brakit 0.10.1 → 0.10.2

package/dist/api.d.ts

@@ -1,5 +1,38 @@
 import { IncomingHttpHeaders } from 'node:http';
 
+/**
+ * Canonical type definitions shared between server and browser client.
+ *
+ * Both `src/types/telemetry.ts` (server) and
+ * `src/dashboard/client/store/types.ts` (browser) import from here.
+ * This is the single source of truth for union types used across the
+ * bundling boundary.
+ */
+type DbDriver = "pg" | "mysql2" | "prisma" | "asyncpg" | "sqlalchemy" | "sdk";
+type LogLevel = "log" | "warn" | "error" | "info" | "debug";
+type NormalizedOp = "SELECT" | "INSERT" | "UPDATE" | "DELETE" | "OTHER";
+type Severity = "critical" | "warning" | "info";
+/**
+ * State machine for issue lifecycle:
+ *
+ *   open ──→ fixing ──→ resolved
+ *     │         │           │
+ *     │         ▼           ▼
+ *     │       regressed   (pruned after PRUNE_ISSUE_TTL_MS)
+ *     │
+ *     └──→ stale (no traffic for STALE_ISSUE_TTL_MS)
+ */
+type IssueState = "open" | "fixing" | "resolved" | "stale" | "regressed";
+type IssueSource = "passive";
+type IssueCategory = "security" | "performance" | "reliability";
+type AiFixStatus = "fixed" | "wont_fix";
+interface SourceLocation {
+    file: string;
+    line: number;
+    column?: number;
+    fn?: string;
+}
+
 type HttpMethod = "GET" | "POST" | "PUT" | "PATCH" | "DELETE" | "HEAD" | "OPTIONS";
 type FlatHeaders = Record<string, string>;
 interface TracedRequest {
@@ -69,9 +102,10 @@ interface TracedFetch extends TelemetryEntry {
     method: string;
     statusCode: number;
     durationMs: number;
+    callSite?: SourceLocation;
 }
 interface TracedLog extends TelemetryEntry {
-    level: "log" | "warn" | "error" | "info" | "debug";
+    level: LogLevel;
     message: string;
 }
 interface TracedError extends TelemetryEntry {
@@ -79,9 +113,8 @@ interface TracedError extends TelemetryEntry {
     message: string;
     stack?: string;
 }
-type NormalizedOp = "SELECT" | "INSERT" | "UPDATE" | "DELETE" | "OTHER";
 interface TracedQuery extends TelemetryEntry {
-    driver: "pg" | "mysql2" | "prisma" | "asyncpg" | "sqlalchemy" | "sdk";
+    driver: DbDriver;
     sql?: string;
     model?: string;
     operation?: string;
@@ -91,6 +124,7 @@ interface TracedQuery extends TelemetryEntry {
     table?: string;
     source?: string;
     parentFetchId?: string;
+    callSite?: SourceLocation;
 }
 type TelemetryEvent = {
     type: "fetch";
@@ -157,8 +191,6 @@ interface RequestMetrics {
     fetchTimeMs: number;
 }
 
-/** Shared severity levels used by both security findings and insights. */
-type Severity = "critical" | "warning" | "info";
 type SecuritySeverity = Severity;
 interface SecurityFinding {
     severity: SecuritySeverity;
@@ -171,10 +203,6 @@ interface SecurityFinding {
     count: number;
 }
 
