rails-ai-context 0.14.0 → 0.15.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f5b745a3b7eec70c71340022f60a7fadacd80cae84f5d4586936b78633677f0e
-  data.tar.gz: 5619c0302827cb96ef33175264e83f36fa2f055925e6517316b379d24599fff7
+  metadata.gz: 840dab1aeabc3323d5aca5702d95e712f7a013f24d05327424674262eee46de9
+  data.tar.gz: 2eed45a1bc5e79b9806f691c9e88ca2ced55660d53b74f56d8f354963c9ee497
 SHA512:
-  metadata.gz: 810c890604f5d4b78d56e4580254279b3b741d15fd0dbe2419fbf661d2ee47dd70b678cf962aa65244e025e70633dcc5cceee30319c27edf60c04d2a6127ce39
-  data.tar.gz: 4f6ed5c100bcf1907b5c38ac9043669ab4c4d833a30c65613d25f0a125de1909f054da48ce3b3fd87f427e1f5e7ff6f8fb422cd812016ed57b85218d592c5f52
+  metadata.gz: ac390f1d5b6b148f33fdac979d98269695fed76bceaaaab6b18c0682819a271a8dfdbaaab00f6c35eaaa2a867f652bc46c8d3d88199c5cd3bd1a87e20a0b3320
+  data.tar.gz: 0eb688c270bf08ddb5b70fc3dfbcca19432de3c6922c8a0f784081d82c117458fc3e136a56a962ee3988a9263a1ae9d9eff48716e4321e57bbc92d533622b249

data/CHANGELOG.md

@@ -5,6 +5,65 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [0.15.0] - 2026-03-22
+
+### Security
+
+- **Sensitive file blocking** — `search_code` and `get_edit_context` now block access to `.env*`, `*.key`, `*.pem`, `config/master.key`, `config/credentials.yml.enc`. Configurable via `config.sensitive_patterns`.
+- **Credentials key names redacted** — Replaced `credentials_keys` (exposed names like `stripe_secret_key`) with `credentials_configured` boolean. No more information disclosure via JSON output or MCP resources.
+- **View content size cap** — `collect_all_view_content` capped at 5MB total / 500KB per file to prevent memory exhaustion.
+- **Schema file size limits** — 10MB limit on `schema.rb`/`structure.sql` parsing. Cached `schema.rb` reads to avoid re-reading per table.
+
+### Added
+
+- **Token optimization (~1,500-2,700 tokens/session saved)**:
+  - Filter framework filters (`verify_authenticity_token`, etc.) from controller output
+  - Filter framework/gem concerns (`Devise::*`, `Turbo::*`, `*::Generated*`) from models
+  - Combine duplicate PUT/PATCH routes into single `PATCH|PUT` entry
+  - Only show Nullable/Default columns when they have meaningful values
+  - Drop gem version numbers from default output
+  - Single HTML naming hint for Stimulus (not per-controller)
+  - Only show non-default middleware and initializers in config
+  - Group sibling controllers/routes with identical structure
+  - Compress repeated Tailwind classes in view full output
+  - Strip inline SVGs from view content
+  - Separate active vs lifecycle-only Stimulus controllers
+
+### Fixed
+
+- **Controller staleness** — Source-file parsing for actions/filters instead of Ruby reflection. Filesystem discovery for new controllers not yet loaded as classes.
+- **Schema `t.index` format** — Parse indexes inside `create_table` blocks (not just `add_index` outside).
+- **Stimulus nested values** — Brace-depth counting for single-line `{ active: { type: String, default: "overview" } }`.
+- **Stimulus phantom `type:Number`** — Exclude `type`/`default` as value names (JS keywords, not Stimulus values).
+- **Search context_lines** — Use `--field-context-separator=:` for ripgrep `-C` output compatibility.
+- **Schema defaults** — Supplement live DB nil defaults with values from `schema.rb`.
+- **Config missing data** — Added `queue_adapter` and `mailer` settings to config introspector and tool.
+- **View garbled fields** — Only extract from `@variable.field` patterns (not arbitrary method chains).
+- **View shared partials** — `controller:"shared"` now finds partials in `app/views/shared/`.
+- **View full detail** — Lists available controllers when no controller specified.
+- **Edit context hint** — "Also found" only shown for matches outside the context window.
+- **Model file structure** — Compressed to single-line format.
+- **Strong params body** — Action detail now shows the actual `permit(...)` call.
+- **AR-generated methods** — Filter `build_*`, `*_ids=`, etc. from model instance methods.
+
+## [0.14.0] - 2026-03-20
+
+### Fixed
+
+- **Schema 0 indexes** — Fixed composite index parsing in schema.rb (regex didn't match array syntax) and structure.sql (`.first` only took first column). Both single and composite indexes now extracted correctly.
+- **Stale routes after editing routes.rb** — Route introspector now calls `routes_reloader.execute_if_updated` to force Rails to reload routes before extraction.
+- **Config "not available"** — Added `:config` to `:standard` preset. Was `:full` only, so default users never saw config data.
+- **Stimulus values lost name** — Fixed parsing for both simple (`name: Type`) and complex (`name: { type: Type, default: val }`) formats. Now shows `max: Number (default: 3)`.
+- **Model concerns noise** — Filtered out internal Rails modules (ActiveRecord::, ActiveModel::, Kernel, JSON::, etc.) from concerns list.
+
+### Added
+
+- **Route helpers in standard detail** — `rails_get_routes(detail: "standard")` now includes route helper names alongside paths.
+- **`app_only` filter for routes** — `rails_get_routes(app_only: true)` (default) hides internal Rails routes (Active Storage, Action Mailbox, Conductor).
+- **Search context lines** — `rails_search_code(context_lines: 2)` adds surrounding lines to matches (passes `-C` to ripgrep).
+- **Stimulus dash/underscore normalization** — Both `weekly-chart` and `weekly_chart` work for controller lookup. Output shows HTML `data-controller` attribute.
+- **Model public method signatures** — `rails_get_model_details(model: "Cook")` shows method names with params from source, stopping at private boundary.
+
 ## [0.13.0] - 2026-03-20
 
