@sun-asterisk/sunlint 1.3.34 → 1.3.35

package/engines/impact/core/detectors/database-detector.js

@@ -0,0 +1,1317 @@
+/**
+ * Database Impact Detector
+ * Detects database changes using layer-aware method tracking
+ *
+ * Spec: .specify/specs/features/database-impact-detection.md
+ * Implements FR-001 to FR-006
+ */
+
+import path from 'path';
+import fs from 'fs';
+import { createLogger } from '../utils/logger.js';
+
+export class DatabaseDetector {
+  constructor(methodCallGraph, config) {
+    this.methodCallGraph = methodCallGraph;
+    this.config = config;
+    this.logger = createLogger(config.verbose);
+  }
+
+  /**
+   * Detect database impact from changed files using layer-aware tracking
+   * Implements FR-001 to FR-006 from spec
+   */
+  async detect(changedFiles) {
+    const startTime = Date.now();
+    this.logger.info('\n   🔍 Analyzing database impacts...');
+    this.logger.verbose('DatabaseDetector', `Processing ${changedFiles.length} files`);
+
+    const databaseChanges = {
+      tables: new Map(), // tableName -> { entity, file, operations, fields, isEntityFile, hasRelationChange }
+      entityFiles: new Set(),
+    };
+
+    // Extract changed methods
+    const allChangedMethods = [];
+    for (const changedFile of changedFiles) {
+      // FR-001: Detect entity file changes
+      if (this.isEntityFile(changedFile)) {
+        this.logger.verbose('DatabaseDetector', `Analyzing entity: ${path.basename(changedFile.path)}`);
+        this.analyzeEntityChange(changedFile, databaseChanges);
+      }
+
+      const changedMethods = this.methodCallGraph.getChangedMethods(
+        changedFile.diff || '',
+        changedFile.absolutePath
+      );
+      allChangedMethods.push(...changedMethods);
+      
+      // Also analyze changed code directly for database operations
+      this.analyzeChangedCodeForDatabaseOps(changedFile, databaseChanges);
+    }
+
+    this.logger.verbose('DatabaseDetector', `Found ${allChangedMethods.length} changed methods`);
+
+    // FR-003: Find affected repository methods through call graph
+    const affectedRepoMethods = this.findAffectedRepositoryMethods(allChangedMethods);
+
+    this.logger.verbose('DatabaseDetector', `Found ${affectedRepoMethods.length} affected repository methods`);
+
+    // Analyze repository methods for database operations
+    for (const repoMethod of affectedRepoMethods) {
+      const dbOps = this.extractDatabaseOperationsFromCallGraph(repoMethod);
+      
+      for (const op of dbOps) {
+        if (!databaseChanges.tables.has(op.table)) {
+          databaseChanges.tables.set(op.table, {
+            entity: this.tableNameToEntityName(op.table),
+            file: op.file || repoMethod.file,
+            operations: new Set(),
+            fields: new Set(),
+            isEntityFile: false,
+            hasRelationChange: false,
+            changeSource: { path: repoMethod.file }
+          });
+        }
+
+        const tableData = databaseChanges.tables.get(op.table);
+        tableData.operations.add(op.operation);
+
+        if (op.fields && op.fields.length > 0) {
+          op.fields.forEach(field => tableData.fields.add(field));
+        }
+      }
+    }
+
+    const duration = Date.now() - startTime;
+    this.logger.verbose('DatabaseDetector', `Completed in ${duration}ms`);
+
+    // FR-006: Format according to spec output schema
+    return this.formatDatabaseImpact(databaseChanges);
+  }
+
+  /**
+   * FR-001: Check if file is an entity/model file
+   * Detects TypeORM entities and Sequelize models
+   */
+  isEntityFile(file) {
+    const filePath = file.path.toLowerCase();
+    const content = file.content || '';
+
+    // Check file naming conventions
+    if (filePath.includes('.entity.') || filePath.includes('/entities/') ||
+        filePath.includes('.model.') || filePath.includes('/models/')) {
+      return true;
+    }
+
+    // Check for ORM decorators
+    if (content.includes('@Entity(') || content.includes('@Table(')) {
+      return true;
+    }
+
+    // Check for Model extension
+    if (content.includes('extends Model')) {
+      return true;
+    }
+
+    return false;
+  }
+
+  /**
+   * FR-001: Analyze entity file changes
+   * Extracts table name, detects column changes, relation changes
+   */
+  analyzeEntityChange(changedFile, databaseChanges) {
+    const content = changedFile.content || '';
+    const className = this.extractClassName(content);
+
+    if (!className) {
+      this.logger.verbose('DatabaseDetector', `Could not extract class name from ${changedFile.path}`);
+      return;
+    }
+
+    // FR-002: Extract table name
+    const tableName = this.extractTableNameFromEntity(content, className);
+    this.logger.verbose('DatabaseDetector', `Extracted table name: ${tableName}`);
+
+    // Check for relation changes
+    const hasRelationChange = this.detectRelationChange(changedFile.diff || '');
+
+    if (!databaseChanges.tables.has(tableName)) {
+      databaseChanges.tables.set(tableName, {
+        entity: className,
+        file: changedFile.path,
+        operations: new Set(['SELECT', 'INSERT', 'UPDATE']), // Schema changes affect all ops
+        fields: new Set(),
+        isEntityFile: true,
+        hasRelationChange: hasRelationChange,
+        changeSource: { path: changedFile.path, status: changedFile.status }
+      });
+    } else {
+      const tableData = databaseChanges.tables.get(tableName);
+      tableData.isEntityFile = true;
+      tableData.hasRelationChange = hasRelationChange || tableData.hasRelationChange;
+    }
+
+    // Extract changed fields from diff
+    const changedFields = this.extractChangedFields(changedFile.diff || '');
