codesight 1.3.2 → 1.4.0

package/dist/config.d.ts

@@ -0,0 +1,16 @@
+/**
+ * Configuration loader: reads codesight.config.(ts|js|json) from project root.
+ */
+import type { CodesightConfig } from "./types.js";
+/**
+ * Load config from project root. Returns empty config if no config file found.
+ */
+export declare function loadConfig(root: string): Promise<CodesightConfig>;
+/**
+ * Merges CLI args with config file values (CLI takes precedence).
+ */
+export declare function mergeCliConfig(config: CodesightConfig, cli: {
+    maxDepth?: number;
+    outputDir?: string;
+    profile?: string;
+}): CodesightConfig;

package/dist/config.js

@@ -0,0 +1,96 @@
+/**
+ * Configuration loader: reads codesight.config.(ts|js|json) from project root.
+ */
+import { readFile, stat } from "node:fs/promises";
+import { join } from "node:path";
+import { pathToFileURL } from "node:url";
+const CONFIG_FILES = [
+    "codesight.config.ts",
+    "codesight.config.js",
+    "codesight.config.mjs",
+    "codesight.config.json",
+];
+async function fileExists(path) {
+    try {
+        await stat(path);
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
+/**
+ * Load config from project root. Returns empty config if no config file found.
+ */
+export async function loadConfig(root) {
+    for (const filename of CONFIG_FILES) {
+        const configPath = join(root, filename);
+        if (!(await fileExists(configPath)))
+            continue;
+        try {
+            if (filename.endsWith(".json")) {
+                const content = await readFile(configPath, "utf-8");
+                return JSON.parse(content);
+            }
+            if (filename.endsWith(".ts")) {
+                // Try loading with tsx or ts-node if available
+                return await loadTsConfig(configPath, root);
+            }
+            // JS/MJS — dynamic import
+            const module = await import(pathToFileURL(configPath).href);
+            return (module.default || module);
+        }
+        catch (err) {
+            console.warn(`  Warning: failed to load ${filename}: ${err.message}`);
+            return {};
+        }
+    }
+    // Also check package.json "codesight" field
+    try {
+        const pkgPath = join(root, "package.json");
+        if (await fileExists(pkgPath)) {
+            const pkg = JSON.parse(await readFile(pkgPath, "utf-8"));
+            if (pkg.codesight && typeof pkg.codesight === "object") {
+                return pkg.codesight;
+            }
+        }
+    }
+    catch { }
+    return {};
+}
+async function loadTsConfig(configPath, _root) {
+    // Strategy 1: try tsx via dynamic import of the .ts file directly
+    // (works if tsx or ts-node is installed)
+    try {
+        const module = await import(pathToFileURL(configPath).href);
+        return (module.default || module);
+    }
+    catch { }
+    // Strategy 2: read as text and extract JSON-like config
+    // (fallback for when no TS loader is available)
+    const content = await readFile(configPath, "utf-8");
+    // Try to extract the config object from simple export default { ... }
+    const match = content.match(/export\s+default\s+({[\s\S]*})\s*;?\s*$/m);
+    if (match) {
+        try {
+            // Use Function constructor to evaluate the object literal
+            // Safe here since this is user's own config file in their project
+            const fn = new Function(`return (${match[1]})`);
+            return fn();
+        }
+        catch { }
+    }
+    console.warn(`  Warning: cannot load codesight.config.ts (install tsx for TS config support)`);
+    return {};
+}
+/**
+ * Merges CLI args with config file values (CLI takes precedence).
+ */
+export function mergeCliConfig(config, cli) {
+    return {
+        ...config,
+        maxDepth: cli.maxDepth ?? config.maxDepth,
+        outputDir: cli.outputDir ?? config.outputDir,
+        profile: cli.profile ?? config.profile,
+    };
+}

package/dist/detectors/schema.js

@@ -257,7 +257,7 @@ async function detectSQLAlchemySchemas(files, project) {
         if (!content.includes("Base") && !content.includes("DeclarativeBase") && !content.includes("Model"))
             continue;
         // Match class definitions
-        const classPattern = /class\s+(\w+)\s*\([^)]*(?:Base|Model|DeclarativeBase)[^)]*\)\s*:([\s\S]*?)(?=\nclass\s|\n[^\s]|\Z)/g;
+        const classPattern = /class\s+(\w+)\s*\([^)]*(?:Base|Model|DeclarativeBase)[^)]*\)\s*:([\s\S]*?)(?=\nclass\s|\n[^\s]|$)/g;
         let match;
         while ((match = classPattern.exec(content)) !== null) {
             const name = match[1];

package/dist/eval.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Evaluation suite: runs codesight on fixture repos and measures
+ * precision, recall, and F1 against ground truth.
+ */
+export declare function runEval(): Promise<void>;

package/dist/eval.js

@@ -0,0 +1,184 @@
+/**
+ * Evaluation suite: runs codesight on fixture repos and measures
+ * precision, recall, and F1 against ground truth.
+ */
+import { readFile, writeFile, mkdir, rm } from "node:fs/promises";
+import { join, dirname } from "node:path";
+import { fileURLToPath } from "node:url";
+import { collectFiles, detectProject } from "./scanner.js";
+import { detectRoutes } from "./detectors/routes.js";
+import { detectSchemas } from "./detectors/schema.js";
+import { detectComponents } from "./detectors/components.js";
+import { detectConfig } from "./detectors/config.js";
+import { detectMiddleware } from "./detectors/middleware.js";
+function calcMetrics(detected, expected) {
+    let tp = 0;
+    let fp = 0;
+    let fn = 0;
+    for (const item of detected) {
+        if (expected.has(item))
+            tp++;
+        else
+            fp++;
+    }
+    for (const item of expected) {
+        if (!detected.has(item))
+            fn++;
+    }
+    const precision = tp + fp > 0 ? tp / (tp + fp) : 1;
+    const recall = tp + fn > 0 ? tp / (tp + fn) : 1;
+    const f1 = precision + recall > 0 ? (2 * precision * recall) / (precision + recall) : 0;
+    return {
+        precision: Math.round(precision * 1000) / 1000,
+        recall: Math.round(recall * 1000) / 1000,
+        f1: Math.round(f1 * 1000) / 1000,
+        truePositives: tp,
+        falsePositives: fp,
+        falseNegatives: fn,
+    };
+}
+async function createTempRepo(fixture) {
+    const tmpDir = join((await import("node:os")).tmpdir(), `codesight-eval-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`);
+    for (const [filePath, content] of Object.entries(fixture.files)) {
+        const fullPath = join(tmpDir, filePath);
+        await mkdir(dirname(fullPath), { recursive: true });
+        await writeFile(fullPath, content);
+    }
+    return tmpDir;
+}
+async function evalFixture(fixturePath) {
+    const repoJson = JSON.parse(await readFile(join(fixturePath, "repo.json"), "utf-8"));
+    const groundTruth = JSON.parse(await readFile(join(fixturePath, "ground-truth.json"), "utf-8"));
+    // Create temp repo from fixture
+    const tmpDir = await createTempRepo(repoJson);
+    const startTime = Date.now();
+    try {
+        // Run codesight detectors
+        const project = await detectProject(tmpDir);
+        const files = await collectFiles(tmpDir, 10);
+        const [routes, schemas, components, config, middleware] = await Promise.all([
+            detectRoutes(files, project),
+            detectSchemas(files, project),
+            detectComponents(files, project),
+            detectConfig(files, project),
+            detectMiddleware(files, project),
+        ]);
+        const runtime = Date.now() - startTime;
+        // Compare routes: method:path
+        const detectedRoutes = new Set(routes.map((r) => `${r.method}:${r.path}`));
+        const expectedRoutes = new Set((groundTruth.routes || []).map((r) => `${r.method}:${r.path}`));
+        // Compare models: name
+        const detectedModels = new Set(schemas.map((s) => s.name.toLowerCase()));
+        const expectedModels = new Set((groundTruth.models || []).map((m) => m.name.toLowerCase()));
+        // Compare env vars
+        const detectedEnvVars = new Set(config.envVars.map((e) => e.name));
+        const expectedEnvVars = new Set(groundTruth.envVars || []);
+        const result = {
+            name: repoJson.name,
+            routes: calcMetrics(detectedRoutes, expectedRoutes),
+            models: calcMetrics(detectedModels, expectedModels),
+            envVars: calcMetrics(detectedEnvVars, expectedEnvVars),
+            runtime,
+        };
+        // Components (if ground truth has them)
+        if (groundTruth.components && groundTruth.components.length > 0) {
+            const detectedComps = new Set(components.map((c) => c.name));
+            const expectedComps = new Set(groundTruth.components.map((c) => c.name));
+            result.components = calcMetrics(detectedComps, expectedComps);
+        }
+        // Middleware
+        if (groundTruth.middleware && groundTruth.middleware.length > 0) {
+            const detectedMw = new Set(middleware.map((m) => m.name));
+            const expectedMw = new Set(groundTruth.middleware);
+            result.middleware = calcMetrics(detectedMw, expectedMw);
+        }
+        return result;
+    }
+    finally {
+        // Cleanup temp dir
+        await rm(tmpDir, { recursive: true, force: true }).catch(() => { });
+    }
+}
+function formatPercent(n) {
+    return `${(n * 100).toFixed(1)}%`;
+}
+function printMetrics(label, m) {
+    console.log(`    ${label.padEnd(14)} P: ${formatPercent(m.precision).padStart(6)}  R: ${formatPercent(m.recall).padStart(6)}  F1: ${formatPercent(m.f1).padStart(6)}  (TP:${m.truePositives} FP:${m.falsePositives} FN:${m.falseNegatives})`);
+}
+export async function runEval() {
+    // Find eval fixtures
+    const __dirname = dirname(fileURLToPath(import.meta.url));
+    const evalDir = join(__dirname, "..", "eval", "fixtures");
+    let fixtureNames;
+    try {
+        const { readdir } = await import("node:fs/promises");
+        fixtureNames = await readdir(evalDir);
+    }
+    catch {
+        // Try from dist path
+        const altDir = join(__dirname, "..", "..", "eval", "fixtures");
+        const { readdir } = await import("node:fs/promises");
+        fixtureNames = await readdir(altDir);
+        // Override evalDir for the loop below
+        return runEvalFromDir(altDir, fixtureNames);
+    }
+    return runEvalFromDir(evalDir, fixtureNames);
+}
+async function runEvalFromDir(evalDir, fixtureNames) {
+    console.log(`\n  codesight eval — precision/recall benchmarks\n`);
+    const results = [];
+    let totalPrecision = 0;
+    let totalRecall = 0;
+    let totalF1 = 0;
+    let metricCount = 0;
+    for (const name of fixtureNames) {
+        const fixturePath = join(evalDir, name);
+        // Check if it has repo.json
+        try {
+            await import("node:fs/promises").then((fs) => fs.stat(join(fixturePath, "repo.json")));
+        }
+        catch {
+            continue;
+        }
+        process.stdout.write(`  ${name}...`);
+        const result = await evalFixture(fixturePath);
+        results.push(result);
+        console.log(` ${result.runtime}ms`);
+        printMetrics("Routes", result.routes);
+        printMetrics("Models", result.models);
+        printMetrics("Env vars", result.envVars);
+        if (result.components)
+            printMetrics("Components", result.components);
+        if (result.middleware)
+            printMetrics("Middleware", result.middleware);
+        console.log("");
+        // Accumulate for averages
+        const metrics = [result.routes, result.models, result.envVars];
+        if (result.components)
+            metrics.push(result.components);
+        if (result.middleware)
+            metrics.push(result.middleware);
+        for (const m of metrics) {
+            totalPrecision += m.precision;
+            totalRecall += m.recall;
+            totalF1 += m.f1;
+            metricCount++;
+        }
+    }
+    if (results.length === 0) {
+        console.log("  No fixtures found. Add fixtures to eval/fixtures/");
+        return;
+    }
+    // Summary
+    const avgP = totalPrecision / metricCount;
+    const avgR = totalRecall / metricCount;
+    const avgF1 = totalF1 / metricCount;
+    const totalRuntime = results.reduce((s, r) => s + r.runtime, 0);
+    console.log("  ──────────────────────────────────────────");
+    console.log(`  Fixtures:           ${results.length}`);
+    console.log(`  Avg precision:      ${formatPercent(avgP)}`);
+    console.log(`  Avg recall:         ${formatPercent(avgR)}`);
+    console.log(`  Avg F1:             ${formatPercent(avgF1)}`);
+    console.log(`  Total runtime:      ${totalRuntime}ms`);
+    console.log("");
+}

package/dist/index.js

@@ -14,7 +14,8 @@ import { calculateTokenStats } from "./detectors/tokens.js";
 import { writeOutput } from "./formatter.js";
 import { generateAIConfigs } from "./generators/ai-config.js";
 import { generateHtmlReport } from "./generators/html-report.js";
-const VERSION = "1.3.2";
+import { loadConfig, mergeCliConfig } from "./config.js";
+const VERSION = "1.4.0";
 const BRAND = "codesight";
 function printHelp() {
     console.log(`
@@ -35,9 +36,15 @@ function printHelp() {
     --benchmark          Show detailed token savings breakdown
     --profile <tool>     Generate optimized config (claude-code|cursor|codex|copilot|windsurf)
     --blast <file>       Show blast radius for a file
+    --telemetry          Run token telemetry (real before/after measurement)
+    --eval               Run precision/recall benchmarks on eval fixtures
     -v, --version        Show version
     -h, --help           Show this help
 
