@topogram/cli 0.3.34

package/src/import/extractors/api/aspnet-core.js

@@ -0,0 +1,304 @@
+import {
+  dedupeCandidateRecords,
+  findImportFiles,
+  inferApiEntityIdFromPath,
+  inferRouteCapabilityId,
+  makeCandidateRecord,
+  normalizeOpenApiPath,
+  readTextIfExists,
+  relativeTo,
+  titleCase
+} from "../../core/shared.js";
+
+function escapeRegExp(value) {
+  return String(value || "").replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
+}
+
+function parsePublicProperties(text) {
+  return [...String(text || "").matchAll(/public\s+[A-Za-z0-9_<>\[\]\?., ]+\s+([A-Za-z_][A-Za-z0-9_]*)\s*\{/g)]
+    .map((entry) => entry[1])
+    .filter((name) => !name.endsWith("Id"))
+    .map((name) => name.charAt(0).toLowerCase() + name.slice(1));
+}
+
+function buildDotnetFileIndex(paths) {
+  const files = findImportFiles(paths, (filePath) => /\.cs$/i.test(filePath));
+  const index = new Map();
+  for (const filePath of files) {
+    index.set(relativeTo(paths.repoRoot, filePath), readTextIfExists(filePath) || "");
+  }
+  return { files, index };
+}
+
+function explicitHandlerHint(controllerName, methodName, routePath, httpMethod) {
+  if (controllerName === "ArticlesController" && methodName === "GetFeed") return "feed_article";
+  if (controllerName === "FavoritesController" && methodName === "FavoriteAdd") return "favorite_article";
+  if (controllerName === "FavoritesController" && methodName === "FavoriteDelete") return "unfavorite_article";
+  if (controllerName === "FollowersController" && methodName === "Follow") return "follow_profile";
+  if (controllerName === "FollowersController" && methodName === "Unfollow") return "unfollow_profile";
+  if (controllerName === "ProfilesController" && methodName === "Get") return "get_profile";
+  if (controllerName === "UsersController" && methodName === "Login") return "sign_in_account";
+  if (controllerName === "UserController" && methodName === "GetCurrent") return "get_user";
+  if (controllerName === "UserController" && methodName === "UpdateUser") return "update_user";
+  if (controllerName === "TagsController" && methodName === "Get") return "list_tags";
+  if (controllerName === "ArticlesController" && methodName === "Get" && /\/\{slug\}$/.test(routePath)) return "get_article";
+  if (controllerName === "ArticlesController" && methodName === "Get" && httpMethod === "GET") return "list_articles";
+  if (controllerName === "ArticlesController" && methodName === "Create") return "create_article";
+  if (controllerName === "ArticlesController" && methodName === "Edit") return "update_article";
+  if (controllerName === "ArticlesController" && methodName === "Delete") return "delete_article";
+  if (controllerName === "CommentsController" && methodName === "Get") return "list_comments";
+  if (controllerName === "CommentsController" && methodName === "Create") return "create_comment";
+  if (controllerName === "CommentsController" && methodName === "Delete") return "delete_comment";
+  if (controllerName === "UsersController" && methodName === "Create") return "create_user";
+  if (controllerName === "TodoItemsController" && methodName === "List") return "list_todo_items";
+  if (controllerName === "TodoItemsController" && methodName === "Create") return "create_todo_item";
+  if (controllerName === "TodoItemsController" && methodName === "Edit") return "update_todo_item";
+  if (controllerName === "TodoItemsController" && methodName === "Delete") return "delete_todo_item";
+  return null;
+}
+
+function explicitEntityId(controllerName, handlerHint, routePath) {
+  if (controllerName === "ProfilesController") return "entity_profile";
+  if (controllerName === "FollowersController") return "entity_profile";
+  if (controllerName === "FavoritesController") return "entity_article";
