@dependabit/monitor 0.1.1

package/dist/severity.js

@@ -0,0 +1,87 @@
+/**
+ * Severity Classifier
+ * Classifies dependency changes into breaking, major, or minor severity levels
+ */
+export class SeverityClassifier {
+    /**
+     * Classifies the severity of a change based on version changes and change types
+     */
+    classify(changes) {
+        if (!changes.hasChanged) {
+            return 'minor';
+        }
+        // Check for version-based classification
+        if (changes.oldVersion && changes.newVersion) {
+            const severity = this.classifyVersionChange(changes.oldVersion, changes.newVersion);
+            if (severity) {
+                return severity;
+            }
+        }
+        // Check for OpenAPI/schema changes
+        if (changes.diff && typeof changes.diff === 'object') {
+            const diff = changes.diff;
+            // Breaking: Removed endpoints or incompatible schema changes
+            if (diff.removedEndpoints && diff.removedEndpoints.length > 0) {
+                return 'breaking';
+            }
+            if (diff.schemaChanges && diff.schemaChanges.length > 0) {
+                return 'breaking';
+            }
+            // Major: New endpoints or features
+            if (diff.addedEndpoints && diff.addedEndpoints.length > 0) {
+                return 'major';
+            }
+        }
+        // Default to minor for content changes
+        return 'minor';
+    }
+    /**
+     * Classifies severity based on semantic versioning
+     * @returns Severity level or undefined if version format not recognized
+     */
+    classifyVersionChange(oldVersion, newVersion) {
+        // Parse semver-like versions
+        const oldParts = this.parseVersion(oldVersion);
+        const newParts = this.parseVersion(newVersion);
+        if (!oldParts || !newParts) {
+            return undefined;
+        }
+        const [oldMajor, oldMinor, oldPatch] = oldParts;
+        const [newMajor, newMinor, newPatch] = newParts;
+        // Breaking: Major version increase
+        if (newMajor > oldMajor) {
+            return 'breaking';
+        }
+        // Major: Minor version increase
+        if (newMajor === oldMajor && newMinor > oldMinor) {
+            return 'major';
+        }
+        // Minor: Patch version increase or same version
+        if (newMajor === oldMajor && newMinor === oldMinor && newPatch >= oldPatch) {
+            return 'minor';
+        }
+        // Default for other cases
+        return 'major';
+    }
+    /**
+     * Parses a version string into [major, minor, patch]
+     */
+    parseVersion(version) {
+        if (!version) {
+            return null;
+        }
+        // Remove 'v' prefix if present
+        const cleaned = version.replace(/^v/, '');
+        // Match semver pattern
+        const match = cleaned.match(/^(\d+)\.(\d+)\.(\d+)/);
+        if (!match) {
+            return null;
+        }
+        return [
+            parseInt(match[1] || '0', 10),
+            parseInt(match[2] || '0', 10),
+            parseInt(match[3] || '0', 10)
+        ];
+    }
+}
+//# sourceMappingURL=severity.js.map

