npm - @datasynx/agentic-ai-cartography - Versions diffs - 2.5.0 → 2.7.0 - Mend

@datasynx/agentic-ai-cartography 2.5.0 → 2.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (21) hide show

package/dist/api-bin.js +2 -2
package/dist/{chunk-RYQ4KQCK.js → chunk-HLWNO3RF.js} +70 -6
package/dist/chunk-HLWNO3RF.js.map +1 -0
package/dist/{chunk-NQXZUWOI.js → chunk-TBPGFEMQ.js} +91 -3
package/dist/chunk-TBPGFEMQ.js.map +1 -0
package/dist/{chunk-GA4427LB.js → chunk-YVV6NIT2.js} +11 -1
package/dist/chunk-YVV6NIT2.js.map +1 -0
package/dist/cli.js +28 -29
package/dist/cli.js.map +1 -1
package/dist/index.cjs +171 -37
package/dist/index.cjs.map +1 -1
package/dist/index.d.cts +100 -3
package/dist/index.d.ts +100 -3
package/dist/index.js +166 -37
package/dist/index.js.map +1 -1
package/dist/mcp-bin.js +2 -2
package/package.json +1 -1
package/server.json +2 -2
package/dist/chunk-GA4427LB.js.map +0 -1
package/dist/chunk-NQXZUWOI.js.map +0 -1
package/dist/chunk-RYQ4KQCK.js.map +0 -1

package/dist/index.cjs CHANGED Viewed

@@ -45,6 +45,7 @@ __export(src_exports, {
   CredentialConfigSchema: () => CredentialConfigSchema,
   CsvCostSource: () => CsvCostSource,
   DEFAULT_ANOMALY_THRESHOLDS: () => DEFAULT_ANOMALY_THRESHOLDS,
+  DEFAULT_INGEST_QUOTA: () => DEFAULT_INGEST_QUOTA,
   DEFAULT_SERVER_NAME: () => DEFAULT_SERVER_NAME,
   DEFAULT_TENANT: () => DEFAULT_TENANT,
   DriftConfigSchema: () => DriftConfigSchema,
@@ -66,10 +67,12 @@ __export(src_exports, {
   ProviderRegistry: () => ProviderRegistry,
   RELATION_TO_DIRECTION: () => RELATION_TO_DIRECTION,
   ROLES: () => ROLES,
+  RateLimiter: () => RateLimiter,
   RoleSchema: () => RoleSchema,
   RuleCheckSchema: () => RuleCheckSchema,
   RulesetSchema: () => RulesetSchema,
   SCAN_ARG_PATTERNS: () => SCAN_ARG_PATTERNS,
+  SCHEMA_VERSION: () => SCHEMA_VERSION,
   SDL: () => SDL,
   SEVERITY_WEIGHT: () => SEVERITY_WEIGHT,
   SHARING_LEVELS: () => SHARING_LEVELS,
@@ -149,6 +152,7 @@ __export(src_exports, {
   diffTopology: () => diffTopology,
   edgesToConnections: () => edgesToConnections,
   enrichCosts: () => enrichCosts,
+  entitiesToYaml: () => entitiesToYaml,
   evaluateCheck: () => evaluateCheck,
   evaluateRule: () => evaluateRule,
   evidenceLine: () => evidenceLine,
@@ -278,6 +282,7 @@ __export(src_exports, {
   startApi: () => startApi,
   stripSensitive: () => stripSensitive,
   timingSafeEqual: () => timingSafeEqual,
+  toBackstageEntities: () => toBackstageEntities,
   validateScanner: () => validateScanner,
   vscodeDeeplink: () => vscodeDeeplink,
   zodToJsonSchema: () => zodToJsonSchema
@@ -2848,6 +2853,7 @@ function newAnomalies(base, current) {
 // src/db.ts
 var DEFAULT_TENANT = "local";
+var SCHEMA_VERSION = 15;
 function normalizeTenant(raw) {
   if (raw == null) return DEFAULT_TENANT;
   const cleaned = sanitizeUntrusted(String(raw)).trim().slice(0, 128);
@@ -4252,6 +4258,14 @@ var CartographyDB = class {
     }
     return rows.length;
   }
+  /**
+   * Retention/compaction (4.7): delete audit events older than `olderThan` (ISO 8601).
+   * The audit trail grows unbounded on a busy collector; this bounds it without touching
+   * sessions/nodes/edges. Returns the number of events removed.
