@vibecheckai/cli 3.1.0 → 3.1.1

package/bin/runners/lib/route-truth.js

@@ -1,477 +1,477 @@
-/**
- * Route Truth v1 - JavaScript Runtime
- * 
- * Generates a normalized route map with evidence from:
- * - Next.js (App Router + Pages Router)
- * - Fastify (shorthand + .route() + register prefixes)
- * 
- * Then implements validate_claim(route_exists) on top of it.
- */
-
-const fs = require('fs');
-const path = require('path');
-const crypto = require('crypto');
-
-// ============================================================================
-// CANONICALIZATION
-// ============================================================================
-
-/**
- * Canonicalize a path to standard format.
- */
-function canonicalizePath(p) {
-  let s = p.trim();
-  if (!s.startsWith('/')) s = '/' + s;
-  s = s.replace(/\/+/g, '/');
-  
-  // Convert Next.js dynamic segments
-  s = s.replace(/\[\[\.{3}([^\]]+)\]\]/g, '*$1?');  // [[...slug]] → *slug?
-  s = s.replace(/\[\.{3}([^\]]+)\]/g, '*$1');       // [...slug] → *slug
-  s = s.replace(/\[([^\]]+)\]/g, ':$1');            // [id] → :id
-  
-  if (s.length > 1) s = s.replace(/\/$/, '');
-  return s;
-}
-
-function canonicalizeMethod(m) {
-  const u = m.toUpperCase();
-  if (u === 'ALL' || u === 'ANY') return '*';
-  return u;
-}
-
-function joinPrefix(prefix, p) {
-  const cleanPrefix = prefix.replace(/\/$/, '');
-  const cleanPath = p.startsWith('/') ? p : '/' + p;
-  return canonicalizePath(cleanPrefix + cleanPath);
-}
-
-function isParameterizedPath(path) {
-  return path.includes(':') || path.includes('*');
-}
-
-function matchPath(pattern, concrete) {
-  const patternParts = pattern.split('/');
-  const concreteParts = concrete.split('/');
-  
-  let pIdx = 0, cIdx = 0;
-  
-  while (pIdx < patternParts.length && cIdx < concreteParts.length) {
-    const pPart = patternParts[pIdx];
-    const cPart = concreteParts[cIdx];
-    
-    if (pPart.startsWith('*')) return true;
-    if (pPart.startsWith(':')) { pIdx++; cIdx++; continue; }
-    if (pPart !== cPart) return false;
-    pIdx++; cIdx++;
-  }
-  
-  return pIdx === patternParts.length && cIdx === concreteParts.length;
-}
-
-function matchMethod(pattern, concrete) {
-  if (pattern === '*') return true;
-  return pattern === concrete;
-}
-
-// ============================================================================
-// NEXT.JS RESOLVER
-// ============================================================================
-
-const NEXT_HTTP_METHODS = ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS', 'HEAD'];
-let evidenceCounter = 0;
-
-function createEvidence(file, lines, reason, snippet) {
-  evidenceCounter++;
-  return {
-    id: `ev_${String(evidenceCounter).padStart(4, '0')}`,
-    file,
-    lines,
-    snippetHash: `sha256:${crypto.createHash('sha256').update(snippet || '').digest('hex').slice(0, 16)}`,
-    reason,
-  };
-}
-
-function findFiles(dir, include, exclude) {
-  const files = [];
-  
-  function walk(d) {
-    try {
-      const entries = fs.readdirSync(d, { withFileTypes: true });
-      for (const entry of entries) {
-        const fullPath = path.join(d, entry.name);
-        if (entry.isDirectory()) {
-          if (!entry.name.startsWith('.') && entry.name !== 'node_modules') {
-            walk(fullPath);
-          }
-        } else if (entry.isFile()) {
-          if (include.test(entry.name) && (!exclude || !exclude.test(entry.name))) {
-            files.push(fullPath);
-          }
-        }
-      }
-    } catch {}
-  }
-  
-  walk(dir);
-  return files;
-}
-
-function extractAppRouterMethods(code) {
-  const methods = [];
-  const lines = code.split('\n');
-  
-  const patterns = [
-    /export\s+(?:async\s+)?function\s+(GET|POST|PUT|PATCH|DELETE|OPTIONS|HEAD)\s*\(/,
