brakit 0.9.2 → 0.10.1

package/dist/api.d.ts

@@ -20,7 +20,7 @@ interface TracedRequest {
 }
 type RequestListener = (req: TracedRequest) => void;
 
-type Framework = "nextjs" | "remix" | "nuxt" | "vite" | "astro" | "flask" | "fastapi" | "django" | "custom" | "unknown";
+type Framework = "nextjs" | "remix" | "nuxt" | "vite" | "astro" | "express" | "fastify" | "koa" | "hono" | "nestjs" | "hapi" | "adonis" | "sails" | "flask" | "fastapi" | "django" | "custom" | "unknown";
 interface DetectedProject {
     framework: Framework;
     devCommand: string;
@@ -227,10 +227,11 @@ declare class IssueStore {
     stop(): void;
     upsert(issue: Issue, source: IssueSource): StatefulIssue;
     /**
-     * Reconcile issues against the current analysis results using evidence-based resolution.
-     *
-     * @param currentIssueIds - IDs of issues detected in the current analysis cycle
-     * @param activeEndpoints - Endpoints that had requests in the current cycle
+     * Evidence-based reconciliation: for each active issue whose endpoint had
+     * traffic but the issue was NOT re-detected, increment cleanHitsSinceLastSeen.
+     * After CLEAN_HITS_FOR_RESOLUTION consecutive clean cycles, auto-resolve.
+     * Issues on endpoints with no recent traffic are marked stale after STALE_ISSUE_TTL_MS.
+     * Resolved and stale issues are pruned after their respective TTLs expire.
      */
     reconcile(currentIssueIds: Set<string>, activeEndpoints: Set<string>): void;
     transition(issueId: string, state: IssueState): boolean;
@@ -468,6 +469,147 @@ declare class MetricsStore {
     private getOrCreateEndpoint;
 }
 
+/** LiveGraph data model — runtime dependency graph types. */
+type NodeType = "endpoint" | "cluster" | "table" | "external";
+type EdgeType = "reads" | "writes" | "fetches" | "calls";
+interface GraphNodeStats {
+    requestCount: number;
+    avgLatencyMs: number;
+    errorRate: number;
+    avgQueryCount: number;
+    lastSeenAt: number;
+    firstSeenAt: number;
+}
+interface SecurityFindingSummary {
+    rule: string;
+    severity: string;
+    title: string;
+    count: number;
+}
+interface InsightSummary {
+    type: string;
+    severity: string;
+    title: string;
+}
+interface NodeAnnotations {
+    categories?: string[];
+    hasAuth?: boolean;
+    isMiddleware?: boolean;
+    securityFindings?: SecurityFindingSummary[];
+    insights?: InsightSummary[];
+    openIssueCount?: number;
+    p95Ms?: number;
+}
+interface EdgeAnnotations {
+    hasIssue?: boolean;
+}
+interface GraphNode {
+    id: string;
+    type: NodeType;
+    label: string;
+    children?: string[];
+    stats: GraphNodeStats;
+    annotations?: NodeAnnotations;
+}
+interface GraphEdgeStats {
+    frequency: number;
+    avgLatencyMs: number;
+    lastSeenAt: number;
+    firstSeenAt: number;
+}
+interface GraphEdge {
+    id: string;
+    source: string;
+    target: string;
+    type: EdgeType;
+    stats: GraphEdgeStats;
+    patterns?: string[];
+    annotations?: EdgeAnnotations;
+}
+interface LiveGraph {
+    nodes: Map<string, GraphNode>;
+    edges: Map<string, GraphEdge>;
+    metadata: {
+        totalObservations: number;
+        lastUpdatedAt: number;
+    };
+}
+interface ClusterInfo {
+    id: string;
+    label: string;
+    children: string[];
+    stats: GraphNodeStats;
+}
+interface GraphApiResponse {
+    nodes: GraphNode[];
+    edges: GraphEdge[];
+    clusters: ClusterInfo[];
+    metadata: {
+        totalObservations: number;
+        lastUpdatedAt: number;
+    };
+}
+
+type GroupingStrategy = "path" | "auth-boundary" | "data-domain";
+
+/**
+ * GraphBuilder — listens to EventBus events and incrementally builds
+ * a runtime dependency graph of the application.
+ *
+ * Timing: queries and fetches fire DURING request processing, but
+ * request:completed fires AFTER the response is sent. We buffer
+ * telemetry events by parentRequestId and process them when the
+ * request completes (so we know the endpoint key).
+ */
+
+declare class GraphBuilder {
+    private bus;
+    private requestStore;
+    private graph;
+    /**
+     * Buffered telemetry events waiting for their parent request to complete.
+     * Key = parentRequestId, value = pending queries/fetches.
+     */
+    private pending;
+    /** Accumulated request categories per endpoint node. */
+    private nodeCategories;
+    /** Latest analysis snapshot — refreshed on every analysis:updated event. */
+    private latestAnalysis;
+    private cleanupUnsubs;
+    constructor(bus: EventBus, requestStore: RequestStore);
+    start(): void;
+    stop(): void;
+    getGraph(): LiveGraph;
+    /**
+     * Enrich endpoint nodes with p95 from an external metrics source.
+     * Called by the API handler which has access to MetricsStore.
+     */
+    enrichWithMetrics(getP95: (endpointKey: string) => number | undefined): void;
+    getApiResponse(options?: {
+        cluster?: string;
+        node?: string;
+        level?: string;
+        grouping?: string;
+    }): GraphApiResponse;
+    clear(): void;
+    private handleAnalysisUpdate;
+    private enrichNodesFromAnalysis;
+    private handleRequest;
+    private handleQuery;
+    private handleFetch;
+    private processQuery;
+    private processFetch;
+    computeClusters(strategy?: GroupingStrategy): Map<string, ClusterInfo>;
+    private clusterByPath;
+    private clusterByAuthBoundary;
+    private clusterByDataDomain;
+    private buildCluster;
+    private getEndpointView;
+    private getClusterView;
+    private getClusterExpanded;
+    private getNodeNeighborhood;
+}
+
 interface Services {
     bus: EventBus;
     requestStore: RequestStore;
@@ -478,6 +620,7 @@ interface Services {
     metricsStore: MetricsStore;
     issueStore: IssueStore;
     analysisEngine: AnalysisEngine;
+    graphBuilder: GraphBuilder;
 }
 
 declare class AnalysisEngine {

package/dist/api.js

@@ -232,7 +232,7 @@ var IssueStore = class {
       existing.occurrences++;
       existing.issue = issue;
       existing.cleanHitsSinceLastSeen = 0;
-      if (existing.state === "resolved" || existing.state === "stale") {
+      if (existing.aiStatus !== "wont_fix" && (existing.state === "resolved" || existing.state === "stale")) {
         existing.state = "regressed";
         existing.resolvedAt = null;
       }
@@ -258,10 +258,11 @@ var IssueStore = class {
     return stateful;
   }
   /**
-   * Reconcile issues against the current analysis results using evidence-based resolution.
-   *
-   * @param currentIssueIds - IDs of issues detected in the current analysis cycle
-   * @param activeEndpoints - Endpoints that had requests in the current cycle
+   * Evidence-based reconciliation: for each active issue whose endpoint had
+   * traffic but the issue was NOT re-detected, increment cleanHitsSinceLastSeen.
+   * After CLEAN_HITS_FOR_RESOLUTION consecutive clean cycles, auto-resolve.
+   * Issues on endpoints with no recent traffic are marked stale after STALE_ISSUE_TTL_MS.
+   * Resolved and stale issues are pruned after their respective TTLs expire.