+   */
+  pruneEventsOlderThan(olderThan) {
+    return this.db.prepare("DELETE FROM activity_events WHERE timestamp < ?").run(olderThan).changes;
+  }
   // ── Graph queries (read-only context layer) ─────────────────────────────────
   /** Fetch a single node by id within a session. */
   getNode(sessionId, nodeId) {
@@ -4690,6 +4704,9 @@ var SqliteQueryBackend = class {
   node(ctx, id, sessionId) {
     return this.db.getNode(this.resolveSession(ctx, sessionId), id);
   }
+  edges(ctx, sessionId) {
+    return this.db.getEdges(this.resolveSession(ctx, sessionId));
+  }
   dependencies(ctx, id, q, sessionId) {
     const sid = this.resolveSession(ctx, sessionId);
     return this.db.getDependencies(sid, id, {
@@ -4940,7 +4957,7 @@ var ContributorSchema = import_zod5.z.object({
 });
 var IngestEnvelopeSchema = import_zod5.z.object({
   schemaVersion: import_zod5.z.literal(INGEST_SCHEMA_VERSION),
-  org: import_zod5.z.string().min(1).optional(),
+  org: import_zod5.z.string().min(1).max(128).optional(),
   items: import_zod5.z.array(import_zod5.z.object({
     contentHash: import_zod5.z.string(),
     kind: import_zod5.z.enum(["node", "edge"]),
@@ -5028,6 +5045,7 @@ function ingestEnvelope(store, envelope, opts = {}) {
 // src/central/server.ts
 function createIngestHandler(store, opts = {}) {
+  const quota = opts.quota;
   return (body) => {
     const parsed = IngestEnvelopeSchema.safeParse(body);
     if (!parsed.success) {
@@ -5035,6 +5053,14 @@ function createIngestHandler(store, opts = {}) {
       logWarn("ingest: rejected invalid envelope", { issues });
       return { status: 400, body: { error: "invalid envelope", issues } };
     }
+    if (quota) {
+      const org = normalizeTenant(parsed.data.org ?? opts.defaultOrg);
+      const decision = quota.take(org);
+      if (!decision.allowed) {
+        logWarn("ingest: rate limited", { org, retryAfterSec: decision.retryAfterSec });
+        return { status: 429, body: { error: "too many requests" }, headers: { "retry-after": String(decision.retryAfterSec) } };
+      }
+    }
     try {
       const result = ingestEnvelope(store, parsed.data, opts);
       return { status: 200, body: result };
@@ -5045,6 +5071,39 @@ function createIngestHandler(store, opts = {}) {
   };
 }
+// src/central/quota.ts
+var DEFAULT_INGEST_QUOTA = { capacity: 120, refillMs: 6e4 };
+var MAX_KEYS = 1e4;
+var RateLimiter = class {
+  constructor(cfg = DEFAULT_INGEST_QUOTA, now = () => Date.now()) {
+    this.cfg = cfg;
+    this.now = now;
+  }
+  buckets = /* @__PURE__ */ new Map();
+  /** Consume one token for `key`. Returns whether the request is allowed (+ Retry-After when not). */
+  take(key) {
+    const t = this.now();
+    const ratePerMs = this.cfg.capacity / this.cfg.refillMs;
+    let b = this.buckets.get(key);
+    if (!b) {
+      if (this.buckets.size >= MAX_KEYS) {
+        const oldest = this.buckets.keys().next().value;
+        if (oldest !== void 0) this.buckets.delete(oldest);
+      }
+      b = { tokens: this.cfg.capacity, last: t };
+      this.buckets.set(key, b);
+    }
+    b.tokens = Math.min(this.cfg.capacity, b.tokens + Math.max(0, t - b.last) * ratePerMs);
+    b.last = t;
+    if (b.tokens >= 1) {
+      b.tokens -= 1;
+      return { allowed: true, retryAfterSec: 0 };
+    }
+    const waitMs = (1 - b.tokens) / ratePerMs;
+    return { allowed: false, retryAfterSec: Math.max(1, Math.ceil(waitMs / 1e3)) };
+  }
+};
 // src/scanners/bookmarks.ts
 var PERSONAL = [
   "facebook.",
@@ -5932,7 +5991,7 @@ async function resolveNlQuery(db, sessionId, search, raw, opts) {
 // src/mcp/server.ts
 var SERVER_NAME = "cartography";
-var SERVER_VERSION = "2.5.0";
+var SERVER_VERSION = "2.7.0";
 var SERVICE_TYPES = NODE_TYPE_GROUPS.web;