package/dist/severity.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"severity.js","sourceRoot":"","sources":["../src/severity.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAMH,MAAM,OAAO,kBAAkB;IAC7B;;OAEG;IACH,QAAQ,CAAC,OAAwB,EAAY;QAC3C,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC;YACxB,OAAO,OAAO,CAAC;QACjB,CAAC;QAED,yCAAyC;QACzC,IAAI,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;YAC7C,MAAM,QAAQ,GAAG,IAAI,CAAC,qBAAqB,CAAC,OAAO,CAAC,UAAU,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC;YACpF,IAAI,QAAQ,EAAE,CAAC;gBACb,OAAO,QAAQ,CAAC;YAClB,CAAC;QACH,CAAC;QAED,mCAAmC;QACnC,IAAI,OAAO,CAAC,IAAI,IAAI,OAAO,OAAO,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;YACrD,MAAM,IAAI,GAAG,OAAO,CAAC,IAIpB,CAAC;YAEF,6DAA6D;YAC7D,IAAI,IAAI,CAAC,gBAAgB,IAAI,IAAI,CAAC,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC9D,OAAO,UAAU,CAAC;YACpB,CAAC;YAED,IAAI,IAAI,CAAC,aAAa,IAAI,IAAI,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACxD,OAAO,UAAU,CAAC;YACpB,CAAC;YAED,mCAAmC;YACnC,IAAI,IAAI,CAAC,cAAc,IAAI,IAAI,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC1D,OAAO,OAAO,CAAC;YACjB,CAAC;QACH,CAAC;QAED,uCAAuC;QACvC,OAAO,OAAO,CAAC;IAAA,CAChB;IAED;;;OAGG;IACK,qBAAqB,CAAC,UAAkB,EAAE,UAAkB,EAAwB;QAC1F,6BAA6B;QAC7B,MAAM,QAAQ,GAAG,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC,CAAC;QAC/C,MAAM,QAAQ,GAAG,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC,CAAC;QAE/C,IAAI,CAAC,QAAQ,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC3B,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,MAAM,CAAC,QAAQ,EAAE,QAAQ,EAAE,QAAQ,CAAC,GAAG,QAAQ,CAAC;QAChD,MAAM,CAAC,QAAQ,EAAE,QAAQ,EAAE,QAAQ,CAAC,GAAG,QAAQ,CAAC;QAEhD,mCAAmC;QACnC,IAAI,QAAQ,GAAG,QAAQ,EAAE,CAAC;YACxB,OAAO,UAAU,CAAC;QACpB,CAAC;QAED,gCAAgC;QAChC,IAAI,QAAQ,KAAK,QAAQ,IAAI,QAAQ,GAAG,QAAQ,EAAE,CAAC;YACjD,OAAO,OAAO,CAAC;QACjB,CAAC;QAED,gDAAgD;QAChD,IAAI,QAAQ,KAAK,QAAQ,IAAI,QAAQ,KAAK,QAAQ,IAAI,QAAQ,IAAI,QAAQ,EAAE,CAAC;YAC3E,OAAO,OAAO,CAAC;QACjB,CAAC;QAED,0BAA0B;QAC1B,OAAO,OAAO,CAAC;IAAA,CAChB;IAED;;OAEG;IACK,YAAY,CAAC,OAAe,EAAmC;QACrE,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,IAAI,CAAC;QACd,CAAC;QAED,+BAA+B;QAC/B,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;QAE1C,uBAAuB;QACvB,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC;QACpD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO;YACL,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,GAAG,EAAE,EAAE,CAAC;YAC7B,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,GAAG,EAAE,EAAE,CAAC;YAC7B,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,GAAG,EAAE,EAAE,CAAC;SAC9B,CAAC;IAAA,CACH;CACF"}

package/dist/types.d.ts

@@ -0,0 +1,36 @@
+/**
+ * Common types for dependency checkers
+ */
+export interface DependencySnapshot {
+    version?: string | undefined;
+    stateHash: string;
+    fetchedAt: Date;
+    metadata?: Record<string, unknown>;
+}
+export interface ChangeDetection {
+    hasChanged: boolean;
+    changes: string[];
+    oldVersion?: string | undefined;
+    newVersion?: string | undefined;
+    diff?: unknown;
+    severity?: 'breaking' | 'major' | 'minor';
+}
+export interface AccessConfig {
+    url: string;
+    accessMethod: 'github-api' | 'http' | 'openapi' | 'context7' | 'arxiv';
+    auth?: {
+        type: 'token' | 'basic' | 'oauth' | 'none';
+        secret?: string;
+    };
+}
+export interface Checker {
+    /**
+     * Fetches the current state of a dependency
+     */
+    fetch(config: AccessConfig): Promise<DependencySnapshot>;
+    /**
+     * Compares two snapshots to detect changes
+     */
+    compare(prev: DependencySnapshot, curr: DependencySnapshot): Promise<ChangeDetection>;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,WAAW,kBAAkB;IACjC,OAAO,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,IAAI,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED,MAAM,WAAW,eAAe;IAC9B,UAAU,EAAE,OAAO,CAAC;IACpB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IAChC,UAAU,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IAChC,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,QAAQ,CAAC,EAAE,UAAU,GAAG,OAAO,GAAG,OAAO,CAAC;CAC3C;AAED,MAAM,WAAW,YAAY;IAC3B,GAAG,EAAE,MAAM,CAAC;IACZ,YAAY,EAAE,YAAY,GAAG,MAAM,GAAG,SAAS,GAAG,UAAU,GAAG,OAAO,CAAC;IACvE,IAAI,CAAC,EAAE;QACL,IAAI,EAAE,OAAO,GAAG,OAAO,GAAG,OAAO,GAAG,MAAM,CAAC;QAC3C,MAAM,CAAC,EAAE,MAAM,CAAC;KACjB,CAAC;CACH;AAED,MAAM,WAAW,OAAO;IACtB;;OAEG;IACH,KAAK,CAAC,MAAM,EAAE,YAAY,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;IAEzD;;OAEG;IACH,OAAO,CAAC,IAAI,EAAE,kBAAkB,EAAE,IAAI,EAAE,kBAAkB,GAAG,OAAO,CAAC,eAAe,CAAC,CAAC;CACvF"}