-    /export\s+const\s+(GET|POST|PUT|PATCH|DELETE|OPTIONS|HEAD)\s*=/,
-  ];
-  
-  for (let i = 0; i < lines.length; i++) {
-    for (const pattern of patterns) {
-      const match = lines[i].match(pattern);
-      if (match && NEXT_HTTP_METHODS.includes(match[1].toUpperCase())) {
-        methods.push({
-          name: match[1].toUpperCase(),
-          line: i + 1,
-          snippet: lines[i].trim(),
-        });
-      }
-    }
-  }
-  
-  return methods;
-}
-
-async function resolveNextRoutes(repoRoot) {
-  const routes = [];
-  
-  // App Router: app/api/**/route.ts|js
-  const appDirs = ['app', 'src/app'];
-  for (const appDir of appDirs) {
-    const apiDir = path.join(repoRoot, appDir, 'api');
-    if (!fs.existsSync(apiDir)) continue;
-    
-    const routeFiles = findFiles(apiDir, /route\.(ts|js)$/);
-    
-    for (const file of routeFiles) {
-      const relPath = path.relative(repoRoot, file).replace(/\\/g, '/');
-      const apiIdx = relPath.indexOf('/api/');
-      const sub = relPath.slice(apiIdx + '/api/'.length).replace(/\/route\.(ts|js)$/, '');
-      const routePath = canonicalizePath('/api/' + sub);
-      
-      const code = fs.readFileSync(file, 'utf8');
-      const methods = extractAppRouterMethods(code);
-      
-      if (methods.length === 0) {
-        routes.push({
-          method: '*',
-          path: routePath,
-          handler: relPath,
-          framework: 'next',
-          routerType: 'app',
-          confidence: 'low',
-          evidence: [createEvidence(relPath, '1', 'route file with no exports', code.slice(0, 100))],
-        });
-        continue;
-      }
-      
-      for (const m of methods) {
-        routes.push({
-          method: m.name,
-          path: routePath,
-          handler: `${relPath}:${m.line}`,
-          framework: 'next',
-          routerType: 'app',
-          confidence: 'high',
-          evidence: [createEvidence(relPath, String(m.line), `export ${m.name}`, m.snippet)],
-        });
-      }
-    }
-  }
-  
-  // Pages Router: pages/api/**/*.ts|js
-  const pagesDirs = ['pages', 'src/pages'];
-  for (const pagesDir of pagesDirs) {
-    const apiDir = path.join(repoRoot, pagesDir, 'api');
-    if (!fs.existsSync(apiDir)) continue;
-    
-    const apiFiles = findFiles(apiDir, /\.(ts|js)$/, /\.d\.ts$/);
-    
-    for (const file of apiFiles) {
-      const relPath = path.relative(repoRoot, file).replace(/\\/g, '/');
-      const apiIdx = relPath.indexOf('/api/');
-      const sub = relPath
-        .slice(apiIdx + '/api/'.length)
-        .replace(/\.(ts|js)$/, '')
-        .replace(/\/index$/, '');
-      
-      const routePath = canonicalizePath('/api/' + sub);
-      const code = fs.readFileSync(file, 'utf8');
-      const hasDefaultExport = /export\s+default/.test(code);
-      
-      routes.push({
-        method: '*',
-        path: routePath,
-        handler: relPath,
-        framework: 'next',
-        routerType: 'pages',
-        confidence: hasDefaultExport ? 'med' : 'low',
-        evidence: [createEvidence(relPath, '1', 'Pages API route', code.slice(0, 100))],
-      });
-    }
-  }
-  
-  return routes;
-}
-
-// ============================================================================
-// FASTIFY RESOLVER (Simplified - regex based)
-// ============================================================================
-
-async function resolveFastifyRoutes(repoRoot) {
-  const routes = [];
-  const gaps = [];
-  
-  const entryPoints = [
-    'src/server.ts', 'src/server.js', 'src/index.ts', 'src/index.js',
-    'server.ts', 'server.js', 'apps/api/src/server.ts', 'apps/api/src/index.ts',
-  ];
-  
-  const fastifyMethods = ['get', 'post', 'put', 'patch', 'delete', 'options', 'head', 'all'];
-  
-  // Find source files
-  const srcDirs = ['src', 'apps/api/src', 'server'];
