rails_vitals 0.2.0

data/lib/rails_vitals/analyzers/sql_tokenizer.rb

@@ -0,0 +1,240 @@
+module RailsVitals
+  module Analyzers
+    class SqlTokenizer
+      TOKEN_DEFINITIONS = [
+        {
+          type:        :select_star,
+          pattern:     /\bSELECT\s+\*\b/i,
+          label:       "SELECT *",
+          color:       "#4299e1",
+          risk:        :warning,
+          explanation: "Fetches all columns from the table. In Rails this is the default " \
+                       "behavior of Model.all and most queries. Can be wasteful when you " \
+                       "only need specific attributes. Use .select(:id, :name) to fetch " \
+                       "only what you need, especially on wide tables."
+        },
+        {
+          type:        :select,
+          pattern:     /\bSELECT\b(?!\s+\*)/i,
+          label:       "SELECT",
+          color:       "#4299e1",
+          risk:        :healthy,
+          explanation: "Fetches specific columns. More efficient than SELECT * when your " \
+                       "table has many columns or large text/json fields you don't need."
+        },
+        {
+          type:        :count,
+          pattern:     /\bCOUNT\s*\(/i,
+          label:       "COUNT(*)",
+          color:       "#ed8936",
+          risk:        :warning,
+          explanation: "Counts rows matching the condition. When this appears in a loop " \
+                       "(N+1 pattern), Rails fires one COUNT query per record. The fix is " \
+                       "a counter cache column or loading the association and calling .size " \
+                       "which uses the already-loaded records instead of hitting the DB."
+        },
+        {
+          type:        :aggregation,
+          pattern:     /\b(SUM|AVG|MIN|MAX)\s*\(/i,
+          label:       "AGGREGATE",
+          color:       "#ed8936",
+          risk:        :warning,
+          explanation: "Aggregation function (SUM/AVG/MIN/MAX). Like COUNT, these are " \
+                       "dangerous in loops. Each call fires a separate query. Consider " \
+                       "loading the association once and using Ruby's .sum/.min/.max on " \
+                       "the already-loaded collection instead."
+        },
+        {
+          type:        :from,
+          pattern:     /\bFROM\s+"?(\w+)"?/i,
+          label:       "FROM",
+          color:       "#68d391",
+          risk:        :healthy,
+          explanation: "Identifies which table (and therefore which ActiveRecord model) " \
+                       "is being queried. In an N+1, you'll see the same FROM table " \
+                       "repeated many times, once per parent record."
+        },
+        {
+          type:        :where_fk,
+          pattern:     /\bWHERE\s+.*\w+_id\s*=/i,
+          label:       "WHERE fk =",
+          color:       "#fc8181",
+          risk:        :danger,
+          explanation: "WHERE condition on a foreign key with a single value. This is " \
+                       "the N+1 signature, loading one associated record at a time. " \
+                       "When you see this pattern repeated, it means Rails is fetching " \
+                       "records individually instead of in batch. The fix is includes() " \
+                       "which replaces this with a single WHERE fk IN (...) query."
+        },
+        {
+          type:        :where,
+          pattern:     /\bWHERE\b/i,
+          label:       "WHERE",
+          color:       "#f6ad55",
+          risk:        :neutral,
+          explanation: "Filters rows by condition. Efficient when the condition column " \
+                       "has an index. Slow when it doesn't. DB engine will scan every " \
+                       "row in the table (Sequential Scan). Check the EXPLAIN output to " \
+                       "verify an index is being used."
+        },
+        {
+          type:        :where_in,
+          pattern:     /\bIN\s*\(/i,
+          label:       "IN (...)",
+          color:       "#68d391",
+          risk:        :healthy,
+          explanation: "Batch lookup fetches multiple records in one query using a list " \
+                       "of values. This is what eager loading (includes/preload) generates " \
+                       "instead of repeated WHERE fk = ? queries. Seeing IN (...) means " \
+                       "your associations are being loaded efficiently."
+        },
+        {
+          type:        :inner_join,
+          pattern:     /\bINNER\s+JOIN\b/i,
+          label:       "INNER JOIN",
+          color:       "#9f7aea",
+          risk:        :neutral,
+          explanation: "Combines rows from two tables where the join condition matches. " \
+                       "In Rails this is what .joins() generates. Records without a " \
+                       "matching association are excluded from results. Note: .joins() " \
+                       "does NOT load the association, use .includes() if you need " \
+                       "to access associated data."
+        },
+        {
+          type:        :left_join,
+          pattern:     /\bLEFT\s+(OUTER\s+)?JOIN\b/i,
+          label:       "LEFT JOIN",
+          color:       "#9f7aea",
+          risk:        :neutral,
+          explanation: "Like INNER JOIN but keeps all rows from the left table even " \
+                       "when there's no matching row on the right. In Rails this is " \
+                       "what .eager_load() and .left_joins() generate. Use when you " \
+                       "need to include records that have no associated data."
+        },
+        {
+          type:        :order,
+          pattern:     /\bORDER\s+BY\b/i,
+          label:       "ORDER BY",
+          color:       "#76e4f7",
+          risk:        :warning,
+          explanation: "Sorts results by a column. Fast when sorting on an indexed " \
+                       "column. Slow when sorting on an unindexed column. DB engine " \
+                       "must sort all matching rows in memory. Default Rails scopes " \
+                       "often add ORDER BY created_at DESC, make sure created_at " \
+                       "has an index if your table is large."
+        },
+        {
+          type:        :limit,
+          pattern:     /\bLIMIT\s+\d+/i,
+          label:       "LIMIT",
+          color:       "#a0aec0",
+          risk:        :healthy,
+          explanation: "Restricts the number of rows returned. Always use LIMIT in " \
+                       "production feeds and lists, never load unbounded data. " \
+                       "Note: LIMIT with OFFSET becomes slower as OFFSET grows " \
+                       "because DB engine must scan and discard all preceding rows."
+        },
+        {
+          type:        :offset,
+          pattern:     /\bOFFSET\s+\d+/i,
+          label:       "OFFSET",
+          color:       "#fc8181",
+          risk:        :warning,
+          explanation: "Skips N rows before returning results. Common in pagination " \
+                       "(page 2, page 3...). The hidden cost: DB engine must read " \
+                       "and discard all rows before the offset, at page 100 with " \
+                       "20 per page, it scans 2,000 rows to return 20. Use " \
+                       "cursor-based pagination (WHERE id > last_id) for large datasets."
+        },
+        {
+          type:        :group_by,
+          pattern:     /\bGROUP\s+BY\b/i,
+          label:       "GROUP BY",
+          color:       "#76e4f7",
+          risk:        :neutral,
+          explanation: "Groups rows sharing a value and applies aggregate functions " \
+                       "per group. Common with COUNT, SUM, AVG. Used in Rails with " \
+                       ".group(:column). Consider a counter cache column if you're " \
+                       "grouping and counting frequently, it replaces a GROUP BY " \
+                       "query with a single column read."
+        }
+      ].freeze
+
+      COMPLEXITY_RULES = [
+        { tokens: [ :left_join, :inner_join ], points: 2 },
+        { tokens: [ :where_fk ],              points: 3 },
+        { tokens: [ :count, :aggregation ],   points: 2 },
+        { tokens: [ :offset ],                points: 2 },
+        { tokens: [ :group_by ],              points: 1 },
+        { tokens: [ :order ],                 points: 1 }
+      ].freeze
+
+      Result = Struct.new(:tokens, :complexity, :complexity_label,
+                          :risk, :repetition_count, :repetition_bar,
+                          keyword_init: true)
+
+      def self.tokenize(sql, all_queries: [])
+        matched = TOKEN_DEFINITIONS.select { |td| sql.match?(td[:pattern]) }
+
+        complexity = calculate_complexity(matched)
+        risk = highest_risk(matched)
+        repetition = calculate_repetition(sql, all_queries)
+
+        Result.new(
+          tokens:           matched,
+          complexity:       complexity,
+          complexity_label: complexity_label(complexity),
+          risk:             risk,
+          repetition_count: repetition,
+          repetition_bar:   repetition_bar(repetition, all_queries.size)
+        )
+      end
+
+      private
+
+      def self.calculate_complexity(matched_tokens)
+        types = matched_tokens.map { |t| t[:type] }
+        base = 1
+        COMPLEXITY_RULES.each do |rule|
+          base += rule[:points] if (rule[:tokens] & types).any?
+        end
+        base.clamp(1, 10)
+      end
+
+      def self.complexity_label(score)
+        case score
+        when 1..2 then { label: "Simple",   color: "#68d391" }
+        when 3..5 then { label: "Moderate", color: "#f6ad55" }
+        else           { label: "Complex",  color: "#fc8181" }
+        end
+      end
+
+      def self.highest_risk(matched_tokens)
+        risks = { healthy: 0, neutral: 1, warning: 2, danger: 3 }
+        matched_tokens.max_by { |t| risks[t[:risk]] || 0 }&.dig(:risk) || :healthy
+      end
+
+      def self.calculate_repetition(sql, all_queries)
+        return 0 if all_queries.empty?
+
+        normalized = normalize(sql)
+        all_queries.count { |q| normalize(q[:sql]) == normalized }
+      end
+
+      def self.repetition_bar(count, total)
+        return [] if count <= 1
+
+        filled = total > 0 ? ((count.to_f / total) * 20).ceil : 0
+        { count: count, filled: filled, empty: 20 - filled }
+      end
+
+      def self.normalize(sql)
+        sql.gsub(/\b\d+\b/, "?")
+           .gsub(/'[^']*'/, "?")
+           .gsub(/\s+/, " ")
+           .strip
+           .downcase
+      end
+    end
+  end
+end

