CLI-first codebase analysis for TypeScript projects.
Parse your codebase, build a dependency graph, compute architectural metrics, and query everything from your terminal/CI. MCP support is included as an optional secondary interface.
npx codebase-intelligence overview ./srcCommon workflows:
npx codebase-intelligence hotspots ./src --metric complexity --limit 10
npx codebase-intelligence impact ./src parseCodebase
npx codebase-intelligence dead-exports ./src --limit 20
npx codebase-intelligence changes ./src --jsonclaude mcp add -s user -t stdio codebase-intelligence -- npx -y codebase-intelligence@latest .- Features
- Installation
- CLI Usage
- MCP Integration (Secondary)
- Metrics
- Architecture
- Requirements
- Limitations
- Release
- Security
- Contributing
- License
- 15 CLI commands for architecture analysis, dependency impact, dead code detection, and search
- Machine-readable JSON output (
--json) for automation and CI pipelines - Auto-cached index in
.code-visualizer/for fast repeat queries - 11 architectural metrics — PageRank, betweenness, coupling, cohesion, tension, churn, complexity, blast radius, dead exports, test coverage, escape velocity
- Symbol-level analysis — callers/callees, symbol importance, impact blast radius
- BM25 search — ranked keyword search across files and symbols
- Process tracing — detect entry points and execution flows through the call graph
- Community detection — Louvain clustering for natural file groupings
- MCP parity (secondary) — same analysis available as 15 MCP tools, 2 prompts, and 3 resources
Run directly with npx (no install):
npx codebase-intelligence overview ./srcOr install globally:
npm install -g codebase-intelligence
codebase-intelligence overview ./srccodebase-intelligence <command> <path> [options]| Command | What it does |
|---|---|
overview |
High-level codebase snapshot |
hotspots |
Rank files by metric (coupling, churn, complexity, blast radius, coverage, etc.) |
file |
Full context for one file |
search |
BM25 keyword search |
changes |
Git diff analysis with risk metrics |
dependents |
File-level blast radius |
modules |
Module architecture + cross-dependencies |
forces |
Cohesion/tension/escape-velocity analysis |
dead-exports |
Unused export detection |
groups |
Top-level directory groups + aggregate metrics |
symbol |
Callers/callees and symbol metrics |
impact |
Symbol-level blast radius |
rename |
Reference discovery for rename planning |
processes |
Entry-point execution flow tracing |
clusters |
Community-detected file clusters |
| Flag | Description |
|---|---|
--json |
Stable JSON output |
--force |
Rebuild index even if cache is valid |
--limit <n> |
Limit results on supported commands |
--metric <m> |
Select ranking metric for hotspots |
For full command details, see docs/cli-reference.md.
Running without a subcommand starts the MCP stdio server (backward compatible):
npx codebase-intelligence ./srcAdd to .mcp.json:
{
"mcpServers": {
"codebase-intelligence": {
"type": "stdio",
"command": "npx",
"args": ["-y", "codebase-intelligence@latest", "./src"],
"env": {}
}
}
}Add to .cursor/mcp.json or .vscode/mcp.json:
{
"servers": {
"codebase-intelligence": {
"command": "npx",
"args": ["-y", "codebase-intelligence@latest", "./src"]
}
}
}For MCP tool details, see docs/mcp-tools.md.
| Metric | What it reveals |
|---|---|
| PageRank | Most-referenced files (importance) |
| Betweenness | Bridge files between disconnected modules |
| Coupling | How tangled a file is (fan-out / total connections) |
| Cohesion | Does a module belong together? (internal / total deps) |
| Tension | Is a file torn between modules? (entropy of cross-module pulls) |
| Escape Velocity | Should this module be its own package? |
| Churn | Git commit frequency |
| Complexity | Average cyclomatic complexity of exports |
| Blast Radius | Transitive dependents affected by a change |
| Dead Exports | Unused exports (safe to remove) |
| Test Coverage | Whether a test file exists for each source file |
codebase-intelligence <command> <path>
|
v
+---------+ +---------+ +----------+
| Parser | --> | Graph | --> | Analyzer |
| TS AST | | grapho- | | metrics |
| | | logy | | |
+---------+ +---------+ +----------+
|
+--> CLI output (default)
+--> MCP stdio (optional mode)
- Parser — extracts files, functions, and imports via TypeScript Compiler API.
- Graph — builds dependency/call graphs with graphology.
- Analyzer — computes file/module/symbol metrics.
- Interfaces — CLI is primary; MCP is available for agent integrations.
- Node.js >= 18
- TypeScript codebase (
.ts/.tsxfiles)
- TypeScript-focused analysis
- Static analysis only (no runtime tracing)
- Call graph confidence varies by symbol resolution quality
Publishing is automated through GitHub Actions.
CIworkflow runs on every PR and push tomain:- lint → typecheck → build → test
- Pushes to
maintrigger a canary publish. - The package is published to npm with the
canarytag. - Canary versions are derived from the current package version plus the short commit SHA.
- Bump
package.jsonversion in a normal PR. - Merge that PR to
main. - Run the
Publishworkflow manually from GitHub Actions. - The workflow will:
- verify the tag does not already exist
- create and push
vX.Y.Z - publish to npm with provenance via OIDC
- create a GitHub Release with generated notes
No PAT is required for npm publish. The workflow uses GitHub repository permissions for tagging and OIDC for npm publishing.
Please do not report security vulnerabilities in public issues.
- Read
SECURITY.mdfor supported versions and disclosure guidance. - Use GitHub Security Advisories or private maintainer contact for sensitive reports.
Contributions are welcome.
Start here:
CONTRIBUTING.md— setup, workflow, testing, and PR expectationsCODE_OF_CONDUCT.md— community standardsSECURITY.md— vulnerability reporting
Quick setup:
git clone https://github.com/bntvllnt/codebase-intelligence.git
cd codebase-intelligence
pnpm install
pnpm dev # tsx watch mode
pnpm test # vitest
pnpm lint # eslint
pnpm typecheck # tsc --noEmit
pnpm build # production build