-  const files = [];
-  
-  for (const srcDir of srcDirs) {
-    const fullDir = path.join(repoRoot, srcDir);
-    if (fs.existsSync(fullDir)) {
-      files.push(...findFiles(fullDir, /\.(ts|js)$/, /\.d\.ts$/));
-    }
-  }
-  
-  // Patterns to detect routes
-  const patterns = [
-    // fastify.get('/path', handler)
-    /(?:fastify|app|server)\.(get|post|put|patch|delete|options|head|all)\s*\(\s*['"`]([^'"`]+)['"`]/gi,
-    // router.get('/path', handler)
-    /router\.(get|post|put|patch|delete|options|head|all)\s*\(\s*['"`]([^'"`]+)['"`]/gi,
-    // .route({ method: 'GET', url: '/path' })
-    /\.route\s*\(\s*\{[^}]*method:\s*['"`]([^'"`]+)['"`][^}]*url:\s*['"`]([^'"`]+)['"`]/gi,
-    /\.route\s*\(\s*\{[^}]*url:\s*['"`]([^'"`]+)['"`][^}]*method:\s*['"`]([^'"`]+)['"`]/gi,
-  ];
-  
-  // Track prefixes from register calls
-  const prefixMap = new Map(); // file → prefix
-  
-  for (const file of files) {
-    try {
-      const code = fs.readFileSync(file, 'utf8');
-      const relPath = path.relative(repoRoot, file).replace(/\\/g, '/');
-      const lines = code.split('\n');
-      
-      // Detect prefix from register calls
-      const registerPattern = /\.register\s*\([^,]+,\s*\{[^}]*prefix:\s*['"`]([^'"`]+)['"`]/g;
-      let match;
-      while ((match = registerPattern.exec(code)) !== null) {
-        prefixMap.set(relPath, match[1]);
-      }
-      
-      // Extract routes
-      for (const pattern of patterns) {
-        pattern.lastIndex = 0;
-        while ((match = pattern.exec(code)) !== null) {
-          let method, routePath;
-          
-          if (match[0].includes('.route')) {
-            // Handle .route() pattern - order varies
-            if (match[0].indexOf('method') < match[0].indexOf('url')) {
-              method = match[1];
-              routePath = match[2];
-            } else {
-              routePath = match[1];
-              method = match[2];
-            }
-          } else {
-            method = match[1];
-            routePath = match[2];
-          }
-          
-          const prefix = prefixMap.get(relPath) || '';
-          const fullPath = joinPrefix(prefix, routePath);
-          const lineNum = code.substring(0, match.index).split('\n').length;
-          const snippet = lines[lineNum - 1] || '';
-          
-          routes.push({
-            method: canonicalizeMethod(method),
-            path: fullPath,
-            handler: `${relPath}:${lineNum}`,
-            framework: 'fastify',
-            confidence: 'med',
-            evidence: [createEvidence(relPath, String(lineNum), `fastify.${method}('${routePath}')`, snippet)],
-          });
-        }
-      }
-    } catch {}
-  }
-  
-  return { routes, gaps };
-}
-
-// ============================================================================
-// ROUTE INDEX
-// ============================================================================
-
-class RouteIndex {
-  constructor() {
-    this.routes = [];
-    this.byMethod = new Map();
-    this.byPath = new Map();
-    this.parameterized = [];
-    this.gaps = [];
-  }
-  
-  async build(repoRoot) {
-    // Resolve Next.js routes
-    const nextRoutes = await resolveNextRoutes(repoRoot);
-    this.routes.push(...nextRoutes);
-    
-    // Resolve Fastify routes
-    const { routes: fastifyRoutes, gaps } = await resolveFastifyRoutes(repoRoot);
-    this.routes.push(...fastifyRoutes);
-    this.gaps.push(...gaps);
-    
-    // Build indexes
-    for (const route of this.routes) {
-      const methodKey = route.method;
-      if (!this.byMethod.has(methodKey)) this.byMethod.set(methodKey, []);
-      this.byMethod.get(methodKey).push(route);
-      
-      const pathKey = route.path;
-      if (!this.byPath.has(pathKey)) this.byPath.set(pathKey, []);