data/lib/rails_vitals/collector.rb

@@ -0,0 +1,78 @@
+module RailsVitals
+  class Collector
+    attr_reader :queries, :callbacks, :controller, :action, :http_method,
+                :response_status, :duration_ms, :started_at
+
+    def initialize
+      @queries        = []
+      @callbacks      = []
+      @controller     = nil
+      @action         = nil
+      @http_method    = nil
+      @response_status = nil
+      @duration_ms    = nil
+      @started_at     = Time.now
+    end
+
+    # Called by the sql.active_record subscriber
+    def add_query(sql:, duration_ms:, source:)
+      @queries << {
+        sql:         sql,
+        duration_ms: duration_ms,
+        source:      source,
+        called_at:   Time.now
+      }
+    end
+
+    def add_callback(model:, kind:, duration_ms:)
+      @callbacks << {
+        model:       model,
+        kind:        kind,
+        duration_ms: duration_ms,
+        called_at:   Time.now
+      }
+    end
+
+    # Called by the process_action.action_controller subscriber
+    def finalize!(event)
+      @controller      = event.payload[:controller]
+      @action          = event.payload[:action]
+      @http_method     = event.payload[:method]
+      @response_status = event.payload[:status]
+      @duration_ms     = event.duration
+    end
+
+    def total_query_count
+      @queries.size
+    end
+
+    def total_db_time_ms
+      @queries.sum { |q| q[:duration_ms] }
+    end
+
+    def slowest_queries(limit = 5)
+      @queries.sort_by { |q| -q[:duration_ms] }.first(limit)
+    end
+
+    def total_callback_time_ms
+      @callbacks.sum { |c| c[:duration_ms] }
+    end
+
+    def callbacks_by_model
+      @callbacks.group_by { |c| c[:model] }
+    end
+
+    # Thread-local storage accessors
+    def self.current
+      Thread.current[:rails_vitals_collector]
+    end
+
+    def self.current=(collector)
+      Thread.current[:rails_vitals_collector] = collector
+    end
+
+    def self.reset!
+      Thread.current[:rails_vitals_collector] = nil
+    end
+  end
+end

data/lib/rails_vitals/configuration.rb

@@ -0,0 +1,27 @@
+module RailsVitals
+  class Configuration
+    attr_accessor :enabled,
+                  :store_size,
+                  :store_enabled,
+                  :auth,
+                  :basic_auth_username,
+                  :basic_auth_password,
+                  :query_warn_threshold,
+                  :query_critical_threshold,
+                  :db_time_warn_ms,
+                  :db_time_critical_ms
+
+    def initialize
+      @enabled                  = defined?(Rails) && !Rails.env.production?
+      @store_size               = 200
+      @store_enabled            = true
+      @auth                     = :none
+      @basic_auth_username      = nil
+      @basic_auth_password      = nil
+      @query_warn_threshold     = 10
+      @query_critical_threshold = 25
+      @db_time_warn_ms          = 100
+      @db_time_critical_ms      = 500
+    end
+  end
+end

data/lib/rails_vitals/engine.rb

@@ -0,0 +1,25 @@
+module RailsVitals
+  class Engine < ::Rails::Engine
+    isolate_namespace RailsVitals
+
+    initializer "rails_vitals.middleware" do |app|
+      if RailsVitals.config.enabled
+        app.middleware.use RailsVitals::Middleware::PanelInjector
+      end
+    end
+
+    initializer "rails_vitals.notifications" do
+      if RailsVitals.config.enabled
+        RailsVitals::Notifications::Subscriber.attach
+      end
+    end
+
+    config.to_prepare do
+      if RailsVitals.config.enabled
+        ActiveRecord::Base.prepend(
+          RailsVitals::Instrumentation::CallbackInstrumentation
+        )
+      end
+    end
+  end
+end

data/lib/rails_vitals/instrumentation/callback_instrumentation.rb

@@ -0,0 +1,30 @@
+module RailsVitals
+  module Instrumentation
+    module CallbackInstrumentation
+      TRACKED_CALLBACKS = %i[
+        validation save create update destroy commit rollback
+      ].freeze
+
+      def run_callbacks(kind, *args, &block)
+        collector = RailsVitals::Collector.current
+
+        unless collector && RailsVitals.config.enabled &&
+               TRACKED_CALLBACKS.include?(kind)
+          return super
+        end
+
+        start  = Process.clock_gettime(Process::CLOCK_MONOTONIC, :float_millisecond)
+        result = super
+        duration = Process.clock_gettime(Process::CLOCK_MONOTONIC, :float_millisecond) - start
+
+        collector.add_callback(
+          model:       self.class.name,
+          kind:        kind,
+          duration_ms: duration.round(2)
+        )
+
+        result
+      end
+    end
+  end
+end

