@doccov/api 0.3.7 → 0.5.0

package/src/routes/coverage.ts

@@ -0,0 +1,288 @@
+import { getPlanLimits, type Plan } from '@doccov/db';
+import { Hono } from 'hono';
+import { nanoid } from 'nanoid';
+import { auth } from '../auth/config';
+import { db } from '../db/client';
+
+type Session = Awaited<ReturnType<typeof auth.api.getSession>>;
+
+type Env = {
+  Variables: {
+    session: NonNullable<Session>;
+  };
+};
+
+export const coverageRoute = new Hono<Env>();
+
+// Middleware: require auth
+coverageRoute.use('*', async (c, next) => {
+  const session = await auth.api.getSession({ headers: c.req.raw.headers });
+  if (!session) {
+    return c.json({ error: 'Unauthorized' }, 401);
+  }
+  c.set('session', session);
+  await next();
+});
+
+// Get coverage history for a project
+coverageRoute.get('/projects/:projectId/history', async (c) => {
+  const session = c.get('session');
+  const { projectId } = c.req.param();
+  const { range = '30d', limit = '50' } = c.req.query();
+
+  // Verify user has access to project and get org plan
+  const projectWithOrg = await db
+    .selectFrom('projects')
+    .innerJoin('org_members', 'org_members.orgId', 'projects.orgId')
+    .innerJoin('organizations', 'organizations.id', 'projects.orgId')
+    .where('projects.id', '=', projectId)
+    .where('org_members.userId', '=', session.user.id)
+    .select(['projects.id', 'projects.name', 'organizations.plan'])
+    .executeTakeFirst();
+
+  if (!projectWithOrg) {
+    return c.json({ error: 'Project not found' }, 404);
+  }
+
+  // Check plan limits for trends access
+  const planLimits = getPlanLimits(projectWithOrg.plan as Plan);
+  if (planLimits.historyDays === 0) {
+    return c.json(
+      {
+        error: 'Coverage trends require Team plan or higher',
+        upgrade: 'https://doccov.com/pricing',
+      },
+      403,
+    );
+  }
+
+  // Calculate date filter based on range (capped by plan limit)
+  let dateFilter: Date | null = null;
+  const now = new Date();
+  const maxDays = planLimits.historyDays;
+
+  // Map range to days, capped by plan limit
+  const rangeDays: Record<string, number> = {
+    '7d': Math.min(7, maxDays),
+    '30d': Math.min(30, maxDays),
+    '90d': Math.min(90, maxDays),
+  };
+
+  if (range in rangeDays) {
+    const days = rangeDays[range];
+    dateFilter = new Date(now.getTime() - days * 24 * 60 * 60 * 1000);
+  } else if (range === 'all' || range === 'versions') {
+    // Still cap by plan limit
+    dateFilter = new Date(now.getTime() - maxDays * 24 * 60 * 60 * 1000);
+  }
+
+  let query = db
+    .selectFrom('coverage_snapshots')
+    .where('projectId', '=', projectId)
+    .orderBy('createdAt', 'desc')
+    .limit(parseInt(limit, 10));
+
+  if (dateFilter) {
+    query = query.where('createdAt', '>=', dateFilter);
+  }
+
+  const snapshots = await query
+    .select([
+      'id',
+      'version',
+      'branch',
+      'commitSha',
+      'coveragePercent',
+      'documentedCount',
+      'totalCount',
+      'descriptionCount',
+      'paramsCount',
+      'returnsCount',
+      'examplesCount',
+      'driftCount',
+      'source',
+      'createdAt',
+    ])
+    .execute();
+
+  // Reverse to get chronological order
+  const chronological = snapshots.reverse();
+
+  // Calculate insights
+  const insights = generateInsights(chronological);
+
+  // Detect regressions
+  const regression = detectRegression(chronological);
+
+  return c.json({
+    snapshots: chronological,
+    insights,
+    regression,
+  });
+});
+
+// Record a new coverage snapshot
+coverageRoute.post('/projects/:projectId/snapshots', async (c) => {
+  const session = c.get('session');
+  const { projectId } = c.req.param();
+  const body = await c.req.json<{
+    version?: string;
+    branch?: string;
+    commitSha?: string;
+    coveragePercent: number;
+    documentedCount: number;
+    totalCount: number;
+    descriptionCount?: number;
+    paramsCount?: number;
+    returnsCount?: number;
+    examplesCount?: number;
+    driftCount?: number;
+    source?: 'ci' | 'manual' | 'scheduled';
+  }>();
+
+  // Verify user has admin access to project
+  const membership = await db
+    .selectFrom('projects')
+    .innerJoin('org_members', 'org_members.orgId', 'projects.orgId')
+    .where('projects.id', '=', projectId)
+    .where('org_members.userId', '=', session.user.id)
+    .where('org_members.role', 'in', ['owner', 'admin'])
+    .select(['projects.id'])
+    .executeTakeFirst();
+
+  if (!membership) {
+    return c.json({ error: 'Forbidden' }, 403);
+  }
+
+  const snapshot = await db
+    .insertInto('coverage_snapshots')
+    .values({
+      id: nanoid(21),
+      projectId,
+      version: body.version || null,
+      branch: body.branch || null,
+      commitSha: body.commitSha || null,
+      coveragePercent: body.coveragePercent,
+      documentedCount: body.documentedCount,
+      totalCount: body.totalCount,
+      descriptionCount: body.descriptionCount || null,
+      paramsCount: body.paramsCount || null,
+      returnsCount: body.returnsCount || null,
+      examplesCount: body.examplesCount || null,
+      driftCount: body.driftCount || 0,
+      source: body.source || 'manual',
+    })
+    .returningAll()
+    .executeTakeFirst();
+
+  // Update project's latest coverage
+  await db
+    .updateTable('projects')
+    .set({
+      coverageScore: body.coveragePercent,
+      driftCount: body.driftCount || 0,
+      lastAnalyzedAt: new Date(),
+    })
+    .where('id', '=', projectId)
+    .execute();
+
+  return c.json({ snapshot }, 201);
+});
+
+// Helper: Generate insights from coverage data
+interface Snapshot {
+  version: string | null;
+  coveragePercent: number;
+  documentedCount: number;
+  totalCount: number;
+  driftCount: number;
+}
+
+interface Insight {
+  type: 'improvement' | 'regression' | 'prediction' | 'milestone';
+  message: string;
+  severity: 'info' | 'warning' | 'success';
+}
+
+function generateInsights(snapshots: Snapshot[]): Insight[] {
+  const insights: Insight[] = [];
+  if (snapshots.length < 2) return insights;
+
+  const first = snapshots[0];
+  const last = snapshots[snapshots.length - 1];
+  const diff = last.coveragePercent - first.coveragePercent;
+
+  // Overall improvement/regression
+  if (diff > 0) {
+    insights.push({
+      type: 'improvement',
+      message: `Coverage increased ${diff.toFixed(0)}% since ${first.version || 'first snapshot'}`,
+      severity: 'success',
+    });
+  } else if (diff < 0) {
+    insights.push({
+      type: 'regression',
+      message: `Coverage decreased ${Math.abs(diff).toFixed(0)}% since ${first.version || 'first snapshot'}`,
+      severity: 'warning',
+    });
+  }
+
+  // Predict time to 100%
+  if (diff > 0 && last.coveragePercent < 100) {
+    const remaining = 100 - last.coveragePercent;
+    const avgGainPerSnapshot = diff / (snapshots.length - 1);
+    if (avgGainPerSnapshot > 0) {
+      const snapshotsToComplete = Math.ceil(remaining / avgGainPerSnapshot);
+      insights.push({
+        type: 'prediction',
+        message: `At current pace, 100% coverage in ~${snapshotsToComplete} releases`,
+        severity: 'info',
+      });
+    }
+  }
+
+  // Check for milestones
+  const milestones = [50, 75, 90, 100];
+  for (const milestone of milestones) {
+    const crossedAt = snapshots.findIndex(
+      (s, i) =>
+        i > 0 && s.coveragePercent >= milestone && snapshots[i - 1].coveragePercent < milestone,
+    );
+    if (crossedAt > 0) {
+      insights.push({
+        type: 'milestone',
+        message: `Reached ${milestone}% coverage at ${snapshots[crossedAt].version || `snapshot ${crossedAt + 1}`}`,
+        severity: 'success',
+      });
+    }
+  }
+
+  return insights.slice(0, 5); // Limit to 5 insights
+}
+
+// Helper: Detect recent regression
+function detectRegression(
+  snapshots: Snapshot[],
+): { fromVersion: string; toVersion: string; coverageDrop: number; exportsLost: number } | null {
+  if (snapshots.length < 2) return null;
+
+  // Look at last 5 snapshots for recent regressions
+  const recent = snapshots.slice(-5);
+  for (let i = 1; i < recent.length; i++) {
+    const prev = recent[i - 1];
+    const curr = recent[i];
+    const drop = prev.coveragePercent - curr.coveragePercent;
+
+    if (drop >= 3) {
+      // 3% or more drop
+      return {
+        fromVersion: prev.version || `v${i}`,
+        toVersion: curr.version || `v${i + 1}`,
+        coverageDrop: Math.round(drop),
+        exportsLost: prev.documentedCount - curr.documentedCount,
+      };
+    }
+  }
+
+  return null;
+}

package/src/routes/demo.ts

@@ -0,0 +1,297 @@
+/**
+ * Demo route - public "Try it Now" endpoint for analyzing npm packages
+ * Uses the /plan and /execute-stream endpoints from the Vercel API
+ */
+
+import { Hono } from 'hono';
+import { streamSSE } from 'hono/streaming';
+import { anonymousRateLimit } from '../middleware/anonymous-rate-limit';
+
+export const demoRoute = new Hono();
+
+// Vercel API URL (where /plan and /execute-stream live)
+const VERCEL_API_URL = process.env.VERCEL_API_URL || 'https://api-khaki-phi.vercel.app';
+
+// Rate limit: 5 analyses per hour per IP
+demoRoute.use(
+  '*',
+  anonymousRateLimit({
+    windowMs: 60 * 60 * 1000, // 1 hour
+    max: 5,
+    message: 'Demo limit reached. Sign up for unlimited access.',
+    upgradeUrl: 'https://doccov.com/pricing',
+  }),
+);
+
+/**
+ * npm package info from registry
+ */
+interface NpmPackageInfo {
+  name: string;
+  version: string;
+  description?: string;
+  repository?: string;
+}
+
+/**
+ * Fetch package info from npm registry
+ */
+async function fetchNpmPackage(packageName: string): Promise<NpmPackageInfo> {
+  const encodedName = encodeURIComponent(packageName);
+  const url = `https://registry.npmjs.org/${encodedName}/latest`;
+
+  const res = await fetch(url, {
+    headers: { Accept: 'application/json' },
+  });
+
+  if (!res.ok) {
+    if (res.status === 404) {
+      throw new Error(`Package "${packageName}" not found on npm`);
+    }
+    throw new Error(`npm registry error: ${res.status}`);
+  }
+
+  const data = (await res.json()) as {
+    name: string;
+    version: string;
+    description?: string;
+    repository?: string | { type?: string; url?: string };
+  };
+
+  // Extract and normalize GitHub URL from repository field
+  let repoUrl: string | undefined;
+  if (data.repository) {
+    if (typeof data.repository === 'string') {
+      repoUrl = data.repository;
+    } else if (data.repository.url) {
+      // Normalize: git+https://github.com/... or git://github.com/...
+      repoUrl = data.repository.url
+        .replace(/^git\+/, '')
+        .replace(/^git:\/\//, 'https://')
+        .replace(/\.git$/, '');
+    }
+  }
+
+  // Validate it's a GitHub URL
+  if (repoUrl && !repoUrl.includes('github.com')) {
+    repoUrl = undefined;
+  }
+
+  return {
+    name: data.name,
+    version: data.version,
+    description: data.description,
+    repository: repoUrl,
+  };
+}
+
+/**
+ * Analysis result summary (matches SpecSummary from Vercel API)
+ */
+interface AnalysisSummary {
+  packageName: string;
+  version: string;
+  coverage: number;
+  exportCount: number;
+  documentedCount: number;
+  undocumentedCount: number;
+  driftCount: number;
+  topUndocumented: string[];
+  topDrift: Array<{ name: string; issue: string }>;
+}
+
+// GET /demo/analyze?package=lodash
+demoRoute.get('/analyze', async (c) => {
+  const packageName = c.req.query('package');
+
+  if (!packageName) {
+    return c.json({ error: 'Package name required' }, 400);
+  }
+
+  // Validate package name (basic sanitation)
+  if (!/^(@[\w-]+\/)?[\w.-]+$/.test(packageName)) {
+    return c.json({ error: 'Invalid package name format' }, 400);
+  }
+
+  return streamSSE(c, async (stream) => {
+    const sendEvent = async (
+      type: 'status' | 'log' | 'result' | 'error',
+      data: { step?: string; message?: string; data?: unknown },
+    ) => {
+      await stream.writeSSE({
+        data: JSON.stringify({ type, ...data }),
+        event: type === 'error' ? 'error' : type === 'result' ? 'complete' : 'progress',
+      });
+    };
+
+    try {
+      // Step 1: Fetch from npm registry
+      await sendEvent('status', {
+        step: 'npm',
+        message: `Fetching ${packageName} from npm registry...`,
+      });
+
+      const npmInfo = await fetchNpmPackage(packageName);
+
+      await sendEvent('log', {
+        message: `Found ${npmInfo.name}@${npmInfo.version}`,
+      });
+
+      if (!npmInfo.repository) {
+        await sendEvent('error', {
+          message: 'No GitHub repository linked to this package',
+        });
+        return;
+      }
+
+      await sendEvent('log', {
+        message: `Repository: ${npmInfo.repository}`,
+      });
+
+      // Step 2: Generate build plan via /plan endpoint
+      await sendEvent('status', {
+        step: 'plan',
+        message: 'Generating build plan...',
+      });
+
+      const planResponse = await fetch(`${VERCEL_API_URL}/plan`, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+          url: npmInfo.repository,
+          package: packageName.startsWith('@') ? packageName : undefined,
+        }),
+      });
+
+      if (!planResponse.ok) {
+        const errorData = (await planResponse.json()) as { error?: string };
+        throw new Error(errorData.error || `Plan generation failed: ${planResponse.status}`);
+      }
+
+      const planData = (await planResponse.json()) as {
+        plan: unknown;
+        context: { isMonorepo: boolean; packageManager: string };
+      };
+
+      await sendEvent('log', {
+        message: `Build plan ready (${planData.context.packageManager}${planData.context.isMonorepo ? ', monorepo' : ''})`,
+      });
+
+      // Step 3: Execute build plan via /execute-stream endpoint
+      await sendEvent('status', {
+        step: 'build',
+        message: 'Building and analyzing...',
+      });
+
+      const executeResponse = await fetch(`${VERCEL_API_URL}/execute-stream`, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({ plan: planData.plan }),
+      });
+
+      if (!executeResponse.ok || !executeResponse.body) {
+        throw new Error(`Execution failed: ${executeResponse.status}`);
+      }
+
+      // Stream the execute-stream SSE events and forward relevant ones
+      const reader = executeResponse.body.getReader();
+      const decoder = new TextDecoder();
+      let buffer = '';
+
+      while (true) {
+        const { done, value } = await reader.read();
+        if (done) break;
+
+        buffer += decoder.decode(value, { stream: true });
+        const lines = buffer.split('\n');
+        buffer = lines.pop() || '';
+
+        for (const line of lines) {
+          if (line.startsWith('event:')) {
+            const eventType = line.slice(7).trim();
+
+            // Get the next data line
+            const dataLineIndex = lines.indexOf(line) + 1;
+            if (dataLineIndex < lines.length && lines[dataLineIndex].startsWith('data:')) {
+              const dataStr = lines[dataLineIndex].slice(5).trim();
+              try {
+                const eventData = JSON.parse(dataStr) as {
+                  stage?: string;
+                  message?: string;
+                  stepId?: string;
+                  name?: string;
+                  success?: boolean;
+                  summary?: {
+                    name: string;
+                    version: string;
+                    coverage: number;
+                    exports: number;
+                    documented: number;
+                    undocumented: number;
+                  };
+                  error?: string;
+                };
+
+                // Forward progress events
+                if (eventType === 'progress') {
+                  await sendEvent('log', { message: eventData.message || eventData.stage });
+                } else if (eventType === 'step:start') {
+                  await sendEvent('status', {
+                    step: eventData.stepId === 'analyze' ? 'analyze' : 'build',
+                    message: eventData.name || `Running ${eventData.stepId}...`,
+                  });
+                } else if (eventType === 'step:complete' && eventData.stepId) {
+                  await sendEvent('log', {
+                    message: `${eventData.stepId} completed`,
+                  });
+                } else if (eventType === 'complete' && eventData.summary) {
+                  // Transform summary to our format
+                  const summary: AnalysisSummary = {
+                    packageName: eventData.summary.name,
+                    version: eventData.summary.version,
+                    coverage: eventData.summary.coverage,
+                    exportCount: eventData.summary.exports,
+                    documentedCount: eventData.summary.documented,
+                    undocumentedCount: eventData.summary.undocumented,
+                    driftCount: 0,
+                    topUndocumented: [],
+                    topDrift: [],
+                  };
+
+                  await sendEvent('log', {
+                    message: `Found ${summary.exportCount} exports, ${summary.documentedCount} documented`,
+                  });
+
+                  await sendEvent('status', {
+                    step: 'complete',
+                    message: 'Analysis complete!',
+                  });
+
+                  await sendEvent('result', { data: summary });
+                  return;
+                } else if (eventType === 'error') {
+                  throw new Error(eventData.error || 'Execution failed');
+                }
+              } catch (parseError) {
+                // Ignore JSON parse errors for incomplete data
+                if (parseError instanceof SyntaxError) continue;
+                throw parseError;
+              }
+            }
+          }
+        }
+      }
+
+      // If we get here without a complete event, something went wrong
+      throw new Error('Execution completed without results');
+    } catch (err) {
+      const message = err instanceof Error ? err.message : 'Analysis failed';
+      await sendEvent('error', { message });
+    }
+  });
+});
+
+// Health check
+demoRoute.get('/health', (c) => {
+  return c.json({ status: 'ok' });
+});