Copy/paste detector for programming source code. Supports 224+ formats. AI-ready with MCP server and token-efficient reporter. Now with a Rust-powered engine — 24-37x faster.

jscpd implements the Rabin-Karp algorithm to find duplicated code blocks across files.

# Install (all platforms — installs both jscpd and cpd commands)
curl -fsSL https://jscpd.dev/install.sh | bash

# TypeScript engine (Node.js, v4.x)
npm install -g jscpd@4
jscpd /path/to/code
# or use without installing
npx jscpd@4 /path/to/code

# Rust engine (v5.x, 24-37x faster) — both jscpd and cpd commands
npm install -g jscpd@5
jscpd /path/to/code
cpd /path/to/code

# Rust engine — cpd command only
npm install -g cpd
cpd /path/to/code

# Rust-native install (exposes both jscpd and cpd)
cargo install jscpd

jscpd@5 installs both jscpd and cpd commands. The cpd npm package installs only the cpd command. Both contain the same Rust binary.

jscpd v5 is a ground-up Rust rewrite that ships as jscpd@5 (installs both jscpd and cpd commands) or cpd (installs the cpd command only). Self-contained binary — no Node.js runtime required.

Same interface, 24-37x faster:

• All CLI options from v4 are preserved — drop-in replacement: jscpd → jscpd@5
• Same .jscpd.json config file, same detection algorithm, same reporters
• 223 language formats with cross-format detection (Vue SFC, Svelte, Astro, Markdown)

New in v5:

• 24-37x faster detection on real projects (see benchmark)
  • Small codebases (548 files): 34x faster
  • Medium codebases (9K files): 37x faster
  • Large codebases (17K files, 900 MB): 24x faster
• Git blame with side-by-side author comparison (--blame --reporters console-full) — uses gitoxide instead of shelling out to git, making blame significantly faster
• --workers — control parallelism for file tokenization and detection (default: auto, uses all CPU cores; not available in v4)
• 13 reporters: console, console-full, json, xml, csv, html, markdown, badge, sarif, ai, xcode, threshold, silent
• AI reporter — token-efficient output for LLM pipelines (~79% fewer tokens than console)
• Self-contained binary — prebuilt for 6 platforms (macOS arm64/x64, Linux arm64/x64, Windows x64)

Not yet in v5 (use v4 for these):

• LevelDB/Redis stores (--store leveldb)
• Node.js programming API (jscpd(), detectClones())

See Rust docs for the full CLI reference and differences from v4.

• Custom tokenizer backend — replaced prismjs with own backend built on reprism. ~11.5% faster tokenization on real projects
• Cross-format detection — Vue SFC, Svelte, Astro, and Markdown tokenized per-block, enabling detection across file types
• New formats: Apex, CFML/ColdFusion, GDScript, and 70+ additional formats (224 total, up from 152)
• Shebang detection — auto-detect language for extensionless scripts
• --store-path — configure LevelDB cache directory for parallel runs
• --skipComments — shorthand for --mode weak
• --formats-names — map filenames (e.g. Makefile, Dockerfile) to formats
• --noTips — suppress tip output in CI
• Bug fixes: entire-file duplicates silently dropped (#728), ReDoS on Lisp/Elisp files (#737), process crash on malformed package.json (#739), Vue SFC cross-file detection (#737), Vue SFC column numbers (#737), 50 dependency security vulnerabilities

See TypeScript docs for the full CLI reference.

• GitHub Super Linter — official GitHub linter aggregator, bundles jscpd as its copy/paste detector
• Codacy — automated code analysis platform, jscpd powers the duplication engine
• MegaLinter — 100% open-source linter aggregator for CI, integrates jscpd
• OpenClaw — personal AI assistant for self-hosted devices
• Natural — NLP library for Node.js, uses jscpd for code quality
• Nixpkgs — 140K+ package repo for NixOS, packages jscpd

Benchmarked on macOS (Apple Silicon), 10 runs per target (3 for CopilotKit). v4 ran with --no-gitignore -i "node_modules" to ensure comparable file scanning.

See performance-comparison.md for full methodology and raw data.

jscpd integrates into AI-powered workflows through three mechanisms:

Token-efficient output for LLM pipelines (~79% fewer tokens than the default console reporter):

jscpd --reporters ai /path/to/source   # v4
cpd --reporters ai /path/to/source      # v5

Two installable skills that teach AI coding assistants how to use jscpd and refactor detected duplications:

After installation, ask your agent to "find and fix code duplication" and it will invoke jscpd with the right options and act on the results.

See AI-Ready docs for full details.

1. Fork the repo kucherenko/jscpd
2. Clone forked version (git clone https://github.com/{your-id}/jscpd)
3. Install dependencies (pnpm install)
4. Run in dev mode: pnpm dev
5. Add your changes
6. Add tests and check: pnpm test
7. Build: pnpm build
8. Create PR

Thank you to all our backers! 🙏 [Become a backer]

Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [Become a sponsor]

MIT © Andrey Kucherenko