    */
   reconcile(currentIssueIds, activeEndpoints) {
     const now = Date.now();
@@ -391,11 +392,22 @@ import { readFile as readFile3, readdir } from "fs/promises";
 import { existsSync as existsSync4 } from "fs";
 import { join as join2, relative } from "path";
 var FRAMEWORKS = [
+  // Meta-frameworks first (they bundle Express/Vite internally)
   { name: "nextjs", dep: "next", devCmd: "next dev", bin: "next", defaultPort: 3e3, devArgs: ["dev", "--port"] },
   { name: "remix", dep: "@remix-run/dev", devCmd: "remix dev", bin: "remix", defaultPort: 3e3, devArgs: ["dev"] },
   { name: "nuxt", dep: "nuxt", devCmd: "nuxt dev", bin: "nuxt", defaultPort: 3e3, devArgs: ["dev", "--port"] },
-  { name: "vite", dep: "vite", devCmd: "vite", bin: "vite", defaultPort: 5173, devArgs: ["--port"] },
-  { name: "astro", dep: "astro", devCmd: "astro dev", bin: "astro", defaultPort: 4321, devArgs: ["dev", "--port"] }
+  { name: "astro", dep: "astro", devCmd: "astro dev", bin: "astro", defaultPort: 4321, devArgs: ["dev", "--port"] },
+  { name: "nestjs", dep: "@nestjs/core", devCmd: "nest start", bin: "nest", defaultPort: 3e3, devArgs: ["--watch"] },
+  { name: "adonis", dep: "@adonisjs/core", devCmd: "node ace serve", bin: "ace", defaultPort: 3333, devArgs: ["serve", "--watch"] },
+  { name: "sails", dep: "sails", devCmd: "sails lift", bin: "sails", defaultPort: 1337, devArgs: ["lift"] },
+  // Server frameworks
+  { name: "hono", dep: "hono", devCmd: "node", bin: "node", defaultPort: 3e3 },
+  { name: "fastify", dep: "fastify", devCmd: "node", bin: "node", defaultPort: 3e3 },
+  { name: "koa", dep: "koa", devCmd: "node", bin: "node", defaultPort: 3e3 },
+  { name: "hapi", dep: "@hapi/hapi", devCmd: "node", bin: "node", defaultPort: 3e3 },
+  { name: "express", dep: "express", devCmd: "node", bin: "node", defaultPort: 3e3 },
+  // Bundlers (last — likely used alongside a framework above)
+  { name: "vite", dep: "vite", devCmd: "vite", bin: "vite", defaultPort: 5173, devArgs: ["--port"] }
 ];
 async function detectProject(rootDir) {
   const pkgPath = join2(rootDir, "package.json");
@@ -498,22 +510,124 @@ function unwrapResponse(parsed) {
 }
 
 // src/analysis/rules/patterns.ts
-var SECRET_KEYS = /^(password|passwd|secret|api_key|apiKey|api_secret|apiSecret|private_key|privateKey|client_secret|clientSecret)$/;
-var TOKEN_PARAMS = /^(token|api_key|apiKey|secret|password|access_token|session_id|sessionId)$/;
-var SAFE_PARAMS = /^(_rsc|__clerk_handshake|__clerk_db_jwt|callback|code|state|nonce|redirect_uri|utm_|fbclid|gclid)$/;
+var SECRET_KEY_SET = /* @__PURE__ */ new Set([
+  "password",
+  "passwd",
+  "secret",
+  "api_key",
+  "apiKey",
+  "api_secret",
+  "apiSecret",
+  "private_key",
+  "privateKey",
+  "client_secret",
+  "clientSecret"
+]);
+var SECRET_KEYS = { test: (s) => SECRET_KEY_SET.has(s) };
+var TOKEN_PARAM_SET = /* @__PURE__ */ new Set([
+  "token",
