brakit 0.10.0 → 0.10.2

package/dist/api.d.ts

@@ -1,5 +1,38 @@
 import { IncomingHttpHeaders } from 'node:http';
 
+/**
+ * Canonical type definitions shared between server and browser client.
+ *
+ * Both `src/types/telemetry.ts` (server) and
+ * `src/dashboard/client/store/types.ts` (browser) import from here.
+ * This is the single source of truth for union types used across the
+ * bundling boundary.
+ */
+type DbDriver = "pg" | "mysql2" | "prisma" | "asyncpg" | "sqlalchemy" | "sdk";
+type LogLevel = "log" | "warn" | "error" | "info" | "debug";
+type NormalizedOp = "SELECT" | "INSERT" | "UPDATE" | "DELETE" | "OTHER";
+type Severity = "critical" | "warning" | "info";
+/**
+ * State machine for issue lifecycle:
+ *
+ *   open ──→ fixing ──→ resolved
+ *     │         │           │
+ *     │         ▼           ▼
+ *     │       regressed   (pruned after PRUNE_ISSUE_TTL_MS)
+ *     │
+ *     └──→ stale (no traffic for STALE_ISSUE_TTL_MS)
+ */
+type IssueState = "open" | "fixing" | "resolved" | "stale" | "regressed";
+type IssueSource = "passive";
+type IssueCategory = "security" | "performance" | "reliability";
+type AiFixStatus = "fixed" | "wont_fix";
+interface SourceLocation {
+    file: string;
+    line: number;
+    column?: number;
+    fn?: string;
+}
+
 type HttpMethod = "GET" | "POST" | "PUT" | "PATCH" | "DELETE" | "HEAD" | "OPTIONS";
 type FlatHeaders = Record<string, string>;
 interface TracedRequest {
@@ -20,7 +53,7 @@ interface TracedRequest {
 }
 type RequestListener = (req: TracedRequest) => void;
 
-type Framework = "nextjs" | "remix" | "nuxt" | "vite" | "astro" | "flask" | "fastapi" | "django" | "custom" | "unknown";
+type Framework = "nextjs" | "remix" | "nuxt" | "vite" | "astro" | "express" | "fastify" | "koa" | "hono" | "nestjs" | "hapi" | "adonis" | "sails" | "flask" | "fastapi" | "django" | "custom" | "unknown";
 interface DetectedProject {
     framework: Framework;
     devCommand: string;
@@ -69,9 +102,10 @@ interface TracedFetch extends TelemetryEntry {
     method: string;
     statusCode: number;
     durationMs: number;
+    callSite?: SourceLocation;
 }
 interface TracedLog extends TelemetryEntry {
-    level: "log" | "warn" | "error" | "info" | "debug";
+    level: LogLevel;
     message: string;
 }
 interface TracedError extends TelemetryEntry {
@@ -79,9 +113,8 @@ interface TracedError extends TelemetryEntry {
     message: string;
     stack?: string;
 }
-type NormalizedOp = "SELECT" | "INSERT" | "UPDATE" | "DELETE" | "OTHER";
 interface TracedQuery extends TelemetryEntry {
-    driver: "pg" | "mysql2" | "prisma" | "asyncpg" | "sqlalchemy" | "sdk";
+    driver: DbDriver;
     sql?: string;
     model?: string;
     operation?: string;
@@ -91,6 +124,7 @@ interface TracedQuery extends TelemetryEntry {
     table?: string;
     source?: string;
     parentFetchId?: string;
+    callSite?: SourceLocation;
 }
 type TelemetryEvent = {
     type: "fetch";
@@ -157,8 +191,6 @@ interface RequestMetrics {
     fetchTimeMs: number;
 }
 
-/** Shared severity levels used by both security findings and insights. */
-type Severity = "critical" | "warning" | "info";
 type SecuritySeverity = Severity;
 interface SecurityFinding {
     severity: SecuritySeverity;
@@ -171,10 +203,6 @@ interface SecurityFinding {
     count: number;
 }
 