-      this.byPath.get(pathKey).push(route);
-      
-      if (isParameterizedPath(route.path)) {
-        this.parameterized.push(route);
-      }
-    }
-    
-    return this;
-  }
-  
-  findRoutes(method, path) {
-    const canonicalMethod = canonicalizeMethod(method);
-    const canonicalPath = canonicalizePath(path);
-    const matches = [];
-    
-    // Exact path match
-    const pathMatches = this.byPath.get(canonicalPath) || [];
-    for (const route of pathMatches) {
-      if (matchMethod(route.method, canonicalMethod)) {
-        matches.push(route);
-      }
-    }
-    
-    // Wildcard method match
-    const wildcardMethods = this.byMethod.get('*') || [];
-    for (const route of wildcardMethods) {
-      if (route.path === canonicalPath && !matches.includes(route)) {
-        matches.push(route);
-      }
-    }
-    
-    // Parameterized route match
-    for (const route of this.parameterized) {
-      if (matchPath(route.path, canonicalPath) && matchMethod(route.method, canonicalMethod)) {
-        if (!matches.includes(route)) matches.push(route);
-      }
-    }
-    
-    return matches;
-  }
-  
-  findClosestRoutes(path, limit = 3) {
-    const canonicalPath = canonicalizePath(path);
-    const pathParts = canonicalPath.split('/').filter(Boolean);
-    
-    const scored = this.routes.map(route => {
-      const routeParts = route.path.split('/').filter(Boolean);
-      let score = 0;
-      
-      for (let i = 0; i < Math.min(pathParts.length, routeParts.length); i++) {
-        if (pathParts[i] === routeParts[i] || routeParts[i].startsWith(':')) {
-          score++;
-        } else break;
-      }
-      
-      if (pathParts.length === routeParts.length) score += 0.5;
-      return { route, score };
-    });
-    
-    return scored.sort((a, b) => b.score - a.score).slice(0, limit).map(s => s.route);
-  }
-  
-  getRouteMap() {
-    return {
-      server: this.routes,
-      clientRefs: [],
-      gaps: this.gaps,
-      generatedAt: new Date().toISOString(),
-    };
-  }
-}
-
-// ============================================================================
-// VALIDATE CLAIM
-// ============================================================================
-
-async function validateRouteExists(claim, repoRoot, routeIndex) {
-  const index = routeIndex || new RouteIndex();
-  if (!routeIndex) await index.build(repoRoot);
-  
-  const method = claim.method || '*';
-  const routePath = claim.path;
-  
-  const matches = index.findRoutes(method, routePath);
-  
-  if (matches.length > 0) {
-    return {
-      result: 'true',
-      confidence: matches[0].confidence,
-      evidence: matches[0].evidence,
-      matchedRoute: matches[0],
-    };
-  }
-  
-  const closest = index.findClosestRoutes(routePath);
-  const hasGaps = index.gaps.length > 0;
-  
-  if (hasGaps) {
-    return {
-      result: 'unknown',
-      confidence: 'low',
-      evidence: [],
-      closestRoutes: closest,
-      gaps: index.gaps,
-      nextSteps: ['Some routes may not be detected due to unresolved plugins'],
-    };
-  }
-  
-  return {
-    result: 'false',
-    confidence: 'high',
-    evidence: [],
-    closestRoutes: closest,
-    nextSteps: closest.length > 0
-      ? [`Did you mean: ${closest.map(r => `${r.method} ${r.path}`).join(', ')}?`]
-      : ['No similar routes found'],
-  };
-}
-
-module.exports = {
-  canonicalizePath,
-  canonicalizeMethod,
-  resolveNextRoutes,
-  resolveFastifyRoutes,
-  RouteIndex,
-  validateRouteExists,
-};
+/**
+ * Route Truth v1 - JavaScript Runtime
+ * 
+ * Generates a normalized route map with evidence from:
+ * - Next.js (App Router + Pages Router)
+ * - Fastify (shorthand + .route() + register prefixes)
+ * 
+ * Then implements validate_claim(route_exists) on top of it.