-type IssueState = "open" | "fixing" | "resolved" | "stale" | "regressed";
-type IssueSource = "passive";
-type IssueCategory = "security" | "performance" | "reliability";
-type AiFixStatus = "fixed" | "wont_fix";
 interface Issue {
     category: IssueCategory;
     /** Rule identifier: "slow", "n1", "exposed-secret", etc. */
@@ -188,6 +216,8 @@ interface Issue {
     endpoint?: string;
     /** Dashboard tab to link to (e.g., "requests", "queries", "security"). */
     nav?: string;
+    /** Occurrence count for rules that aggregate (e.g., N+1 query count). */
+    count?: number;
 }
 interface StatefulIssue {
     /** Stable ID derived from rule + endpoint + description hash. */
@@ -202,12 +232,11 @@ interface StatefulIssue {
     occurrences: number;
     /**
      * Number of requests to this endpoint that did NOT reproduce the issue
-     * since it was last seen. Used for evidence-based resolution.
+     * since it was last seen. Used for evidence-based resolution:
+     * after CLEAN_HITS_FOR_RESOLUTION clean hits the issue auto-resolves.
      */
     cleanHitsSinceLastSeen: number;
-    /** What AI reported after attempting a fix. */
     aiStatus: AiFixStatus | null;
-    /** AI's summary of what was done or why it can't be fixed. */
     aiNotes: string | null;
 }
 interface IssuesData {
@@ -245,7 +274,6 @@ declare class IssueStore {
     private loadAsync;
     /** Sync load for tests only — not used in production paths. */
     loadSync(): void;
-    /** Parse and populate issues from a raw JSON string. */
     private hydrate;
     private flush;
     private flushSync;
@@ -408,7 +436,6 @@ declare class RequestStore {
 }
 
 type TelemetryListener<T> = (entry: T) => void;
-/** Read-only view of a TelemetryStore — used by API handlers that only query data. */
 interface ReadonlyTelemetryStore {
     getAll(): readonly TelemetryEntry[];
     getByRequest(requestId: string): TelemetryEntry[];