package/dist/types.js

@@ -0,0 +1,5 @@
+/**
+ * Common types for dependency checkers
+ */
+export {};
+//# sourceMappingURL=types.js.map

package/dist/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;GAEG"}

package/package.json

@@ -0,0 +1,39 @@
+{
+  "name": "@dependabit/monitor",
+  "version": "0.1.1",
+  "description": "Change detection and monitoring logic for external dependencies",
+  "type": "module",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "default": "./dist/index.js"
+    }
+  },
+  "dependencies": {
+    "yaml": "^2.8.2",
+    "zod": "^4.3.6",
+    "@dependabit/manifest": "0.1.1"
+  },
+  "devDependencies": {
+    "@types/node": "^25.2.2",
+    "tsx": "^4.21.0",
+    "typescript": "^5.9.3",
+    "vitest": "^4.0.18"
+  },
+  "keywords": [
+    "monitor",
+    "change-detection",
+    "dependency"
+  ],
+  "license": "MIT",
+  "scripts": {
+    "build": "tsgo -p tsconfig.json",
+    "clean": "rm -rf dist",
+    "dev": "tsx watch src/index.ts",
+    "type-check": "tsgo --noEmit -p tsconfig.json",
+    "test": "vitest run",
+    "test:watch": "vitest"
+  }
+}

