archbyte 0.5.0 → 0.5.1

package/dist/agents/static/deep-drill.js

@@ -0,0 +1,388 @@
+// Static Analysis — Component Deep Drill
+// Focused single-component analysis: runs 6 parallel scans on a component directory.
+import { StaticToolkit } from "./utils.js";
+import { categorizeDep } from "./taxonomy.js";
+import { EXCLUDED_DIRS as SKIP_DIRS } from "./excluded-dirs.js";
+// === Language mapping ===
+const EXT_TO_LANGUAGE = {
+    ".ts": "TypeScript", ".tsx": "TypeScript", ".js": "JavaScript", ".jsx": "JavaScript",
+    ".mjs": "JavaScript", ".cjs": "JavaScript", ".py": "Python", ".rs": "Rust",
+    ".go": "Go", ".java": "Java", ".kt": "Kotlin", ".rb": "Ruby",
+    ".php": "PHP", ".cs": "C#", ".cpp": "C++", ".c": "C",
+    ".swift": "Swift", ".dart": "Dart", ".vue": "Vue", ".svelte": "Svelte",
+    ".css": "CSS", ".scss": "SCSS", ".html": "HTML", ".sql": "SQL",
+    ".sh": "Shell", ".yaml": "YAML", ".yml": "YAML", ".json": "JSON",
+    ".toml": "TOML", ".md": "Markdown",
+};
+const CODE_EXTENSIONS = new Set([
+    ".ts", ".tsx", ".js", ".jsx", ".mjs", ".cjs", ".py", ".rs", ".go",
+    ".java", ".kt", ".rb", ".php", ".cs", ".cpp", ".c", ".swift", ".dart",
+    ".vue", ".svelte",
+]);
+// === Entry point detection ===
+const ENTRY_POINT_NAMES = new Set([
+    "index.ts", "index.js", "main.ts", "main.js", "app.ts", "app.js",
+    "server.ts", "server.js", "mod.ts", "mod.rs", "lib.rs", "main.rs",
+    "main.py", "app.py", "main.go", "__init__.py",
+]);
+// === Key file detection ===
+function detectKeyFileRole(filePath) {
+    const name = filePath.split("/").pop()?.toLowerCase() || "";
+    if (ENTRY_POINT_NAMES.has(name))
+        return "entry-point";
+    if (name.includes("route") || name.includes("router"))
+        return "router";
+    if (name.includes("controller"))
+        return "controller";
+    if (name.includes("middleware"))
+        return "middleware";
+    if (name.includes("model") || name.includes("schema") || name.includes("entity"))
+        return "model";
+    if (name.includes("service"))
+        return "service";
+    if (name.includes("util") || name.includes("helper"))
+        return "utility";
+    if (name.includes("config") || name.includes("setting"))
+        return "config";
+    if (name.includes("test") || name.includes("spec"))
+        return "test";
+    if (name.includes("type") || name.includes("interface"))
+        return "types";
+    if (name === "package.json" || name === "cargo.toml" || name === "go.mod")
+        return "manifest";
+    if (name.includes("readme"))
+        return "docs";
+    return null;
+}
+const STRUCTURAL_PROBES = [
+    // Existing from component-detector
+    { type: "db-query", label: "Database queries", pattern: "\\.query\\(|\\.execute\\(|\\.findOne\\(|SELECT.*FROM" },
+    { type: "event-emitter", label: "Event emitters", pattern: "\\.emit\\(|\\.publish\\(|\\.dispatch\\(" },
+    { type: "event-subscriber", label: "Event subscribers", pattern: "\\.subscribe\\(|\\.on\\(.*message|\\.consume\\(" },
+    { type: "test-code", label: "Test code", pattern: "describe\\(|it\\(|test\\(|expect\\(" },
+    { type: "auth-boundary", label: "Auth boundary", pattern: "middleware|authenticate|authorize|jwt\\.verify" },
+    // New probes
+    { type: "caching", label: "Caching", pattern: "cache|Redis|setEx\\(" },
+    { type: "http-client", label: "HTTP client", pattern: "fetch\\(|axios|got\\(|HttpClient" },
+    { type: "logging", label: "Logging", pattern: "console\\.(log|warn|error)|logger\\.|winston|pino" },
+    { type: "validation", label: "Validation", pattern: "validate|zod\\.|z\\.|Joi\\.|yup\\." },
+    { type: "error-handling", label: "Error handling", pattern: "try\\s*\\{|catch\\s*\\(|throw new" },
+    { type: "env-access", label: "Env access", pattern: "process\\.env|Deno\\.env|import\\.meta\\.env" },
+    { type: "file-io", label: "File I/O", pattern: "readFile|writeFile|createReadStream|fs\\." },
+];
+const MAX_PROBE_MATCHES = 3;
+// === Main ===
+export async function runDeepDrill(projectRoot, componentId, componentName, componentPath) {
+    const start = Date.now();
+    const tk = new StaticToolkit(projectRoot);
+    // Run all 6 scans in parallel
+    const [tree, metrics, structure, deps, imports, patterns] = await Promise.all([
+        collectComponentTree(tk, componentPath),
+        collectFileMetrics(tk, componentPath),
+        detectInternalStructure(tk, componentPath),
+        detectDependencies(tk, componentPath),
+        buildImportGraph(tk, componentPath),
+        runStructuralProbes(tk, componentPath),
+    ]);
+    return {
+        componentId,
+        componentName,
+        componentPath,
+        scannedAt: new Date().toISOString(),
+        durationMs: Date.now() - start,
+        fileTree: tree,
+        metrics,
+        structure,
+        dependencies: deps,
+        imports,
+        patterns,
+        // Connections are enriched by the server from architecture edges
+        connections: { outgoing: [], incoming: [] },
+    };
+}
+// === Scan 1: Component Tree ===
+async function collectComponentTree(tk, basePath) {
+    const MAX_DEPTH = 4;
+    const MAX_ENTRIES = 500;
+    let entryCount = 0;
+    async function walk(dirPath, depth) {
+        if (depth > MAX_DEPTH || entryCount >= MAX_ENTRIES)
+            return [];
+        const entries = await tk.listDir(dirPath);
+        const result = [];
+        const sorted = entries.sort((a, b) => {
+            if (a.type !== b.type)
+                return a.type === "directory" ? -1 : 1;
+            return a.name.localeCompare(b.name);
+        });
+        for (const entry of sorted) {
+            if (entryCount >= MAX_ENTRIES)
+                break;
+            if (entry.type === "directory") {
+                if (entry.name.startsWith(".") && entry.name !== ".github")
+                    continue;
+                if (SKIP_DIRS.has(entry.name))
+                    continue;
+            }
+            const entryPath = dirPath === basePath ? `${basePath}/${entry.name}` : `${dirPath}/${entry.name}`;
+            entryCount++;
+            if (entry.type === "directory") {
+                const children = await walk(entryPath, depth + 1);
+                result.push({ path: entryPath, type: "directory", children });
+            }
+            else {
+                result.push({ path: entryPath, type: "file" });
+            }
+        }
+        return result;
+    }
+    return walk(basePath, 0);
+}
+// === Scan 2: File Metrics ===
+async function collectFileMetrics(tk, basePath) {
+    const files = await tk.globFiles("**/*", basePath);
+    const extCounts = new Map();
+    let totalLines = 0;
+    let codeFileCount = 0;
+    for (const file of files) {
+        const ext = getExtension(file);
+        if (ext) {
+            extCounts.set(ext, (extCounts.get(ext) || 0) + 1);
+        }
+        if (CODE_EXTENSIONS.has(ext)) {
+            codeFileCount++;
+            // Read file to count lines
+            const content = await tk.readFileSafe(file);
+            if (content) {
+                totalLines += content.split("\n").length;
+            }
+        }
+    }
+    const languages = [];
+    const langCounts = new Map();
+    for (const [ext, count] of extCounts) {
+        const lang = EXT_TO_LANGUAGE[ext];
+        if (lang) {
+            langCounts.set(lang, (langCounts.get(lang) || 0) + count);
+        }
+    }
+    for (const [language, files] of langCounts) {
+        languages.push({ language, files });
+    }
+    languages.sort((a, b) => b.files - a.files);
+    return {
+        fileCount: files.length,
+        codeFileCount,
+        totalLines,
+        languages,
+    };
+}
+// === Scan 3: Internal Structure ===
+async function detectInternalStructure(tk, basePath) {
+    const entryPoints = [];
+    const keyFiles = [];
+    const publicExports = [];
+    const directories = [];
+    // Find entry points
