v8.0.0 live·@codeatlas/mcp 4.0.0
VS Code Marketplace · OpenVSX · npm

AI writes code.
CodeAtlas helps everyone understand it.

Visualize architecture, trace changes, and give AI agents the context they need to make safe edits.

Pan, Zoom, Drill in.

Six linked diagram layers from system design down to function flow with diff-aware overlays on every layer so you catch architectural drift.

16,900+Total Downloads
OpenVSX13,424
VS Code Marketplace100
npm (MCP)3,386
51MCP Tools
11Languages · 40+ frameworks
7+Companies Using

See it in action

Six layers, one snapshot. Every edit cascades through every view that depends on it.

Trusted by developers at

GoogleAmazonKorzaSuperlinear InsightsAckoand more...
Benchmark · 40 PRs · 105 defects

State-of-the-art AI code review

On a public golden dataset, CodeAtlas's architectural context tops every reviewer on F1 — and its false-positive reducers make even a cheap model beat a commercial bot.

See the full benchmark
0.72
F1 — best of all reviewers
−38%
false positives, cheap model
1st
vs CodeRabbit & raw diff
edit → cascade~480ms total
L5flow:auth.service.ts/getCurrentUser~ +1 node
L4file:src/auth/auth.service.ts~ modified
L3sequence:GET /api/user~ 1 msg change
L2feature:cluster:auth · 6 files · 4 APIs~ modified
L1microservice:main · «service»~ modified
health · dead code · god files · cycles · couplingre-scored
1 edit · 5 layers · auto-rebuildhover to replay
Six linked layers · live

From a single function to the whole system.

Every save triggers a structured cascade. Change a function · the flowchart updates, then the file diagram, then any sequence diagram that calls it, then the feature cluster, then the system-design view. No rebuild, no refresh. The map you're looking at always matches the code on disk.

  • L1 Microservices · services + infra resources
  • L2 Features · feature clusters + API list
  • L3 Sequences · per-route, with middleware participants
  • L4 File deps · imports, exports, function-level edges
  • L5 Flowcharts · control flow inside any function
  • Code Health · god files, dead code, cycles, coupling
Differential layers

See what changed at every layer.

Code review is hard. Architecture review is harder. CodeAtlas paints a diff onto every diagram layer · added nodes in green, removed in red dashed, modified in amber. The same diff lives in the API surface, the sequence diagrams, the file graphs, and the system-design view, so a single PR shows its full architectural footprint.

  • Compare against any commit, branch, or PR base
  • API contract surface diff · catches breaking route changes
  • Architecture violation report · layer crossings + banned deps
  • Replay a commit timeline to see how the structure evolved
PR #287 · 1 commit6 layers touched
vs main
L1 · system
~ maindb
L2a · features
~ autharticleprofile
L2b · APIs
~GET/api/user
POST/api/users/login
PUT/api/user
L3 · sequence
ctrl~ svcprisma
L4 · file deps
~getCurrentUser()
login()
createUser()
L5 · flow
if (!user)
+console.warn(…)
return user
added modified removed
WCAG-safe · symbols + colors + border style
AI Review · cluster:auth
3 high2 med
JWT_SECRET fallback to empty string
src/auth/auth.service.ts:24 · POST /api/users/login
21 │ const secret = process.env.JWT_SECRET || '';
quote matched source · evidence-gated
N+1 query in feed loader
src/article/article.service.ts:88 · GET /api/articles/feed
86 │ for (const a of articles) await getAuthor(a.id)
Hardcoded admin token in auth flow
✕ rejected · the quoted line doesn't appear in any file
5 findings · 1 invented finding filtered outyour rules · 8 KB · cascade-aware re-review
AI Code Review

Findings you can actually trust.

Every finding quotes a verbatim line from your code. If the model invents an issue, the quote won't match and it gets filtered out before you see it. Auth issues land on the API row, N+1 queries on the sequence, dead code on the file view. Exactly where the fix lives.

  • Per-entry-point review · no hallucinated cross-references
  • Your team's rules in plain text · up to 8 KB
  • Bring your own LLM · OpenAI, Anthropic, OpenRouter, Ollama (local, no key)
  • Cascade-aware re-review only retouches what changed

The whole product, on one page.

Everything that ships in v7.2 · diagrams, MCP, AI review, API testing, and the supporting machinery.

Six linked diagram layers

Microservices, Features, API Sequences, File Dependencies, Function Flowcharts, and a Code Health dashboard · all driven by one snapshot. Click anywhere to drill in; every layer carries a diff badge when it's out of sync with your baseline.

54 MCP tools

Your AI assistant calls structured tools instead of grepping files · list routes, trace call paths, run SQL over the snapshot, get impact analysis. Works with Claude Code, Cursor, Codex, Gemini, Continue, and Copilot Chat.

Evidence-gated review

AI Code Review per route, job, and background task. Every finding quotes a real source line; invented issues get filtered out. Your team's plain-text rules drive every run.

API testing, built in

Every detected route shows up in the workbench. Send, chain, script (Postman-style pm.* API), OAuth2, SSE, WebSocket, OpenAPI / Postman / Insomnia import · no extra tool required.

Architecture violations

Declare your layer rules in plain JSON. Banned imports, forbidden cross-layer calls, drift against your baseline topology · all surfaced as findings on the diagram where the violation lives.

11 languages, 40+ frameworks

JavaScript / TypeScript, Python, Java, Kotlin, Go, Rust, Ruby, PHP, Swift, Dart, C#. Express, FastAPI, Spring Boot, Rails, Laravel, Gin, Axum, ASP.NET, Vapor. Plus mobile stacks (Jetpack Compose, SwiftUI, Flutter, React Native, Expo Router, Xamarin / .NET MAUI) and infrastructure-as-code (AWS SAM, AWS CDK, Serverless Framework). Middleware participants in your sequence diagrams across nine ecosystems.