 ### Added

data/README.md

@@ -147,8 +147,9 @@ your-rails-app/
 │   ├── CLAUDE.md                                         ≤150 lines (compact)
 │   └── .claude/rules/
 │       ├── rails-context.md                              app overview
-│       ├── rails-schema.md                               table listing
+│       ├── rails-schema.md                               table listing + column types
 │       ├── rails-models.md                               model listing
+│       ├── rails-ui-patterns.md                          CSS/Tailwind component patterns
 │       └── rails-mcp-tools.md                            full tool reference
 │
 ├── 🟢 Cursor
@@ -156,6 +157,7 @@ your-rails-app/
 │       ├── rails-project.mdc                             alwaysApply: true
 │       ├── rails-models.mdc                              globs: app/models/**
 │       ├── rails-controllers.mdc                         globs: app/controllers/**
+│       ├── rails-ui-patterns.mdc                         globs: app/views/**
 │       └── rails-mcp-tools.mdc                           alwaysApply: true
 │
 ├── ⚡ OpenCode
@@ -167,13 +169,16 @@ your-rails-app/
 │   ├── .windsurfrules                                    ≤5,800 chars (6K limit)
 │   └── .windsurf/rules/
 │       ├── rails-context.md                              project overview
+│       ├── rails-ui-patterns.md                          CSS component patterns
 │       └── rails-mcp-tools.md                            tool reference
 │
 ├── 🟠 GitHub Copilot
 │   ├── .github/copilot-instructions.md                   ≤500 lines (compact)
 │   └── .github/instructions/
+│       ├── rails-context.instructions.md                 applyTo: **/*
 │       ├── rails-models.instructions.md                  applyTo: app/models/**
 │       ├── rails-controllers.instructions.md             applyTo: app/controllers/**
+│       ├── rails-ui-patterns.instructions.md             applyTo: app/views/**
 │       └── rails-mcp-tools.instructions.md               applyTo: **/*
 │
 ├── 📋 .ai-context.json                                   full JSON (programmatic)

data/lib/rails_ai_context/configuration.rb

@@ -18,6 +18,9 @@ module RailsAiContext
     # Paths to exclude from code search
     attr_accessor :excluded_paths
 
