Caching ast

.dockerignore

@@ -0,0 +1,32 @@
+# Rust artifacts
+target/
+**/*.rs.bk
+
+# Python artifacts
+__pycache__/
+*.py[cod]
+*$py.class
+.pytest_cache/
+.coverage
+htmlcov/
+
+# Environments
+.venv/
+venv/
+env/
+.env
+
+# Git and IDEs
+.git
+.gitignore
+.idea/
+.vscode/
+
+# Docker
+Dockerfile
+.dockerignore
+
+# Packaging
+dist/
+build/
+*.egg-info/

.github/workflows/codeql.yml

@@ -0,0 +1,62 @@
+name: "CodeQL Advanced"
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+  schedule:
+    - cron: '22 22 * * *'
+
+jobs:
+  analyze:
+    name: Analyze (${{ matrix.language }})
+    runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
+    permissions:
+      security-events: write
+      packages: read
+      actions: read
+      contents: read
+
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+        - language: python
+          build-mode: none
+        - language: rust
+          build-mode: manual 
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v4
+      with:
+        languages: ${{ matrix.language }}
+        build-mode: ${{ matrix.build-mode }}
+
+    - name: Run manual build steps
+      if: matrix.build-mode == 'manual'
+      shell: bash
+      run: |
+        if [ "${{ matrix.language }}" = "rust" ]; then
+          echo "Building Rust core for CodeQL tracing..."
+          cargo build --verbose
+        else
+          echo "No manual build configured for ${{ matrix.language }}"
+          exit 1
+        fi
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v4
+      with:
+        category: "/language:${{matrix.language}}"
+
+    - name: Upload SARIF as Artifact (Debug)
+      uses: actions/upload-artifact@v4
+      if: failure() 
+      with:
+        name: codeql-sarif-debug-${{ matrix.language }}
+        path: ${{ runner.temp }}/**/*.sarif

.gitignore

@@ -60,4 +60,15 @@ venv.bak/
 
 # IDEs
 .idea/
-.vscode/
+.vscode/
+
+# Claude Code memory
+.claude/
+
+# Rust build artifacts
+target/
+.vscode/target/
+Cargo.lock
+
+# PySpector incremental AST cache (generated, never version-controlled)
+.pyspector_cache/

.pre-commit-config.yaml

@@ -0,0 +1,60 @@
+default_stages: [pre-commit]
+minimum_pre_commit_version: "3.6.0"
+
+repos:
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v5.0.0
+    hooks:
+      - id: end-of-file-fixer
+      - id: trailing-whitespace
+      - id: check-yaml
+
+  - repo: https://github.com/astral-sh/ruff-pre-commit
+    rev: v0.11.10
+    hooks:
+      - id: ruff
+        name: ruff (lint + fix)
+        args: [--fix]
+        types: [python]
+        pass_filenames: true
+      - id: ruff-format
+        name: ruff (format)
+        types: [python]
+        pass_filenames: true
+
+  - repo: https://github.com/pre-commit/mirrors-mypy
+    rev: v1.15.0
+    hooks:
+      - id: mypy
+        args: [--config-file=pyproject.toml]
+        files: ^src/.*\.py$
+        pass_filenames: true
+
+  - repo: https://github.com/Yelp/detect-secrets
+    rev: v1.5.0
+    hooks:
+      - id: detect-secrets
+        args: [--baseline, .secrets.baseline]
+        exclude: ^tests/examples/hardcoded_anthropic_key\.py$
+        pass_filenames: true
+
+  - repo: https://github.com/commitizen-tools/commitizen
+    rev: v3.31.0
+    hooks:
+      - id: commitizen
+        stages: [commit-msg]
+
+  - repo: local
+    hooks:
+      - id: cargo-fmt
+        name: cargo fmt --check
+        entry: cargo fmt --all -- --check
+        language: system
+        types: [rust]
+        pass_filenames: false
+      - id: cargo-clippy
+        name: cargo clippy -- -D warnings
+        entry: cargo clippy --all-targets --all-features -- -D warnings
+        language: system
+        types: [rust]
+        pass_filenames: false

.pre-commit-hooks.yaml

@@ -0,0 +1,11 @@
+repos:
+  - repo: local
+    hooks:
+      - id: pyspector
+        name: PySpector SAST
+        entry: pyspector
+        args: ["scan", "."]
+        language: system
+        types: [python]
+        pass_filenames: false
+        always_run: true