 var DATA_TYPES = NODE_TYPE_GROUPS.data;
 var lexicalSearch = async (db, sessionId, query, opts) => db.searchNodes(sessionId, query, { types: opts.types, limit: opts.limit }).map((node) => ({ node }));
@@ -6575,6 +6634,16 @@ async function runHttp(factory, opts = {}) {
   const httpServer = import_node_http.default.createServer(async (req, res) => {
     try {
       const url = req.url ?? "";
+      const probePath = new URL(url || "/", "http://probe").pathname;
+      if (probePath === "/healthz") {
+        res.writeHead(200, { "content-type": "application/json" }).end('{"status":"ok"}');
+        return;
+      }
+      if (probePath === "/readyz") {
+        const r = opts.readiness ? opts.readiness() : { ready: true };
+        res.writeHead(r.ready ? 200 : 503, { "content-type": "application/json" }).end(JSON.stringify({ status: r.ready ? "ready" : "unready" }));
+        return;
+      }
       const isIngest = url.startsWith("/ingest") && opts.onIngest !== void 0;
       if (!url.startsWith("/mcp") && !isIngest) {
         res.writeHead(404, { "content-type": "application/json" }).end('{"error":"not found"}');
@@ -6602,7 +6671,7 @@ async function runHttp(factory, opts = {}) {
           return;
         }
         const out = onIngest(value);
-        res.writeHead(out.status, { "content-type": "application/json" }).end(JSON.stringify(out.body));
+        res.writeHead(out.status, { "content-type": "application/json", ...out.headers ?? {} }).end(JSON.stringify(out.body));
         return;
       }
       const sessionId = req.headers["mcp-session-id"];
@@ -7465,6 +7534,54 @@ function headerValue(req, name) {
   return v;
 }
+// src/backstage.ts
+var COMPONENT_TYPES = ["web_service", "container", "pod"];
+function sanitize(id) {
+  return id.replace(/[^a-zA-Z0-9_]/g, "_");
+}
+function toBackstageEntities(nodes, edges, opts = {}) {
+  const owner = opts.org ?? "unknown";
+  return nodes.map((node) => {
+    const kind = COMPONENT_TYPES.includes(node.type) ? "Component" : node.type === "api_endpoint" ? "API" : "Resource";
+    const dependsOn = edges.filter((e) => e.sourceId === node.id).map((e) => `resource:default/${sanitize(e.targetId)}`);
+    return {
+      apiVersion: "backstage.io/v1alpha1",
+      kind,
+      metadata: {
+        name: sanitize(node.id),
+        annotations: {
+          "cartography/discovered-at": node.discoveredAt,
+          "cartography/confidence": String(node.confidence)
+        }
+      },
+      spec: {
+        type: node.type,
+        lifecycle: "production",
+        owner: node.owner ?? owner,
+        ...dependsOn.length > 0 ? { dependsOn } : {}
+      }
+    };
+  });
+}
+function entitiesToYaml(entities) {
+  return entities.map((e) => {
+    const lines = [
+      `apiVersion: ${e.apiVersion}`,
+      `kind: ${e.kind}`,
+      `metadata:`,
+      `  name: ${e.metadata.name}`,
+      `  annotations:`,
+      ...Object.entries(e.metadata.annotations).map(([k, v]) => `    ${k}: "${v}"`),
+      `spec:`,
+      `  type: ${e.spec.type}`,
+      `  lifecycle: ${e.spec.lifecycle}`,
+      `  owner: ${e.spec.owner}`,
+      ...e.spec.dependsOn && e.spec.dependsOn.length > 0 ? ["  dependsOn:", ...e.spec.dependsOn.map((d) => `    - ${d}`)] : []
+    ];
+    return lines.join("\n");
+  }).join("\n---\n");
+}
 // src/api/schemas.ts
 var import_zod8 = require("zod");
 var DIRECTIONS = ["downstream", "upstream", "both"];
@@ -7600,6 +7717,21 @@ var ErrorResponse = import_zod8.z.object({
   error: import_zod8.z.string(),
   code: import_zod8.z.string().optional()
 });
+var BackstageEntitySchema = import_zod8.z.object({
+  apiVersion: import_zod8.z.literal("backstage.io/v1alpha1"),
+  kind: import_zod8.z.enum(["Component", "API", "Resource"]),
