npm - composto-ai - Versions diffs - 0.1.0 - Mend

composto-ai 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/README.md ADDED Viewed

@@ -0,0 +1,293 @@
+# Composto
+**Proactive AI team companion — less tokens, more insight.**
+Every AI coding tool sends raw source code to LLMs. Composto sends **meaning** — compressed code enriched with codebase health data. The result: fewer tokens carrying more information than raw source ever could.
+---
+## What Makes It Different
+| | Traditional AI Tools | Composto |
+|---|---|---|
+| **Paradigm** | Reactive (you ask, it does) | Proactive (it finds, you approve) |
+| **What LLM sees** | Raw source code | Health-Aware IR |
+| **Token usage** | Full files every time | 60-75% savings |
+| **Health context** | None | Hotspots, decay, inconsistencies |
+| **Codebase monitoring** | None | Watcher Engine |
+### Health-Aware IR
+Raw source tells the LLM *what* the code says. Composto IR tells it *what the code means* and *how healthy it is*:
+```
+// Raw source: 340 tokens, zero health context
+import { useState, useEffect } from "react";
+export function UserProfile({ userId }) {
+  const [user, setUser] = useState(null);
+  const [loading, setLoading] = useState(true);
+  useEffect(() => { fetchUser(userId).then(...) }, [userId]);
+  if (loading) return <Spinner />;
+  if (!user) return <NotFound />;
+  return <div>{user.name}</div>;
+}
+// Composto IR: 85 tokens + health context
+USE:react{useState,useEffect}
+OUT FN:UserProfile({userId}) [HOT:12/30 FIX:67% COV:↓ INCON]
+  VAR:user = useState(null)
+  VAR:loading = useState(true)
+  IF:loading -> RET <Spinner />
+  IF:!user -> RET <NotFound />
+  RET <div>{user.name}</div>
+```
+The LLM sees less, knows more, decides better.
+---
+## Installation
+### Claude Code
+```
+/plugin install composto
+```
+### Cursor
+```
+/add-plugin composto
+```
+### Any platform (CLI)
+```bash
+npm install -g composto
+```
+---
+## Usage
+### CLI Commands
+```bash
+# Scan codebase for issues
+composto scan .
+# Analyze codebase health trends
+composto trends .
+# Generate Health-Aware IR for a file
+composto ir src/auth/login.ts L1
+# Layer options:
+#   L0 — Structure map (~10 tokens)
+#   L1 — Health-Aware IR (~85 tokens)
+#   L2 — Delta context (~65 tokens)
+#   L3 — Raw source (fallback)
+```
+### As a Plugin
+Once installed, Composto activates automatically. Your AI agent will:
+1. **Scan** the codebase for issues before starting work
+2. **Check trends** for files being modified
+3. **Use IR** instead of raw source when sharing code context
+No commands needed — it just works.
+---
+## What It Does
+### IR Engine — Send meaning, not code
+Four layers of code representation, from most compact to full source:
+| Layer | Tokens | Use |
+|---|---|---|
+| L0: Structure Map | ~10 | File outline — functions, classes, line numbers |
+| L1: Health-Aware IR | ~85 | Compressed code + health annotations |
+| L2: Delta + Context | ~65 | Only what changed, with surrounding context |
+| L3: Raw Source | variable | Original code, specific lines only |
+No AST parser. No language-specific dependencies. Works with TypeScript, JavaScript, Python, Go, and more.
+### Watcher Engine — Proactive issue detection
+Detects problems without being asked:
+- **Security** — Hardcoded secrets, API keys, tokens
+- **Debug artifacts** — `console.log`, `console.debug` left in source
+- **Context-aware severity** — Same issue, different severity in `src/` vs `tests/`
+### Trend Analysis — Codebase health over time
+Analyzes git history to find:
+- **Hotspots** — Files that change too often with too many bug fixes
+- **Decay signals** — Areas where churn is accelerating
+- **Inconsistencies** — Files touched by many authors with conflicting patterns
+All trend analysis is zero-token — pure local git analysis.
