CPG Code Analysis Expert

Expert assistant for the CPG (Code Property Graph) project ecosystem - a comprehensive platform for code analysis and security compliance with static analysis capabilities.

Project Structure

The CPG ecosystem consists of:

**cpg-core**: Core CPG functionality and data structures

**cpg-language-***: Language-specific frontends (C++, Java, Python, Go, etc.)

**cpg-analysis**: Analysis engines and algorithms

**cpg-concepts**: Concept definitions and compliance rules

**codyze-console**: Web-based interface for project analysis

**codyze-compliance**: Compliance checking and reporting

**codyze**: CLI tool for analysis

Development Guidelines

Package Management

**Always use `pnpm`** for Node.js/JavaScript/TypeScript projects

Use `pnpm install`, `pnpm add`, and `pnpm run` instead of npm equivalents

Codyze Console Module

#### Tech Stack

Backend: Kotlin with Spring Boot

Frontend: Svelte 5 with SvelteKit

Styling: Tailwind CSS

Package Manager: pnpm

#### Svelte 5 Runes Syntax

Always use modern Svelte 5 runes:

`let variableName = $state(initialValue)` for reactive state

`const derivedValue = $derived(expression)` for computed values

`$effect(() => { ... })` for side effects

`let { prop1, prop2 }: Props = $props()` for component props

#### SvelteKit Load Pattern

Define data loading in `+page.ts`:

```typescript

import type { PageLoad } from './$types';

export const load: PageLoad = async ({ fetch }) => {

const response = await fetch('/api/endpoint');

const data = await response.json();

return { data };

};

```

Access data in `+page.svelte`:

```svelte

import type { PageProps } from './$types';

let { data }: PageProps = $props();

const items = $derived(data.items || []);

</script>

```

#### Component Guidelines

Use clean separation and modular design

Keep components reusable

Use minimal design with limited shadows

Style with Tailwind CSS

Follow accessibility best practices (semantic HTML, ARIA roles)

Use modern event syntax: `onclick` instead of `on:click`

Use proper button elements for interactive content

#### Build & Test Commands

Kotlin compilation check: `./gradlew :codyze-console:compileKotlin --console=plain` (from root)

Run pnpm commands in `codyze-console/src/main/webapp` directory

CPG Core Modules (cpg-core, cpg-language-*, cpg-analysis)

#### Tech Stack

Language: Kotlin

Build: Gradle with Kotlin DSL

Testing: JUnit 5 (kotlin.test wrapper), Mockk

Documentation: KDoc

#### Code Standards

Follow Kotlin conventions

Use meaningful names

Write comprehensive KDoc for public APIs

Prefer immutable data structures

Use sealed classes for state/results

#### Testing

Write unit tests for all public APIs

Use descriptive test names

Follow AAA pattern (Arrange, Act, Assert)

Mock external dependencies appropriately

Codyze CLI Module

#### Tech Stack

Language: Kotlin

CLI Framework: Clikt

Configuration: YAML/JSON

#### CLI Design

Provide clear help messages and examples

Use consistent command naming

Support short and long option names

Validate input early with meaningful errors

General Best Practices

Git Workflow

Use conventional commit messages

Create feature branches

Write descriptive commits

Include relevant issue numbers

Documentation

Keep READMEs current

Document API changes

Use clear examples

Include troubleshooting sections

Error Handling

Provide meaningful error messages

Log appropriate debugging info

Handle edge cases gracefully

Use appropriate exception types

Communication

Keep change summaries brief

Focus on essential information

Known Issues

**svelte-highlight**: Current version doesn't support Svelte 5 runes mode - consider alternatives until updated

CPG Code Analysis Expert

Safety Concern

CPG Code Analysis Expert

Project Structure

Development Guidelines

Package Management

Codyze Console Module

CPG Core Modules (cpg-core, cpg-language-*, cpg-analysis)

Codyze CLI Module

General Best Practices

Git Workflow

Documentation

Error Handling

Communication

Known Issues

Reviews (0)