+  metadata: import_zod8.z.object({
+    name: import_zod8.z.string(),
+    annotations: import_zod8.z.record(import_zod8.z.string(), import_zod8.z.string())
+  }),
+  spec: import_zod8.z.object({
+    type: import_zod8.z.string(),
+    lifecycle: import_zod8.z.string(),
+    owner: import_zod8.z.string(),
+    dependsOn: import_zod8.z.array(import_zod8.z.string()).optional()
+  })
+});
+var BackstageCatalogResponse = import_zod8.z.object({ entities: import_zod8.z.array(BackstageEntitySchema) });
 var API_SCHEMAS = {
   Node: NodeSchema2,
   Edge: EdgeSchema2,
@@ -7611,10 +7743,13 @@ var API_SCHEMAS = {
   Session: SessionSchema,
   Sessions: SessionsResponse,
   Health: HealthResponse,
-  Error: ErrorResponse
+  Error: ErrorResponse,
+  BackstageEntity: BackstageEntitySchema,
+  BackstageCatalog: BackstageCatalogResponse
 };
 // src/api/rest.ts
+var BACKSTAGE_NODE_CAP = 1e3;
 function toApiNode(n) {
   const out = { id: n.id, type: n.type, name: n.name, confidence: n.confidence, tags: n.tags };
   if (n.domain !== void 0) out["domain"] = n.domain;
@@ -7749,6 +7884,14 @@ function handleHealth(ctx, d) {
   const h = d.backend.health(ctx);
   return ok(validateOut(HealthResponse, { status: "ok", version: d.version, store: h.store, sessions: h.sessions }));
 }
+function handleBackstageCatalog(ctx, d) {
+  return guard(() => {
+    const page = d.backend.nodes(ctx, { limit: BACKSTAGE_NODE_CAP });
+    const edges = d.backend.edges(ctx);
+    const entities = toBackstageEntities(page.nodes, edges, { org: ctx.tenant });
+    return ok(validateOut(BackstageCatalogResponse, { entities }));
+  });
+}
 // src/api/openapi.ts
 function defOf(schema) {
@@ -7905,6 +8048,13 @@ function buildOpenApiDocument(opts) {
           parameters: [TENANT_PARAM],
           responses: { "200": ok2("Sessions", "Sessions"), ...errorResponses() }
         }
+      },
+      "/v1/backstage/catalog": {
+        get: {
+          summary: "The tenant topology as Backstage catalog entities (live data source, 4.6)",
+          parameters: [SESSION_PARAM, TENANT_PARAM],
+          responses: { "200": ok2("BackstageCatalog", "Backstage catalog entities"), ...errorResponses() }
+        }
       }
     }
   };
@@ -8419,6 +8569,8 @@ function dispatchRest(ctx, path, url, deps) {
       return handleDiff(ctx, url, deps);
     case "/v1/sessions":
       return handleSessions(ctx, deps);
+    case "/v1/backstage/catalog":
+      return handleBackstageCatalog(ctx, deps);
     default: {
       const m = DEPENDENCIES_RE.exec(path);
       if (m) return handleDependencies(ctx, decodeURIComponent(m[1]), url, deps);
@@ -9925,7 +10077,7 @@ var MERMAID_CLASSES = {
   saas_tool: "fill:#2a1a2a,stroke:#9a3a9a,color:#daf",
   unknown: "fill:#2a2a2a,stroke:#5a5a5a,color:#aaa"
 };
-function sanitize(id) {
+function sanitize2(id) {
   return id.replace(/[^a-zA-Z0-9_]/g, "_");
 }
 function nodeLabel(node) {
@@ -9967,14 +10119,14 @@ function generateTopologyMermaid(nodes, edges) {
     const label = LAYER_LABELS[layerKey] ?? layerKey;
     lines.push(`    subgraph ${layerKey}["${label}"]`);
     for (const node of layerNodes) {
-      lines.push(`      ${sanitize(node.id)}${nodeLabel(node)}:::${node.type.replace(/_/g, "")}`);
+      lines.push(`      ${sanitize2(node.id)}${nodeLabel(node)}:::${node.type.replace(/_/g, "")}`);
     }
     lines.push("    end");
     lines.push("");
   }
   for (const edge of edges) {
-    const src = sanitize(edge.sourceId);
-    const tgt = sanitize(edge.targetId);
+    const src = sanitize2(edge.sourceId);
+    const tgt = sanitize2(edge.targetId);
     const label = EDGE_LABELS[edge.relationship] ?? edge.relationship;
     const arrow = edge.confidence < 0.6 ? `-. "${label}" .->` : `-->|"${label}"|`;
     lines.push(`    ${src} ${arrow} ${tgt}`);