+    const topEntries = await tk.listDir(basePath);
+    for (const entry of topEntries) {
+        if (entry.type === "directory" && !entry.name.startsWith(".") && !SKIP_DIRS.has(entry.name)) {
+            directories.push(entry.name);
+        }
+        if (entry.type === "file" && ENTRY_POINT_NAMES.has(entry.name)) {
+            entryPoints.push(`${basePath}/${entry.name}`);
+        }
+    }
+    // Check src/ for entry points too
+    const srcEntries = await tk.listDir(`${basePath}/src`);
+    for (const entry of srcEntries) {
+        if (entry.type === "file" && ENTRY_POINT_NAMES.has(entry.name)) {
+            entryPoints.push(`${basePath}/src/${entry.name}`);
+        }
+        if (entry.type === "directory" && !entry.name.startsWith(".") && !SKIP_DIRS.has(entry.name)) {
+            directories.push(`src/${entry.name}`);
+        }
+    }
+    // Detect key files from all code files
+    const allFiles = await tk.globFiles("**/*.{ts,js,tsx,jsx,py,rs,go}", basePath);
+    for (const file of allFiles.slice(0, 100)) {
+        const role = detectKeyFileRole(file);
+        if (role) {
+            keyFiles.push({ path: file, role });
+        }
+    }
+    // Extract public exports from entry points
+    for (const ep of entryPoints.slice(0, 3)) {
+        const content = await tk.readFileSafe(ep);
+        if (!content)
+            continue;
+        const lines = content.split("\n");
+        for (const line of lines) {
+            const exportMatch = line.match(/export\s+(?:async\s+)?(?:function|class|const|let|interface|type|enum)\s+(\w+)/);
+            if (exportMatch) {
+                publicExports.push(exportMatch[1]);
+            }
+            const defaultExport = line.match(/export\s+default\s+(?:async\s+)?(?:function|class)\s+(\w+)/);
+            if (defaultExport) {
+                publicExports.push(defaultExport[1]);
+            }
+        }
+    }
+    return { entryPoints, keyFiles: keyFiles.slice(0, 20), publicExports: publicExports.slice(0, 30), directories };
+}
+// === Scan 4: Dependencies ===
+async function detectDependencies(tk, basePath) {
+    const production = [];
+    const development = [];
+    let manifest = null;
+    // Try package.json
+    const pkgJson = await tk.readJSON(`${basePath}/package.json`);
+    if (pkgJson) {
+        manifest = "package.json";
+        const deps = pkgJson.dependencies;
+        if (deps) {
+            for (const name of Object.keys(deps)) {
+                const cat = categorizeDep(name);
+                production.push({
+                    name,
+                    category: cat?.category ?? null,
+                    displayName: cat?.displayName ?? name,
+                });
+            }
+        }
+        const devDeps = pkgJson.devDependencies;
+        if (devDeps) {
+            for (const name of Object.keys(devDeps)) {
+                const cat = categorizeDep(name);
+                development.push({
+                    name,
+                    category: cat?.category ?? null,
+                    displayName: cat?.displayName ?? name,
+                });
+            }
+        }
+    }
+    // Try Cargo.toml
+    if (!manifest) {
+        const cargoContent = await tk.readFileSafe(`${basePath}/Cargo.toml`);
+        if (cargoContent) {
+            manifest = "Cargo.toml";
+            const depSection = cargoContent.match(/\[dependencies\]([\s\S]*?)(?:\[|$)/);
+            if (depSection) {
+                const lines = depSection[1].split("\n");
+                for (const line of lines) {
+                    const m = line.match(/^(\w[\w-]*)\s*=/);
+                    if (m) {
+                        production.push({ name: m[1], category: null, displayName: m[1] });
+                    }
+                }
+            }
+        }
+    }
+    // Try go.mod
+    if (!manifest) {
+        const goMod = await tk.readFileSafe(`${basePath}/go.mod`);
+        if (goMod) {
+            manifest = "go.mod";