+  Config:
+    Reads codesight.config.(ts|js|json) or package.json "codesight" field.
+    See docs for disableDetectors, customRoutePatterns, plugins, and more.
+
   Examples:
     npx ${BRAND}                    # Scan current directory
     npx ${BRAND} --init             # Scan + generate AI config files
@@ -45,6 +52,8 @@ function printHelp() {
     npx ${BRAND} --watch            # Watch mode, re-scan on changes
     npx ${BRAND} --mcp              # Start MCP server
     npx ${BRAND} --hook             # Install git pre-commit hook
+    npx ${BRAND} --telemetry        # Measure real token savings
+    npx ${BRAND} --eval             # Run accuracy benchmarks
     npx ${BRAND} ./my-project       # Scan specific directory
 `);
 }
@@ -57,7 +66,7 @@ async function fileExists(path) {
         return false;
     }
 }
-async function scan(root, outputDirName, maxDepth) {
+async function scan(root, outputDirName, maxDepth, userConfig = {}) {
     const outputDir = join(root, outputDirName);
     console.log(`\n  ${BRAND} v${VERSION}`);
     console.log(`  Scanning: ${root}\n`);
@@ -73,17 +82,39 @@ async function scan(root, outputDirName, maxDepth) {
     process.stdout.write("  Collecting files...");
     const files = await collectFiles(root, maxDepth);
     console.log(` ${files.length} files`);
-    // Step 3: Run all detectors in parallel
+    // Step 3: Run all detectors in parallel (respecting disableDetectors config)
     process.stdout.write("  Analyzing...");
-    const [rawRoutes, schemas, components, libs, config, middleware, graph] = await Promise.all([
-        detectRoutes(files, project),
-        detectSchemas(files, project),
-        detectComponents(files, project),
-        detectLibs(files, project),
-        detectConfig(files, project),
-        detectMiddleware(files, project),
-        detectDependencyGraph(files, project),
+    const disabled = new Set(userConfig.disableDetectors || []);
+    const [rawRoutes, schemas, components, libs, configResult, middleware, graph] = await Promise.all([
+        disabled.has("routes") ? Promise.resolve([]) : detectRoutes(files, project),
+        disabled.has("schema") ? Promise.resolve([]) : detectSchemas(files, project),
+        disabled.has("components") ? Promise.resolve([]) : detectComponents(files, project),
+        disabled.has("libs") ? Promise.resolve([]) : detectLibs(files, project),
+        disabled.has("config") ? Promise.resolve({ envVars: [], configFiles: [], dependencies: {}, devDependencies: {} }) : detectConfig(files, project),
+        disabled.has("middleware") ? Promise.resolve([]) : detectMiddleware(files, project),
+        disabled.has("graph") ? Promise.resolve({ edges: [], hotFiles: [] }) : detectDependencyGraph(files, project),
     ]);
+    // Step 3b: Run plugin detectors
+    if (userConfig.plugins) {
+        for (const plugin of userConfig.plugins) {
+            if (plugin.detector) {
+                try {
+                    const pluginResult = await plugin.detector(files, project);
+                    if (pluginResult.routes)
+                        rawRoutes.push(...pluginResult.routes);
+                    if (pluginResult.schemas)
+                        schemas.push(...pluginResult.schemas);
+                    if (pluginResult.components)
+                        components.push(...pluginResult.components);
+                    if (pluginResult.middleware)
+                        middleware.push(...pluginResult.middleware);
+                }
+                catch (err) {
+                    console.warn(`\n  Warning: plugin "${plugin.name}" failed: ${err.message}`);
+                }
+            }
+        }
+    }
     // Step 4: Enrich routes with contract info
     const routes = await enrichRouteContracts(rawRoutes, project);
     // Report AST vs regex detection
@@ -106,7 +137,7 @@ async function scan(root, outputDirName, maxDepth) {
         schemas,
         components,
         libs,
-        config,
+        config: configResult,
         middleware,
         graph,
         tokenStats: { outputTokens: 0, estimatedExplorationTokens: 0, saved: 0, fileCount: files.length },
@@ -126,7 +157,7 @@ async function scan(root, outputDirName, maxDepth) {
     Models:       ${schemas.length}
     Components:   ${components.length}
     Libraries:    ${libs.length}
-    Env vars:     ${config.envVars.length}
+    Env vars:     ${configResult.envVars.length}
     Middleware:    ${middleware.length}
     Import links: ${graph.edges.length}
     Hot files:    ${graph.hotFiles.length}
@@ -234,6 +265,8 @@ async function main() {
     let doBenchmark = false;
     let doProfile = "";
     let doBlast = "";
+    let doTelemetry = false;
+    let doEval = false;
     for (let i = 0; i < args.length; i++) {
         const arg = args[i];
         if ((arg === "-o" || arg === "--output") && args[i + 1]) {
@@ -273,6 +306,12 @@ async function main() {
         else if (arg === "--blast" && args[i + 1]) {
             doBlast = args[++i];
         }
+        else if (arg === "--telemetry") {
+            doTelemetry = true;
+        }
+        else if (arg === "--eval") {
+            doEval = true;
+        }
         else if (!arg.startsWith("-")) {
             targetDir = resolve(arg);
         }
@@ -283,13 +322,58 @@ async function main() {
         await startMCPServer();
         return;
     }
+    // Eval mode (standalone, no scan needed)
+    if (doEval) {
+        const { runEval } = await import("./eval.js");
+        await runEval();
+        return;
+    }
     const root = resolve(targetDir);
+    // Load config file
+    const fileConfig = await loadConfig(root);
+    const config = mergeCliConfig(fileConfig, {
+        maxDepth: maxDepth !== 10 ? maxDepth : undefined,
+        outputDir: outputDirName !== ".codesight" ? outputDirName : undefined,
+        profile: doProfile || undefined,
+    });
+    // Apply config overrides
+    if (config.maxDepth)
+        maxDepth = config.maxDepth;
+    if (config.outputDir)
+        outputDirName = config.outputDir;
     // Install git hook
     if (doHook) {
         await installGitHook(root, outputDirName);
     }
-    // Run scan
-    const result = await scan(root, outputDirName, maxDepth);
+    // Run scan (passes config for disabled detectors + plugins)
+    let result = await scan(root, outputDirName, maxDepth, config);
+    // Run plugin post-processors
+    if (config.plugins) {
+        for (const plugin of config.plugins) {
+            if (plugin.postProcessor) {
+                try {
+                    result = await plugin.postProcessor(result);
+                }
+                catch (err) {
+                    console.warn(`  Warning: plugin "${plugin.name}" post-processor failed: ${err.message}`);
+                }
+            }
+        }
+    }
+    // Token telemetry
+    if (doTelemetry) {
+        const { runTelemetry } = await import("./telemetry.js");
+        const outputDir = join(root, outputDirName);
+        process.stdout.write("  Running telemetry...");
+        const report = await runTelemetry(root, result, outputDir);
+        console.log(` ${outputDirName}/telemetry.md`);
+        console.log(`\n  Telemetry Results:`);
+        for (const task of report.tasks) {
+            console.log(`    ${task.name}: ${task.reduction}x reduction (${task.tokensWithout.toLocaleString()} → ${task.tokensWith.toLocaleString()} tokens)`);
+        }
+        console.log(`    Average: ${report.summary.averageReduction}x | Tool calls saved: ${report.summary.totalToolCallsSaved}`);
+        console.log("");
+    }
     // JSON output
     if (jsonOutput) {
         console.log(JSON.stringify(result, null, 2));

package/dist/telemetry.d.ts

@@ -0,0 +1,38 @@
+/**
+ * Token telemetry: measures real before/after token usage by simulating
+ * what an AI agent would do with and without codesight context.
+ *
+ * Approach: for each standard task (explain architecture, add route, review diff),
+ * measure the actual bytes of context that would be consumed.
+ *
+ * "Without codesight": count tokens from the files an AI would need to read
+ * to discover routes, schema, components, config, etc.
+ *
+ * "With codesight": count tokens from the CODESIGHT.md output.
+ */
+import type { ScanResult } from "./types.js";
+export interface TelemetryTask {
+    name: string;
+    description: string;
+    /** Files the AI would need to read without codesight */
+    filesRead: string[];
+    /** Tool calls the AI would make (glob, grep, read) */
+    toolCalls: number;
+    /** Tokens consumed reading those files */
+    tokensWithout: number;
+    /** Tokens consumed from codesight output */
+    tokensWith: number;
+    /** Reduction factor */
+    reduction: number;
+}
+export interface TelemetryReport {
+    project: string;
+    tasks: TelemetryTask[];
+    summary: {
+        totalTokensWithout: number;
+        totalTokensWith: number;
+        averageReduction: number;
+        totalToolCallsSaved: number;
+    };
+}
+export declare function runTelemetry(root: string, result: ScanResult, outputDir: string): Promise<TelemetryReport>;