+  if (controllerName === "ArticlesController") return "entity_article";
+  if (controllerName === "CommentsController") return "entity_comment";
+  if (controllerName === "TagsController") return "entity_tag";
+  if (controllerName === "TodoItemsController") return "entity_todo-item";
+  if (controllerName === "UserController" || controllerName === "UsersController") {
+    return handlerHint === "sign_in_account" ? "entity_account" : "entity_user";
+  }
+  return inferApiEntityIdFromPath(routePath);
+}
+
+function routeAuthHint(bodyPrefix, methodPrefix) {
+  const combined = `${bodyPrefix}\n${methodPrefix}`;
+  return /\[Authorize/.test(combined) ? "secured" : "public";
+}
+
+function resolveReturnType(returnType) {
+  return String(returnType || "").trim().replace(/^Task\s*</, "").replace(/>\s*$/, "").trim();
+}
+
+function findTypeBlockInText(text, bare) {
+  const escaped = escapeRegExp(bare);
+  const patterns = [
+    new RegExp(`public\\s+class\\s+${escaped}\\b([\\s\\S]{0,2400})`, "m"),
+    new RegExp(`public\\s+record\\s+class\\s+${escaped}\\b([\\s\\S]{0,1600})`, "m"),
+    new RegExp(`public\\s+record\\s+${escaped}\\b([\\s\\S]{0,1600})`, "m")
+  ];
+  for (const pattern of patterns) {
+    const match = String(text || "").match(pattern);
+    if (match) return match[0];
+  }
+  return null;
+}
+
+function findBlockForType(typeName, featureFiles, options = {}) {
+  const raw = String(typeName || "");
+  const parts = raw.split(".");
+  const bare = parts.pop();
+  if (!bare) return null;
+  const preferredFileStem = parts[0] || null;
+  const preferredDirectory = options.preferredDirectory || null;
+  if (preferredFileStem && preferredDirectory) {
+    const localPreferred = featureFiles.find(({ filePath }) => filePath.startsWith(preferredDirectory) && filePath.endsWith(`/${preferredFileStem}.cs`));
+    if (localPreferred) {
+      const snippet = findTypeBlockInText(localPreferred.text, bare);
+      if (snippet) {
+        return { filePath: localPreferred.filePath, text: snippet, className: bare };
+      }
+    }
+  }
+  if (preferredFileStem) {
+    const preferred = featureFiles.find(({ filePath }) => filePath.endsWith(`/${preferredFileStem}.cs`));
+    if (preferred) {
+      const snippet = findTypeBlockInText(preferred.text, bare);
+      if (snippet) {
+        return { filePath: preferred.filePath, text: snippet, className: bare };
+      }
+    }
+  }
+  for (const { filePath, text } of featureFiles) {
+    const snippet = findTypeBlockInText(text, bare);
+    if (snippet) {
+      return { filePath, text: snippet, className: bare };
+    }
+  }
+  return null;
+}
+
+function flattenInputFields(typeName, featureFiles, options = {}, seen = new Set()) {
+  const rawType = String(typeName || "").trim();
+  const bare = rawType.split(".").pop();
+  if (!bare || seen.has(bare)) return [];
+  seen.add(bare);
+
+  const classBlock = findBlockForType(rawType, featureFiles, options);
+  if (!classBlock) return [];
+  const blockText = classBlock.text;
+
+  const recordCtor = blockText.match(new RegExp(`${bare}\\s*\\(([^)]*)\\)`));
+  if (recordCtor) {
+    const fields = [];
+    for (const part of recordCtor[1].split(",")) {
+      const trimmed = part.trim();
+      const match = trimmed.match(/([A-Za-z0-9_<>\[\]\?\.]+)\s+([A-Za-z_][A-Za-z0-9_]*)$/);
+      if (!match) continue;
+      const [, innerType, name] = match;
+      const normalizedName = name.charAt(0).toLowerCase() + name.slice(1);
+      const nested = flattenInputFields(innerType, featureFiles, options, seen);
+      if (nested.length > 0 && ["article", "user", "model", "comment"].includes(normalizedName)) {
+        fields.push(...nested);
+      } else {
+        fields.push(normalizedName);
+      }
+    }
+    return [...new Set(fields)];
