ISO Compliance Analyzer for VS Code 🛡️
ISO Compliance Analyzer is an AI-powered engineering platform that audits your codebases for compliance with key ISO standards. It provides a visual dashboard with real-time metrics, configurable thresholds, and smart recommendations.
🌍 Universal Language Support (New in v1.9)
The extension now supports Polyglot Analysis. Whether you're building a Monolith in Java or Microservices in Go, we've got you covered.
| Language |
Metrics Supported |
Strategy |
| JavaScript / TypeScript |
Full AST Analysis |
typhonjs-escomplex (Precision) |
| Python |
Complexity, SLOC, Maint. |
Heuristic (Regex) |
| Java |
Complexity, SLOC, Maint. |
Heuristic (Regex) |
| C# / .NET |
Complexity, SLOC, Maint. |
Heuristic (Regex) |
| Go |
Complexity, SLOC, Maint. |
Heuristic (Regex) |
| PHP |
Complexity, SLOC, Maint. |
Heuristic (Regex) |
| Ruby / Swift / Rust |
Complexity, SLOC, Maint. |
Heuristic (Regex) |
🏗️ Architecture & Microservices (New in v1.9)
The tool automatically detects complex project structures and provides Component-Level Insights.
- Monorepos: Detects
Nx, Lerna, Turbo, PNPM Workspaces.
- Microservices: Detects
Docker Compose services and distinct modules (e.g., services/auth, packages/ui).
- Granular Reporting: The HTML report now breaks down ISO scores per service, so you know exactly which microservice is introducing technical debt.
🤖 AI Architect Advisor
Powered by Google's Gemini 2.0 Flash (with 1.5 fallback), providing deep architectural insights.
Modes
- Professional: The standard, polite ISO consultant.
- 💀 Brutal Mode: A sarcastic Senior Architect who critiques your stack and architecture without mercy. ("jQuery in 2026? Really?")
Features
- Smart Config Generator ✨: The AI analyzes your project structure and automatically generates the perfect
iso-config.json for you.
- Fix Recommendations: Context-aware code fixes and refactoring strategies.
- Architecture Verdict: A high-level assessment of your project's scalability and security.
� ISO Standards Support
1. ISO/IEC 25010: System Quality
- Maintainability: Cyclomatic Complexity, Halstead Metrics, Comment Density.
- Performance: Bundle size estimation, Load Time prediction.
- Reliability: Test coverage (via LCOV), Bug density prediction.
- Secrets Detection: Finds API Keys, Tokens, and Passwords hardcoded in source.
- Vulnerability Scan: Integrated
npm audit wrapper.
- Risk Analysis: Heatmap of files with high complexity + high churn (hotspots).
3. ISO/IEC 29110: Lifecycle Profiles
- Process Maturity: Git analytics (Churn, Commit Frequency).
🚀 Usage
- Open your project in VS Code.
- Open the Command Palette (
Ctrl+Shift+P / Cmd+Shift+P).
- Run:
Start ISO Analysis.
- The Interactive Dashboard will open.
Commands
| Command |
Description |
iso-analyzer.start |
Opens the main dashboard and runs analysis. |
iso-analyzer.settings |
Opens the graphical settings editor. |
iso-analyzer.generateReport |
Generates a standalone HTML compliant audit report. |
iso-analyzer.generateSmartConfig |
Uses AI to generate a tailored iso-config.json. |
⚙️ Configuration (iso-config.json)
The extension is Zero Config by default, but you can unlock its full power by creating an iso-config.json in your root.
{
"projectType": "node-microservices",
"include": ["src/**/*.{js,ts,py,java,cs,go,php}", "packages/**/*.{js,ts}"],
"exclude": ["**/node_modules/**", "**/dist/**", "**/test/**", "**/*.spec.js"],
"thresholds": {
"maintainability": { "good": 85, "moderate": 65 },
"complexity": { "good": 10, "critical": 25 },
"commentDensity": { "good": 10, "moderate": 5 },
"duplication": { "good": 3, "moderate": 5 },
"testCoverage": { "good": 80, "moderate": 50 },
"loadTime": { "good": 2, "moderate": 5 },
"risk": {
"complexityWeight": 0.4,
"churnWeight": 0.4,
"bugDensityWeight": 0.2
}
},
"deepAnalysis": {
"analyzePatterns": true, // Detects Singleton, Factory, God Object...
"analyzeSecurity": true, // Scans for secrets and injection risks
"analyzeDocs": true, // Checks for README/docs
"analyzeDependencies": true, // Runs npm audit
"analyzeTests": true, // Estimates coverage
"architecture": {
"frontend": { "path": "frontend", "framework": "React" },
"backend": { "path": "backend", "framework": "NestJS" },
"database": { "type": "mongodb" },
"allowed": [
{ "from": "frontend", "to": "backend" }
]
},
"entryPoints": ["src/index.js", "src/main.ts"] // For Dead Code Detection
},
"aiPersona": "The Pragmatic Engineer" // Options: 'The Pragmatic Engineer', 'The Brutal Architect'
}
🚀 Fast Configuration (Presets)
Don't want to edit JSON? Use the new Presets in the Settings UI:
- 🌱 MVP: Relaxed rules for prototyping.
- 🏢 Standard: Balanced for production apps.
- 🏦 Banking: Strict security and zero-duplication policy.
📸 Screenshots
Dashboard & Radar Charts
Real-time visualization of your project's health against ISO 25010 metrics.
Risk Heatmap
Identify "Hotspots": Files that are both complex and frequently changed.
Printable Audit Report
Generate a stamped, professional HTML report for your stakeholders.
Requirements
- VS Code 1.80.0+
- Node.js 16+ (for analysis engine)
- Gemini API Key (Optional, for AI features)
Built with ❤️ by Kibotech