data/lib/rails_vitals/middleware/panel_injector.rb

@@ -0,0 +1,75 @@
+module RailsVitals
+  module Middleware
+    class PanelInjector
+      def initialize(app)
+        @app = app
+      end
+
+      def call(env)
+        Thread.current[:rails_vitals_path] = env["PATH_INFO"]
+        RailsVitals::Collector.current = RailsVitals::Collector.new
+
+        status, headers, response = @app.call(env)
+
+        return [ status, headers, response ] unless injectable?(headers, env)
+
+        collector = RailsVitals::Collector.current
+        scorer = Scorers::CompositeScorer.new(collector)
+        record = RequestRecord.new(collector: collector, scorer: scorer)
+
+        RailsVitals.store.push(record) if RailsVitals.config.store_enabled
+
+        body = extract_body(response)
+        body = inject_panel(body, collector, scorer)
+
+        headers["Content-Length"] = body.bytesize.to_s
+
+        [ status, headers, [ body ] ]
+      ensure
+        Thread.current[:rails_vitals_own_request] = nil
+        RailsVitals::Collector.reset!
+      end
+
+      private
+
+      def injectable?(headers, env)
+        html_response?(headers) &&
+          !xhr_request?(env) &&
+          !turbo_frame_request?(env) &&
+          !rails_vitals_request?(env)
+      end
+
+      def html_response?(headers)
+        content_type = headers["Content-Type"] || ""
+        content_type.include?("text/html")
+      end
+
+      def xhr_request?(env)
+        env["HTTP_X_REQUESTED_WITH"] == "XMLHttpRequest"
+      end
+
+      def turbo_frame_request?(env)
+        env["HTTP_TURBO_FRAME"].present?
+      end
+
+      def rails_vitals_request?(env)
+        env["SCRIPT_NAME"].to_s.start_with?("/rails_vitals")
+      end
+
+      def extract_body(response)
+        body = ""
+        response.each { |chunk| body << chunk }
+        body
+      end
+
+      def inject_panel(body, collector, scorer)
+        return body unless body.include?("</body>")
+
+        Rails.logger.debug "RailsVitals PATH_INFO: #{Thread.current[:rails_vitals_path]}"
+
+        panel_html = RailsVitals::PanelRenderer.render(collector, scorer)
+        body.sub("</body>", "#{panel_html}</body>")
+      end
+    end
+  end
+end

data/lib/rails_vitals/notifications/subscriber.rb

@@ -0,0 +1,59 @@
+module RailsVitals
+  module Notifications
+    class Subscriber
+      def self.attach
+        attach_sql_subscriber
+        attach_action_controller_subscriber
+      end
+
+      private_class_method def self.attach_sql_subscriber
+        ActiveSupport::Notifications.subscribe("sql.active_record") do |event|
+          next unless RailsVitals.config.enabled
+          next if (collector = RailsVitals::Collector.current).nil?
+          next if internal_query?(event.payload[:sql])
+          next if rails_vitals_request?
+
+          collector.add_query(
+            sql:         event.payload[:sql],
+            duration_ms: event.duration,
+            source:      extract_source(event.payload[:binds])
+          )
+        end
+      end
+
+      private_class_method def self.attach_action_controller_subscriber
+        ActiveSupport::Notifications.subscribe("process_action.action_controller") do |event|
+          next unless RailsVitals.config.enabled
+          next if (collector = RailsVitals::Collector.current).nil?
+          next if event.payload[:controller].to_s.start_with?("RailsVitals::")
+
+          collector.finalize!(event)
+        end
+      end
+
+      # Skip Rails internal queries — schema lookups, explain, etc.
+      private_class_method def self.internal_query?(sql)
+        sql =~ /\A\s*(SCHEMA|EXPLAIN|PRAGMA|BEGIN|COMMIT|ROLLBACK|SAVEPOINT|RELEASE)/i ||
+        sql.include?("pg_class") ||
+        sql.include?("pg_attribute") ||
+        sql.include?("pg_type") ||
+        sql.include?("t.typname") ||
+        sql.include?("t.oid") ||
+        sql.include?("information_schema") ||
+        sql.include?("pg_namespace") ||
+        sql.include?("SHOW search_path") ||
+        sql.include?("SHOW max_identifier_length")
+      end
+
+      private_class_method def self.rails_vitals_request?
+        Thread.current[:rails_vitals_own_request]
+      end
+
+      private_class_method def self.extract_source(binds)
+        # binds is an array of ActiveRecord::Relation::QueryAttribute
+        # We just use it as a hook point for now — real caller detection comes later
+        nil
+      end
+    end
+  end
+end