+  "api_key",
+  "apiKey",
+  "secret",
+  "password",
+  "access_token",
+  "session_id",
+  "sessionId"
+]);
+var TOKEN_PARAMS = { test: (s) => TOKEN_PARAM_SET.has(s) };
+var SAFE_PARAM_SET = /* @__PURE__ */ new Set([
+  "_rsc",
+  "__clerk_handshake",
+  "__clerk_db_jwt",
+  "callback",
+  "code",
+  "state",
+  "nonce",
+  "redirect_uri",
+  "utm_",
+  "fbclid",
+  "gclid"
+]);
+var SAFE_PARAMS = { test: (s) => SAFE_PARAM_SET.has(s) };
+var INTERNAL_ID_KEY_SET = /* @__PURE__ */ new Set([
+  "id",
+  "_id",
+  "userId",
+  "user_id",
+  "createdBy",
+  "updatedBy",
+  "organizationId",
+  "org_id",
+  "tenantId",
+  "tenant_id"
+]);
+var INTERNAL_ID_KEYS = { test: (s) => INTERNAL_ID_KEY_SET.has(s) };
+var INTERNAL_ID_SUFFIX = {
+  test: (s) => s.endsWith("Id") || s.endsWith("_id")
+};
+var SENSITIVE_FIELD_SET = /* @__PURE__ */ new Set([
+  "phone",
+  "phonenumber",
+  "phone_number",
+  "ssn",
+  "socialsecuritynumber",
+  "social_security_number",
+  "dateofbirth",
+  "date_of_birth",
+  "dob",
+  "address",
+  "streetaddress",
+  "street_address",
+  "creditcard",
+  "credit_card",
+  "cardnumber",
+  "card_number",
+  "bankaccount",
+  "bank_account",
+  "passport",
+  "passportnumber",
+  "passport_number",
+  "nationalid",
+  "national_id"
+]);
+var SENSITIVE_FIELD_NAMES = {
+  test: (s) => SENSITIVE_FIELD_SET.has(s.toLowerCase())
+};
+var SELF_SERVICE_SEGMENTS = /* @__PURE__ */ new Set(["me", "account", "profile", "settings", "self"]);
+var SELF_SERVICE_PATH = {
+  test: (path) => {
+    const segments = path.toLowerCase().split(/[/?#]/);
+    return segments.some((seg) => SELF_SERVICE_SEGMENTS.has(seg));
+  }
+};
+var MASKED_LITERALS = ["[REDACTED]", "[FILTERED]", "CHANGE_ME"];
+var MASKED_RE = {
+  test: (s) => {
+    const upper = s.toUpperCase();
+    if (MASKED_LITERALS.some((m) => upper.includes(m))) return true;
+    if (s.length > 0 && s.split("").every((c) => c === "*")) return true;
+    if (s.length >= 3 && s.split("").every((c) => c === "x" || c === "X")) return true;
+    return false;
+  }
+};
+var DB_PROTOCOLS = ["postgres://", "mysql://", "mongodb://", "redis://"];
+var DB_CONN_RE = {
+  test: (s) => DB_PROTOCOLS.some((p) => s.includes(p))
+};
+var SELECT_STAR_RE = {
+  test: (s) => {
+    const t = s.trimStart().toUpperCase();
+    return t.startsWith("SELECT *") || t.startsWith("SELECT	*");
+  }
+};
+var SELECT_DOT_STAR_RE = {
+  test: (s) => s.toUpperCase().includes(".* FROM")
+};
 var STACK_TRACE_RE = /at\s+.+\(.+:\d+:\d+\)|at\s+Module\._compile|at\s+Object\.<anonymous>|at\s+processTicksAndRejections|Traceback \(most recent call last\)|File ".+", line \d+/;
-var DB_CONN_RE = /(postgres|mysql|mongodb|redis):\/\//;
 var SQL_FRAGMENT_RE = /\b(SELECT\s+[\w.*]+\s+FROM|INSERT\s+INTO|UPDATE\s+\w+\s+SET|DELETE\s+FROM)\b/i;
 var SECRET_VAL_RE = /(api_key|apiKey|secret|token)\s*[:=]\s*["']?[A-Za-z0-9_\-.+/]{8,}/;
 var LOG_SECRET_RE = /(password|secret|token|api_key|apiKey)\s*[:=]\s*["']?[A-Za-z0-9_\-.+/]{8,}/i;
-var MASKED_RE = /^\*+$|\[REDACTED\]|\[FILTERED\]|CHANGE_ME|^x{3,}$/i;
 var EMAIL_RE = /[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}/;
-var INTERNAL_ID_KEYS = /^(id|_id|userId|user_id|createdBy|updatedBy|organizationId|org_id|tenantId|tenant_id)$/;
-var INTERNAL_ID_SUFFIX = /Id$|_id$/;
-var SELF_SERVICE_PATH = /\/(?:me|account|profile|settings|self)(?=\/|\?|#|$)/i;
-var SENSITIVE_FIELD_NAMES = /^(phone|phoneNumber|phone_number|ssn|socialSecurityNumber|social_security_number|dateOfBirth|date_of_birth|dob|address|streetAddress|street_address|creditCard|credit_card|cardNumber|card_number|bankAccount|bank_account|passport|passportNumber|passport_number|nationalId|national_id)$/i;
-var SELECT_STAR_RE = /^SELECT\s+\*/i;
-var SELECT_DOT_STAR_RE = /\.\*\s+FROM/i;
 var RULE_HINTS = {
   "exposed-secret": "Never include secret fields in API responses. Strip sensitive fields before returning.",
   "token-in-url": "Pass tokens in the Authorization header, not URL query parameters.",
@@ -1064,16 +1178,14 @@ var DASHBOARD_API_SECURITY = `${DASHBOARD_PREFIX}/api/security`;
 var DASHBOARD_API_TAB = `${DASHBOARD_PREFIX}/api/tab`;
 var DASHBOARD_API_FINDINGS = `${DASHBOARD_PREFIX}/api/findings`;
 var DASHBOARD_API_FINDINGS_REPORT = `${DASHBOARD_PREFIX}/api/findings/report`;
+var DASHBOARD_API_GRAPH = `${DASHBOARD_PREFIX}/api/graph`;
 var VALID_TABS_TUPLE = [
   "overview",
   "actions",
-  "requests",
-  "fetches",
-  "queries",
-  "errors",
-  "logs",
+  "insights",
   "performance",
-  "security"
+  "graph",
+  "explorer"
 ];
 var VALID_TABS = new Set(VALID_TABS_TUPLE);
 
@@ -1081,12 +1193,54 @@ var VALID_TABS = new Set(VALID_TABS_TUPLE);
 var RECOVERY_WINDOW_MS = 5 * 60 * 1e3;
 
 // src/utils/endpoint.ts
-var UUID_RE = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;
-var NUMERIC_ID_RE = /^\d+$/;
-var HEX_HASH_RE = /^[0-9a-f]{12,}$/i;
-var ALPHA_TOKEN_RE = /^(?=.*[a-zA-Z])(?=.*\d)[a-zA-Z0-9_-]{8,}$/;
+var UUID_LEN = 36;
+var MIN_HEX_LEN = 12;
+var MIN_TOKEN_LEN = 8;
+function isUUID(s) {
+  if (s.length !== UUID_LEN) return false;
+  for (let i = 0; i < s.length; i++) {
+    const c = s[i];
+    if (i === 8 || i === 13 || i === 18 || i === 23) {
+      if (c !== "-") return false;
+    } else {
+      if (!isHexChar(c)) return false;
+    }
+  }
+  return true;
+}
+function isHexChar(c) {
+  const code = c.charCodeAt(0);
+  return code >= 48 && code <= 57 || code >= 65 && code <= 70 || code >= 97 && code <= 102;
+}
+function isNumericId(s) {
+  if (s.length === 0) return false;
+  for (let i = 0; i < s.length; i++) {
+    const code = s.charCodeAt(i);
+    if (code < 48 || code > 57) return false;
+  }
+  return true;
+}
+function isHexHash(s) {
+  if (s.length < MIN_HEX_LEN) return false;
+  for (let i = 0; i < s.length; i++) {
+    if (!isHexChar(s[i])) return false;