package/src/checkers/github-repo.ts

@@ -0,0 +1,150 @@
+/**
+ * GitHub Repository Checker
+ * Monitors GitHub repositories for new releases and changes
+ */
+
+import type { Checker, DependencySnapshot, ChangeDetection, AccessConfig } from '../types.js';
+import crypto from 'node:crypto';
+
+export class GitHubRepoChecker implements Checker {
+  /**
+   * Fetches latest release information from a GitHub repository
+   */
+  async fetch(config: AccessConfig): Promise<DependencySnapshot> {
+    const { url } = config;
+
+    // Extract owner and repo from GitHub URL
+    const match = url.match(/github\.com\/([^/]+)\/([^/]+)/);
+    if (!match || !match[1] || !match[2]) {
+      throw new Error(`Invalid GitHub URL: ${url}`);
+    }
+
+    const owner = match[1];
+    const repo = match[2];
+    const cleanRepo = repo.replace(/\.git$/, '');
+
+    try {
+      // Fetch latest release from GitHub API
+      const apiUrl = `https://api.github.com/repos/${owner}/${cleanRepo}/releases/latest`;
+      const response = await fetch(apiUrl, {
+        headers: {
+          Accept: 'application/vnd.github+json',
+          'User-Agent': 'dependabit',
+          ...(config.auth?.secret && { Authorization: `Bearer ${config.auth.secret}` })
+        }
+      });
+
+      if (response.status === 404) {
+        // No releases found, fall back to latest commit
+        return this.fetchLatestCommit(owner, cleanRepo, config.auth?.secret);
+      }
+
+      if (!response.ok) {
+        throw new Error(`GitHub API error: ${response.status} ${response.statusText}`);
+      }
+
+      const release = (await response.json()) as {
+        tag_name: string;
+        name: string;
+        published_at: string;
+        body: string;
+        html_url: string;
+      };
+
+      // Create state hash from release info
+      const stateContent = JSON.stringify({
+        tagName: release.tag_name,
+        name: release.name,
+        publishedAt: release.published_at
+      });
+      const stateHash = crypto.createHash('sha256').update(stateContent).digest('hex');
+
+      return {
+        version: release.tag_name,
+        stateHash,
+        fetchedAt: new Date(),
+        metadata: {
+          name: release.name,
+          publishedAt: release.published_at,
+          body: release.body,
+          htmlUrl: release.html_url
+        }
+      };
+    } catch (error) {
+      throw new Error(`Failed to fetch GitHub release: ${(error as Error).message}`);
+    }
+  }
+
+  /**
+   * Fallback: Fetch latest commit when no releases exist
+   */
+  private async fetchLatestCommit(
+    owner: string,
+    repo: string,
+    token?: string
+  ): Promise<DependencySnapshot> {
+    const apiUrl = `https://api.github.com/repos/${owner}/${repo}/commits?per_page=1`;
+    const response = await fetch(apiUrl, {
+      headers: {
+        Accept: 'application/vnd.github+json',
+        'User-Agent': 'dependabit',
+        ...(token && { Authorization: `Bearer ${token}` })
+      }
+    });
+
+    if (!response.ok) {
+      throw new Error(`GitHub API error: ${response.status} ${response.statusText}`);
+    }
+
+    const commits = (await response.json()) as Array<{
+      sha: string;
+      commit: {
+        message: string;
+        author: { date: string };
+      };
+    }>;
+
+    if (commits.length === 0 || !commits[0]) {
+      throw new Error('No commits found in repository');
+    }
+
+    const latestCommit = commits[0];
+    const stateHash = latestCommit.sha;
+
+    return {
+      stateHash,
+      fetchedAt: new Date(),
+      metadata: {
+        sha: latestCommit.sha,
+        message: latestCommit.commit.message,
+        date: latestCommit.commit.author.date
+      }
+    };
+  }
+
+  /**
+   * Compares two snapshots to detect version/state changes
+   */
+  async compare(prev: DependencySnapshot, curr: DependencySnapshot): Promise<ChangeDetection> {
+    const changes: string[] = [];
+
+    // Check version change
+    if (prev.version !== curr.version) {
+      if (prev.version && curr.version) {
+        changes.push('version');
+      }
+    }
+
+    // Check state hash change
+    if (prev.stateHash !== curr.stateHash) {
+      changes.push('stateHash');
+    }
+
+    return {
+      hasChanged: changes.length > 0,
+      changes,
+      oldVersion: prev.version,
+      newVersion: curr.version
+    };
+  }
+}

package/src/checkers/index.ts

@@ -0,0 +1,7 @@
+/**
+ * Dependency checkers for different access methods
+ */
+
+export { GitHubRepoChecker } from './github-repo.js';
+export { URLContentChecker } from './url-content.js';
+export { OpenAPIChecker } from './openapi.js';

