@merlean/analyzer 2.2.0 → 2.3.0

package/bin/cli.js

@@ -23,7 +23,8 @@ function parseArgs() {
     path: null,
     name: null,
     backend: DEFAULT_BACKEND,
-    output: null
+    output: null,
+    mergeWith: null  // Existing siteId to merge into
   };
 
   for (let i = 0; i < args.length; i++) {
@@ -35,6 +36,8 @@ function parseArgs() {
       options.backend = args[++i];
     } else if (arg === '--output' || arg === '-o') {
       options.output = args[++i];
+    } else if (arg === '--merge-with' || arg === '-m') {
+      options.mergeWith = args[++i];
     } else if (arg === '--help' || arg === '-h') {
       printHelp();
       process.exit(0);
@@ -58,7 +61,8 @@ Arguments:
   <path>              Path to codebase (default: current directory)
 
 Options:
-  --name, -n <name>   Site name (required)
+  --name, -n <name>   Site name (required for new analysis)
+  --merge-with, -m <siteId>  Merge into existing site map (appends routes/forms/actions)
   --backend, -b <url> Backend URL (default: ${DEFAULT_BACKEND})
   --output, -o <file> Save site map locally (optional)
   --help, -h          Show this help
@@ -70,6 +74,9 @@ Examples:
   # Analyze specific path
   npx @merlean/analyzer ./my-app --name "My App"
 
+  # Merge another frontend into existing site map
+  npx @merlean/analyzer ./admin-panel --merge-with site_abc123
+
   # Use custom backend (for local dev)
   npx @merlean/analyzer --name "My App" --backend http://localhost:3004
 `);
@@ -81,8 +88,8 @@ async function main() {
   const options = parseArgs();
 
   // Validate required args
-  if (!options.name) {
-    console.error('❌ Error: --name is required');
+  if (!options.name && !options.mergeWith) {
+    console.error('❌ Error: --name is required (or use --merge-with to merge into existing site)');
     console.log('   Run with --help for usage');
     process.exit(1);
   }
@@ -96,22 +103,41 @@ async function main() {
   }
 
   console.log(`📁 Scanning: ${codebasePath}`);
-  console.log(`📛 Site name: ${options.name}`);
+  if (options.mergeWith) {
+    console.log(`🔗 Merging into: ${options.mergeWith}`);
+    if (options.name) {
+      console.log(`📛 Site name: ${options.name} (will update existing)`);
+    }
+  } else {
+    console.log(`📛 Site name: ${options.name}`);
+  }
 
   try {
     // Scan codebase locally
-    const fileContents = await scanCodebase(codebasePath);
+    const scanResult = await scanCodebase(codebasePath);
+    // Handle both old format (array) and new format (object with files + preExtractedRoutes)
+    const fileContents = Array.isArray(scanResult) ? scanResult : scanResult.files;
+    const preExtractedRoutes = Array.isArray(scanResult) ? [] : (scanResult.preExtractedRoutes || []);
     
     console.log(`\n📤 Uploading to backend for analysis...`);
     
+    // Build request body
+    const requestBody = {
+      siteName: options.name,
+      files: fileContents,
+      preExtractedRoutes  // Include convention-based routes
+    };
+    
+    // Add merge parameter if specified
+    if (options.mergeWith) {
+      requestBody.mergeWithSiteId = options.mergeWith;
+    }
+    
     // Send to backend for LLM analysis
     const response = await fetch(`${options.backend}/api/analyze`, {
       method: 'POST',
       headers: { 'Content-Type': 'application/json' },
-      body: JSON.stringify({
-        siteName: options.name,
-        files: fileContents
-      })
+      body: JSON.stringify(requestBody)
     });
 
     if (!response.ok) {
@@ -121,13 +147,22 @@ async function main() {
 
     const result = await response.json();
 
-    console.log('\n✅ Analysis complete!');
-    console.log('\n📊 Summary:');
+    if (options.mergeWith) {
+      console.log('\n✅ Merge complete!');
+      console.log('\n📊 Updated Summary:');
+    } else {
+      console.log('\n✅ Analysis complete!');
+      console.log('\n📊 Summary:');
+    }
     console.log(`   Site ID:    ${result.siteId}`);
     console.log(`   Framework:  ${result.framework || 'Unknown'}`);
     console.log(`   Routes:     ${result.routes?.length || 0}`);
     console.log(`   Forms:      ${result.forms?.length || 0}`);
     console.log(`   Actions:    ${result.actions?.length || 0}`);
+    
+    if (result.merged) {
+      console.log(`\n   📎 Merged from: ${result.merged.sourcesCount} source(s)`);
+    }
 
     // Save locally if requested
     if (options.output) {

package/lib/analyzer.js

@@ -1,25 +1,48 @@
 /**
- * Framework-Agnostic Codebase Scanner
+ * Language & Framework Agnostic Codebase Scanner
  * 
- * Scans ANY codebase (frontend or backend) to extract API patterns:
+ * Scans ANY codebase (frontend or backend, any language) to extract API patterns:
+ * 
+ * JavaScript/TypeScript:
  * - Express/Fastify/Koa/Hapi route definitions
  * - NestJS decorators (@Get, @Post, @Body, @Query, etc.)
  * - Frontend HTTP calls (fetch, axios, HttpClient, etc.)
- * - Swagger/OpenAPI annotations
- * - Request body schemas and query parameters
- * - TypeScript interfaces/DTOs
- * - Validation schemas (Zod, Joi, class-validator)
+ * 
+ * PHP:
+ * - CodeIgniter routes ($routes->get(), $routes->post())
+ * - Laravel routes (Route::get(), Route::post())
+ * - Symfony annotations (@Route)
+ * 
+ * Python:
+ * - Flask routes (@app.route)
+ * - FastAPI routes (@app.get, @router.post)
+ * - Django URLs (path(), url())
+ * 
+ * Ruby:
+ * - Rails routes (get, post, resources)
+ * - Sinatra routes (get '/path')
+ * 
+ * Go:
+ * - Gin routes (r.GET, r.POST)
+ * - Echo routes (e.GET, e.POST)
+ * - Chi routes (r.Get, r.Post)
+ * 
+ * Java/Kotlin:
+ * - Spring Boot (@GetMapping, @PostMapping, @RequestMapping)
+ * 
+ * Plus: Swagger/OpenAPI annotations, request body schemas, DTOs
  * 
  * The goal is to understand what APIs exist, their parameters,
- * and body structures - regardless of framework or code style.
+ * and body structures - regardless of framework, language, or code style.
  */
 
 const fs = require('fs');
 const path = require('path');
 const { glob } = require('glob');
 
-// File patterns to scan (be inclusive)
+// File patterns to scan - include ALL common backend/frontend languages
 const FILE_PATTERNS = [
+  // JavaScript/TypeScript
   '**/*.js',
   '**/*.jsx',
   '**/*.ts',
@@ -27,7 +50,22 @@ const FILE_PATTERNS = [
   '**/*.vue',
   '**/*.svelte',
   '**/*.mjs',
-  '**/*.cjs'
+  '**/*.cjs',
+  // PHP
+  '**/*.php',
+  // Python
+  '**/*.py',
+  // Ruby
+  '**/*.rb',
+  // Go
+  '**/*.go',
+  // Java/Kotlin
+  '**/*.java',
+  '**/*.kt',
+  // C#
+  '**/*.cs',
+  // Rust
+  '**/*.rs'
 ];
 
 // Only ignore truly irrelevant directories
@@ -51,47 +89,74 @@ const IGNORE_PATTERNS = [
   '**/__mocks__/**'
 ];
 
-// Files that are highly likely to contain API definitions
+// Files that are highly likely to contain API definitions (any language)
 const HIGH_PRIORITY_PATTERNS = [
-  /routes?\.ts$/i,
-  /routes?\.js$/i,
-  /router\.ts$/i,
-  /router\.js$/i,
-  /controller\.ts$/i,
-  /controller\.js$/i,
-  /\.controller\.ts$/i,
-  /\.controller\.js$/i,
-  /service\.ts$/i,
-  /service\.js$/i,
-  /\.service\.ts$/i,
-  /\.service\.js$/i,
-  /api\.ts$/i,
-  /api\.js$/i,
-  /endpoints?\.ts$/i,
-  /endpoints?\.js$/i,
-  /http\.ts$/i,
-  /http\.js$/i,
-  /client\.ts$/i,
-  /client\.js$/i,
+  // Generic route/controller patterns (any extension)
+  /routes?\.(ts|js|php|py|rb|go|java|kt|cs)$/i,
+  /router\.(ts|js|php|py|rb|go|java|kt|cs)$/i,
+  /controller\.(ts|js|php|py|rb|go|java|kt|cs)$/i,
+  /\.controller\.(ts|js|php|py|rb|go|java|kt|cs)$/i,
+  /Controller\.(php|java|kt|cs)$/,  // PascalCase controllers (PHP, Java, C#)
+  /service\.(ts|js|php|py|rb|go|java|kt|cs)$/i,
+  /\.service\.(ts|js|php|py|rb|go|java|kt|cs)$/i,
+  /api\.(ts|js|php|py|rb|go|java|kt|cs)$/i,
+  /endpoints?\.(ts|js|php|py|rb|go|java|kt|cs)$/i,
+  /http\.(ts|js|php|py|rb|go)$/i,
+  /client\.(ts|js|php|py|rb|go)$/i,
+  
+  // TypeScript/JavaScript specific
   /dto\.ts$/i,
   /\.dto\.ts$/i,
   /interfaces?\.ts$/i,
   /types?\.ts$/i,
   /schema\.ts$/i,
   /schemas?\.ts$/i,
-  /validation\.ts$/i
+  /validation\.ts$/i,
+  
+  // PHP specific (CodeIgniter, Laravel, Symfony)
+  /Routes\.php$/i,
+  /web\.php$/i,        // Laravel web routes
+  /api\.php$/i,        // Laravel API routes
+  /Config\/Routes\.php$/i,  // CodeIgniter routes
+  // CodeIgniter convention: application/controllers/**/*.php are ALL route controllers
+  /application\/controllers\/.*\.php$/i,
+  /app\/Controllers\/.*\.php$/i,  // CodeIgniter 4
+  /app\/Http\/Controllers\/.*\.php$/i,  // Laravel controllers
+  // Libraries and models that define data structures
+  /application\/libraries\/.*\.php$/i,
+  /application\/models\/.*\.php$/i,
+  /app\/Models\/.*\.php$/i,
+  /app\/Services\/.*\.php$/i,
+  
+  // Python specific (Flask, FastAPI, Django)
+  /views?\.py$/i,
+  /urls\.py$/i,        // Django URLs
+  /routers?\.py$/i,    // FastAPI routers
+  
+  // Ruby specific (Rails)
+  /routes\.rb$/i,
+  /_controller\.rb$/i,
+  
+  // Go specific
+  /handlers?\.go$/i,
+  /routes?\.go$/i,
+  
+  // Java/Kotlin specific (Spring Boot)
+  /Controller\.java$/,
+  /Controller\.kt$/,
+  /RestController\.java$/,
+  /RestController\.kt$/
 ];
 
 // Medium priority - might contain API patterns
 const MEDIUM_PRIORITY_PATTERNS = [
-  /index\.ts$/i,
-  /index\.js$/i,
-  /app\.ts$/i,
-  /app\.js$/i,
-  /main\.ts$/i,
-  /main\.js$/i,
-  /server\.ts$/i,
-  /server\.js$/i
+  /index\.(ts|js|php|py|rb|go)$/i,
+  /app\.(ts|js|php|py|rb|go)$/i,
+  /main\.(ts|js|php|py|rb|go|java|kt)$/i,
+  /server\.(ts|js|php|py|rb|go)$/i,
+  /Application\.(java|kt)$/,  // Spring Boot main class
+  /bootstrap\.php$/i,         // PHP bootstrap files
+  /kernel\.php$/i,            // Laravel/Symfony kernel
 ];
 
 /**
@@ -116,15 +181,32 @@ async function scanCodebase(codebasePath) {
 
   // Analyze high priority files first (routes, controllers, services, DTOs)
   // Then medium priority, then scan others for API patterns
+  // Increased limits to ensure all controllers are scanned
   const filesToAnalyze = [
-    ...highPriority,
-    ...mediumPriority.slice(0, 20),
-    ...other.slice(0, 50)
+    ...highPriority,  // ALL high priority files (controllers, routes, etc.)
+    ...mediumPriority.slice(0, 30),
+    ...other.slice(0, 75)
   ];
 
   console.log(`   Analyzing ${filesToAnalyze.length} files for API patterns...`);
 
+  // PHASE 1: Pre-scan all files to discover JSON structures
+  // This ensures structures found in one file can be used for others
+  console.log(`   Phase 1: Discovering JSON structures...`);
+  for (const file of filesToAnalyze) {
+    try {
+      const content = fs.readFileSync(file, 'utf-8');
+      // Look for structure-defining patterns (json_decode + array access)
+      preDiscoverStructures(content);
+    } catch (error) {
+      // Skip files that can't be read
+    }
+  }
+  console.log(`   Discovered ${discoveredStructures.size} reusable structures`);
+
+  // PHASE 2: Extract routes and apply discovered structures
   const fileContents = [];
+  const preExtractedRoutes = [];  // Routes extracted directly from conventions
   let filesWithPatterns = 0;
 
   for (const file of filesToAnalyze) {
@@ -132,6 +214,12 @@ async function scanCodebase(codebasePath) {
       const content = fs.readFileSync(file, 'utf-8');
       const relativePath = path.relative(codebasePath, file);
       
+      // Pre-extract routes from convention-based frameworks (CodeIgniter, etc.)
+      const conventionRoutes = extractConventionRoutes(content, relativePath);
+      if (conventionRoutes.length > 0) {
+        preExtractedRoutes.push(...conventionRoutes);
+      }
+      
       // Extract API patterns from the file
       const extracted = extractApiPatterns(content, relativePath, file);
       
@@ -148,8 +236,537 @@ async function scanCodebase(codebasePath) {
   }
 
   console.log(`   Found API patterns in ${filesWithPatterns} files`);
+  if (preExtractedRoutes.length > 0) {
+    console.log(`   Pre-extracted ${preExtractedRoutes.length} convention-based routes`);
+  }
 
-  return fileContents;
+  return { files: fileContents, preExtractedRoutes };
+}
+
+/**
+ * Extract routes from convention-based frameworks
+ * Returns array of {method, path, description, bodySchema?} objects
+ */
+function extractConventionRoutes(content, filePath) {
+  const routes = [];
+  
+  // CodeIgniter: application/controllers/api/v2/Settings.php -> /api/v2/settings
+  const basePath = extractRouteFromControllerPath(filePath);
+  if (!basePath) return routes;
+  
+  // Split content into lines for method body extraction
+  const lines = content.split('\n');
+  
+  // Extract CodeIgniter REST controller methods: index_get, index_post, items_get, etc.
+  const methodRegex = /public\s+function\s+(\w+)_(get|post|put|patch|delete)\s*\(([^)]*)\)/gi;
+  let match;
+  
+  while ((match = methodRegex.exec(content)) !== null) {
+    const action = match[1];  // e.g., 'index', 'items', 'user'
+    const httpMethod = match[2].toUpperCase();  // e.g., 'GET', 'POST'
+    const params = match[3];  // e.g., '$id = null'
+    const matchIndex = match.index;
+    
+    // Build the route path
+    let path = basePath;
+    if (action !== 'index') {
+      path += '/' + action.toLowerCase().replace(/_/g, '/');
+    }
+    
+    // Add path parameters from function arguments
+    if (params) {
+      const paramMatches = params.match(/\$(\w+)(?:\s*=\s*[^,)]+)?/g);
+      if (paramMatches) {
+        paramMatches.forEach(p => {
+          const paramName = p.match(/\$(\w+)/)[1];
+          // Only add as path param if it's not optional (no default value) or looks like an ID
+          if (!p.includes('=') || paramName.toLowerCase().includes('id')) {
+            path += '/:' + paramName;
+          }
+        });
+      }
+    }
+    
+    // Extract method body to analyze for body schema (for POST/PUT/PATCH)
+    let bodySchema = null;
+    if (['POST', 'PUT', 'PATCH'].includes(httpMethod)) {
+      bodySchema = extractBodySchemaFromMethod(content, matchIndex);
+    }
+    
+    const route = {
+      method: httpMethod,
+      path,
+      description: `${action}_${match[2]}() method in ${filePath.split('/').pop()}`
+    };
+    
+    if (bodySchema && Object.keys(bodySchema).length > 0) {
+      route.bodySchema = bodySchema;
+    }
+    
+    routes.push(route);
+  }
+  
+  return routes;
+}
+
+// Global cache for discovered complex structures (shared across file analysis)
+const discoveredStructures = new Map();
+
+/**
+ * Pre-scan a file to discover JSON structure patterns
+ * Looks for json_decode followed by array access patterns
+ */
+function preDiscoverStructures(content) {
+  // Find patterns like: $actions = json_decode($actions, true);
+  const jsonDecodeRegex = /\$(\w+)\s*=\s*json_decode\s*\(\s*\$\1/gi;
+  let match;
+  
+  while ((match = jsonDecodeRegex.exec(content)) !== null) {
+    const varName = match[1];
+    
+    // Extract the structure used for this variable
+    const structure = extractNestedStructure(content, varName);
+    
+    // If we found a meaningful structure with examples, cache it
+    if (structure._example && Object.keys(structure._example).length > 0) {
+      // Determine field name from common patterns
+      // e.g., $actions = $this->post('actions'); $actions = json_decode($actions);
+      const fieldRegex = new RegExp(
+        `\\$${varName}\\s*=\\s*\\$this\\s*->\\s*(?:post|put|patch|get)\\s*\\(\\s*['"]([\\w]+)['"]`,
+        'i'
+      );
+      const fieldMatch = content.match(fieldRegex);
+      if (fieldMatch) {
+        const fieldName = fieldMatch[1];
+        discoveredStructures.set(fieldName, structure);
+      } else {
+        // Use variable name as field name
+        discoveredStructures.set(varName, structure);
+      }
+    }
+  }
+  
+  // Also look for library/model calls that reveal structure
+  // e.g., ->edit($update["settings"]), ->edit($update["integrations"])
+  const modelEditRegex = /(\w+_model|lib_\w+)\s*->\s*edit\s*\(\s*\$(\w+)\s*\[\s*["'](\w+)["']\s*\]/gi;
+  const discoveredSections = new Set();
+  
+  while ((match = modelEditRegex.exec(content)) !== null) {
+    const section = match[3];  // e.g., 'settings', 'integrations', 'assignments'
+    discoveredSections.add(section);
+  }
+  
+  // Store discovered sections globally so they can be applied later
+  if (discoveredSections.size > 0) {
+    const existingSections = discoveredStructures.get('_sections') || new Set();
+    for (const section of discoveredSections) {
+      existingSections.add(section);
+    }
+    discoveredStructures.set('_sections', existingSections);
+  }
+  
+  // Also look for common field names with library calls
+  // e.g., $this->lib_settings->edit($actions) suggests 'actions' has a structure
+  const libCallRegex = /lib_settings\s*->\s*edit\s*\(\s*\$(\w+)/gi;
+  while ((match = libCallRegex.exec(content)) !== null) {
+    const varName = match[1];
+    // If we already discovered structure for 'actions', this confirms it
+    if (!discoveredStructures.has(varName)) {
+      // Mark it as a known complex field even if we don't have the structure
+      const existing = discoveredStructures.get('actions');
+      if (existing) {
+        discoveredStructures.set(varName, existing);
+      }
+    }
+  }
+}
+
+/**
+ * Extract body schema from a CodeIgniter controller method
+ * Looks for $this->post('field'), $this->input->post('field'), $this->put('field'), etc.
+ * Also analyzes nested array access patterns after json_decode
+ */
+function extractBodySchemaFromMethod(content, methodStartIndex, fullFileContent = null) {
+  const bodyFields = {};
+  
+  // Find the method body (from method start to next public function or end of class)
+  const methodContent = content.slice(methodStartIndex, methodStartIndex + 8000); // Increased limit
+  const endMatch = methodContent.match(/\n\s*(?:public|private|protected)\s+function\s+/);
+  const methodBody = endMatch ? methodContent.slice(0, endMatch.index) : methodContent;
+  
+  // Use full file content for structure analysis if available
+  const analysisContent = fullFileContent || content;
+  
+  // CodeIgniter REST: $this->post('field'), $this->put('field'), $this->patch('field')
+  const postRegex = /\$(\w+)\s*=\s*\$this\s*->\s*(post|put|patch|get)\s*\(\s*['"](\w+)['"]/gi;
+  let match;
+  while ((match = postRegex.exec(methodBody)) !== null) {
+    const varName = match[1];
+    const fieldName = match[3];
+    
+    // Check if this is a complex field that likely contains JSON structure
+    const isComplexField = isLikelyJsonField(fieldName);
+    
+    // Check if this var is later json_decoded OR is a known complex field
+    const jsonDecodeCheck = new RegExp(`\\$${varName}\\s*=\\s*json_decode\\s*\\(\\s*\\$${varName}`, 'i');
+    const hasJsonDecode = jsonDecodeCheck.test(methodBody);
+    
+    if (hasJsonDecode || isComplexField) {
+      // Analyze nested structure for this variable
+      let nestedSchema = extractNestedStructure(analysisContent, varName);
+      
+      // If we found structure, cache it for reuse
+      if (Object.keys(nestedSchema).length > 0 && !nestedSchema._example) {
+        // Has keys but no example - partial structure
+      } else if (Object.keys(nestedSchema).length > 0) {
+        discoveredStructures.set(fieldName, nestedSchema);
+      }
+      
+      // If we didn't find structure locally, check cache
+      if (Object.keys(nestedSchema).length === 0 || !nestedSchema._example) {
+        const cachedStructure = discoveredStructures.get(fieldName);
+        if (cachedStructure) {
+          nestedSchema = cachedStructure;
+        }
+      }
+      
+      if (Object.keys(nestedSchema).length > 0) {
+        bodyFields[fieldName] = nestedSchema;
+      } else {
+        bodyFields[fieldName] = 'object (JSON structure)';
+      }
+    } else {
+      bodyFields[fieldName] = inferFieldType(fieldName, methodBody);
+    }
+  }
+  
+  // Simple post without assignment
+  const simplePostRegex = /\$this\s*->\s*(post|put|patch|get)\s*\(\s*['"](\w+)['"]/gi;
+  while ((match = simplePostRegex.exec(methodBody)) !== null) {
+    const fieldName = match[2];
+    if (!bodyFields[fieldName]) {
+      // Check if this is a known complex field
+      if (isLikelyJsonField(fieldName)) {
+        const cachedStructure = discoveredStructures.get(fieldName);
+        if (cachedStructure) {
+          bodyFields[fieldName] = cachedStructure;
+        } else {
+          bodyFields[fieldName] = 'object (JSON structure)';
+        }
+      } else {
+        bodyFields[fieldName] = inferFieldType(fieldName, methodBody);
+      }
+    }
+  }
+  
+  // CodeIgniter 3: $this->input->post('field')
+  const inputPostRegex = /\$this\s*->\s*input\s*->\s*(post|get|put)\s*\(\s*['"](\w+)['"]/gi;
+  while ((match = inputPostRegex.exec(methodBody)) !== null) {
+    const fieldName = match[2];
+    if (!bodyFields[fieldName]) {
+      if (isLikelyJsonField(fieldName)) {
+        const cachedStructure = discoveredStructures.get(fieldName);
+        bodyFields[fieldName] = cachedStructure || 'object (JSON structure)';
+      } else {
+        bodyFields[fieldName] = inferFieldType(fieldName, methodBody);
+      }
+    }
+  }
+  
+  // PHP $_POST['field'], $_GET['field'], $_REQUEST['field']
+  const globalPostRegex = /\$_(POST|GET|REQUEST|PUT)\s*\[\s*['"](\w+)['"]\s*\]/gi;
+  while ((match = globalPostRegex.exec(methodBody)) !== null) {
+    const fieldName = match[2];
+    if (!bodyFields[fieldName]) {
+      bodyFields[fieldName] = inferFieldType(fieldName, methodBody);
+    }
+  }
+  
+  // Laravel/PHP: $request->input('field'), $request->get('field')
+  const requestRegex = /\$request\s*->\s*(input|get|post|all)\s*\(\s*['"](\w+)['"]/gi;
+  while ((match = requestRegex.exec(methodBody)) !== null) {
+    const fieldName = match[2];
+    if (!bodyFields[fieldName]) {
+      if (isLikelyJsonField(fieldName)) {
+        const cachedStructure = discoveredStructures.get(fieldName);
+        bodyFields[fieldName] = cachedStructure || 'object (JSON structure)';
+      } else {
+        bodyFields[fieldName] = inferFieldType(fieldName, methodBody);
+      }
+    }
+  }
+  
+  return bodyFields;
+}
+
+/**
+ * Check if a field name likely contains JSON/object data
+ */
+function isLikelyJsonField(fieldName) {
+  const jsonFieldNames = [
+    'actions', 'data', 'body', 'payload', 'params', 'options', 'settings',
+    'config', 'meta', 'metadata', 'attributes', 'properties', 'fields',
+    'items', 'records', 'entries', 'values', 'content', 'json'
+  ];
+  return jsonFieldNames.includes(fieldName.toLowerCase());
+}
+
+/**
+ * Extract nested structure from array access patterns
+ * e.g., $actions['settings']['updates'] -> { settings: { updates: [] } }
+ */
+function extractNestedStructure(methodBody, varName) {
+  const structure = {};
+  const itemFields = new Set();
+  
+  // Match direct access patterns like $varName['key1']['key2']
+  const arrayAccessRegex = new RegExp(
+    `\\$${varName}\\s*\\[\\s*['"]([\\w]+)['"]\\s*\\]\\s*\\[\\s*['"]([\\w]+)['"]\\s*\\]`,
+    'gi'
+  );
+  
+  let match;
+  while ((match = arrayAccessRegex.exec(methodBody)) !== null) {
+    const key1 = match[1];
+    const key2 = match[2];
+    
+    if (!structure[key1]) structure[key1] = {};
+    structure[key1][key2] = [];  // Arrays like updates, inserts, deletes
+  }
+  
+  // Look for foreach patterns to find nested iterators
+  // Pattern: foreach ($varName as $key => &$iterVar) { ... foreach ($iterVar['subkey'] as &$item) }
+  const foreachRegex = new RegExp(
+    `foreach\\s*\\(\\s*\\$${varName}\\s+as\\s+(?:\\$\\w+\\s*=>\\s*)?[&]?\\$(\\w+)\\s*\\)`,
+    'gi'
+  );
+  
+  while ((match = foreachRegex.exec(methodBody)) !== null) {
+    const iterVar = match[1];
+    
+    // Find nested foreach on iterator's array property
+    // e.g., foreach ($settings['updates'] as &$setting)
+    const nestedForeachRegex = new RegExp(
+      `foreach\\s*\\(\\s*\\$${iterVar}\\s*\\[\\s*['"]([\\w]+)['"]\\s*\\]\\s+as\\s+(?:\\$\\w+\\s*=>\\s*)?[&]?\\$(\\w+)\\s*\\)`,
+      'gi'
+    );
+    
+    let nestedMatch;
+    while ((nestedMatch = nestedForeachRegex.exec(methodBody)) !== null) {
+      const arrayKey = nestedMatch[1]; // e.g., 'updates'
+      const itemVar = nestedMatch[2];  // e.g., 'setting'
+      
+      // Find all field accesses on the item variable
+      const itemAccessRegex = new RegExp(`\\$${itemVar}\\s*\\[\\s*['"]([\\w]+)['"]\\s*\\]`, 'gi');
+      let itemMatch;
+      while ((itemMatch = itemAccessRegex.exec(methodBody)) !== null) {
+        itemFields.add(itemMatch[1]);
+      }
+    }
+  }
+  
+  // Also look for direct item field accesses (common variable names)
+  const commonItemVars = ['setting', 'item', 'update', 'insert', 'delete', 'row', 'entry', 'data', 'integration', 'assignment'];
+  for (const itemVar of commonItemVars) {
+    const itemAccessRegex = new RegExp(`\\$${itemVar}\\s*\\[\\s*['"]([\\w]+)['"]\\s*\\]`, 'gi');
+    let itemMatch;
+    while ((itemMatch = itemAccessRegex.exec(methodBody)) !== null) {
+      itemFields.add(itemMatch[1]);
+    }
+  }
+  
+  // Look for common section names that might be used alongside 'settings'
+  // Pattern: $actions['sectionName'] or $actions["sectionName"]
+  const sectionRegex = new RegExp(`\\$${varName}\\s*\\[\\s*['"]([\\w]+)['"]\\s*\\]`, 'gi');
+  const sections = new Set();
+  let sectionMatch;
+  while ((sectionMatch = sectionRegex.exec(methodBody)) !== null) {
+    sections.add(sectionMatch[1]);
+  }
+  
+  // Common section names in settings/actions payloads
+  const commonSections = ['settings', 'assignments', 'integrations', 'notifications', 'permissions'];
+  for (const section of commonSections) {
+    // Check if this section is referenced anywhere in the codebase
+    if (methodBody.includes(`['${section}']`) || methodBody.includes(`["${section}"]`)) {
+      sections.add(section);
+    }
+  }
+  
+  // Add sections discovered during pre-scan phase
+  const globalSections = discoveredStructures.get('_sections');
+  if (globalSections) {
+    for (const section of globalSections) {
+      // Filter out false positives (id, id_user, etc. are not sections)
+      if (!section.startsWith('id') && section.length > 2) {
+        sections.add(section);
+      }
+    }
+  }
+  
+  // Build item schema from collected fields
+  const itemSchema = {};
+  for (const field of itemFields) {
+    itemSchema[field] = inferFieldType(field, methodBody);
+  }
+  
+  // Ensure common fields are included
+  const commonFields = ['key', 'value', 'id_facility', 'type', 'category', 'id_file', 'integrator'];
+  for (const field of commonFields) {
+    if (!itemSchema[field]) {
+      // Check if field is referenced in content
+      if (methodBody.includes(`['${field}']`) || methodBody.includes(`["${field}"]`)) {
+        itemSchema[field] = inferFieldType(field, methodBody);
+      }
+    }
+  }
+  
+  // Build structure for all discovered sections
+  if (sections.size > 0 && Object.keys(itemSchema).length > 0) {
+    for (const section of sections) {
+      if (!structure[section]) {
+        structure[section] = {};
+      }
+      // Add updates/inserts/deletes for each section
+      for (const action of ['updates', 'inserts', 'deletes']) {
+        structure[section][action] = `array of { ${Object.entries(itemSchema).map(([k, v]) => `${k}: ${v}`).join(', ')} }`;
+      }
+    }
+  } else if (Object.keys(itemSchema).length > 0) {
+    // Apply item schema to existing structure
+    for (const [key, value] of Object.entries(structure)) {
+      if (typeof value === 'object' && !key.startsWith('_')) {
+        for (const [subKey, subValue] of Object.entries(value)) {
+          if (Array.isArray(subValue) || ['updates', 'inserts', 'deletes', 'items'].includes(subKey)) {
+            structure[key][subKey] = `array of { ${Object.entries(itemSchema).map(([k, v]) => `${k}: ${v}`).join(', ')} }`;
+          }
+        }
+      }
+    }
+  }
+  
+  // Generate a complete example
+  if (Object.keys(structure).length > 0 && Object.keys(itemSchema).length > 0) {
+    const exampleItem = {};
+    for (const [field, type] of Object.entries(itemSchema)) {
+      exampleItem[field] = getExampleValue(field, type);
+    }
+    
+    // Example for integration item (with integrator field)
+    const integrationExampleItem = { ...exampleItem, integrator: 'mews' };
+    
+    structure._example = {};
+    for (const [key, value] of Object.entries(structure)) {
+      if (key.startsWith('_')) continue;
+      structure._example[key] = {};
+      for (const [subKey] of Object.entries(value)) {
+        if (['updates', 'inserts', 'deletes'].includes(subKey)) {
+          if (key === 'integrations') {
+            structure._example[key][subKey] = subKey === 'updates' ? [integrationExampleItem] : [];
+          } else {
+            structure._example[key][subKey] = subKey === 'updates' ? [exampleItem] : [];
+          }
+        }
+      }
+    }
+  }
+  
+  return structure;
+}
+
+/**
+ * Generate an example JSON body based on extracted structure
+ */
+function generateExample(structure, itemFields) {
+  const example = {};
+  
+  for (const [key, value] of Object.entries(structure)) {
+    if (key.startsWith('_')) continue;
+    
+    if (typeof value === 'object' && value !== null) {
+      // Nested object
+      if (value._arrayOf) {
+        // Array of items
+        const itemExample = {};
+        for (const [itemKey, itemType] of Object.entries(value._arrayOf)) {
+          itemExample[itemKey] = getExampleValue(itemKey, itemType);
+        }
+        example[key] = [itemExample];
+      } else {
+        example[key] = generateExample(value, itemFields);
+      }
+    } else {
+      example[key] = getExampleValue(key, value);
+    }
+  }
+  
+  return example;
+}
+
+/**
+ * Get example value for a field based on its name and type
+ */
+function getExampleValue(fieldName, fieldType) {
+  const nameLower = fieldName.toLowerCase();
+  
+  if (nameLower === 'key') return 'hotel_title';
+  if (nameLower === 'value') return 'My Hotel Name';
+  if (nameLower === 'id_facility' || nameLower === 'id_file') return '-1';
+  if (nameLower === 'type') return 'text';
+  if (nameLower === 'category') return 'main';
+  if (nameLower === 'id') return 1;
+  if (nameLower.includes('email')) return 'user@example.com';
+  if (fieldType === 'integer' || fieldType === 'number') return 1;
+  if (fieldType === 'boolean') return true;
+  if (fieldType === 'array') return [];
+  
+  return 'string_value';
+}
+
+/**
+ * Infer field type from field name and context
+ */
+function inferFieldType(fieldName, context) {
+  const nameLower = fieldName.toLowerCase();
+  
+  // ID fields
+  if (nameLower.startsWith('id_') || nameLower.endsWith('_id') || nameLower === 'id') {
+    return 'integer';
+  }
+  
+  // Boolean-ish fields
+  if (nameLower.startsWith('is_') || nameLower.startsWith('has_') || 
+      nameLower.includes('enabled') || nameLower.includes('active') ||
+      nameLower.includes('flag') || nameLower === 'status') {
+    return 'boolean';
+  }
+  
+  // Date/time fields
+  if (nameLower.includes('date') || nameLower.includes('time') || 
+      nameLower.includes('_at') || nameLower === 'created' || nameLower === 'updated') {
+    return 'datetime';
+  }
+  
+  // Numeric fields
+  if (nameLower.includes('count') || nameLower.includes('amount') ||
+      nameLower.includes('price') || nameLower.includes('quantity') ||
+      nameLower.includes('total') || nameLower.includes('number')) {
+    return 'number';
+  }
+  
+  // Email
+  if (nameLower.includes('email')) {
+    return 'email';
+  }
+  
+  // Array/JSON fields
+  if (nameLower.includes('items') || nameLower.includes('list') || 
+      nameLower.includes('array') || nameLower === 'data' || nameLower === 'actions') {
+    return 'array|object';
+  }
+  
+  // Default to string
+  return 'string';
 }
 