+ */
+
+const fs = require('fs');
+const path = require('path');
+const crypto = require('crypto');
+
+// ============================================================================
+// CANONICALIZATION
+// ============================================================================
+
+/**
+ * Canonicalize a path to standard format.
+ */
+function canonicalizePath(p) {
+  let s = p.trim();
+  if (!s.startsWith('/')) s = '/' + s;
+  s = s.replace(/\/+/g, '/');
+  
+  // Convert Next.js dynamic segments
+  s = s.replace(/\[\[\.{3}([^\]]+)\]\]/g, '*$1?');  // [[...slug]] → *slug?
+  s = s.replace(/\[\.{3}([^\]]+)\]/g, '*$1');       // [...slug] → *slug
+  s = s.replace(/\[([^\]]+)\]/g, ':$1');            // [id] → :id
+  
+  if (s.length > 1) s = s.replace(/\/$/, '');
+  return s;
+}
+
+function canonicalizeMethod(m) {
+  const u = m.toUpperCase();
+  if (u === 'ALL' || u === 'ANY') return '*';
+  return u;
+}
+
+function joinPrefix(prefix, p) {
+  const cleanPrefix = prefix.replace(/\/$/, '');
+  const cleanPath = p.startsWith('/') ? p : '/' + p;
+  return canonicalizePath(cleanPrefix + cleanPath);
+}
+
+function isParameterizedPath(path) {
+  return path.includes(':') || path.includes('*');
+}
+
+function matchPath(pattern, concrete) {
+  const patternParts = pattern.split('/');
+  const concreteParts = concrete.split('/');
+  
+  let pIdx = 0, cIdx = 0;
+  
+  while (pIdx < patternParts.length && cIdx < concreteParts.length) {
+    const pPart = patternParts[pIdx];
+    const cPart = concreteParts[cIdx];
+    
+    if (pPart.startsWith('*')) return true;
+    if (pPart.startsWith(':')) { pIdx++; cIdx++; continue; }
+    if (pPart !== cPart) return false;
+    pIdx++; cIdx++;
+  }
+  
+  return pIdx === patternParts.length && cIdx === concreteParts.length;
+}
+
+function matchMethod(pattern, concrete) {
+  if (pattern === '*') return true;
+  return pattern === concrete;
+}
+
+// ============================================================================
+// NEXT.JS RESOLVER
+// ============================================================================
+
+const NEXT_HTTP_METHODS = ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS', 'HEAD'];
+let evidenceCounter = 0;
+
+function createEvidence(file, lines, reason, snippet) {
+  evidenceCounter++;
+  return {
+    id: `ev_${String(evidenceCounter).padStart(4, '0')}`,
+    file,
+    lines,
+    snippetHash: `sha256:${crypto.createHash('sha256').update(snippet || '').digest('hex').slice(0, 16)}`,
+    reason,
+  };
+}
+
+function findFiles(dir, include, exclude) {
+  const files = [];
+  
+  function walk(d) {
+    try {
+      const entries = fs.readdirSync(d, { withFileTypes: true });
+      for (const entry of entries) {
+        const fullPath = path.join(d, entry.name);
+        if (entry.isDirectory()) {
+          if (!entry.name.startsWith('.') && entry.name !== 'node_modules') {
+            walk(fullPath);
+          }
+        } else if (entry.isFile()) {
+          if (include.test(entry.name) && (!exclude || !exclude.test(entry.name))) {
+            files.push(fullPath);
+          }
+        }
+      }
+    } catch {}
+  }
+  
+  walk(dir);
+  return files;
+}
+
+function extractAppRouterMethods(code) {
+  const methods = [];
+  const lines = code.split('\n');
+  
+  const patterns = [
+    /export\s+(?:async\s+)?function\s+(GET|POST|PUT|PATCH|DELETE|OPTIONS|HEAD)\s*\(/,
+    /export\s+const\s+(GET|POST|PUT|PATCH|DELETE|OPTIONS|HEAD)\s*=/,
+  ];
+  
+  for (let i = 0; i < lines.length; i++) {
+    for (const pattern of patterns) {
+      const match = lines[i].match(pattern);