.secrets.baseline

@@ -0,0 +1,162 @@
+{
+  "version": "1.5.0",
+  "plugins_used": [
+    {
+      "name": "ArtifactoryDetector"
+    },
+    {
+      "name": "AWSKeyDetector"
+    },
+    {
+      "name": "AzureStorageKeyDetector"
+    },
+    {
+      "name": "Base64HighEntropyString",
+      "limit": 4.5
+    },
+    {
+      "name": "BasicAuthDetector"
+    },
+    {
+      "name": "CloudantDetector"
+    },
+    {
+      "name": "DiscordBotTokenDetector"
+    },
+    {
+      "name": "GitHubTokenDetector"
+    },
+    {
+      "name": "GitLabTokenDetector"
+    },
+    {
+      "name": "HexHighEntropyString",
+      "limit": 3.0
+    },
+    {
+      "name": "IbmCloudIamDetector"
+    },
+    {
+      "name": "IbmCosHmacDetector"
+    },
+    {
+      "name": "IPPublicDetector"
+    },
+    {
+      "name": "JwtTokenDetector"
+    },
+    {
+      "name": "KeywordDetector",
+      "keyword_exclude": ""
+    },
+    {
+      "name": "MailchimpDetector"
+    },
+    {
+      "name": "NpmDetector"
+    },
+    {
+      "name": "OpenAIDetector"
+    },
+    {
+      "name": "PrivateKeyDetector"
+    },
+    {
+      "name": "PypiTokenDetector"
+    },
+    {
+      "name": "SendGridDetector"
+    },
+    {
+      "name": "SlackDetector"
+    },
+    {
+      "name": "SoftlayerDetector"
+    },
+    {
+      "name": "SquareOAuthDetector"
+    },
+    {
+      "name": "StripeDetector"
+    },
+    {
+      "name": "TelegramBotTokenDetector"
+    },
+    {
+      "name": "TwilioKeyDetector"
+    }
+  ],
+  "filters_used": [
+    {
+      "path": "detect_secrets.filters.allowlist.is_line_allowlisted"
+    },
+    {
+      "path": "detect_secrets.filters.common.is_ignored_due_to_verification_policies",
+      "min_level": 2
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_indirect_reference"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_likely_id_string"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_lock_file"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_not_alphanumeric_string"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_potential_uuid"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_prefixed_with_dollar_sign"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_sequential_string"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_swagger_file"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_templated_secret"
+    }
+  ],
+  "results": {
+    "pluginconfig\\aipocgen.json": [
+      {
+        "type": "Secret Keyword",
+        "filename": "pluginconfig\\aipocgen.json",
+        "hashed_secret": "ebdd1ec9aa35020a4ad2462cc13fb4ff7cfcdabe",
+        "is_verified": false,
+        "line_number": 3
+      }
+    ],
+    "plugins\\aipocgen.py": [
+      {
+        "type": "Secret Keyword",
+        "filename": "plugins\\aipocgen.py",
+        "hashed_secret": "49697e763a0dda5673303db0e2a91c309ed73c2d",
+        "is_verified": false,
+        "line_number": 14
+      }
+    ],
+    "tests\\examples\\hardcoded_anthropic_key.py": [
+      {
+        "type": "Base64 High Entropy String",
+        "filename": "tests\\examples\\hardcoded_anthropic_key.py",
+        "hashed_secret": "7f19eed39c278717993314fc0a25b3e6cad41416",
+        "is_verified": false,
+        "line_number": 1
+      },
+      {
+        "type": "Secret Keyword",
+        "filename": "tests\\examples\\hardcoded_anthropic_key.py",
+        "hashed_secret": "7f19eed39c278717993314fc0a25b3e6cad41416",
+        "is_verified": false,
+        "line_number": 1
+      }
+    ]
+  },
+  "generated_at": "2026-05-11T08:38:25Z"
+}

Cargo.toml

@@ -13,6 +13,6 @@ actix-governor = "0.6"
 actix-cors = "0.7"
 serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0"
-pyo3 = { version = "0.23", features = ["auto-initialize", "full"] }
+pyo3 = { version = "0.28.3", features = ["auto-initialize", "full"] }
 
 pyspector_core = { path = "src/pyspector/_rust_core", package = "_rust_core", default-features = false }

NOTICE.md

@@ -1,14 +1,12 @@
-## Repository Repurposed
+PySpector - Copyright © 2025-2026 Tommaso Bona
 
-This repository has been **repurposed**.  
-Originally, it contained a small experimental script with no real usage or community activity.  
+This product includes software developed by Tommaso Bona.
 
-As of 13/09/2025 (DD/MM/YYYY), the repository has been **reset and transformed** into a **new, professional project**: Pyspector, which is **completely different** from the original content.  
+Licensed under the Apache License,Version 2.0 (the "License"); you may not use this file except in compliance with the License.
 
-The star count and forks have been preserved for continuity, but please note that they refer to the old repository state.  
+You may obtain a copy of the License at:
+http://www.apache.org/licenses/LICENSE-2.0  
 
-If you are here for **PySpector**, you are in the right place :)
-
-The code, documentation, and roadmap you see now are **the new software**, actively maintained.  
+Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 
-Final note: some forks of this repository may still contain the old code, but they are unrelated to the current project.
+See the License for the specific language governing permissions and limitations under the License.