+            const requireBlock = goMod.match(/require\s*\(([\s\S]*?)\)/);
+            if (requireBlock) {
+                const lines = requireBlock[1].split("\n");
+                for (const line of lines) {
+                    const m = line.trim().match(/^(\S+)\s/);
+                    if (m) {
+                        production.push({ name: m[1], category: null, displayName: m[1].split("/").pop() || m[1] });
+                    }
+                }
+            }
+        }
+    }
+    // Try pyproject.toml
+    if (!manifest) {
+        const pyproject = await tk.readFileSafe(`${basePath}/pyproject.toml`);
+        if (pyproject) {
+            manifest = "pyproject.toml";
+            const depSection = pyproject.match(/dependencies\s*=\s*\[([\s\S]*?)\]/);
+            if (depSection) {
+                const lines = depSection[1].split("\n");
+                for (const line of lines) {
+                    const m = line.match(/"([^">=<\[]+)/);
+                    if (m) {
+                        production.push({ name: m[1].trim(), category: null, displayName: m[1].trim() });
+                    }
+                }
+            }
+        }
+    }
+    return { manifest, production, development };
+}
+// === Scan 5: Import Graph ===
+async function buildImportGraph(tk, basePath) {
+    const internalMap = new Map();
+    const externalSet = new Set();
+    const grepResults = await tk.grepFiles("import\\s.*from\\s|require\\(", basePath);
+    for (const r of grepResults.slice(0, 300)) {
+        const imported = extractImportPath(r.content);
+        if (!imported)
+            continue;
+        if (imported.startsWith(".") || imported.startsWith("/")) {
+            // Internal import
+            if (!internalMap.has(imported))
+                internalMap.set(imported, new Set());
+            internalMap.get(imported).add(r.file);
+        }
+        else {
+            // External package
+            const pkg = imported.startsWith("@") ? imported.split("/").slice(0, 2).join("/") : imported.split("/")[0];
+            externalSet.add(pkg);
+        }
+    }
+    const internalImports = Array.from(internalMap.entries())
+        .map(([targetPath, sourceFiles]) => ({
+        targetPath,
+        sourceFiles: Array.from(sourceFiles).slice(0, 5),
+    }))
+        .slice(0, 30);
+    return {
+        internalImports,
+        externalPackages: Array.from(externalSet).sort(),
+    };
+}
+// === Scan 6: Structural Probes ===
+async function runStructuralProbes(tk, basePath) {
+    const results = [];
+    const probePromises = STRUCTURAL_PROBES.map(async (probe) => {
+        const grepResults = await tk.grepFiles(probe.pattern, basePath);
+        if (grepResults.length === 0)
+            return null;
+        return {
+            type: probe.type,
+            label: probe.label,
+            matches: grepResults.slice(0, MAX_PROBE_MATCHES).map((r) => ({
+                file: r.file,
+                line: String(r.line ?? ""),
+                content: r.content.trim().slice(0, 120),
+            })),
+            count: grepResults.length,
+        };
+    });
+    const probeResults = await Promise.all(probePromises);
+    for (const r of probeResults) {
+        if (r)
+            results.push(r);
+    }
+    return results;
+}
+// === Helpers ===
+function extractImportPath(line) {
+    const esMatch = line.match(/from\s+["']([^"']+)["']/);
+    if (esMatch)
+        return esMatch[1];
+    const cjsMatch = line.match(/require\(\s*["']([^"']+)["']\s*\)/);
+    if (cjsMatch)
+        return cjsMatch[1];
+    return null;
+}
+function getExtension(filePath) {
+    const match = filePath.match(/(\.[^./]+)$/);
+    return match ? match[1].toLowerCase() : "";
+}

package/dist/agents/static/doc-parser.js

@@ -1,38 +1,7 @@
 // Static Analysis — Doc Parser
 // Deep-scans README, CLAUDE.md, architecture docs, API docs, mermaid diagrams
 // to extract project description, components, connections, endpoints, and external deps