Multi-repo & serverless

Open a workspace with two repos, or a monorepo with five services, or a Go workspace with multiple binaries · CodeAtlas detects each unit independently and scopes every layer to your selection.

Knowledge map & guided tour

A bird's-eye Knowledge Map distills the workspace into navigable concepts. The Tour orders the routes a new contributor should learn first, fan-in ranked so tests and migrations don't lead.

Localhost, by design

Source never leaves your machine. The diagram browser binds to localhost with origin validation. Telemetry honors CODEATLAS_TELEMETRY=0 and DO_NOT_TRACK=1.

Roadmap.

Six layers, MCP, and evidence-gated review are the foundation. From here CodeAtlas grows into a team product, a planning surface, and a runtime-aware architectural map.

Already shipped · v8.0.0
6 diagram layers54 MCP toolsAI Code ReviewPer-sub-repo guidelinesAPI TestingMulti-repo · serverlessPer-sub-repo scope picker11 languages40+ frameworksKnowledge MapGuided TourDomain detectionSaved viewsOAuth2 / SSE / WebSocketArchitecture violationsCross-repo edge stalenessCascade-aware re-review
01/Next5 features

Tightening the loop

Compounding value out of features that are already 80% there. No new infrastructure · pure feature delivery on top of the existing graph.

  • Test coverage overlay on every diagram layer · LCOV + Istanbul
  • API contract surface diff · catches breaking route changes in PRs
  • Architecture drift detection against a baseline topology
  • Dead-code delete-PR generator · multi-select, dynamic-ref guarded
  • Auto-generated onboarding tour for first-time users
02/Next4 features

Server-side surfaces

Move from individual tool to team product by reusing the engine server-side. Same engine, hosted as a GitHub App.

  • GitHub PR review bot · posts layer-level inline comments
  • codeatlas lint · architecture compliance gates in any CI
  • CODEOWNERS auto-population from feature clusters + git history
  • Documentation freshness checker · flags moved / deleted refs
03/Soon5 features

Architectural planning

Fills the gap between feature idea and ready-to-code, where most architectural debt is born.

  • Plan-from-spec · paste a Linear ticket → cluster + files + tests + scope
  • Architecture sketchpad · drag clusters, draw edges, live cohesion deltas
  • ADR auto-drafter · structural changes write their own ADR drafts
  • Diff-aware suggestion engine reads the cascade for context
04/Soon~30 framework packs

Per-framework architectural lints

Per-framework rules that need the architectural graph to evaluate. Layered over ESLint / RuboCop / golangci-lint, not replacing them.

  • Express / NestJS / Fastify · auth missing on writes, route-handler purity
  • Django / FastAPI · ORM-in-view, signal cycles, middleware ordering
  • Spring · transactional boundaries, n+1 query risk in repository methods
  • Gin / Echo · context leak, goroutine spawned from request handler
  • Pluggable rule format · ship your own framework pack
05/Soon4 features

Deeper AI assistant integration

Make CodeAtlas the architectural brain every assistant consults before suggesting a change.

  • Every prompt your assistant sends carries fresh architectural context
  • Pre-edit briefs auto-piped into your existing assistant
  • More MCP tools for refactor-aware planning + cross-file reasoning
  • Cost-aware tool routing so token budgets stay sane on large repos
06/Later3 features

Failure & load simulation

Static-graph simulation of how the system would behave under failure or load. No instrumentation, pure inverse-cascade traversal.

  • “What breaks if this service dies?” · affected routes + recovery paths
  • “What gets slow under this load?” · static call-cost graph
  • Chaos-script generator scoped to your actual call tree
07/Later5 features · 3 backends

Live runtime correlation

Production data painted on top of the structural graph. Three sources: Sentry, Datadog APM, OTLP.

  • Sentry traces painted onto the sequence diagrams
  • Datadog APM heatmap overlay on the API list
  • OTLP feed correlation · open-source path
  • Drift detector · code structure vs observed runtime calls
  • “What changed in production today?” · live diff
08/Later3 features

Compliance & governance

Sells to security / platform / data-protection teams. All queries against the existing graph, packaged for a different buyer.

  • Data-flow lineage for PII / PHI / regulated fields
  • “Who reaches this table?” · full transitive caller set
  • Audit-trail export for SOC2 / GDPR / HIPAA reviewers

Plus opportunistic reach work in parallel · additional editor integrations, more framework packs, more language tier-ups. Tell us what you'd prioritise.

Why this exists

AI assistants generate code 5–10× faster than humans review it. Reviews drift, architecture decays, and the structural picture that lives in the team's head falls out of sync with the codebase. CodeAtlas exists to bring that picture back. Always live, always visible, queryable by humans and AI alike.

What goes wrong

  • AI assistants grep files instead of asking structured questions
  • PR reviewers can't see what changed in the architecture
  • Test coverage, drift, and compliance live in three different dashboards
  • New contributors take weeks to map the codebase in their head

What CodeAtlas does

One live snapshot. Six linked layers. 51 structured tools. One AI Review pipeline.

  • AI assistants get architectural answers in tokens, not file-walks
  • PRs show a diff on every diagram layer · routes, sequences, files, clusters
  • Health, drift, violations, and findings on the diagrams where they live
  • Guided Tour orders the routes a new contributor should learn first

Ready to map your codebase?

16,900+ developers already do. Install in seconds · diagrams in your browser, structured tools in your AI assistant.