Add BrassCoders — deterministic local pre-merge gate for AI-generated Python#1842
Open
CopperSunDev wants to merge 1 commit into
Open
Add BrassCoders — deterministic local pre-merge gate for AI-generated Python#1842CopperSunDev wants to merge 1 commit into
CopperSunDev wants to merge 1 commit into
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What is BrassCoders?
BrassCoders is a deterministic, local, free pre-merge CLI that orchestrates 12 static-analysis scanners and emits ranked findings as YAML for AI coding assistants. Apache 2.0, distributed via PyPI as
brasscoders, requires Python 3.10+.Scanners bundled: Bandit, Pylint, Pyre/Pysa (taint), Semgrep, ast-grep, detect-secrets (Yelp), plus six custom scanners for performance anti-patterns, secrets, PII, AI-pattern detection, content moderation, and JavaScript/TypeScript.
The distinctive coverage: four AST-level rules that catch the performance anti-patterns AI coding assistants reliably introduce — O(N²) string concatenation in loops,
list.insert(0)in loops, N-deep nested loops used as joins, and unboundedwhile Truepolls — which Bandit, Pylint, and Semgrep have no rules for.Reproducibility: same scan on same code produces identical output every run. Designed as a CI gate (
brasscoders --offline scan), not an advisory tool.Benchmark data (12 AI-generated Python files, one planted bug each): BrassCoders 11/12, Bandit 6/12, Pylint 1/12, frontier model 12/12. Wedge: BrassCoders 4/4 on AI-coder perf anti-patterns; all others 0/4.