npm - @hiveai/cli - Versions diffs - 0.7.0 → 0.7.1 - Mend

@hiveai/cli 0.7.0 → 0.7.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/index.js CHANGED Viewed

@@ -457,9 +457,15 @@ var FRAMEWORK_SIGNALS = {
   "Express": ["express"],
   "Fastify": ["fastify"],
   "Hono": ["hono"],
-  "tRPC": ["@trpc/server"],
+  "tRPC": ["@trpc/server", "@trpc/client"],
   "Prisma": ["@prisma/client"],
   "Drizzle": ["drizzle-orm"],
+  "Redux Toolkit": ["@reduxjs/toolkit"],
+  "Zustand": ["zustand"],
+  "TanStack Query": ["@tanstack/react-query", "react-query"],
+  "Mongoose": ["mongoose"],
+  "Apollo": ["@apollo/client", "@apollo/server", "apollo-server"],
+  "GraphQL": ["graphql"],
   "Vite": ["vite"],
   "Vitest": ["vitest"],
   "Jest": ["jest"]
@@ -512,7 +518,14 @@ function detectLanguage(root) {
   if (existsSync3(path4.join(root, "package.json"))) return "JavaScript";
   return "Unknown";
 }
-function detectProjectType(frameworks, scripts) {
+function detectProjectType(frameworks, scripts, isMonorepo) {
+  if (isMonorepo) {
+    if (frameworks.includes("NestJS")) return "Monorepo (NestJS backend)";
+    if (frameworks.includes("Next.js")) return "Monorepo (Next.js)";
+    if (frameworks.includes("React")) return "Multi-package monorepo (React)";
+    if (frameworks.length > 0) return `Multi-package monorepo (${frameworks.slice(0, 2).join(", ")})`;
+    return "Multi-package monorepo";
+  }
   if (frameworks.includes("NestJS")) return "Backend API (NestJS)";
   if (frameworks.includes("Next.js")) return "Full-stack web app (Next.js)";
   if (frameworks.includes("Remix")) return "Full-stack web app (Remix)";
@@ -543,7 +556,7 @@ async function scanDirs(root, maxDepth = 2) {
   await walk(root, 0);
   return results;
 }
-function inferModuleDescriptions(dirs) {
+function inferModuleDescriptions(dirs, frameworks = []) {
   const known = {
     "src": "main source directory",
     "app": "application entrypoint / routes (Next.js App Router or similar)",
@@ -557,6 +570,12 @@ function inferModuleDescriptions(dirs) {
     "modules": "feature modules",
     "middleware": "HTTP or business middleware",
     "guards": "auth / access guards",
+    "decorators": "custom decorators",
+    "interceptors": "NestJS interceptors",
+    "filters": "exception filters",
+    "pipes": "validation / transformation pipes",
+    "dto": "Data Transfer Objects",
+    "entities": "ORM entities / database models",
     "prisma": "Prisma schema and migrations",
     "migrations": "database migrations",
     "config": "configuration files",
@@ -582,8 +601,46 @@ function inferModuleDescriptions(dirs) {
     "client": "client-side code",
     "features": "feature-based modules",
     "routes": "route definitions",
-    "workers": "background workers / queues"
+    "workers": "background workers / queues",
+    "auth": "authentication / authorization",
+    "users": "user management",
+    "products": "product catalog",
+    "orders": "order management",
+    "common": "shared / common utilities",
+    "shared": "shared code across modules"
   };
+  const isNestJS = frameworks.includes("NestJS");
+  const srcSubdirs = dirs.filter((d) => d.startsWith("src/") && d.split("/").length === 2);
+  if (isNestJS && srcSubdirs.length >= 2) {
+    const result = [`- \`src/\` \u2014 main source (NestJS feature modules)`];
+    for (const d of srcSubdirs.slice(0, 12)) {
+      const name = d.split("/")[1];
+      const desc = known[name.toLowerCase()] ?? "feature module";
+      result.push(`  - \`${name}/\` \u2014 ${desc}`);
+    }
+    const otherTopLevel = dirs.filter((d) => !d.includes("/") && d !== "src").slice(0, 6);
+    for (const d of otherTopLevel) {
+      const desc = known[d.toLowerCase()] ?? "module";
+      result.push(`- \`${d}/\` \u2014 ${desc}`);
+    }
+    return result;
+  }
+  const isMonorepo = dirs.some((d) => d === "packages") && dirs.some((d) => d.startsWith("packages/") && d.split("/").length === 2);
+  if (isMonorepo) {
+    const packageSubdirs = dirs.filter((d) => d.startsWith("packages/") && d.split("/").length === 2);
+    const result = [`- \`packages/\` \u2014 monorepo sub-packages`];
+    for (const d of packageSubdirs.slice(0, 10)) {
+      const name = d.split("/")[1];
+      const desc = known[name.toLowerCase()] ?? "sub-package";
+      result.push(`  - \`${name}/\` \u2014 ${desc}`);
+    }
+    const otherTopLevel = dirs.filter((d) => !d.includes("/") && d !== "packages").slice(0, 5);
+    for (const d of otherTopLevel) {
+      const desc = known[d.toLowerCase()] ?? "module";
+      result.push(`- \`${d}/\` \u2014 ${desc}`);
+    }
+    return result;
+  }
   const top = dirs.filter((d) => !d.includes("/")).slice(0, 12);
   return top.map((d) => {
     const desc = known[d.toLowerCase()] ?? "module";
@@ -618,7 +675,8 @@ async function generateBootstrapContext(root) {
   const frameworks = detectFrameworks(allDeps);
   const keyDeps = detectKeyDeps(allDeps);
   const language = detectLanguage(root);
-  const projectType = detectProjectType(frameworks, pkg.scripts ?? {});
+  const isMonorepo = pkg.workspaces !== void 0 && (Array.isArray(pkg.workspaces) ? pkg.workspaces.length > 0 : true);
+  const projectType = detectProjectType(frameworks, pkg.scripts ?? {}, isMonorepo);
   const projectName = pkg.name ?? path4.basename(root);
   const projectDesc = pkg.description ?? "";
   let readmeSummary = "";
@@ -634,7 +692,7 @@ async function generateBootstrapContext(root) {
     }
   }
   const dirs = await scanDirs(root, 2);
-  const moduleLines = inferModuleDescriptions(dirs);
+  const moduleLines = inferModuleDescriptions(dirs, frameworks);
   const scripts = pkg.scripts ?? {};
   const scriptLines = Object.entries(scripts).filter(([k]) => ["build", "dev", "start", "test", "lint", "deploy"].includes(k)).map(([k, v]) => `- \`${k}\`: ${v}`).slice(0, 6);
   const stackParts = [language];
@@ -1079,6 +1137,324 @@ After changing schema.ts:
 Without this, queries silently operate on stale column definitions and may return wrong data.`
     }
+  ],
+  zustand: [
+    {
+      slug: "zustand-select-slices-not-whole-store",
+      type: "convention",
+      tags: ["zustand", "performance", "react"],
+      body: `Always select specific slices \u2014 never subscribe to the whole store.
+\`\`\`ts
+// \u274C Re-renders on any store change (even unrelated fields)
+const store = useStore();
+// \u2705 Re-renders only when count changes
+const count = useStore((s) => s.count);
+\`\`\`
+Subscribing to the whole store is the single most common Zustand performance mistake.`
+    },
+    {
+      slug: "zustand-devtools-wrap-dev-only",
+      type: "convention",
+      tags: ["zustand", "devtools", "performance"],
+      body: `Wrap Zustand devtools middleware in a dev-only condition.
+\`\`\`ts
+import { devtools } from 'zustand/middleware';
+const useStore = create(
+  process.env.NODE_ENV === 'development'
+    ? devtools(storeImpl, { name: 'AppStore' })
+    : storeImpl,
+);
+\`\`\`
+Shipping devtools to production adds overhead and exposes store internals in bundle.`
+    },
+    {
+      slug: "zustand-persist-hydration-ssr",
+      type: "gotcha",
+      tags: ["zustand", "ssr", "nextjs", "hydration"],
+      body: `Zustand persist middleware causes hydration mismatch in SSR (Next.js / Remix).
+The server renders with empty state; the client rehydrates from localStorage.
+Fix: use \`skipHydration: true\` and manually call \`rehydrate()\` after mount.
+\`\`\`ts
+// In a useEffect or useLayoutEffect on the client:
+useEffect(() => { useStore.persist.rehydrate(); }, []);
+\`\`\``
+    }
+  ],
+  redux: [
+    {
+      slug: "redux-toolkit-immer-mutate-or-return",
+      type: "gotcha",
+      tags: ["redux", "redux-toolkit", "immer"],
+      body: `In RTK createSlice reducers (Immer), you must EITHER mutate the draft OR return a new value \u2014 never both.
+\`\`\`ts
+// \u2705 Mutate draft (Immer converts to immutable update)
+state.count += 1;
+// \u2705 Return new value
+return { ...state, count: state.count + 1 };
+// \u274C Both \u2014 causes undefined state
+state.count += 1;
+return state; // DON'T \u2014 Immer sees both a mutation and a return
+\`\`\``
+    },
+    {
+      slug: "redux-toolkit-rtk-query-over-thunk",
+      type: "decision",
+      tags: ["redux", "redux-toolkit", "data-fetching"],
+      body: `Use RTK Query for server data, not createAsyncThunk.
+RTK Query automatically handles: caching, loading/error states, cache invalidation, polling, optimistic updates.
+createAsyncThunk is for one-off side effects that don't fit the query/mutation model (e.g. file upload with progress).`
+    },
+    {
+      slug: "redux-toolkit-normalize-nested-data",
+      type: "convention",
+      tags: ["redux", "redux-toolkit", "normalization"],
+      body: `Normalize nested API responses before storing in Redux \u2014 use createEntityAdapter.
+Storing deeply nested objects causes:
+- Redundant re-renders when any deeply nested field changes
+- Difficult update logic (deep merge)
+\`\`\`ts
+const usersAdapter = createEntityAdapter<User>();
+const usersSlice = createSlice({
+  name: 'users',
+  initialState: usersAdapter.getInitialState(),
+  reducers: { usersReceived: usersAdapter.setAll },
+});
+\`\`\``
+    }
+  ],
+  reactquery: [
+    {
+      slug: "tanstack-query-stale-time-default",
+      type: "gotcha",
+      tags: ["react-query", "tanstack-query", "caching"],
+      body: `By default, TanStack Query marks data as stale immediately (staleTime: 0) and refetches on every window focus.
+Set a reasonable staleTime to avoid unnecessary network requests:
+\`\`\`ts
+useQuery({
+  queryKey: ['user', id],
+  queryFn: () => getUser(id),
+  staleTime: 5 * 60 * 1000, // 5 minutes
+})
+\`\`\`
+Set globally via QueryClient defaultOptions for consistency.`
+    },
+    {
+      slug: "tanstack-query-invalidate-after-mutation",
+      type: "convention",
+      tags: ["react-query", "tanstack-query", "mutations"],
+      body: `Always invalidate related queries after a mutation to keep the cache fresh.
+\`\`\`ts
+useMutation({
+  mutationFn: createUser,
+  onSuccess: () => queryClient.invalidateQueries({ queryKey: ['users'] }),
+})
+\`\`\`
+Skipping invalidation causes the UI to show stale data after a write until the next background refetch.`
+    },
+    {
+      slug: "tanstack-query-querykey-as-dependency",
+      type: "convention",
+      tags: ["react-query", "tanstack-query"],
+      body: `Treat the queryKey array as a dependency array \u2014 include all variables the queryFn depends on.
+\`\`\`ts
+// \u274C Won't refetch when userId changes
+useQuery({ queryKey: ['user'], queryFn: () => getUser(userId) });
+// \u2705 Refetches automatically when userId changes
+useQuery({ queryKey: ['user', userId], queryFn: () => getUser(userId) });
+\`\`\``
+    }
+  ],
+  trpc: [
+    {
+      slug: "trpc-always-validate-input-with-zod",
+      type: "convention",
+      tags: ["trpc", "validation", "security"],
+      body: `Always validate procedure inputs with Zod \u2014 tRPC infers types but doesn't enforce them at runtime without a schema.
+\`\`\`ts
+// \u274C No runtime validation \u2014 input is 'unknown'
+t.procedure.query(({ input }) => getUser(input as string));
+// \u2705 Validated and typed end-to-end
+t.procedure
+  .input(z.object({ id: z.string().uuid() }))
+  .query(({ input }) => getUser(input.id));
+\`\`\``
+    },
+    {
+      slug: "trpc-server-side-caller-for-ssr",
+      type: "convention",
+      tags: ["trpc", "nextjs", "ssr"],
+      body: `Use the server-side caller in Server Components / SSR \u2014 don't call tRPC over HTTP from the server.
+\`\`\`ts
+// In Next.js App Router server component
+const caller = appRouter.createCaller(await createContext());
+const data = await caller.users.getAll(); // Direct function call, no HTTP
+\`\`\`
+HTTP round-trips from server \u2192 server add latency and bypass auth context.`
+    },
+    {
+      slug: "trpc-context-for-auth",
+      type: "architecture",
+      tags: ["trpc", "auth"],
+      body: `Put auth session on the tRPC context, not in individual procedures.
+\`\`\`ts
+// createContext(): resolve session once, share across all procedures
+export async function createContext({ req }: CreateNextContextOptions) {
+  const session = await getServerSession(req);
+  return { session, db };
+}
+// In procedure: ctx.session.user is always typed
+const protectedProcedure = t.procedure.use(({ ctx, next }) => {
+  if (!ctx.session?.user) throw new TRPCError({ code: 'UNAUTHORIZED' });
+  return next({ ctx: { ...ctx, user: ctx.session.user } });
+});
+\`\`\``
+    }
+  ],
+  mongoose: [
+    {
+      slug: "mongoose-connection-singleton",
+      type: "convention",
+      tags: ["mongoose", "mongodb", "connection", "serverless"],
+      body: `Create one Mongoose connection at startup \u2014 never connect inside route handlers.
+In serverless (Next.js, Vercel), cache the connection to reuse across warm invocations:
+\`\`\`ts
+let cached = (global as any).__mongoose ?? { conn: null, promise: null };
+export async function dbConnect() {
+  if (cached.conn) return cached.conn;
+  if (!cached.promise) {
+    cached.promise = mongoose.connect(process.env.MONGODB_URI!);
+  }
+  cached.conn = await cached.promise;
+  (global as any).__mongoose = cached;
+  return cached.conn;
+}
+\`\`\``
+    },
+    {
+      slug: "mongoose-lean-for-read-only",
+      type: "convention",
+      tags: ["mongoose", "performance"],
+      body: `Add .lean() to read-only queries to get plain JS objects instead of full Mongoose documents.
+\`\`\`ts
+// \u274C Full Mongoose document \u2014 slow, heavy, has virtuals/methods
+const users = await User.find({});
+// \u2705 Plain JS object \u2014 2-5x faster on large result sets
+const users = await User.find({}).lean();
+\`\`\`
+Never use .lean() when you need to call .save() or Mongoose instance methods.`
+    },
+    {
+      slug: "mongoose-index-frequently-queried-fields",
+      type: "gotcha",
+      tags: ["mongoose", "mongodb", "performance"],
+      body: `Mongoose does NOT create indexes automatically unless you call syncIndexes() or ensureIndexes().
