Add security and code quality analyzers

## Description

Expand the analysis capabilities by adding security-focused and code quality analyzers beyond the current semantic analysis.

## Type of Change

- [x] ✨ New feature (non-breaking change which adds functionality)

## Problem Statement

Currently, Commit Coach only has semantic analysis (test coverage, API changes, documentation). Adding security and code quality analyzers would provide more comprehensive insights.

## Proposed Solution

Add new analyzer modules:

1. **Security Analyzer**: Detect potential security issues
   - Hardcoded secrets/passwords
   - Insecure dependencies
   - SQL injection patterns
   - XSS vulnerabilities
   - Insecure file permissions

2. **Code Quality Analyzer**: Detect code quality issues
   - Code complexity metrics
   - Duplicate code detection
   - Code smell detection
   - Performance anti-patterns
   - Accessibility issues

3. **Dependency Analyzer**: Analyze dependency changes
   - Outdated dependencies
   - Security vulnerabilities in dependencies
   - License compatibility issues
   - Dependency size impact

## Feature Category

Analyzer Enhancement

## Use Cases

1. **Security Review**: Automatically flag potential security issues in commits
2. **Code Quality**: Maintain code quality standards across the team
3. **Dependency Management**: Keep dependencies secure and up-to-date
4. **Compliance**: Ensure code meets security and quality standards

## Implementation Ideas

1. Create `src/analyzers/security.ts` for security analysis
2. Create `src/analyzers/quality.ts` for code quality analysis
3. Create `src/analyzers/dependencies.ts` for dependency analysis
4. Add configuration options for each analyzer
5. Create comprehensive test suites for each analyzer
6. Add integration with external security databases

## Acceptance Criteria

- [ ] Security analyzer detects common security issues
- [ ] Code quality analyzer provides complexity and quality metrics
- [ ] Dependency analyzer checks for vulnerabilities and updates
- [ ] All analyzers are configurable and can be disabled
- [ ] Comprehensive test coverage for new analyzers
- [ ] Documentation for each analyzer's capabilities

## Additional Context

This would make Commit Coach a more comprehensive code analysis tool, competing with tools like SonarQube or CodeClimate while being lightweight and focused on commit-level analysis.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add security and code quality analyzers #9

Description

Type of Change

Problem Statement

Proposed Solution

Feature Category

Use Cases

Implementation Ideas

Acceptance Criteria

Additional Context

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Add security and code quality analyzers #9

Description

Description

Type of Change

Problem Statement

Proposed Solution

Feature Category

Use Cases

Implementation Ideas

Acceptance Criteria

Additional Context

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions