refactor: rename code-iq → codeiq across the project

.dockerignore

@@ -6,4 +6,4 @@ docs/
 tests/
 .github/
 helm/
-src/osscodeiq/
+src/codeiq/

.github/workflows/ci-java.yml

@@ -34,7 +34,7 @@ jobs:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
         run: >
           mvn sonar:sonar -B
-          -Dsonar.projectKey=RandomCodeSpace_code-iq
+          -Dsonar.projectKey=RandomCodeSpace_codeiq
           -Dsonar.organization=randomcodespace
           -Dsonar.host.url=https://sonarcloud.io
           "-Dsonar.exclusions=**/grammar/**,target/generated-sources/**"

.gitignore

@@ -21,9 +21,7 @@ target/
 Thumbs.db
 
 # Project runtime data
-.osscodeiq/
-.code-intelligence/
-.code_intelligence_cache*/
+.codeiq/
 *.db
 *.db-wal
 *.db-shm

CLAUDE.md

@@ -1,16 +1,16 @@
-# Code IQ (Java) -- Project Instructions
+# codeiq (Java) -- Project Instructions
 
 ## What This Project Is
 
-**Code IQ** -- a CLI tool + server that scans codebases to build a deterministic code knowledge graph. No AI, no external APIs -- pure static analysis. 97 detectors, 35+ languages, Neo4j Embedded graph database, Spring AI MCP server, REST API, web UI.
+**codeiq** -- a CLI tool + server that scans codebases to build a deterministic code knowledge graph. No AI, no external APIs -- pure static analysis. 97 detectors, 35+ languages, Neo4j Embedded graph database, Spring AI MCP server, REST API, web UI.
 
-- **Maven coordinates:** `io.github.randomcodespace.iq:code-iq`
-- **CLI command:** `code-iq` (via `java -jar`)
+- **Maven coordinates:** `io.github.randomcodespace.iq:code-iq` (artifactId intentionally unchanged)
+- **CLI command:** `codeiq` (via `java -jar`; JAR filename remains `code-iq-*-cli.jar`)
 - **Java package:** `io.github.randomcodespace.iq` (under `src/main/java/`)
-- **GitHub repo:** `RandomCodeSpace/code-iq` (branch: `main`)
-- **Cache directory on disk:** `.code-intelligence` (H2 analysis cache)
-- **Neo4j directory on disk:** `.osscodeiq/graph.db` (enriched graph)
-- **Config file:** `.osscodeiq.yml` (project-level overrides)
+- **GitHub repo:** `RandomCodeSpace/codeiq` (branch: `main`)
+- **Cache directory on disk:** `.codeiq/cache` (H2 analysis cache)
+- **Neo4j directory on disk:** `.codeiq/graph/graph.db` (enriched graph)
+- **Config file:** `codeiq.yml` (project-level overrides)
 
 ## Tech Stack
 
@@ -30,12 +30,12 @@
 
 ```
 Developer machine:
-  code-iq index  /repo  →  H2 cache (.code-intelligence/)
-  code-iq enrich /repo  →  Neo4j (.osscodeiq/graph.db)
-  code-iq bundle /repo  →  bundle.zip (graph + source snapshot)
+  codeiq index  /repo  →  H2 cache (.codeiq/cache/)
+  codeiq enrich /repo  →  Neo4j (.codeiq/graph/graph.db)
+  codeiq bundle /repo  →  bundle.zip (graph + source snapshot)
 
 Remote server (or local):
-  code-iq serve /repo   →  read-only API + MCP + UI (from Neo4j)
+  codeiq serve /repo   →  read-only API + MCP + UI (from Neo4j)
 ```
 
 **Key principle:** MCP and API are strictly **read-only**. No data manipulation from the serving layer. Analysis happens only via CLI (`index`/`enrich`). The remote server may not have source code access (bundle deployment model).
@@ -164,13 +164,13 @@ io.github.randomcodespace.iq
 
 ```bash
 # For large codebases (44K+ files):
-code-iq index /path/to/repo          # ~220s for 44K files, writes to H2
-code-iq enrich /path/to/repo         # loads H2 → Neo4j with linkers/layers/services
-code-iq serve /path/to/repo          # read-only server
+codeiq index /path/to/repo           # ~220s for 44K files, writes to H2
+codeiq enrich /path/to/repo          # loads H2 → Neo4j with linkers/layers/services
+codeiq serve /path/to/repo           # read-only server
 
 # For small codebases:
-code-iq analyze /path/to/repo        # in-memory, all-in-one
-code-iq serve /path/to/repo          # needs enrich if using index
+codeiq analyze /path/to/repo         # in-memory, all-in-one
+codeiq serve /path/to/repo           # needs enrich if using index
 ```
 
 ## Server Endpoints (all read-only)
@@ -380,13 +380,13 @@ camelCase accepted as a deprecated alias for one release). Resolution order
 2. `~/.codeiq/config.yml` (user-global)
 3. `./codeiq.yml` (project)
 4. `CODEIQ_<SECTION>_<KEY>` env vars (e.g. `CODEIQ_SERVING_PORT=9090`)
-5. CLI flags on `code-iq <command>`
+5. CLI flags on `codeiq <command>`
 
 Validate and introspect with:
 
 ```bash
-code-iq config validate
-code-iq config explain
+codeiq config validate
+codeiq config explain
 ```
 
 ### Spring-owned keys (stay in `application.yml`)
@@ -404,14 +404,6 @@ have not been migrated into `codeiq.yml`:
 `UnifiedConfigBeans` bridges the unified config to the legacy `CodeIqConfig`
 bean for code paths that haven't been ported yet.
 
-### `.osscodeiq.yml` deprecation
-
-`.osscodeiq.yml` is deprecated. `ProjectConfigLoader` still loads it for one
-release, translates its legacy flat keys into the unified nested shape, and
-logs a one-time WARN per canonical path. Rename to `codeiq.yml` and migrate
-flat keys into the `project:` / `indexing:` / `serving:` / `mcp:` /
-`observability:` / `detectors:` sections.
-
 ## Gotchas & Lessons Learned
 
 - **Pipeline is index → enrich → serve**: Don't put analysis/enrichment in serve. Serve is read-only.
@@ -434,7 +426,7 @@ flat keys into the `project:` / `indexing:` / `serving:` / `mcp:` /
 - **SnakeYAML parses `on` as Boolean.TRUE**: In YAML files, bare `on` key becomes `Boolean.TRUE`. Use `String.valueOf(key)` comparisons, not `Boolean.TRUE.equals(key)` (SonarCloud S2159).
 - **Regex possessive quantifiers**: Use `*+` instead of `*` for nested quantifiers like `([^"\\]*(?:\\.[^"\\]*)*)` → `([^"\\]*+(?:\\.[^"\\]*+)*+)` to prevent stack overflow (SonarCloud S5998).
 - **Parallel agent conflicts**: Don't dispatch multiple agents editing the same files concurrently. Use worktree isolation or sequential execution.
-- **SonarCloud project key**: `RandomCodeSpace_code-iq`, org: `randomcodespace`
+- **SonarCloud project key**: `RandomCodeSpace_codeiq`, org: `randomcodespace`
 - **CI workflow**: Single `ci-java.yml` runs build + SonarCloud analysis. No cross-platform builds needed (JVM).
 
 ## Updating This File

README.md

@@ -1,19 +1,19 @@
 <p align="center">
-  <h1 align="center">Code IQ</h1>
+  <h1 align="center">codeiq</h1>
   <p align="center">
     <strong>Deterministic code knowledge graph -- scans codebases to map services, endpoints, entities, infrastructure, auth patterns, and framework usage. No AI, pure static analysis.</strong>
   </p>
 </p>
 
 <p align="center">
   <a href="https://central.sonatype.com/artifact/io.github.randomcodespace.iq/code-iq"><img src="https://img.shields.io/maven-central/v/io.github.randomcodespace.iq/code-iq?style=flat-square&logo=apachemaven&label=Maven%20Central" alt="Maven Central"></a>
-  <a href="https://github.com/RandomCodeSpace/code-iq/actions/workflows/ci-java.yml"><img src="https://img.shields.io/github/actions/workflow/status/RandomCodeSpace/code-iq/ci-java.yml?branch=main&style=flat-square&logo=github&label=CI" alt="CI"></a>
+  <a href="https://github.com/RandomCodeSpace/codeiq/actions/workflows/ci-java.yml"><img src="https://img.shields.io/github/actions/workflow/status/RandomCodeSpace/codeiq/ci-java.yml?branch=main&style=flat-square&logo=github&label=CI" alt="CI"></a>
   <a href="https://www.oracle.com/java/technologies/downloads/"><img src="https://img.shields.io/badge/Java-25-orange?style=flat-square&logo=openjdk&logoColor=white" alt="Java 25"></a>
-  <a href="https://github.com/RandomCodeSpace/code-iq/blob/main/LICENSE"><img src="https://img.shields.io/github/license/RandomCodeSpace/code-iq?style=flat-square&label=License" alt="MIT License"></a>
-  <a href="https://sonarcloud.io/summary/overall?id=RandomCodeSpace_code-iq"><img src="https://sonarcloud.io/api/project_badges/measure?project=RandomCodeSpace_code-iq&metric=security_rating" alt="Security"></a>
-  <a href="https://sonarcloud.io/summary/overall?id=RandomCodeSpace_code-iq"><img src="https://sonarcloud.io/api/project_badges/measure?project=RandomCodeSpace_code-iq&metric=reliability_rating" alt="Reliability"></a>
-  <a href="https://github.com/RandomCodeSpace/code-iq"><img src="https://img.shields.io/badge/detectors-97-brightgreen?style=flat-square&logo=codefactor&logoColor=white" alt="97 Detectors"></a>
-  <a href="https://github.com/RandomCodeSpace/code-iq"><img src="https://img.shields.io/badge/languages-35%2B-blue?style=flat-square&logo=stackblitz&logoColor=white" alt="35+ Languages"></a>
+  <a href="https://github.com/RandomCodeSpace/codeiq/blob/main/LICENSE"><img src="https://img.shields.io/github/license/RandomCodeSpace/codeiq?style=flat-square&label=License" alt="MIT License"></a>
+  <a href="https://sonarcloud.io/summary/overall?id=RandomCodeSpace_codeiq"><img src="https://sonarcloud.io/api/project_badges/measure?project=RandomCodeSpace_codeiq&metric=security_rating" alt="Security"></a>
+  <a href="https://sonarcloud.io/summary/overall?id=RandomCodeSpace_codeiq"><img src="https://sonarcloud.io/api/project_badges/measure?project=RandomCodeSpace_codeiq&metric=reliability_rating" alt="Reliability"></a>
+  <a href="https://github.com/RandomCodeSpace/codeiq"><img src="https://img.shields.io/badge/detectors-97-brightgreen?style=flat-square&logo=codefactor&logoColor=white" alt="97 Detectors"></a>
+  <a href="https://github.com/RandomCodeSpace/codeiq"><img src="https://img.shields.io/badge/languages-35%2B-blue?style=flat-square&logo=stackblitz&logoColor=white" alt="35+ Languages"></a>
 </p>
 
 ---
@@ -22,8 +22,8 @@
 
 ```bash
 # Build from source (requires Java 25+, Maven 3.9+)
-git clone https://github.com/RandomCodeSpace/code-iq.git
-cd code-iq
+git clone https://github.com/RandomCodeSpace/codeiq.git
+cd codeiq
 mvn clean package -DskipTests
 
 # Analyze a codebase
@@ -36,7 +36,7 @@ java -jar target/code-iq-*-cli.jar serve /path/to/repo
 
 ## How It Works
 
-Code IQ scans source files using 97 detectors across 35+ languages, builds a knowledge graph of code relationships, and serves it via REST API, MCP server, and React UI.
+codeiq scans source files using 97 detectors across 35+ languages, builds a knowledge graph of code relationships, and serves it via REST API, MCP server, and React UI.
 
 ```mermaid
 graph TD
@@ -157,7 +157,7 @@ java -jar code-iq-*-cli.jar serve /shared
 
 ## Configuration
 
-code-iq is configured by a single YAML file at the repo root: **`codeiq.yml`**.
+codeiq is configured by a single YAML file at the repo root: **`codeiq.yml`**.
 Every field is optional; omitted fields fall back to the in-code defaults
 (`ConfigDefaults.builtIn()`). See
 [`docs/codeiq.yml.example`](docs/codeiq.yml.example) for the full reference
@@ -172,14 +172,14 @@ are accepted as deprecated aliases for one release and log a WARN on load.
 4. Environment variables: `CODEIQ_<SECTION>_<KEY>` (e.g. `CODEIQ_SERVING_PORT=9090`,
    `CODEIQ_MCP_AUTH_MODE=bearer`, `CODEIQ_INDEXING_BATCH_SIZE=1000`). Nested
    keys are flattened with underscores; values parse as YAML scalars.
-5. CLI flags on `code-iq <command>`
+5. CLI flags on `codeiq <command>`
 
 ### Commands
 
 ```bash
-code-iq config validate              # Validate ./codeiq.yml, exit 1 on error
-code-iq config validate -p custom.yml
-code-iq config explain               # Print each effective value + its source layer
+codeiq config validate              # Validate ./codeiq.yml, exit 1 on error
+codeiq config validate -p custom.yml
+codeiq config explain                # Print each effective value + its source layer
 ```
 
 ### Minimal example
@@ -191,7 +191,7 @@ project:
 
 indexing:
   exclude: ['**/node_modules/**', '**/build/**', '**/dist/**']
-  cache_dir: .code-iq/cache
+  cache_dir: .codeiq/cache
   batch_size: 500
 
 serving:
@@ -218,38 +218,6 @@ and have not been migrated into `codeiq.yml`. Keep them in
 Everything else belongs in `codeiq.yml`. `UnifiedConfigBeans` bridges the
 two worlds for values that exist in both.
 
-### Migration from `.osscodeiq.yml`
-
-`.osscodeiq.yml` is deprecated. code-iq still loads it for one release via
-`ProjectConfigLoader`, translates its legacy flat keys into the unified
-shape, and logs a one-time WARN per path. Rename the file to `codeiq.yml`
-and restructure flat keys into the nested sections.
-
-**Before** (`.osscodeiq.yml`, legacy flat schema):
-
-```yaml
-languages: [java, typescript, yaml]
-exclude:
-  - '**/node_modules/**'
-  - '**/build/**'
-pipeline:
-  parallelism: 4
-  batch-size: 500
-batch_size: 500
-```
-
-**After** (`codeiq.yml`, unified snake_case schema):
-
-```yaml
-indexing:
-  languages: [java, typescript, yaml]
-  exclude:
-    - '**/node_modules/**'
-    - '**/build/**'
-  parallelism: 4
-  batch_size: 500
-```
-
 See `docs/codeiq.yml.example` for the full schema.
 
 ## Graph Model
@@ -294,8 +262,8 @@ All results are 100% deterministic across runs.
 ## Development
 
 ```bash
-git clone https://github.com/RandomCodeSpace/code-iq.git
-cd code-iq
+git clone https://github.com/RandomCodeSpace/codeiq.git
+cd codeiq
 mvn clean package    # Build + test (3,219 tests)
 mvn test             # Tests only
 ```

docs/codeiq.yml.example

@@ -9,8 +9,8 @@
 #   `bindAddress`, `pageCacheMb`, `perToolTimeoutMs`, `logFormat`) are accepted
 #   as deprecated aliases for one release and emit a WARN on load. Do not use
 #   camelCase in new config.
-# - Run `code-iq config validate` to type-check your file, and
-#   `code-iq config explain` to print every effective value and the layer it
+# - Run `codeiq config validate` to type-check your file, and
+#   `codeiq config explain` to print every effective value and the layer it
 #   was resolved from.
 
 # ---------------------------------------------------------------------------
@@ -38,7 +38,7 @@ indexing:
     - '**/dist/**'
     - '**/generated/**'
   incremental: true             # reuse H2 cache when file hashes match
-  cache_dir: .code-iq/cache     # H2 analysis cache directory
+  cache_dir: .codeiq/cache      # H2 analysis cache directory
   parallelism: null             # null = auto-detect (Runtime.availableProcessors()); positive int to pin
   batch_size: 500               # files per H2 flush batch (default: 500)
   max_depth: 10                 # max impact-trace depth
@@ -55,7 +55,7 @@ serving:
   bind_address: 0.0.0.0         # interface to bind; 127.0.0.1 for localhost-only
   read_only: false              # must be false in non-prod; CI gate enforces this
   neo4j:
-    dir: .code-iq/graph/graph.db   # embedded Neo4j data directory
+    dir: .codeiq/graph/graph.db    # embedded Neo4j data directory
     page_cache_mb: 256             # Neo4j page cache (MB)
     heap_initial_mb: 256           # JVM -Xms for Neo4j (MB)
     heap_max_mb: 1024              # JVM -Xmx for Neo4j (MB)

pom.xml

@@ -16,9 +16,9 @@
     <version>0.1.0-SNAPSHOT</version>
     <packaging>jar</packaging>
 
