@dependabit/detector 0.1.1

package/dist/diff-parser.js

@@ -0,0 +1,203 @@
+/**
+ * Diff Parser
+ * Parse git diffs to extract meaningful changes for dependency analysis
+ */
+// URL pattern to match HTTP(S) URLs
+const URL_PATTERN = /https?:\/\/[^\s<>"{}|\\^`[\]]+/gi;
+// Package dependency patterns
+const PACKAGE_DEP_PATTERNS = {
+    packageJson: /"([^"]+)":\s*"[\^~]?[\d.]+"/g,
+    requirementsTxt: /^([a-zA-Z0-9_-]+)[>=<~!]=.*/gm,
+    cargoToml: /^(?!\s*(?:name|version|authors|edition|description|license|workspace|build|default-run|repository|homepage|documentation|readme|keywords|categories|exclude|include|publish|resolver)\s*=)\s*([a-zA-Z0-9_-]+)\s*=.*/gm
+};
+// File extensions relevant for dependency analysis
+const RELEVANT_EXTENSIONS = [
+    '.md',
+    '.txt',
+    '.rst',
+    '.adoc', // Documentation
+    '.ts',
+    '.js',
+    '.py',
+    '.rs',
+    '.go',
+    '.java',
+    '.cpp',
+    '.c',
+    '.h', // Code
+    '.json',
+    '.toml',
+    '.yaml',
+    '.yml', // Config
+    '.html',
+    '.xml' // Markup
+];
+// Package manifest files
+const PACKAGE_MANIFEST_FILES = [
+    'package.json',
+    'requirements.txt',
+    'Cargo.toml',
+    'go.mod',
+    'pom.xml',
+    'build.gradle',
+    'Gemfile',
+    'composer.json'
+];
+/**
+ * Parse a unified diff and extract additions and deletions
+ */
+export function parseDiff(patch) {
+    const additions = [];
+    const deletions = [];
+    if (!patch) {
+        return { additions, deletions };
+    }
+    const lines = patch.split('\n');
+    for (const line of lines) {
+        if (line.startsWith('+') && !line.startsWith('+++')) {
+            // Addition (remove the + prefix)
+            additions.push(line.substring(1));
+        }
+        else if (line.startsWith('-') && !line.startsWith('---')) {
+            // Deletion (remove the - prefix)
+            deletions.push(line.substring(1));
+        }
+        // Ignore context lines (no prefix or space prefix)
+    }
+    return { additions, deletions };
+}
+/**
+ * Extract meaningful content from added lines
+ */
+export function extractAddedContent(additions, filename) {
+    const urls = [];
+    const packageDeps = [];
+    const content = additions.join('\n');
+    // Extract URLs
+    const urlMatches = content.matchAll(URL_PATTERN);
+    for (const match of urlMatches) {
+        urls.push(match[0]);
+    }
+    // Extract package dependencies based on file type
+    if (filename) {
+        const lowerFilename = filename.toLowerCase();
+        if (lowerFilename === 'package.json') {
+            const depMatches = content.matchAll(PACKAGE_DEP_PATTERNS.packageJson);
+            for (const match of depMatches) {
+                if (match[1])
+                    packageDeps.push(match[1]);
+            }
+        }
+        else if (lowerFilename === 'requirements.txt') {
+            const depMatches = content.matchAll(PACKAGE_DEP_PATTERNS.requirementsTxt);
+            for (const match of depMatches) {
+                if (match[1])
+                    packageDeps.push(match[1]);
+            }
+        }
+        else if (lowerFilename === 'cargo.toml') {
+            const depMatches = content.matchAll(PACKAGE_DEP_PATTERNS.cargoToml);
+            for (const match of depMatches) {
+                if (match[1])
+                    packageDeps.push(match[1]);
+            }
+        }
+    }
+    return {
+        urls: Array.from(new Set(urls)),
+        packageDeps: Array.from(new Set(packageDeps))
+    };
+}
+/**
+ * Extract meaningful content from removed lines
+ */
+export function extractRemovedContent(deletions, filename) {
+    // Use the same logic as extractAddedContent
+    return extractAddedContent(deletions, filename);
+}
+/**
+ * Identify files relevant for dependency analysis
+ *
+ * Note: Filenames in relevantFiles preserve their original case from the commit.
+ * Case-insensitive matching is used for identification, but original casing is maintained
+ * for consistency with file system operations.
+ */
+export function getChangedFiles(files) {
+    const relevantFiles = [];
+    const packageFiles = [];
+    const documentationFiles = [];
+    for (const file of files) {
+        const filename = file.filename.toLowerCase();
+        const basename = filename.split('/').pop() || '';
+        // Check if it's a package manifest file (case-insensitive comparison)
+        const isPackageFile = PACKAGE_MANIFEST_FILES.some((manifestFile) => manifestFile.toLowerCase() === basename);
+        if (isPackageFile) {
+            packageFiles.push(file.filename);
+            relevantFiles.push(file.filename);
+            continue;
+        }
+        // Check if it's a documentation file
+        if (basename.startsWith('readme') ||
+            filename.includes('/docs/') ||
+            filename.includes('/documentation/')) {
+            documentationFiles.push(file.filename);
+            relevantFiles.push(file.filename);
+            continue;
+        }
+        // Check if it has a relevant extension
+        const hasRelevantExtension = RELEVANT_EXTENSIONS.some((ext) => filename.endsWith(ext));
+        if (hasRelevantExtension) {
+            relevantFiles.push(file.filename);
+        }
+    }
+    return {
+        relevantFiles: Array.from(new Set(relevantFiles)),
+        packageFiles: Array.from(new Set(packageFiles)),
+        documentationFiles: Array.from(new Set(documentationFiles))
+    };
+}
+/**
+ * Parse all diffs from commit files
+ */
+export function parseCommitDiffs(files) {
+    const diffMap = new Map();
+    for (const file of files) {
+        if (file.patch) {
+            diffMap.set(file.filename, parseDiff(file.patch));
+        }
+    }
+    return diffMap;
+}
+/**
+ * Extract all dependency-related content from commit diffs
+ */
+export function extractDependencyChanges(files) {
+    const changedFiles = getChangedFiles(files);
+    const allAddedUrls = [];
+    const allRemovedUrls = [];
+    const allAddedPackages = [];
+    const allRemovedPackages = [];
+    for (const file of files) {
+        if (!file.patch || !changedFiles.relevantFiles.includes(file.filename)) {
+            continue;
+        }
+        const diff = parseDiff(file.patch);
+        const basename = file.filename.split('/').pop();
+        // Extract added content
+        const addedContent = extractAddedContent(diff.additions, basename);
+        allAddedUrls.push(...addedContent.urls);
+        allAddedPackages.push(...addedContent.packageDeps);
+        // Extract removed content
+        const removedContent = extractRemovedContent(diff.deletions, basename);
+        allRemovedUrls.push(...removedContent.urls);
+        allRemovedPackages.push(...removedContent.packageDeps);
+    }
+    return {
+        addedUrls: Array.from(new Set(allAddedUrls)),
+        removedUrls: Array.from(new Set(allRemovedUrls)),
+        addedPackages: Array.from(new Set(allAddedPackages)),
+        removedPackages: Array.from(new Set(allRemovedPackages)),
+        changedFiles
+    };
+}
+//# sourceMappingURL=diff-parser.js.map

