You inherit a 50k-line Python monolith. Senior dev who wrote it left last month. No tests, no docs, no architecture diagram. Where do you even start?
Grep for imports? Parse the AST yourself? Spend two days drawing boxes and arrows in Mermaid?
There's a faster way. Let me show you.
What is code-atlas-py?
code-atlas-py (CLI: atlas) is a deterministic code intelligence tool. It builds a full call graph, dependency graph, and symbol index of any Python project in ~0.2 seconds. It scores every function for risk — complexity, coupling, instability — and surfaces the most dangerous spots before you touch them.
No LLM. No cloud. No tokens. Same result every run.
Step 1: Install
pip install code-atlas-py
That's it. No config file, no server, no database. It works on any Python project out of the box.
Step 2: Scan your project
cd /path/to/your/project
atlas scan
You'll see output like:
✓ Scanned 1,247 symbols in 0.19s
Functions: 892 | Classes: 203 | Imports: 152
Top risk: payment/processor.py:process_payment (risk: 8.7)
- complexity: 14 | coupling: 23 | instability: 0.87
The scan found your riskiest function before you opened a single file.
Step 3: Ask questions in natural language
atlas ask "which functions call process_payment?"
process_payment
├─ checkout.create_order (checkout/orders.py:142)
├─ billing.sync_subscriptions (billing/sync.py:67)
└─ webhooks.stripe_handler (webhooks/stripe.py:33)
3 callers, 4 callees (including 2 external API calls)
Risk impact if changed: high (3 downstream modules affected)
Step 4: Generate an interactive HTML report
atlas html --open
This opens a clickable, filterable call graph in your browser. Each node is colored by risk score. Click any function to see its callers, callees, and complexity breakdown. Filter to show only functions with risk > 7 and instantly see the 5% of your codebase you should review before making any changes.
Step 5: Use it in CI/CD
atlas scan --fail-on-risk 8 --json > atlas-report.json
Fail a PR if it introduces code with risk score ≥ 8. No more merges that silently add coupling. Ship an HTML artifact alongside your test results.
Who is this for?
- Engineers inheriting legacy code: Find the hot spots in 0.2s instead of 2 days of reading.
- Tech leads doing code review: See risk before you read line by line — focus your attention where it matters.
- DevOps teams: Add codebase health to your CI/CD pipeline.
- Anyone using AI coding agents: code-atlas-py integrates with deepstrain so the AI understands structure, not just text. It makes AI edits safer by showing risk impact before the tool makes a change.
How it compares
| Tool | What it does | Deterministic? | Local? | Free? |
|---|---|---|---|---|
| pylint/flake8 | Style + lint + simple complexity | Yes | Yes | Yes |
| sourcegraph | Code search with indexing server | Yes | No | Subscription |
| LLM code review | Ask "is this risky?" | No | Varies | Freemium |
| code-atlas-py | Call graph + risk scoring + symbol search | Yes | Yes | Free tier |
Limitations (honest ones)
- Python only (for now).
- Static analysis — it can't know runtime call paths (e.g.,
getattr-based dispatch). - Risk scores are heuristics — useful for triage, not a replacement for reading the code.
- The free tier covers the core engine. Advanced modules (7 for Pro, 12 for Enterprise) are paid.
Try it
pip install code-atlas-py
cd your-project
docker run -v $(pwd):/code --rm code-atlas-py atlas scan
# or just:
atlas scan
Repo: github.com/mete-dotcom/code-atlas
Site: massiron.com/atlas
What's the riskiest function in your codebase right now? Run atlas scan and find out.
Top comments (0)