package/src/checkers/openapi.ts

@@ -0,0 +1,310 @@
+/**
+ * OpenAPI Spec Checker
+ * Monitors OpenAPI/Swagger specifications for changes with semantic diffing
+ */
+
+import type { Checker, DependencySnapshot, ChangeDetection, AccessConfig } from '../types.js';
+import crypto from 'node:crypto';
+import { parse as parseYAML } from 'yaml';
+
+/**
+ * OpenAPI document structure (partial, for what we need)
+ */
+interface OpenAPIDocument {
+  openapi?: string;
+  swagger?: string;
+  info?: {
+    title?: string;
+    version?: string;
+    description?: string;
+  };
+  paths?: Record<string, PathItem>;
+  components?: {
+    schemas?: Record<string, unknown>;
+    securitySchemes?: Record<string, unknown>;
+  };
+}
+
+interface PathItem {
+  get?: Operation;
+  post?: Operation;
+  put?: Operation;
+  patch?: Operation;
+  delete?: Operation;
+  options?: Operation;
+  head?: Operation;
+  trace?: Operation;
+  parameters?: unknown[];
+}
+
+interface Operation {
+  operationId?: string;
+  summary?: string;
+  description?: string;
+  parameters?: unknown[];
+  requestBody?: unknown;
+  responses?: Record<string, unknown>;
+  deprecated?: boolean;
+}
+
+/**
+ * Semantic diff result for OpenAPI specs
+ */
+interface OpenAPIDiff {
+  addedEndpoints: string[];
+  removedEndpoints: string[];
+  modifiedEndpoints: string[];
+  addedSchemas: string[];
+  removedSchemas: string[];
+  modifiedSchemas: string[];
+  versionChanged: boolean;
+  oldVersion?: string;
+  newVersion?: string;
+}
+
+export class OpenAPIChecker implements Checker {
+  /**
+   * Fetches and parses OpenAPI specification
+   */
+  async fetch(config: AccessConfig): Promise<DependencySnapshot> {
+    const { url } = config;
+
+    try {
+      const headers: Record<string, string> = {
+        Accept: 'application/json, application/yaml, text/yaml, */*',
+        'User-Agent': 'dependabit-monitor/1.0'
+      };
+
+      if (config.auth?.secret) {
+        if (config.auth.type === 'token' || config.auth.type === 'oauth') {
+          headers['Authorization'] = `Bearer ${config.auth.secret}`;
+        } else if (config.auth.type === 'basic') {
+          headers['Authorization'] = `Basic ${config.auth.secret}`;
+        }
+      }
+
+      const response = await fetch(url, {
+        headers
+      });
+
+      if (!response.ok) {
+        throw new Error(`HTTP error: ${response.status} ${response.statusText}`);
+      }
+
+      const contentType = response.headers.get('content-type') || '';
+      const content = await response.text();
+
+      // Parse the OpenAPI spec
+      let spec: OpenAPIDocument;
+      if (contentType.includes('yaml') || url.endsWith('.yaml') || url.endsWith('.yml')) {
+        // Parse YAML using standard yaml library
+        spec = parseYAML(content) as OpenAPIDocument;
+      } else {
+        spec = JSON.parse(content) as OpenAPIDocument;
+      }
+
+      // Extract key information for semantic comparison
+      const endpoints = this.extractEndpoints(spec);
+      const schemas = this.extractSchemas(spec);
+      const version = spec.info?.version;
+
+      // Create a deterministic hash from the semantic content
+      const semanticContent = JSON.stringify({
+        version,
+        endpoints: Object.keys(endpoints).sort(),
+        schemas: Object.keys(schemas).sort(),
+        endpointDetails: endpoints,
+        schemaDetails: schemas
+      });
+      const stateHash = crypto.createHash('sha256').update(semanticContent).digest('hex');
+
+      return {
+        version,
+        stateHash,
+        fetchedAt: new Date(),
+        metadata: {
+          title: spec.info?.title,
+          description: spec.info?.description,
+          specVersion: spec.openapi || spec.swagger,
+          endpointCount: Object.keys(endpoints).length,
+          schemaCount: Object.keys(schemas).length,
+          endpoints,
+          schemas
+        }
+      };
+    } catch (error) {
+      throw new Error(`Failed to fetch OpenAPI spec: ${(error as Error).message}`);
+    }
+  }
+
+  /**
+   * Extract endpoints from OpenAPI spec
+   */
+  private extractEndpoints(spec: OpenAPIDocument): Record<string, string[]> {
+    const endpoints: Record<string, string[]> = {};
+
+    if (!spec.paths) return endpoints;
+
+    for (const [path, pathItem] of Object.entries(spec.paths)) {
+      const methods: string[] = [];
+      const httpMethods = [
+        'get',
+        'post',