package/dist/telemetry.js

@@ -0,0 +1,257 @@
+/**
+ * Token telemetry: measures real before/after token usage by simulating
+ * what an AI agent would do with and without codesight context.
+ *
+ * Approach: for each standard task (explain architecture, add route, review diff),
+ * measure the actual bytes of context that would be consumed.
+ *
+ * "Without codesight": count tokens from the files an AI would need to read
+ * to discover routes, schema, components, config, etc.
+ *
+ * "With codesight": count tokens from the CODESIGHT.md output.
+ */
+import { readFile } from "node:fs/promises";
+import { join, relative } from "node:path";
+function countTokens(text) {
+    return Math.ceil(text.length / 4);
+}
+async function readFileSafe(path) {
+    try {
+        return await readFile(path, "utf-8");
+    }
+    catch {
+        return "";
+    }
+}
+/**
+ * Task 1: "Explain the architecture"
+ * Without codesight: AI reads package.json, scans dirs, reads route files,
+ * schema files, config files, middleware files — typically 15-25 file reads.
+ */
+async function measureExplainArchitecture(root, result, codesightTokens) {
+    const filesToRead = new Set();
+    // AI would read package.json first
+    filesToRead.add(join(root, "package.json"));
+    // Then scan for route files
+    for (const route of result.routes) {
+        filesToRead.add(join(root, route.file));
+    }
+    // Schema files
+    for (const _schema of result.schemas) {
+        // Find the file containing this schema from routes or libs
+        for (const lib of result.libs) {
+            if (lib.file.includes("schema") || lib.file.includes("model") || lib.file.includes("db")) {
+                filesToRead.add(join(root, lib.file));
+            }
+        }
+    }
+    // Config files
+    for (const cf of result.config.configFiles) {
+        filesToRead.add(join(root, cf));
+    }
+    // Middleware files
+    for (const mw of result.middleware) {
+        filesToRead.add(join(root, mw.file));
+    }
+    // Hot files (AI would discover these during exploration)
+    for (const hf of result.graph.hotFiles.slice(0, 10)) {
+        filesToRead.add(join(root, hf.file));
+    }
+    // Read all files and count tokens
+    let totalTokens = 0;
+    const readFiles = [];
+    for (const f of filesToRead) {
+        const content = await readFileSafe(f);
+        if (content) {
+            totalTokens += countTokens(content);
+            readFiles.push(relative(root, f));
+        }
+    }
+    // Add overhead for glob/grep tool calls (each costs ~50-100 tokens for command + results)
+    const toolCalls = Math.max(10, Math.ceil(filesToRead.size * 0.8));
+    totalTokens += toolCalls * 75; // average 75 tokens per tool call overhead
+    const reduction = totalTokens > 0 ? Math.round((totalTokens / codesightTokens) * 10) / 10 : 1;
+    return {
+        name: "Explain architecture",
+        description: "Understand project stack, routes, schema, and dependencies",
+        filesRead: readFiles,
+        toolCalls,
+        tokensWithout: totalTokens,
+        tokensWith: codesightTokens,
+        reduction,
+    };
+}
+/**
+ * Task 2: "Add a new API route"
+ * Without codesight: AI needs to find existing routes to match patterns,
+ * read schema for related models, check middleware, check config.
+ */
+async function measureAddRoute(root, result, codesightTokens) {
+    const filesToRead = new Set();
+    // AI would grep for existing route patterns — reads 3-5 route files
+    const routeFiles = [...new Set(result.routes.map((r) => r.file))];
+    for (const f of routeFiles.slice(0, 5)) {
+        filesToRead.add(join(root, f));
+    }
+    // Read schema to understand models
+    for (const lib of result.libs) {
+        if (lib.file.includes("schema") || lib.file.includes("model") || lib.file.includes("db")) {
+            filesToRead.add(join(root, lib.file));
+        }
+    }
+    // Check middleware to know what to apply
+    for (const mw of result.middleware) {
+        filesToRead.add(join(root, mw.file));
+    }
+    let totalTokens = 0;
+    const readFiles = [];
+    for (const f of filesToRead) {
+        const content = await readFileSafe(f);
+        if (content) {
+            totalTokens += countTokens(content);
+            readFiles.push(relative(root, f));
+        }
+    }
+    const toolCalls = Math.max(6, Math.ceil(filesToRead.size * 0.7));
+    totalTokens += toolCalls * 75;
+    // With codesight, AI only reads the routes + schema sections (~40% of output)
+    const withTokens = Math.ceil(codesightTokens * 0.4);
+    const reduction = totalTokens > 0 ? Math.round((totalTokens / withTokens) * 10) / 10 : 1;
+    return {
+        name: "Add new API route",
+        description: "Find route patterns, check schema, apply middleware",
+        filesRead: readFiles,
+        toolCalls,
+        tokensWithout: totalTokens,
+        tokensWith: withTokens,
+        reduction,
+    };
+}
+/**
+ * Task 3: "Review a diff / understand blast radius"
+ * Without codesight: AI needs to trace imports, find dependents, check what routes
+ * and models are affected by a file change.
+ */
+async function measureReviewDiff(root, result, codesightTokens) {
+    const filesToRead = new Set();
+    // AI would read the changed file + all its importers
+    // Simulate: pick the hottest file and trace its dependents
+    if (result.graph.hotFiles.length > 0) {
+        const hotFile = result.graph.hotFiles[0];
+        filesToRead.add(join(root, hotFile.file));
+        // Read files that import it
+        for (const edge of result.graph.edges) {
+            if (edge.to === hotFile.file) {
+                filesToRead.add(join(root, edge.from));
+            }
+        }
+    }
+    // Also read some route files to check impact
+    const routeFiles = [...new Set(result.routes.map((r) => r.file))];
+    for (const f of routeFiles.slice(0, 3)) {
+        filesToRead.add(join(root, f));
+    }
+    let totalTokens = 0;
+    const readFiles = [];
+    for (const f of filesToRead) {
+        const content = await readFileSafe(f);
+        if (content) {
+            totalTokens += countTokens(content);
+            readFiles.push(relative(root, f));
+        }
+    }
+    const toolCalls = Math.max(8, Math.ceil(filesToRead.size * 0.6));
+    totalTokens += toolCalls * 75;
+    // With codesight, AI reads graph section + routes (~50% of output)
+    const withTokens = Math.ceil(codesightTokens * 0.5);
+    const reduction = totalTokens > 0 ? Math.round((totalTokens / withTokens) * 10) / 10 : 1;
+    return {
+        name: "Review diff / blast radius",
+        description: "Trace imports, find affected routes and models",
+        filesRead: readFiles,
+        toolCalls,
+        tokensWithout: totalTokens,
+        tokensWith: withTokens,
+        reduction,
+    };
+}
+export async function runTelemetry(root, result, outputDir) {
+    // Read the codesight output to get real token count
+    const codesightContent = await readFileSafe(join(outputDir, "CODESIGHT.md"));
+    const codesightTokens = countTokens(codesightContent);
+    const tasks = await Promise.all([
+        measureExplainArchitecture(root, result, codesightTokens),
+        measureAddRoute(root, result, codesightTokens),
+        measureReviewDiff(root, result, codesightTokens),
+    ]);
+    const totalWithout = tasks.reduce((s, t) => s + t.tokensWithout, 0);
+    const totalWith = tasks.reduce((s, t) => s + t.tokensWith, 0);
+    const totalToolCalls = tasks.reduce((s, t) => s + t.toolCalls, 0);
+    const report = {
+        project: result.project.name,
+        tasks,
+        summary: {
+            totalTokensWithout: totalWithout,
+            totalTokensWith: totalWith,
+            averageReduction: totalWith > 0 ? Math.round((totalWithout / totalWith) * 10) / 10 : 1,
+            totalToolCallsSaved: totalToolCalls,
+        },
+    };
+    // Write telemetry report
+    const reportLines = [
+        `# Token Telemetry: ${result.project.name}`,
+        "",
+        `> Measured by reading the actual files an AI agent would need for each task,`,
+        `> then comparing against the codesight output (~${codesightTokens.toLocaleString()} tokens).`,
+        "",
+        "## Tasks",
+        "",
+    ];
+    for (const task of tasks) {
+        reportLines.push(`### ${task.name}`);
+        reportLines.push(`_${task.description}_`);
+        reportLines.push("");
+        reportLines.push(`| Metric | Value |`);
+        reportLines.push(`|---|---|`);
+        reportLines.push(`| Files AI would read | ${task.filesRead.length} |`);
+        reportLines.push(`| Tool calls (glob/grep/read) | ${task.toolCalls} |`);
+        reportLines.push(`| Tokens without codesight | ~${task.tokensWithout.toLocaleString()} |`);
+        reportLines.push(`| Tokens with codesight | ~${task.tokensWith.toLocaleString()} |`);
+        reportLines.push(`| **Reduction** | **${task.reduction}x** |`);
+        reportLines.push("");
+        if (task.filesRead.length > 0) {
+            reportLines.push("<details>");
+            reportLines.push(`<summary>Files read (${task.filesRead.length})</summary>`);
+            reportLines.push("");
+            for (const f of task.filesRead) {
+                reportLines.push(`- \`${f}\``);
+            }
+            reportLines.push("");
+            reportLines.push("</details>");
+            reportLines.push("");
+        }
+    }
+    reportLines.push("## Summary");
+    reportLines.push("");
+    reportLines.push(`| Metric | Value |`);
+    reportLines.push(`|---|---|`);
+    reportLines.push(`| Total tokens without codesight | ~${report.summary.totalTokensWithout.toLocaleString()} |`);
+    reportLines.push(`| Total tokens with codesight | ~${report.summary.totalTokensWith.toLocaleString()} |`);
+    reportLines.push(`| **Average reduction** | **${report.summary.averageReduction}x** |`);
+    reportLines.push(`| Tool calls saved | ${report.summary.totalToolCallsSaved} |`);
+    reportLines.push("");
+    reportLines.push("## Methodology");
+    reportLines.push("");
+    reportLines.push("Token counts are calculated by reading the actual source files an AI agent would");
+    reportLines.push("need to explore for each task, using the ~4 chars/token heuristic (standard for");
+    reportLines.push("GPT/Claude tokenizers). Tool call overhead is estimated at ~75 tokens per call");
+    reportLines.push("(command text + result formatting). The \"with codesight\" count uses the real");
+    reportLines.push("CODESIGHT.md output size, proportioned to the sections relevant to each task.");
+    reportLines.push("");
+    reportLines.push(`_Generated by codesight --telemetry_`);
+    const { writeFile: wf } = await import("node:fs/promises");
+    const { mkdir } = await import("node:fs/promises");
+    await mkdir(outputDir, { recursive: true });
+    await wf(join(outputDir, "telemetry.md"), reportLines.join("\n"));
+    return report;
+}

package/dist/types.d.ts

@@ -95,12 +95,47 @@ export interface BlastRadiusResult {
     depth: number;
 }
 export interface CodesightConfig {
+    /** Disable specific detectors: "routes", "schema", "components", "libs", "config", "middleware", "graph" */
     disableDetectors?: string[];
+    /** Custom route tags: { "billing": ["stripe", "payment"] } */
     customTags?: Record<string, string[]>;
+    /** Max directory depth (default: 10) */
     maxDepth?: number;
+    /** Output directory name (default: ".codesight") */
     outputDir?: string;
+    /** AI tool profile */
     profile?: "claude-code" | "cursor" | "codex" | "copilot" | "windsurf" | "generic";
+    /** Additional ignore patterns (glob-style) */
     ignorePatterns?: string[];
+    /** Custom route patterns: [{ pattern: "router\\.handle\\(", method: "ALL" }] */
+    customRoutePatterns?: {
+        pattern: string;
+        method?: string;
+    }[];
+    /** Blast radius max BFS depth (default: 5) */
+    blastRadiusDepth?: number;
+    /** Hot file threshold: min imports to be "hot" (default: 3) */
+    hotFileThreshold?: number;
+    /** Plugin hooks */
+    plugins?: CodesightPlugin[];
+}
+export interface CodesightPlugin {
+    /** Plugin name for identification */
+    name: string;
+    /** Custom detector: runs after built-in detectors */
+    detector?: (files: string[], project: ProjectInfo) => Promise<PluginDetectorResult>;
+    /** Post-processor: transforms the final ScanResult */
+    postProcessor?: (result: ScanResult) => Promise<ScanResult>;
+}
+export interface PluginDetectorResult {
+    /** Additional routes to merge */
+    routes?: RouteInfo[];
+    /** Additional schema models to merge */
+    schemas?: SchemaModel[];
+    /** Additional components to merge */
+    components?: ComponentInfo[];
+    /** Additional middleware to merge */
+    middleware?: MiddlewareInfo[];
 }
 export interface ScanResult {
     project: ProjectInfo;

package/eval/README.md

@@ -0,0 +1,36 @@
+# codesight Evaluation Suite
+
+Reproducible accuracy benchmarks for codesight detectors.
+
+## How It Works
+
+Each fixture in `fixtures/` contains:
+- `repo.json` — describes the repo structure (files with inline content)
+- `ground-truth.json` — expected detection results (routes, models, env vars, blast radius)
+
+Running `npx codesight --eval` will:
+1. Create temporary directories from each fixture
+2. Run codesight detectors on them
+3. Compare results against ground truth
+4. Print precision, recall, F1 score, and runtime per fixture
+
+## Fixtures
+
+| Fixture | Stack | What it tests |
+|---|---|---|
+| `nextjs-drizzle` | Next.js App Router + Drizzle ORM | Routes, schema, components, env vars |
+| `express-prisma` | Express + Prisma | Route detection, schema parsing, middleware |
+| `fastapi-sqlalchemy` | FastAPI + SQLAlchemy | Python routes, Python ORM, config |
+| `hono-monorepo` | Hono + Drizzle (pnpm monorepo) | Monorepo detection, workspace routes, schema |
+
+## Adding a Fixture
+
+1. Create a folder in `fixtures/` with `repo.json` and `ground-truth.json`
+2. Follow the JSON schema used by existing fixtures
+3. Run `npx codesight --eval` to verify
+
+## Metrics
+
+- **Precision**: of all items codesight detected, how many are correct?
+- **Recall**: of all items that exist, how many did codesight find?
+- **F1**: harmonic mean of precision and recall

package/eval/fixtures/express-prisma/ground-truth.json

@@ -0,0 +1,31 @@
+{
+  "routes": [
+    { "method": "POST", "path": "/login" },
+    { "method": "POST", "path": "/register" },
+    { "method": "GET", "path": "/" },
+    { "method": "GET", "path": "/:id" },
+    { "method": "PUT", "path": "/:id" },
+    { "method": "DELETE", "path": "/:id" },
+    { "method": "POST", "path": "/" }
+  ],
+  "models": [
+    {
+      "name": "User",
+      "fields": ["id", "email", "password", "name", "role", "posts", "createdAt"]
+    },
+    {
+      "name": "Post",
+      "fields": ["id", "title", "content", "published", "author", "authorId", "tags", "createdAt"]
+    },
+    {
+      "name": "Tag",
+      "fields": ["id", "name", "posts"]
+    },
+    {
+      "name": "enum:Role",
+      "fields": ["USER", "ADMIN"]
+    }
+  ],
+  "envVars": ["DATABASE_URL", "JWT_SECRET", "PORT", "REDIS_URL", "CORS_ORIGIN"],
+  "middleware": ["auth", "error", "rate-limit", "cors"]
+}

package/eval/fixtures/express-prisma/repo.json

@@ -0,0 +1,19 @@
+{
+  "name": "express-prisma-api",
+  "description": "Express.js REST API with Prisma ORM and middleware",
+  "files": {
+    "package.json": "{\"name\":\"api-server\",\"dependencies\":{\"express\":\"4.18.0\",\"@prisma/client\":\"5.0.0\",\"cors\":\"2.8.5\",\"helmet\":\"7.0.0\",\"express-rate-limit\":\"7.0.0\",\"jsonwebtoken\":\"9.0.0\"},\"devDependencies\":{\"typescript\":\"5.3.0\",\"@types/express\":\"4.17.0\",\"@types/node\":\"20.0.0\",\"prisma\":\"5.0.0\"}}",
+    "tsconfig.json": "{\"compilerOptions\":{\"target\":\"es2017\",\"module\":\"commonjs\",\"outDir\":\"dist\"}}",
+    ".env.example": "DATABASE_URL=postgresql://localhost:5432/api\nJWT_SECRET=changeme\nPORT=3000\nREDIS_URL=redis://localhost:6379\nCORS_ORIGIN=http://localhost:3001",
+    "prisma/schema.prisma": "datasource db {\n  provider = \"postgresql\"\n  url      = env(\"DATABASE_URL\")\n}\n\ngenerator client {\n  provider = \"prisma-client-js\"\n}\n\nmodel User {\n  id        Int      @id @default(autoincrement())\n  email     String   @unique\n  password  String\n  name      String?\n  role      Role     @default(USER)\n  posts     Post[]\n  createdAt DateTime @default(now())\n}\n\nmodel Post {\n  id        Int       @id @default(autoincrement())\n  title     String\n  content   String?\n  published Boolean   @default(false)\n  author    User      @relation(fields: [authorId], references: [id])\n  authorId  Int\n  tags      Tag[]\n  createdAt DateTime  @default(now())\n}\n\nmodel Tag {\n  id    Int    @id @default(autoincrement())\n  name  String @unique\n  posts Post[]\n}\n\nenum Role {\n  USER\n  ADMIN\n}",
+    "src/index.ts": "import express from 'express';\nimport cors from 'cors';\nimport helmet from 'helmet';\nimport { authRouter } from './routes/auth';\nimport { usersRouter } from './routes/users';\nimport { postsRouter } from './routes/posts';\nimport { errorHandler } from './middleware/error';\nimport { rateLimiter } from './middleware/rate-limit';\n\nconst app = express();\n\napp.use(cors());\napp.use(helmet());\napp.use(express.json());\napp.use(rateLimiter);\n\napp.use('/api/auth', authRouter);\napp.use('/api/users', usersRouter);\napp.use('/api/posts', postsRouter);\n\napp.use(errorHandler);\n\napp.listen(process.env.PORT || 3000);",
+    "src/routes/auth.ts": "import { Router } from 'express';\nimport { prisma } from '../lib/prisma';\nimport { generateToken } from '../lib/jwt';\n\nexport const authRouter = Router();\n\nauthRouter.post('/login', async (req, res) => {\n  const { email, password } = req.body;\n  const user = await prisma.user.findUnique({ where: { email } });\n  if (!user) return res.status(401).json({ error: 'Invalid credentials' });\n  const token = generateToken(user.id);\n  res.json({ token });\n});\n\nauthRouter.post('/register', async (req, res) => {\n  const { email, password, name } = req.body;\n  const user = await prisma.user.create({ data: { email, password, name } });\n  const token = generateToken(user.id);\n  res.status(201).json({ token });\n});",
+    "src/routes/users.ts": "import { Router } from 'express';\nimport { prisma } from '../lib/prisma';\nimport { authenticate } from '../middleware/auth';\n\nexport const usersRouter = Router();\n\nusersRouter.get('/', authenticate, async (req, res) => {\n  const users = await prisma.user.findMany();\n  res.json(users);\n});\n\nusersRouter.get('/:id', authenticate, async (req, res) => {\n  const user = await prisma.user.findUnique({ where: { id: parseInt(req.params.id) } });\n  res.json(user);\n});\n\nusersRouter.put('/:id', authenticate, async (req, res) => {\n  const user = await prisma.user.update({ where: { id: parseInt(req.params.id) }, data: req.body });\n  res.json(user);\n});\n\nusersRouter.delete('/:id', authenticate, async (req, res) => {\n  await prisma.user.delete({ where: { id: parseInt(req.params.id) } });\n  res.json({ deleted: true });\n});",
+    "src/routes/posts.ts": "import { Router } from 'express';\nimport { prisma } from '../lib/prisma';\nimport { authenticate } from '../middleware/auth';\n\nexport const postsRouter = Router();\n\npostsRouter.get('/', async (req, res) => {\n  const posts = await prisma.post.findMany({ include: { author: true, tags: true } });\n  res.json(posts);\n});\n\npostsRouter.get('/:id', async (req, res) => {\n  const post = await prisma.post.findUnique({ where: { id: parseInt(req.params.id) }, include: { author: true, tags: true } });\n  res.json(post);\n});\n\npostsRouter.post('/', authenticate, async (req, res) => {\n  const post = await prisma.post.create({ data: { ...req.body, authorId: req.userId } });\n  res.status(201).json(post);\n});\n\npostsRouter.put('/:id', authenticate, async (req, res) => {\n  const post = await prisma.post.update({ where: { id: parseInt(req.params.id) }, data: req.body });\n  res.json(post);\n});\n\npostsRouter.delete('/:id', authenticate, async (req, res) => {\n  await prisma.post.delete({ where: { id: parseInt(req.params.id) } });\n  res.json({ deleted: true });\n});",
+    "src/middleware/auth.ts": "import { Request, Response, NextFunction } from 'express';\nimport { verifyToken } from '../lib/jwt';\n\nexport function authenticate(req: Request, res: Response, next: NextFunction) {\n  const token = req.headers.authorization?.replace('Bearer ', '');\n  if (!token) return res.status(401).json({ error: 'No token' });\n  try {\n    const payload = verifyToken(token);\n    (req as any).userId = payload.userId;\n    next();\n  } catch {\n    res.status(401).json({ error: 'Invalid token' });\n  }\n}",
+    "src/middleware/error.ts": "import { Request, Response, NextFunction } from 'express';\n\nexport function errorHandler(err: Error, req: Request, res: Response, next: NextFunction) {\n  console.error(err.stack);\n  res.status(500).json({ error: 'Internal server error' });\n}",
+    "src/middleware/rate-limit.ts": "import rateLimit from 'express-rate-limit';\n\nexport const rateLimiter = rateLimit({\n  windowMs: 15 * 60 * 1000,\n  max: 100,\n  message: { error: 'Too many requests' }\n});",
+    "src/lib/prisma.ts": "import { PrismaClient } from '@prisma/client';\n\nexport const prisma = new PrismaClient();",
+    "src/lib/jwt.ts": "import jwt from 'jsonwebtoken';\n\nconst SECRET = process.env.JWT_SECRET || 'dev-secret';\n\nexport function generateToken(userId: number): string {\n  return jwt.sign({ userId }, SECRET, { expiresIn: '24h' });\n}\n\nexport function verifyToken(token: string): { userId: number } {\n  return jwt.verify(token, SECRET) as { userId: number };\n}"
+  }
+}

package/eval/fixtures/fastapi-sqlalchemy/ground-truth.json

@@ -0,0 +1,29 @@
+{
+  "routes": [
+    { "method": "GET", "path": "/health" },
+    { "method": "GET", "path": "/" },
+    { "method": "GET", "path": "/{user_id}" },
+    { "method": "POST", "path": "/" },
+    { "method": "DELETE", "path": "/{user_id}" },
+    { "method": "GET", "path": "/{item_id}" },
+    { "method": "POST", "path": "/" },
+    { "method": "PUT", "path": "/{item_id}" },
+    { "method": "POST", "path": "/login" },
+    { "method": "POST", "path": "/register" }
+  ],
+  "models": [
+    {
+      "name": "User",
+      "fields": ["id", "email", "password", "name", "is_active", "items", "created_at"]
+    },
+    {
+      "name": "Item",
+      "fields": ["id", "title", "description", "price", "owner_id", "owner", "created_at"]
+    },
+    {
+      "name": "Category",
+      "fields": ["id", "name", "description"]
+    }
+  ],
+  "envVars": ["DATABASE_URL", "SECRET_KEY", "DEBUG", "ALLOWED_ORIGINS"]
+}

package/eval/fixtures/fastapi-sqlalchemy/repo.json

@@ -0,0 +1,16 @@
+{
+  "name": "fastapi-sqlalchemy-api",
+  "description": "FastAPI with SQLAlchemy models",
+  "files": {
+    "requirements.txt": "fastapi==0.104.0\nuvicorn==0.24.0\nsqlalchemy==2.0.23\nalembic==1.12.0\npydantic==2.5.0\npython-dotenv==1.0.0",
+    ".env.example": "DATABASE_URL=postgresql://localhost:5432/fastapi_db\nSECRET_KEY=changeme\nDEBUG=true\nALLOWED_ORIGINS=http://localhost:3000",
+    "app/__init__.py": "",
+    "app/main.py": "from fastapi import FastAPI\nfrom fastapi.middleware.cors import CORSMiddleware\nfrom app.routes import users, items, auth\n\napp = FastAPI(title=\"My API\")\n\napp.add_middleware(CORSMiddleware, allow_origins=[\"*\"])\n\napp.include_router(users.router, prefix=\"/api/users\", tags=[\"users\"])\napp.include_router(items.router, prefix=\"/api/items\", tags=[\"items\"])\napp.include_router(auth.router, prefix=\"/api/auth\", tags=[\"auth\"])\n\n@app.get(\"/health\")\ndef health():\n    return {\"status\": \"ok\"}",
+    "app/routes/__init__.py": "",
+    "app/routes/users.py": "from fastapi import APIRouter, Depends, HTTPException\nfrom sqlalchemy.orm import Session\nfrom app.db import get_db\nfrom app.models import User\n\nrouter = APIRouter()\n\n@router.get(\"/\")\ndef list_users(db: Session = Depends(get_db)):\n    return db.query(User).all()\n\n@router.get(\"/{user_id}\")\ndef get_user(user_id: int, db: Session = Depends(get_db)):\n    user = db.query(User).filter(User.id == user_id).first()\n    if not user:\n        raise HTTPException(status_code=404)\n    return user\n\n@router.post(\"/\")\ndef create_user(data: dict, db: Session = Depends(get_db)):\n    user = User(**data)\n    db.add(user)\n    db.commit()\n    return user\n\n@router.delete(\"/{user_id}\")\ndef delete_user(user_id: int, db: Session = Depends(get_db)):\n    db.query(User).filter(User.id == user_id).delete()\n    db.commit()\n    return {\"deleted\": True}",
+    "app/routes/items.py": "from fastapi import APIRouter, Depends\nfrom sqlalchemy.orm import Session\nfrom app.db import get_db\nfrom app.models import Item\n\nrouter = APIRouter()\n\n@router.get(\"/\")\ndef list_items(db: Session = Depends(get_db)):\n    return db.query(Item).all()\n\n@router.get(\"/{item_id}\")\ndef get_item(item_id: int, db: Session = Depends(get_db)):\n    return db.query(Item).filter(Item.id == item_id).first()\n\n@router.post(\"/\")\ndef create_item(data: dict, db: Session = Depends(get_db)):\n    item = Item(**data)\n    db.add(item)\n    db.commit()\n    return item\n\n@router.put(\"/{item_id}\")\ndef update_item(item_id: int, data: dict, db: Session = Depends(get_db)):\n    item = db.query(Item).filter(Item.id == item_id).first()\n    for k, v in data.items():\n        setattr(item, k, v)\n    db.commit()\n    return item",
+    "app/routes/auth.py": "from fastapi import APIRouter\n\nrouter = APIRouter()\n\n@router.post(\"/login\")\ndef login(data: dict):\n    return {\"token\": \"fake-token\"}\n\n@router.post(\"/register\")\ndef register(data: dict):\n    return {\"user\": data}",
+    "app/models.py": "from sqlalchemy import Column, Integer, String, Boolean, ForeignKey, DateTime, Float\nfrom sqlalchemy.orm import relationship\nfrom datetime import datetime\nfrom app.db import Base\n\nclass User(Base):\n    __tablename__ = 'users'\n    id = Column(Integer, primary_key=True)\n    email = Column(String, unique=True, nullable=False)\n    password = Column(String, nullable=False)\n    name = Column(String)\n    is_active = Column(Boolean, default=True)\n    items = relationship('Item', back_populates='owner')\n    created_at = Column(DateTime, default=datetime.utcnow)\n\nclass Item(Base):\n    __tablename__ = 'items'\n    id = Column(Integer, primary_key=True)\n    title = Column(String, nullable=False)\n    description = Column(String)\n    price = Column(Float)\n    owner_id = Column(Integer, ForeignKey('users.id'))\n    owner = relationship('User', back_populates='items')\n    created_at = Column(DateTime, default=datetime.utcnow)\n\nclass Category(Base):\n    __tablename__ = 'categories'\n    id = Column(Integer, primary_key=True)\n    name = Column(String, unique=True, nullable=False)\n    description = Column(String)",
+    "app/db.py": "from sqlalchemy import create_engine\nfrom sqlalchemy.orm import sessionmaker, declarative_base\nimport os\n\nDATABASE_URL = os.getenv('DATABASE_URL', 'sqlite:///./test.db')\nengine = create_engine(DATABASE_URL)\nSessionLocal = sessionmaker(bind=engine)\nBase = declarative_base()\n\ndef get_db():\n    db = SessionLocal()\n    try:\n        yield db\n    finally:\n        db.close()"
+  }
+}