+### Health Annotations — The killer feature
+IR Engine and Trend Analysis are not separate systems. Health data is embedded directly into code representation:
+```
+FN:handleAuth({credentials}) [HOT:15/30 FIX:73% COV:↓ INCON]
+  VAR:session = createSession(credentials)
+  IF:!session -> RET 401
+```
+- `[HOT:15/30]` — 15 changes in last 30 commits
+- `[FIX:73%]` — 73% of changes were bug fixes
+- `[COV:↓]` — Test coverage declining
+- `[INCON]` — Inconsistent patterns from multiple authors
+Only unhealthy code gets annotated. Healthy files stay clean.
+---
+## Architecture
+```
++----------------------------------------------+
+|           Platform Adapters                   |
+|     Claude Code | VS Code | Cursor | CLI     |
++----------------------------------------------+
+|              Watcher Engine                   |
+|  Detector (0 token) -> Interpreter (~100 tok) |
+|  + Trend Analysis (hotspots, decay, incon.)   |
++----------------------------------------------+
+|              IR Engine                        |
+|  Indentation Intel | Fingerprinting | Delta   |
+|  + Health Annotations (from Trend Analysis)   |
++----------------------------------------------+
+|          Rule-Based Router                    |
+|  Deterministic routing, zero tokens           |
++----------------------------------------------+
+|           Agent Pool                          |
+|  Fixer (Haiku) | Reviewer (Sonnet)            |
++----------------------------------------------+
+|          Project Memory                       |
+|  .composto/config.yaml | decisions/*.md       |
++----------------------------------------------+
+```
+---
+## Configuration
+Create `.composto/config.yaml` in your project root:
+```yaml
+watchers:
+  security:
+    enabled: true
+    severity:
+      "src/**": warning
+      "tests/**": info
+  consoleLog:
+    enabled: true
+    severity:
+      "src/**": warning
+      "tests/**": info
+agents:
+  fixer:
+    enabled: true
+    model: haiku
+ir:
+  deltaContextLines: 3
+  confidenceThreshold: 0.6
+  genericPatterns: default
+trends:
+  enabled: true
+  hotspotThreshold: 10
+  bugFixRatioThreshold: 0.5
+  decayCheckTrigger: on-commit
+  fullReportSchedule: weekly
+```
+All settings have sensible defaults. The config file is optional.
+---
+## How It Works
+```
+1. Developer saves src/auth/login.ts
+        |
+2. Watcher Engine triggers (debounced)
+        |
+3. Detector: pattern match → "hardcoded secret, line 23" (0 tokens)
+        |
+4. IR Engine: generates Health-Aware IR + annotations (0 tokens)
+        |
+5. Router: severity=critical → route to Fixer (0 tokens)
+        |
+6. Fixer: generates fix via IR, not full source (~150 tokens)
+        |
+7. User: "login.ts:23 has a hardcoded secret.
+          You added it for debugging. Move to .env?"
+        |
+8. User approves → patch applied
+Total cost: ~250 tokens. Traditional tools: ~3000+ tokens.
+```
+---
+## Tech Stack
+- **Language:** TypeScript
+- **Runtime:** Node.js
+- **Testing:** Vitest (70 tests)
+- **Build:** tsup
+- **Zero native dependencies** — no tree-sitter, no language-specific parsers
+---
+## Roadmap
+### v0.5 — Usable Alpha
+- Watcher Interpreter (batch Haiku calls for contextual explanations)
+- Reviewer Agent (Sonnet, code review with challenge mode)
+- Project Memory (decisions/ with YAML frontmatter)
+- Python + Go language support
+### v1.0 — Public Release
+- Framework-specific fingerprint patterns (React, Express, etc.)
+- VS Code / Cursor / Claude Code deep integrations
+- Benchmark results: Health-Aware IR vs raw source
+### v2.0 — Platform
+- Security / Architect agents
+- Custom Agent API
+- Team sync features
+---
+## Contributing
+```bash
+git clone https://github.com/mertcanaltin/composto
+cd composto
+pnpm install
+pnpm test        # 70 tests
+pnpm build       # builds to dist/
+pnpm dev scan .  # run locally
+```
+---
+## License
+MIT

package/dist/index.js ADDED Viewed

@@ -0,0 +1,857 @@
+#!/usr/bin/env node
+// src/cli/commands.ts
+import { readFileSync as readFileSync2, readdirSync } from "fs";
+import { join as join2, relative } from "path";
+// src/config/loader.ts
+import { readFileSync, existsSync } from "fs";
+import { join } from "path";
+import { parse } from "yaml";
+var DEFAULT_CONFIG = {
+  watchers: {
+    security: {
+      enabled: true,
+      severity: { "src/**": "warning", "tests/**": "info" }
+    },
+    deadCode: { enabled: true, trigger: "on-commit" },
+    consoleLog: { enabled: true, severity: { "src/**": "warning", "tests/**": "info" } }
+  },
+  agents: {
+    fixer: { enabled: true, model: "haiku" },
+    reviewer: { enabled: false, model: "sonnet" }
+  },
+  ir: {
+    deltaContextLines: 3,
+    confidenceThreshold: 0.6,
+    genericPatterns: "default"
+  },
+  trends: {
+    enabled: true,
+    hotspotThreshold: 10,
+    bugFixRatioThreshold: 0.5,
+    decayCheckTrigger: "on-commit",
+    fullReportSchedule: "weekly"
+  }
+};
+function deepMerge(target, source) {
+  const result = { ...target };
+  for (const key of Object.keys(source)) {
+    if (source[key] && typeof source[key] === "object" && !Array.isArray(source[key])) {
+      result[key] = deepMerge(target[key] ?? {}, source[key]);
+    } else {
+      result[key] = source[key];
+    }
+  }
+  return result;
+}
+function parseConfig(yamlContent) {
+  if (!yamlContent.trim()) return { ...DEFAULT_CONFIG };
+  const parsed = parse(yamlContent) ?? {};
+  return deepMerge(DEFAULT_CONFIG, parsed);
+}
+function loadConfig(projectPath) {
+  const configPath = join(projectPath, ".composto", "config.yaml");
+  if (!existsSync(configPath)) return { ...DEFAULT_CONFIG };
+  const content = readFileSync(configPath, "utf-8");
+  return parseConfig(content);
+}
+// src/watcher/detector.ts
+import picomatch from "picomatch";
+function getSeverity(filePath, severityMap) {
+  for (const [glob, severity] of Object.entries(severityMap)) {
+    if (picomatch.isMatch(filePath, glob)) return severity;
+  }
+  return "info";
+}
+var SECRET_PATTERNS = [
+  /["'](sk-[a-zA-Z0-9-]{20,})["']/,
+  /["'](AKIA[0-9A-Z]{16})["']/,
+  /["'](ghp_[a-zA-Z0-9]{36})["']/,
+  /(?:password|secret|token|api_?key)\s*[:=]\s*["']([^"']{8,})["']/i
+];
+function securityRule(code, filePath, severityMap) {
+  const findings = [];
+  const severity = getSeverity(filePath, severityMap);
+  const lines = code.split("\n");
+  for (let i = 0; i < lines.length; i++) {
+    const line = lines[i];
+    if (line.trim().startsWith("//") || line.trim().startsWith("/*")) continue;
+    for (const pattern of SECRET_PATTERNS) {
+      if (pattern.test(line)) {
+        findings.push({
+          watcherId: "security",
+          severity,
+          file: filePath,