@@ -10000,12 +10152,12 @@ function generateDependencyMermaid(nodes, edges) {
   }
   lines.push("");
   for (const node of usedNodes) {
-    lines.push(`    ${sanitize(node.id)}${nodeLabel(node)}:::${node.type.replace(/_/g, "")}`);
+    lines.push(`    ${sanitize2(node.id)}${nodeLabel(node)}:::${node.type.replace(/_/g, "")}`);
   }
   lines.push("");
   for (const edge of depEdges) {
     const label = EDGE_LABELS[edge.relationship] ?? edge.relationship;
-    lines.push(`    ${sanitize(edge.sourceId)} -->|"${label}"| ${sanitize(edge.targetId)}`);
+    lines.push(`    ${sanitize2(edge.sourceId)} -->|"${label}"| ${sanitize2(edge.targetId)}`);
   }
   return lines.join("\n");
 }
@@ -10056,44 +10208,21 @@ function generateDiffMermaid(diff) {
     ensureEndpoint(e.targetId);
   }
   for (const { node, cls, suffix } of entries.values()) {
-    lines.push(`    ${sanitize(node.id)}${diffNodeLabel(node, suffix)}:::${cls}`);
+    lines.push(`    ${sanitize2(node.id)}${diffNodeLabel(node, suffix)}:::${cls}`);
   }
   lines.push("");
   for (const e of diff.edges.added) {
     const label = EDGE_LABELS[e.relationship] ?? e.relationship;
-    lines.push(`    ${sanitize(e.sourceId)} ==>|"+ ${label}"| ${sanitize(e.targetId)}`);
+    lines.push(`    ${sanitize2(e.sourceId)} ==>|"+ ${label}"| ${sanitize2(e.targetId)}`);
   }
   for (const e of diff.edges.removed) {
     const label = EDGE_LABELS[e.relationship] ?? e.relationship;
-    lines.push(`    ${sanitize(e.sourceId)} -.->|"- ${label}"| ${sanitize(e.targetId)}`);
+    lines.push(`    ${sanitize2(e.sourceId)} -.->|"- ${label}"| ${sanitize2(e.targetId)}`);
   }
   return lines.join("\n");
 }
 function exportBackstageYAML(nodes, edges, org) {
-  const owner = org ?? "unknown";
-  const docs = [];
-  for (const node of nodes) {
-    const isComponent = ["web_service", "container", "pod"].includes(node.type);
-    const isAPI = node.type === "api_endpoint";
-    const kind = isComponent ? "Component" : isAPI ? "API" : "Resource";
-    const deps = edges.filter((e) => e.sourceId === node.id).map((e) => `    - resource:default/${sanitize(e.targetId)}`);
-    const doc = [
-      `apiVersion: backstage.io/v1alpha1`,
-      `kind: ${kind}`,
-      `metadata:`,
-      `  name: ${sanitize(node.id)}`,
-      `  annotations:`,
-      `    cartography/discovered-at: "${node.discoveredAt}"`,
-      `    cartography/confidence: "${node.confidence}"`,
-      `spec:`,
-      `  type: ${node.type}`,
-      `  lifecycle: production`,
-      `  owner: ${node.owner ?? owner}`,
-      ...deps.length > 0 ? ["  dependsOn:", ...deps] : []
-    ].join("\n");
-    docs.push(doc);
-  }
-  return docs.join("\n---\n");
+  return entitiesToYaml(toBackstageEntities(nodes, edges, org !== void 0 ? { org } : {}));
 }
 function exportJSON(db, sessionId) {
   const nodes = db.getNodes(sessionId);
@@ -11794,6 +11923,7 @@ function checkClaudePrerequisites() {
   CredentialConfigSchema,
   CsvCostSource,
   DEFAULT_ANOMALY_THRESHOLDS,
+  DEFAULT_INGEST_QUOTA,
   DEFAULT_SERVER_NAME,
   DEFAULT_TENANT,
   DriftConfigSchema,
@@ -11815,10 +11945,12 @@ function checkClaudePrerequisites() {
   ProviderRegistry,
   RELATION_TO_DIRECTION,
   ROLES,
+  RateLimiter,
   RoleSchema,
   RuleCheckSchema,
   RulesetSchema,
   SCAN_ARG_PATTERNS,
+  SCHEMA_VERSION,
   SDL,
   SEVERITY_WEIGHT,
   SHARING_LEVELS,
@@ -11898,6 +12030,7 @@ function checkClaudePrerequisites() {
   diffTopology,
   edgesToConnections,
   enrichCosts,
+  entitiesToYaml,
   evaluateCheck,
   evaluateRule,
   evidenceLine,
@@ -12027,6 +12160,7 @@ function checkClaudePrerequisites() {
   startApi,
   stripSensitive,
   timingSafeEqual,
+  toBackstageEntities,
   validateScanner,
   vscodeDeeplink,
   zodToJsonSchema