+    if (changedFields.length > 0) {
+      const tableData = databaseChanges.tables.get(tableName);
+      changedFields.forEach(field => tableData.fields.add(field));
+      this.logger.verbose('DatabaseDetector', `Detected changed fields: ${changedFields.join(', ')}`);
+    }
+
+    databaseChanges.entityFiles.add(changedFile.path);
+  }
+
+  /**
+   * Extract class name from entity file content
+   */
+  extractClassName(content) {
+    // Match: class ClassName or export class ClassName
+    const classMatch = content.match(/(?:export\s+)?class\s+(\w+)/);
+    return classMatch ? classMatch[1] : null;
+  }
+
+  /**
+   * FR-002: Extract table name from entity
+   * Priority: 1. @Entity('name') 2. @Entity({ name: 'name' }) 3. className conversion
+   */
+  extractTableNameFromEntity(content, className) {
+    // Check for explicit table name in @Entity decorator
+    const explicitMatch = content.match(/@Entity\s*\(\s*['"](\w+)['"]/);
+    if (explicitMatch) return explicitMatch[1];
+
+    // Check for options object
+    const optionsMatch = content.match(/@Entity\s*\(\s*\{[^}]*name:\s*['"](\w+)['"]/);
+    if (optionsMatch) return optionsMatch[1];
+
+    // Check for Sequelize @Table
+    const tableMatch = content.match(/@Table\s*\(\s*\{[^}]*tableName:\s*['"](\w+)['"]/);
+    if (tableMatch) return tableMatch[1];
+
+    // Convert class name to snake_case
+    return this.entityToTableName(className);
+  }
+
+  /**
+   * Detect if relation decorators changed
+   */
+  detectRelationChange(diff) {
+    const relationDecorators = [
+      '@OneToMany', '@ManyToOne', '@OneToOne', '@ManyToMany',
+      '@HasMany', '@BelongsTo', '@BelongsToMany'
+    ];
+
+    const addedLines = diff.split('\n').filter(line => line.startsWith('+'));
+
+    for (const line of addedLines) {
+      for (const decorator of relationDecorators) {
+        if (line.includes(decorator)) {
+          return true;
+        }
+      }
+    }
+
+    return false;
+  }
+
+  /**
+   * Extract changed field names from diff
+   */
+  extractChangedFields(diff) {
+    const fields = new Set();
+    const lines = diff.split('\n');
+
+    for (const line of lines) {
+      if (!line.startsWith('+') || line.startsWith('+++')) continue;
+
+      const cleanLine = line.substring(1).trim();
+
+      // Match @Column() decorator followed by field name
+      if (cleanLine.includes('@Column') || cleanLine.includes('@PrimaryColumn')) {
+        // Look for field declaration on same or next line
+        const fieldMatch = cleanLine.match(/(@Column[^;]*)\s+(\w+)\s*[;:]/);
+        if (fieldMatch) {
+          fields.add(fieldMatch[2]);
+        }
+      }
+
+      // Match direct field declarations with type annotation
+      const fieldDeclMatch = cleanLine.match(/^\s*(\w+)\s*[?:]?\s*:/);
+      if (fieldDeclMatch && !cleanLine.includes('function') && !cleanLine.includes('constructor')) {
+        const fieldName = fieldDeclMatch[1];
+        if (fieldName !== 'delFlg') {
+          fields.add(fieldName);
+        }
+      }
+    }
+
+    return Array.from(fields);
+  }
+
+  /**
+   * Convert table name back to entity name
+   */
+  tableNameToEntityName(tableName) {
+    // Convert: user_profile → UserProfile
+    return tableName
+      .split('_')
+      .map(part => part.charAt(0).toUpperCase() + part.slice(1))
+      .join('') + 'Entity';
+  }
+
+  findAffectedRepositoryMethods(changedMethods) {
+    const visited = new Set();
+    const repoMethods = [];
+    const queue = [...changedMethods];
+
+    while (queue.length > 0) {
+      const method = queue.shift();
+      
+      if (!method || !method.file) continue;
+      
+      const key = `${method.file}:${method.className}.${method.methodName}`;
+      if (visited.has(key)) continue;
+      visited.add(key);
+
+      const isRepository = method.file.includes('repository') || 
+                          (method.className && method.className.toLowerCase().includes('repository'));
+      
+      if (isRepository) {
+        repoMethods.push(method);
+      }
+
+      const callers = this.methodCallGraph.getCallers(method);
+
+      queue.push(...callers);
+    }
+
+    return repoMethods;
+  }
+
+  /**
+   * BUG-002: Detect @InjectRepository decorators and extract entity information
+   * Enables detection of repository usage in services without call graph
+   */
+  detectInjectedRepositories(content, filePath) {
+    const injectedRepos = [];
+    const lines = content.split('\n');
+
+    for (let i = 0; i < lines.length; i++) {
+      const line = lines[i];
+
+      // Pattern: @InjectRepository(UserEntity)
+      const injectMatch = line.match(/@InjectRepository\s*\(\s*(\w+Entity)\s*\)/);
+      if (injectMatch) {
+        const entityName = injectMatch[1];
+
+        // Look for field name in next few lines
+        // private readonly userRepository: Repository<UserEntity>
+        for (let j = i; j < Math.min(i + 3, lines.length); j++) {
+          const fieldMatch = lines[j].match(/(?:private|public|protected)\s+(?:readonly\s+)?(\w+)\s*:/);
+          if (fieldMatch) {
+            injectedRepos.push({
+              entityName: entityName,
+              fieldName: fieldMatch[1],
+              tableName: this.entityToTableName(entityName),
+              file: filePath
+            });
+            this.logger.verbose('DatabaseDetector',
+              `Found injected repository: ${fieldMatch[1]} -> ${entityName} -> ${this.entityToTableName(entityName)}`);
+            break;
+          }
+        }
+      }
+    }
+
+    return injectedRepos;
+  }
+
+  /**
+   * BUG-002: Detect database operations from repository field usage
+   * Detects: this.userRepository.find(...), this.repo.update(...), etc.
+   */
+  detectOperationFromRepositoryUsage(line, repo, databaseChanges) {
+    const operations = {
+      'createQueryBuilder': 'SELECT',
+      'find': 'SELECT',
+      'findOne': 'SELECT',
+      'findBy': 'SELECT',
+      'findOneBy': 'SELECT',
+      'findAndCount': 'SELECT',
+      'update': 'UPDATE',
+      'insert': 'INSERT',
+      'delete': 'DELETE',
+      'remove': 'DELETE',
+      'save': 'INSERT/UPDATE',
+      'merge': 'UPDATE',
+    };
+
+    // Detect operation
+    let detectedOp = null;
+    for (const [method, opType] of Object.entries(operations)) {
+      if (line.includes(`.${method}(`)) {
+        detectedOp = opType;
+        break;
+      }
+    }
+
+    if (!detectedOp) return;
+
+    // Extract entity/table info
+    const tableName = repo.tableName;
+
+    if (!databaseChanges.tables.has(tableName)) {
+      databaseChanges.tables.set(tableName, {
+        entity: repo.entityName,
+        file: repo.file,
+        operations: new Set(),
+        fields: new Set(),
+        isEntityFile: false,
+        hasRelationChange: false,
+        changeSource: { path: repo.file }
+      });
+    }
+
+    const tableData = databaseChanges.tables.get(tableName);
+    tableData.operations.add(detectedOp);
+
+    // Extract fields from query builder
+    this.extractFieldsFromQueryBuilder(line, tableData);
+
+    this.logger.verbose('DatabaseDetector',
+      `Detected ${detectedOp} on ${tableName} via ${repo.fieldName}`);
+  }
+
+  /**
+   * BUG-002: Extract field names from query builder select() and where()
+   */
+  extractFieldsFromQueryBuilder(line, tableData) {
+    // Pattern: .select(['user.id', 'user.name', 'user.email'])
+    const selectMatch = line.match(/\.select\s*\(\s*\[([^\]]+)\]/);
+    if (selectMatch) {
+      const fieldsStr = selectMatch[1];
+      const fieldMatches = fieldsStr.matchAll(/['"](?:\w+\.)?(\w+)['"]/g);
+
+      for (const match of fieldMatches) {
+        const fieldName = match[1];
+        if (fieldName && fieldName !== 'delFlg') {
+          tableData.fields.add(fieldName);
+        }
+      }
+    }
+
+    // Pattern: .where('user.name = :name', ...)
+    const whereMatch = line.match(/\.where\s*\(\s*['"](?:\w+\.)?(\w+)\s*[=<>]/);
+    if (whereMatch) {
+      const fieldName = whereMatch[1];
+      if (fieldName && fieldName !== 'delFlg') {
+        tableData.fields.add(fieldName);
+      }
+    }
+
+    // Pattern: { id: 1, name: 'value' } in object literals
+    const objectFieldMatches = line.matchAll(/\{\s*(\w+)\s*:/g);
+    for (const match of objectFieldMatches) {
+      const fieldName = match[1];
+      if (fieldName && fieldName !== 'delFlg' && fieldName !== 'where') {
+        tableData.fields.add(fieldName);
+      }
+    }
+  }
+
+  /**
+   * BUG-002: Collect multi-line repository usage blocks from diff
+   * Handles statements that span multiple lines like:
+   * this.repo
+   *   .createQueryBuilder()
+   *   .select([...])
+   */
+  collectRepositoryUsageBlocks(lines, injectedRepos) {
+    const blocks = [];
+    
+    for (let i = 0; i < lines.length; i++) {
+      const line = lines[i];
+      
+      if (!line.startsWith('+')) continue;
+      
+      const addedLine = line.substring(1).trim();
+      
+      // Check if this line starts repository usage
+      for (const repo of injectedRepos) {
+        if (addedLine.includes(`this.${repo.fieldName}`)) {
+          // Collect all subsequent lines that are method chains
+          const codeBlock = [addedLine];
+          let j = i + 1;
+          
+          // Look ahead for chained methods (lines starting with .)