+  }
+
+  return [...new Set(parsePublicProperties(blockText))];
+}
+
+function flattenOutputFields(returnType, featureFiles) {
+  const bare = String(returnType || "").split(".").pop();
+  if (!bare) return [];
+  const envelope = findBlockForType(bare, featureFiles);
+  if (!envelope) return [];
+  const text = envelope.text;
+  const recordCtor = text.match(new RegExp(`${bare}\\s*\\(([^)]*)\\)`));
+  if (recordCtor) {
+    return recordCtor[1]
+      .split(",")
+      .map((part) => part.trim().match(/([A-Za-z_][A-Za-z0-9_]*)$/)?.[1])
+      .filter(Boolean)
+      .map((name) => name.charAt(0).toLowerCase() + name.slice(1));
+  }
+  return parsePublicProperties(text);
+}
+
+function parseControllerHeader(text) {
+  const headerMatch = String(text || "").match(/((?:\s*\[[^\]]+\]\s*)*)\s*public\s+class\s+([A-Za-z_][A-Za-z0-9_]*)Controller\b/m);
+  if (!headerMatch) return null;
+  return {
+    attributes: headerMatch[1] || "",
+    controllerName: `${headerMatch[2]}Controller`
+  };
+}
+
+function parseControllerRoutes(filePath, text, featureFiles, repoRoot) {
+  const routes = [];
+  const preferredDirectory = filePath.slice(0, filePath.lastIndexOf("/"));
+
+  const header = parseControllerHeader(text);
+  const controllerName = header?.controllerName || filePath.split("/").pop()?.replace(/\.cs$/, "") || "";
+  const classAttributes = header?.attributes || "";
+  const classRouteTemplate = classAttributes.match(/\[Route\("([^"]+)"\)\]/)?.[1] || "";
+  const classRoute = classRouteTemplate.replace(/\[controller\]/gi, controllerName.replace(/Controller$/, ""));
+  const classAuthorized = /\[Authorize[^\]]*\]/.test(classAttributes);
+  const methodMatches = [
+    ...text.matchAll(
+      /(?:^|\n)((?:\s*\[[^\]]+\]\s*)*)\s*public\s+(?!class\b)(?:async\s+)?([A-Za-z0-9_<>\[\]\?., ]+)\s+([A-Za-z_][A-Za-z0-9_]*)\(([\s\S]*?)\)\s*(?:=>|\{)/gm
+    )
+  ];
+
+  for (const match of methodMatches) {
+    const [, attributes, returnTypeRaw, methodName, parameters] = match;
+    const httpMatch = attributes.match(/\[(HttpGet|HttpPost|HttpPut|HttpPatch|HttpDelete)(?:\("([^"]*)"\))?\]/);
+    if (!httpMatch) continue;
+    const httpMethod = httpMatch[1].replace(/^Http/, "").toUpperCase();
+    const methodRoute = httpMatch[2] || "";
+    const routePath = normalizeOpenApiPath(`/${[classRoute, methodRoute].filter(Boolean).join("/")}`);
+    const pathParams = [...routePath.matchAll(/\{([^}]+)\}/g)].map((entry) => ({ name: entry[1], required: true, type: null }));
+    const queryParams = [...parameters.matchAll(/\[FromQuery\]\s+([A-Za-z0-9_<>\[\]\?\.]+)\s+([A-Za-z_][A-Za-z0-9_]*)/g)].map((entry) => ({ name: entry[2], required: false, type: entry[1] || null }));
+    const bodyType = parameters.match(/\[FromBody\]\s+([A-Za-z0-9_<>\[\]\?\.]+)\s+[A-Za-z_][A-Za-z0-9_]*/)?.[1] || null;
+    const returnType = resolveReturnType(returnTypeRaw);
+    const handler_hint = explicitHandlerHint(controllerName, methodName, routePath, httpMethod);
+
+    routes.push({
+      method: httpMethod,
+      path: routePath,
+      handler_hint,
+      auth_hint: routeAuthHint(classAuthorized ? "[Authorize]" : "", attributes),
+      controller: controllerName,
+      method_name: methodName,
+      return_type: returnType,
+      body_type: bodyType,
+      path_params: pathParams,
+      query_params: queryParams,
+      input_fields: bodyType ? flattenInputFields(bodyType, featureFiles, { preferredDirectory }) : [],
+      output_fields: flattenOutputFields(returnType, featureFiles),
+      provenance: `${relativeTo(repoRoot, filePath)}#${httpMethod} ${routePath}`
+    });
+  }
+
+  return routes;
+}
+
+export const aspNetCoreExtractor = {
+  id: "api.aspnet-core",
+  track: "api",
+  detect(context) {