+    # Sensitive file patterns blocked from search and read tools
+    attr_accessor :sensitive_patterns
+
     # Whether to auto-mount the MCP HTTP endpoint
     attr_accessor :auto_mount
 
@@ -62,6 +65,10 @@ module RailsAiContext
       @server_version      = RailsAiContext::VERSION
       @introspectors       = PRESETS[:standard].dup
       @excluded_paths      = %w[node_modules tmp log vendor .git]
+      @sensitive_patterns  = %w[
+        .env .env.* config/master.key config/credentials.yml.enc
+        config/credentials/*.yml.enc *.pem *.key
+      ]
       @auto_mount          = false
       @http_path           = "/mcp"
       @http_bind           = "127.0.0.1"

data/lib/rails_ai_context/introspectors/config_introspector.rb

@@ -16,11 +16,13 @@ module RailsAiContext
           cache_store: detect_cache_store,
           session_store: detect_session_store,
           timezone: app.config.time_zone.to_s,
+          queue_adapter: detect_queue_adapter,
+          mailer: detect_mailer_settings,
           middleware_stack: extract_middleware,
           initializers: extract_initializers,
-          credentials_keys: extract_credentials_keys,
+          credentials_configured: credentials_configured?,
           current_attributes: detect_current_attributes
-        }
+        }.compact
       rescue => e
         { error: e.message }
       end
@@ -46,6 +48,40 @@ module RailsAiContext
         app.config.session_store&.name rescue "unknown"
       end
 
+      def detect_queue_adapter
+        adapter = app.config.active_job.queue_adapter
+        case adapter
+        when Symbol then adapter.to_s
+        when Class then adapter.name
+        else adapter.to_s
+        end
+      rescue
+        "unknown"
+      end
+
+      def detect_mailer_settings
+        mailer_config = app.config.action_mailer
+        settings = {}
+
+        if mailer_config.respond_to?(:delivery_method) && mailer_config.delivery_method
+          settings[:delivery_method] = mailer_config.delivery_method.to_s
+        end
+
+        if mailer_config.respond_to?(:default_options) && mailer_config.default_options.is_a?(Hash)
+          from = mailer_config.default_options[:from]
+          settings[:default_from] = from if from
+        end
+
+        if mailer_config.respond_to?(:default_url_options) && mailer_config.default_url_options.is_a?(Hash)
+          host = mailer_config.default_url_options[:host]
+          settings[:default_url_host] = host if host
+        end
+
+        settings.empty? ? nil : settings
+      rescue
+        nil
+      end
+
       def extract_middleware
         app.middleware.map { |m| m.name || m.klass.to_s }.uniq
       rescue
@@ -59,12 +95,13 @@ module RailsAiContext
         Dir.glob(File.join(dir, "*.rb")).map { |f| File.basename(f) }.sort
       end
 
-      def extract_credentials_keys
+      # Returns whether credentials are configured (boolean).
+      # Does NOT expose key names — those could reveal integrated services.
+      def credentials_configured?
         creds = app.credentials
-        return [] unless creds.respond_to?(:config)
-        creds.config.keys.map(&:to_s).sort
+        creds.respond_to?(:config) && creds.config.keys.any?
       rescue
-        []
+        false
       end
 
       def detect_current_attributes

data/lib/rails_ai_context/introspectors/controller_introspector.rb

@@ -4,9 +4,18 @@ module RailsAiContext
   module Introspectors
     # Discovers controllers and extracts filters, strong params,
     # respond_to formats, concerns, actions, and API detection.
+    # Uses source-file parsing (not just Ruby reflection) so that
+    # changes made mid-session are always visible.
     class ControllerIntrospector
       attr_reader :app
 