+          while (j < lines.length) {
+            const nextLine = lines[j];
+            if (!nextLine.startsWith('+')) break;
+            
+            const nextAddedLine = nextLine.substring(1).trim();
+            
+            // Check if it's a method chain continuation
+            if (nextAddedLine.startsWith('.') || 
+                nextAddedLine.startsWith(')') ||
+                codeBlock[codeBlock.length - 1].endsWith(',') ||
+                codeBlock[codeBlock.length - 1].endsWith('(')) {
+              codeBlock.push(nextAddedLine);
+              j++;
+            } else {
+              break;
+            }
+          }
+          
+          blocks.push({
+            repo: repo,
+            code: codeBlock.join(' ')
+          });
+          
+          // Skip the lines we've already processed
+          i = j - 1;
+          break;
+        }
+      }
+    }
+    
+    return blocks;
+  }
+
+  /**
+   * BUG-004: Detect raw SQL query patterns in changed files
+   * CORRECTED APPROACH: Use full file content, not just diff
+   *
+   * Strategy:
+   * 1. Read full file content from filesystem
+   * 2. Find changed line numbers from diff
+   * 3. Find parent statements containing those lines
+   * 4. Extract SQL from those statements
+   */
+  detectRawSQLQueries(filePath, diff) {
+    const sqlQueries = [];
+
+    try {
+      // Step 1: Read full file content
+      if (!fs.existsSync(filePath)) {
+        this.logger.verbose('DatabaseDetector', `File not found: ${filePath}`);
+        return sqlQueries;
+      }
+
+      const fileContent = fs.readFileSync(filePath, 'utf-8');
+      const fileLines = fileContent.split('\n');
+
+      // Step 2: Extract changed line numbers from diff
+      const changedLineNumbers = this.extractChangedLineNumbers(diff);
+
+      if (changedLineNumbers.length === 0) {
+        return sqlQueries;
+      }
+
+      this.logger.verbose('DatabaseDetector',
+        `Analyzing ${changedLineNumbers.length} changed lines in ${filePath}`);
+
+      // Step 3: Find query/execute statements that contain changed lines
+      const processedStatements = new Set();
+
+      for (const lineNum of changedLineNumbers) {
+        const statement = this.findQueryStatementContainingLine(fileLines, lineNum);
+
+        if (!statement) continue;
+
+        const key = `${statement.startLine}-${statement.endLine}`;
+        if (processedStatements.has(key)) continue;
+        processedStatements.add(key);
+
+        // Step 4: Extract SQL from statement
+        const sqlData = this.extractSQLFromStatement(statement.content);
+
+        if (sqlData) {
+          this.logger.verbose('DatabaseDetector',
+            `Found SQL query at lines ${statement.startLine}-${statement.endLine}`);
+          sqlQueries.push({
+            sql: sqlData.sql,
+            method: statement.method,
+            changedLineNum: lineNum
+          });
+        }
+      }
+
+    } catch (error) {
+      this.logger.error('DatabaseDetector', `Error detecting raw SQL: ${error.message}`);
+    }
+
+    return sqlQueries;
+  }
+
+  /**
+   * Extract line numbers that were changed in the diff
+   */
+  extractChangedLineNumbers(diff) {
+    const changedLines = [];
+    const lines = diff.split('\n');
+    let currentLineNum = 0;
+
+    for (const line of lines) {
+      if (line.startsWith('@@')) {
+        // Parse: @@ -oldStart,oldCount +newStart,newCount @@
+        const match = line.match(/@@ -\d+(?:,\d+)? \+(\d+)/);
+        if (match) {
+          currentLineNum = parseInt(match[1], 10);
+        }
+        continue;
+      }
+
+      if (line.startsWith('+') && !line.startsWith('+++')) {
+        changedLines.push(currentLineNum);
+      }
+
+      if (!line.startsWith('-')) {
+        currentLineNum++;
+      }
+    }
+
+    return changedLines;
+  }
+
+  /**
+   * Find the .query() or .execute() statement that contains the given line number
+   */
+  findQueryStatementContainingLine(fileLines, targetLineNum) {
+    // Adjust for 0-based array indexing
+    const targetIndex = targetLineNum - 1;
+
+    if (targetIndex < 0 || targetIndex >= fileLines.length) {
+      return null;
+    }
+
+    // Search backwards to find .query( or .execute(
+    const searchRadius = 50;
+    let startLine = -1;
+    let method = null;
+
+    for (let i = targetIndex; i >= Math.max(0, targetIndex - searchRadius); i--) {
+      const line = fileLines[i];
+      const match = line.match(/\.(query|execute)\s*</);
+
+      if (match) {
+        method = match[1];
+        startLine = i + 1; // Convert to 1-based line number
+        break;
+      }
+    }
+
+    if (!method) return null;
+
+    // Search forward to find the end of the statement (closing semicolon or })
+    let endLine = targetLineNum;
+    let parenDepth = 0;
+    let inTemplate = false;
+
+    for (let i = startLine - 1; i < Math.min(fileLines.length, startLine + searchRadius); i++) {
+      const line = fileLines[i];
+
+      // Track template literal boundaries
+      for (const char of line) {
+        if (char === '`') inTemplate = !inTemplate;
+        if (!inTemplate) {
+          if (char === '(') parenDepth++;
+          if (char === ')') parenDepth--;
+        }
+      }
+
+      endLine = i + 1;
+
+      // Found the end when parentheses are balanced and we hit a semicolon
+      if (parenDepth === 0 && line.includes(';')) {
+        break;
+      }
+    }
+
+    // Extract the statement content
+    const statementLines = fileLines.slice(startLine - 1, endLine);
+
