Codaro: The AI Code Quality Gatekeeper

Stop tracking time. Start tracking risk.

Codaro is no longer just a passive time tracker. It is an Active Gatekeeper. Instead of passively counting minutes, it actively scans your code in the background, blocks bad practices, cleans your trash, and acts as your Virtual Senior Developer.

Welcome to the future of cloud-hybrid code quality.

Why the Pivot?

Development speed is increasing with AI, but code quality is dropping. Traditional linters are too rigid, and manual code reviews are too slow. Codaro solves this by shifting left—way left. It lives in your sidebar, analyzes code using contextual AI (Google Gemini 1.5 Flash), and fixes issues before they even reach a pull request.

Core Features (MVP)

• 🧹 The Janitor: Auto-clean on save. Codaro automatically removes obvious trash (like console.logs) and formats redundant whitespace (e.g., collapses 3+ empty lines into 1) every time you hit Ctrl+S.
• 🧠 Shadow Reviewer: AI-powered background analysis. Utilizing Gemini 1.5 Flash, Codaro analyzes your active file for:
  • Security Leaks (secrets, bad auth, etc.)
  • Logic Errors (N+1 queries, bugs, bad error handling)
  • Dirty Code (bad practices, unoptimized code)
• 🛡️ Risk Dashboard: Real-time visibility into code health. See all AI-detected issues conveniently listed in your VS Code Sidebar with clear risk categorization (Critical vs Warning).
• ⚡ Prompt Handoff: One-click fix generation. Next to every risk, there is a "Fix with AI" button. Clicking it instantly copies a precise, contextual prompt to your clipboard, ready to be pasted into Cursor, Copilot, or ChatGPT to get the corrected code block.

Setup Guide

Installation

1. Clone this repository.
2. Run npm install to install dependencies.
3. Press F5 in VS Code to launch the Extension Development Host and debug the extension.

Configuration

To enable the Shadow Reviewer, you must configure your Google Gemini API Key.

1. Open VS Code Settings (Ctrl+, or Cmd+,).
2. Search for Codaro or edit your settings.json directly.
3. Add your key:

   "codaro.geminiApiKey": "YOUR_GEMINI_API_KEY_HERE"
   

Usage Flow

1. Open a file you are working on.
2. Hit Ctrl+S -> The Janitor works silently in the background, cleaning up your console.logs and extra spaces instantly.
3. Open the Codaro Sidebar (click the Codaro icon in the activity bar).
4. Run the command "Codaro: Scan Current File" (or use the Command Palette Ctrl+Shift+P).
5. Review Risks -> Watch the AI populate your Risk Dashboard with actionable items.
6. Click "Fix with AI" next to an issue -> You will see a notification: "Codaro: AI Prompt copied to clipboard! Paste into Cursor/Copilot". Paste it to your favorite LLM chat and apply the fix.

💡 Developer Note: Post-Freeze Plans (v4.1)

Hey Dev, Great job hitting the Code Freeze. Here is what we should tackle after the thaw in v4.1:

1. Native AI Fix Application: Instead of copying the prompt to the clipboard, we should build a native diff-view and apply the fix directly via vscode.WorkspaceEdit without the user leaving the editor.
2. Real-time Background Scanning: Move away from manual codaro.scanCurrentFile triggers to debounced onDidChangeTextDocument background scanning with a progress spinner in the status bar.
3. Extend "The Janitor": Replace simple RegEx with an actual AST-based formatter (or integrate with Prettier/ESLint APIs) for robust code manipulation.
4. Add Secret Blocker pre-commit hook integration directly into the git pipeline from the extension.