+          line: i + 1,
+          message: "Potential hardcoded secret detected",
+          action: {
+            type: "agent-required",
+            agentHint: { role: "fixer", model: "haiku", contextFiles: [filePath] }
+          }
+        });
+        break;
+      }
+    }
+  }
+  return findings;
+}
+function consoleLogRule(code, filePath, severityMap) {
+  const findings = [];
+  const severity = getSeverity(filePath, severityMap);
+  const lines = code.split("\n");
+  for (let i = 0; i < lines.length; i++) {
+    if (/\bconsole\.(log|debug|info|warn)\b/.test(lines[i])) {
+      findings.push({
+        watcherId: "consoleLog",
+        severity,
+        file: filePath,
+        line: i + 1,
+        message: "console.log detected \u2014 likely debug artifact",
+        action: { type: "auto-fix", autoFix: "remove-line" }
+      });
+    }
+  }
+  return findings;
+}
+var RULES = {
+  security: securityRule,
+  consoleLog: consoleLogRule
+};
+function runDetector(code, filePath, watcherConfigs) {
+  const findings = [];
+  for (const [name, config] of Object.entries(watcherConfigs)) {
+    if (!config.enabled) continue;
+    const rule = RULES[name];
+    if (rule && config.severity) {
+      findings.push(...rule(code, filePath, config.severity));
+    }
+  }
+  return findings;
+}
+// src/ir/structure.ts
+var CLASSIFIERS = [
+  [/^(function|def|fn|func)\b/, "function-start"],
+  [/^(class|struct|interface)\b/, "type-start"],
+  [/^(if|else|elif|switch|match|case)\b/, "branch"],
+  [/^(for|while|loop|do)\b/, "loop"],
+  [/^(return|yield)\b/, "exit"],
+  [/^(import|require|use|from)\b/, "import"],
+  [/^(export|pub|public)\b/, "export"],
+  [/^(const|let|var|val|mut)\b/, "assignment"],
+  [/^(try|catch|except|finally)\b/, "error-handling"],
+  [/^(async|await)\b/, "async"],
+  [/^(\/\/|\/\*|#)/, "comment"]
+];
+function classifyLine(firstToken) {
+  if (firstToken === "") return "blank";
+  for (const [pattern, type] of CLASSIFIERS) {
+    if (pattern.test(firstToken)) return type;
+  }
+  return "unknown";
+}
+function extractStructure(code) {
+  const lines = code.split("\n");
+  return lines.map((raw, i) => {
+    const indent = raw.search(/\S/);
+    const trimmed = raw.trim();
+    const firstToken = trimmed.split(/[\s({<]/)[0];
+    const type = classifyLine(firstToken);
+    return {
+      line: i + 1,
+      indent: indent === -1 ? -1 : indent,
+      type,
+      raw
+    };
+  });
+}
+// src/ir/fingerprint.ts
+var PATTERNS = [
+  // import { x, y } from "module"
+  {
+    match: /^import\s+\{([^}]+)\}\s+from\s+["']([^"']+)["'];?\s*$/,
+    transform: (m) => `USE:${m[2]}{${m[1].replace(/\s/g, "")}}`,
+    confidence: 0.95
+  },
+  // import x from "module"
+  {
+    match: /^import\s+(\w+)\s+from\s+["']([^"']+)["'];?\s*$/,
+    transform: (m) => `USE:${m[2]}{${m[1]}}`,
+    confidence: 0.95
+  },
+  // const x = require("module")
+  {
+    match: /^(?:const|let|var)\s+(\w+)\s*=\s*require\(["']([^"']+)["']\);?\s*$/,
+    transform: (m) => `USE:${m[2]}{${m[1]}}`,
+    confidence: 0.95
+  },
+  // export function name(params) {
+  {
+    match: /^export\s+(?:default\s+)?(?:async\s+)?function\s+(\w+)\s*\(([^)]*)\)\s*(?::\s*\S+\s*)?\{?\s*$/,
+    transform: (m) => `OUT FN:${m[1]}(${m[2].replace(/\s/g, "")})`,
+    confidence: 0.95
+  },
+  // function name(params) {
+  {
+    match: /^(?:async\s+)?function\s+(\w+)\s*\(([^)]*)\)\s*(?::\s*\S+\s*)?\{?\s*$/,
+    transform: (m) => `FN:${m[1]}(${m[2].replace(/\s/g, "")})`,
+    confidence: 0.95
+  },
+  // export class Name extends Base {
+  {
+    match: /^export\s+class\s+(\w+)(?:\s+extends\s+(\w+))?\s*(?:implements\s+\S+\s*)?\{?\s*$/,
+    transform: (m) => `OUT CLASS:${m[1]}${m[2] ? ` < ${m[2]}` : ""}`,
+    confidence: 0.95
+  },
+  // class Name extends Base {
+  {
+    match: /^class\s+(\w+)(?:\s+extends\s+(\w+))?\s*(?:implements\s+\S+\s*)?\{?\s*$/,
+    transform: (m) => `CLASS:${m[1]}${m[2] ? ` < ${m[2]}` : ""}`,
+    confidence: 0.95
+  },
+  // if (cond) return expr;
+  {
+    match: /^if\s*\(([^)]+)\)\s*return\s+(.+);?\s*$/,
+    transform: (m) => `IF:${m[1].trim()} -> RET ${m[2].trim().replace(/;$/, "")}`,
+    confidence: 0.95
+  },
+  // if (cond) {
+  {
+    match: /^if\s*\(([^)]+)\)\s*\{?\s*$/,
+    transform: (m) => `IF:${m[1].trim()}`,
+    confidence: 0.9
+  },
+  // for (... of/in ...) {
+  {
+    match: /^for\s*\((?:const|let|var)\s+(\w+)\s+(?:of|in)\s+(\w+)\)\s*\{?\s*$/,
+    transform: (m) => `LOOP:${m[2]} -> ${m[1]}`,
+    confidence: 0.9
+  },
+  // return expr
+  {
+    match: /^return\s+(.+);?\s*$/,
+    transform: (m) => `RET ${m[1].trim().replace(/;$/, "")}`,
+    confidence: 0.95
+  },
+  // return;
+  {
+    match: /^return;?\s*$/,
+    transform: () => "RET",
+    confidence: 0.95
+  },
+  // try {
+  {
+    match: /^try\s*\{\s*$/,
+    transform: () => "TRY:",
+    confidence: 0.9
+  },
+  // catch (e) {
+  {
+    match: /^(?:\}\s*)?catch\s*\((\w+)\)\s*\{?\s*$/,
+    transform: (m) => `CATCH:${m[1]}`,
+    confidence: 0.9
+  },
+  // const [a, b] = expr (destructuring — before regular assignment)
+  {
+    match: /^(?:const|let|var)\s+\[([^\]]+)\]\s*=\s*(.+);?\s*$/,
+    transform: (m) => `VAR:[${m[1].replace(/\s/g, "")}] = ${m[2].replace(/;$/, "").trim()}`,
+    confidence: 0.65
+  },
+  // const name = value;
+  {
+    match: /^(?:export\s+)?(?:const|let|var)\s+(\w+)(?:\s*:\s*[^=]+)?\s*=\s*(.+);?\s*$/,
+    transform: (m) => {
+      const prefix = m[0].startsWith("export") ? "OUT " : "";
+      return `${prefix}VAR:${m[1]} = ${m[2].replace(/;$/, "").trim()}`;
+    },
+    confidence: 0.7
+  }
+];
+function fingerprintLine(line) {
+  const trimmed = line.trim();
+  if (trimmed === "" || trimmed === "{" || trimmed === "}" || trimmed === "});" || trimmed === ");") {
+    return { type: "fingerprint", ir: "", confidence: 1 };
+  }
+  if (trimmed.startsWith("//") || trimmed.startsWith("/*") || trimmed.startsWith("*")) {
+    return { type: "fingerprint", ir: "", confidence: 1 };
+  }
+  for (const pattern of PATTERNS) {
+    const match = trimmed.match(pattern.match);
+    if (match) {
+      const ir = pattern.transform(match);
+      if (pattern.confidence > 0.9) {
+        return { type: "fingerprint", ir, confidence: pattern.confidence };
+      }
+      return {
+        type: "fingerprint+hint",
+        ir,
+        hint: trimmed,
+        confidence: pattern.confidence
+      };
+    }
+  }
+  return { type: "raw", ir: trimmed, confidence: 0.3 };
+}
+function fingerprintFile(code, confidenceThreshold = 0.6) {
+  const lines = code.split("\n");
+  const irLines = [];
+  for (const line of lines) {
+    const indent = line.search(/\S/);
+    const indentStr = indent > 0 ? "  ".repeat(Math.floor(indent / 2)) : "";
+    const result = fingerprintLine(line);
+    if (result.ir === "") continue;
+    if (result.confidence >= confidenceThreshold) {
+      irLines.push(`${indentStr}${result.ir}`);
+    } else {
+      irLines.push(`${indentStr}${result.ir}`);
+    }
+  }
+  return irLines.join("\n");
+}
+// src/ir/health.ts
+var CHURN_THRESHOLD = 10;
+var FIX_RATIO_THRESHOLD = 0.5;
+function buildHealthTag(health) {
+  const parts = [];
+  if (health.churn > CHURN_THRESHOLD) parts.push(`HOT:${health.churn}/30`);
+  if (health.fixRatio > FIX_RATIO_THRESHOLD) parts.push(`FIX:${Math.round(health.fixRatio * 100)}%`);
+  if (health.coverageTrend === "down") parts.push("COV:\u2193");
+  if (health.consistency === "low") parts.push("INCON");
+  return parts.length > 0 ? `[${parts.join(" ")}]` : "";
+}
+function annotateIR(ir, health) {
+  const tag = buildHealthTag(health);
+  if (!tag) return ir;
+  const lines = ir.split("\n");
+  lines[0] = `${lines[0]} ${tag}`;
+  return lines.join("\n");
+}
+function computeHealthFromTrends(file, trends) {
+  const hotspot = trends.hotspots.find((h) => h.file === file);
+  const decay = trends.decaySignals.find((d) => d.file === file);
+  const inconsistency = trends.inconsistencies.find((i) => i.file === file);
+  return {
+    churn: hotspot?.changesInLast30Commits ?? 0,
+    fixRatio: hotspot?.bugFixRatio ?? 0,
+    coverageTrend: decay?.trend === "declining" ? "down" : decay?.trend === "improving" ? "up" : "stable",
+    staleness: "",
+    authorCount: hotspot?.authorCount ?? 0,
+    consistency: inconsistency ? "low" : "high"
+  };
+}
+// src/ir/layers.ts
+function generateL0(code, filePath) {
+  const structure = extractStructure(code);
+  const topLevel = structure.filter(
+    (s) => s.indent === 0 && ["function-start", "type-start", "export"].includes(s.type)
+  );
+  const declarations = topLevel.map((s) => {
+    const name = s.raw.match(
+      /(?:function|class|interface|const|let|var|export\s+(?:default\s+)?(?:function|class|async\s+function))\s+(\w+)/
+    )?.[1] ?? "unknown";
+    return `  ${s.type === "type-start" ? "CLASS" : "FN"}:${name} L${s.line}`;
+  });
+  return `${filePath}
+${declarations.join("\n")}`;
+}
+function generateL1(code, health) {
+  const ir = fingerprintFile(code, 0.6);
+  if (health) {
+    return annotateIR(ir, health);
+  }
+  return ir;
+}
+function generateL2(delta, health) {
+  const parts = [`FILE: ${delta.file}`];
+  for (const hunk of delta.hunks) {
+    if (hunk.functionScope) parts.push(`SCOPE: ${hunk.functionScope}`);
+    parts.push(`CHANGED: ${hunk.changed.join("\n         ")}`);
+    if (hunk.surroundingIR) parts.push(`CONTEXT: ${hunk.surroundingIR}`);
+    if (hunk.blame) {
+      parts.push(`BLAME: ${hunk.blame.author}, ${hunk.blame.date}, commit:"${hunk.blame.commitMessage}"`);
+    }
+  }
+  const ir = parts.join("\n");
+  if (health) return annotateIR(ir, health);
+  return ir;
+}
+function generateL3(code, startLine, endLine) {
+  const lines = code.split("\n");
