@homenshum/convex-mcp-nodebench 0.4.1 → 0.7.0

package/dist/index.js

@@ -26,6 +26,16 @@ import { cronTools } from "./tools/cronTools.js";
 import { componentTools } from "./tools/componentTools.js";
 import { httpTools } from "./tools/httpTools.js";
 import { critterTools } from "./tools/critterTools.js";
+import { authorizationTools } from "./tools/authorizationTools.js";
+import { queryEfficiencyTools } from "./tools/queryEfficiencyTools.js";
+import { actionAuditTools } from "./tools/actionAuditTools.js";
+import { typeSafetyTools } from "./tools/typeSafetyTools.js";
+import { transactionSafetyTools } from "./tools/transactionSafetyTools.js";
+import { storageAuditTools } from "./tools/storageAuditTools.js";
+import { paginationTools } from "./tools/paginationTools.js";
+import { dataModelingTools } from "./tools/dataModelingTools.js";
+import { devSetupTools } from "./tools/devSetupTools.js";
+import { migrationTools } from "./tools/migrationTools.js";
 import { CONVEX_GOTCHAS } from "./gotchaSeed.js";
 import { REGISTRY } from "./tools/toolRegistry.js";
 import { initEmbeddingIndex } from "./tools/embeddingProvider.js";
@@ -41,6 +51,16 @@ const ALL_TOOLS = [
     ...componentTools,
     ...httpTools,
     ...critterTools,
+    ...authorizationTools,
+    ...queryEfficiencyTools,
+    ...actionAuditTools,
+    ...typeSafetyTools,
+    ...transactionSafetyTools,
+    ...storageAuditTools,
+    ...paginationTools,
+    ...dataModelingTools,
+    ...devSetupTools,
+    ...migrationTools,
 ];
 const toolMap = new Map();
 for (const tool of ALL_TOOLS) {
@@ -59,10 +79,40 @@ const server = new Server({
 getDb();
 seedGotchasIfEmpty(CONVEX_GOTCHAS);
 // ── Background: initialize embedding index for semantic search ───────
-const embeddingCorpus = REGISTRY.map((entry) => ({
+// Uses Agent-as-a-Graph bipartite corpus: tool nodes + domain nodes for graph-aware retrieval
+const descMap = new Map(ALL_TOOLS.map((t) => [t.name, t.description]));
+// Tool nodes: individual tools with full metadata text
+const toolCorpus = REGISTRY.map((entry) => ({
     name: entry.name,
-    text: `${entry.name} ${entry.tags.join(" ")} ${entry.category} ${entry.phase}`,
+    text: `${entry.name} ${entry.tags.join(" ")} ${entry.category} ${entry.phase} ${descMap.get(entry.name) ?? ""}`,
+    nodeType: "tool",
 }));
+// Domain nodes: aggregate category descriptions for upward traversal
+// When a domain matches, all tools in that domain get a sibling boost
+const categoryTools = new Map();
+for (const entry of REGISTRY) {
+    const list = categoryTools.get(entry.category) ?? [];
+    list.push(entry.name);
+    categoryTools.set(entry.category, list);
+}
+const domainCorpus = [...categoryTools.entries()].map(([category, toolNames]) => {
+    const allTags = new Set();
+    const descs = [];
+    for (const tn of toolNames) {
+        const e = REGISTRY.find((r) => r.name === tn);
+        if (e)
+            e.tags.forEach((t) => allTags.add(t));
+        const d = descMap.get(tn);
+        if (d)
+            descs.push(d);
+    }
+    return {
+        name: `domain:${category}`,
+        text: `${category} domain: ${toolNames.join(" ")} ${[...allTags].join(" ")} ${descs.map(d => d.slice(0, 80)).join(" ")}`,
+        nodeType: "domain",
+    };
+});
+const embeddingCorpus = [...toolCorpus, ...domainCorpus];
 initEmbeddingIndex(embeddingCorpus).catch(() => {
     /* Embedding init failed — semantic search stays disabled */
 });

package/dist/tools/actionAuditTools.d.ts

@@ -0,0 +1,2 @@
+import type { McpTool } from "../types.js";
+export declare const actionAuditTools: McpTool[];

package/dist/tools/actionAuditTools.js

@@ -0,0 +1,180 @@
+import { readFileSync, existsSync, readdirSync } from "node:fs";
+import { join, resolve } from "node:path";
+import { getDb, genId } from "../db.js";
+import { getQuickRef } from "./toolRegistry.js";
+// ── Helpers ──────────────────────────────────────────────────────────
+function findConvexDir(projectDir) {
+    const candidates = [join(projectDir, "convex"), join(projectDir, "src", "convex")];
+    for (const c of candidates) {
+        if (existsSync(c))
+            return c;
+    }
+    return null;
+}
+function collectTsFiles(dir) {
+    const results = [];
+    if (!existsSync(dir))
+        return results;
+    const entries = readdirSync(dir, { withFileTypes: true });
+    for (const entry of entries) {
+        const full = join(dir, entry.name);
+        if (entry.isDirectory() && entry.name !== "node_modules" && entry.name !== "_generated") {
+            results.push(...collectTsFiles(full));
+        }
+        else if (entry.isFile() && entry.name.endsWith(".ts")) {
+            results.push(full);
+        }
+    }
+    return results;
+}
+function auditActions(convexDir) {
+    const files = collectTsFiles(convexDir);
+    const issues = [];
+    let totalActions = 0;
+    let actionsWithDbAccess = 0;
+    let actionsWithoutNodeDirective = 0;
+    let actionsWithoutErrorHandling = 0;
+    let actionCallingAction = 0;
+    // Node APIs that require "use node" directive
+    const nodeApis = /\b(require|__dirname|__filename|Buffer\.|process\.env|fs\.|path\.|crypto\.|child_process|net\.|http\.|https\.)\b/;
+    for (const filePath of files) {
+        const content = readFileSync(filePath, "utf-8");
+        const relativePath = filePath.replace(convexDir, "").replace(/^[\\/]/, "");
+        const lines = content.split("\n");
+        const hasUseNode = /["']use node["']/.test(content);
+        const actionPattern = /export\s+(?:const\s+(\w+)\s*=|default)\s+(action|internalAction)\s*\(/g;
+        let m;
+        while ((m = actionPattern.exec(content)) !== null) {
+            const funcName = m[1] || "default";
+            const funcType = m[2];
+            totalActions++;
+            const startLine = content.slice(0, m.index).split("\n").length - 1;
+            // Extract body using brace tracking
+            let depth = 0;
+            let foundOpen = false;
+            let endLine = Math.min(startLine + 100, lines.length);
+            for (let j = startLine; j < lines.length; j++) {
+                for (const ch of lines[j]) {
+                    if (ch === "{") {
+                        depth++;
+                        foundOpen = true;
+                    }
+                    if (ch === "}")
+                        depth--;
+                }
+                if (foundOpen && depth <= 0) {
+                    endLine = j + 1;
+                    break;
+                }
+            }
+            const body = lines.slice(startLine, endLine).join("\n");
+            // Check 1: ctx.db access in action (FATAL — not allowed)
+            if (/ctx\.db\.(get|query|insert|patch|replace|delete)\s*\(/.test(body)) {
+                actionsWithDbAccess++;
+                issues.push({
+                    severity: "critical",
+                    location: `${relativePath}:${startLine + 1}`,
+                    functionName: funcName,
+                    message: `${funcType} "${funcName}" accesses ctx.db directly. Actions cannot access the database — use ctx.runQuery/ctx.runMutation instead.`,
+                    fix: "Move DB operations into a query or mutation, then call via ctx.runQuery(internal.file.func, args) or ctx.runMutation(...)",
+                });
+            }
+            // Check 2: Node API usage without "use node"
+            if (!hasUseNode && nodeApis.test(body)) {
+                actionsWithoutNodeDirective++;
+                issues.push({
+                    severity: "critical",
+                    location: `${relativePath}:${startLine + 1}`,
+                    functionName: funcName,
+                    message: `${funcType} "${funcName}" uses Node.js APIs but file lacks "use node" directive. Will fail in Convex runtime.`,
+                    fix: `Add "use node"; at the top of ${relativePath}`,
+                });
+            }
+            // Check 3: External API calls without try/catch
+            const hasFetch = /\bfetch\s*\(/.test(body);
+            const hasAxios = /\baxios\b/.test(body);
+            const hasExternalCall = hasFetch || hasAxios;
+            const hasTryCatch = /try\s*\{/.test(body);
+            if (hasExternalCall && !hasTryCatch) {
+                actionsWithoutErrorHandling++;
+                issues.push({
+                    severity: "warning",
+                    location: `${relativePath}:${startLine + 1}`,
+                    functionName: funcName,
+                    message: `${funcType} "${funcName}" makes external API calls without try/catch. Network failures will crash the action.`,
+                    fix: "Wrap fetch/axios calls in try/catch and handle errors gracefully",
+                });
+            }
+            // Check 4: Action calling another action
+            if (/ctx\.runAction\s*\(/.test(body)) {
+                actionCallingAction++;
+                issues.push({
+                    severity: "warning",
+                    location: `${relativePath}:${startLine + 1}`,
+                    functionName: funcName,
+                    message: `${funcType} "${funcName}" calls ctx.runAction(). Only call action from action when crossing runtimes (V8 ↔ Node). Otherwise extract shared logic into a helper function.`,
+                    fix: "Extract shared logic into an async helper, or use ctx.runMutation/ctx.runQuery as intermediary",
+                });
+            }
+            // Check 5: Very long action body (likely doing too much)
+            const bodyLines = endLine - startLine;
+            if (bodyLines > 80) {
+                issues.push({
+                    severity: "info",
+                    location: `${relativePath}:${startLine + 1}`,
+                    functionName: funcName,
+                    message: `${funcType} "${funcName}" is ${bodyLines} lines long. Consider splitting into smaller actions or extracting helpers.`,
+                    fix: "Break large actions into smaller, focused functions",
+                });
+            }
+        }
+    }
+    return {
+        issues,
+        stats: {
+            totalActions,
+            actionsWithDbAccess,
+            actionsWithoutNodeDirective,
+            actionsWithoutErrorHandling,
+            actionCallingAction,
+        },
+    };
+}
+// ── Tool Definition ─────────────────────────────────────────────────
+export const actionAuditTools = [
+    {
+        name: "convex_audit_actions",
+        description: 'Audit Convex actions for: ctx.db access (fatal — actions cannot access DB directly), missing "use node" directive for Node APIs, external API calls without error handling, and action-calling-action anti-patterns.',
+        inputSchema: {
+            type: "object",
+            properties: {
+                projectDir: {
+                    type: "string",
+                    description: "Absolute path to the project root containing a convex/ directory",
+                },
+            },
+            required: ["projectDir"],
+        },
+        handler: async (args) => {
+            const projectDir = resolve(args.projectDir);
+            const convexDir = findConvexDir(projectDir);
+            if (!convexDir) {
+                return { error: "No convex/ directory found" };
+            }
+            const { issues, stats } = auditActions(convexDir);
+            const db = getDb();
+            db.prepare("INSERT INTO audit_results (id, project_dir, audit_type, issues_json, issue_count) VALUES (?, ?, ?, ?, ?)").run(genId("audit"), projectDir, "action_audit", JSON.stringify(issues), issues.length);
+            return {
+                summary: {
+                    ...stats,
+                    totalIssues: issues.length,
+                    critical: issues.filter((i) => i.severity === "critical").length,
+                    warnings: issues.filter((i) => i.severity === "warning").length,
+                },
+                issues: issues.slice(0, 30),
+                quickRef: getQuickRef("convex_audit_actions"),
+            };
+        },
+    },
+];
+//# sourceMappingURL=actionAuditTools.js.map

package/dist/tools/authorizationTools.d.ts

@@ -0,0 +1,2 @@
+import type { McpTool } from "../types.js";
+export declare const authorizationTools: McpTool[];

package/dist/tools/authorizationTools.js

@@ -0,0 +1,201 @@
+import { readFileSync, existsSync, readdirSync } from "node:fs";
+import { join, resolve } from "node:path";
+import { getDb, genId } from "../db.js";
+import { getQuickRef } from "./toolRegistry.js";
+// ── Helpers ──────────────────────────────────────────────────────────
+function findConvexDir(projectDir) {
+    const candidates = [join(projectDir, "convex"), join(projectDir, "src", "convex")];
+    for (const c of candidates) {
+        if (existsSync(c))
+            return c;
+    }
+    return null;
+}
+function collectTsFiles(dir) {
+    const results = [];
+    if (!existsSync(dir))
+        return results;
+    const entries = readdirSync(dir, { withFileTypes: true });
+    for (const entry of entries) {
+        const full = join(dir, entry.name);
+        if (entry.isDirectory() && entry.name !== "node_modules" && entry.name !== "_generated") {
+            results.push(...collectTsFiles(full));
+        }
+        else if (entry.isFile() && entry.name.endsWith(".ts")) {
+            results.push(full);
+        }
+    }
+    return results;
+}
+function auditAuthorization(convexDir) {
+    const files = collectTsFiles(convexDir);
+    const issues = [];
+    let totalPublic = 0;
+    let withAuth = 0;
+    let withoutAuth = 0;
+    let uncheckedIdentity = 0;
+    const funcTypes = ["query", "mutation", "action"];
+    const writeSensitive = /admin|delete|purge|remove|destroy|drop|reset|wipe|erase|revoke/i;
+    const dbWriteOps = /ctx\.db\.(insert|patch|replace|delete)\s*\(/;
+    for (const filePath of files) {
+        const content = readFileSync(filePath, "utf-8");
+        const relativePath = filePath.replace(convexDir, "").replace(/^[\\/]/, "");
+        const lines = content.split("\n");
+        for (let i = 0; i < lines.length; i++) {
+            const line = lines[i];
+            for (const ft of funcTypes) {
+                const exportPattern = new RegExp(`export\\s+(?:const\\s+(\\w+)\\s*=|default)\\s+${ft}\\s*\\(`);
+                const match = line.match(exportPattern);
+                if (!match)
+                    continue;
+                const funcName = match[1] || "default";
+                totalPublic++;
+                // Extract function body using brace tracking
+                let depth = 0;
+                let foundOpen = false;
+                let endLine = Math.min(i + 100, lines.length);
+                for (let j = i; j < lines.length; j++) {
+                    for (const ch of lines[j]) {
+                        if (ch === "{") {
+                            depth++;
+                            foundOpen = true;
+                        }
+                        if (ch === "}")
+                            depth--;
+                    }
+                    if (foundOpen && depth <= 0) {
+                        endLine = j + 1;
+                        break;
+                    }
+                }
+                const body = lines.slice(i, endLine).join("\n");
+                const hasAuthCheck = /ctx\.auth\.getUserIdentity\s*\(\s*\)/.test(body) ||
+                    /getUserIdentity/.test(body);
+                const hasDbWrite = dbWriteOps.test(body);
+                const isSensitiveName = writeSensitive.test(funcName);
+                if (hasAuthCheck) {
+                    withAuth++;
+                    // Check: getUserIdentity called but return not null-checked
+                    const identityAssign = body.match(/(?:const|let)\s+(\w+)\s*=\s*await\s+ctx\.auth\.getUserIdentity\s*\(\s*\)/);
+                    if (identityAssign) {
+                        const varName = identityAssign[1];
+                        // Look for null check: if (!var), if (var === null), if (var == null), if (!var)
+                        const hasNullCheck = new RegExp(`if\\s*\\(\\s*!${varName}\\b|if\\s*\\(\\s*${varName}\\s*===?\\s*null|if\\s*\\(\\s*!${varName}\\s*\\)`).test(body);
+                        if (!hasNullCheck) {
+                            uncheckedIdentity++;
+                            issues.push({
+                                severity: "critical",
+                                location: `${relativePath}:${i + 1}`,
+                                functionName: funcName,
+                                message: `${ft} "${funcName}" calls getUserIdentity() but doesn't check for null. Unauthenticated users will get undefined identity.`,
+                                fix: `Add: if (!${varName}) { throw new Error("Not authenticated"); }`,
+                            });
+                        }
+                    }
+                }
+                else {
+                    withoutAuth++;
+                    // Critical: public mutation/action with DB writes but no auth
+                    if ((ft === "mutation" || ft === "action") && hasDbWrite) {
+                        issues.push({
+                            severity: "critical",
+                            location: `${relativePath}:${i + 1}`,
+                            functionName: funcName,
+                            message: `Public ${ft} "${funcName}" writes to DB without auth check. Any client can call this.`,
+                            fix: `Add: const identity = await ctx.auth.getUserIdentity(); if (!identity) throw new Error("Not authenticated");`,
+                        });
+                    }
+                    // Critical: sensitive-named function without auth
+                    if (isSensitiveName) {
+                        issues.push({
+                            severity: "critical",
+                            location: `${relativePath}:${i + 1}`,
+                            functionName: funcName,
+                            message: `Public ${ft} "${funcName}" has a sensitive name but no auth check. Consider making it internal or adding auth.`,
+                            fix: `Either change to internal${ft.charAt(0).toUpperCase() + ft.slice(1)} or add auth check`,
+                        });
+                    }
+                    // Warning: public query reading user-specific data without auth
+                    if (ft === "query" && /ctx\.db\.get|ctx\.db\.query/.test(body) && /user|profile|account|email/i.test(body)) {
+                        issues.push({
+                            severity: "warning",
+                            location: `${relativePath}:${i + 1}`,
+                            functionName: funcName,
+                            message: `Public query "${funcName}" accesses user-related data without auth. Consider if unauthenticated access is intended.`,
+                            fix: "Add auth check if this data should be protected",
+                        });
+                    }
+                }
+            }
+        }
+    }
+    return {
+        issues,
+        stats: {
+            totalPublicFunctions: totalPublic,
+            publicWithAuth: withAuth,
+            publicWithoutAuth: withoutAuth,
+            uncheckedIdentity,
+        },
+    };
+}
+// ── Tool Definition ─────────────────────────────────────────────────
+export const authorizationTools = [
+    {
+        name: "convex_audit_authorization",
+        description: "Audit Convex functions for authorization issues: public mutations/actions writing to DB without auth checks, getUserIdentity() without null checks, sensitive-named functions without auth, and unprotected user data queries.",
+        inputSchema: {
+            type: "object",
+            properties: {
+                projectDir: {
+                    type: "string",
+                    description: "Absolute path to the project root containing a convex/ directory",
+                },
+            },
+            required: ["projectDir"],
+        },
+        handler: async (args) => {
+            const projectDir = resolve(args.projectDir);
+            const convexDir = findConvexDir(projectDir);
+            if (!convexDir) {
+                return { error: "No convex/ directory found" };
+            }
+            const { issues, stats } = auditAuthorization(convexDir);
+            // Store audit result
+            const db = getDb();
+            db.prepare("INSERT INTO audit_results (id, project_dir, audit_type, issues_json, issue_count) VALUES (?, ?, ?, ?, ?)").run(genId("audit"), projectDir, "authorization", JSON.stringify(issues), issues.length);
+            const critical = issues.filter((i) => i.severity === "critical");
+            const warnings = issues.filter((i) => i.severity === "warning");
+            // Group by issue type
+            const byType = {};
+            for (const issue of issues) {
+                const type = issue.message.includes("without auth check") ? "no_auth_on_write" :
+                    issue.message.includes("null") ? "unchecked_identity" :
+                        issue.message.includes("sensitive name") ? "sensitive_no_auth" :
+                            issue.message.includes("user-related") ? "unprotected_user_data" :
+                                "other";
+                if (!byType[type])
+                    byType[type] = { count: 0, examples: [] };
+                byType[type].count++;
+                if (byType[type].examples.length < 3)
+                    byType[type].examples.push(issue);
+            }
+            return {
+                summary: {
+                    ...stats,
+                    totalIssues: issues.length,
+                    critical: critical.length,
+                    warnings: warnings.length,
+                    authCoverage: stats.totalPublicFunctions > 0
+                        ? `${stats.publicWithAuth}/${stats.totalPublicFunctions} (${Math.round(100 * stats.publicWithAuth / stats.totalPublicFunctions)}%)`
+                        : "0/0",
+                },
+                issuesByType: Object.entries(byType)
+                    .sort(([, a], [, b]) => b.count - a.count)
+                    .map(([type, data]) => ({ type, count: data.count, examples: data.examples })),
+                quickRef: getQuickRef("convex_audit_authorization"),
+            };
+        },
+    },
+];
+//# sourceMappingURL=authorizationTools.js.map

package/dist/tools/dataModelingTools.d.ts

@@ -0,0 +1,2 @@
+import type { McpTool } from "../types.js";
+export declare const dataModelingTools: McpTool[];

package/dist/tools/dataModelingTools.js

@@ -0,0 +1,168 @@
+import { readFileSync, existsSync } from "node:fs";
+import { join, resolve } from "node:path";
+import { getDb, genId } from "../db.js";
+import { getQuickRef } from "./toolRegistry.js";
+// ── Helpers ──────────────────────────────────────────────────────────
+function findConvexDir(projectDir) {
+    const candidates = [join(projectDir, "convex"), join(projectDir, "src", "convex")];
+    for (const c of candidates) {
+        if (existsSync(c))
+            return c;
+    }
+    return null;
+}
+function auditDataModeling(convexDir) {
+    const schemaPath = join(convexDir, "schema.ts");
+    const issues = [];
+    let totalTables = 0;
+    let tablesWithArrays = 0;
+    let tablesWithDeepNesting = 0;
+    let danglingIdRefs = 0;
+    let vAnyCount = 0;
+    if (!existsSync(schemaPath)) {
+        return {
+            issues: [{ severity: "critical", location: "schema.ts", message: "No schema.ts found", fix: "Create convex/schema.ts" }],
+            stats: { totalTables: 0, tablesWithArrays: 0, tablesWithDeepNesting: 0, danglingIdRefs: 0, vAnyCount: 0 },
+        };
+    }
+    const content = readFileSync(schemaPath, "utf-8");
+    const lines = content.split("\n");
+    // Parse all table names
+    const tableNames = new Set();
+    const tableDefPattern = /(\w+)\s*[:=]\s*defineTable\s*\(/g;
+    let m;
+    while ((m = tableDefPattern.exec(content)) !== null) {
+        tableNames.add(m[1]);
+        totalTables++;
+    }
+    // Per-table analysis
+    let currentTable = "";
+    let tableStartLine = 0;
+    let tableNestDepth = 0;
+    let maxNestInTable = 0;
+    let tableHasArray = false;
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i];
+        // Track current table
+        const tableDef = line.match(/(\w+)\s*[:=]\s*defineTable\s*\(/);
+        if (tableDef) {
+            // Check previous table
+            if (currentTable && maxNestInTable > 3) {
+                tablesWithDeepNesting++;
+                issues.push({
+                    severity: "warning",
+                    location: `schema.ts:${tableStartLine + 1}`,
+                    table: currentTable,
+                    message: `Table "${currentTable}" has ${maxNestInTable} levels of nesting. Deep nesting increases document size and query complexity.`,
+                    fix: "Consider normalizing deeply nested data into separate tables with Id references",
+                });
+            }
+            if (currentTable && tableHasArray)
+                tablesWithArrays++;
+            currentTable = tableDef[1];
+            tableStartLine = i;
+            maxNestInTable = 0;
+            tableHasArray = false;
+        }
+        if (line.trim().startsWith("//") || line.trim().startsWith("*"))
+            continue;
+        // Track nesting depth within a table
+        if (currentTable) {
+            const opens = (line.match(/v\.object\s*\(/g) || []).length;
+            tableNestDepth += opens;
+            if (tableNestDepth > maxNestInTable)
+                maxNestInTable = tableNestDepth;
+            const closes = (line.match(/\)/g) || []).length;
+            tableNestDepth = Math.max(0, tableNestDepth - closes);
+        }
+        // Check: v.array() usage (potential size limit issue)
+        if (/v\.array\s*\(/.test(line) && currentTable) {
+            tableHasArray = true;
+        }
+        // Check: v.any() usage
+        if (/v\.any\s*\(\s*\)/.test(line)) {
+            vAnyCount++;
+        }
+        // Check: v.id("tableName") references — verify the table exists
+        const idRefPattern = /v\.id\s*\(\s*["'](\w+)["']\s*\)/g;
+        let idMatch;
+        while ((idMatch = idRefPattern.exec(line)) !== null) {
+            const refTable = idMatch[1];
+            if (refTable !== "_storage" && !tableNames.has(refTable)) {
+                danglingIdRefs++;
+                issues.push({
+                    severity: "critical",
+                    location: `schema.ts:${i + 1}`,
+                    table: currentTable,
+                    message: `v.id("${refTable}") references table "${refTable}" which is not defined in the schema. This will cause type errors.`,
+                    fix: `Either add the "${refTable}" table to the schema or fix the reference`,
+                });
+            }
+        }
+    }
+    // Check last table
+    if (currentTable && maxNestInTable > 3) {
+        tablesWithDeepNesting++;
+        issues.push({
+            severity: "warning",
+            location: `schema.ts:${tableStartLine + 1}`,
+            table: currentTable,
+            message: `Table "${currentTable}" has ${maxNestInTable} levels of nesting.`,
+            fix: "Consider normalizing deeply nested data into separate tables",
+        });
+    }
+    if (currentTable && tableHasArray)
+        tablesWithArrays++;
+    // Check: tables with many fields (approaching limits)
+    const fieldCountPattern = /defineTable\s*\(\s*v\.object\s*\(\s*\{([\s\S]*?)\}\s*\)/g;
+    let fcm;
+    while ((fcm = fieldCountPattern.exec(content)) !== null) {
+        const fieldBlock = fcm[1];
+        const fieldCount = (fieldBlock.match(/\w+\s*:/g) || []).length;
+        if (fieldCount > 50) {
+            issues.push({
+                severity: "warning",
+                location: "schema.ts",
+                message: `A table has ${fieldCount} fields. Consider splitting into related tables if this grows further (Convex max: 1024 fields).`,
+                fix: "Split large tables into related tables with Id references",
+            });
+        }
+    }
+    return {
+        issues,
+        stats: { totalTables, tablesWithArrays, tablesWithDeepNesting, danglingIdRefs, vAnyCount },
+    };
+}
+// ── Tool Definition ─────────────────────────────────────────────────
+export const dataModelingTools = [
+    {
+        name: "convex_audit_data_modeling",
+        description: "Audit Convex schema for data modeling issues: deeply nested objects (flatten into tables), dangling v.id() references to non-existent tables, tables approaching field count limits, v.any() overuse, and array fields that may hit size limits.",
+        inputSchema: {
+            type: "object",
+            properties: {
+                projectDir: {
+                    type: "string",
+                    description: "Absolute path to the project root containing a convex/ directory",
+                },
+            },
+            required: ["projectDir"],
+        },
+        handler: async (args) => {
+            const projectDir = resolve(args.projectDir);
+            const convexDir = findConvexDir(projectDir);
+            if (!convexDir) {
+                return { error: "No convex/ directory found" };
+            }
+            const { issues, stats } = auditDataModeling(convexDir);
+            const db = getDb();
+            db.prepare("INSERT INTO audit_results (id, project_dir, audit_type, issues_json, issue_count) VALUES (?, ?, ?, ?, ?)").run(genId("audit"), projectDir, "data_modeling", JSON.stringify(issues), issues.length);
+            return {
+                summary: { ...stats, totalIssues: issues.length },
+                issues,
+                quickRef: getQuickRef("convex_audit_data_modeling"),
+            };
+        },
+    },
+];
+//# sourceMappingURL=dataModelingTools.js.map