package/dist/diff-parser.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"diff-parser.js","sourceRoot":"","sources":["../src/diff-parser.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAoBH,oCAAoC;AACpC,MAAM,WAAW,GAAG,kCAAkC,CAAC;AAEvD,8BAA8B;AAC9B,MAAM,oBAAoB,GAAG;IAC3B,WAAW,EAAE,8BAA8B;IAC3C,eAAe,EAAE,+BAA+B;IAChD,SAAS,EACP,uNAAuN;CAC1N,CAAC;AAEF,mDAAmD;AACnD,MAAM,mBAAmB,GAAG;IAC1B,KAAK;IACL,MAAM;IACN,MAAM;IACN,OAAO,EAAE,gBAAgB;IACzB,KAAK;IACL,KAAK;IACL,KAAK;IACL,KAAK;IACL,KAAK;IACL,OAAO;IACP,MAAM;IACN,IAAI;IACJ,IAAI,EAAE,OAAO;IACb,OAAO;IACP,OAAO;IACP,OAAO;IACP,MAAM,EAAE,SAAS;IACjB,OAAO;IACP,MAAM,CAAC,SAAS;CACjB,CAAC;AAEF,yBAAyB;AACzB,MAAM,sBAAsB,GAAG;IAC7B,cAAc;IACd,kBAAkB;IAClB,YAAY;IACZ,QAAQ;IACR,SAAS;IACT,cAAc;IACd,SAAS;IACT,eAAe;CAChB,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,SAAS,CAAC,KAAa,EAAmB;IACxD,MAAM,SAAS,GAAa,EAAE,CAAC;IAC/B,MAAM,SAAS,GAAa,EAAE,CAAC;IAE/B,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC;IAClC,CAAC;IAED,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAEhC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC;YACpD,iCAAiC;YACjC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;QACpC,CAAC;aAAM,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC;YAC3D,iCAAiC;YACjC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;QACpC,CAAC;QACD,mDAAmD;IACrD,CAAC;IAED,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC;AAAA,CACjC;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB,CAAC,SAAmB,EAAE,QAAiB,EAAoB;IAC5F,MAAM,IAAI,GAAa,EAAE,CAAC;IAC1B,MAAM,WAAW,GAAa,EAAE,CAAC;IAEjC,MAAM,OAAO,GAAG,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAErC,eAAe;IACf,MAAM,UAAU,GAAG,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IACjD,KAAK,MAAM,KAAK,IAAI,UAAU,EAAE,CAAC;QAC/B,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IACtB,CAAC;IAED,kDAAkD;IAClD,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,aAAa,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;QAC7C,IAAI,aAAa,KAAK,cAAc,EAAE,CAAC;YACrC,MAAM,UAAU,GAAG,OAAO,CAAC,QAAQ,CAAC,oBAAoB,CAAC,WAAW,CAAC,CAAC;YACtE,KAAK,MAAM,KAAK,IAAI,UAAU,EAAE,CAAC;gBAC/B,IAAI,KAAK,CAAC,CAAC,CAAC;oBAAE,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;YAC3C,CAAC;QACH,CAAC;aAAM,IAAI,aAAa,KAAK,kBAAkB,EAAE,CAAC;YAChD,MAAM,UAAU,GAAG,OAAO,CAAC,QAAQ,CAAC,oBAAoB,CAAC,eAAe,CAAC,CAAC;YAC1E,KAAK,MAAM,KAAK,IAAI,UAAU,EAAE,CAAC;gBAC/B,IAAI,KAAK,CAAC,CAAC,CAAC;oBAAE,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;YAC3C,CAAC;QACH,CAAC;aAAM,IAAI,aAAa,KAAK,YAAY,EAAE,CAAC;YAC1C,MAAM,UAAU,GAAG,OAAO,CAAC,QAAQ,CAAC,oBAAoB,CAAC,SAAS,CAAC,CAAC;YACpE,KAAK,MAAM,KAAK,IAAI,UAAU,EAAE,CAAC;gBAC/B,IAAI,KAAK,CAAC,CAAC,CAAC;oBAAE,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;YAC3C,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO;QACL,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,IAAI,CAAC,CAAC;QAC/B,WAAW,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;KAC9C,CAAC;AAAA,CACH;AAED;;GAEG;AACH,MAAM,UAAU,qBAAqB,CAAC,SAAmB,EAAE,QAAiB,EAAoB;IAC9F,4CAA4C;IAC5C,OAAO,mBAAmB,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;AAAA,CACjD;AAED;;;;;;GAMG;AACH,MAAM,UAAU,eAAe,CAAC,KAAmB,EAAsB;IACvE,MAAM,aAAa,GAAa,EAAE,CAAC;IACnC,MAAM,YAAY,GAAa,EAAE,CAAC;IAClC,MAAM,kBAAkB,GAAa,EAAE,CAAC;IAExC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;QAC7C,MAAM,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC;QAEjD,sEAAsE;QACtE,MAAM,aAAa,GAAG,sBAAsB,CAAC,IAAI,CAC/C,CAAC,YAAY,EAAE,EAAE,CAAC,YAAY,CAAC,WAAW,EAAE,KAAK,QAAQ,CAC1D,CAAC;QAEF,IAAI,aAAa,EAAE,CAAC;YAClB,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YACjC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAClC,SAAS;QACX,CAAC;QAED,qCAAqC;QACrC,IACE,QAAQ,CAAC,UAAU,CAAC,QAAQ,CAAC;YAC7B,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC;YAC3B,QAAQ,CAAC,QAAQ,CAAC,iBAAiB,CAAC,EACpC,CAAC;YACD,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YACvC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAClC,SAAS;QACX,CAAC;QAED,uCAAuC;QACvC,MAAM,oBAAoB,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC;QAEvF,IAAI,oBAAoB,EAAE,CAAC;YACzB,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACpC,CAAC;IACH,CAAC;IAED,OAAO;QACL,aAAa,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,aAAa,CAAC,CAAC;QACjD,YAAY,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,YAAY,CAAC,CAAC;QAC/C,kBAAkB,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,kBAAkB,CAAC,CAAC;KAC5D,CAAC;AAAA,CACH;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,KAAmB,EAAgC;IAClF,MAAM,OAAO,GAAG,IAAI,GAAG,EAA2B,CAAC;IAEnD,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,EAAE,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;QACpD,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AAAA,CAChB;AAED;;GAEG;AACH,MAAM,UAAU,wBAAwB,CAAC,KAAmB,EAM1D;IACA,MAAM,YAAY,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC;IAC5C,MAAM,YAAY,GAAa,EAAE,CAAC;IAClC,MAAM,cAAc,GAAa,EAAE,CAAC;IACpC,MAAM,gBAAgB,GAAa,EAAE,CAAC;IACtC,MAAM,kBAAkB,GAAa,EAAE,CAAC;IAExC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,CAAC,IAAI,CAAC,KAAK,IAAI,CAAC,YAAY,CAAC,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YACvE,SAAS;QACX,CAAC;QAED,MAAM,IAAI,GAAG,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACnC,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;QAEhD,wBAAwB;QACxB,MAAM,YAAY,GAAG,mBAAmB,CAAC,IAAI,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;QACnE,YAAY,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;QACxC,gBAAgB,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,WAAW,CAAC,CAAC;QAEnD,0BAA0B;QAC1B,MAAM,cAAc,GAAG,qBAAqB,CAAC,IAAI,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;QACvE,cAAc,CAAC,IAAI,CAAC,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC;QAC5C,kBAAkB,CAAC,IAAI,CAAC,GAAG,cAAc,CAAC,WAAW,CAAC,CAAC;IACzD,CAAC;IAED,OAAO;QACL,SAAS,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,YAAY,CAAC,CAAC;QAC5C,WAAW,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,cAAc,CAAC,CAAC;QAChD,aAAa,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,gBAAgB,CAAC,CAAC;QACpD,eAAe,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,kBAAkB,CAAC,CAAC;QACxD,YAAY;KACb,CAAC;AAAA,CACH"}

