < 70:
	report["recommendations"].append("Improve code documentation and reduce complexity")

	if results.performance_score < 70:
	report["recommendations"].append("Optimize performance bottlenecks and algorithmic efficiency")

	# Add detailed issues (top 50 most severe)
	sorted_issues = sorted(results.issues,
	key=lambda x: {"critical": 4, "high": 3, "medium": 2, "low": 1, "info": 0}.get(x.severity, 0),
	reverse=True)

	for issue in sorted_issues[:50]:
	report["detailed_issues"].append({
	"file": issue.file_path,
	"line": issue.line_number,
	"severity": issue.severity,
	"type": issue.issue_type,
	"description": issue.description,
	"recommendation": issue.recommendation,
	"confidence": issue.confidence,
	"cwe_id": issue.cwe_id
	})

	# Save report
	report_path = Path(project_path) / "code_review_report.json"
	with open(report_path, 'w', encoding='utf-8') as f:
	json.dump(report, f, indent=2, ensure_ascii=False)

	self.logger.info(f"Review report saved to {report_path}")

	# Also create a summary markdown report
	await self._generate_markdown_summary(report, project_path)

	async def _generate_markdown_summary(self, report: Dict[str, Any], project_path: str):
	"""Generate markdown summary report"""

	summary_path = Path(project_path) / "CODE_REVIEW_SUMMARY.md"

	with open(summary_path, 'w', encoding='utf-8') as f:
	f.write("# Code Review Summary\n\n")

	# Overview
	f.write("## Overview\n\n")
	f.write(f"- Files Analyzed: {report['review_summary']['files_analyzed']}\n")
	f.write(f"- Lines Analyzed: {report['review_summary']['lines_analyzed']}\n")
	f.write(f"- Total Issues: {report['review_summary']['total_issues']}\n\n")

	# Scores
	f.write("## Scores\n\n")
	scores = report['review_summary']['scores']
	f.write(f"- Overall Score: {scores['overall']:.1f}/100\n")
	f.write(f"- Security Score: {scores['security']:.1f}/100\n")
	f.write(f"- Maintainability Score: {scores['maintainability']:.1f}/100\n")
	f.write(f"- Performance Score: {scores['performance']:.1f}/100\n\n")

	# Issue breakdown
	f.write("## Issue Breakdown\n\n")

	f.write("### By Severity\n\n")
	for severity, count in report['issue_breakdown']['by_severity'].items():
	f.write(f"- {severity.title()}: {count}\n")
	f.write("\n")

	f.write("### By Type\n\n")
	for issue_type, count in report['issue_breakdown']['by_type'].items():
	f.write(f"- {issue_type.title()}: {count}\n")
	f.write("\n")

	# Recommendations
	f.write("## Recommendations\n\n")
	for i, recommendation in enumerate(report['recommendations'], 1):
	f.write(f"{i}. {recommendation}\n")
	f.write("\n")

	# Top issues
	f.write("## Top Critical Issues\n\n")
	critical_issues = [issue for issue in report['detailed_issues']
	if issue['severity'] == 'critical'][:10]

	for issue in critical_issues:
	f.write(f"### {issue['file']}:{issue['line']}\n\n")
	f.write(f"Type: {issue['type']}\n\n")
	f.write(f"Description: {issue['description']}\n\n")
	f.write(f"Recommendation: {issue['recommendation']}\n\n")
	f.write("---\n\n")

	self.logger.info(f"Markdown summary saved to {summary_path}")

	# Main execution interface
	async def run_code_review(project_path: str, config: Optional[Dict[str, Any]] = None) -> ReviewResults:
	"""Run comprehensive code review"""

	config = config or {}
	reviewer = ComprehensiveCodeReviewer()

	return await reviewer.conduct_comprehensive_review(
	project_path=project_path,
	include_patterns=config.get('include_patterns'),
	exclude_patterns=config.get('exclude_patterns')
	)

	# CLI interface
	if __name__ == "__main__":
	import sys

	# Configure logging
	logging.basicConfig(
	level=logging.INFO,
	format='%(asctime)s - %(name)s - %(levelname)s - %(message)s'
	)

	if len(sys.argv) < 2:
	print("Usage: python code_reviewer.py <project_path> [config.json]")
	sys.exit(1)

	project_path = sys.argv[1]
	config = {}

	if len(sys.argv) > 2:
	with open(sys.argv[2], 'r') as f:
	config = json.load(f)

	# Run code review
	async def main():
	results = await run_code_review(project_path, config)
	print(f"\nCode review completed!")
	print(f"Overall score: {results.overall_score:.1f}/100")
	print(f"Total issues found: {len(results.issues)}")

	# Show issue breakdown
	severity_counts = Counter(issue.severity for issue in results.issues)
	print("\nIssue breakdown:")
	for severity in ["critical", "high", "medium", "low", "info"]:
	count = severity_counts.get(severity, 0)
	if count > 0:
	print(f" {severity.title()}: {count}")

	asyncio.run(main())