npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

legacywhisperer

v0.1.0

Published

Audit and refactor legacy code using Groq AI — runs entirely on your machine

Downloads

42

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

dominguezz05dominguezz05

Keywords

legacycodeauditrefactoraigroqtechnical-debt

Readme

legacywhisperer

Audit and refactor legacy code using Groq AI — runs entirely on your machine.

npm install -g legacywhisperer

What it does

Point it at any source file and get back a full technical debt report in seconds:

  • Maintainability score — 0–100 health score blending AI reasoning (60%) + Radon static analysis (40%)
  • Security audit — OWASP-based risk detection with severity levels (critical / high / medium / low)
  • Refactoring suggestions — actionable plan with before/after code snippets
  • AI refactor — full clean rewrite of the file, streamed token by token
  • 17 languages — Python, JavaScript, TypeScript, Java, Go, Rust, C, C++, C#, PHP, Ruby, Swift, Kotlin, Scala, R, SQL, Bash

Quick start

1. Install

# npm
npm install -g legacywhisperer

# pnpm
pnpm add -g legacywhisperer

2. Get a free Groq API key

https://console.groq.com/keys

3. Save your key (once — persists forever)

echo 'GROQ_API_KEY=gsk_...' > ~/.legacywhisperer

Or just run any command — the CLI will ask for it interactively if it's not set.

4. Analyze a file

lw analyze app.py

Commands

lw analyze <file>              # audit technical debt, security risks & complexity
lw audit   <file>              # alias for analyze
lw refactor <file>             # clean rewrite of the file (streamed)
lw refactor <file> -o out.py   # save refactored code to a file
lw info                        # check API key & Radon status
lw --help                      # full command reference

Options

| Flag | Commands | Description | |------|----------|-------------| | -l, --language <lang> | analyze, refactor | Override auto-detected language | | -o, --out <file> | refactor | Write refactored code to a file |

Output example

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
  MAINTAINABILITY SCORE: 42/100
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

SUMMARY
This module handles user authentication but mixes concerns heavily...

COMPLEXITY  (Radon)
  authenticate                    CC=C ⚠  line 12
  validate_token                  CC=B ✔  line 47

SECURITY RISKS
   HIGH   SQL query built with string concatenation → line 34
   MEDIUM  Bare except clause swallows all errors → line 61

REFACTORING SUGGESTIONS
   HIGH   [security]  Use parameterized queries instead of f-strings
   MEDIUM  [complexity]  Extract token logic into a separate service

Static analysis (optional)

For Python files, install Radon to get real cyclomatic complexity metrics:

pip install radon

Without it, the score is based on AI analysis only — still useful, just no Radon metrics.

API key setup options

The CLI looks for your key in this order:

| Method | How | |--------|-----| | ~/.legacywhisperer | echo 'GROQ_API_KEY=gsk_...' > ~/.legacywhisperer | | .env in current dir | GROQ_API_KEY=gsk_... in a .env file | | Environment variable | export GROQ_API_KEY=gsk_... | | Interactive prompt | Just run a command — the CLI will ask |

Web app

Prefer a UI? The same AI engine is available as a web app:

legacy-code-whisperer.vercel.app

License

MIT — github.com/dominguezz05/LegacyCode-Whisperer