feat: one-click web multi-CSV analysis + CLI/desktop integrations

[rad1092]

Motivation

• Move the web dashboard beyond JSON-paste mode by providing a one-click multi-CSV analysis flow that accepts multiple uploaded CSVs and runs the integrated multi-file analyzer server-side.
• Provide deterministic per-request behavior by disabling cache for web-triggered multi-analysis and make --no-cache behavior testable from the CLI.
• Add basic desktop launcher and environment diagnostics to improve local UX and document realistic progress in README.

Description

• Added a new web API POST /api/multi-analyze that writes uploaded CSV texts to a temporary directory and calls analyze_multiple_csv(..., use_cache=False) (file: bitnet_tools/web.py).
• Implemented one-click web UI changes to accept multiple CSV files, optional group_column/target_column inputs, a run button that calls /api/multi-analyze, and automatic dashboard JSON population and rendering (files: bitnet_tools/ui/index.html, bitnet_tools/ui/app.js, bitnet_tools/ui/styles.css).
• Introduced a comprehensive multi-file analysis module with streaming profiling, caching helpers, schema drift detection, insights, JSON/report builders and pandas example guidance (file: bitnet_tools/multi_csv.py).
• Added visualization helpers to generate charts per-file (bitnet_tools/visualize.py) and hooked optional chart generation into CLI multi-analyze with error fallback.
• Extended CLI (bitnet_tools/cli.py) with multi-analyze, report, desktop, and doctor subcommands, --no-cache flag passthrough, chart output support, and markdown report generation using new helpers (build_multi_csv_markdown, build_markdown_report).
• Improved analysis.py streaming summarizer to avoid loading all rows into memory and added build_markdown_report for single-file reports.
• Added a Windows desktop launcher GUI (bitnet_tools/desktop.py, bitnet_desktop.pyw) and an environment diagnostic helper (bitnet_tools/doctor.py).
• Updated README.md to recalibrate the reported completion from ~98% to ~92%, documented the new web/desktop flows, and added a console script entry bitnet-desktop in pyproject.toml.
• Added and updated automated tests to cover the new CLI modes and multi-file analysis behaviors (files: tests/test_analysis.py, tests/test_cli.py).

Testing

• Ran unit/integration tests with pytest -q and all tests passed: 19 passed.
• Exercised the web UI by launching the local server and running an automated Playwright script that rendered the dashboard and produced screenshot artifacts, which completed successfully.

---

Codex Task

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: ed41be031c

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Restrict upload paths to the temporary directory

/api/multi-analyze trusts the client-provided name and writes directly to Path(td) / name, so a crafted filename like ../../tmp/pwn.csv or an absolute path escapes the temp dir and allows overwriting arbitrary writable files on the host before analysis runs. This is a server-side file write primitive reachable by any caller of the endpoint; sanitize to a basename (or generate server-side names) and verify the resolved path stays under td before calling write_text.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Ensure each uploaded CSV gets a unique temp filename

This code reuses the incoming name as the on-disk filename, so if two uploaded entries share a basename (for example two different data.csv files), the later write overwrites the earlier one and both analysis slots end up reading the same content. The request still succeeds, but the multi-file comparison is silently corrupted; append an index/UUID to each temp filename to preserve one file per upload item.

Useful? React with 👍 / 👎.