+    const controllerFiles = findImportFiles(context.paths, (filePath) => /Controller\.cs$/i.test(filePath));
+    const programFiles = findImportFiles(context.paths, (filePath) => /Program\.cs$/i.test(filePath));
+    const score = controllerFiles.length > 0 && programFiles.some((filePath) => /WebApplication\.CreateBuilder|AddSwaggerGen|AddMvc/.test(readTextIfExists(filePath) || "")) ? 88 : 0;
+    return {
+      score,
+      reasons: score > 0 ? ["Found ASP.NET Core controllers and application bootstrap"] : []
+    };
+  },
+  extract(context) {
+    const controllerFiles = findImportFiles(context.paths, (filePath) => /Controller\.cs$/i.test(filePath));
+    const featureFiles = buildDotnetFileIndex(context.paths).files.map((filePath) => ({ filePath, text: readTextIfExists(filePath) || "" }));
+    const findings = [];
+    const candidates = { capabilities: [], routes: [], stacks: [] };
+
+    for (const filePath of controllerFiles) {
+      const text = readTextIfExists(filePath) || "";
+      const routes = parseControllerRoutes(filePath, text, featureFiles, context.paths.repoRoot);
+      if (routes.length === 0) continue;
+      findings.push({
+        kind: "aspnet_controller",
+        file: relativeTo(context.paths.repoRoot, filePath),
+        route_count: routes.length
+      });
+
+      candidates.capabilities.push(...routes.map((route) => makeCandidateRecord({
+        kind: "capability",
+        idHint: inferRouteCapabilityId(route),
+        label: route.handler_hint ? titleCase(route.handler_hint) : `${route.method} ${route.path}`,
+        confidence: "high",
+        sourceKind: "route_code",
+        provenance: route.provenance,
+        endpoint: { method: route.method, path: route.path },
+        path_params: route.path_params,
+        query_params: route.query_params,
+        header_params: [],
+        input_fields: route.input_fields,
+        output_fields: route.output_fields,
+        auth_hint: route.auth_hint,
+        entity_id: explicitEntityId(route.controller, route.handler_hint, route.path),
+        controller: route.controller,
+        return_type: route.return_type,
+        body_type: route.body_type,
+        track: "api"
+      })));
+
+      candidates.routes.push(...routes.map((route) => ({
+        path: route.path,
+        method: route.method,
+        confidence: "high",
+        source_kind: "route_code",
+        provenance: route.provenance
+      })));
+    }
+
+    candidates.capabilities = dedupeCandidateRecords(candidates.capabilities, (record) => record.id_hint);
+    candidates.routes = dedupeCandidateRecords(
+      candidates.routes.map((route) => ({ ...route, id_hint: `${route.method}_${route.path}` })),
+      (record) => `${record.method}:${record.path}:${record.source_kind}`
+    ).map(({ id_hint, ...route }) => route);
+    candidates.stacks = ["aspnet_core"];
+    return { findings, candidates };
+  }
+};

package/src/import/extractors/api/django-routes.js

@@ -0,0 +1,318 @@
+import path from "node:path";
+
+import {
+  dedupeCandidateRecords,
+  findImportFiles,
+  inferApiEntityIdFromPath,
+  inferRouteCapabilityId,
+  makeCandidateRecord,
+  normalizeOpenApiPath,
+  readTextIfExists,
+  relativeTo,
+  titleCase
+} from "../../core/shared.js";
+
+function splitClassBlocks(text) {
+  const lines = String(text || "").split(/\r?\n/);
+  const blocks = [];
+  let current = null;
+  let headerLines = null;
+
+  for (const line of lines) {
+    if (headerLines) {
+      headerLines.push(line);
+      if (line.includes("):")) {
+        const header = headerLines.join(" ");
+        const match = header.match(/^class\s+([A-Za-z_][A-Za-z0-9_]*)\s*\(([\s\S]*?)\)\s*:/);
+        if (match) {
+          if (current) blocks.push(current);
+          current = {
+            name: match[1],
+            bases: match[2],