-const KNOWN_SERVICES = [
-    { pattern: /aws\s*s3|amazon\s*s3|@aws-sdk\/client-s3/i, name: "AWS S3" },
-    { pattern: /dynamodb|@aws-sdk\/client-dynamodb/i, name: "DynamoDB" },
-    { pattern: /aws\s*lambda|@aws-sdk\/client-lambda/i, name: "AWS Lambda" },
-    { pattern: /sqs|@aws-sdk\/client-sqs/i, name: "AWS SQS" },
-    { pattern: /sns|@aws-sdk\/client-sns/i, name: "AWS SNS" },
-    { pattern: /cloudflare\s*workers|wrangler/i, name: "Cloudflare Workers" },
-    { pattern: /redis|ioredis|@upstash\/redis/i, name: "Redis" },
-    { pattern: /postgres(?:ql)?|pg\b|@prisma|prisma|tokio-postgres|neon/i, name: "PostgreSQL" },
-    { pattern: /mysql|mariadb/i, name: "MySQL" },
-    { pattern: /mongodb|mongoose/i, name: "MongoDB" },
-    { pattern: /firebase|firestore/i, name: "Firebase" },
-    { pattern: /supabase/i, name: "Supabase" },
-    { pattern: /stripe/i, name: "Stripe" },
-    { pattern: /twilio/i, name: "Twilio" },
-    { pattern: /sendgrid|@sendgrid/i, name: "SendGrid" },
-    { pattern: /elasticsearch|opensearch/i, name: "Elasticsearch" },
-    { pattern: /rabbitmq|amqplib/i, name: "RabbitMQ" },
-    { pattern: /kafka|kafkajs/i, name: "Kafka" },
-    { pattern: /nats\.io|nats/i, name: "NATS" },
-    { pattern: /auth0/i, name: "Auth0" },
-    { pattern: /clerk/i, name: "Clerk" },
-    { pattern: /sentry/i, name: "Sentry" },
-    { pattern: /datadog/i, name: "Datadog" },
-    { pattern: /vercel/i, name: "Vercel" },
-    { pattern: /netlify/i, name: "Netlify" },
-    { pattern: /openai|gpt-4|gpt-3/i, name: "OpenAI" },
-    { pattern: /anthropic|claude/i, name: "Anthropic" },
-    { pattern: /mapbox/i, name: "Mapbox" },
-    { pattern: /google\s*places|google\s*maps/i, name: "Google Maps/Places" },
-    { pattern: /nginx/i, name: "NGINX" },
-];
+import { categorizeDep } from "./taxonomy.js";
 export async function parseDocs(tk) {
     const result = {
         projectDescription: "",
@@ -46,7 +15,6 @@ export async function parseDocs(tk) {
     const readme = await tk.readFileSafe("README.md");
     if (readme) {
         result.projectDescription = extractDescription(readme);
-        scanForExternalDeps(readme, result);
     }
     // Read all discovered doc files in parallel (batch of 15)
     const contents = await Promise.all(docFiles.slice(0, 15).map(async (f) => ({
@@ -64,8 +32,6 @@ export async function parseDocs(tk) {
         // Extract API endpoints from docs
         const endpoints = extractAPIEndpoints(content);
         result.apiEndpoints.push(...endpoints);
-        // Scan all docs for external service mentions
-        scanForExternalDeps(content, result);
     }
     // Parse OpenAPI spec if available
     const [openApiYaml, openApiJson] = await Promise.all([
@@ -73,7 +39,7 @@ export async function parseDocs(tk) {
         tk.readJSON("openapi.json"),
     ]);
     parseOpenAPI(openApiYaml ?? openApiJson, result);
-    // Also scan package.json/Cargo.toml deps for known services
+    // Scan build manifests for external dependencies using taxonomy
     await scanBuildDepsForServices(tk, result);
     return result;
 }
@@ -164,7 +130,6 @@ function extractDescription(readme) {
  */
 function extractArchitectureNotes(path, content) {
     const notes = [];
-    const lines = content.split("\n");
     // Extract technology stack tables (markdown tables with | Component | Technology |)
     const tableBlocks = extractMarkdownTables(content);
     if (tableBlocks.length > 0) {
@@ -315,10 +280,20 @@ function extractConnectionDescriptions(content) {
     }
     return descs;
 }
-function scanForExternalDeps(content, result) {
-    for (const svc of KNOWN_SERVICES) {
-        if (svc.pattern.test(content) && !result.externalDependencies.includes(svc.name)) {
-            result.externalDependencies.push(svc.name);
+/**
+ * Scan external dependencies from manifests using taxonomy.
+ * Only reads build manifests (package.json, Cargo.toml, etc.) — never doc text.
