qed42/eventhorizon-cli-mode — explained in plain English
Analysis updated 2026-05-18
Scan a Drupal codebase for security vulnerabilities like SQL injection or bypassed access control.
Find performance anti-patterns such as database queries running inside loops.
Measure function-level code complexity to spot code that is hard to maintain.
Export findings as CSV or Excel reports with severity ratings for the team to prioritize.
| qed42/eventhorizon-cli-mode | 920linjerry-stack/capital-studio | adya84/ha-world-cup-2026 | |
|---|---|---|---|
| Stars | 16 | 16 | 16 |
| Language | Python | Python | Python |
| Setup difficulty | easy | easy | easy |
| Complexity | 2/5 | 3/5 | 2/5 |
| Audience | developer | researcher | general |
Figures from each repo's GitHub metadata at analysis time.
Requires Python 3.9 or newer, the bundled setup.sh must be run with `source` to activate the environment.
EventHorizon CLI is a command-line tool that scans Drupal websites for security holes, performance problems, and code quality issues. Drupal is a content management system that many organizations use to run their websites. Developers who build or maintain Drupal sites can point this tool at their codebase and get a structured report showing what problems exist. The tool checks for three categories of issues. On the security side, it looks for things like database queries that could be manipulated by outside users, places where the site might execute arbitrary code, and access control gaps where pages are left open without proper authentication checks. On the performance side, it flags patterns that slow sites down, such as database lookups inside loops, caching turned off where it should be on, and debug code accidentally left in after development. The third category measures code complexity, flagging functions that have grown too tangled to maintain or review safely. When the scan finishes, EventHorizon outputs its findings as CSV or Excel spreadsheet files, along with a colored summary in the terminal. Each problem gets a severity rating of High, Medium, or Low so developers can prioritize what to fix first. One design choice the README emphasizes is that everything runs on your own machine. No code is sent to any server or cloud service, which matters when working on client projects or in environments where external network access is restricted or not permitted. Setup requires Python 3.9 or newer. The repository includes a setup script that creates an isolated Python environment and installs all dependencies. After that, the tool is available from the terminal as either the short command eh or the longer eventhorizon. The README notes this is the open-source CLI edition, with a team-oriented version described as in progress.
A command-line tool that scans Drupal codebases for security holes, performance problems, and code quality issues, entirely on your own machine.
Mainly Python. The stack also includes Python, Drupal, PHP.
MIT license: use, modify, and distribute freely, including commercially, as long as you keep the copyright notice.
Setup difficulty is rated easy, with roughly 5min to a first successful run.
Mainly developer.
This repo across BitVibe Labs
Verify against the repo before relying on details.