+            lines: [...headerLines]
+          };
+        }
+        headerLines = null;
+      }
+      continue;
+    }
+
+    const match = line.match(/^class\s+([A-Za-z_][A-Za-z0-9_]*)\s*\(([^)]*)\)\s*:/);
+    if (match) {
+      if (current) blocks.push(current);
+      current = {
+        name: match[1],
+        bases: match[2],
+        lines: [line]
+      };
+      continue;
+    }
+
+    if (/^class\s+([A-Za-z_][A-Za-z0-9_]*)\s*\(/.test(line)) {
+      headerLines = [line];
+      continue;
+    }
+
+    if (current) current.lines.push(line);
+  }
+
+  if (current) blocks.push(current);
+  return blocks;
+}
+
+function moduleNameForFile(repoRoot, filePath) {
+  return relativeTo(repoRoot, filePath)
+    .replace(/\.py$/i, "")
+    .replace(/\//g, ".");
+}
+
+function routeRegexToPath(regexText) {
+  const normalized = String(regexText || "")
+    .replace(/^\^/, "")
+    .replace(/\$$/, "")
+    .replace(/\/\?\$$/, "")
+    .replace(/\(\?P<([A-Za-z_][A-Za-z0-9_]*)>[^)]+\)/g, "{$1}")
+    .replace(/\/\?/g, "/")
+    .replace(/\?/g, "")
+    .replace(/\\\//g, "/");
+  const trimmed = normalized.replace(/\/+$/, "");
+  return trimmed.startsWith("/") ? (trimmed || "/") : `/${trimmed || ""}`.replace(/\/+$/, "") || "/";
+}
+
+function permissionAuthHint(permissionText, method) {
+  const raw = String(permissionText || "");
+  if (/AllowAny/.test(raw)) return "public";
+  if (/IsAuthenticatedOrReadOnly/.test(raw)) {
+    return method === "GET" ? "public" : "secured";
+  }
+  if (/IsAuthenticated/.test(raw)) return "secured";
+  return "unknown";
+}
+
+function buildViewIndex(paths) {
+  const viewFiles = findImportFiles(paths, (filePath) => /\/views\.py$/i.test(filePath));
+  const index = new Map();
+
+  for (const filePath of viewFiles) {
+    const text = readTextIfExists(filePath);
+    for (const block of splitClassBlocks(text)) {
+      const body = block.lines.join("\n");
+      index.set(block.name, {
+        name: block.name,
+        filePath,
+        body,
+        bases: block.bases,
+        serializer_class: body.match(/serializer_class\s*=\s*([A-Za-z_][A-Za-z0-9_]*)/)?.[1] || null,
+        lookup_field: body.match(/lookup_field\s*=\s*['"]([^'"]+)['"]/)?.[1] || "id",
+        permission_classes: body.match(/permission_classes\s*=\s*\(([\s\S]{0,120}?)\)/)?.[1] || "",
+        methods: [...body.matchAll(/^\s+def\s+([A-Za-z_][A-Za-z0-9_]*)\s*\(/gm)].map((entry) => entry[1]),
+        moduleDir: path.dirname(filePath)
+      });
+    }
+  }
+
+  return index;
+}
+
+function viewClassRoutes(basePath, viewMeta) {
+  const routes = [];
+  const methods = new Set(viewMeta.methods || []);
+  const baseNames = String(viewMeta.bases || "");
+  const authFor = (method) => permissionAuthHint(viewMeta.permission_classes, method);
+
+  if (/RetrieveUpdateAPIView/.test(baseNames)) {
+    routes.push({ method: "GET", path: basePath, auth_hint: authFor("GET") });
+    routes.push({ method: "PUT", path: basePath, auth_hint: authFor("PUT") });
+    return routes;
+  }
+  if (/ListCreateAPIView/.test(baseNames)) {
+    routes.push({ method: "GET", path: basePath, auth_hint: authFor("GET") });
+    routes.push({ method: "POST", path: basePath, auth_hint: authFor("POST") });
+    return routes;
+  }
+  if (/DestroyAPIView/.test(baseNames)) {
+    routes.push({ method: "DELETE", path: basePath, auth_hint: authFor("DELETE") });
+    return routes;
+  }
+  if (/ListAPIView/.test(baseNames)) {
+    routes.push({ method: "GET", path: basePath, auth_hint: authFor("GET") });
+    return routes;
+  }
+  if (/RetrieveAPIView/.test(baseNames)) {
+    routes.push({ method: "GET", path: basePath, auth_hint: authFor("GET") });
+    return routes;
+  }
+  for (const [methodName, httpMethod] of [["get", "GET"], ["post", "POST"], ["put", "PUT"], ["patch", "PATCH"], ["delete", "DELETE"]]) {