+      # Framework filters inherited from ActionController::Base — suppress to reduce noise
+      FRAMEWORK_FILTERS = %w[
+        verify_authenticity_token verify_same_origin_request
+        turbo_tracking_request_id handle_unverified_request
+        mark_for_same_origin_verification
+      ].freeze
+
       def initialize(app)
         @app = app
       end
@@ -21,6 +30,12 @@ module RailsAiContext
           hash[ctrl.name] = { error: e.message }
         end
 
+        # Discover controllers from filesystem that may not be loaded as classes
+        discover_from_filesystem.each do |name, path|
+          next if result.key?(name)
+          result[name] = extract_details_from_source(path)
+        end
+
         { controllers: result }
       rescue => e
         { error: e.message }
@@ -29,7 +44,16 @@ module RailsAiContext
       private
 
       def eager_load_controllers!
-        Rails.application.eager_load! unless Rails.application.config.eager_load
+        return if Rails.application.config.eager_load
+
+        # Use targeted eager_load_dir to pick up newly created controller files
+        controllers_path = File.join(app.root, "app", "controllers")
+        if defined?(Zeitwerk) && Dir.exist?(controllers_path) &&
+           Rails.autoloaders.respond_to?(:main) && Rails.autoloaders.main.respond_to?(:eager_load_dir)
+          Rails.autoloaders.main.eager_load_dir(controllers_path)
+        else
+          Rails.application.eager_load!
+        end
       rescue
         nil
       end
@@ -46,14 +70,45 @@ module RailsAiContext
         end.uniq.sort_by(&:name)
       end
 
+      # Scan filesystem for controller files not yet loaded as classes
+      def discover_from_filesystem
+        controllers_dir = File.join(app.root, "app", "controllers")
+        return {} unless Dir.exist?(controllers_dir)
+
+        Dir.glob(File.join(controllers_dir, "**/*_controller.rb")).each_with_object({}) do |path, hash|
+          relative = path.sub("#{controllers_dir}/", "")
+          class_name = relative.sub(/\.rb\z/, "").split("/").map(&:camelize).join("::")
+          next if class_name == "ApplicationController"
+          next if class_name.start_with?("Rails::", "ActionMailbox::", "ActiveStorage::")
+          hash[class_name] = path
+        end
+      end
+
+      # Extract details purely from source file (for controllers not loaded as classes)
+      def extract_details_from_source(path)
+        source = File.read(path)
+        parent = source.match(/class\s+\S+\s*<\s*(\S+)/)&.send(:[], 1) || "Unknown"
+        {
+          parent_class: parent,
+          api_controller: parent.include?("API"),
+          actions: extract_actions_from_source(source),
+          filters: extract_filters_from_source(source),
+          concerns: extract_concerns_from_source(source),
+          strong_params: extract_strong_params(source),
+          respond_to_formats: extract_respond_to(source)
+        }.compact
+      rescue => e
+        { error: e.message }
+      end
+
       def extract_controller_details(ctrl)
         source = read_source(ctrl)
 
         {
           parent_class: ctrl.superclass.name,
           api_controller: api_controller?(ctrl),
-          actions: extract_actions(ctrl),
-          filters: extract_filters(ctrl),
+          actions: extract_actions(ctrl, source),
+          filters: extract_filters(ctrl, source),
           concerns: extract_concerns(ctrl),
           strong_params: extract_strong_params(source),
           respond_to_formats: extract_respond_to(source)
@@ -65,17 +120,51 @@ module RailsAiContext
         false
       end
 
-      def extract_actions(ctrl)
+      # Prefer source-based parsing for actions — always reflects current file state.
+      # Falls back to reflection for controllers without readable source files.
+      def extract_actions(ctrl, source = nil)
+        if source
+          actions = extract_actions_from_source(source)
+          return actions if actions.any?
+        end
         ctrl.action_methods.to_a.sort
       rescue
         []
       end
 
