Automic VaultAutomic Vault

brew

Install lizard-analyzer with Homebrew, MacPorts

Extensible Cyclomatic Complexity Analyzer. Version 1.23.0 via Homebrew; verified 2026-06-03.

install

Additional install commands

macOS

Homebrewverified · 100%
brew install lizard-analyzer

local Homebrew formula metadata

MacPortsverified · 94%
sudo port install lizard

MacPorts ports tree · archivers/lizard/Portfile · source: api.github.com

overview

Package summary

Extensible Cyclomatic Complexity Analyzer

Commands and aliases

  • lizard

history

Project history and usage

Lizard is a Python-based cyclomatic-complexity and static-analysis command-line tool. Its package history is mildly confusing because Homebrew names this formula lizard-analyzer while the executable is lizard, avoiding collision with a separate compression utility also named lizard.

Project history

The terryyin/lizard repository was created on GitHub in June 2012. The README describes the tool as an extensible cyclomatic complexity analyzer for many programming languages, with an emphasis on scanning C/C++ without needing complete header search paths and Java without resolving all imports.

Over time the tool expanded beyond basic cyclomatic complexity counts into duplicate-code detection and other static-code metrics. Its language list in the README spans C/C++, Java, Python, JavaScript/TypeScript, Go, Rust, Swift, Solidity, Zig, and other languages.

Adoption history

The README documents both direct script usage and installation through pip, which made Lizard convenient for CI jobs and local quality gates before language-specific static-analysis suites were always present in package-manager workflows.

Homebrew packaging under lizard-analyzer gives macOS users a CLI install path while avoiding the formula-name collision with the unrelated lizard compressor.

How it is used

Lizard is commonly used as a lightweight metric pass over source trees: run lizard on a path, optionally select languages, exclude paths, and fail builds when complexity or parameter-count thresholds are exceeded.

Because it intentionally measures how complex code looks rather than trying to fully compile or semantically resolve a project, it fits quick scans, pre-commit checks, and repository audits where low setup cost matters.

Why package nerds care

The formula is a small example of package-manager disambiguation: the upstream project, command name, and common Python package name are lizard, but Homebrew has to call the formula lizard-analyzer because brew:lizard is already the compression tool.

It also shows how scripting-language tools enter Unix package managers even when pip installation is available, because packaging the CLI gives users a repeatable system-level binary without managing a Python environment by hand.

Timeline

  • 2012: terryyin/lizard repository created on GitHub.
  • 2026: GitHub releases 1.20.0 and 1.23.0 were published for the analyzer.
  • 2026: Homebrew formula lizard-analyzer identified the executable as lizard and the package as an extensible cyclomatic complexity analyzer.

Related projects

  • The package sits near linters, static analyzers, and code-metric tools such as cloc, radon, cppcheck, and language-specific complexity plugins.
  • It is unrelated to brew:lizard, the compression utility packaged in the same batch.

security posture

Risk level: green

narrow executable package without higher-risk signals.

Risk classifier

green risk · low confidence · appliance

Why

  • narrow executable package without higher-risk signals

Signals

  • metadata:no-higher-risk-signals

Install behavior

  • No Homebrew post-install hook is recorded in formula metadata.
  • Homebrew bottle metadata is available for 6 platform targets.
  • Installs with 1 runtime dependencies.

Recommended review

Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.

executables

Installed executables

CommandKindExposureNote
lizardcliglobal executable

freshness

Version and freshness

These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.

page generated2026-07-08
manager version1.23.0
manager updated2026-06-03
local dataok
upstreamnot checked
latest detectednot detected

https://github.com/terryyin/lizard

install metadata

Package metadata

Package keybrew:lizard-analyzer
Version1.23.0
Package managerHomebrew
Package manager pagehttps://formulae.brew.sh/formula/lizard-analyzer
Homepagehttps://github.com/terryyin/lizard
Repositoryhttps://github.com/terryyin/lizard
Upstream docshttps://github.com/terryyin/lizard#readme
LicenseMIT
Source archivehttps://files.pythonhosted.org/packages/5b/94/4967d0868e7db39a72fa2dbef9a798c4d661178f3836bfec58091606f0f3/lizard-1.23.0.tar.gz
Last updated2026-06-03T09:53:20Z
Pulseupdated
Dependenciespython@3.14
Bottleavailable (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-installnot defined
Servicenone declared

registry facts

Source database details

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Namelizard-analyzer
Version Scheme0
Revision0
Conflicts With
  • lizard
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • stable

source database matches

Other package-manager records

Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.

MacPorts94%

lizard

sudo port install lizard
  • installed executable or alias match
  • Matched by: Lizard
MacPorts ports tree · api.github.com · MacPorts ports tree: archivers/lizard/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1

source trail

Generated from repository data

This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.

Used sources

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment