npm - codesift-mcp - Versions diffs - 0.3.0 → 0.5.0 - Mend

codesift-mcp 0.3.0 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (543) hide show

package/README.md +215 -23
package/dist/cache/hono-cache.d.ts +50 -0
package/dist/cache/hono-cache.d.ts.map +1 -0
package/dist/cache/hono-cache.js +132 -0
package/dist/cache/hono-cache.js.map +1 -0
package/dist/cli/help.d.ts.map +1 -1
package/dist/cli/help.js +8 -6
package/dist/cli/help.js.map +1 -1
package/dist/cli/platform.d.ts.map +1 -1
package/dist/cli/platform.js +12 -14
package/dist/cli/platform.js.map +1 -1
package/dist/cli/setup.d.ts +1 -1
package/dist/cli/setup.d.ts.map +1 -1
package/dist/cli/setup.js +27 -3
package/dist/cli/setup.js.map +1 -1
package/dist/formatters-shortening.d.ts +13 -0
package/dist/formatters-shortening.d.ts.map +1 -1
package/dist/formatters-shortening.js +131 -0
package/dist/formatters-shortening.js.map +1 -1
package/dist/formatters.d.ts +38 -0
package/dist/formatters.d.ts.map +1 -1
package/dist/formatters.js +521 -0
package/dist/formatters.js.map +1 -1
package/dist/instructions.d.ts +1 -1
package/dist/instructions.d.ts.map +1 -1
package/dist/instructions.js +39 -38
package/dist/instructions.js.map +1 -1
package/dist/lsp/lsp-servers.d.ts.map +1 -1
package/dist/lsp/lsp-servers.js +5 -0
package/dist/lsp/lsp-servers.js.map +1 -1
package/dist/lsp/lsp-tools.d.ts.map +1 -1
package/dist/lsp/lsp-tools.js +1 -0
package/dist/lsp/lsp-tools.js.map +1 -1
package/dist/parser/astro-template.d.ts +47 -0
package/dist/parser/astro-template.d.ts.map +1 -0
package/dist/parser/astro-template.js +171 -0
package/dist/parser/astro-template.js.map +1 -0
package/dist/parser/extractors/_shared.d.ts +4 -0
package/dist/parser/extractors/_shared.d.ts.map +1 -1
package/dist/parser/extractors/_shared.js +8 -0
package/dist/parser/extractors/_shared.js.map +1 -1
package/dist/parser/extractors/astro.d.ts +4 -5
package/dist/parser/extractors/astro.d.ts.map +1 -1
package/dist/parser/extractors/astro.js +102 -26
package/dist/parser/extractors/astro.js.map +1 -1
package/dist/parser/extractors/gradle-kts.d.ts +4 -0
package/dist/parser/extractors/gradle-kts.d.ts.map +1 -0
package/dist/parser/extractors/gradle-kts.js +246 -0
package/dist/parser/extractors/gradle-kts.js.map +1 -0
package/dist/parser/extractors/hono-inline-analyzer.d.ts +34 -0
package/dist/parser/extractors/hono-inline-analyzer.d.ts.map +1 -0
package/dist/parser/extractors/hono-inline-analyzer.js +465 -0
package/dist/parser/extractors/hono-inline-analyzer.js.map +1 -0
package/dist/parser/extractors/hono-model.d.ts +196 -0
package/dist/parser/extractors/hono-model.d.ts.map +1 -0
package/dist/parser/extractors/hono-model.js +10 -0
package/dist/parser/extractors/hono-model.js.map +1 -0
package/dist/parser/extractors/hono.d.ts +118 -0
package/dist/parser/extractors/hono.d.ts.map +1 -0
package/dist/parser/extractors/hono.js +1527 -0
package/dist/parser/extractors/hono.js.map +1 -0
package/dist/parser/extractors/kotlin.d.ts +4 -0
package/dist/parser/extractors/kotlin.d.ts.map +1 -0
package/dist/parser/extractors/kotlin.js +521 -0
package/dist/parser/extractors/kotlin.js.map +1 -0
package/dist/parser/extractors/php.d.ts +22 -0
package/dist/parser/extractors/php.d.ts.map +1 -0
package/dist/parser/extractors/php.js +334 -0
package/dist/parser/extractors/php.js.map +1 -0
package/dist/parser/extractors/python.d.ts.map +1 -1
package/dist/parser/extractors/python.js +234 -11
package/dist/parser/extractors/python.js.map +1 -1
package/dist/parser/extractors/sql.d.ts +33 -0
package/dist/parser/extractors/sql.d.ts.map +1 -0
package/dist/parser/extractors/sql.js +506 -0
package/dist/parser/extractors/sql.js.map +1 -0
package/dist/parser/extractors/typescript.d.ts.map +1 -1
package/dist/parser/extractors/typescript.js +209 -3
package/dist/parser/extractors/typescript.js.map +1 -1
package/dist/parser/languages/tree-sitter-javascript.wasm +0 -0
package/dist/parser/languages/tree-sitter-kotlin.wasm +0 -0
package/dist/parser/languages/tree-sitter-php.wasm +0 -0
package/dist/parser/languages/tree-sitter-php_only.wasm +0 -0
package/dist/parser/languages/tree-sitter-python.wasm +0 -0
package/dist/parser/parse-cache.d.ts +39 -0
package/dist/parser/parse-cache.d.ts.map +1 -0
package/dist/parser/parse-cache.js +87 -0
package/dist/parser/parse-cache.js.map +1 -0
package/dist/parser/parser-manager.d.ts +32 -0
package/dist/parser/parser-manager.d.ts.map +1 -1
package/dist/parser/parser-manager.js +93 -3
package/dist/parser/parser-manager.js.map +1 -1
package/dist/parser/symbol-extractor.d.ts.map +1 -1
package/dist/parser/symbol-extractor.js +16 -0
package/dist/parser/symbol-extractor.js.map +1 -1
package/dist/register-tools.d.ts +38 -2
package/dist/register-tools.d.ts.map +1 -1
package/dist/register-tools.js +2444 -195
package/dist/register-tools.js.map +1 -1
package/dist/search/reranker.js +1 -1
package/dist/search/reranker.js.map +1 -1
package/dist/search/tool-ranker.d.ts +90 -0
package/dist/search/tool-ranker.d.ts.map +1 -0
package/dist/search/tool-ranker.js +420 -0
package/dist/search/tool-ranker.js.map +1 -0
package/dist/server-helpers.d.ts.map +1 -1
package/dist/server-helpers.js +11 -0
package/dist/server-helpers.js.map +1 -1
package/dist/server.js +47 -14
package/dist/server.js.map +1 -1
package/dist/storage/index-store.d.ts +15 -1
package/dist/storage/index-store.d.ts.map +1 -1
package/dist/storage/index-store.js +27 -1
package/dist/storage/index-store.js.map +1 -1
package/dist/storage/session-state.d.ts +1 -1
package/dist/storage/session-state.d.ts.map +1 -1
package/dist/storage/session-state.js +6 -4
package/dist/storage/session-state.js.map +1 -1
package/dist/storage/usage-tracker.d.ts.map +1 -1
package/dist/storage/usage-tracker.js +4 -1
package/dist/storage/usage-tracker.js.map +1 -1
package/dist/tools/agent-config-tools.d.ts +24 -0
package/dist/tools/agent-config-tools.d.ts.map +1 -0
package/dist/tools/agent-config-tools.js +119 -0
package/dist/tools/agent-config-tools.js.map +1 -0
package/dist/tools/architecture-tools.d.ts +23 -0
package/dist/tools/architecture-tools.d.ts.map +1 -0
package/dist/tools/architecture-tools.js +140 -0
package/dist/tools/architecture-tools.js.map +1 -0
package/dist/tools/astro-actions.d.ts +54 -0
package/dist/tools/astro-actions.d.ts.map +1 -0
package/dist/tools/astro-actions.js +561 -0
package/dist/tools/astro-actions.js.map +1 -0
package/dist/tools/astro-audit.d.ts +87 -0
package/dist/tools/astro-audit.d.ts.map +1 -0
package/dist/tools/astro-audit.js +345 -0
package/dist/tools/astro-audit.js.map +1 -0
package/dist/tools/astro-config.d.ts +33 -0
package/dist/tools/astro-config.d.ts.map +1 -0
package/dist/tools/astro-config.js +260 -0
package/dist/tools/astro-config.js.map +1 -0
package/dist/tools/astro-content-collections.d.ts +44 -0
package/dist/tools/astro-content-collections.d.ts.map +1 -0
package/dist/tools/astro-content-collections.js +630 -0
package/dist/tools/astro-content-collections.js.map +1 -0
package/dist/tools/astro-islands.d.ts +63 -0
package/dist/tools/astro-islands.d.ts.map +1 -0
package/dist/tools/astro-islands.js +255 -0
package/dist/tools/astro-islands.js.map +1 -0
package/dist/tools/astro-migration.d.ts +31 -0
package/dist/tools/astro-migration.d.ts.map +1 -0
package/dist/tools/astro-migration.js +378 -0
package/dist/tools/astro-migration.js.map +1 -0
package/dist/tools/astro-routes.d.ts +49 -0
package/dist/tools/astro-routes.d.ts.map +1 -0
package/dist/tools/astro-routes.js +119 -0
package/dist/tools/astro-routes.js.map +1 -0
package/dist/tools/async-correctness.d.ts +26 -0
package/dist/tools/async-correctness.d.ts.map +1 -0
package/dist/tools/async-correctness.js +166 -0
package/dist/tools/async-correctness.js.map +1 -0
package/dist/tools/audit-tools.d.ts +38 -0
package/dist/tools/audit-tools.d.ts.map +1 -0
package/dist/tools/audit-tools.js +248 -0
package/dist/tools/audit-tools.js.map +1 -0
package/dist/tools/celery-tools.d.ts +38 -0
package/dist/tools/celery-tools.d.ts.map +1 -0
package/dist/tools/celery-tools.js +154 -0
package/dist/tools/celery-tools.js.map +1 -0
package/dist/tools/clone-tools.js +1 -1
package/dist/tools/clone-tools.js.map +1 -1
package/dist/tools/complexity-tools.d.ts +4 -0
package/dist/tools/complexity-tools.d.ts.map +1 -1
package/dist/tools/complexity-tools.js +78 -4
package/dist/tools/complexity-tools.js.map +1 -1
package/dist/tools/compose-tools.d.ts +60 -0
package/dist/tools/compose-tools.d.ts.map +1 -0
package/dist/tools/compose-tools.js +203 -0
package/dist/tools/compose-tools.js.map +1 -0
package/dist/tools/coupling-tools.d.ts +50 -0
package/dist/tools/coupling-tools.d.ts.map +1 -0
package/dist/tools/coupling-tools.js +262 -0
package/dist/tools/coupling-tools.js.map +1 -0
package/dist/tools/dependency-audit-tools.d.ts +65 -0
package/dist/tools/dependency-audit-tools.d.ts.map +1 -0
package/dist/tools/dependency-audit-tools.js +553 -0
package/dist/tools/dependency-audit-tools.js.map +1 -0
package/dist/tools/django-settings.d.ts +22 -0
package/dist/tools/django-settings.d.ts.map +1 -0
package/dist/tools/django-settings.js +301 -0
package/dist/tools/django-settings.js.map +1 -0
package/dist/tools/django-view-security-tools.d.ts +32 -0
package/dist/tools/django-view-security-tools.d.ts.map +1 -0
package/dist/tools/django-view-security-tools.js +184 -0
package/dist/tools/django-view-security-tools.js.map +1 -0
package/dist/tools/fastapi-depends.d.ts +63 -0
package/dist/tools/fastapi-depends.d.ts.map +1 -0
package/dist/tools/fastapi-depends.js +191 -0
package/dist/tools/fastapi-depends.js.map +1 -0
package/dist/tools/frequency-tools.js +1 -1
package/dist/tools/frequency-tools.js.map +1 -1
package/dist/tools/graph-tools.d.ts +8 -2
package/dist/tools/graph-tools.d.ts.map +1 -1
package/dist/tools/graph-tools.js +44 -3
package/dist/tools/graph-tools.js.map +1 -1
package/dist/tools/hilt-tools.d.ts +55 -0
package/dist/tools/hilt-tools.d.ts.map +1 -0
package/dist/tools/hilt-tools.js +258 -0
package/dist/tools/hilt-tools.js.map +1 -0
package/dist/tools/hono-analyze-app.d.ts +48 -0
package/dist/tools/hono-analyze-app.d.ts.map +1 -0
package/dist/tools/hono-analyze-app.js +94 -0
package/dist/tools/hono-analyze-app.js.map +1 -0
package/dist/tools/hono-api-contract.d.ts +22 -0
package/dist/tools/hono-api-contract.d.ts.map +1 -0
package/dist/tools/hono-api-contract.js +112 -0
package/dist/tools/hono-api-contract.js.map +1 -0
package/dist/tools/hono-conditional-middleware.d.ts +27 -0
package/dist/tools/hono-conditional-middleware.d.ts.map +1 -0
package/dist/tools/hono-conditional-middleware.js +62 -0
package/dist/tools/hono-conditional-middleware.js.map +1 -0
package/dist/tools/hono-context-flow.d.ts +24 -0
package/dist/tools/hono-context-flow.d.ts.map +1 -0
package/dist/tools/hono-context-flow.js +70 -0
package/dist/tools/hono-context-flow.js.map +1 -0
package/dist/tools/hono-dead-routes.d.ts +26 -0
package/dist/tools/hono-dead-routes.d.ts.map +1 -0
package/dist/tools/hono-dead-routes.js +102 -0
package/dist/tools/hono-dead-routes.js.map +1 -0
package/dist/tools/hono-entry-resolver.d.ts +27 -0
package/dist/tools/hono-entry-resolver.d.ts.map +1 -0
package/dist/tools/hono-entry-resolver.js +31 -0
package/dist/tools/hono-entry-resolver.js.map +1 -0
package/dist/tools/hono-env-regression.d.ts +29 -0
package/dist/tools/hono-env-regression.d.ts.map +1 -0
package/dist/tools/hono-env-regression.js +157 -0
package/dist/tools/hono-env-regression.js.map +1 -0
package/dist/tools/hono-inline-analyze.d.ts +31 -0
package/dist/tools/hono-inline-analyze.d.ts.map +1 -0
package/dist/tools/hono-inline-analyze.js +59 -0
package/dist/tools/hono-inline-analyze.js.map +1 -0
package/dist/tools/hono-middleware-chain.d.ts +40 -0
package/dist/tools/hono-middleware-chain.d.ts.map +1 -0
package/dist/tools/hono-middleware-chain.js +121 -0
package/dist/tools/hono-middleware-chain.js.map +1 -0
package/dist/tools/hono-modules.d.ts +22 -0
package/dist/tools/hono-modules.d.ts.map +1 -0
package/dist/tools/hono-modules.js +118 -0
package/dist/tools/hono-modules.js.map +1 -0
package/dist/tools/hono-response-types.d.ts +37 -0
package/dist/tools/hono-response-types.d.ts.map +1 -0
package/dist/tools/hono-response-types.js +76 -0
package/dist/tools/hono-response-types.js.map +1 -0
package/dist/tools/hono-rpc-types.d.ts +21 -0
package/dist/tools/hono-rpc-types.d.ts.map +1 -0
package/dist/tools/hono-rpc-types.js +49 -0
package/dist/tools/hono-rpc-types.js.map +1 -0
package/dist/tools/hono-security.d.ts +31 -0
package/dist/tools/hono-security.d.ts.map +1 -0
package/dist/tools/hono-security.js +269 -0
package/dist/tools/hono-security.js.map +1 -0
package/dist/tools/hono-visualize.d.ts +13 -0
package/dist/tools/hono-visualize.d.ts.map +1 -0
package/dist/tools/hono-visualize.js +64 -0
package/dist/tools/hono-visualize.js.map +1 -0
package/dist/tools/hotspot-tools.d.ts.map +1 -1
package/dist/tools/hotspot-tools.js +9 -7
package/dist/tools/hotspot-tools.js.map +1 -1
package/dist/tools/index-tools.d.ts +17 -0
package/dist/tools/index-tools.d.ts.map +1 -1
package/dist/tools/index-tools.js +210 -10
package/dist/tools/index-tools.js.map +1 -1
package/dist/tools/kotlin-tools.d.ts +142 -0
package/dist/tools/kotlin-tools.d.ts.map +1 -0
package/dist/tools/kotlin-tools.js +572 -0
package/dist/tools/kotlin-tools.js.map +1 -0
package/dist/tools/legacy-hono-conventions.d.ts +14 -0
package/dist/tools/legacy-hono-conventions.d.ts.map +1 -0
package/dist/tools/legacy-hono-conventions.js +152 -0
package/dist/tools/legacy-hono-conventions.js.map +1 -0
package/dist/tools/migration-lint-tools.d.ts +26 -0
package/dist/tools/migration-lint-tools.d.ts.map +1 -0
package/dist/tools/migration-lint-tools.js +247 -0
package/dist/tools/migration-lint-tools.js.map +1 -0
package/dist/tools/model-tools.d.ts +30 -0
package/dist/tools/model-tools.d.ts.map +1 -0
package/dist/tools/model-tools.js +145 -0
package/dist/tools/model-tools.js.map +1 -0
package/dist/tools/nest-ext-tools.d.ts +207 -0
package/dist/tools/nest-ext-tools.d.ts.map +1 -0
package/dist/tools/nest-ext-tools.js +752 -0
package/dist/tools/nest-ext-tools.js.map +1 -0
package/dist/tools/nest-tools.d.ts +198 -0
package/dist/tools/nest-tools.d.ts.map +1 -0
package/dist/tools/nest-tools.js +1142 -0
package/dist/tools/nest-tools.js.map +1 -0
package/dist/tools/nextjs-api-contract-readers.d.ts +14 -0
package/dist/tools/nextjs-api-contract-readers.d.ts.map +1 -0
package/dist/tools/nextjs-api-contract-readers.js +204 -0
package/dist/tools/nextjs-api-contract-readers.js.map +1 -0
package/dist/tools/nextjs-api-contract-tools.d.ts +57 -0
package/dist/tools/nextjs-api-contract-tools.d.ts.map +1 -0
package/dist/tools/nextjs-api-contract-tools.js +144 -0
package/dist/tools/nextjs-api-contract-tools.js.map +1 -0
package/dist/tools/nextjs-boundary-tools.d.ts +39 -0
package/dist/tools/nextjs-boundary-tools.d.ts.map +1 -0
package/dist/tools/nextjs-boundary-tools.js +152 -0
package/dist/tools/nextjs-boundary-tools.js.map +1 -0
package/dist/tools/nextjs-component-readers.d.ts +101 -0
package/dist/tools/nextjs-component-readers.d.ts.map +1 -0
package/dist/tools/nextjs-component-readers.js +287 -0
package/dist/tools/nextjs-component-readers.js.map +1 -0
package/dist/tools/nextjs-component-tools.d.ts +51 -0
package/dist/tools/nextjs-component-tools.d.ts.map +1 -0
package/dist/tools/nextjs-component-tools.js +212 -0
package/dist/tools/nextjs-component-tools.js.map +1 -0
package/dist/tools/nextjs-data-flow-tools.d.ts +42 -0
package/dist/tools/nextjs-data-flow-tools.d.ts.map +1 -0
package/dist/tools/nextjs-data-flow-tools.js +158 -0
package/dist/tools/nextjs-data-flow-tools.js.map +1 -0
package/dist/tools/nextjs-framework-audit-tools.d.ts +60 -0
package/dist/tools/nextjs-framework-audit-tools.d.ts.map +1 -0
package/dist/tools/nextjs-framework-audit-tools.js +394 -0
package/dist/tools/nextjs-framework-audit-tools.js.map +1 -0
package/dist/tools/nextjs-link-tools.d.ts +41 -0
package/dist/tools/nextjs-link-tools.d.ts.map +1 -0
package/dist/tools/nextjs-link-tools.js +157 -0
package/dist/tools/nextjs-link-tools.js.map +1 -0
package/dist/tools/nextjs-metadata-tools.d.ts +74 -0
package/dist/tools/nextjs-metadata-tools.d.ts.map +1 -0
package/dist/tools/nextjs-metadata-tools.js +252 -0
package/dist/tools/nextjs-metadata-tools.js.map +1 -0
package/dist/tools/nextjs-middleware-coverage-tools.d.ts +41 -0
package/dist/tools/nextjs-middleware-coverage-tools.d.ts.map +1 -0
package/dist/tools/nextjs-middleware-coverage-tools.js +88 -0
package/dist/tools/nextjs-middleware-coverage-tools.js.map +1 -0
package/dist/tools/nextjs-route-readers.d.ts +81 -0
package/dist/tools/nextjs-route-readers.d.ts.map +1 -0
package/dist/tools/nextjs-route-readers.js +340 -0
package/dist/tools/nextjs-route-readers.js.map +1 -0
package/dist/tools/nextjs-route-tools.d.ts +36 -0
package/dist/tools/nextjs-route-tools.d.ts.map +1 -0
package/dist/tools/nextjs-route-tools.js +175 -0
package/dist/tools/nextjs-route-tools.js.map +1 -0
package/dist/tools/nextjs-security-readers.d.ts +22 -0
package/dist/tools/nextjs-security-readers.d.ts.map +1 -0
package/dist/tools/nextjs-security-readers.js +318 -0
package/dist/tools/nextjs-security-readers.js.map +1 -0
package/dist/tools/nextjs-security-scoring.d.ts +15 -0
package/dist/tools/nextjs-security-scoring.d.ts.map +1 -0
package/dist/tools/nextjs-security-scoring.js +65 -0
package/dist/tools/nextjs-security-scoring.js.map +1 -0
package/dist/tools/nextjs-security-tools.d.ts +75 -0
package/dist/tools/nextjs-security-tools.d.ts.map +1 -0
package/dist/tools/nextjs-security-tools.js +153 -0
package/dist/tools/nextjs-security-tools.js.map +1 -0
package/dist/tools/nextjs-tools.d.ts +15 -0
package/dist/tools/nextjs-tools.d.ts.map +1 -0
package/dist/tools/nextjs-tools.js +15 -0
package/dist/tools/nextjs-tools.js.map +1 -0
package/dist/tools/outline-tools.d.ts.map +1 -1
package/dist/tools/outline-tools.js +20 -0
package/dist/tools/outline-tools.js.map +1 -1
package/dist/tools/pattern-tools.d.ts +8 -0
package/dist/tools/pattern-tools.d.ts.map +1 -1
package/dist/tools/pattern-tools.js +651 -3
package/dist/tools/pattern-tools.js.map +1 -1
package/dist/tools/perf-tools.d.ts +32 -0
package/dist/tools/perf-tools.d.ts.map +1 -0
package/dist/tools/perf-tools.js +227 -0
package/dist/tools/perf-tools.js.map +1 -0
package/dist/tools/php-tools.d.ts +185 -0
package/dist/tools/php-tools.d.ts.map +1 -0
package/dist/tools/php-tools.js +645 -0
package/dist/tools/php-tools.js.map +1 -0
package/dist/tools/plan-turn-tools.d.ts +89 -0
package/dist/tools/plan-turn-tools.d.ts.map +1 -0
package/dist/tools/plan-turn-tools.js +508 -0
package/dist/tools/plan-turn-tools.js.map +1 -0
package/dist/tools/prisma-schema-tools.d.ts +44 -0
package/dist/tools/prisma-schema-tools.d.ts.map +1 -0
package/dist/tools/prisma-schema-tools.js +358 -0
package/dist/tools/prisma-schema-tools.js.map +1 -0
package/dist/tools/project-tools.d.ts +116 -7
package/dist/tools/project-tools.d.ts.map +1 -1
package/dist/tools/project-tools.js +595 -218
package/dist/tools/project-tools.js.map +1 -1
package/dist/tools/pydantic-models.d.ts +46 -0
package/dist/tools/pydantic-models.d.ts.map +1 -0
package/dist/tools/pydantic-models.js +249 -0
package/dist/tools/pydantic-models.js.map +1 -0
package/dist/tools/pyproject-tools.d.ts +23 -0
package/dist/tools/pyproject-tools.d.ts.map +1 -0
package/dist/tools/pyproject-tools.js +133 -0
package/dist/tools/pyproject-tools.js.map +1 -0
package/dist/tools/pytest-tools.d.ts +20 -0
package/dist/tools/pytest-tools.d.ts.map +1 -0
package/dist/tools/pytest-tools.js +106 -0
package/dist/tools/pytest-tools.js.map +1 -0
package/dist/tools/python-audit.d.ts +40 -0
package/dist/tools/python-audit.d.ts.map +1 -0
package/dist/tools/python-audit.js +244 -0
package/dist/tools/python-audit.js.map +1 -0
package/dist/tools/python-callers.d.ts +28 -0
package/dist/tools/python-callers.d.ts.map +1 -0
package/dist/tools/python-callers.js +110 -0
package/dist/tools/python-callers.js.map +1 -0
package/dist/tools/python-circular-imports.d.ts +19 -0
package/dist/tools/python-circular-imports.d.ts.map +1 -0
package/dist/tools/python-circular-imports.js +126 -0
package/dist/tools/python-circular-imports.js.map +1 -0
package/dist/tools/python-constants-tools.d.ts +44 -0
package/dist/tools/python-constants-tools.d.ts.map +1 -0
package/dist/tools/python-constants-tools.js +525 -0
package/dist/tools/python-constants-tools.js.map +1 -0
package/dist/tools/python-deps-analyzer.d.ts +46 -0
package/dist/tools/python-deps-analyzer.d.ts.map +1 -0
package/dist/tools/python-deps-analyzer.js +227 -0
package/dist/tools/python-deps-analyzer.js.map +1 -0
package/dist/tools/query-tools.d.ts +23 -0
package/dist/tools/query-tools.d.ts.map +1 -0
package/dist/tools/query-tools.js +256 -0
package/dist/tools/query-tools.js.map +1 -0
package/dist/tools/react-tools.d.ts +263 -0
package/dist/tools/react-tools.d.ts.map +1 -0
package/dist/tools/react-tools.js +839 -0
package/dist/tools/react-tools.js.map +1 -0
package/dist/tools/report-tools.js +47 -0
package/dist/tools/report-tools.js.map +1 -1
package/dist/tools/review-diff-tools.d.ts +5 -4
package/dist/tools/review-diff-tools.d.ts.map +1 -1
package/dist/tools/review-diff-tools.js +157 -66
package/dist/tools/review-diff-tools.js.map +1 -1
package/dist/tools/room-tools.d.ts +36 -0
package/dist/tools/room-tools.d.ts.map +1 -0
package/dist/tools/room-tools.js +147 -0
package/dist/tools/room-tools.js.map +1 -0
package/dist/tools/route-tools.d.ts +27 -1
package/dist/tools/route-tools.d.ts.map +1 -1
package/dist/tools/route-tools.js +744 -18
package/dist/tools/route-tools.js.map +1 -1
package/dist/tools/ruff-tools.d.ts +32 -0
package/dist/tools/ruff-tools.d.ts.map +1 -0
package/dist/tools/ruff-tools.js +114 -0
package/dist/tools/ruff-tools.js.map +1 -0
package/dist/tools/search-ranker.d.ts.map +1 -1
package/dist/tools/search-ranker.js +7 -0
package/dist/tools/search-ranker.js.map +1 -1
package/dist/tools/search-tools.d.ts +3 -2
package/dist/tools/search-tools.d.ts.map +1 -1
package/dist/tools/search-tools.js +16 -3
package/dist/tools/search-tools.js.map +1 -1
package/dist/tools/serialization-tools.d.ts +24 -0
package/dist/tools/serialization-tools.d.ts.map +1 -0
package/dist/tools/serialization-tools.js +156 -0
package/dist/tools/serialization-tools.js.map +1 -0
package/dist/tools/sql-tools.d.ts +274 -0
package/dist/tools/sql-tools.d.ts.map +1 -0
package/dist/tools/sql-tools.js +1160 -0
package/dist/tools/sql-tools.js.map +1 -0
package/dist/tools/status-tools.d.ts +10 -0
package/dist/tools/status-tools.d.ts.map +1 -0
package/dist/tools/status-tools.js +32 -0
package/dist/tools/status-tools.js.map +1 -0
package/dist/tools/symbol-tools.d.ts +19 -0
package/dist/tools/symbol-tools.d.ts.map +1 -1
package/dist/tools/symbol-tools.js +75 -4
package/dist/tools/symbol-tools.js.map +1 -1
package/dist/tools/taint-tools.d.ts +43 -0
package/dist/tools/taint-tools.d.ts.map +1 -0
package/dist/tools/taint-tools.js +922 -0
package/dist/tools/taint-tools.js.map +1 -0
package/dist/tools/test-impact-tools.d.ts +29 -0
package/dist/tools/test-impact-tools.d.ts.map +1 -0
package/dist/tools/test-impact-tools.js +156 -0
package/dist/tools/test-impact-tools.js.map +1 -0
package/dist/tools/typecheck-tools.d.ts +39 -0
package/dist/tools/typecheck-tools.d.ts.map +1 -0
package/dist/tools/typecheck-tools.js +191 -0
package/dist/tools/typecheck-tools.js.map +1 -0
package/dist/tools/wiring-tools.d.ts +19 -0
package/dist/tools/wiring-tools.d.ts.map +1 -0
package/dist/tools/wiring-tools.js +147 -0
package/dist/tools/wiring-tools.js.map +1 -0
package/dist/types.d.ts +9 -1
package/dist/types.d.ts.map +1 -1
package/dist/utils/framework-detect.d.ts +18 -2
package/dist/utils/framework-detect.d.ts.map +1 -1
package/dist/utils/framework-detect.js +150 -3
package/dist/utils/framework-detect.js.map +1 -1
package/dist/utils/import-graph.d.ts +42 -0
package/dist/utils/import-graph.d.ts.map +1 -1
package/dist/utils/import-graph.js +248 -9
package/dist/utils/import-graph.js.map +1 -1
package/dist/utils/language-detect.d.ts +21 -0
package/dist/utils/language-detect.d.ts.map +1 -0
package/dist/utils/language-detect.js +183 -0
package/dist/utils/language-detect.js.map +1 -0
package/dist/utils/nextjs-ast-readers.d.ts +44 -0
package/dist/utils/nextjs-ast-readers.d.ts.map +1 -0
package/dist/utils/nextjs-ast-readers.js +341 -0
package/dist/utils/nextjs-ast-readers.js.map +1 -0
package/dist/utils/nextjs-audit-cache.d.ts +51 -0
package/dist/utils/nextjs-audit-cache.d.ts.map +1 -0
package/dist/utils/nextjs-audit-cache.js +116 -0
package/dist/utils/nextjs-audit-cache.js.map +1 -0
package/dist/utils/nextjs-metadata-readers.d.ts +65 -0
package/dist/utils/nextjs-metadata-readers.d.ts.map +1 -0
package/dist/utils/nextjs-metadata-readers.js +447 -0
package/dist/utils/nextjs-metadata-readers.js.map +1 -0
package/dist/utils/nextjs.d.ts +42 -0
package/dist/utils/nextjs.d.ts.map +1 -0
package/dist/utils/nextjs.js +284 -0
package/dist/utils/nextjs.js.map +1 -0
package/dist/utils/python-import-resolver.d.ts +42 -0
package/dist/utils/python-import-resolver.d.ts.map +1 -0
package/dist/utils/python-import-resolver.js +101 -0
package/dist/utils/python-import-resolver.js.map +1 -0
package/dist/utils/python-imports.d.ts +28 -0
package/dist/utils/python-imports.d.ts.map +1 -0
package/dist/utils/python-imports.js +117 -0
package/dist/utils/python-imports.js.map +1 -0
package/dist/utils/react-alias.d.ts +15 -0
package/dist/utils/react-alias.d.ts.map +1 -0
package/dist/utils/react-alias.js +31 -0
package/dist/utils/react-alias.js.map +1 -0
package/dist/utils/test-file.d.ts.map +1 -1
package/dist/utils/test-file.js +7 -0
package/dist/utils/test-file.js.map +1 -1
package/dist/utils/walk.d.ts +22 -0
package/dist/utils/walk.d.ts.map +1 -1
package/dist/utils/walk.js +70 -2
package/dist/utils/walk.js.map +1 -1
package/package.json +4 -3
package/rules/codesift.md +71 -5
package/rules/codesift.mdc +71 -5
package/rules/codex.md +71 -5
package/rules/gemini.md +71 -5
package/src/parser/languages/tree-sitter-javascript.wasm +0 -0
package/src/parser/languages/tree-sitter-kotlin.wasm +0 -0
package/src/parser/languages/tree-sitter-php.wasm +0 -0
package/src/parser/languages/tree-sitter-php_only.wasm +0 -0
package/src/parser/languages/tree-sitter-python.wasm +0 -0

package/dist/tools/php-tools.js ADDED Viewed

@@ -0,0 +1,645 @@
+/**
+ * PHP/Yii2-specific code intelligence tools.
+ *
+ * Provides 9 hidden/discoverable tools that augment generic code intelligence
+ * with PHP framework awareness: PSR-4 namespace resolution, ActiveRecord schema
+ * extraction, event/listener tracing, view mapping, service locator resolution,
+ * security scanning, compound project audit (9-gate), N+1 query detection,
+ * and god-model detection.
+ */
+import { readFile } from "node:fs/promises";
+import { join } from "node:path";
+import { getCodeIndex } from "./index-tools.js";
+import { searchPatterns } from "./pattern-tools.js";
+export async function resolvePhpNamespace(repo, className) {
+    const index = await getCodeIndex(repo);
+    if (!index)
+        throw new Error(`Repository "${repo}" not found.`);
+    const composer = await readJsonSafe(join(index.root, "composer.json"));
+    const psr4 = {
+        ...(composer?.autoload?.["psr-4"] ?? {}),
+        ...(composer?.["autoload-dev"]?.["psr-4"] ?? {}),
+    };
+    // Strip leading backslash
+    const normalized = className.replace(/^\\/, "");
+    const parts = normalized.split("\\");
+    const namespaceOnly = parts.slice(0, -1).join("\\");
+    const shortName = parts[parts.length - 1];
+    // Find matching PSR-4 prefix (longest match wins)
+    let bestPrefix = null;
+    let bestRoot = null;
+    for (const [prefix, roots] of Object.entries(psr4)) {
+        const normalizedPrefix = prefix.replace(/\\$/, "");
+        if (normalized.startsWith(normalizedPrefix + "\\") || normalized === normalizedPrefix) {
+            if (!bestPrefix || normalizedPrefix.length > bestPrefix.length) {
+                bestPrefix = normalizedPrefix;
+                bestRoot = Array.isArray(roots) ? roots[0] ?? null : roots;
+            }
+        }
+    }
+    if (!bestPrefix || !bestRoot) {
+        return {
+            class_name: shortName,
+            namespace: namespaceOnly,
+            file_path: null,
+            exists: false,
+            psr4_root: null,
+            psr4_prefix: null,
+        };
+    }
+    // Construct file path: strip prefix, replace \ with /, append .php
+    const remainder = normalized.slice(bestPrefix.length).replace(/^\\/, "");
+    const relativePath = remainder.replace(/\\/g, "/") + ".php";
+    const root = bestRoot.replace(/\/$/, "");
+    const filePath = root + "/" + relativePath;
+    // Check if file exists in index (strip leading ./ for comparison)
+    const normalizedFP = filePath.replace(/^\.\//, "");
+    const exists = index.files.some((f) => f.path === normalizedFP || f.path === filePath);
+    return {
+        class_name: shortName,
+        namespace: namespaceOnly,
+        file_path: filePath,
+        exists,
+        psr4_root: bestRoot,
+        psr4_prefix: bestPrefix,
+    };
+}
+export async function analyzeActiveRecord(repo, options) {
+    const index = await getCodeIndex(repo);
+    if (!index)
+        throw new Error(`Repository "${repo}" not found.`);
+    // Find PHP class symbols in model files
+    const classSymbols = index.symbols.filter((s) => {
+        if (s.kind !== "class")
+            return false;
+        if (!s.file.endsWith(".php"))
+            return false;
+        if (options?.model_name && s.name !== options.model_name)
+            return false;
+        if (options?.file_pattern && !s.file.includes(options.file_pattern))
+            return false;
+        return true;
+    });
+    const models = [];
+    for (const cls of classSymbols) {
+        // Heuristic: only models that have source containing ActiveRecord or extend Model
+        if (!cls.source)
+            continue;
+        const extendsAR = /extends\s+(?:ActiveRecord|Model|\\yii\\db\\ActiveRecord)/.test(cls.source);
+        if (!extendsAR)
+            continue;
+        const model = {
+            name: cls.name,
+            file: cls.file,
+            table_name: null,
+            relations: [],
+            rules: [],
+            behaviors: [],
+            methods: [],
+        };
+        // Extract tableName() return value
+        const tableMatch = /function\s+tableName\s*\([^)]*\)[^{]*\{[^}]*return\s+['"]([^'"]+)['"]/s.exec(cls.source);
+        if (tableMatch)
+            model.table_name = tableMatch[1];
+        // Find child method symbols
+        const methods = index.symbols.filter((s) => s.parent === cls.id && s.kind === "method");
+        model.methods = methods.map((m) => m.name);
+        // Extract relations from getX() methods that return hasOne/hasMany.
+        // Two-pass detection:
+        //   Pass 1: find the primary `->hasOne(Target::class, ...)` or
+        //           `->hasMany(Target::class, ...)` call.
+        //   Pass 2: scan the rest of the source for modifiers:
+        //             ->via('relation')         (Yii2 2.0.13+ junction table via relation)
+        //             ->viaTable('tbl', [...])  (direct junction table)
+        //             ->inverseOf('relation')   (bidirectional relation)
+        //           The presence of `via` or `viaTable` upgrades the relation type
+        //           to `manyMany`. `inverseOf` is decorative and doesn't change type.
+        for (const m of methods) {
+            if (!m.name.startsWith("get") || !m.source)
+                continue;
+            const relName = m.name.slice(3);
+            const primaryRe = /->(hasOne|hasMany)\s*\(\s*([\w\\]+)(?:::class)?/;
+            const primaryMatch = primaryRe.exec(m.source);
+            if (!primaryMatch)
+                continue;
+            const baseType = primaryMatch[1] === "hasOne" ? "hasOne" : "hasMany";
+            const targetClass = primaryMatch[2];
+            // Scan the method source for junction-table modifiers on the same chain.
+            // If found, the semantic type is manyMany even though the primary call was hasMany.
+            const hasJunction = /->(?:via|viaTable)\s*\(/.test(m.source);
+            const type = hasJunction ? "manyMany" : baseType;
+            model.relations.push({
+                name: relName.charAt(0).toLowerCase() + relName.slice(1),
+                type,
+                target_class: targetClass,
+            });
+        }
+        // Extract rule validators (loose regex on rules() method source)
+        const rulesMethod = methods.find((m) => m.name === "rules");
+        if (rulesMethod?.source) {
+            const ruleMatches = rulesMethod.source.matchAll(/\[\s*\[?['"]?[\w,\s'"]+['"]?\]?\s*,\s*['"]([\w]+)['"]/g);
+            for (const rm of ruleMatches) {
+                if (rm[1] && !model.rules.includes(rm[1]))
+                    model.rules.push(rm[1]);
+            }
+        }
+        // Extract behaviors from behaviors() method
+        const behaviorsMethod = methods.find((m) => m.name === "behaviors");
+        if (behaviorsMethod?.source) {
+            const bMatches = behaviorsMethod.source.matchAll(/([A-Z]\w+Behavior)(?:::class)?/g);
+            for (const bm of bMatches) {
+                if (bm[1] && !model.behaviors.includes(bm[1]))
+                    model.behaviors.push(bm[1]);
+            }
+        }
+        models.push(model);
+    }
+    return { models, total: models.length };
+}
+export async function tracePhpEvent(repo, options) {
+    const index = await getCodeIndex(repo);
+    if (!index)
+        throw new Error(`Repository "${repo}" not found.`);
+    const eventMap = new Map();
+    const getOrCreate = (name) => {
+        let e = eventMap.get(name);
+        if (!e) {
+            e = { event_name: name, triggers: [], listeners: [] };
+            eventMap.set(name, e);
+        }
+        return e;
+    };
+    // Scan PHP file symbols for event triggers and listeners
+    const phpSymbols = index.symbols.filter((s) => s.file.endsWith(".php") && s.source);
+    for (const sym of phpSymbols) {
+        const source = sym.source;
+        // Triggers: ->trigger('eventName') or Event::trigger(...)
+        const triggerRe = /->trigger\s*\(\s*['"]([^'"]+)['"]/g;
+        let match;
+        while ((match = triggerRe.exec(source)) !== null) {
+            const eventName = match[1];
+            if (options?.event_name && eventName !== options.event_name)
+                continue;
+            const line = sym.start_line + (source.slice(0, match.index).match(/\n/g)?.length ?? 0);
+            getOrCreate(eventName).triggers.push({
+                file: sym.file,
+                line,
+                context: extractLineContext(source, match.index),
+            });
+        }
+        // Listeners: ->on('eventName', ...) or Event::on(...)
+        const listenerRe = /(?:->|::)on\s*\(\s*['"]([^'"]+)['"]/g;
+        while ((match = listenerRe.exec(source)) !== null) {
+            const eventName = match[1];
+            if (options?.event_name && eventName !== options.event_name)
+                continue;
+            const line = sym.start_line + (source.slice(0, match.index).match(/\n/g)?.length ?? 0);
+            getOrCreate(eventName).listeners.push({
+                file: sym.file,
+                line,
+                context: extractLineContext(source, match.index),
+            });
+        }
+    }
+    const events = [...eventMap.values()];
+    return { events, total: events.length };
+}
+export async function findPhpViews(repo, options) {
+    const index = await getCodeIndex(repo);
+    if (!index)
+        throw new Error(`Repository "${repo}" not found.`);
+    const mappings = [];
+    // Find action methods in controllers
+    const controllers = index.symbols.filter((s) => s.kind === "class" && s.name.endsWith("Controller") && s.file.endsWith(".php"));
+    for (const ctrl of controllers) {
+        if (options?.controller && !ctrl.name.includes(options.controller))
+            continue;
+        const actions = index.symbols.filter((s) => s.parent === ctrl.id && s.kind === "method" && s.name.startsWith("action"));
+        for (const action of actions) {
+            if (!action.source)
+                continue;
+            // Match $this->render('viewName'), renderPartial('...'), renderAjax('...')
+            const renderRe = /\$this->render(?:Partial|Ajax|AsJson)?\s*\(\s*['"]([^'"]+)['"]/g;
+            let match;
+            while ((match = renderRe.exec(action.source)) !== null) {
+                const viewName = match[1];
+                // Yii2 convention: views/{controller-id}/{view}.php
+                const controllerId = pascalToKebab(ctrl.name.replace(/Controller$/, ""));
+                const viewFile = `views/${controllerId}/${viewName}.php`;
+                const exists = index.files.some((f) => f.path === viewFile || f.path.endsWith("/" + viewFile));
+                const line = action.start_line + (action.source.slice(0, match.index).match(/\n/g)?.length ?? 0);
+                mappings.push({
+                    controller: ctrl.name,
+                    action: action.name,
+                    view_name: viewName,
+                    view_file: exists ? viewFile : null,
+                    render_line: line,
+                });
+            }
+        }
+    }
+    return { mappings, total: mappings.length };
+}
+export async function resolvePhpService(repo, options) {
+    const index = await getCodeIndex(repo);
+    if (!index)
+        throw new Error(`Repository "${repo}" not found.`);
+    const services = [];
+    const configFiles = index.files.filter((f) => /config\/(web|console|main|db)\.php$/.test(f.path));
+    for (const cf of configFiles) {
+        let source;
+        try {
+            source = await readFile(join(index.root, cf.path), "utf-8");
+        }
+        catch {
+            continue;
+        }
+        // Match component definitions: 'componentName' => ['class' => 'FQCN', ...]
+        const componentRe = /['"]([\w-]+)['"]\s*=>\s*\[\s*['"]class['"]\s*=>\s*['"]([\w\\]+)['"]/g;
+        let match;
+        while ((match = componentRe.exec(source)) !== null) {
+            const name = match[1];
+            const cls = match[2];
+            if (options?.service_name && name !== options.service_name)
+                continue;
+            // Resolve class to file via PSR-4
+            let filePath = null;
+            try {
+                const resolved = await resolvePhpNamespace(repo, cls);
+                if (resolved.exists)
+                    filePath = resolved.file_path;
+            }
+            catch { /* ignore */ }
+            services.push({
+                name,
+                class: cls,
+                file: filePath,
+                config_file: cf.path,
+            });
+        }
+    }
+    return { services, total: services.length };
+}
+const PHP_SECURITY_CHECKS = [
+    { pattern: "sql-injection-php", severity: "critical" },
+    { pattern: "xss-php", severity: "critical" },
+    { pattern: "eval-php", severity: "critical" },
+    { pattern: "exec-php", severity: "critical" },
+    { pattern: "unserialize-php", severity: "high" },
+    { pattern: "file-include-var", severity: "high" },
+    { pattern: "unescaped-yii-view", severity: "high" },
+    { pattern: "raw-query-yii", severity: "high" },
+];
+export async function phpSecurityScan(repo, options) {
+    const selectedChecks = options?.checks
+        ? PHP_SECURITY_CHECKS.filter((c) => options.checks.includes(c.pattern))
+        : PHP_SECURITY_CHECKS;
+    const findings = [];
+    const summary = { critical: 0, high: 0, medium: 0, low: 0, total: 0 };
+    // Run pattern checks in parallel
+    const results = await Promise.all(selectedChecks.map((check) => searchPatterns(repo, check.pattern, {
+        file_pattern: options?.file_pattern ?? ".php",
+        include_tests: false,
+    }).then((r) => ({ check, result: r })).catch(() => null)));
+    for (const res of results) {
+        if (!res)
+            continue;
+        for (const m of res.result.matches) {
+            findings.push({
+                severity: res.check.severity,
+                pattern: res.check.pattern,
+                file: m.file,
+                line: m.start_line,
+                context: m.context,
+                description: "", // description populated by searchPatterns but not in PatternMatch type
+            });
+            summary[res.check.severity]++;
+            summary.total++;
+        }
+    }
+    return {
+        findings,
+        summary,
+        checks_run: selectedChecks.map((c) => c.pattern),
+    };
+}
+// ---------------------------------------------------------------------------
+// 7h. find_php_n_plus_one — detect foreach + relation access without ->with()
+// ---------------------------------------------------------------------------
+/**
+ * Common ActiveRecord scalar field names. Property access like $user->id or
+ * $user->created_at inside a foreach is NOT a relation (no N+1 risk), so we
+ * allow-list these to cut false positives.
+ */
+const SCALAR_FIELD_NAMES = new Set([
+    "id", "name", "title", "created_at", "updated_at", "deleted_at", "status",
+    "email", "slug", "code", "type", "value", "label", "description", "enabled",
+    "active", "position", "sort", "order", "count", "total", "amount", "price",
+    "uuid", "hash", "token", "key", "url", "path", "image", "avatar",
+]);
+/**
+ * PHP method names that look like `get*` but are NOT ActiveRecord relation
+ * getters. `$item->save()` / `$item->validate()` inside a foreach is fine;
+ * flagging them as N+1 would be a false positive. These names are stripped
+ * from the `get\w+()` method-call detection before the eager-load check.
+ */
+const METHOD_CALL_BLOCKLIST = new Set([
+    "save", "validate", "delete", "refresh", "load", "populate", "toArray",
+    "afterSave", "beforeSave", "beforeDelete", "afterDelete",
+    "getAttributes", "getAttribute", "getIsNewRecord", "getErrors", "getFirstError",
+    "getOldAttributes", "getDirtyAttributes", "getPrimaryKey", "getTableSchema",
+]);
+/**
+ * Detect N+1 query patterns in Yii2/Eloquent controllers.
+ *
+ * Pattern: `foreach ($items as $item) { $item->relation->... }` without a
+ * prior `->with('relation')` call in the same method scope. This is the
+ * most common N+1 anti-pattern in Yii2 ActiveRecord code.
+ *
+ * Known limitations (acceptable for a "discovery" tool, not a gate):
+ * - Regex-based — can miss multi-line foreach bodies split across nested blocks
+ * - Doesn't cross function boundaries — eager loading in caller is invisible
+ * - False positives on nested loops if the outer collection is already eager-loaded
+ */
+export async function findPhpNPlusOne(repo, options) {
+    const index = await getCodeIndex(repo);
+    if (!index)
+        throw new Error(`Repository "${repo}" not found.`);
+    const findings = [];
+    const limit = options?.limit ?? 100;
+    const filePattern = options?.file_pattern;
+    // Normalize `getProfile` → `profile` so the ->with() check matches whether
+    // the relation is accessed as a property or via its auto-generated getter.
+    const normalizeGetter = (name) => {
+        const bare = name.replace(/^get/, "");
+        return bare.length > 0 ? bare.charAt(0).toLowerCase() + bare.slice(1) : "";
+    };
+    // A finding is emitted exactly once per (foreach × relation-name) tuple so
+    // that chained patterns don't double-report the same relation that the
+    // property pattern already caught in the same loop body.
+    const emitFinding = (sym, foreachIdx, relation, pattern, seen) => {
+        if (!relation || seen.has(relation))
+            return findings.length >= limit;
+        seen.add(relation);
+        if (SCALAR_FIELD_NAMES.has(relation.toLowerCase()))
+            return findings.length >= limit;
+        const beforeForeach = sym.source.slice(0, foreachIdx);
+        const withRe = new RegExp(`\\bwith\\s*\\(\\s*['"]${relation}['"]`);
+        if (withRe.test(beforeForeach))
+            return findings.length >= limit;
+        const lineOffset = beforeForeach.split("\n").length - 1;
+        findings.push({
+            file: sym.file,
+            method: sym.name,
+            line: sym.start_line + lineOffset,
+            relation,
+            pattern,
+        });
+        return findings.length >= limit;
+    };
+    for (const sym of index.symbols) {
+        if (sym.kind !== "method" || !sym.file.endsWith(".php") || !sym.source)
+            continue;
+        if (filePattern && !sym.file.includes(filePattern))
+            continue;
+        const src = sym.source;
+        const foreachRe = /foreach\s*\(\s*\$(\w+)\s+as\s+(?:\$\w+\s*=>\s*)?\$(\w+)\s*\)/g;
+        let fm;
+        while ((fm = foreachRe.exec(src)) !== null) {
+            const itemVar = fm[2];
+            const foreachIdx = fm.index;
+            const after = src.slice(foreachIdx);
+            // Guard against double-counting: each distinct relation name reported
+            // once per foreach, regardless of which pattern matched first.
+            const seen = new Set();
+            // Pattern 1 — property access: $item->profile
+            // The negative lookahead `(?![\w(])` blocks both:
+            //   1) following word chars (prevents backtracking to a partial capture
+            //      like `$item->getProfile()` matching "getProfil" as a property);
+            //   2) an opening paren (excludes method calls, handled by pattern 2).
+            const propRe = new RegExp(`\\$${itemVar}->(\\w+)(?![\\w(])`, "g");
+            let m;
+            while ((m = propRe.exec(after)) !== null) {
+                if (emitFinding({ file: sym.file, name: sym.name, source: src, start_line: sym.start_line }, foreachIdx, m[1], "foreach-access-without-with", seen)) {
+                    return { findings, total: findings.length };
+                }
+            }
+            // Pattern 2 — getter method call: $item->getProfile()
+            // Normalize to bare relation name for both the dedup and the ->with() check.
+            const getterRe = new RegExp(`\\$${itemVar}->(get\\w+)\\s*\\(\\s*\\)`, "g");
+            while ((m = getterRe.exec(after)) !== null) {
+                const rawMethod = m[1];
+                if (METHOD_CALL_BLOCKLIST.has(rawMethod))
+                    continue;
+                const normalized = normalizeGetter(rawMethod);
+                if (!normalized || METHOD_CALL_BLOCKLIST.has(normalized.toLowerCase()))
+                    continue;
+                if (emitFinding({ file: sym.file, name: sym.name, source: src, start_line: sym.start_line }, foreachIdx, normalized, "foreach-getter-without-with", seen)) {
+                    return { findings, total: findings.length };
+                }
+            }
+            // Pattern 3 — chained access: $item->rel->sub (the first segment is the trigger)
+            const chainRe = new RegExp(`\\$${itemVar}->(\\w+)->\\w`, "g");
+            while ((m = chainRe.exec(after)) !== null) {
+                if (emitFinding({ file: sym.file, name: sym.name, source: src, start_line: sym.start_line }, foreachIdx, m[1], "foreach-chained-without-with", seen)) {
+                    return { findings, total: findings.length };
+                }
+            }
+        }
+    }
+    return { findings, total: findings.length };
+}
+/**
+ * Flag oversized PHP classes. Two scopes:
+ *
+ * - `scope: "activerecord"` (default) — only models extending ActiveRecord.
+ *   Uses `analyzeActiveRecord` for model detection and counts relations as a
+ *   third threshold alongside methods and lines. Classic Yii2 god-model case:
+ *   Survey.php in Mobi2 with 175 methods, 30 relations, 2291 lines.
+ *
+ * - `scope: "all"` — every PHP class in the index, regardless of base class.
+ *   Captures service god-classes (UserService with 80 methods), component
+ *   aggregates, and any other PHP class that outgrew its responsibility.
+ *   `relation_count` is 0 for non-AR classes — the `min_relations` check is
+ *   skipped so a service with 60 methods isn't hidden by a relation threshold.
+ *
+ * Thresholds default to 50/15/500 but are configurable for both scopes.
+ */
+export async function findPhpGodModel(repo, options) {
+    const index = await getCodeIndex(repo);
+    if (!index)
+        throw new Error(`Repository "${repo}" not found.`);
+    const minM = options?.min_methods ?? 50;
+    const minR = options?.min_relations ?? 15;
+    const minL = options?.min_lines ?? 500;
+    const scope = options?.scope ?? "activerecord";
+    const models = [];
+    if (scope === "activerecord") {
+        const ar = await analyzeActiveRecord(repo);
+        for (const m of ar.models) {
+            // Look up the class symbol by (name, kind, file) — file match keeps
+            // duplicate class names in different paths reported independently.