+    return {
+      startLine,
+      endLine,
+      method,
+      content: statementLines.join('\n')
+    };
+  }
+
+  /**
+   * Extract SQL and metadata from a query/execute statement
+   */
+  extractSQLFromStatement(statementContent) {
+    // Extract SQL from template literal (backticks)
+    const templateMatch = statementContent.match(/`([^`]+)`/s);
+
+    if (templateMatch) {
+      const sql = templateMatch[1].trim();
+      return { sql };
+    }
+
+    // Try single/double quotes as fallback
+    const quoteMatch = statementContent.match(/['"]([^'"]+)['"]/s);
+    if (quoteMatch) {
+      const sql = quoteMatch[1].trim();
+      return { sql };
+    }
+
+    return null;
+  }
+
+  /**
+   * BUG-004: Parse SQL query to extract database impact
+   * Extracts: operation type, table names, field names
+   */
+  parseSQLQuery(sql) {
+    const impact = {
+      operation: null,
+      tables: [],
+      fields: [],
+      hasJoin: false,
+      joinType: null
+    };
+
+    // Normalize SQL (remove extra whitespace, newlines)
+    const normalizedSQL = sql.replace(/\s+/g, ' ').trim().toUpperCase();
+
+    // Detect operation type
+    if (normalizedSQL.startsWith('SELECT')) {
+      impact.operation = 'SELECT';
+    } else if (normalizedSQL.startsWith('INSERT')) {
+      impact.operation = 'INSERT';
+    } else if (normalizedSQL.startsWith('UPDATE')) {
+      impact.operation = 'UPDATE';
+    } else if (normalizedSQL.startsWith('DELETE')) {
+      impact.operation = 'DELETE';
+    } else if (normalizedSQL.startsWith('ALTER')) {
+      impact.operation = 'ALTER';
+    } else if (normalizedSQL.startsWith('CREATE')) {
+      impact.operation = 'CREATE';
+    } else if (normalizedSQL.startsWith('DROP')) {
+      impact.operation = 'DROP';
+    }
+
+    // Extract table names
+    impact.tables = this.extractTablesFromSQL(normalizedSQL, impact.operation);
+
+    // Extract field names (use original SQL for case sensitivity)
+    impact.fields = this.extractFieldsFromSQL(sql, impact.operation);
+
+    // Detect JOIN
+    if (normalizedSQL.includes('JOIN')) {
+      impact.hasJoin = true;
+
+      if (normalizedSQL.includes('INNER JOIN')) {
+        impact.joinType = 'INNER';
+      } else if (normalizedSQL.includes('LEFT JOIN')) {
+        impact.joinType = 'LEFT';
+      } else if (normalizedSQL.includes('RIGHT JOIN')) {
+        impact.joinType = 'RIGHT';
+      } else if (normalizedSQL.includes('FULL JOIN')) {
+        impact.joinType = 'FULL';
+      }
+    }
+
+    return impact;
+  }
+
+  /**
+   * BUG-004: Extract table names from SQL query
+   */
+  extractTablesFromSQL(sql, operation) {
+    const tables = new Set();
+
+    // FROM clause: SELECT ... FROM table_name
+    const fromMatches = sql.matchAll(/FROM\s+([a-z_][a-z0-9_]*)/gi);
+    for (const match of fromMatches) {
+      tables.add(match[1].toLowerCase());
+    }
+
+    // JOIN clause: JOIN table_name
+    const joinMatches = sql.matchAll(/JOIN\s+([a-z_][a-z0-9_]*)/gi);
+    for (const match of joinMatches) {
+      tables.add(match[1].toLowerCase());
+    }
+
+    // INSERT INTO: INSERT INTO table_name
+    if (operation === 'INSERT') {
+      const insertMatch = sql.match(/INSERT\s+INTO\s+([a-z_][a-z0-9_]*)/i);
+      if (insertMatch) {
+        tables.add(insertMatch[1].toLowerCase());
+      }
+    }
+
+    // UPDATE: UPDATE table_name
+    if (operation === 'UPDATE') {
+      const updateMatch = sql.match(/UPDATE\s+([a-z_][a-z0-9_]*)/i);
+      if (updateMatch) {
+        tables.add(updateMatch[1].toLowerCase());
+      }
+    }
+
+    // ALTER TABLE: ALTER TABLE table_name
+    if (operation === 'ALTER') {
+      const alterMatch = sql.match(/ALTER\s+TABLE\s+([a-z_][a-z0-9_]*)/i);
+      if (alterMatch) {
+        tables.add(alterMatch[1].toLowerCase());
+      }
+    }
+
+    return Array.from(tables);
+  }
+
+  /**
+   * BUG-004: Extract field names from SQL query
+   */
+  extractFieldsFromSQL(sql, operation) {
+    const fields = new Set();
+
+    // SELECT fields: SELECT field1, field2, table.field3
+    if (operation === 'SELECT') {
+      const selectMatch = sql.match(/SELECT\s+(.*?)\s+FROM/is);
+      if (selectMatch) {
+        const fieldList = selectMatch[1];
+
+        // Extract field names (handle table.field format)
+        const fieldMatches = fieldList.matchAll(/(?:^|,)\s*(?:\w+\.)?(\w+)(?:\s+as\s+\w+)?/gi);
+        for (const match of fieldMatches) {
+          const fieldName = match[1].toLowerCase();
+          // Skip SQL keywords and functions
+          if (!['count', 'sum', 'avg', 'max', 'min', 'distinct', '*'].includes(fieldName)) {
+            fields.add(fieldName);
+          }
+        }
+      }
+    }
+
+    // WHERE clause fields: WHERE user.id = $1 AND user.name = $2
+    const whereMatches = sql.matchAll(/(?:WHERE|AND|OR)\s+(?:\w+\.)?(\w+)\s*[=<>!]/gi);
+    for (const match of whereMatches) {
+      const fieldName = match[1].toLowerCase();
+      fields.add(fieldName);
+    }
+
+    // JOIN ON clause: ON table1.field = table2.field
+    const onMatches = sql.matchAll(/ON\s+(?:\w+\.)?(\w+)\s*=\s*(?:\w+\.)?(\w+)/gi);
+    for (const match of onMatches) {
+      fields.add(match[1].toLowerCase());
+      fields.add(match[2].toLowerCase());
+    }
+
+    // INSERT fields: INSERT INTO table (field1, field2)
+    if (operation === 'INSERT') {
+      const insertMatch = sql.match(/INSERT\s+INTO\s+\w+\s*\((.*?)\)/is);
+      if (insertMatch) {
+        const fieldList = insertMatch[1];
+        const fieldMatches = fieldList.matchAll(/(\w+)/g);