-      def extract_filters(ctrl)
+      def extract_actions_from_source(source)
+        in_private = false
+        actions = []
+
+        source.each_line do |line|
+          if line.match?(/\A\s*(private|protected)\s*$/)
+            in_private = true
+          elsif line.match?(/\A\s*public\s*$/)
+            in_private = false
+          end
+
+          next if in_private
+
+          if (match = line.match(/\A\s*def\s+(\w+[?!]?)/))
+            actions << match[1] unless match[1].start_with?("_")
+          end
+        end
+
+        actions.sort
+      end
+
+      # Prefer source-based parsing for filters — always reflects current file state.
+      # Falls back to reflection for controllers without readable source files.
+      def extract_filters(ctrl, source = nil)
+        if source
+          filters = extract_filters_from_source(source)
+          return filters if filters.any?
+        end
         return [] unless ctrl.respond_to?(:_process_action_callbacks)
 
         ctrl._process_action_callbacks.filter_map do |cb|
           next if cb.filter.is_a?(Proc) || cb.filter.to_s.start_with?("_")
+          next if FRAMEWORK_FILTERS.include?(cb.filter.to_s)
 
           filter = { name: cb.filter.to_s, kind: cb.kind.to_s }
           filter[:only] = cb.instance_variable_get(:@if)&.filter_map { |c| extract_action_condition(c) }&.flatten
@@ -88,6 +177,46 @@ module RailsAiContext
         []
       end
 
+      def extract_filters_from_source(source)
+        filters = []
+        source.each_line do |line|
+          next unless (match = line.match(
+            /\A\s*(before_action|after_action|around_action|prepend_before_action|append_before_action)\s+:(\w+[?!]?)/
+          ))
+
+          kind = match[1].sub(/_action\z/, "").sub(/\A(?:prepend|append)_/, "")
+          filter = { name: match[2], kind: kind }
+
+          only = parse_action_constraint(line, "only")
+          except = parse_action_constraint(line, "except")
+          filter[:only] = only if only&.any?
+          filter[:except] = except if except&.any?
+          filters << filter
+        end
+        filters
+      end
+
+      def parse_action_constraint(line, key)
+        return nil unless line.include?("#{key}:")
+
+        # %i[...] or %w[...] format
+        if (match = line.match(/#{key}:\s*%[iwIW]\[([^\]]+)\]/))
+          return match[1].split(/\s+/)
+        end
+
+        # [...] format with symbols
+        if (match = line.match(/#{key}:\s*\[([^\]]+)\]/))
+          return match[1].scan(/:(\w+[?!]?)/).flatten
+        end
+
+        # Single symbol format
+        if (match = line.match(/#{key}:\s*:(\w+[?!]?)/))
+          return [ match[1] ]
+        end
+
+        nil
+      end
+
       def extract_action_condition(condition)
         return nil unless condition.is_a?(String) || condition.respond_to?(:to_s)
         match = condition.to_s.match(/action_name\s*==\s*['"](\w+)['"]/)
@@ -104,6 +233,10 @@ module RailsAiContext
         []
       end
 
+      def extract_concerns_from_source(source)
+        source.scan(/^\s*include\s+(\w+(?:::\w+)*)/).flatten
+      end
+
       def extract_strong_params(source)
         return [] if source.nil?
 

data/lib/rails_ai_context/introspectors/model_introspector.rb

@@ -29,7 +29,16 @@ module RailsAiContext
       private
 
       def eager_load_models!
-        Rails.application.eager_load! unless Rails.application.config.eager_load
+        return if Rails.application.config.eager_load
+
+        # Use targeted eager_load_dir to pick up newly created model files
+        models_path = File.join(app.root, "app", "models")
+        if defined?(Zeitwerk) && Dir.exist?(models_path) &&
+           Rails.autoloaders.respond_to?(:main) && Rails.autoloaders.main.respond_to?(:eager_load_dir)
+          Rails.autoloaders.main.eager_load_dir(models_path)
+        else
+          Rails.application.eager_load!
+        end
       rescue
         # In some environments (CI, Claude Code) eager_load may partially fail
         nil
@@ -140,11 +149,20 @@ module RailsAiContext
       def extract_concerns(model)
         model.ancestors
           .select { |mod| mod.is_a?(Module) && !mod.is_a?(Class) }
-          .reject { |mod| mod.name&.start_with?("ActiveRecord", "ActiveModel", "ActiveSupport") }
+          .reject { |mod| framework_concern?(mod.name) }
           .map(&:name)
           .compact
       end
 