+            const classSym = index.symbols.find((s) => s.name === m.name && s.kind === "class" && s.file === m.file);
+            const lineCount = classSym ? classSym.end_line - classSym.start_line : 0;
+            const reasons = [];
+            if (m.methods.length > minM)
+                reasons.push(`methods: ${m.methods.length} > ${minM}`);
+            if (m.relations.length > minR)
+                reasons.push(`relations: ${m.relations.length} > ${minR}`);
+            if (lineCount > minL)
+                reasons.push(`lines: ${lineCount} > ${minL}`);
+            if (reasons.length > 0) {
+                models.push({
+                    name: m.name,
+                    file: m.file,
+                    method_count: m.methods.length,
+                    relation_count: m.relations.length,
+                    line_count: lineCount,
+                    reasons,
+                });
+            }
+        }
+    }
+    else {
+        // scope === "all" — iterate every PHP class symbol directly.
+        const classSyms = index.symbols.filter((s) => s.kind === "class" && s.file.endsWith(".php"));
+        for (const cls of classSyms) {
+            const methodCount = index.symbols.filter((s) => s.parent === cls.id && s.kind === "method").length;
+            const lineCount = cls.end_line - cls.start_line;
+            const reasons = [];
+            if (methodCount > minM)
+                reasons.push(`methods: ${methodCount} > ${minM}`);
+            if (lineCount > minL)
+                reasons.push(`lines: ${lineCount} > ${minL}`);
+            // min_relations intentionally skipped in "all" scope — not AR, no relations
+            if (reasons.length > 0) {
+                models.push({
+                    name: cls.name,
+                    file: cls.file,
+                    method_count: methodCount,
+                    relation_count: 0,
+                    line_count: lineCount,
+                    reasons,
+                });
+            }
+        }
+    }
+    // Sort by severity (number of reasons desc, then methods desc)
+    models.sort((a, b) => b.reasons.length - a.reasons.length || b.method_count - a.method_count);
+    return { models, total: models.length };
+}
+const AUDIT_TIMEOUT = 8000;
+export async function phpProjectAudit(repo, options) {
+    const startTime = Date.now();
+    const gates = [];
+    const allChecks = ["security", "activerecord", "complexity", "dead_code", "patterns", "clones", "hotspots", "n_plus_one", "god_model"];
+    const enabled = new Set(options?.checks ?? allChecks);
+    const fp = options?.file_pattern ?? ".php";
+    const secOpts = {};
+    if (options?.file_pattern)
+        secOpts.file_pattern = options.file_pattern;
+    const tasks = [];
+    if (enabled.has("security"))
+        tasks.push({ name: "security", run: () => phpSecurityScan(repo, secOpts) });
+    if (enabled.has("activerecord"))
+        tasks.push({ name: "activerecord", run: () => analyzeActiveRecord(repo, options?.file_pattern ? { file_pattern: options.file_pattern } : undefined) });
+    if (enabled.has("complexity"))
+        tasks.push({ name: "complexity", run: async () => { const { analyzeComplexity } = await import("./complexity-tools.js"); return analyzeComplexity(repo, { file_pattern: fp, top_n: 10 }); } });
+    if (enabled.has("dead_code"))
+        tasks.push({ name: "dead_code", run: async () => { const { findDeadCode } = await import("./symbol-tools.js"); return findDeadCode(repo, { file_pattern: fp }); } });
+    if (enabled.has("patterns"))
+        tasks.push({ name: "patterns", run: () => searchPatterns(repo, "empty-catch", { file_pattern: fp }) });
+    if (enabled.has("clones"))
+        tasks.push({ name: "clones", run: async () => { const { findClones } = await import("./clone-tools.js"); return findClones(repo, { file_pattern: fp }); } });
+    if (enabled.has("hotspots"))
+        tasks.push({ name: "hotspots", run: async () => { const { analyzeHotspots } = await import("./hotspot-tools.js"); return analyzeHotspots(repo, {}); } });
+    if (enabled.has("n_plus_one"))
+        tasks.push({ name: "n_plus_one", run: () => findPhpNPlusOne(repo, options?.file_pattern ? { file_pattern: options.file_pattern } : undefined) });
+    if (enabled.has("god_model"))
+        tasks.push({ name: "god_model", run: () => findPhpGodModel(repo) });
+    const settled = await Promise.allSettled(tasks.map(async (t) => {
+        const s = Date.now();
+        const r = await Promise.race([t.run(), new Promise((ok) => setTimeout(() => ok("TIMEOUT"), AUDIT_TIMEOUT))]);
+        return { name: t.name, result: r, ms: Date.now() - s };
+    }));
+    let securityResult = { findings: [], summary: { critical: 0, high: 0, medium: 0, low: 0, total: 0 }, checks_run: [] };
+    let arResult = { models: [], total: 0 };
+    let totalFindings = 0;
+    for (const s of settled) {
+        if (s.status === "rejected") {
+            gates.push({ name: "unknown", status: "error", findings_count: 0, duration_ms: 0, error: String(s.reason) });
+            continue;
+        }
+        const { name, result, ms } = s.value;
+        if (result === "TIMEOUT") {
+            gates.push({ name, status: "timeout", findings_count: 0, duration_ms: ms });
+            continue;
+        }
+        let count = 0;
+        // activerecord is informational (model count), not a problem finding — excluded from totalFindings and health score
+        if (name === "security") {
+            securityResult = result;
+            count = securityResult.summary.total;
+        }
+        else if (name === "activerecord") {
+            arResult = result;
+            count = arResult.total;
+        }
+        else if (name === "complexity")
+            count = result?.summary?.above_threshold ?? 0;
+        else if (name === "dead_code")
+            count = result?.candidates?.length ?? 0;
+        else if (name === "patterns")
+            count = result?.matches?.length ?? 0;
+        else if (name === "clones")
+            count = result?.clones?.length ?? 0;
+        else if (name === "hotspots")
+            count = result?.hotspots?.length ?? 0;
+        else if (name === "n_plus_one")
+            count = result?.findings?.length ?? 0;
+        else if (name === "god_model")
+            count = result?.models?.length ?? 0;
+        if (name !== "activerecord")
+            totalFindings += count;
+        gates.push({ name, status: "ok", findings_count: count, duration_ms: ms });
+    }
+    const sec = securityResult.summary;
+    // Logarithmic penalties — a few critical findings are serious, but hundreds of
+    // complexity warnings shouldn't tank the score to 0. Each gate uses log2 scaling
+    // so 1 finding ≈ 0, 10 ≈ 17, 100 ≈ 33, 1000 ≈ 50 penalty points.
+    const secPenalty = sec.total > 0 ? Math.round(Math.log2(sec.total + 1) * (sec.critical > 0 ? 8 : 4)) : 0;
+    const qualityFindings = totalFindings - sec.total;
+    const qualPenalty = qualityFindings > 0 ? Math.round(Math.log2(qualityFindings + 1) * 4) : 0;
+    const healthScore = Math.max(0, Math.min(100, 100 - secPenalty - qualPenalty));
+    const topRisks = gates.filter(g => g.findings_count > 0 && g.name !== "activerecord").sort((a, b) => b.findings_count - a.findings_count).slice(0, 3).map(g => `${g.name}: ${g.findings_count} findings`);
+    return {
+        repo, duration_ms: Date.now() - startTime,
+        checks_run: gates.filter(g => g.status === "ok").map(g => g.name),
+        gates,
+        summary: { total_findings: totalFindings, critical: sec.critical, high: sec.high, medium: sec.medium, low: sec.low, health_score: healthScore, top_risks: topRisks },
+        security: securityResult,
+        activerecord: arResult,
+    };
+}
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+async function readJsonSafe(path) {
+    try {
+        const content = await readFile(path, "utf-8");
+        return JSON.parse(content);
+    }
+    catch {
+        return null;
+    }
+}
+function extractLineContext(source, index) {
+    const lineStart = source.lastIndexOf("\n", index) + 1;
+    const lineEnd = source.indexOf("\n", index);
+    const end = lineEnd === -1 ? source.length : lineEnd;
+    return source.slice(lineStart, end).trim().slice(0, 200);
+}
+function pascalToKebab(s) {
+    return s.replace(/([a-z0-9])([A-Z])/g, "$1-$2").toLowerCase();
+}
+//# sourceMappingURL=php-tools.js.map