npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@codecora/cli

v0.0.5

Published

CORA CLI - AI code review before commit

Downloads

178

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

ajianazajianaz

Keywords

clicode-reviewaigitpre-commit

Readme

CORA CLI

Catch bugs & security issues BEFORE you commit. Save 2+ hours/week on code reviews.

npm version downloads license

Website: https://codecora.dev | Docs: https://codecora.dev/docs/cli

CORA CLI brings AI code review to your local development workflow. Get instant feedback on your code changes before they leave your machine.

Features

  • Pre-commit Review - Review code changes before committing
  • Instant Feedback - Get AI analysis in seconds
  • Privacy-first - Your code diffs are analyzed directly by your AI provider
  • Git Hooks - Automatic review on every commit
  • Cross-platform - Works on macOS, Linux, and Windows

Benefits

  • Save Time - Reduce code review time by 2+ hours per week
  • Catch Bugs Early - Find issues before they reach production
  • Security First - Detect vulnerabilities and security risks
  • Learn Best Practices - Get AI-powered suggestions for code improvement
  • Zero Friction - Works with your existing Git workflow

Installation

Using npm/bun (Requires Node.js 20+)

# Using npm
npm install -g @codecora/cli

# Using bun
bun install -g @codecora/cli

Quick Start

# 1. Install CORA CLI
npm install -g @codecora/cli

# 2. Login to CORA
cora auth login

# 3. Review staged changes
cora review

Example Output:

✅ Review complete

Found 2 issues:

  🔴 Critical: SQL injection risk
    File: src/auth.ts:45
    User input not sanitized before query

  🟡 Major: Missing error handling
    File: src/api.ts:12
    API call lacks try-catch block

💡 Suggestions available. Run with --include-walkthrough for details.

Use Cases

CORA CLI is perfect for:

  • Pre-commit Hooks - Automatically review code before every commit
  • CI/CD Pipelines - Integrate into GitHub Actions, GitLab CI, Jenkins
  • Legacy Code Audit - Review entire codebases with --base flag
  • Pull Request Reviews - Check feature branches before merging
  • Learning Projects - Get AI feedback on code quality and best practices

Why CORA vs Others?

| Feature | CORA | SonarQube | CodeClimate | DeepSource | |---------|------|-----------|-------------|------------| | Setup Time | 30 seconds | Hours | Hours | Hours | | Pre-commit | ✅ Native | ❌ Plugin | ❌ Plugin | ❌ Plugin | | AI-Powered | ✅ GPT-4/Claude | ❌ Rule-based | ❌ Rule-based | ❌ Rule-based | | Your AI Key | ✅ Use your own | ❌ Locked in | ❌ Locked in | ❌ Locked in | | Privacy | ✅ Code stays local | ⚠️ Cloud scan | ⚠️ Cloud scan | ⚠️ Cloud scan | | Free Tier | ✅ 100 reviews/mo | ❌ $120/yr min | ❌ $50/yr min | ❌ Subscription | | Languages | All languages | Limited | Limited | Limited |

Key Differentiators:

  • Fastest Setup - Install and run in 30 seconds, no configuration needed
  • AI-Powered - Uses latest GPT-4/Claude models, not outdated rule engines
  • Your AI Key - Use your own OpenAI/Anthropic key, no vendor lock-in
  • Privacy-First - Code analyzed by YOUR AI provider, we never see your code
  • Zero Maintenance - No servers to manage, no databases to configure
  • Always Updated - Automatically benefits from latest AI model improvements

Usage

Authentication

# Login via GitHub OAuth
cora auth login

# Check authentication status
cora auth status

# Logout
cora auth logout

# View/set configuration
cora auth config [key] [value]

Review Code

# Review staged changes (default)
cora review

# Review unstaged changes
cora review --unstaged

# Review specific files
cora review --files src/app.ts src/utils.ts

# Review committed changes
cora review --base main              # Review branch vs main
cora review --commits 3               # Review last 3 commits
cora review --revision-range abc..def # Review specific range
cora review --unpushed               # Review unpushed commits

# JSON output for CI/CD
cora review --format json

Git Hooks

# Install pre-commit hook
cora hook install

# Uninstall hook
cora hook uninstall

# List installed hooks
cora hook list

# Quick enable/disable
cora enable    # Install pre-commit hook
cora disable   # Uninstall pre-commit hook

Options

| Option | Description | |--------|-------------| | -w, --workspace <id> | Workspace ID | | -r, --repository <name> | Repository name (owner/repo) | | -b, --branch <name> | Branch name | | -s, --staged | Review staged changes (default) | | -u, --unstaged | Review unstaged changes | | -f, --files <files...> | Review specific files | | --base <ref> | Review changes from base ref to HEAD (e.g., "main") | | --revision-range <range> | Review specific commit range (e.g., "HEAD~3..HEAD") | | --commits <number> | Review last N commits | | --unpushed | Review unpushed commits | | --format <format> | Output format (pretty, json, compact) |

Configuration

Configuration is stored in ~/.codecora/:

  • auth.json - Session token and user info
  • config.json - Preferences and settings

Environment Variables

| Variable | Description | |----------|-------------| | CORA_SKIP | Skip pre-commit hook when set to 1 | | CORA_SERVER | Override server URL | | CORA_WORKSPACE | Override workspace ID | | CORA_API_KEY | API key for CI/CD authentication |

CI/CD Integration

Supported Languages

CORA CLI supports code review for all programming languages including:

  • JavaScript / TypeScript
  • Python
  • Java / Kotlin
  • Go
  • Rust
  • PHP
  • Ruby
  • C# / .NET
  • And more...

Using API Keys (Recommended)

For CI/CD workflows, use API Keys instead of session tokens.

Getting an API Key:

  1. Login to codecora.dev
  2. Go to Dashboard → API Keys
  3. Click "Generate API Key"
  4. Copy the key and use in your CI/CD pipeline
# Example: GitHub Actions
- name: Run CORA Review
  run: |
    npm install -g @codecora/cli
    cora review --format json > review-results.json
  env:
    CORA_API_KEY: ${{ secrets.CORA_API_KEY }}
    CORA_SERVER_URL: https://codecora.dev

Benefits of API Keys:

  • No interactive login required
  • Can be scoped to specific permissions
  • Can have expiration dates
  • Revocable without affecting other workflows

Create API Key: Visit Dashboard → API Keys to generate a key for CI/CD.

Troubleshooting

Authentication Errors

# Check your authentication status
cora auth status

# Re-authenticate if needed
cora auth login

Hook Not Running

# Verify hook is installed
cora hook list

# Reinstall hook
cora hook uninstall && cora hook install

Skip Hook Temporarily

# Skip for one commit
git commit --no-verify -m "message"

# Or use environment variable
CORA_SKIP=1 git commit -m "message"

Requirements

  • Node.js 20+ or Bun 1.0+
  • A Codecora account (sign up at https://codecora.dev)
  • An OpenAI-compatible API key configured in your workspace

Pricing

  • Free Tier - 100 reviews/month during beta
  • Pro Tier - Coming soon
  • Enterprise - Contact us for custom solutions

License

MIT © CORA

Support

Getting Help: