@sun-asterisk/impact-analyzer 1.0.6 → 1.0.8

package/core/detectors/database-detector.js

@@ -7,6 +7,7 @@
  */
 
 import path from 'path';
+import fs from 'fs';
 import { createLogger } from '../utils/logger.js';
 
 export class DatabaseDetector {
@@ -478,6 +479,364 @@ export class DatabaseDetector {
     return blocks;
   }
 
+  /**
+   * BUG-004: Detect raw SQL query patterns in changed files
+   * CORRECTED APPROACH: Use full file content, not just diff
+   *
+   * Strategy:
+   * 1. Read full file content from filesystem
+   * 2. Find changed line numbers from diff
+   * 3. Find parent statements containing those lines
+   * 4. Extract SQL from those statements
+   */
+  detectRawSQLQueries(filePath, diff) {
+    const sqlQueries = [];
+
+    try {
+      // Step 1: Read full file content
+      if (!fs.existsSync(filePath)) {
+        this.logger.verbose('DatabaseDetector', `File not found: ${filePath}`);
+        return sqlQueries;
+      }
+
+      const fileContent = fs.readFileSync(filePath, 'utf-8');
+      const fileLines = fileContent.split('\n');
+
+      // Step 2: Extract changed line numbers from diff
+      const changedLineNumbers = this.extractChangedLineNumbers(diff);
+
+      if (changedLineNumbers.length === 0) {
+        return sqlQueries;
+      }
+
+      this.logger.verbose('DatabaseDetector',
+        `Analyzing ${changedLineNumbers.length} changed lines in ${filePath}`);
+
+      // Step 3: Find query/execute statements that contain changed lines
+      const processedStatements = new Set();
+
+      for (const lineNum of changedLineNumbers) {
+        const statement = this.findQueryStatementContainingLine(fileLines, lineNum);
+
+        if (!statement) continue;
+
+        const key = `${statement.startLine}-${statement.endLine}`;
+        if (processedStatements.has(key)) continue;
+        processedStatements.add(key);
+
+        // Step 4: Extract SQL from statement
+        const sqlData = this.extractSQLFromStatement(statement.content);
+
+        if (sqlData) {
+          this.logger.verbose('DatabaseDetector',
+            `Found SQL query at lines ${statement.startLine}-${statement.endLine}`);
+          sqlQueries.push({
+            sql: sqlData.sql,
+            method: statement.method,
+            changedLineNum: lineNum
+          });
+        }
+      }
+
+    } catch (error) {
+      this.logger.error('DatabaseDetector', `Error detecting raw SQL: ${error.message}`);
+    }
+
+    return sqlQueries;
+  }
+
+  /**
+   * Extract line numbers that were changed in the diff
+   */
+  extractChangedLineNumbers(diff) {
+    const changedLines = [];
+    const lines = diff.split('\n');
+    let currentLineNum = 0;
+
+    for (const line of lines) {
+      if (line.startsWith('@@')) {
+        // Parse: @@ -oldStart,oldCount +newStart,newCount @@
+        const match = line.match(/@@ -\d+(?:,\d+)? \+(\d+)/);
+        if (match) {
+          currentLineNum = parseInt(match[1], 10);
+        }
+        continue;
+      }
+
+      if (line.startsWith('+') && !line.startsWith('+++')) {
+        changedLines.push(currentLineNum);
+      }
+
+      if (!line.startsWith('-')) {
+        currentLineNum++;
+      }
+    }
+
+    return changedLines;
+  }
+
+  /**
+   * Find the .query() or .execute() statement that contains the given line number
+   */
+  findQueryStatementContainingLine(fileLines, targetLineNum) {
+    // Adjust for 0-based array indexing
+    const targetIndex = targetLineNum - 1;
+
+    if (targetIndex < 0 || targetIndex >= fileLines.length) {
+      return null;
+    }
+
+    // Search backwards to find .query( or .execute(
+    const searchRadius = 50;
+    let startLine = -1;
+    let method = null;
+
+    for (let i = targetIndex; i >= Math.max(0, targetIndex - searchRadius); i--) {
+      const line = fileLines[i];
+      const match = line.match(/\.(query|execute)\s*</);