-type IssueState = "open" | "fixing" | "resolved" | "stale" | "regressed";
-type IssueSource = "passive";
-type IssueCategory = "security" | "performance" | "reliability";
-type AiFixStatus = "fixed" | "wont_fix";
 interface Issue {
     category: IssueCategory;
     /** Rule identifier: "slow", "n1", "exposed-secret", etc. */
@@ -188,6 +216,8 @@ interface Issue {
     endpoint?: string;
     /** Dashboard tab to link to (e.g., "requests", "queries", "security"). */
     nav?: string;
+    /** Occurrence count for rules that aggregate (e.g., N+1 query count). */
+    count?: number;
 }
 interface StatefulIssue {
     /** Stable ID derived from rule + endpoint + description hash. */
@@ -202,12 +232,11 @@ interface StatefulIssue {
     occurrences: number;
     /**
      * Number of requests to this endpoint that did NOT reproduce the issue
-     * since it was last seen. Used for evidence-based resolution.
+     * since it was last seen. Used for evidence-based resolution:
+     * after CLEAN_HITS_FOR_RESOLUTION clean hits the issue auto-resolves.
      */
     cleanHitsSinceLastSeen: number;
-    /** What AI reported after attempting a fix. */
     aiStatus: AiFixStatus | null;
-    /** AI's summary of what was done or why it can't be fixed. */
     aiNotes: string | null;
 }
 interface IssuesData {
@@ -227,10 +256,11 @@ declare class IssueStore {
     stop(): void;
     upsert(issue: Issue, source: IssueSource): StatefulIssue;
     /**
-     * Reconcile issues against the current analysis results using evidence-based resolution.
-     *
-     * @param currentIssueIds - IDs of issues detected in the current analysis cycle
-     * @param activeEndpoints - Endpoints that had requests in the current cycle
+     * Evidence-based reconciliation: for each active issue whose endpoint had
+     * traffic but the issue was NOT re-detected, increment cleanHitsSinceLastSeen.
+     * After CLEAN_HITS_FOR_RESOLUTION consecutive clean cycles, auto-resolve.
+     * Issues on endpoints with no recent traffic are marked stale after STALE_ISSUE_TTL_MS.
+     * Resolved and stale issues are pruned after their respective TTLs expire.
      */
     reconcile(currentIssueIds: Set<string>, activeEndpoints: Set<string>): void;
     transition(issueId: string, state: IssueState): boolean;
@@ -244,7 +274,6 @@ declare class IssueStore {
     private loadAsync;
     /** Sync load for tests only — not used in production paths. */
     loadSync(): void;
-    /** Parse and populate issues from a raw JSON string. */
     private hydrate;
     private flush;
     private flushSync;
@@ -407,7 +436,6 @@ declare class RequestStore {
 }
 
 type TelemetryListener<T> = (entry: T) => void;
-/** Read-only view of a TelemetryStore — used by API handlers that only query data. */
 interface ReadonlyTelemetryStore {
     getAll(): readonly TelemetryEntry[];
     getByRequest(requestId: string): TelemetryEntry[];