+      if (match && NEXT_HTTP_METHODS.includes(match[1].toUpperCase())) {
+        methods.push({
+          name: match[1].toUpperCase(),
+          line: i + 1,
+          snippet: lines[i].trim(),
+        });
+      }
+    }
+  }
+  
+  return methods;
+}
+
+async function resolveNextRoutes(repoRoot) {
+  const routes = [];
+  
+  // App Router: app/api/**/route.ts|js
+  const appDirs = ['app', 'src/app'];
+  for (const appDir of appDirs) {
+    const apiDir = path.join(repoRoot, appDir, 'api');
+    if (!fs.existsSync(apiDir)) continue;
+    
+    const routeFiles = findFiles(apiDir, /route\.(ts|js)$/);
+    
+    for (const file of routeFiles) {
+      const relPath = path.relative(repoRoot, file).replace(/\\/g, '/');
+      const apiIdx = relPath.indexOf('/api/');
+      const sub = relPath.slice(apiIdx + '/api/'.length).replace(/\/route\.(ts|js)$/, '');
+      const routePath = canonicalizePath('/api/' + sub);
+      
+      const code = fs.readFileSync(file, 'utf8');
+      const methods = extractAppRouterMethods(code);
+      
+      if (methods.length === 0) {
+        routes.push({
+          method: '*',
+          path: routePath,
+          handler: relPath,
+          framework: 'next',
+          routerType: 'app',
+          confidence: 'low',
+          evidence: [createEvidence(relPath, '1', 'route file with no exports', code.slice(0, 100))],
+        });
+        continue;
+      }
+      
+      for (const m of methods) {
+        routes.push({
+          method: m.name,
+          path: routePath,
+          handler: `${relPath}:${m.line}`,
+          framework: 'next',
+          routerType: 'app',
+          confidence: 'high',
+          evidence: [createEvidence(relPath, String(m.line), `export ${m.name}`, m.snippet)],
+        });
+      }
+    }
+  }
+  
+  // Pages Router: pages/api/**/*.ts|js
+  const pagesDirs = ['pages', 'src/pages'];
+  for (const pagesDir of pagesDirs) {
+    const apiDir = path.join(repoRoot, pagesDir, 'api');
+    if (!fs.existsSync(apiDir)) continue;
+    
+    const apiFiles = findFiles(apiDir, /\.(ts|js)$/, /\.d\.ts$/);
+    
+    for (const file of apiFiles) {
+      const relPath = path.relative(repoRoot, file).replace(/\\/g, '/');
+      const apiIdx = relPath.indexOf('/api/');
+      const sub = relPath
+        .slice(apiIdx + '/api/'.length)
+        .replace(/\.(ts|js)$/, '')
+        .replace(/\/index$/, '');
+      
+      const routePath = canonicalizePath('/api/' + sub);
+      const code = fs.readFileSync(file, 'utf8');
+      const hasDefaultExport = /export\s+default/.test(code);
+      
+      routes.push({
+        method: '*',
+        path: routePath,
+        handler: relPath,
+        framework: 'next',
+        routerType: 'pages',
+        confidence: hasDefaultExport ? 'med' : 'low',
+        evidence: [createEvidence(relPath, '1', 'Pages API route', code.slice(0, 100))],
+      });
+    }
+  }
+  
+  return routes;
+}
+
+// ============================================================================
+// FASTIFY RESOLVER (Simplified - regex based)
+// ============================================================================
+
+async function resolveFastifyRoutes(repoRoot) {
+  const routes = [];
+  const gaps = [];
+  
+  const entryPoints = [
+    'src/server.ts', 'src/server.js', 'src/index.ts', 'src/index.js',
+    'server.ts', 'server.js', 'apps/api/src/server.ts', 'apps/api/src/index.ts',
+  ];
+  
+  const fastifyMethods = ['get', 'post', 'put', 'patch', 'delete', 'options', 'head', 'all'];
+  
+  // Find source files
+  const srcDirs = ['src', 'apps/api/src', 'server'];
+  const files = [];
+  