+      def framework_concern?(name)
+        return true if name.nil?
+        return true if name.include?("::Generated")
+        return true if name.match?(/\A(ActiveRecord|ActiveModel|ActiveSupport|ActionText|ActionMailbox|ActiveStorage|ActionDispatch|ActionController|ActionView|AbstractController)/)
+        return true if name.match?(/\A(Devise::Models|Devise::Orm|Bullet::|Turbo::|GlobalID::|Rolify::)/)
+        return true if %w[Kernel JSON PP Marshal MessagePack].include?(name)
+        false
+      end
+
       def extract_public_class_methods(model)
         (model.methods - ActiveRecord::Base.methods - Object.methods)
           .reject { |m| m.to_s.start_with?("_", "autosave") }
@@ -154,13 +172,36 @@ module RailsAiContext
       end
 
       def extract_public_instance_methods(model)
+        generated = generated_association_methods(model)
+
         (model.instance_methods - ActiveRecord::Base.instance_methods - Object.instance_methods)
-          .reject { |m| m.to_s.start_with?("_", "autosave", "validate_associated") }
+          .reject { |m|
+            ms = m.to_s
+            ms.start_with?("_", "autosave", "validate_associated") || generated.include?(ms)
+          }
           .sort
           .first(30)
           .map(&:to_s)
       end
 
+      # Build list of AR-generated association helper method names to exclude
+      def generated_association_methods(model)
+        methods = []
+        model.reflect_on_all_associations.each do |assoc|
+          name = assoc.name.to_s
+          singular = name.singularize
+          methods.concat(%W[
+            build_#{name} create_#{name} create_#{name}!
+            reload_#{name} reset_#{name}
+            #{name}_changed? #{name}_previously_changed?
+            #{singular}_ids #{singular}_ids=
+          ])
+        end
+        methods
+      rescue
+        []
+      end
+
       def extract_source_macros(model)
         path = model_source_path(model)
         return {} unless path && File.exist?(path)

data/lib/rails_ai_context/introspectors/schema_introspector.rb

@@ -57,8 +57,10 @@ module RailsAiContext
       end
 
       def extract_columns(table)
+        schema_defaults = parse_schema_defaults_for_table(table)
+
         connection.columns(table).map do |col|
-          {
+          entry = {
             name: col.name,
             type: col.type.to_s,
             null: col.null,
@@ -67,7 +69,12 @@ module RailsAiContext
             precision: col.precision,
             scale: col.scale,
             comment: col.comment
-          }.compact
+          }
+          # Supplement with schema.rb default when live DB returns nil
+          if entry[:default].nil? && schema_defaults[col.name]
+            entry[:default] = schema_defaults[col.name]
+          end
+          entry.compact
         end
       end
 
@@ -97,6 +104,36 @@ module RailsAiContext
         [] # Some adapters don't support foreign_keys
       end
 