+ */
+function scanDepsForExternals(depNames, result) {
+    for (const dep of depNames) {
+        const cat = categorizeDep(dep);
+        if (!cat)
+            continue;
+        if (cat.role === "external" || cat.role === "data" || cat.role === "messaging") {
+            const name = cat.displayName;
+            if (!result.externalDependencies.includes(name)) {
+                result.externalDependencies.push(name);
+            }
         }
     }
 }
@@ -343,16 +318,66 @@ function parseOpenAPI(spec, result) {
     }
 }
 async function scanBuildDepsForServices(tk, result) {
+    // Collect dep names from all package.json files
     const pkg = await tk.readJSON("package.json");
     if (pkg) {
-        const depString = Object.keys({
+        const depNames = Object.keys({
             ...pkg.dependencies,
             ...pkg.devDependencies,
-        }).join(" ");
-        scanForExternalDeps(depString, result);
+        });
+        scanDepsForExternals(depNames, result);
+    }
+    // Check subdirectory package.json files too (e.g. cloud/package.json)
+    const rootEntries = await tk.listDir(".");
+    const subPkgs = await Promise.all(rootEntries
+        .filter((e) => e.type === "directory")
+        .slice(0, 15)
+        .map((e) => tk.readJSON(`${e.name}/package.json`)));
+    for (const subPkg of subPkgs) {
+        if (!subPkg)
+            continue;
+        const depNames = Object.keys({
+            ...subPkg.dependencies,
+            ...subPkg.devDependencies,
+        });
+        scanDepsForExternals(depNames, result);
+    }
+    // For non-JS manifests, extract dep names and check against taxonomy
+    const [cargo, goMod, requirements, pyProject] = await Promise.all([
+        tk.readFileSafe("Cargo.toml"),
+        tk.readFileSafe("go.mod"),
+        tk.readFileSafe("requirements.txt"),
+        tk.readFileSafe("pyproject.toml"),
+    ]);
+    // Extract crate names from Cargo.toml [dependencies] section
+    if (cargo) {
+        const depSection = cargo.match(/\[dependencies\]([\s\S]*?)(?:\[|$)/);
+        if (depSection) {
+            const crateNames = [...depSection[1].matchAll(/^(\S+)\s*=/gm)].map(m => m[1]);
+            scanDepsForExternals(crateNames, result);
+        }
+    }
+    // Extract module paths from go.mod require block
+    if (goMod) {
+        const requires = goMod.match(/require\s*\(([\s\S]*?)\)/);
+        if (requires) {
+            const modNames = [...requires[1].matchAll(/^\s*(\S+)/gm)].map(m => m[1]);
+            scanDepsForExternals(modNames, result);
+        }
+    }
+    // Extract package names from requirements.txt
+    if (requirements) {
+        const pkgNames = requirements.split("\n")
+            .filter(l => l.trim() && !l.startsWith("#"))
+            .map(l => l.split(/[>=<!\[]/)[0].trim());
+        scanDepsForExternals(pkgNames, result);
+    }
+    // Extract package names from pyproject.toml dependencies
+    if (pyProject) {
+        const depSection = pyProject.match(/dependencies\s*=\s*\[([\s\S]*?)\]/);
+        if (depSection) {
+            const pkgNames = [...depSection[1].matchAll(/"([^">=<!\[]+)/g)].map(m => m[1].trim());
+            scanDepsForExternals(pkgNames, result);
+        }
     }
-    // Also check Cargo.toml at root
-    const cargo = await tk.readFileSafe("Cargo.toml");
-    if (cargo)
-        scanForExternalDeps(cargo, result);
 }

package/dist/agents/static/env-detector.js

@@ -1,9 +1,6 @@
 // Static Analysis — Environment Detector
 // Detects environments, config patterns, and secrets management from .env files
-const SECRET_DEPS = [
-    "dotenv", "@aws-sdk/client-secrets-manager", "vault", "node-vault",
-    "@google-cloud/secret-manager", "@azure/keyvault-secrets", "infisical-sdk",
-];
+import { categorizeDep } from "./taxonomy.js";
 export async function detectEnvironments(tk) {
     const result = {
         environments: [],
@@ -57,14 +54,14 @@ export async function detectEnvironments(tk) {
             }
         }
     }
-    // Check for secrets management in deps
+    // Check for secrets management in deps using taxonomy
     const pkg = await tk.readJSON("package.json");
     if (pkg) {
         const allDeps = Object.keys({
             ...pkg.dependencies,
             ...pkg.devDependencies,
         });