package/dist/index.d.ts

@@ -0,0 +1,14 @@
+export type { LLMProvider, LLMProviderConfig, LLMResponse, RateLimitInfo, DetectedDependency, LLMUsageMetadata } from './llm/client.js';
+export { GitHubCopilotProvider } from './llm/copilot.js';
+export { SYSTEM_PROMPT, createDetectionPrompt, createClassificationPrompt } from './llm/prompts.js';
+export type { ExtractedReference } from './parsers/readme.js';
+export { parseReadme, extractGitHubReferences } from './parsers/readme.js';
+export type { CommentReference } from './parsers/code-comments.js';
+export { parseCodeComments, extractSpecReferences } from './parsers/code-comments.js';
+export type { PackageMetadata } from './parsers/package-files.js';
+export { parsePackageJson, parseRequirementsTxt, parseCargoToml, parseGoMod } from './parsers/package-files.js';
+export type { DiffParseResult, ExtractedContent, ChangedFilesResult } from './diff-parser.js';
+export { parseDiff, extractAddedContent, extractRemovedContent, getChangedFiles, parseCommitDiffs, extractDependencyChanges } from './diff-parser.js';
+export type { DetectorOptions, DetectionResult } from './detector.js';
+export { Detector } from './detector.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAGA,YAAY,EACV,WAAW,EACX,iBAAiB,EACjB,WAAW,EACX,aAAa,EACb,kBAAkB,EAClB,gBAAgB,EACjB,MAAM,iBAAiB,CAAC;AACzB,OAAO,EAAE,qBAAqB,EAAE,MAAM,kBAAkB,CAAC;AACzD,OAAO,EAAE,aAAa,EAAE,qBAAqB,EAAE,0BAA0B,EAAE,MAAM,kBAAkB,CAAC;AAGpG,YAAY,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AAC9D,OAAO,EAAE,WAAW,EAAE,uBAAuB,EAAE,MAAM,qBAAqB,CAAC;AAE3E,YAAY,EAAE,gBAAgB,EAAE,MAAM,4BAA4B,CAAC;AACnE,OAAO,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AAEtF,YAAY,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAClE,OAAO,EACL,gBAAgB,EAChB,oBAAoB,EACpB,cAAc,EACd,UAAU,EACX,MAAM,4BAA4B,CAAC;AAGpC,YAAY,EAAE,eAAe,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,MAAM,kBAAkB,CAAC;AAC9F,OAAO,EACL,SAAS,EACT,mBAAmB,EACnB,qBAAqB,EACrB,eAAe,EACf,gBAAgB,EAChB,wBAAwB,EACzB,MAAM,kBAAkB,CAAC;AAG1B,YAAY,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AACtE,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC"}