package/dist/api.js

@@ -232,7 +232,7 @@ var IssueStore = class {
       existing.occurrences++;
       existing.issue = issue;
       existing.cleanHitsSinceLastSeen = 0;
-      if (existing.state === "resolved" || existing.state === "stale") {
+      if (existing.aiStatus !== "wont_fix" && (existing.state === "resolved" || existing.state === "stale")) {
         existing.state = "regressed";
         existing.resolvedAt = null;
       }
@@ -258,10 +258,11 @@ var IssueStore = class {
     return stateful;
   }
   /**
-   * Reconcile issues against the current analysis results using evidence-based resolution.
-   *
-   * @param currentIssueIds - IDs of issues detected in the current analysis cycle
-   * @param activeEndpoints - Endpoints that had requests in the current cycle
+   * Evidence-based reconciliation: for each active issue whose endpoint had
+   * traffic but the issue was NOT re-detected, increment cleanHitsSinceLastSeen.
+   * After CLEAN_HITS_FOR_RESOLUTION consecutive clean cycles, auto-resolve.
+   * Issues on endpoints with no recent traffic are marked stale after STALE_ISSUE_TTL_MS.
+   * Resolved and stale issues are pruned after their respective TTLs expire.
    */
   reconcile(currentIssueIds, activeEndpoints) {
     const now = Date.now();
@@ -359,9 +360,15 @@ var IssueStore = class {
       brakitDebug(`IssueStore: could not load issues file, starting fresh: ${err}`);
     }
   }
-  /** Parse and populate issues from a raw JSON string. */
   hydrate(raw) {
-    const validated = validateIssuesData(JSON.parse(raw));
+    let parsed;
+    try {
+      parsed = JSON.parse(raw);
+    } catch (err) {
+      brakitDebug(`IssueStore: corrupt JSON in issues file, starting fresh: ${err}`);
+      return;
+    }
+    const validated = validateIssuesData(parsed);
     if (!validated) return;
     for (const issue of validated.issues) {
       this.issues.set(issue.issueId, issue);
@@ -374,8 +381,12 @@ var IssueStore = class {
   }
   flushSync() {
     if (!this.dirty) return;
-    this.writer.writeSync(this.serialize());
-    this.dirty = false;
+    try {
+      this.writer.writeSync(this.serialize());
+      this.dirty = false;
+    } catch (err) {
+      brakitDebug(`IssueStore: flush failed, will retry: ${err}`);
+    }
   }
   serialize() {
     const data = {
@@ -390,12 +401,102 @@ var IssueStore = class {
 import { readFile as readFile3, readdir } from "fs/promises";
 import { existsSync as existsSync4 } from "fs";
 import { join as join2, relative } from "path";
+
+// src/constants/detection.ts
+var KNOWN_DEPENDENCY_NAMES = [
+  // -- Frameworks (meta) --
+  "next",
+  "@remix-run/dev",
+  "nuxt",
+  "astro",
+  // -- Frameworks (backend) --
+  "@nestjs/core",
+  "@adonisjs/core",
+  "sails",
+  "express",
+  "fastify",
+  "hono",
+  "koa",
+  "@hapi/hapi",
+  "elysia",
+  "h3",
+  "nitro",
+  "@trpc/server",
+  // -- Bundlers --
+  "vite",
+  // -- ORM / query builders --
+  "prisma",
+  "@prisma/client",
+  "drizzle-orm",
+  "typeorm",
+  "sequelize",
+  "mongoose",
+  "kysely",
+  "knex",
+  "@mikro-orm/core",
+  "objection",
+  // -- DB drivers --
+  "pg",
+  "mysql2",
+  "mongodb",
+  "better-sqlite3",
+  "@libsql/client",
+  "@planetscale/database",
+  "ioredis",
+  "redis",
+  // -- Auth --
+  "lucia",
+  "next-auth",
+  "@auth/core",
+  "passport",
+  // -- Queues / messaging --
+  "bullmq",
+  "amqplib",
+  "kafkajs",
+  // -- Validation --
+  "zod",
+  "joi",
+  "yup",
+  "arktype",
+  "valibot",
+  // -- HTTP clients --
+  "axios",
+  "got",
+  "ky",
+  "undici",
+  // -- Realtime --
+  "socket.io",
+  "ws",
+  // -- CSS / styling --
+  "tailwindcss",
+  // -- Testing --
+  "vitest",
+  "jest",
+  "mocha",
+  // -- Runtime indicators --
+  "bun-types",
+  "@types/bun"
+];
+var KNOWN_DEPENDENCY_SET = new Set(KNOWN_DEPENDENCY_NAMES);
+
+// src/detect/project.ts
 var FRAMEWORKS = [
+  // Meta-frameworks first (they bundle Express/Vite internally)
   { name: "nextjs", dep: "next", devCmd: "next dev", bin: "next", defaultPort: 3e3, devArgs: ["dev", "--port"] },
   { name: "remix", dep: "@remix-run/dev", devCmd: "remix dev", bin: "remix", defaultPort: 3e3, devArgs: ["dev"] },
   { name: "nuxt", dep: "nuxt", devCmd: "nuxt dev", bin: "nuxt", defaultPort: 3e3, devArgs: ["dev", "--port"] },
-  { name: "vite", dep: "vite", devCmd: "vite", bin: "vite", defaultPort: 5173, devArgs: ["--port"] },
-  { name: "astro", dep: "astro", devCmd: "astro dev", bin: "astro", defaultPort: 4321, devArgs: ["dev", "--port"] }
+  { name: "astro", dep: "astro", devCmd: "astro dev", bin: "astro", defaultPort: 4321, devArgs: ["dev", "--port"] },
+  { name: "nestjs", dep: "@nestjs/core", devCmd: "nest start", bin: "nest", defaultPort: 3e3, devArgs: ["--watch"] },
+  { name: "adonis", dep: "@adonisjs/core", devCmd: "node ace serve", bin: "ace", defaultPort: 3333, devArgs: ["serve", "--watch"] },
+  { name: "sails", dep: "sails", devCmd: "sails lift", bin: "sails", defaultPort: 1337, devArgs: ["lift"] },
+  // Server frameworks
+  { name: "hono", dep: "hono", devCmd: "node", bin: "node", defaultPort: 3e3 },
+  { name: "fastify", dep: "fastify", devCmd: "node", bin: "node", defaultPort: 3e3 },
+  { name: "koa", dep: "koa", devCmd: "node", bin: "node", defaultPort: 3e3 },
+  { name: "hapi", dep: "@hapi/hapi", devCmd: "node", bin: "node", defaultPort: 3e3 },
+  { name: "express", dep: "express", devCmd: "node", bin: "node", defaultPort: 3e3 },
+  // Bundlers (last — likely used alongside a framework above)
+  { name: "vite", dep: "vite", devCmd: "vite", bin: "vite", defaultPort: 5173, devArgs: ["--port"] }
 ];
 async function detectProject(rootDir) {
   const pkgPath = join2(rootDir, "package.json");
@@ -407,23 +508,22 @@ async function detectProject(rootDir) {
   const devCommand = matched?.devCmd ?? "";
   const devBin = matched ? join2(rootDir, "node_modules", ".bin", matched.bin) : "";
   const defaultPort = matched?.defaultPort ?? 3e3;
-  const packageManager = await detectPackageManager(rootDir);
+  const packageManager = detectPackageManager(rootDir);
   return { framework, devCommand, devBin, defaultPort, packageManager };
 }
-async function detectPackageManager(rootDir) {
-  if (await fileExists(join2(rootDir, "bun.lockb"))) return "bun";
-  if (await fileExists(join2(rootDir, "bun.lock"))) return "bun";
-  if (await fileExists(join2(rootDir, "pnpm-lock.yaml"))) return "pnpm";
-  if (await fileExists(join2(rootDir, "yarn.lock"))) return "yarn";
-  if (await fileExists(join2(rootDir, "package-lock.json"))) return "npm";
-  return "unknown";
-}
 function detectFrameworkFromDeps(allDeps) {
   for (const f of FRAMEWORKS) {
     if (allDeps[f.dep]) return f.name;
   }
   return "unknown";
 }
+function detectPackageManager(rootDir) {
+  if (existsSync4(join2(rootDir, "bun.lockb")) || existsSync4(join2(rootDir, "bun.lock"))) return "bun";
+  if (existsSync4(join2(rootDir, "pnpm-lock.yaml"))) return "pnpm";
+  if (existsSync4(join2(rootDir, "yarn.lock"))) return "yarn";
+  if (existsSync4(join2(rootDir, "package-lock.json"))) return "npm";
+  return "unknown";
+}
 