+
+      if (match) {
+        method = match[1];
+        startLine = i + 1; // Convert to 1-based line number
+        break;
+      }
+    }
+
+    if (!method) return null;
+
+    // Search forward to find the end of the statement (closing semicolon or })
+    let endLine = targetLineNum;
+    let parenDepth = 0;
+    let inTemplate = false;
+
+    for (let i = startLine - 1; i < Math.min(fileLines.length, startLine + searchRadius); i++) {
+      const line = fileLines[i];
+
+      // Track template literal boundaries
+      for (const char of line) {
+        if (char === '`') inTemplate = !inTemplate;
+        if (!inTemplate) {
+          if (char === '(') parenDepth++;
+          if (char === ')') parenDepth--;
+        }
+      }
+
+      endLine = i + 1;
+
+      // Found the end when parentheses are balanced and we hit a semicolon
+      if (parenDepth === 0 && line.includes(';')) {
+        break;
+      }
+    }
+
+    // Extract the statement content
+    const statementLines = fileLines.slice(startLine - 1, endLine);
+
+    return {
+      startLine,
+      endLine,
+      method,
+      content: statementLines.join('\n')
+    };
+  }
+
+  /**
+   * Extract SQL and metadata from a query/execute statement
+   */
+  extractSQLFromStatement(statementContent) {
+    // Extract SQL from template literal (backticks)
+    const templateMatch = statementContent.match(/`([^`]+)`/s);
+
+    if (templateMatch) {
+      const sql = templateMatch[1].trim();
+      return { sql };
+    }
+
+    // Try single/double quotes as fallback
+    const quoteMatch = statementContent.match(/['"]([^'"]+)['"]/s);
+    if (quoteMatch) {
+      const sql = quoteMatch[1].trim();
+      return { sql };
+    }
+
+    return null;
+  }
+
+  /**
+   * BUG-004: Parse SQL query to extract database impact
+   * Extracts: operation type, table names, field names
+   */
+  parseSQLQuery(sql) {
+    const impact = {
+      operation: null,
+      tables: [],
+      fields: [],
+      hasJoin: false,
+      joinType: null
+    };
+
+    // Normalize SQL (remove extra whitespace, newlines)
+    const normalizedSQL = sql.replace(/\s+/g, ' ').trim().toUpperCase();
+
+    // Detect operation type
+    if (normalizedSQL.startsWith('SELECT')) {
+      impact.operation = 'SELECT';
+    } else if (normalizedSQL.startsWith('INSERT')) {
+      impact.operation = 'INSERT';
+    } else if (normalizedSQL.startsWith('UPDATE')) {
+      impact.operation = 'UPDATE';
+    } else if (normalizedSQL.startsWith('DELETE')) {
+      impact.operation = 'DELETE';
+    } else if (normalizedSQL.startsWith('ALTER')) {
+      impact.operation = 'ALTER';
+    } else if (normalizedSQL.startsWith('CREATE')) {
+      impact.operation = 'CREATE';
+    } else if (normalizedSQL.startsWith('DROP')) {
+      impact.operation = 'DROP';
+    }
+
+    // Extract table names
+    impact.tables = this.extractTablesFromSQL(normalizedSQL, impact.operation);
+
+    // Extract field names (use original SQL for case sensitivity)
+    impact.fields = this.extractFieldsFromSQL(sql, impact.operation);
+
+    // Detect JOIN
+    if (normalizedSQL.includes('JOIN')) {
+      impact.hasJoin = true;
+
+      if (normalizedSQL.includes('INNER JOIN')) {
+        impact.joinType = 'INNER';
+      } else if (normalizedSQL.includes('LEFT JOIN')) {
+        impact.joinType = 'LEFT';
+      } else if (normalizedSQL.includes('RIGHT JOIN')) {
+        impact.joinType = 'RIGHT';
+      } else if (normalizedSQL.includes('FULL JOIN')) {
+        impact.joinType = 'FULL';
+      }
+    }
+
+    return impact;
+  }
+
+  /**
+   * BUG-004: Extract table names from SQL query
+   */
+  extractTablesFromSQL(sql, operation) {
+    const tables = new Set();
+
+    // FROM clause: SELECT ... FROM table_name
+    const fromMatches = sql.matchAll(/FROM\s+([a-z_][a-z0-9_]*)/gi);
