# Code Diff Exploit Simulator

## Overview

The Code Diff Exploit Simulator is a Python tool that analyzes differences between two versions of a codebase (e.g., pre- and post-commit) and predicts whether the changes may introduce vulnerabilities. It can also generate a report summarizing the detected vulnerabilities.

## Features

- Analyze code differences between two directories containing code files.
- Use OpenAI's GPT model to predict potential vulnerabilities in the code changes.
- Generate a detailed vulnerability assessment report.

## Installation

1. Clone this repository.
2. Install the required dependencies:

```bash
pip install -r requirements.txt
```

## Usage

Run the tool from the command line:

```bash
python code_diff_exploit_simulator.py --old_version <path_to_old_version> --new_version <path_to_new_version> [--output <output_report_path>]
```

### Arguments

- `--old_version`: Path to the old version of the codebase.
- `--new_version`: Path to the new version of the codebase.
- `--output`: (Optional) Path to save the vulnerability assessment report.

## Example

```bash
python code_diff_exploit_simulator.py --old_version ./old_code --new_version ./new_code --output ./report.txt
```

## Testing

To run the tests, use `pytest`:

```bash
pytest test_code_diff_exploit_simulator.py
```

The tests include:

1. Testing the `analyze_code_diff` function to ensure it correctly identifies and processes code differences.
2. Testing the `predict_vulnerability` function with mocked OpenAI API responses.
3. Testing the `generate_report` function to ensure it writes the report correctly.

## Requirements

- Python 3.7+
- `openai`
- `rich`

## Notes

- You need an OpenAI API key to use the vulnerability prediction feature. Set the `OPENAI_API_KEY` environment variable to your API key.
- Ensure that the old and new versions of the codebase are provided as directories containing the relevant code files.