package/dist/index.js

@@ -0,0 +1,9 @@
+// Entry point for @dependabit/detector
+export { GitHubCopilotProvider } from './llm/copilot.js';
+export { SYSTEM_PROMPT, createDetectionPrompt, createClassificationPrompt } from './llm/prompts.js';
+export { parseReadme, extractGitHubReferences } from './parsers/readme.js';
+export { parseCodeComments, extractSpecReferences } from './parsers/code-comments.js';
+export { parsePackageJson, parseRequirementsTxt, parseCargoToml, parseGoMod } from './parsers/package-files.js';
+export { parseDiff, extractAddedContent, extractRemovedContent, getChangedFiles, parseCommitDiffs, extractDependencyChanges } from './diff-parser.js';
+export { Detector } from './detector.js';
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,uCAAuC;AAWvC,OAAO,EAAE,qBAAqB,EAAE,MAAM,kBAAkB,CAAC;AACzD,OAAO,EAAE,aAAa,EAAE,qBAAqB,EAAE,0BAA0B,EAAE,MAAM,kBAAkB,CAAC;AAIpG,OAAO,EAAE,WAAW,EAAE,uBAAuB,EAAE,MAAM,qBAAqB,CAAC;AAG3E,OAAO,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AAGtF,OAAO,EACL,gBAAgB,EAChB,oBAAoB,EACpB,cAAc,EACd,UAAU,EACX,MAAM,4BAA4B,CAAC;AAIpC,OAAO,EACL,SAAS,EACT,mBAAmB,EACnB,qBAAqB,EACrB,eAAe,EACf,gBAAgB,EAChB,wBAAwB,EACzB,MAAM,kBAAkB,CAAC;AAI1B,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC"}

package/dist/llm/client.d.ts

@@ -0,0 +1,65 @@
+/**
+ * LLM Provider Interface
+ * Abstraction layer for different LLM providers (GitHub Copilot, Claude, OpenAI, etc.)
+ */
+export interface RateLimitInfo {
+    remaining: number;
+    limit: number;
+    resetAt: Date;
+}
+export interface LLMUsageMetadata {
+    promptTokens: number;
+    completionTokens: number;
+    totalTokens: number;
+    model: string;
+    latencyMs: number;
+}
+export interface DetectedDependency {
+    url: string;
+    name: string;
+    description?: string;
+    type: 'reference-implementation' | 'schema' | 'documentation' | 'research-paper' | 'api-example' | 'other';
+    confidence: number;
+    reasoning?: string;
+}
+export interface LLMResponse {
+    dependencies: DetectedDependency[];
+    usage: LLMUsageMetadata;
+    rawResponse?: string;
+}
+export interface LLMProviderConfig {
+    apiKey?: string;
+    endpoint?: string;
+    model?: string;
+    maxTokens?: number;
+    temperature?: number;
+}
+/**
+ * Base interface that all LLM providers must implement
+ */
+export interface LLMProvider {
+    /**
+     * Analyze content and detect external dependencies
+     * @param content - Text content to analyze (README, code, etc.)
+     * @param prompt - Detection prompt template
+     * @returns LLM response with detected dependencies
+     */
+    analyze(content: string, prompt: string): Promise<LLMResponse>;
+    /**
+     * Get list of supported models for this provider
+     */
+    getSupportedModels(): string[];
+    /**
+     * Get current rate limit status
+     */
+    getRateLimit(): Promise<RateLimitInfo>;
+    /**
+     * Validate provider configuration
+     */
+    validateConfig(): boolean;
+}
+/**
+ * Create an LLM provider instance
+ */
+export declare function createLLMProvider(providerName: string, config: LLMProviderConfig): LLMProvider;
+//# sourceMappingURL=client.d.ts.map

package/dist/llm/client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../src/llm/client.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,MAAM,WAAW,aAAa;IAC5B,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,IAAI,CAAC;CACf;AAED,MAAM,WAAW,gBAAgB;IAC/B,YAAY,EAAE,MAAM,CAAC;IACrB,gBAAgB,EAAE,MAAM,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,kBAAkB;IACjC,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,IAAI,EACA,0BAA0B,GAC1B,QAAQ,GACR,eAAe,GACf,gBAAgB,GAChB,aAAa,GACb,OAAO,CAAC;IACZ,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,WAAW;IAC1B,YAAY,EAAE,kBAAkB,EAAE,CAAC;IACnC,KAAK,EAAE,gBAAgB,CAAC;IACxB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,iBAAiB;IAChC,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B;;;;;OAKG;IACH,OAAO,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC;IAE/D;;OAEG;IACH,kBAAkB,IAAI,MAAM,EAAE,CAAC;IAE/B;;OAEG;IACH,YAAY,IAAI,OAAO,CAAC,aAAa,CAAC,CAAC;IAEvC;;OAEG;IACH,cAAc,IAAI,OAAO,CAAC;CAC3B;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,YAAY,EAAE,MAAM,EAAE,MAAM,EAAE,iBAAiB,GAAG,WAAW,CAG9F"}

package/dist/llm/client.js

@@ -0,0 +1,12 @@
+/**
+ * LLM Provider Interface
+ * Abstraction layer for different LLM providers (GitHub Copilot, Claude, OpenAI, etc.)
+ */
+/**
+ * Create an LLM provider instance
+ */
+export function createLLMProvider(providerName, config) {
+    // Implementation will be in specific provider files
+    throw new Error(`Provider ${providerName} not yet implemented`);
+}
+//# sourceMappingURL=client.js.map

package/dist/llm/client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../../src/llm/client.ts"],"names":[],"mappings":"AAAA;;;GAGG;AA2EH;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAAC,YAAoB,EAAE,MAAyB,EAAe;IAC9F,oDAAoD;IACpD,MAAM,IAAI,KAAK,CAAC,YAAY,YAAY,sBAAsB,CAAC,CAAC;AAAA,CACjE"}

package/dist/llm/copilot.d.ts

@@ -0,0 +1,15 @@
+/**
+ * GitHub Copilot CLI Provider Implementation
+ * Integrates with GitHub Copilot via CLI commands
+ */
+import type { LLMProvider, LLMProviderConfig, LLMResponse, RateLimitInfo } from './client.js';
+export declare class GitHubCopilotProvider implements LLMProvider {
+    private config;
+    private model;
+    constructor(config?: LLMProviderConfig);
+    analyze(content: string, prompt: string): Promise<LLMResponse>;
+    getSupportedModels(): string[];
+    getRateLimit(): Promise<RateLimitInfo>;
+    validateConfig(): boolean;
+}
+//# sourceMappingURL=copilot.d.ts.map

package/dist/llm/copilot.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"copilot.d.ts","sourceRoot":"","sources":["../../src/llm/copilot.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,OAAO,KAAK,EACV,WAAW,EACX,iBAAiB,EACjB,WAAW,EACX,aAAa,EAGd,MAAM,aAAa,CAAC;AAKrB,qBAAa,qBAAsB,YAAW,WAAW;IACvD,OAAO,CAAC,MAAM,CAA8B;IAC5C,OAAO,CAAC,KAAK,CAAS;IAEtB,YAAY,MAAM,GAAE,iBAAsB,EAczC;IAEK,OAAO,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,CAqFnE;IAED,kBAAkB,IAAI,MAAM,EAAE,CAG7B;IAEK,YAAY,IAAI,OAAO,CAAC,aAAa,CAAC,CAQ3C;IAED,cAAc,IAAI,OAAO,CAIxB;CACF"}

package/dist/llm/copilot.js

@@ -0,0 +1,119 @@
+/**
+ * GitHub Copilot CLI Provider Implementation
+ * Integrates with GitHub Copilot via CLI commands
+ */
+import { exec } from 'node:child_process';
+import { promisify } from 'node:util';
+import { SYSTEM_PROMPT } from './prompts.js';
+const execAsync = promisify(exec);
+export class GitHubCopilotProvider {
+    config;
+    model;
+    constructor(config = {}) {
+        // Default configuration for CLI-based approach
+        this.config = {
+            apiKey: config.apiKey || process.env['GITHUB_TOKEN'] || '',
+            endpoint: config.endpoint || '',
+            model: config.model || 'gpt-4',
+            maxTokens: config.maxTokens || 4000,
+            temperature: config.temperature || 0.3
+        };
+        this.model = this.config.model;
+        // GitHub Copilot CLI uses GitHub authentication, not a separate API key
+        // The GITHUB_TOKEN is used for authentication with GitHub, not OpenAI
+    }
+    async analyze(content, prompt) {
+        const startTime = Date.now();
+        try {
+            // Combine system prompt and user prompt for CLI
+            const fullPrompt = `${SYSTEM_PROMPT}\n\n${prompt}`;
+            // Escape the prompt for shell safety (basic escaping)
+            const escapedPrompt = fullPrompt.replace(/"/g, '\\"').replace(/\$/g, '\\$');
+            // Use gh copilot suggest command to get AI response
+            // The --yes flag auto-accepts the suggestion, --shell-out returns raw output
+            const command = `echo "${escapedPrompt}" | gh copilot suggest --yes 2>&1`;
+            const { stdout, stderr } = await execAsync(command, {
+                maxBuffer: 10 * 1024 * 1024, // 10MB buffer for large responses
+                timeout: 60000 // 60 second timeout
+            });
+            const latencyMs = Date.now() - startTime;
+            if (stderr && !stdout) {
+                throw new Error(`Copilot CLI error: ${stderr}`);
+            }
+            // Try to parse the output as JSON
+            // Copilot CLI may return the JSON directly or wrapped in markdown
+            let content_text = stdout.trim();
+            // Remove markdown code blocks if present
+            if (content_text.includes('```json')) {
+                const jsonMatch = content_text.match(/```json\s*([\s\S]*?)```/);
+                if (jsonMatch && jsonMatch[1]) {
+                    content_text = jsonMatch[1].trim();
+                }
+            }
+            else if (content_text.includes('```')) {
+                const codeMatch = content_text.match(/```\s*([\s\S]*?)```/);
+                if (codeMatch && codeMatch[1]) {
+                    content_text = codeMatch[1].trim();
+                }
+            }
+            let parsed;
+            try {
+                parsed = JSON.parse(content_text);
+            }
+            catch (parseError) {
+                console.error('Failed to parse Copilot CLI response:', content_text, parseError);
+                // Return empty dependencies if parsing fails
+                parsed = { dependencies: [] };
+            }
+            // Estimate token usage (rough approximation since CLI doesn't provide this)
+            const estimatedTokens = Math.ceil(fullPrompt.length / 4) + Math.ceil(content_text.length / 4);
+            const usage = {
+                promptTokens: Math.ceil(fullPrompt.length / 4),
+                completionTokens: Math.ceil(content_text.length / 4),
+                totalTokens: estimatedTokens,
+                model: this.model,
+                latencyMs
+            };
+            return {
+                dependencies: parsed.dependencies || [],
+                usage,
+                rawResponse: content_text
+            };
+        }
+        catch (error) {
+            const latencyMs = Date.now() - startTime;
+            console.error('Copilot CLI analysis failed:', error);
+            // Return empty result on error
+            return {
+                dependencies: [],
+                usage: {
+                    promptTokens: 0,
+                    completionTokens: 0,
+                    totalTokens: 0,
+                    model: this.model,
+                    latencyMs
+                },
+                rawResponse: error instanceof Error ? error.message : 'Unknown error'
+            };
+        }
+    }
+    getSupportedModels() {
+        // Copilot CLI uses GitHub's models, not directly specified
+        return ['github-copilot', 'gpt-4', 'gpt-4-turbo'];
+    }
+    async getRateLimit() {
+        // Copilot CLI doesn't expose rate limits directly
+        // Rate limiting is handled by GitHub's infrastructure
+        return {
+            remaining: -1, // Unknown
+            limit: -1, // Unknown
+            resetAt: new Date(0) // Unknown
+        };
+    }
+    validateConfig() {
+        // For CLI approach, we just need gh CLI to be available
+        // Authentication is handled by GitHub CLI itself
+        return true;
+    }
+}
+//# sourceMappingURL=copilot.js.map

package/dist/llm/copilot.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"copilot.js","sourceRoot":"","sources":["../../src/llm/copilot.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,oBAAoB,CAAC;AAC1C,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AAStC,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAE7C,MAAM,SAAS,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;AAElC,MAAM,OAAO,qBAAqB;IACxB,MAAM,CAA8B;IACpC,KAAK,CAAS;IAEtB,YAAY,MAAM,GAAsB,EAAE,EAAE;QAC1C,+CAA+C;QAC/C,IAAI,CAAC,MAAM,GAAG;YACZ,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,EAAE;YAC1D,QAAQ,EAAE,MAAM,CAAC,QAAQ,IAAI,EAAE;YAC/B,KAAK,EAAE,MAAM,CAAC,KAAK,IAAI,OAAO;YAC9B,SAAS,EAAE,MAAM,CAAC,SAAS,IAAI,IAAI;YACnC,WAAW,EAAE,MAAM,CAAC,WAAW,IAAI,GAAG;SACvC,CAAC;QAEF,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC;QAE/B,wEAAwE;QACxE,sEAAsE;IAHvC,CAIhC;IAED,KAAK,CAAC,OAAO,CAAC,OAAe,EAAE,MAAc,EAAwB;QACnE,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAE7B,IAAI,CAAC;YACH,gDAAgD;YAChD,MAAM,UAAU,GAAG,GAAG,aAAa,OAAO,MAAM,EAAE,CAAC;YAEnD,sDAAsD;YACtD,MAAM,aAAa,GAAG,UAAU,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;YAE5E,oDAAoD;YACpD,6EAA6E;YAC7E,MAAM,OAAO,GAAG,SAAS,aAAa,mCAAmC,CAAC;YAE1E,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,SAAS,CAAC,OAAO,EAAE;gBAClD,SAAS,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI,EAAE,kCAAkC;gBAC/D,OAAO,EAAE,KAAK,CAAC,oBAAoB;aACpC,CAAC,CAAC;YAEH,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;YAEzC,IAAI,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;gBACtB,MAAM,IAAI,KAAK,CAAC,sBAAsB,MAAM,EAAE,CAAC,CAAC;YAClD,CAAC;YAED,kCAAkC;YAClC,kEAAkE;YAClE,IAAI,YAAY,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC;YAEjC,yCAAyC;YACzC,IAAI,YAAY,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;gBACrC,MAAM,SAAS,GAAG,YAAY,CAAC,KAAK,CAAC,yBAAyB,CAAC,CAAC;gBAChE,IAAI,SAAS,IAAI,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC;oBAC9B,YAAY,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;gBACrC,CAAC;YACH,CAAC;iBAAM,IAAI,YAAY,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;gBACxC,MAAM,SAAS,GAAG,YAAY,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC;gBAC5D,IAAI,SAAS,IAAI,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC;oBAC9B,YAAY,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;gBACrC,CAAC;YACH,CAAC;YAED,IAAI,MAA8C,CAAC;YAEnD,IAAI,CAAC;gBACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;YACpC,CAAC;YAAC,OAAO,UAAU,EAAE,CAAC;gBACpB,OAAO,CAAC,KAAK,CAAC,uCAAuC,EAAE,YAAY,EAAE,UAAU,CAAC,CAAC;gBACjF,6CAA6C;gBAC7C,MAAM,GAAG,EAAE,YAAY,EAAE,EAAE,EAAE,CAAC;YAChC,CAAC;YAED,4EAA4E;YAC5E,MAAM,eAAe,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YAE9F,MAAM,KAAK,GAAqB;gBAC9B,YAAY,EAAE,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC;gBAC9C,gBAAgB,EAAE,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,CAAC;gBACpD,WAAW,EAAE,eAAe;gBAC5B,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,SAAS;aACV,CAAC;YAEF,OAAO;gBACL,YAAY,EAAE,MAAM,CAAC,YAAY,IAAI,EAAE;gBACvC,KAAK;gBACL,WAAW,EAAE,YAAY;aAC1B,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;YACzC,OAAO,CAAC,KAAK,CAAC,8BAA8B,EAAE,KAAK,CAAC,CAAC;YAErD,+BAA+B;YAC/B,OAAO;gBACL,YAAY,EAAE,EAAE;gBAChB,KAAK,EAAE;oBACL,YAAY,EAAE,CAAC;oBACf,gBAAgB,EAAE,CAAC;oBACnB,WAAW,EAAE,CAAC;oBACd,KAAK,EAAE,IAAI,CAAC,KAAK;oBACjB,SAAS;iBACV;gBACD,WAAW,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe;aACtE,CAAC;QACJ,CAAC;IAAA,CACF;IAED,kBAAkB,GAAa;QAC7B,2DAA2D;QAC3D,OAAO,CAAC,gBAAgB,EAAE,OAAO,EAAE,aAAa,CAAC,CAAC;IAAA,CACnD;IAED,KAAK,CAAC,YAAY,GAA2B;QAC3C,kDAAkD;QAClD,sDAAsD;QACtD,OAAO;YACL,SAAS,EAAE,CAAC,CAAC,EAAE,UAAU;YACzB,KAAK,EAAE,CAAC,CAAC,EAAE,UAAU;YACrB,OAAO,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,UAAU;SAChC,CAAC;IAAA,CACH;IAED,cAAc,GAAY;QACxB,wDAAwD;QACxD,iDAAiD;QACjD,OAAO,IAAI,CAAC;IAAA,CACb;CACF"}

package/dist/llm/prompts.d.ts

@@ -0,0 +1,10 @@
+/**
+ * Detection prompts for LLM-based dependency analysis
+ * Optimized for identifying external informational dependencies
+ */
+export declare const SYSTEM_PROMPT = "You are an expert at analyzing code repositories to identify external informational dependencies.\n\nYour task is to identify external resources that developers reference but are NOT tracked by package managers (npm, PyPI, Cargo, etc.).\n\nINCLUDE these types of dependencies:\n- GitHub repositories referenced but not declared in package files\n- Documentation sites and API references\n- OpenAPI/GraphQL schemas\n- Research papers and arXiv preprints\n- Reference implementations and code examples\n- Technical specifications and RFCs\n\nEXCLUDE these (handled by dependabot):\n- NPM packages in package.json\n- Python packages in requirements.txt  \n- Rust crates in Cargo.toml\n- Docker images in Dockerfile\n- Any declared package manager dependencies\n\nFor each dependency found, provide:\n1. url: The complete URL\n2. name: A descriptive name\n3. description: What this dependency is used for\n4. type: One of [reference-implementation, schema, documentation, research-paper, api-example, other]\n5. confidence: A score from 0.0 to 1.0 indicating detection confidence\n6. reasoning: Brief explanation of why this is a dependency\n\nReturn ONLY valid JSON in this format:\n{\n  \"dependencies\": [\n    {\n      \"url\": \"https://example.com/resource\",\n      \"name\": \"Resource Name\",\n      \"description\": \"Purpose in the project\",\n      \"type\": \"documentation\",\n      \"confidence\": 0.95,\n      \"reasoning\": \"Referenced in README as API documentation\"\n    }\n  ]\n}";
+export declare const DETECTION_PROMPT_TEMPLATE = "Analyze the following content from a code repository and identify external informational dependencies:\n\n## Content Type: {contentType}\n## File Path: {filePath}\n\n## Content:\n{content}\n\nRemember:\n- Focus on external resources NOT in package managers\n- Provide confidence scores based on clarity of references\n- Include context about how each dependency is used\n- Return valid JSON only\n\nAnalyze and respond:";
+export declare function createDetectionPrompt(contentType: string, filePath: string, content: string): string;
+export declare const CLASSIFICATION_PROMPT_TEMPLATE = "Given this URL, classify its dependency type and suggest the best access method:\n\nURL: {url}\nContext: {context}\n\nClassify as one of:\n- reference-implementation: Example code demonstrating usage\n- schema: OpenAPI, JSON Schema, GraphQL, Protocol Buffers  \n- documentation: API docs, tutorials, guides\n- research-paper: Academic papers, arXiv preprints\n- api-example: Code snippets from documentation\n- other: If none of the above fit\n\nAlso determine the best access method:\n- github-api: For GitHub repositories\n- arxiv: For arXiv papers\n- openapi: For OpenAPI specifications\n- http: For generic web content\n\nReturn JSON:\n{\n  \"type\": \"documentation\",\n  \"accessMethod\": \"http\",\n  \"confidence\": 0.9,\n  \"reasoning\": \"URL structure suggests API documentation\"\n}";
+export declare function createClassificationPrompt(url: string, context: string): string;
+//# sourceMappingURL=prompts.d.ts.map

package/dist/llm/prompts.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"prompts.d.ts","sourceRoot":"","sources":["../../src/llm/prompts.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,eAAO,MAAM,aAAa,89CAuCxB,CAAC;AAEH,eAAO,MAAM,yBAAyB,waAcjB,CAAC;AAEtB,wBAAgB,qBAAqB,CACnC,WAAW,EAAE,MAAM,EACnB,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,MAAM,GACd,MAAM,CAIR;AAED,eAAO,MAAM,8BAA8B,+xBAyBzC,CAAC;AAEH,wBAAgB,0BAA0B,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,CAE/E"}