+  return lines.slice(startLine - 1, endLine).join("\n");
+}
+function generateLayer(layer, options) {
+  switch (layer) {
+    case "L0":
+      return generateL0(options.code, options.filePath);
+    case "L1":
+      return generateL1(options.code, options.health);
+    case "L2":
+      if (!options.delta) return generateL1(options.code, options.health);
+      return generateL2(options.delta, options.health);
+    case "L3":
+      if (options.lineRange) {
+        return generateL3(options.code, options.lineRange.start, options.lineRange.end);
+      }
+      return options.code;
+  }
+}
+// src/trends/git-log-parser.ts
+import { execSync } from "child_process";
+var BUG_FIX_PATTERNS = [
+  /\bfix\b/i,
+  /\bbugfix\b/i,
+  /\bhotfix\b/i,
+  /\bpatch\b/i,
+  /\bresolve\b/i,
+  /\bbug\b/i
+];
+function isBugFixCommit(message) {
+  return BUG_FIX_PATTERNS.some((p) => p.test(message));
+}
+function parseGitLogOutput(output) {
+  const entries = [];
+  const lines = output.split("\n");
+  let i = 0;
+  while (i < lines.length) {
+    const line = lines[i].trim();
+    if (!line || !line.includes("|")) {
+      i++;
+      continue;
+    }
+    const [hash, author, date, ...messageParts] = line.split("|");
+    const message = messageParts.join("|");
+    const files = [];
+    i++;
+    while (i < lines.length && lines[i].trim() !== "" && !lines[i].includes("|")) {
+      const fileLine = lines[i].trim();
+      if (fileLine) files.push(fileLine);
+      i++;
+    }
+    entries.push({ hash, author, date, message, files });
+  }
+  return entries;
+}
+function getGitLog(repoPath, count = 100) {
+  try {
+    const output = execSync(
+      `git log --format="%h|%an|%as|%s" --name-only -n ${count}`,
+      { cwd: repoPath, encoding: "utf-8", timeout: 1e4 }
+    );
+    return parseGitLogOutput(output);
+  } catch {
+    return [];
+  }
+}
+// src/trends/hotspot.ts
+function detectHotspots(entries, options) {
+  const fileStats = /* @__PURE__ */ new Map();
+  for (const entry of entries) {
+    const isFix = isBugFixCommit(entry.message);
+    for (const file of entry.files) {
+      const stats = fileStats.get(file) ?? { changes: 0, fixes: 0, authors: /* @__PURE__ */ new Set() };
+      stats.changes++;
+      if (isFix) stats.fixes++;
+      stats.authors.add(entry.author);
+      fileStats.set(file, stats);
+    }
+  }
+  const hotspots = [];
+  for (const [file, stats] of fileStats) {
+    const fixRatio = stats.changes > 0 ? stats.fixes / stats.changes : 0;
+    if (stats.changes >= options.threshold && fixRatio >= options.fixRatioThreshold) {
+      hotspots.push({
+        file,
+        changesInLast30Commits: stats.changes,
+        bugFixRatio: fixRatio,
+        authorCount: stats.authors.size
+      });
+    }
+  }
+  return hotspots.sort((a, b) => b.changesInLast30Commits - a.changesInLast30Commits);
+}
+// src/trends/decay.ts
+function detectDecay(entries) {
+  const fileChanges = /* @__PURE__ */ new Map();
+  for (const entry of entries) {
+    for (const file of entry.files) {
+      const changes = fileChanges.get(file) ?? [];
+      changes.push({ date: entry.date });
+      fileChanges.set(file, changes);
+    }
+  }
+  const signals = [];
+  for (const [file, changes] of fileChanges) {