-        result.hasSecrets = allDeps.some((d) => SECRET_DEPS.includes(d));
+        result.hasSecrets = allDeps.some((d) => categorizeDep(d)?.category === "secrets");
         if (allDeps.includes("dotenv")) {
             result.configPattern = result.configPattern ?? "dotenv";
         }

package/dist/agents/static/event-detector.js

@@ -1,54 +1,37 @@
 // Static Analysis — Event Detector
 // Detects event-driven architecture patterns from deps and code grep
 import { EXCLUDED_DIRS_REGEX } from "./excluded-dirs.js";
-const EDA_DEPS = [
-    { dep: "kafkajs", technology: "Kafka" },
-    { dep: "@confluentinc/kafka-javascript", technology: "Kafka" },
-    { dep: "amqplib", technology: "RabbitMQ" },
-    { dep: "bullmq", technology: "Redis Streams (BullMQ)" },
-    { dep: "bull", technology: "Redis Streams (Bull)" },
-    { dep: "bee-queue", technology: "Redis Streams (Bee-Queue)" },
-    { dep: "socket.io", technology: "WebSocket (Socket.IO)" },
-    { dep: "ws", technology: "WebSocket" },
-    { dep: "@google-cloud/pubsub", technology: "Google Pub/Sub" },
-    { dep: "@aws-sdk/client-sqs", technology: "AWS SQS" },
-    { dep: "@aws-sdk/client-sns", technology: "AWS SNS" },
-    { dep: "@aws-sdk/client-eventbridge", technology: "AWS EventBridge" },
-    { dep: "nats", technology: "NATS" },
-    { dep: "mqtt", technology: "MQTT" },
-    { dep: "@azure/service-bus", technology: "Azure Service Bus" },
-    { dep: "@azure/event-hubs", technology: "Azure Event Hubs" },
-    { dep: "sse-channel", technology: "Server-Sent Events" },
-    { dep: "better-sse", technology: "Server-Sent Events" },
-];
+import { categorizeDep } from "./taxonomy.js";
 export async function detectEvents(tk) {
     const result = {
         hasEDA: false,
         patterns: [],
         events: [],
     };
-    // Check package.json deps
+    // Check package.json deps against taxonomy (queue-client, realtime, sse)
     const pkg = await tk.readJSON("package.json");
     if (pkg) {
         const allDeps = Object.keys({
             ...pkg.dependencies,
             ...pkg.devDependencies,
         });
-        for (const edaDep of EDA_DEPS) {
-            if (allDeps.includes(edaDep.dep)) {
+        for (const dep of allDeps) {
+            const cat = categorizeDep(dep);
+            if (cat && (cat.category === "queue-client" || cat.category === "realtime" || cat.category === "sse")) {
                 result.hasEDA = true;
                 result.patterns.push({
-                    technology: edaDep.technology,
-                    dependency: edaDep.dep,
+                    technology: cat.displayName,
+                    dependency: dep,
                 });
             }
         }
     }
     // Grep for event patterns (filtered to exclude vendored code)
-    const [publishResults, subscribeResults, emitResults] = await Promise.all([
+    const [publishResults, subscribeResults, emitResults, sseResults] = await Promise.all([
         tk.grepFiles("\\.publish\\(|\\.send\\(|\\.produce\\("),
         tk.grepFiles("\\.subscribe\\(|\\.consume\\(|\\.on\\("),
         tk.grepFiles("\\.emit\\(|\\.dispatch\\(|\\.trigger\\("),
+        tk.grepFiles("text/event-stream|new EventSource|sseClients|sse_clients"),
     ]);
     // Exclude vendored/generated dirs from all results
     const excludeDirs = EXCLUDED_DIRS_REGEX;
@@ -64,6 +47,17 @@ export async function detectEvents(tk) {
     for (const r of filterVendored(emitResults).slice(0, 20)) {
         result.events.push({ type: "emit", file: r.file, pattern: r.content.slice(0, 100) });
     }
+    // SSE (Server-Sent Events) detection from code patterns (skip docs and agent prompts)
+    const filteredSSE = filterVendored(sseResults).filter((r) => !r.file.endsWith(".md") && !r.file.endsWith(".txt") &&
+        !r.file.startsWith("agents/"));
+    if (filteredSSE.length > 0) {
+        if (!result.patterns.some((p) => p.technology === "Server-Sent Events")) {
+            result.patterns.push({ technology: "Server-Sent Events", dependency: "(code pattern)" });
+        }
+        for (const r of filteredSSE.slice(0, 10)) {
+            result.events.push({ type: "broadcast", file: r.file, pattern: r.content.slice(0, 100) });
+        }
+    }
     if (result.events.length > 0) {
         result.hasEDA = true;
     }