+  for (const srcDir of srcDirs) {
+    const fullDir = path.join(repoRoot, srcDir);
+    if (fs.existsSync(fullDir)) {
+      files.push(...findFiles(fullDir, /\.(ts|js)$/, /\.d\.ts$/));
+    }
+  }
+  
+  // Patterns to detect routes
+  const patterns = [
+    // fastify.get('/path', handler)
+    /(?:fastify|app|server)\.(get|post|put|patch|delete|options|head|all)\s*\(\s*['"`]([^'"`]+)['"`]/gi,
+    // router.get('/path', handler)
+    /router\.(get|post|put|patch|delete|options|head|all)\s*\(\s*['"`]([^'"`]+)['"`]/gi,
+    // .route({ method: 'GET', url: '/path' })
+    /\.route\s*\(\s*\{[^}]*method:\s*['"`]([^'"`]+)['"`][^}]*url:\s*['"`]([^'"`]+)['"`]/gi,
+    /\.route\s*\(\s*\{[^}]*url:\s*['"`]([^'"`]+)['"`][^}]*method:\s*['"`]([^'"`]+)['"`]/gi,
+  ];
+  
+  // Track prefixes from register calls
+  const prefixMap = new Map(); // file → prefix
+  
+  for (const file of files) {
+    try {
+      const code = fs.readFileSync(file, 'utf8');
+      const relPath = path.relative(repoRoot, file).replace(/\\/g, '/');
+      const lines = code.split('\n');
+      
+      // Detect prefix from register calls
+      const registerPattern = /\.register\s*\([^,]+,\s*\{[^}]*prefix:\s*['"`]([^'"`]+)['"`]/g;
+      let match;
+      while ((match = registerPattern.exec(code)) !== null) {
+        prefixMap.set(relPath, match[1]);
+      }
+      
+      // Extract routes
+      for (const pattern of patterns) {
+        pattern.lastIndex = 0;
+        while ((match = pattern.exec(code)) !== null) {
+          let method, routePath;
+          
+          if (match[0].includes('.route')) {
+            // Handle .route() pattern - order varies
+            if (match[0].indexOf('method') < match[0].indexOf('url')) {
+              method = match[1];
+              routePath = match[2];
+            } else {
+              routePath = match[1];
+              method = match[2];
+            }
+          } else {
+            method = match[1];
+            routePath = match[2];
+          }
+          
+          const prefix = prefixMap.get(relPath) || '';
+          const fullPath = joinPrefix(prefix, routePath);
+          const lineNum = code.substring(0, match.index).split('\n').length;
+          const snippet = lines[lineNum - 1] || '';
+          
+          routes.push({
+            method: canonicalizeMethod(method),
+            path: fullPath,
+            handler: `${relPath}:${lineNum}`,
+            framework: 'fastify',
+            confidence: 'med',
+            evidence: [createEvidence(relPath, String(lineNum), `fastify.${method}('${routePath}')`, snippet)],
+          });
+        }
+      }
+    } catch {}
+  }
+  
+  return { routes, gaps };
+}
+
+// ============================================================================
+// ROUTE INDEX
+// ============================================================================
+
+class RouteIndex {
+  constructor() {
+    this.routes = [];
+    this.byMethod = new Map();
+    this.byPath = new Map();
+    this.parameterized = [];
+    this.gaps = [];
+  }
+  
+  async build(repoRoot) {
+    // Resolve Next.js routes
+    const nextRoutes = await resolveNextRoutes(repoRoot);
+    this.routes.push(...nextRoutes);
+    
+    // Resolve Fastify routes
+    const { routes: fastifyRoutes, gaps } = await resolveFastifyRoutes(repoRoot);
+    this.routes.push(...fastifyRoutes);
+    this.gaps.push(...gaps);
+    
+    // Build indexes
+    for (const route of this.routes) {
+      const methodKey = route.method;
+      if (!this.byMethod.has(methodKey)) this.byMethod.set(methodKey, []);
+      this.byMethod.get(methodKey).push(route);