+        'put',
+        'patch',
+        'delete',
+        'options',
+        'head',
+        'trace'
+      ] as const;
+
+      for (const method of httpMethods) {
+        if (pathItem[method]) {
+          methods.push(method.toUpperCase());
+        }
+      }
+
+      if (methods.length > 0) {
+        endpoints[path] = methods;
+      }
+    }
+
+    return endpoints;
+  }
+
+  /**
+   * Extract schemas from OpenAPI spec
+   */
+  private extractSchemas(spec: OpenAPIDocument): Record<string, unknown> {
+    return spec.components?.schemas || {};
+  }
+
+  /**
+   * Compares two OpenAPI snapshots with semantic diffing
+   */
+  async compare(prev: DependencySnapshot, curr: DependencySnapshot): Promise<ChangeDetection> {
+    const changes: string[] = [];
+    let severity: 'breaking' | 'major' | 'minor' = 'minor';
+
+    // Extract endpoints and schemas from metadata
+    let prevEndpoints = (prev.metadata?.['endpoints'] as Record<string, string[]>) || {};
+    let currEndpoints = (curr.metadata?.['endpoints'] as Record<string, string[]>) || {};
+    let prevSchemas = (prev.metadata?.['schemas'] as Record<string, unknown>) || {};
+    let currSchemas = (curr.metadata?.['schemas'] as Record<string, unknown>) || {};
+
+    // If the state hashes match but previous metadata is missing, avoid spurious diffs
+    if (
+      prev.stateHash !== undefined &&
+      curr.stateHash !== undefined &&
+      prev.stateHash === curr.stateHash
+    ) {
+      prevEndpoints = currEndpoints;
+      prevSchemas = currSchemas;
+    }
+    const diff: OpenAPIDiff = {
+      addedEndpoints: [],
+      removedEndpoints: [],
+      modifiedEndpoints: [],
+      addedSchemas: [],
+      removedSchemas: [],
+      modifiedSchemas: [],
+      versionChanged: prev.version !== curr.version
+    };
+
+    if (prev.version !== undefined) {
+      diff.oldVersion = prev.version;
+    }
+
+    if (curr.version !== undefined) {
+      diff.newVersion = curr.version;
+    }
+
+    // Compare endpoints
+    const prevEndpointKeys = Object.keys(prevEndpoints);
+    const currEndpointKeys = Object.keys(currEndpoints);
+
+    for (const path of currEndpointKeys) {
+      if (!prevEndpointKeys.includes(path)) {
+        diff.addedEndpoints.push(path);
+      } else if (JSON.stringify(prevEndpoints[path]) !== JSON.stringify(currEndpoints[path])) {
+        diff.modifiedEndpoints.push(path);
+      }
+    }
+
+    for (const path of prevEndpointKeys) {
+      if (!currEndpointKeys.includes(path)) {
+        diff.removedEndpoints.push(path);
+      }
+    }
+
+    // Compare schemas
+    const prevSchemaKeys = Object.keys(prevSchemas);
+    const currSchemaKeys = Object.keys(currSchemas);
+
+    for (const schema of currSchemaKeys) {
+      if (!prevSchemaKeys.includes(schema)) {
+        diff.addedSchemas.push(schema);
+      } else if (JSON.stringify(prevSchemas[schema]) !== JSON.stringify(currSchemas[schema])) {
+        diff.modifiedSchemas.push(schema);
+      }
+    }
+
+    for (const schema of prevSchemaKeys) {
+      if (!currSchemaKeys.includes(schema)) {
+        diff.removedSchemas.push(schema);
+      }
+    }
+
+    // Determine changes and severity
+    if (diff.removedEndpoints.length > 0) {
+      changes.push('endpoints_removed');
+      severity = 'breaking';
+    }
+
+    if (diff.removedSchemas.length > 0) {
+      changes.push('schemas_removed');
+      severity = 'breaking';
+    }
+
+    if (diff.modifiedEndpoints.length > 0) {
+      changes.push('endpoints_modified');
+      if (severity !== 'breaking') severity = 'major';
+    }
+
+    if (diff.modifiedSchemas.length > 0) {
+      changes.push('schemas_modified');
+      if (severity !== 'breaking') severity = 'major';
+    }
+
+    if (diff.addedEndpoints.length > 0) {
+      changes.push('endpoints_added');
+    }
+
+    if (diff.addedSchemas.length > 0) {
+      changes.push('schemas_added');
+    }
+
+    if (diff.versionChanged) {
+      changes.push('version');
+    }
+
+    // Check overall hash change
+    if (prev.stateHash !== curr.stateHash && changes.length === 0) {
+      changes.push('content');
+    }
+
+    const result: ChangeDetection = {
+      hasChanged: changes.length > 0,
+      changes,
+      oldVersion: prev.version,
+      newVersion: curr.version,
+      diff
+    };
+
+    if (changes.length > 0) {
+      result.severity = severity;
+    }
+
+    return result;
+  }
+}