+      # Parse default values from schema.rb for a specific table.
+      # Used to supplement live DB column data when the adapter returns nil defaults.
+      # Caches the schema.rb content to avoid re-reading once per table.
+      def parse_schema_defaults_for_table(table)
+        return {} unless File.exist?(schema_file_path)
+
+        @schema_rb_content ||= File.read(schema_file_path)
+        defaults = {}
+        in_table = false
+
+        @schema_rb_content.each_line do |line|
+          if line.match?(/create_table\s+"#{Regexp.escape(table)}"/)
+            in_table = true
+          elsif in_table && line.match?(/\A\s*end\b/)
+            break
+          elsif in_table
+            # Match column with a simple default value (skip proc defaults like -> { })
+            if (match = line.match(/t\.\w+\s+"(\w+)".*,\s*default:\s*("[^"]*"|\d+(?:\.\d+)?|true|false)/))
+              col_name = match[1]
+              raw = match[2]
+              defaults[col_name] = raw.start_with?('"') ? raw[1..-2] : raw
+            end
+          end
+        end
+
+        defaults
+      rescue
+        {}
+      end
+
       def current_schema_version
         if File.exist?(schema_file_path)
           content = File.read(schema_file_path)
@@ -113,6 +150,8 @@ module RailsAiContext
         File.join(app.root, "db", "structure.sql")
       end
 
+      MAX_SCHEMA_FILE_SIZE = 10_000_000 # 10MB safety limit for schema files
+
       # Fallback: parse schema file as text when DB isn't connected.
       # Tries db/schema.rb first, then db/structure.sql.
       # This enables introspection in CI, Claude Code, etc.
@@ -127,6 +166,7 @@ module RailsAiContext
       end
 
       def parse_schema_rb(path)
+        return { error: "schema.rb too large (#{File.size(path)} bytes)" } if File.size(path) > MAX_SCHEMA_FILE_SIZE
         content = File.read(path)
         tables = {}
         current_table = nil
@@ -138,6 +178,11 @@ module RailsAiContext
             tables[current_table] = { columns: [], indexes: [], foreign_keys: [] }
           elsif current_table && (match = line.match(/t\.(\w+)\s+"(\w+)"/))
             tables[current_table][:columns] << { name: match[2], type: match[1] }
+          elsif current_table && (match = line.match(/t\.index\s+\[([^\]]*)\]/))
+            cols = match[1].scan(/["'](\w+)["']/).flatten
+            unique = line.include?("unique: true")
+            idx_name = line.match(/name:\s*["']([^"']+)["']/)&.send(:[], 1)
+            tables[current_table][:indexes] << { name: idx_name, columns: cols, unique: unique }.compact if cols.any?
           elsif (match = line.match(/add_index\s+"(\w+)",\s+(.+)/))
             table_name = match[1]
             rest = match[2]
@@ -157,6 +202,7 @@ module RailsAiContext
       end
 
       def parse_structure_sql(path) # rubocop:disable Metrics/MethodLength
+        return { error: "structure.sql too large (#{File.size(path)} bytes)" } if File.size(path) > MAX_SCHEMA_FILE_SIZE
         content = File.read(path)
         tables = {}
 

data/lib/rails_ai_context/introspectors/stimulus_introspector.rb

@@ -52,10 +52,26 @@ module RailsAiContext
       end
 
       def extract_values(content)
-        match = content.match(/static\s+values\s*=\s*\{(.*?)\}/m)
-        return {} unless match
+        start_match = content.match(/static\s+values\s*=\s*\{/)
+        return {} unless start_match
+
+        # Use brace-depth counting to find the matching closing brace,
+        # handling nested objects like { active: { type: String, default: "overview" } }
+        start_pos = start_match.end(0)
+        depth = 1
+        pos = start_pos
+
+        while pos < content.length && depth > 0
+          case content[pos]
+          when "{" then depth += 1
+          when "}" then depth -= 1
+          end
+          pos += 1
+        end
+
+        return {} if depth != 0
 
-        body = match[1]
+        body = content[start_pos...pos - 1]
         values = {}
 
         # Handle complex format: name: { type: Type, default: val }
@@ -66,7 +82,10 @@ module RailsAiContext
         end
 
         # Handle simple format: name: Type (single line or multi-line)
+        # Skip 'type' and 'default' — they are keywords inside complex value definitions,
+        # not actual Stimulus value names
         body.scan(/(\w+)\s*:\s*([A-Z]\w+)/).each do |name, type|
+          next if %w[type default].include?(name)
           values[name] ||= type
         end