+      
+      const pathKey = route.path;
+      if (!this.byPath.has(pathKey)) this.byPath.set(pathKey, []);
+      this.byPath.get(pathKey).push(route);
+      
+      if (isParameterizedPath(route.path)) {
+        this.parameterized.push(route);
+      }
+    }
+    
+    return this;
+  }
+  
+  findRoutes(method, path) {
+    const canonicalMethod = canonicalizeMethod(method);
+    const canonicalPath = canonicalizePath(path);
+    const matches = [];
+    
+    // Exact path match
+    const pathMatches = this.byPath.get(canonicalPath) || [];
+    for (const route of pathMatches) {
+      if (matchMethod(route.method, canonicalMethod)) {
+        matches.push(route);
+      }
+    }
+    
+    // Wildcard method match
+    const wildcardMethods = this.byMethod.get('*') || [];
+    for (const route of wildcardMethods) {
+      if (route.path === canonicalPath && !matches.includes(route)) {
+        matches.push(route);
+      }
+    }
+    
+    // Parameterized route match
+    for (const route of this.parameterized) {
+      if (matchPath(route.path, canonicalPath) && matchMethod(route.method, canonicalMethod)) {
+        if (!matches.includes(route)) matches.push(route);
+      }
+    }
+    
+    return matches;
+  }
+  
+  findClosestRoutes(path, limit = 3) {
+    const canonicalPath = canonicalizePath(path);
+    const pathParts = canonicalPath.split('/').filter(Boolean);
+    
+    const scored = this.routes.map(route => {
+      const routeParts = route.path.split('/').filter(Boolean);
+      let score = 0;
+      
+      for (let i = 0; i < Math.min(pathParts.length, routeParts.length); i++) {
+        if (pathParts[i] === routeParts[i] || routeParts[i].startsWith(':')) {
+          score++;
+        } else break;
+      }
+      
+      if (pathParts.length === routeParts.length) score += 0.5;
+      return { route, score };
+    });
+    
+    return scored.sort((a, b) => b.score - a.score).slice(0, limit).map(s => s.route);
+  }
+  
+  getRouteMap() {
+    return {
+      server: this.routes,
+      clientRefs: [],
+      gaps: this.gaps,
+      generatedAt: new Date().toISOString(),
+    };
+  }
+}
+
+// ============================================================================
+// VALIDATE CLAIM
+// ============================================================================
+
+async function validateRouteExists(claim, repoRoot, routeIndex) {
+  const index = routeIndex || new RouteIndex();
+  if (!routeIndex) await index.build(repoRoot);
+  
+  const method = claim.method || '*';
+  const routePath = claim.path;
+  
+  const matches = index.findRoutes(method, routePath);
+  
+  if (matches.length > 0) {
+    return {
+      result: 'true',
+      confidence: matches[0].confidence,
+      evidence: matches[0].evidence,
+      matchedRoute: matches[0],
+    };
+  }
+  
+  const closest = index.findClosestRoutes(routePath);
+  const hasGaps = index.gaps.length > 0;
+  
+  if (hasGaps) {
+    return {
+      result: 'unknown',
+      confidence: 'low',
+      evidence: [],
+      closestRoutes: closest,
+      gaps: index.gaps,
+      nextSteps: ['Some routes may not be detected due to unresolved plugins'],
+    };
+  }
+  
+  return {
+    result: 'false',
+    confidence: 'high',
+    evidence: [],
+    closestRoutes: closest,
+    nextSteps: closest.length > 0
+      ? [`Did you mean: ${closest.map(r => `${r.method} ${r.path}`).join(', ')}?`]
+      : ['No similar routes found'],
+  };
+}
+
+module.exports = {
+  canonicalizePath,
+  canonicalizeMethod,
+  resolveNextRoutes,
+  resolveFastifyRoutes,
+  RouteIndex,
+  validateRouteExists,
+};