+Declare indexes in the schema and sync them at startup:
+\`\`\`ts
+UserSchema.index({ email: 1 }, { unique: true });
+UserSchema.index({ createdAt: -1 });
+// At startup (not per-request):
+await User.syncIndexes();
+\`\`\`
+Missing indexes cause full collection scans and timeouts at scale.`
+    }
+  ],
+  graphql: [
+    {
+      slug: "graphql-n-plus-one-dataloader",
+      type: "gotcha",
+      tags: ["graphql", "performance", "n+1"],
+      body: `GraphQL resolvers cause N+1 database queries without DataLoader batching.
+Every field resolver runs independently \u2014 fetching related data naively causes N queries for N items.
+\`\`\`ts
+// In context, create one DataLoader per request (NOT per resolver call)
+const userLoader = new DataLoader(async (ids: readonly string[]) =>
+  User.findByIds(ids as string[])
+);
+// In resolver:
+author: (post) => userLoader.load(post.authorId),
+\`\`\`
+A list of 100 posts with authors = 101 queries without DataLoader, 2 queries with it.`
+    },
+    {
+      slug: "graphql-mask-internal-errors-in-production",
+      type: "gotcha",
+      tags: ["graphql", "security", "apollo"],
+      body: `Apollo Server exposes full error details (including stack traces) in development.
+In production, mask internal errors to prevent leaking implementation details:
+\`\`\`ts
+new ApolloServer({
+  formatError: (formattedError) => {
+    if (formattedError.extensions?.code === 'INTERNAL_SERVER_ERROR') {
+      return { message: 'Internal server error', extensions: { code: 'INTERNAL_SERVER_ERROR' } };
+    }
+    return formattedError;
+  },
+});
+\`\`\``
+    },
+    {
+      slug: "graphql-depth-limit-and-complexity",
+      type: "convention",
+      tags: ["graphql", "security", "dos"],
+      body: `Add query depth and complexity limits to prevent DoS via deeply nested queries.
+Without limits, a single query can request exponentially nested data and exhaust the server.
+\`\`\`ts
+import depthLimit from 'graphql-depth-limit';
+import { createComplexityLimitRule } from 'graphql-validation-complexity';
+new ApolloServer({
+  validationRules: [
+    depthLimit(7),
+    createComplexityLimitRule(1000),
+  ],
+});
+\`\`\``
+    }
   ]
 };
 var SUPPORTED_STACKS = Object.keys(PACKS);
@@ -1095,7 +1471,13 @@ function autoDetectStacks(deps) {
     ["express", ["express"]],
     ["fastify", ["fastify"]],
     ["prisma", ["@prisma/client", "prisma"]],
-    ["drizzle", ["drizzle-orm"]]
+    ["drizzle", ["drizzle-orm"]],
+    ["zustand", ["zustand"]],
+    ["redux", ["@reduxjs/toolkit", "redux"]],
+    ["reactquery", ["@tanstack/react-query", "react-query"]],
+    ["trpc", ["@trpc/server", "@trpc/client"]],
+    ["mongoose", ["mongoose"]],
+    ["graphql", ["@apollo/client", "@apollo/server", "apollo-server", "graphql"]]
   ];
   for (const [stack, signals] of stackDetectors) {
     if (signals.some((s) => s in deps)) detected.push(stack);
@@ -5183,7 +5565,7 @@ function runCommand(cmd, args, cwd) {
 // src/index.ts
 var program = new Command39();
-program.name("haive").description("hAIve \u2014 team-first persistent memory layer for AI coding agents").version("0.7.0");
+program.name("haive").description("hAIve \u2014 team-first persistent memory layer for AI coding agents").version("0.7.1");
 registerInit(program);
 registerMcp(program);
 registerBriefing(program);