+    for (const match of fromMatches) {
+      tables.add(match[1].toLowerCase());
+    }
+
+    // JOIN clause: JOIN table_name
+    const joinMatches = sql.matchAll(/JOIN\s+([a-z_][a-z0-9_]*)/gi);
+    for (const match of joinMatches) {
+      tables.add(match[1].toLowerCase());
+    }
+
+    // INSERT INTO: INSERT INTO table_name
+    if (operation === 'INSERT') {
+      const insertMatch = sql.match(/INSERT\s+INTO\s+([a-z_][a-z0-9_]*)/i);
+      if (insertMatch) {
+        tables.add(insertMatch[1].toLowerCase());
+      }
+    }
+
+    // UPDATE: UPDATE table_name
+    if (operation === 'UPDATE') {
+      const updateMatch = sql.match(/UPDATE\s+([a-z_][a-z0-9_]*)/i);
+      if (updateMatch) {
+        tables.add(updateMatch[1].toLowerCase());
+      }
+    }
+
+    // ALTER TABLE: ALTER TABLE table_name
+    if (operation === 'ALTER') {
+      const alterMatch = sql.match(/ALTER\s+TABLE\s+([a-z_][a-z0-9_]*)/i);
+      if (alterMatch) {
+        tables.add(alterMatch[1].toLowerCase());
+      }
+    }
+
+    return Array.from(tables);
+  }
+
+  /**
+   * BUG-004: Extract field names from SQL query
+   */
+  extractFieldsFromSQL(sql, operation) {
+    const fields = new Set();
+
+    // SELECT fields: SELECT field1, field2, table.field3
+    if (operation === 'SELECT') {
+      const selectMatch = sql.match(/SELECT\s+(.*?)\s+FROM/is);
+      if (selectMatch) {
+        const fieldList = selectMatch[1];
+
+        // Extract field names (handle table.field format)
+        const fieldMatches = fieldList.matchAll(/(?:^|,)\s*(?:\w+\.)?(\w+)(?:\s+as\s+\w+)?/gi);
+        for (const match of fieldMatches) {
+          const fieldName = match[1].toLowerCase();
+          // Skip SQL keywords and functions
+          if (!['count', 'sum', 'avg', 'max', 'min', 'distinct', '*'].includes(fieldName)) {
+            fields.add(fieldName);
+          }
+        }
+      }
+    }
+
+    // WHERE clause fields: WHERE user.id = $1 AND user.name = $2
+    const whereMatches = sql.matchAll(/(?:WHERE|AND|OR)\s+(?:\w+\.)?(\w+)\s*[=<>!]/gi);
+    for (const match of whereMatches) {
+      const fieldName = match[1].toLowerCase();
+      fields.add(fieldName);
+    }
+
+    // JOIN ON clause: ON table1.field = table2.field
+    const onMatches = sql.matchAll(/ON\s+(?:\w+\.)?(\w+)\s*=\s*(?:\w+\.)?(\w+)/gi);
+    for (const match of onMatches) {
+      fields.add(match[1].toLowerCase());
+      fields.add(match[2].toLowerCase());
+    }
+
+    // INSERT fields: INSERT INTO table (field1, field2)
+    if (operation === 'INSERT') {
+      const insertMatch = sql.match(/INSERT\s+INTO\s+\w+\s*\((.*?)\)/is);
+      if (insertMatch) {
+        const fieldList = insertMatch[1];
+        const fieldMatches = fieldList.matchAll(/(\w+)/g);
+        for (const match of fieldMatches) {
+          fields.add(match[1].toLowerCase());
+        }
+      }
+    }
+
+    // UPDATE SET: UPDATE table SET field1 = $1, field2 = $2
+    if (operation === 'UPDATE') {
+      const setMatch = sql.match(/SET\s+(.*?)(?:WHERE|$)/is);
+      if (setMatch) {
+        const setList = setMatch[1];
+        const fieldMatches = setList.matchAll(/(\w+)\s*=/gi);
+        for (const match of fieldMatches) {
+          fields.add(match[1].toLowerCase());
+        }
+      }
+    }
+
+    // ALTER TABLE ADD/MODIFY: ALTER TABLE table ADD COLUMN field_name
+    if (operation === 'ALTER') {
+      const alterMatches = sql.matchAll(/(?:ADD|MODIFY|DROP)\s+(?:COLUMN\s+)?(\w+)/gi);
+      for (const match of alterMatches) {
+        fields.add(match[1].toLowerCase());
+      }
+    }
+
+    return Array.from(fields).filter(f => f !== 'delflg');
+  }
+
   analyzeChangedCodeForDatabaseOps(changedFile, databaseChanges) {
     const diff = changedFile.diff || '';
     const content = changedFile.content || '';
@@ -502,6 +861,52 @@ export class DatabaseDetector {
       );
     }
 