+        for (const match of fieldMatches) {
+          fields.add(match[1].toLowerCase());
+        }
+      }
+    }
+
+    // UPDATE SET: UPDATE table SET field1 = $1, field2 = $2
+    if (operation === 'UPDATE') {
+      const setMatch = sql.match(/SET\s+(.*?)(?:WHERE|$)/is);
+      if (setMatch) {
+        const setList = setMatch[1];
+        const fieldMatches = setList.matchAll(/(\w+)\s*=/gi);
+        for (const match of fieldMatches) {
+          fields.add(match[1].toLowerCase());
+        }
+      }
+    }
+
+    // ALTER TABLE ADD/MODIFY: ALTER TABLE table ADD COLUMN field_name
+    if (operation === 'ALTER') {
+      const alterMatches = sql.matchAll(/(?:ADD|MODIFY|DROP)\s+(?:COLUMN\s+)?(\w+)/gi);
+      for (const match of alterMatches) {
+        fields.add(match[1].toLowerCase());
+      }
+    }
+
+    return Array.from(fields).filter(f => f !== 'delflg');
+  }
+
+  analyzeChangedCodeForDatabaseOps(changedFile, databaseChanges) {
+    const diff = changedFile.diff || '';
+    const content = changedFile.content || '';
+    const lines = diff.split('\n');
+    
+    // BUG-002: Step 1 - Detect injected repositories in file
+    const injectedRepos = this.detectInjectedRepositories(content, changedFile.path);
+
+    if (injectedRepos.length > 0) {
+      this.logger.verbose('DatabaseDetector',
+        `Found ${injectedRepos.length} injected repositories in ${changedFile.path}`);
+    }
+    
+    // BUG-002: Step 2 - Collect multi-line repository usage statements
+    const repoUsageBlocks = this.collectRepositoryUsageBlocks(lines, injectedRepos);
+    
+    for (const block of repoUsageBlocks) {
+      this.detectOperationFromRepositoryUsage(
+        block.code,
+        block.repo,
+        databaseChanges
+      );
+    }
+
+    // BUG-004: Step 3 - Detect raw SQL queries
+    const rawSQLQueries = this.detectRawSQLQueries(changedFile.path, changedFile.diff || '');
+
+    if (rawSQLQueries.length > 0) {
+      this.logger.verbose('DatabaseDetector',
+        `Found ${rawSQLQueries.length} raw SQL queries in ${changedFile.path}`);
+    }
+
+    for (const query of rawSQLQueries) {
+      const sqlImpact = this.parseSQLQuery(query.sql);
+
+      // Add each affected table to database changes
+      for (const tableName of sqlImpact.tables) {
+        if (!databaseChanges.tables.has(tableName)) {
+          databaseChanges.tables.set(tableName, {
+            entity: this.tableNameToEntityName(tableName),
+            file: changedFile.path,
+            operations: new Set(),
+            fields: new Set(),
+            isEntityFile: false,
+            hasRelationChange: false,
+            changeSource: { path: changedFile.path, type: 'raw-sql' }
+          });
+        }
+
+        const tableData = databaseChanges.tables.get(tableName);
+
+        if (sqlImpact.operation) {
+          tableData.operations.add(sqlImpact.operation);
+        }
+
+        for (const field of sqlImpact.fields) {
+          tableData.fields.add(field);
+        }
+
+        // Add SQL-specific metadata
+        if (sqlImpact.hasJoin) {
+          tableData.hasJoin = true;
+          tableData.joinType = sqlImpact.joinType;
+        }
+
+        this.logger.verbose('DatabaseDetector',
+          `Raw SQL: ${sqlImpact.operation} on ${tableName} with fields: ${sqlImpact.fields.join(', ')}`);
+      }
+    }
+
+    const typeOrmOps = {
+      'insert': 'INSERT',
+      'save': 'INSERT/UPDATE',
+      'create': 'INSERT',
+      'update': 'UPDATE',
+      'merge': 'UPDATE',
+      'delete': 'DELETE',
+      'remove': 'DELETE',
+      'softDelete': 'SOFT_DELETE',
+      // SELECT operations
+      'find': 'SELECT',
+      'findOne': 'SELECT',
+      'findBy': 'SELECT',
+      'findOneBy': 'SELECT',
+      'findAndCount': 'SELECT',
+      'select': 'SELECT',
+      'query': 'SELECT',
+      'getMany': 'SELECT',
+      'getOne': 'SELECT',
+    };
+    
+    let inDatabaseOperation = false;
+    let currentEntityName = null;
+    let currentOperation = null;
+    let currentTableName = null;
+    
+    for (let i = 0; i < lines.length; i++) {
+      const line = lines[i];
+      const cleanLine = line.startsWith('+') ? line.substring(1).trim() : line.trim();
+      
+      // Detect start of database operations (even in context lines)
+      for (const [opName, opType] of Object.entries(typeOrmOps)) {
+        if (cleanLine.includes(`.${opName}(`)) {
+          inDatabaseOperation = true;
+          currentOperation = opType;
+          
+          // Extract entity name from the operation
+          const entityName = this.extractEntityFromOperation(cleanLine, lines, i);
+          if (entityName) {
+            currentEntityName = entityName;
+            currentTableName = this.entityToTableName(entityName);
+          }
+          
+          // Also check for repository pattern
+          const repoMatch = cleanLine.match(/(\w+Repository)\.(save|update|insert|create|delete|remove)\(/);
+          if (repoMatch && !currentEntityName) {
+            const repoName = repoMatch[1];
+            currentEntityName = repoName.replace(/Repository$/, '') + 'Entity';
+            currentTableName = this.entityToTableName(currentEntityName);
+          }
+          
+          if (currentTableName) {
+            if (!databaseChanges.tables.has(currentTableName)) {
+              databaseChanges.tables.set(currentTableName, {
+                entity: currentEntityName,
+                file: changedFile.path,
+                operations: new Set(),