package/dist/llm/prompts.js

@@ -0,0 +1,94 @@
+/**
+ * Detection prompts for LLM-based dependency analysis
+ * Optimized for identifying external informational dependencies
+ */
+export const SYSTEM_PROMPT = `You are an expert at analyzing code repositories to identify external informational dependencies.
+
+Your task is to identify external resources that developers reference but are NOT tracked by package managers (npm, PyPI, Cargo, etc.).
+
+INCLUDE these types of dependencies:
+- GitHub repositories referenced but not declared in package files
+- Documentation sites and API references
+- OpenAPI/GraphQL schemas
+- Research papers and arXiv preprints
+- Reference implementations and code examples
+- Technical specifications and RFCs
+
+EXCLUDE these (handled by dependabot):
+- NPM packages in package.json
+- Python packages in requirements.txt  
+- Rust crates in Cargo.toml
+- Docker images in Dockerfile
+- Any declared package manager dependencies
+
+For each dependency found, provide:
+1. url: The complete URL
+2. name: A descriptive name
+3. description: What this dependency is used for
+4. type: One of [reference-implementation, schema, documentation, research-paper, api-example, other]
+5. confidence: A score from 0.0 to 1.0 indicating detection confidence
+6. reasoning: Brief explanation of why this is a dependency
+
+Return ONLY valid JSON in this format:
+{
+  "dependencies": [
+    {
+      "url": "https://example.com/resource",
+      "name": "Resource Name",
+      "description": "Purpose in the project",
+      "type": "documentation",
+      "confidence": 0.95,
+      "reasoning": "Referenced in README as API documentation"
+    }
+  ]
+}`;
+export const DETECTION_PROMPT_TEMPLATE = `Analyze the following content from a code repository and identify external informational dependencies:
+
+## Content Type: {contentType}
+## File Path: {filePath}
+
+## Content:
+{content}
+
+Remember:
+- Focus on external resources NOT in package managers
+- Provide confidence scores based on clarity of references
+- Include context about how each dependency is used
+- Return valid JSON only
+
+Analyze and respond:`;
+export function createDetectionPrompt(contentType, filePath, content) {
+    return DETECTION_PROMPT_TEMPLATE.replace('{contentType}', contentType)
+        .replace('{filePath}', filePath)
+        .replace('{content}', content);
+}
+export const CLASSIFICATION_PROMPT_TEMPLATE = `Given this URL, classify its dependency type and suggest the best access method:
+
+URL: {url}
+Context: {context}
+
+Classify as one of:
+- reference-implementation: Example code demonstrating usage
+- schema: OpenAPI, JSON Schema, GraphQL, Protocol Buffers  
+- documentation: API docs, tutorials, guides
+- research-paper: Academic papers, arXiv preprints
+- api-example: Code snippets from documentation
+- other: If none of the above fit
+
+Also determine the best access method:
+- github-api: For GitHub repositories
+- arxiv: For arXiv papers
+- openapi: For OpenAPI specifications
+- http: For generic web content
+
+Return JSON:
+{
+  "type": "documentation",
+  "accessMethod": "http",
+  "confidence": 0.9,
+  "reasoning": "URL structure suggests API documentation"
+}`;
+export function createClassificationPrompt(url, context) {
+    return CLASSIFICATION_PROMPT_TEMPLATE.replace('{url}', url).replace('{context}', context);
+}
+//# sourceMappingURL=prompts.js.map

package/dist/llm/prompts.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"prompts.js","sourceRoot":"","sources":["../../src/llm/prompts.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,MAAM,CAAC,MAAM,aAAa,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAuC3B,CAAC;AAEH,MAAM,CAAC,MAAM,yBAAyB,GAAG;;;;;;;;;;;;;;qBAcpB,CAAC;AAEtB,MAAM,UAAU,qBAAqB,CACnC,WAAmB,EACnB,QAAgB,EAChB,OAAe,EACP;IACR,OAAO,yBAAyB,CAAC,OAAO,CAAC,eAAe,EAAE,WAAW,CAAC;SACnE,OAAO,CAAC,YAAY,EAAE,QAAQ,CAAC;SAC/B,OAAO,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;AAAA,CAClC;AAED,MAAM,CAAC,MAAM,8BAA8B,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;EAyB5C,CAAC;AAEH,MAAM,UAAU,0BAA0B,CAAC,GAAW,EAAE,OAAe,EAAU;IAC/E,OAAO,8BAA8B,CAAC,OAAO,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;AAAA,CAC3F"}

package/dist/parsers/code-comments.d.ts

@@ -0,0 +1,23 @@
+/**
+ * Code Comment Parser
+ * Extracts URLs and references from code comments
+ */
+export interface CommentReference {
+    url: string;
+    context: string;
+    file: string;
+    line: number;
+    commentType: 'single-line' | 'multi-line' | 'jsdoc';
+}
+/**
+ * Parse code files and extract references from comments
+ */
+export declare function parseCodeComments(content: string, filePath: string): CommentReference[];
+/**
+ * Extract specification and RFC references from comments
+ */
+export declare function extractSpecReferences(content: string): Array<{
+    spec: string;
+    context: string;
+}>;
+//# sourceMappingURL=code-comments.d.ts.map

package/dist/parsers/code-comments.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"code-comments.d.ts","sourceRoot":"","sources":["../../src/parsers/code-comments.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,MAAM,WAAW,gBAAgB;IAC/B,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,aAAa,GAAG,YAAY,GAAG,OAAO,CAAC;CACrD;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,gBAAgB,EAAE,CA6DvF;AAwED;;GAEG;AACH,wBAAgB,qBAAqB,CAAC,OAAO,EAAE,MAAM,GAAG,KAAK,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC,CAyB/F"}