 // src/instrument/adapter-registry.ts
 var AdapterRegistry = class {
@@ -1133,14 +1233,14 @@ function createDefaultScanner() {
 // src/core/disposable.ts
 var SubscriptionBag = class {
   constructor() {
-    this.items = [];
+    this.items = /* @__PURE__ */ new Set();
   }
   add(teardown) {
-    this.items.push(typeof teardown === "function" ? { dispose: teardown } : teardown);
+    this.items.add(typeof teardown === "function" ? { dispose: teardown } : teardown);
   }
   dispose() {
     for (const d of this.items) d.dispose();
-    this.items.length = 0;
+    this.items.clear();
   }
 };
 
@@ -1170,14 +1270,10 @@ var DASHBOARD_API_GRAPH = `${DASHBOARD_PREFIX}/api/graph`;
 var VALID_TABS_TUPLE = [
   "overview",
   "actions",
-  "requests",
-  "fetches",
-  "queries",
-  "errors",
-  "logs",
+  "insights",
   "performance",
-  "security",
-  "graph"
+  "graph",
+  "explorer"
 ];
 var VALID_TABS = new Set(VALID_TABS_TUPLE);
 
@@ -2411,7 +2507,7 @@ var AnalysisEngine = class {
 };
 
 // src/index.ts
-var VERSION = "0.10.0";
+var VERSION = "0.10.2";
 export {
   AdapterRegistry,
   AnalysisEngine,