+    if (methods.has(methodName)) {
+      routes.push({ method: httpMethod, path: basePath, auth_hint: authFor(httpMethod) });
+    }
+  }
+  return routes;
+}
+
+function viewSetRoutes(prefix, viewMeta) {
+  const routes = [];
+  const body = viewMeta.body || "";
+  const lookupField = viewMeta.lookup_field || "id";
+  const collectionPath = `${prefix}`.replace(/\/+$/, "") || "/";
+  const memberPath = `${collectionPath}/{${lookupField}}`.replace(/\/+$/, "") || "/";
+  const authFor = (method) => permissionAuthHint(viewMeta.permission_classes, method);
+
+  if (/ListModelMixin/.test(viewMeta.bases) || /\bdef\s+list\s*\(/.test(body)) {
+    routes.push({ method: "GET", path: collectionPath, auth_hint: authFor("GET") });
+  }
+  if (/CreateModelMixin/.test(viewMeta.bases) || /\bdef\s+create\s*\(/.test(body)) {
+    routes.push({ method: "POST", path: collectionPath, auth_hint: authFor("POST") });
+  }
+  if (/RetrieveModelMixin/.test(viewMeta.bases) || /\bdef\s+retrieve\s*\(/.test(body)) {
+    routes.push({ method: "GET", path: memberPath, auth_hint: authFor("GET") });
+  }
+  if (/UpdateModelMixin/.test(viewMeta.bases) || /\bdef\s+update\s*\(/.test(body)) {
+    routes.push({ method: "PUT", path: memberPath, auth_hint: authFor("PUT") });
+  }
+  if (/DestroyModelMixin/.test(viewMeta.bases) || /\bdef\s+destroy\s*\(/.test(body)) {
+    routes.push({ method: "DELETE", path: memberPath, auth_hint: authFor("DELETE") });
+  }
+  return routes;
+}
+
+function explicitHandlerHint(viewClassName, method, routePath) {
+  if (viewClassName === "ProfileFollowAPIView") {
+    return method === "POST" ? "follow_profile" : method === "DELETE" ? "unfollow_profile" : null;
+  }
+  if (viewClassName === "ArticlesFavoriteAPIView") {
+    return method === "POST" ? "favorite_article" : method === "DELETE" ? "unfavorite_article" : null;
+  }
+  if (viewClassName === "ArticlesFeedAPIView") {
+    return "feed_article";
+  }
+  if (viewClassName === "LoginAPIView") {
+    return "sign_in_account";
+  }
+  return null;
+}
+
+function parseUrlModule(filePath, repoRoot, moduleMap, viewIndex, prefix = "", visited = new Set()) {
+  const moduleName = moduleNameForFile(repoRoot, filePath);
+  const visitKey = `${moduleName}:${prefix}`;
+  if (visited.has(visitKey)) return [];
+  visited.add(visitKey);
+
+  const text = readTextIfExists(filePath) || "";
+  const routes = [];
+  const routerRegistrations = [...text.matchAll(/router\.register\(\s*r?['"]([^'"]+)['"]\s*,\s*([A-Za-z_][A-Za-z0-9_]*)/g)]
+    .map((entry) => ({ resource: entry[1], viewClass: entry[2] }));
+
+  for (const match of text.matchAll(/url\(\s*r['"]([^'"]+)['"]\s*,\s*include\(\s*['"]([^'"]+)['"]/g)) {
+    const routePrefix = routeRegexToPath(match[1]);
+    const includeModule = match[2];
+    const includedFile = moduleMap.get(includeModule);
+    if (!includedFile) continue;
+    routes.push(...parseUrlModule(includedFile, repoRoot, moduleMap, viewIndex, `${prefix}${routePrefix}`, visited));
+  }
+
+  if (/include\(\s*router\.urls\s*\)/.test(text)) {
+    for (const registration of routerRegistrations) {
+      const viewMeta = viewIndex.get(registration.viewClass);
+      if (!viewMeta) continue;
+      for (const route of viewSetRoutes(`${prefix}/${registration.resource}`.replace(/\/+/g, "/"), viewMeta)) {
+        routes.push({
+          ...route,
+          view_class: registration.viewClass,
+          serializer_class: viewMeta.serializer_class,
+          handler_hint: null,
+          provenance: `${relativeTo(repoRoot, filePath)}#${route.method} ${route.path}`
+        });
+      }
+    }
+  }
+
+  for (const match of text.matchAll(/url\(\s*r['"]([^'"]+)['"]\s*,\s*([A-Za-z_][A-Za-z0-9_]*)\.as_view\(\)\s*\)/g)) {