+                fields: new Set(),
+                isEntityFile: false,
+                hasRelationChange: false,
+                changeSource: { path: changedFile.path }
+              });
+            }
+
+            const tableData = databaseChanges.tables.get(currentTableName);
+            tableData.operations.add(currentOperation);
+          }
+        }
+      }
+      
+      // When in a database operation context, extract fields from added lines
+      if (inDatabaseOperation && line.startsWith('+') && !line.startsWith('+++')) {
+        const addedLine = line.substring(1).trim();
+        
+        // Extract fields from this added line
+        const fields = this.extractFieldsFromLine(addedLine);
+        
+        if (fields.length > 0 && currentTableName) {
+          const tableData = databaseChanges.tables.get(currentTableName);
+          fields.forEach(field => tableData.fields.add(field));
+          
+          this.logger.verbose('DatabaseDetector', `Detected ${currentOperation} on ${currentTableName} with fields: ${fields.join(', ')}`);
+        }
+      }
+      
+      // Reset context when operation ends
+      if (inDatabaseOperation && cleanLine.includes(');')) {
+        inDatabaseOperation = false;
+        currentEntityName = null;
+        currentOperation = null;
+        currentTableName = null;
+      }
+    }
+  }
+  
+  extractFieldsFromLine(line) {
+    const fields = [];
+    
+    // Match field: value patterns
+    const fieldMatches = line.matchAll(/(\w+)\s*:/g);
+    for (const match of fieldMatches) {
+      const field = match[1];
+      if (field && field !== 'delFlg') {
+        fields.push(field);
+      }
+    }
+    
+    // Also check for spread with new fields pattern: { ...obj, newField: value }
+    if (line.includes('...') && line.includes(':')) {
+      const afterSpread = line.split('...').slice(1).join('...');
+      const newFieldMatches = afterSpread.matchAll(/(\w+)\s*:/g);
+      for (const match of newFieldMatches) {
+        const field = match[1];
+        if (field && field !== 'delFlg' && !fields.includes(field)) {
+          fields.push(field);
+        }
+      }
+    }
+    
+    return fields;
+  }
+  
+  extractEntityFromOperation(line, lines, lineIndex) {
+    // Pattern 1: queryRunner.manager.update(UserEntity, ...)
+    const directEntityMatch = line.match(/\.(update|save|insert|create|delete|remove)\s*\(\s*(\w+Entity)/);
+    if (directEntityMatch) {
+      return directEntityMatch[2];
+    }
+    
+    // Pattern 2: Look forward and backward for entity type
+    for (let i = Math.max(0, lineIndex - 5); i < Math.min(lines.length, lineIndex + 5); i++) {
+      const checkLine = lines[i];
+      if (!checkLine) continue;
+      
+      const cleanCheckLine = checkLine.startsWith('+') || checkLine.startsWith('-') ? 
+        checkLine.substring(1) : checkLine;
+      
+      if (cleanCheckLine.includes('Entity')) {
+        const entityMatch = cleanCheckLine.match(/(\w+Entity)/);
+        if (entityMatch) {
+          return entityMatch[1];
+        }
+      }
+    }
+    
+    return null;
+  }
+  
+  extractFieldsFromOperation(line, lines, lineIndex, operation) {
+    const fields = [];
+    
+    // Extract fields from object literal in current line
+    const objectMatch = line.match(/\{\s*([^}]+)\s*\}/);
+    if (objectMatch) {
+      const content = objectMatch[1];
+      const fieldMatches = content.match(/(\w+):/g);
+      if (fieldMatches) {
+        fieldMatches.forEach(match => {
+          const field = match.replace(':', '').trim();
+          if (field && field !== 'delFlg') {
+            fields.push(field);
+          }
+        });
+      }
+      
+      // Also check for spread operator
+      const spreadMatch = content.match(/\.\.\.(\w+)/);
+      if (spreadMatch) {
+        // Try to find the variable definition
+        const varName = spreadMatch[1];
+        const varFields = this.findVariableFields(varName, lines, lineIndex);
+        fields.push(...varFields);
+      }
+    }
+    
+    // Check if operation continues on next lines (multi-line object)
+    if (line.includes('{') && !line.includes('}')) {
+      for (let i = lineIndex + 1; i < Math.min(lines.length, lineIndex + 10); i++) {
+        const nextLine = lines[i];
+        if (!nextLine || !nextLine.startsWith('+')) break;
+        
+        const cleanNext = nextLine.substring(1).trim();
+        if (cleanNext.includes('}')) break;
+        
+        const fieldMatch = cleanNext.match(/(\w+):/);
+        if (fieldMatch) {
+          const field = fieldMatch[1];
+          if (field && field !== 'delFlg') {
+            fields.push(field);
+          }
+        }
+      }
+    }
+    
+    return [...new Set(fields)];
+  }
+  
+  findVariableFields(varName, lines, currentIndex) {
+    const fields = [];
+    
+    for (let i = Math.max(0, currentIndex - 20); i < currentIndex; i++) {
+      const line = lines[i];
+      if (!line || !line.startsWith('+')) continue;
+      
+      const cleanLine = line.substring(1).trim();
+      
+      // Look for variable declaration
+      if (cleanLine.includes(`${varName}`) && cleanLine.includes('=') && cleanLine.includes('{')) {
+        // Start capturing fields
+        for (let j = i; j < Math.min(lines.length, i + 15); j++) {
+          const varLine = lines[j];
+          if (!varLine || !varLine.startsWith('+')) continue;
+          
+          const cleanVarLine = varLine.substring(1).trim();
+          
+          if (cleanVarLine.includes('}')) break;
