@flagshark/core 1.0.0 → 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/README.md +135 -0
  2. package/package.json +4 -2
package/README.md ADDED
@@ -0,0 +1,135 @@
1
+ # @flagshark/core
2
+
3
+ The detection engine behind [FlagShark](https://github.com/FlagShark/flagshark) — finds feature flag references across 13 languages and 12+ providers, and identifies stale flags via git blame.
4
+
5
+ This is the **library**. If you want a CLI or GitHub Action, install [`flagshark`](https://www.npmjs.com/package/flagshark) instead.
6
+
7
+ ## Install
8
+
9
+ ```bash
10
+ npm install @flagshark/core
11
+ ```
12
+
13
+ ## Quick start
14
+
15
+ ```ts
16
+ import { scanRepo } from '@flagshark/core'
17
+
18
+ const result = await scanRepo({
19
+ cwd: process.cwd(),
20
+ threshold: 6, // months — flag is stale if older than this
21
+ })
22
+
23
+ console.log(`${result.totalFlags} flags, ${result.staleFlags.length} stale`)
24
+ console.log(`Health score: ${result.healthScore}/100`)
25
+ console.log(`Languages: ${Object.keys(result.languageBreakdown).join(', ')}`)
26
+ ```
27
+
28
+ ## API
29
+
30
+ ### `scanRepo(options) → Promise<ScanRepoResult>`
31
+
32
+ Top-level orchestrator. Walks a checked-out repository, detects flags, and runs staleness analysis.
33
+
34
+ ```ts
35
+ interface ScanRepoOptions {
36
+ /** Absolute path to the repository being scanned. */
37
+ cwd: string
38
+
39
+ /** Staleness threshold in months. Default: 6. */
40
+ threshold?: number
41
+
42
+ /** If set, only scan files changed since this git ref (e.g. `origin/main`). */
43
+ diff?: string
44
+
45
+ /** Optional cancellation signal. Cancels file analysis only;
46
+ * `git blame` subprocesses always run to completion. */
47
+ signal?: AbortSignal
48
+
49
+ /** Optional `{ debug, info, warn, error }` logger. Defaults to no-op. */
50
+ logger?: ScanLogger
51
+ }
52
+
53
+ interface ScanRepoResult {
54
+ totalFlags: number
55
+ filesScanned: number
56
+ staleFlags: StaleFlag[]
57
+ detectedProviders: string[]
58
+ languageBreakdown: Record<string, number>
59
+ healthScore: number // 0–100
60
+ scanDuration: number // ms
61
+ }
62
+ ```
63
+
64
+ `scanRepo` walks the local filesystem. If you can't run a git checkout (e.g., serverless function reading from an API), use the lower-level primitives below.
65
+
66
+ ### Lower-level primitives
67
+
68
+ For consumers that fetch file contents elsewhere (GitHub API, S3, in-memory, etc.):
69
+
70
+ ```ts
71
+ import { createDefaultRegistry, PolyglotAnalyzer } from '@flagshark/core'
72
+
73
+ const registry = createDefaultRegistry() // 13 detectors pre-registered
74
+ const analyzer = new PolyglotAnalyzer(registry)
75
+
76
+ // `files` is a Map<filePath, content>
77
+ const result = await analyzer.analyzeFiles(files)
78
+ // .totalFlags: Map<flagName, FeatureFlag[]>
79
+ // .languages: Map<Language, number>
80
+ ```
81
+
82
+ For staleness analysis with a local checkout:
83
+
84
+ ```ts
85
+ import { analyzeStaleness } from '@flagshark/core'
86
+
87
+ const stale = await analyzeStaleness(result.totalFlags, {
88
+ thresholdMonths: 6,
89
+ repoRoot: '/path/to/repo',
90
+ })
91
+ ```
92
+
93
+ ### Custom detectors
94
+
95
+ `createDefaultRegistry()` returns a `LanguageRegistry`. Register additional detectors that implement the `LanguageDetector` interface:
96
+
97
+ ```ts
98
+ import { createDefaultRegistry, LanguageDetector } from '@flagshark/core'
99
+
100
+ const registry = createDefaultRegistry()
101
+ registry.register(new MyCustomDetector())
102
+ ```
103
+
104
+ Or import individual detectors and compose your own registry:
105
+
106
+ ```ts
107
+ import { LanguageRegistry, GoDetector, TypeScriptDetector } from '@flagshark/core'
108
+
109
+ const registry = new LanguageRegistry()
110
+ registry.register(new GoDetector())
111
+ registry.register(new TypeScriptDetector())
112
+ ```
113
+
114
+ ## Supported languages
115
+
116
+ TypeScript/JavaScript, Go, Python, Java, Kotlin, Swift, Ruby, C#, PHP, Rust, C/C++, Objective-C.
117
+
118
+ ## Supported providers
119
+
120
+ Auto-detected from imports — no configuration needed: LaunchDarkly, Unleash, Flipt, Split.io, PostHog, Flagsmith, ConfigCat, Statsig, GrowthBook, DevCycle, Eppo, Optimizely, plus generic custom-flag patterns.
121
+
122
+ ## How detection works
123
+
124
+ For each file, FlagShark looks for an import of a flag SDK. If none is found, the file is skipped — this prevents false positives from generic functions named `isEnabled()` etc. Once a file qualifies, language-specific regex patterns extract flag references along with provider attribution and source location.
125
+
126
+ ## How staleness works
127
+
128
+ A flag is marked stale if **any** signal fires:
129
+
130
+ 1. **Age:** `git blame` says the flag was added more than `threshold` months ago.
131
+ 2. **Single file:** The flag name appears in only one file across the repo, suggesting a completed rollout.
132
+
133
+ ## License
134
+
135
+ MIT
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@flagshark/core",
3
- "version": "1.0.0",
3
+ "version": "1.0.1",
4
4
  "type": "module",
5
5
  "description": "Detection engine for FlagShark — finds feature flag references across 13 languages.",
6
6
  "license": "MIT",
@@ -33,5 +33,7 @@
33
33
  "typescript": "^5.7.0",
34
34
  "vitest": "^3.0.0"
35
35
  },
36
- "engines": { "node": ">=18.0.0" }
36
+ "engines": {
37
+ "node": ">=18.0.0"
38
+ }
37
39
  }