+  }
+  return true;
+}
+function isAlphanumericToken(s) {
+  if (s.length < MIN_TOKEN_LEN) return false;
+  let hasLetter = false;
+  let hasDigit = false;
+  for (let i = 0; i < s.length; i++) {
+    const code = s.charCodeAt(i);
+    if (code >= 65 && code <= 90 || code >= 97 && code <= 122) hasLetter = true;
+    else if (code >= 48 && code <= 57) hasDigit = true;
+    else if (code !== 95 && code !== 45) return false;
+  }
+  return hasLetter && hasDigit;
+}
 function isDynamicSegment(segment) {
-  return UUID_RE.test(segment) || NUMERIC_ID_RE.test(segment) || HEX_HASH_RE.test(segment) || ALPHA_TOKEN_RE.test(segment);
+  return isUUID(segment) || isNumericId(segment) || isHexHash(segment) || isAlphanumericToken(segment);
 }
 var DYNAMIC_SEGMENT_PLACEHOLDER = ":id";
 function normalizePath(path) {
@@ -1097,9 +1251,12 @@ function normalizePath(path) {
 function getEndpointKey(method, path) {
   return `${method} ${normalizePath(path)}`;
 }
-var ENDPOINT_PREFIX_RE = /^(\S+\s+\S+)/;
 function extractEndpointFromDesc(desc) {
-  return desc.match(ENDPOINT_PREFIX_RE)?.[1] ?? null;
+  const spaceIdx = desc.indexOf(" ");
+  if (spaceIdx <= 0) return null;
+  const secondSpace = desc.indexOf(" ", spaceIdx + 1);
+  if (secondSpace === -1) return desc;
+  return desc.slice(0, secondSpace);
 }
 function stripQueryString(path) {
   const i = path.indexOf("?");
@@ -1107,6 +1264,10 @@ function stripQueryString(path) {
 }
 
 // src/analysis/categorize.ts
+function isAuthPath(path) {
+  const lower = path.toLowerCase();
+  return lower.startsWith("/api/auth") || lower.startsWith("/clerk") || lower.startsWith("/api/clerk");
+}
 function detectCategory(req) {
   const { method, url, statusCode, responseHeaders } = req;
   if (req.isStatic) return "static";
@@ -1115,7 +1276,7 @@ function detectCategory(req) {
     return "auth-handshake";
   }
   const effectivePath = getEffectivePath(req);
-  if (/^\/api\/auth/i.test(effectivePath) || /^\/(api\/)?clerk/i.test(effectivePath)) {
+  if (isAuthPath(effectivePath)) {
     return "auth-check";
   }
   if (method === "POST" && !effectivePath.startsWith("/api/")) {
@@ -1205,8 +1366,11 @@ function generateHumanLabel(req, category) {
       return failed ? `${req.method} ${req.path} failed` : `${req.method} ${req.path}`;
   }
 }
+function stripApiPrefix(s) {
+  return s.startsWith("/api/") ? s.slice(5) : s;
+}
 function prettifyEndpoint(name) {
-  const cleaned = name.replace(/^\/api\//, "").replace(/\//g, " ").replace(/\.\.\./g, "").trim();
+  const cleaned = stripApiPrefix(name).split("/").join(" ").split("...").join("").trim();
   if (!cleaned) return "data";
   return cleaned.split(" ").map((word) => {
     if (word.endsWith("ses") || word.endsWith("us") || word.endsWith("ss"))
@@ -1216,24 +1380,28 @@ function prettifyEndpoint(name) {
     return word;
   }).join(" ");
 }
+var VERB_MAP = [
+  ["enhance", "Enhanced"],