+    const routePath = `${prefix}${routeRegexToPath(match[1])}`.replace(/\/+/g, "/").replace(/\/+$/, "") || "/";
+    const viewClassName = match[2];
+    const viewMeta = viewIndex.get(viewClassName);
+    if (!viewMeta) continue;
+    for (const route of viewClassRoutes(routePath, viewMeta)) {
+      routes.push({
+        ...route,
+        view_class: viewClassName,
+        serializer_class: viewMeta.serializer_class,
+        handler_hint: explicitHandlerHint(viewClassName, route.method, route.path),
+        provenance: `${relativeTo(repoRoot, filePath)}#${route.method} ${route.path}`
+      });
+    }
+  }
+
+  return routes;
+}
+
+export const djangoRoutesExtractor = {
+  id: "api.django-routes",
+  track: "api",
+  detect(context) {
+    const manageFiles = findImportFiles(context.paths, (filePath) => /\/manage\.py$/i.test(filePath));
+    const urlFiles = findImportFiles(context.paths, (filePath) => /\/urls\.py$/i.test(filePath));
+    const score = manageFiles.length > 0 && urlFiles.length > 0 ? 90 : 0;
+    return {
+      score,
+      reasons: score > 0 ? ["Found Django manage.py and urls.py routing files"] : []
+    };
+  },
+  extract(context) {
+    const urlFiles = findImportFiles(context.paths, (filePath) => /\/urls\.py$/i.test(filePath));
+    const moduleMap = new Map(urlFiles.map((filePath) => [moduleNameForFile(context.paths.repoRoot, filePath), filePath]));
+    const viewIndex = buildViewIndex(context.paths);
+    const rootFiles = urlFiles.filter((filePath) => !/\/apps\//.test(filePath));
+    const findings = [];
+    const candidates = { capabilities: [], routes: [], stacks: [] };
+
+    for (const rootFile of rootFiles) {
+      let routes = parseUrlModule(rootFile, context.paths.repoRoot, moduleMap, viewIndex);
+      if (routes.some((route) => normalizeOpenApiPath(route.path).startsWith("/api/"))) {
+        routes = routes.filter((route) => normalizeOpenApiPath(route.path).startsWith("/api/"));
+      }
+
+      findings.push({
+        kind: "django_routes",
+        file: relativeTo(context.paths.repoRoot, rootFile),
+        route_count: routes.length
+      });
+
+      candidates.capabilities.push(...routes.map((route) => makeCandidateRecord({
+        kind: "capability",
+        idHint: inferRouteCapabilityId(route),
+        label: route.handler_hint ? titleCase(route.handler_hint) : `${route.method} ${route.path}`,
+        confidence: "high",
+        sourceKind: "route_code",
+        provenance: route.provenance,
+        endpoint: { method: route.method, path: normalizeOpenApiPath(route.path) },
+        path_params: [...normalizeOpenApiPath(route.path).matchAll(/\{([^}]+)\}/g)].map((entry) => ({ name: entry[1], required: true, type: null })),
+        query_params: [],
+        header_params: [],
+        input_fields: [],
+        output_fields: [],
+        auth_hint: route.auth_hint || "unknown",
+        entity_id: inferApiEntityIdFromPath(route.path),
+        view_class: route.view_class,
+        serializer_class: route.serializer_class,
+        track: "api"
+      })));
+
+      candidates.routes.push(...routes.map((route) => ({
+        path: normalizeOpenApiPath(route.path),
+        method: route.method,
+        confidence: "high",
+        source_kind: "route_code",
+        provenance: route.provenance
+      })));
+    }
+
+    candidates.capabilities = dedupeCandidateRecords(candidates.capabilities, (record) => record.id_hint);
+    candidates.routes = dedupeCandidateRecords(
+      candidates.routes.map((route) => ({ ...route, id_hint: `${route.method}_${route.path}` })),
+      (record) => `${record.method}:${record.path}:${record.source_kind}`
+    ).map(({ id_hint, ...route }) => route);
+    candidates.stacks = ["django"];
+    return { findings, candidates };
+  }
+};