package/dist/api.js

@@ -360,9 +360,15 @@ var IssueStore = class {
       brakitDebug(`IssueStore: could not load issues file, starting fresh: ${err}`);
     }
   }
-  /** Parse and populate issues from a raw JSON string. */
   hydrate(raw) {
-    const validated = validateIssuesData(JSON.parse(raw));
+    let parsed;
+    try {
+      parsed = JSON.parse(raw);
+    } catch (err) {
+      brakitDebug(`IssueStore: corrupt JSON in issues file, starting fresh: ${err}`);
+      return;
+    }
+    const validated = validateIssuesData(parsed);
     if (!validated) return;
     for (const issue of validated.issues) {
       this.issues.set(issue.issueId, issue);
@@ -375,8 +381,12 @@ var IssueStore = class {
   }
   flushSync() {
     if (!this.dirty) return;
-    this.writer.writeSync(this.serialize());
-    this.dirty = false;
+    try {
+      this.writer.writeSync(this.serialize());
+      this.dirty = false;
+    } catch (err) {
+      brakitDebug(`IssueStore: flush failed, will retry: ${err}`);
+    }
   }
   serialize() {
     const data = {
@@ -391,6 +401,85 @@ var IssueStore = class {
 import { readFile as readFile3, readdir } from "fs/promises";
 import { existsSync as existsSync4 } from "fs";
 import { join as join2, relative } from "path";
+
+// src/constants/detection.ts
+var KNOWN_DEPENDENCY_NAMES = [
+  // -- Frameworks (meta) --
+  "next",
+  "@remix-run/dev",
+  "nuxt",
+  "astro",
+  // -- Frameworks (backend) --
+  "@nestjs/core",
+  "@adonisjs/core",
+  "sails",
+  "express",
+  "fastify",
+  "hono",
+  "koa",
+  "@hapi/hapi",
+  "elysia",
+  "h3",
+  "nitro",
+  "@trpc/server",
+  // -- Bundlers --
+  "vite",
+  // -- ORM / query builders --
+  "prisma",
+  "@prisma/client",
+  "drizzle-orm",
+  "typeorm",
+  "sequelize",
+  "mongoose",
+  "kysely",
+  "knex",
+  "@mikro-orm/core",
+  "objection",
+  // -- DB drivers --
+  "pg",
+  "mysql2",
+  "mongodb",
+  "better-sqlite3",
+  "@libsql/client",
+  "@planetscale/database",
+  "ioredis",
+  "redis",
+  // -- Auth --
+  "lucia",
+  "next-auth",
+  "@auth/core",
+  "passport",
+  // -- Queues / messaging --
+  "bullmq",
+  "amqplib",
+  "kafkajs",
+  // -- Validation --
+  "zod",
+  "joi",
+  "yup",
+  "arktype",
+  "valibot",
+  // -- HTTP clients --
+  "axios",
+  "got",
+  "ky",
+  "undici",
+  // -- Realtime --
+  "socket.io",
+  "ws",
+  // -- CSS / styling --
+  "tailwindcss",
+  // -- Testing --
+  "vitest",
+  "jest",
+  "mocha",
+  // -- Runtime indicators --
+  "bun-types",
+  "@types/bun"
+];
+var KNOWN_DEPENDENCY_SET = new Set(KNOWN_DEPENDENCY_NAMES);
+
+// src/detect/project.ts
 var FRAMEWORKS = [
   // Meta-frameworks first (they bundle Express/Vite internally)
   { name: "nextjs", dep: "next", devCmd: "next dev", bin: "next", defaultPort: 3e3, devArgs: ["dev", "--port"] },
@@ -419,23 +508,22 @@ async function detectProject(rootDir) {
   const devCommand = matched?.devCmd ?? "";
   const devBin = matched ? join2(rootDir, "node_modules", ".bin", matched.bin) : "";
   const defaultPort = matched?.defaultPort ?? 3e3;
-  const packageManager = await detectPackageManager(rootDir);
+  const packageManager = detectPackageManager(rootDir);
   return { framework, devCommand, devBin, defaultPort, packageManager };
 }
-async function detectPackageManager(rootDir) {
-  if (await fileExists(join2(rootDir, "bun.lockb"))) return "bun";
-  if (await fileExists(join2(rootDir, "bun.lock"))) return "bun";
-  if (await fileExists(join2(rootDir, "pnpm-lock.yaml"))) return "pnpm";
-  if (await fileExists(join2(rootDir, "yarn.lock"))) return "yarn";
-  if (await fileExists(join2(rootDir, "package-lock.json"))) return "npm";
-  return "unknown";
-}
 function detectFrameworkFromDeps(allDeps) {
   for (const f of FRAMEWORKS) {
     if (allDeps[f.dep]) return f.name;
   }
   return "unknown";
 }
+function detectPackageManager(rootDir) {
+  if (existsSync4(join2(rootDir, "bun.lockb")) || existsSync4(join2(rootDir, "bun.lock"))) return "bun";
+  if (existsSync4(join2(rootDir, "pnpm-lock.yaml"))) return "pnpm";
+  if (existsSync4(join2(rootDir, "yarn.lock"))) return "yarn";
+  if (existsSync4(join2(rootDir, "package-lock.json"))) return "npm";
+  return "unknown";
+}
 
 // src/instrument/adapter-registry.ts
 var AdapterRegistry = class {
@@ -1145,14 +1233,14 @@ function createDefaultScanner() {
 // src/core/disposable.ts
 var SubscriptionBag = class {
   constructor() {
-    this.items = [];
+    this.items = /* @__PURE__ */ new Set();
   }
   add(teardown) {
-    this.items.push(typeof teardown === "function" ? { dispose: teardown } : teardown);
+    this.items.add(typeof teardown === "function" ? { dispose: teardown } : teardown);
   }
   dispose() {
     for (const d of this.items) d.dispose();
-    this.items.length = 0;
+    this.items.clear();
   }
 };
 
@@ -2419,7 +2507,7 @@ var AnalysisEngine = class {
 };
 
 // src/index.ts
-var VERSION = "0.10.1";
+var VERSION = "0.10.2";
 export {
   AdapterRegistry,
   AnalysisEngine,