+          
+          const fieldMatch = cleanVarLine.match(/(\w+):/);
+          if (fieldMatch) {
+            const field = fieldMatch[1];
+            if (field && field !== 'delFlg') {
+              fields.push(field);
+            }
+          }
+        }
+        break;
+      }
+    }
+    
+    return fields;
+  }
+
+  extractDatabaseOperationsFromCallGraph(repoMethod) {
+    const operations = [];
+    
+    const methodKey = `${repoMethod.className}.${repoMethod.methodName}`;
+    const methodCalls = this.methodCallGraph.methodCallsMap?.get(methodKey) || [];
+    
+    this.logger.verbose('DatabaseDetector', `   📞 Analyzing ${methodCalls.length} calls in ${repoMethod.className}.${repoMethod.methodName}`);
+    
+    for (const call of methodCalls) {
+      const dbOp = this.detectDatabaseOperationFromCall(call);
+
+      if (dbOp) {
+        operations.push({
+          ...dbOp,
+          method: `${repoMethod.className}.${repoMethod.methodName}`,
+          file: repoMethod.file,
+        });
+      }
+    }
+
+    return operations;
+  }
+   
+  detectDatabaseOperationFromCall(call) {
+    const typeOrmOps = {
+      'insert': 'INSERT',
+      'save': 'INSERT/UPDATE',
+      'create': 'INSERT',
+      'update': 'UPDATE',
+      'merge': 'UPDATE',
+      'delete': 'DELETE',
+      'remove': 'DELETE',
+      'softDelete': 'SOFT_DELETE',
+      // SELECT operations
+      'find': 'SELECT',
+      'findOne': 'SELECT',
+      'findBy': 'SELECT',
+      'findOneBy': 'SELECT',
+      'findAndCount': 'SELECT',
+      'select': 'SELECT',
+      'query': 'SELECT',
+      'getMany': 'SELECT',
+      'getOne': 'SELECT',
+    };
+
+    // Handle both string and object format
+    let methodName, target;
+    
+    if (typeof call === 'string') {
+      // Old format: "ClassName.methodName"
+      const parts = call.split('.');
+      if (parts.length >= 2) {
+        target = parts[0];
+        methodName = parts[1];
+      }
+    } else if (typeof call === 'object') {
+      // New format: { target, method, arguments }
+      methodName = call.method;
+      target = call.target;
+    }
+    
+    if (!methodName || !typeOrmOps[methodName]) return null;
+
+    const entityMatch = target?.match(/(\w+Repository)/);
+    
+    if (!entityMatch) return null;
+
+    const entityName = entityMatch[1].replace(/Repository$/, '') + 'Entity';
+    
+    // Extract fields from arguments if available
+    const fields = [];
+    if (call.arguments && Array.isArray(call.arguments)) {
+      for (const arg of call.arguments) {
+        if (arg.type === 'object' && arg.fields) {
+          fields.push(...arg.fields);
+        }
+      }
+    }
+    
+    return {
+      table: this.entityToTableName(entityName),
+      operation: typeOrmOps[methodName],
+      fields: fields.filter(f => f !== '...' && f !== 'delFlg'),
+    };
+  }
+
+  entityToTableName(entityName) {
+    return entityName
+      .replace(/Entity$/, '')
+      .replace(/([A-Z])/g, '_$1')
+      .toLowerCase()
+      .replace(/^_/, '');
+  }
+
+  /**
+   * FR-006: Format database impact according to spec output schema
+   * Output matches: .specify/specs/features/database-impact-detection.md Section 5
+   *
+   * @returns {DatabaseImpact[]} Array of database impacts matching spec schema
+   */
+  formatDatabaseImpact(databaseChanges) {
+    const impacts = [];
+
+    for (const [tableName, tableData] of databaseChanges.tables.entries()) {
+      const impactType = this.classifyImpactType(tableData);
+
+      const impact = {
+        // Spec-required fields
+        tableName: tableName,
+        modelName: tableData.entity,
+        modelPath: tableData.file,
+        impactType: impactType,
+        operations: Array.from(tableData.operations),
+        changeSource: tableData.changeSource,
+        severity: this.calculateSeverity(tableData, impactType),
+      };
+
+      // Optional field - only include if present
+      if (tableData.fields.size > 0) {
+        impact.fields = Array.from(tableData.fields);
+      }
+
+      impacts.push(impact);
+    }
+
+    return impacts;
+  }
+
+  /**
+   * FR-004: Classify impact type
+   * Categories: 'schema' | 'query' | 'relation' | 'migration'
+   */
+  classifyImpactType(tableData) {
+    // Schema: entity file changed
+    if (tableData.isEntityFile) return 'schema';
+
+    // Relation: relation decorators changed
+    if (tableData.hasRelationChange) return 'relation';
+
+    // Migration: migration file changed
+    if (tableData.file && tableData.file.includes('migration')) return 'migration';
+
+    // Query: repository/service changed
+    return 'query';
+  }
+
+  /**
+   * Calculate severity based on spec Section 6
+   * Critical: Schema changes (columns, constraints)
+   * High: Relation changes, DELETE operations
+   * Medium: INSERT, UPDATE operations
+   * Low: SELECT-only query changes
+   */
+  calculateSeverity(tableData, impactType) {
+    // Critical: Schema changes
+    if (impactType === 'schema') {
+      return 'critical';
+    }
+
+    // High: Relation changes or DELETE operations
+    if (impactType === 'relation' || tableData.operations.has('DELETE') || tableData.operations.has('SOFT_DELETE')) {
+      return 'high';
+    }
+
+    // Medium: INSERT or UPDATE operations
+    if (tableData.operations.has('INSERT') || tableData.operations.has('UPDATE') ||
+        tableData.operations.has('INSERT/UPDATE')) {
+      return 'medium';
+    }
+
+    // Low: SELECT-only
+    return 'low';
+  }
+}
+
+export default DatabaseDetector;