 /**
@@ -306,6 +923,78 @@ function extractRequestPatterns(content) {
   return patterns;
 }
 
+/**
+ * Extract CodeIgniter REST controller methods and map to routes
+ * e.g., index_get() -> GET /path, index_post() -> POST /path
+ * e.g., items_get() -> GET /path/items, user_get($id) -> GET /path/user/:id
+ */
+function extractCodeIgniterMethods(content, basePath) {
+  const routes = [];
+  
+  // Match public function methodname_httpverb($params)
+  // CodeIgniter REST convention: {action}_{method}
+  const methodRegex = /public\s+function\s+(\w+)_(get|post|put|patch|delete)\s*\(([^)]*)\)/gi;
+  let match;
+  
+  while ((match = methodRegex.exec(content)) !== null) {
+    const action = match[1];  // e.g., 'index', 'items', 'user'
+    const method = match[2].toUpperCase();  // e.g., 'GET', 'POST'
+    const params = match[3];  // e.g., '$id = null'
+    
+    // Build the route path
+    let path = basePath;
+    if (action !== 'index') {
+      path += '/' + action.toLowerCase().replace(/_/g, '/');
+    }
+    
+    // Add path parameters from function arguments
+    if (params) {
+      const paramNames = params.match(/\$(\w+)/g);
+      if (paramNames) {
+        paramNames.forEach(p => {
+          const paramName = p.replace('$', '');
+          if (!paramName.includes('=')) {  // Not optional
+            path += '/:' + paramName;
+          }
+        });
+      }
+    }
+    
+    routes.push(`// ${method} ${path} - from ${match[1]}_${match[2]}()`);
+  }
+  
+  return routes;
+}
+
+/**
+ * Extract route path from CodeIgniter/Laravel controller file path
+ * e.g., application/controllers/api/v2/Settings.php -> /api/v2/settings
+ */
+function extractRouteFromControllerPath(filePath) {
+  // CodeIgniter 3: application/controllers/api/v2/Settings.php -> /api/v2/settings
+  let match = filePath.match(/application\/controllers\/(.+)\.php$/i);
+  if (match) {
+    const route = '/' + match[1].toLowerCase().replace(/\/index$/, '');
+    return route;
+  }
+  
+  // CodeIgniter 4: app/Controllers/Api/V2/Settings.php -> /api/v2/settings
+  match = filePath.match(/app\/Controllers\/(.+)\.php$/i);
+  if (match) {
+    const route = '/' + match[1].toLowerCase().replace(/\/index$/, '');
+    return route;
+  }
+  
+  // Laravel: app/Http/Controllers/Api/V2/SettingsController.php -> /api/v2/settings
+  match = filePath.match(/app\/Http\/Controllers\/(.+)Controller\.php$/i);
+  if (match) {
+    const route = '/' + match[1].toLowerCase().replace(/\/index$/, '');
+    return route;
+  }
+  
+  return null;
+}
+
 /**
  * Extract API patterns from file content - framework agnostic
  */
@@ -316,7 +1005,22 @@ function extractApiPatterns(content, filePath, absolutePath) {
 
   // Check if this is a route/controller file - if so, include more context
   const isRouteFile = HIGH_PRIORITY_PATTERNS.some(p => p.test(filePath));
-  const isDtoFile = /dto|interface|types?|schema/i.test(filePath);
+  // DTO/Model/Entity files across languages
+  const isDtoFile = /dto|interface|types?|schema|model|entity|request|response|form/i.test(filePath);
+  
+  // For CodeIgniter/Laravel controllers, extract the route from file path
+  const conventionRoute = extractRouteFromControllerPath(filePath);
+  if (conventionRoute) {
+    // Extract HTTP methods from CodeIgniter-style method names
+    const ciMethods = extractCodeIgniterMethods(content, conventionRoute);
+    if (ciMethods.length > 0) {
+      extractedBlocks.push(`// CONVENTION-BASED ROUTES FROM CONTROLLER:\n${ciMethods.join('\n')}`);
+      hasApiPatterns = true;
+    } else {
+      extractedBlocks.push(`// CONVENTION-BASED ROUTE: ${conventionRoute}\n// Controller file path maps to this API endpoint`);
+      hasApiPatterns = true;
+    }
+  }
   
   // ============================================
   // PATTERN 0: Swagger/OpenAPI documentation
@@ -346,7 +1050,7 @@ function extractApiPatterns(content, filePath, absolutePath) {
   }
 
   // ============================================
-  // PATTERN 3: Express/Koa/Fastify Router definitions
+  // PATTERN 3: Express/Koa/Fastify Router definitions (JavaScript/TypeScript)
   // ============================================
   const routerPatterns = [
     // Express Router: router.get('/path', handler)
@@ -358,12 +1062,92 @@ function extractApiPatterns(content, filePath, absolutePath) {
   ];
 
   // ============================================
-  // PATTERN 4: NestJS/Decorators
+  // PATTERN 4: NestJS/Decorators (JavaScript/TypeScript)
   // ============================================
   const decoratorPatterns = [
     /@(Get|Post|Put|Patch|Delete|All)\s*\(\s*['"`]?([^'"`\)]*)/gi,
     /@Controller\s*\(\s*['"`]([^'"`]+)/gi,
   ];
+  
+  // ============================================
+  // PATTERN PHP: CodeIgniter, Laravel, Symfony routes
+  // ============================================
+  const phpPatterns = [
+    // CodeIgniter 4: $routes->get('path', 'Controller::method')
+    /\$routes\s*->\s*(get|post|put|patch|delete|add|match|cli)\s*\(\s*['"]([^'"]+)['"]/gi,
+    // CodeIgniter 4: $routes->group()
+    /\$routes\s*->\s*group\s*\(\s*['"]([^'"]+)['"]/gi,
+    // CodeIgniter 3: $route['path'] = 'controller/method'
+    /\$route\s*\[\s*['"]([^'"]+)['"]\s*\]/gi,
+    // Laravel: Route::get('path', ...)
+    /Route\s*::\s*(get|post|put|patch|delete|any|match|resource|apiResource)\s*\(\s*['"]([^'"]+)['"]/gi,
+    // Laravel route groups
+    /Route\s*::\s*(prefix|group|middleware)\s*\(\s*['"]([^'"]+)['"]/gi,
+    // Symfony annotations: @Route("/path")
+    /@Route\s*\(\s*['"]([^'"]+)['"]/gi,
+    // Symfony PHP 8 attributes: #[Route('/path')]
+    /#\[Route\s*\(\s*['"]([^'"]+)['"]/gi,
+    // PHP method definitions in controllers (for convention-based routing)
+    /public\s+function\s+(\w+)\s*\([^)]*\)/gi,
+    // PHP class definitions (to get controller names)
+    /class\s+(\w+)\s+extends\s+(\w*Controller|CI_Controller|BaseController|ResourceController)/gi,
+  ];
+  
+  // ============================================
+  // PATTERN Python: Flask, FastAPI, Django
+  // ============================================
+  const pythonPatterns = [
+    // Flask: @app.route('/path')
+    /@app\.(route|get|post|put|patch|delete)\s*\(\s*['"]([^'"]+)['"]/gi,
+    // Flask Blueprint: @blueprint.route('/path')
+    /@\w+\.(route|get|post|put|patch|delete)\s*\(\s*['"]([^'"]+)['"]/gi,
+    // FastAPI: @app.get('/path'), @router.post('/path')
+    /@(app|router)\.(get|post|put|patch|delete|api_route)\s*\(\s*['"]([^'"]+)['"]/gi,
+    // Django: path('route/', view)
+    /path\s*\(\s*['"]([^'"]+)['"]/gi,
+    // Django: url(r'^route/$', view)
+    /url\s*\(\s*r?['"]([^'"]+)['"]/gi,
+  ];
+  
+  // ============================================
+  // PATTERN Ruby: Rails, Sinatra
+  // ============================================
+  const rubyPatterns = [
+    // Rails: get '/path', post '/path', resources :items
+    /^\s*(get|post|put|patch|delete|resources|resource|root|match)\s+['":]/gim,
+    // Rails namespace/scope
+    /(namespace|scope)\s+[:'"](\w+)/gi,
+    // Sinatra: get '/path' do
+    /^\s*(get|post|put|patch|delete)\s+['"]([^'"]+)['"]\s+do/gim,
+  ];
+  
+  // ============================================
+  // PATTERN Go: Gin, Echo, Chi, net/http
+  // ============================================
+  const goPatterns = [
+    // Gin: r.GET("/path", handler), router.POST("/path", handler)
+    /\.(GET|POST|PUT|PATCH|DELETE|Handle|Any|Group)\s*\(\s*["']([^"']+)["']/gi,
+    // Echo: e.GET("/path", handler)
+    /e\.(GET|POST|PUT|PATCH|DELETE|Any|Group)\s*\(\s*["']([^"']+)["']/gi,
+    // Chi: r.Get("/path", handler), r.Route("/path", ...)
+    /r\.(Get|Post|Put|Patch|Delete|Route|Group|Mount)\s*\(\s*["']([^"']+)["']/gi,
+    // net/http: http.HandleFunc("/path", handler)
+    /http\.(HandleFunc|Handle)\s*\(\s*["']([^"']+)["']/gi,
+    // Gorilla mux: r.HandleFunc("/path", handler).Methods("GET")
+    /HandleFunc\s*\(\s*["']([^"']+)["']/gi,
+  ];
+  
+  // ============================================
+  // PATTERN Java/Kotlin: Spring Boot
+  // ============================================
+  const javaPatterns = [
+    // Spring: @GetMapping("/path"), @PostMapping("/path")
+    /@(GetMapping|PostMapping|PutMapping|PatchMapping|DeleteMapping|RequestMapping)\s*\(\s*(?:value\s*=\s*)?["']?([^"'\)]+)/gi,
+    // Spring: @RequestMapping(method = RequestMethod.GET)
+    /@RequestMapping\s*\([^)]*method\s*=\s*RequestMethod\.(GET|POST|PUT|PATCH|DELETE)/gi,
+    // JAX-RS: @GET, @POST, @Path("/path")
+    /@(GET|POST|PUT|PATCH|DELETE|Path)\s*(?:\(\s*["']([^"']+)["']\s*\))?/gi,
+  ];
 
   // ============================================
   // PATTERN 5: Frontend HTTP calls
@@ -406,10 +1190,15 @@ function extractApiPatterns(content, filePath, absolutePath) {
     /method:\s*['"`](GET|POST|PUT|PATCH|DELETE)['"`]/gi,
   ];
 
-  // Combine all patterns for line scanning
+  // Combine all patterns for line scanning (all languages)
   const allPatterns = [
     ...routerPatterns,
     ...decoratorPatterns,
+    ...phpPatterns,
+    ...pythonPatterns,
+    ...rubyPatterns,
+    ...goPatterns,
+    ...javaPatterns,
     ...httpCallPatterns,
     ...urlPatterns,
     ...methodUrlPatterns
@@ -495,8 +1284,28 @@ function extractApiPatterns(content, filePath, absolutePath) {
       }
     }
     
-    // Also check for common API keywords
-    const hasKeyword = /\.get\(|\.post\(|\.put\(|\.patch\(|\.delete\(|fetch\(|axios|\/api\/|endpoint|@Get|@Post|@Put|@Delete/i.test(line);
+    // Also check for common API keywords (all languages)
+    const hasKeyword = new RegExp([
+      // JavaScript/TypeScript
+      '\\.get\\(', '\\.post\\(', '\\.put\\(', '\\.patch\\(', '\\.delete\\(',
+      'fetch\\(', 'axios', '\\/api\\/', 'endpoint',
+      '@Get', '@Post', '@Put', '@Delete',
+      // PHP (CodeIgniter, Laravel)
+      '\\$routes\\s*->', 'Route\\s*::', '@Route',
+      '\\$this->input->', '\\$this->request->', // CodeIgniter input
+      '\\$request->', '\\$_POST', '\\$_GET', '\\$_PUT', // PHP request data
+      'public\\s+function\\s+\\w+', // PHP public methods (potential endpoints)
+      'extends\\s+\\w*Controller', // PHP controller classes
+      // Python (Flask, FastAPI, Django)
+      '@app\\.route', '@app\\.get', '@app\\.post', '@router\\.',
+      'path\\s*\\(', 'url\\s*\\(',
+      // Ruby (Rails)
+      'resources\\s+:', 'get\\s+[\'"]/', 'post\\s+[\'"]/',
+      // Go (Gin, Echo, Chi)
+      '\\.GET\\(', '\\.POST\\(', 'HandleFunc\\(',
+      // Java/Kotlin (Spring)
+      '@GetMapping', '@PostMapping', '@RequestMapping', '@Path'
+    ].join('|'), 'i').test(line);
     
     if (hasPattern || hasKeyword) {
       hasApiPatterns = true;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@merlean/analyzer",
-  "version": "2.2.0",
+  "version": "2.3.0",
   "description": "AI Bot codebase analyzer - generates site maps for AI assistant integration",
   "keywords": ["ai", "bot", "analyzer", "claude", "anthropic", "widget"],
   "author": "zmaren",