-    <name>OSSCodeIQ</name>
+    <name>codeiq</name>
     <description>CLI tool and server that scans codebases to build a deterministic code knowledge graph</description>
-    <url>https://github.com/RandomCodeSpace/code-iq</url>
+    <url>https://github.com/RandomCodeSpace/codeiq</url>
 
     <properties>
         <java.version>25</java.version>
@@ -220,9 +220,9 @@
     </developers>
 
     <scm>
-        <connection>scm:git:git://github.com/RandomCodeSpace/code-iq.git</connection>
-        <developerConnection>scm:git:ssh://github.com:RandomCodeSpace/code-iq.git</developerConnection>
-        <url>https://github.com/RandomCodeSpace/code-iq/tree/main</url>
+        <connection>scm:git:git://github.com/RandomCodeSpace/codeiq.git</connection>
+        <developerConnection>scm:git:ssh://github.com:RandomCodeSpace/codeiq.git</developerConnection>
+        <url>https://github.com/RandomCodeSpace/codeiq/tree/main</url>
     </scm>
 
     <build>

scripts/baseline/consolidate.sh

@@ -21,7 +21,7 @@ NODE_V=$(node --version)
 NPM_V=$(npm --version)
 
 cat > "$OUT" <<MD
-# code-iq Baseline — 2026-04-17
+# codeiq Baseline — 2026-04-17
 
 This file is generated by \`scripts/baseline/consolidate.sh\`. Re-run after
 updating any capture script. Raw artifacts under \`raw/\` are gitignored.

scripts/baseline/run-pipeline.sh

@@ -17,7 +17,7 @@ fi
 [[ -d "$SEED" ]] || { echo "Seed $SEED missing. Run scripts/seed-repos.sh first."; exit 1; }
 
 # Clean any prior state in the seed repo.
-rm -rf "$SEED/.code-intelligence" "$SEED/.osscodeiq"
+rm -rf "$SEED/.codeiq"
 # Truncate timings file so re-runs don't append stale entries.
 : > "$OUT/timings.txt"
 

sonar-project.properties

@@ -1,4 +1,4 @@
-sonar.projectKey=RandomCodeSpace_code-iq
+sonar.projectKey=RandomCodeSpace_codeiq
 sonar.organization=randomcodespace
 sonar.sources=src/main/java
 sonar.tests=src/test/java

spotbugs-exclude.xml

@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--
-  SpotBugs exclude filter for code-iq.
+  SpotBugs exclude filter for codeiq.
 
   Philosophy: fail CI on real bugs, not on stylistic or generated-code noise.
   Each entry MUST have a rationale comment. If a rule here ever catches a

src/main/frontend/package.json

@@ -1,5 +1,5 @@
 {
-  "name": "osscodeiq-ui",
+  "name": "codeiq-ui",
   "private": true,
   "version": "0.2.0",
   "type": "module",

src/main/frontend/playwright.config.ts

@@ -2,15 +2,15 @@
 import { defineConfig, devices } from '@playwright/test';
 
 /**
- * Playwright E2E test configuration for Code IQ UI Redesign (Phase 7).
+ * Playwright E2E test configuration for codeiq UI Redesign (Phase 7).
  *
  * Prerequisites:
  *   - A pre-built CLI jar under ../../../target/code-iq-*-cli.jar
  *     (run `mvn -DskipTests package` from the repo root if missing).
  *   - A pre-populated fixture at <repo-root>/.seeds/spring-petclinic
- *     with .code-iq/cache + .code-iq/graph populated by
+ *     with .codeiq/cache + .codeiq/graph populated by
  *     `./scripts/baseline/run-pipeline.sh spring-petclinic`. The webServer
- *     block below boots `code-iq serve` against this fixture automatically.
+ *     block below boots `codeiq serve` against this fixture automatically.
  *   - Set `BASE_URL` / `E2E_FIXTURE` to override defaults when running against
  *     a different backend or fixture.
  *
@@ -28,7 +28,7 @@ export default defineConfig({
   workers: process.env.CI ? 1 : undefined,
   reporter: [['html', { outputFolder: 'playwright-report' }], ['line']],
 
-  // Boot the real code-iq backend against a pre-enriched fixture before any
+  // Boot the real codeiq backend against a pre-enriched fixture before any
   // spec runs. Skipped if BASE_URL points elsewhere (developer has their own
   // backend) or if a server is already listening on the target port locally.
   webServer: process.env.BASE_URL ? undefined : {