package/eval/fixtures/hono-monorepo/ground-truth.json

@@ -0,0 +1,33 @@
+{
+  "routes": [
+    { "method": "GET", "path": "/health" },
+    { "method": "POST", "path": "/login" },
+    { "method": "POST", "path": "/register" },
+    { "method": "POST", "path": "/refresh" },
+    { "method": "GET", "path": "/" },
+    { "method": "GET", "path": "/:id" },
+    { "method": "PUT", "path": "/:id" },
+    { "method": "DELETE", "path": "/:id" },
+    { "method": "GET", "path": "/" },
+    { "method": "GET", "path": "/:id" },
+    { "method": "POST", "path": "/" }
+  ],
+  "models": [
+    {
+      "name": "users",
+      "fields": ["id", "email", "name", "role", "createdAt"],
+      "relations": ["projects"]
+    },
+    {
+      "name": "projects",
+      "fields": ["id", "name", "description", "ownerId", "isPublic", "createdAt"],
+      "relations": ["owner"]
+    }
+  ],
+  "components": [
+    { "name": "ProjectCard", "props": ["name", "description", "isPublic"] },
+    { "name": "UserAvatar", "props": ["name", "size"] }
+  ],
+  "envVars": ["DATABASE_URL", "JWT_SECRET", "PORT"],
+  "middleware": ["auth"]
+}

package/eval/fixtures/hono-monorepo/repo.json

@@ -0,0 +1,20 @@
+{
+  "name": "hono-monorepo",
+  "description": "Hono API + React frontend in pnpm monorepo with Drizzle",
+  "files": {
+    "package.json": "{\"name\":\"my-monorepo\",\"private\":true}",
+    "pnpm-workspace.yaml": "packages:\n  - 'apps/*'\n  - 'packages/*'",
+    "apps/api/package.json": "{\"name\":\"@mono/api\",\"dependencies\":{\"hono\":\"4.0.0\",\"drizzle-orm\":\"0.30.0\",\"pg\":\"8.11.0\",\"zod\":\"3.22.0\"},\"devDependencies\":{\"typescript\":\"5.3.0\"}}",
+    "apps/api/.env.example": "DATABASE_URL=postgres://localhost:5432/mono\nJWT_SECRET=secret\nPORT=4000",
+    "apps/api/src/index.ts": "import { Hono } from 'hono';\nimport { cors } from 'hono/cors';\nimport { logger } from 'hono/logger';\nimport { authRoutes } from './routes/auth';\nimport { userRoutes } from './routes/users';\nimport { projectRoutes } from './routes/projects';\n\nconst app = new Hono();\n\napp.use('*', cors());\napp.use('*', logger());\n\napp.get('/health', (c) => c.json({ ok: true }));\n\napp.route('/api/auth', authRoutes);\napp.route('/api/users', userRoutes);\napp.route('/api/projects', projectRoutes);\n\nexport default app;",
+    "apps/api/src/routes/auth.ts": "import { Hono } from 'hono';\nimport { zValidator } from '@hono/zod-validator';\nimport { z } from 'zod';\n\nexport const authRoutes = new Hono();\n\nconst loginSchema = z.object({ email: z.string().email(), password: z.string() });\n\nauthRoutes.post('/login', zValidator('json', loginSchema), async (c) => {\n  const { email, password } = c.req.valid('json');\n  return c.json({ token: 'jwt-token' });\n});\n\nauthRoutes.post('/register', async (c) => {\n  const body = await c.req.json();\n  return c.json({ user: body }, 201);\n});\n\nauthRoutes.post('/refresh', async (c) => {\n  return c.json({ token: 'new-token' });\n});",
+    "apps/api/src/routes/users.ts": "import { Hono } from 'hono';\nimport { db } from '../db';\nimport { users } from '../db/schema';\nimport { eq } from 'drizzle-orm';\n\nexport const userRoutes = new Hono();\n\nuserRoutes.get('/', async (c) => {\n  const all = await db.select().from(users);\n  return c.json(all);\n});\n\nuserRoutes.get('/:id', async (c) => {\n  const id = parseInt(c.req.param('id'));\n  const user = await db.select().from(users).where(eq(users.id, id));\n  return c.json(user[0]);\n});\n\nuserRoutes.put('/:id', async (c) => {\n  const id = parseInt(c.req.param('id'));\n  const body = await c.req.json();\n  const updated = await db.update(users).set(body).where(eq(users.id, id)).returning();\n  return c.json(updated[0]);\n});\n\nuserRoutes.delete('/:id', async (c) => {\n  const id = parseInt(c.req.param('id'));\n  await db.delete(users).where(eq(users.id, id));\n  return c.json({ deleted: true });\n});",
+    "apps/api/src/routes/projects.ts": "import { Hono } from 'hono';\nimport { db } from '../db';\nimport { projects } from '../db/schema';\nimport { eq } from 'drizzle-orm';\n\nexport const projectRoutes = new Hono();\n\nprojectRoutes.get('/', async (c) => {\n  const all = await db.select().from(projects);\n  return c.json(all);\n});\n\nprojectRoutes.get('/:id', async (c) => {\n  const id = parseInt(c.req.param('id'));\n  const project = await db.select().from(projects).where(eq(projects.id, id));\n  return c.json(project[0]);\n});\n\nprojectRoutes.post('/', async (c) => {\n  const body = await c.req.json();\n  const created = await db.insert(projects).values(body).returning();\n  return c.json(created[0], 201);\n});",
+    "apps/api/src/db/index.ts": "import { drizzle } from 'drizzle-orm/node-postgres';\nimport { Pool } from 'pg';\n\nconst pool = new Pool({ connectionString: process.env.DATABASE_URL });\nexport const db = drizzle(pool);",
+    "apps/api/src/db/schema.ts": "import { pgTable, serial, text, timestamp, integer, boolean } from 'drizzle-orm/pg-core';\nimport { relations } from 'drizzle-orm';\n\nexport const users = pgTable('users', {\n  id: serial('id').primaryKey(),\n  email: text('email').notNull().unique(),\n  name: text('name'),\n  role: text('role').default('user'),\n  createdAt: timestamp('created_at').defaultNow()\n});\n\nexport const projects = pgTable('projects', {\n  id: serial('id').primaryKey(),\n  name: text('name').notNull(),\n  description: text('description'),\n  ownerId: integer('owner_id').notNull().references(() => users.id),\n  isPublic: boolean('is_public').default(true),\n  createdAt: timestamp('created_at').defaultNow()\n});\n\nexport const usersRelations = relations(users, ({ many }) => ({\n  projects: many(projects)\n}));\n\nexport const projectsRelations = relations(projects, ({ one }) => ({\n  owner: one(users, { fields: [projects.ownerId], references: [users.id] })\n}));",
+    "apps/api/src/middleware/auth.ts": "import { Context, Next } from 'hono';\n\nexport async function authMiddleware(c: Context, next: Next) {\n  const token = c.req.header('Authorization');\n  if (!token) return c.json({ error: 'Unauthorized' }, 401);\n  await next();\n}",
+    "apps/web/package.json": "{\"name\":\"@mono/web\",\"dependencies\":{\"react\":\"18.0.0\",\"react-dom\":\"18.0.0\"},\"devDependencies\":{\"typescript\":\"5.3.0\",\"vite\":\"5.0.0\"}}",
+    "apps/web/src/components/ProjectCard.tsx": "import React from 'react';\n\ninterface ProjectCardProps {\n  name: string;\n  description: string;\n  isPublic: boolean;\n}\n\nexport function ProjectCard({ name, description, isPublic }: ProjectCardProps) {\n  return <div><h3>{name}</h3><p>{description}</p>{isPublic && <span>Public</span>}</div>;\n}",
+    "apps/web/src/components/UserAvatar.tsx": "'use client';\nimport React from 'react';\n\ninterface UserAvatarProps {\n  name: string;\n  size?: number;\n}\n\nexport function UserAvatar({ name, size = 40 }: UserAvatarProps) {\n  return <div style={{ width: size, height: size }}>{name[0]}</div>;\n}"
+  }
+}