+    // BUG-004: Step 3 - Detect raw SQL queries
+    const rawSQLQueries = this.detectRawSQLQueries(changedFile.path, changedFile.diff || '');
+
+    if (rawSQLQueries.length > 0) {
+      this.logger.verbose('DatabaseDetector',
+        `Found ${rawSQLQueries.length} raw SQL queries in ${changedFile.path}`);
+    }
+
+    for (const query of rawSQLQueries) {
+      const sqlImpact = this.parseSQLQuery(query.sql);
+
+      // Add each affected table to database changes
+      for (const tableName of sqlImpact.tables) {
+        if (!databaseChanges.tables.has(tableName)) {
+          databaseChanges.tables.set(tableName, {
+            entity: this.tableNameToEntityName(tableName),
+            file: changedFile.path,
+            operations: new Set(),
+            fields: new Set(),
+            isEntityFile: false,
+            hasRelationChange: false,
+            changeSource: { path: changedFile.path, type: 'raw-sql' }
+          });
+        }
+
+        const tableData = databaseChanges.tables.get(tableName);
+
+        if (sqlImpact.operation) {
+          tableData.operations.add(sqlImpact.operation);
+        }
+
+        for (const field of sqlImpact.fields) {
+          tableData.fields.add(field);
+        }
+
+        // Add SQL-specific metadata
+        if (sqlImpact.hasJoin) {
+          tableData.hasJoin = true;
+          tableData.joinType = sqlImpact.joinType;
+        }
+
+        this.logger.verbose('DatabaseDetector',
+          `Raw SQL: ${sqlImpact.operation} on ${tableName} with fields: ${sqlImpact.fields.join(', ')}`);
+      }
+    }
+
     const typeOrmOps = {
       'insert': 'INSERT',
       'save': 'INSERT/UPDATE',
@@ -740,9 +1145,7 @@ export class DatabaseDetector {
     const methodKey = `${repoMethod.className}.${repoMethod.methodName}`;
     const methodCalls = this.methodCallGraph.methodCallsMap?.get(methodKey) || [];
     
-    if (this.config.verbose) {
-      console.log(`   📞 Analyzing ${methodCalls.length} calls in ${repoMethod.className}.${repoMethod.methodName}`);
-    }
+    this.logger.verbose('DatabaseDetector', `   📞 Analyzing ${methodCalls.length} calls in ${repoMethod.className}.${repoMethod.methodName}`);
     
     for (const call of methodCalls) {
       const dbOp = this.detectDatabaseOperationFromCall(call);
@@ -910,3 +1313,5 @@ export class DatabaseDetector {
     return 'low';
   }
 }
+
+export default DatabaseDetector;

package/core/utils/logger.js

@@ -7,6 +7,7 @@ export function createLogger(verbose = false) {
   return {
     info: (msg) => console.log(msg),
     debug: (msg) => verbose && console.log(`[DEBUG] ${msg}`),
-    verbose: (component, msg) => verbose && console.log(`[${component}] ${msg}`)
+    verbose: (component, msg) => verbose && console.log(`[${component}] ${msg}`),
+    error: (msg) => console.error(`[ERROR] ${msg}`),
   };
 }