+  ["generate", "Generated"],
+  ["create", "Created"],
+  ["update", "Updated"],
+  ["delete", "Deleted"],
+  ["remove", "Deleted"],
+  ["send", "Sent"],
+  ["upload", "Uploaded"],
+  ["save", "Saved"],
+  ["submit", "Submitted"],
+  ["login", "Logged in"],
+  ["signin", "Logged in"],
+  ["logout", "Logged out"],
+  ["signout", "Logged out"],
+  ["register", "Registered"],
+  ["signup", "Registered"]
+];
 function deriveActionVerb(method, endpointName) {
   const lower = endpointName.toLowerCase();
-  const VERB_PATTERNS = [
-    [/enhance/, "Enhanced"],
-    [/generate/, "Generated"],
-    [/create/, "Created"],
-    [/update/, "Updated"],
-    [/delete|remove/, "Deleted"],
-    [/send/, "Sent"],
-    [/upload/, "Uploaded"],
-    [/save/, "Saved"],
-    [/submit/, "Submitted"],
-    [/login|signin/, "Logged in"],
-    [/logout|signout/, "Logged out"],
-    [/register|signup/, "Registered"]
-  ];
-  for (const [pattern, verb] of VERB_PATTERNS) {
-    if (pattern.test(lower)) return verb;
+  for (const [keyword, verb] of VERB_MAP) {
+    if (lower.includes(keyword)) return verb;
   }
   switch (method) {
     case "POST":
@@ -1248,14 +1416,16 @@ function deriveActionVerb(method, endpointName) {
   }
 }
 function getEndpointName(path) {
-  const parts = path.replace(/^\/api\//, "").split("/");
+  const parts = stripApiPrefix(path).split("/");
   if (parts.length <= 2) return parts.join("/");
   return parts.map((p) => p.length > ENDPOINT_TRUNCATE_LENGTH ? "..." : p).join("/");
 }
 function prettifyPageName(path) {
-  const clean = path.replace(/^\//, "").replace(/\/$/, "");
+  let clean = path;
+  if (clean.startsWith("/")) clean = clean.slice(1);
+  if (clean.endsWith("/")) clean = clean.slice(0, -1);
   if (!clean) return "Home";
-  return clean.split("/").map((s) => capitalize(s.replace(/[-_]/g, " "))).join(" ");
+  return clean.split("/").map((s) => capitalize(s.split("-").join(" ").split("_").join(" "))).join(" ");
 }
 function capitalize(s) {
   return s.charAt(0).toUpperCase() + s.slice(1);
@@ -1488,7 +1658,15 @@ var TABLE_RE = /(?:FROM|INTO|UPDATE)\s+(?:"?\w+"?\.)?"?(\w+)"?/i;
 function normalizeSQL(sql) {
   if (!sql) return { op: "OTHER", table: "" };
   const trimmed = sql.trim();
-  const keyword = trimmed.split(/\s+/, 1)[0].toUpperCase();
+  let spaceIdx = -1;
+  for (let i = 0; i < trimmed.length; i++) {
+    const c = trimmed[i];
+    if (c === " " || c === "	" || c === "\n" || c === "\r") {
+      spaceIdx = i;
+      break;
+    }
+  }
+  const keyword = (spaceIdx === -1 ? trimmed : trimmed.slice(0, spaceIdx)).toUpperCase();
   const op = VALID_OPS.has(keyword) ? keyword : "OTHER";
   const table = trimmed.match(TABLE_RE)?.[1] ?? "";
   return { op, table };
@@ -2241,7 +2419,7 @@ var AnalysisEngine = class {
 };
 
 // src/index.ts
-var VERSION = "0.9.2";
+var VERSION = "0.10.1";
 export {
   AdapterRegistry,
   AnalysisEngine,