package/eval/fixtures/nextjs-drizzle/ground-truth.json

@@ -0,0 +1,37 @@
+{
+  "routes": [
+    { "method": "GET", "path": "/api/users" },
+    { "method": "POST", "path": "/api/users" },
+    { "method": "GET", "path": "/api/users/[id]" },
+    { "method": "PUT", "path": "/api/users/[id]" },
+    { "method": "DELETE", "path": "/api/users/[id]" },
+    { "method": "GET", "path": "/api/posts" },
+    { "method": "POST", "path": "/api/posts" },
+    { "method": "GET", "path": "/api/posts/[id]/comments" },
+    { "method": "POST", "path": "/api/posts/[id]/comments" }
+  ],
+  "models": [
+    {
+      "name": "users",
+      "fields": ["id", "email", "name", "createdAt"],
+      "relations": ["posts", "comments"]
+    },
+    {
+      "name": "posts",
+      "fields": ["id", "title", "content", "published", "authorId", "createdAt"],
+      "relations": ["author", "comments"]
+    },
+    {
+      "name": "comments",
+      "fields": ["id", "body", "postId", "authorId", "createdAt"],
+      "relations": []
+    }
+  ],
+  "components": [
+    { "name": "UserCard", "props": ["name", "email", "avatar"] },
+    { "name": "PostList", "props": ["posts", "onSelect"] },
+    { "name": "CommentForm", "props": ["postId", "onSubmit"] }
+  ],
+  "envVars": ["DATABASE_URL", "NEXTAUTH_SECRET", "NEXT_PUBLIC_API_URL"],
+  "middleware": ["middleware", "auth"]
+}

package/eval/fixtures/nextjs-drizzle/repo.json

@@ -0,0 +1,21 @@
+{
+  "name": "nextjs-drizzle-app",
+  "description": "Next.js App Router with Drizzle ORM and React components",
+  "files": {
+    "package.json": "{\"name\":\"my-app\",\"dependencies\":{\"next\":\"14.0.0\",\"react\":\"18.0.0\",\"drizzle-orm\":\"0.30.0\",\"pg\":\"8.11.0\",\"zod\":\"3.22.0\"},\"devDependencies\":{\"typescript\":\"5.3.0\",\"@types/node\":\"20.0.0\"}}",
+    "tsconfig.json": "{\"compilerOptions\":{\"target\":\"es2017\",\"module\":\"esnext\",\"jsx\":\"react-jsx\"}}",
+    ".env.example": "DATABASE_URL=postgres://localhost:5432/mydb\nNEXTAUTH_SECRET=\nNEXT_PUBLIC_API_URL=http://localhost:3000",
+    "drizzle.config.ts": "import { defineConfig } from 'drizzle-kit';\nexport default defineConfig({ schema: './src/db/schema.ts', driver: 'pg' });",
+    "src/db/schema.ts": "import { pgTable, serial, text, timestamp, integer, boolean } from 'drizzle-orm/pg-core';\nimport { relations } from 'drizzle-orm';\n\nexport const users = pgTable('users', {\n  id: serial('id').primaryKey(),\n  email: text('email').notNull().unique(),\n  name: text('name'),\n  createdAt: timestamp('created_at').defaultNow()\n});\n\nexport const posts = pgTable('posts', {\n  id: serial('id').primaryKey(),\n  title: text('title').notNull(),\n  content: text('content'),\n  published: boolean('published').default(false),\n  authorId: integer('author_id').notNull().references(() => users.id),\n  createdAt: timestamp('created_at').defaultNow()\n});\n\nexport const comments = pgTable('comments', {\n  id: serial('id').primaryKey(),\n  body: text('body').notNull(),\n  postId: integer('post_id').notNull().references(() => posts.id),\n  authorId: integer('author_id').notNull().references(() => users.id),\n  createdAt: timestamp('created_at').defaultNow()\n});\n\nexport const usersRelations = relations(users, ({ many }) => ({\n  posts: many(posts),\n  comments: many(comments)\n}));\n\nexport const postsRelations = relations(posts, ({ one, many }) => ({\n  author: one(users, { fields: [posts.authorId], references: [users.id] }),\n  comments: many(comments)\n}));",
+    "src/app/api/users/route.ts": "import { NextResponse } from 'next/server';\nimport { db } from '@/db';\nimport { users } from '@/db/schema';\n\nexport async function GET() {\n  const all = await db.select().from(users);\n  return NextResponse.json(all);\n}\n\nexport async function POST(req: Request) {\n  const body = await req.json();\n  const user = await db.insert(users).values(body).returning();\n  return NextResponse.json(user, { status: 201 });\n}",
+    "src/app/api/users/[id]/route.ts": "import { NextResponse } from 'next/server';\nimport { db } from '@/db';\nimport { users } from '@/db/schema';\nimport { eq } from 'drizzle-orm';\n\nexport async function GET(req: Request, { params }: { params: { id: string } }) {\n  const user = await db.select().from(users).where(eq(users.id, parseInt(params.id)));\n  return NextResponse.json(user[0]);\n}\n\nexport async function PUT(req: Request, { params }: { params: { id: string } }) {\n  const body = await req.json();\n  const updated = await db.update(users).set(body).where(eq(users.id, parseInt(params.id))).returning();\n  return NextResponse.json(updated[0]);\n}\n\nexport async function DELETE(req: Request, { params }: { params: { id: string } }) {\n  await db.delete(users).where(eq(users.id, parseInt(params.id)));\n  return NextResponse.json({ deleted: true });\n}",
+    "src/app/api/posts/route.ts": "import { NextResponse } from 'next/server';\nimport { db } from '@/db';\nimport { posts } from '@/db/schema';\n\nexport async function GET() {\n  const all = await db.select().from(posts);\n  return NextResponse.json(all);\n}\n\nexport async function POST(req: Request) {\n  const body = await req.json();\n  const post = await db.insert(posts).values(body).returning();\n  return NextResponse.json(post, { status: 201 });\n}",
+    "src/app/api/posts/[id]/comments/route.ts": "import { NextResponse } from 'next/server';\nimport { db } from '@/db';\nimport { comments } from '@/db/schema';\nimport { eq } from 'drizzle-orm';\n\nexport async function GET(req: Request, { params }: { params: { id: string } }) {\n  const all = await db.select().from(comments).where(eq(comments.postId, parseInt(params.id)));\n  return NextResponse.json(all);\n}\n\nexport async function POST(req: Request, { params }: { params: { id: string } }) {\n  const body = await req.json();\n  const comment = await db.insert(comments).values({ ...body, postId: parseInt(params.id) }).returning();\n  return NextResponse.json(comment, { status: 201 });\n}",
+    "src/components/UserCard.tsx": "'use client';\nimport React from 'react';\n\ninterface UserCardProps {\n  name: string;\n  email: string;\n  avatar?: string;\n}\n\nexport function UserCard({ name, email, avatar }: UserCardProps) {\n  return <div className=\"card\"><h3>{name}</h3><p>{email}</p></div>;\n}",
+    "src/components/PostList.tsx": "import React from 'react';\n\ninterface PostListProps {\n  posts: Array<{ id: number; title: string; published: boolean }>;\n  onSelect: (id: number) => void;\n}\n\nexport function PostList({ posts, onSelect }: PostListProps) {\n  return <ul>{posts.map(p => <li key={p.id} onClick={() => onSelect(p.id)}>{p.title}</li>)}</ul>;\n}",
+    "src/components/CommentForm.tsx": "'use client';\nimport React, { useState } from 'react';\n\ninterface CommentFormProps {\n  postId: number;\n  onSubmit: (body: string) => void;\n}\n\nexport function CommentForm({ postId, onSubmit }: CommentFormProps) {\n  const [body, setBody] = useState('');\n  return <form onSubmit={() => onSubmit(body)}><textarea value={body} onChange={e => setBody(e.target.value)} /><button type=\"submit\">Submit</button></form>;\n}",
+    "src/middleware.ts": "import { NextResponse } from 'next/server';\nimport type { NextRequest } from 'next/server';\n\nexport function middleware(request: NextRequest) {\n  const token = request.headers.get('authorization');\n  if (!token && request.nextUrl.pathname.startsWith('/api')) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });\n  }\n  return NextResponse.next();\n}\n\nexport const config = { matcher: '/api/:path*' };",
+    "src/lib/auth.ts": "export function verifyToken(token: string): boolean {\n  return token.startsWith('Bearer ');\n}\n\nexport function createToken(userId: number): string {\n  return `Bearer ${userId}-${Date.now()}`;\n}",
+    "src/lib/validate.ts": "import { z } from 'zod';\n\nexport const createUserSchema = z.object({\n  email: z.string().email(),\n  name: z.string().min(1)\n});\n\nexport const createPostSchema = z.object({\n  title: z.string().min(1),\n  content: z.string().optional(),\n  published: z.boolean().optional()\n});"
+  }
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "codesight",
-  "version": "1.3.2",
+  "version": "1.4.0",
   "description": "See your codebase clearly. Universal AI context generator that maps routes, schema, components, dependencies, and more for Claude Code, Cursor, Copilot, Codex, and any AI coding tool.",
   "main": "dist/index.js",
   "bin": {
@@ -50,6 +50,7 @@
     "node": ">=18.0.0"
   },
   "files": [
-    "dist"
+    "dist",
+    "eval"
   ]
 }