+    if (changes.length < 4) continue;
+    const sorted = [...changes].sort((a, b) => a.date.localeCompare(b.date));
+    const firstDate = new Date(sorted[0].date).getTime();
+    const lastDate = new Date(sorted[sorted.length - 1].date).getTime();
+    const midDate = firstDate + (lastDate - firstDate) / 2;
+    const firstHalfCount = sorted.filter((c) => new Date(c.date).getTime() <= midDate).length;
+    const secondHalfCount = sorted.length - firstHalfCount;
+    if (secondHalfCount > firstHalfCount) {
+      signals.push({
+        file,
+        metric: "churn",
+        trend: "declining",
+        dataPoints: sorted.map((c, i) => ({ date: c.date, value: i + 1 }))
+      });
+    }
+  }
+  return signals;
+}
+// src/trends/inconsistency.ts
+function detectInconsistencies(entries, minAuthors = 3) {
+  const fileAuthors = /* @__PURE__ */ new Map();
+  for (const entry of entries) {
+    for (const file of entry.files) {
+      const authors = fileAuthors.get(file) ?? /* @__PURE__ */ new Map();
+      const commits = authors.get(entry.author) ?? [];
+      commits.push(entry.message);
+      authors.set(entry.author, commits);
+      fileAuthors.set(file, authors);
+    }
+  }
+  const inconsistencies = [];
+  for (const [file, authors] of fileAuthors) {
+    if (authors.size >= minAuthors) {
+      const patterns = Array.from(authors.entries()).map(([author, commits]) => ({
+        author,
+        style: categorizeStyle(commits)
+      }));
+      inconsistencies.push({ file, patterns });
+    }
+  }
+  return inconsistencies;
+}
+function categorizeStyle(commits) {
+  const types = commits.map((m) => {
+    if (m.match(/^fix/i)) return "fix";
+    if (m.match(/^feat/i)) return "feature";
+    if (m.match(/^refactor/i)) return "refactor";
+    return "other";
+  });
+  const primary = mode(types);
+  return `primarily ${primary} (${commits.length} commits)`;
+}
+function mode(arr) {
+  const counts = /* @__PURE__ */ new Map();
+  for (const item of arr) {
+    counts.set(item, (counts.get(item) ?? 0) + 1);
+  }
+  return Array.from(counts.entries()).sort((a, b) => b[1] - a[1])[0]?.[0] ?? "unknown";
+}
+// src/router/router.ts
+import picomatch2 from "picomatch";
+var DEFAULT_ROUTES = [
+  { pattern: "**/auth/**", agents: ["reviewer"], irLayer: "L1" },
+  { pattern: "**/*.test.*", agents: ["reviewer"], irLayer: "L0" },
+  { pattern: "**/*.spec.*", agents: ["reviewer"], irLayer: "L0" },
+  { pattern: "**/*.md", agents: ["fixer"], irLayer: "L0" },
+  { pattern: "**/*.json", agents: ["fixer"], irLayer: "L0" },
+  { pattern: "**/*.yaml", agents: ["fixer"], irLayer: "L0" },
+  { pattern: "**/*.yml", agents: ["fixer"], irLayer: "L0" }
+];
+var FALLBACK = {
+  agents: ["fixer"],
+  irLayer: "L1",
+  deterministic: true
+};
+function route(finding, rules) {
+  for (const rule of rules) {
+    if (!picomatch2.isMatch(finding.file, rule.pattern)) continue;
+    if (rule.contentSignal) {
+      const content = finding.message + (finding.file ?? "");
+      if (!rule.contentSignal.test(content)) continue;
+    }
+    return {
+      agents: rule.agents,
+      irLayer: rule.irLayer,
+      deterministic: true
+    };
+  }
+  return FALLBACK;
+}
+// src/cli/adapter.ts
+var CLIAdapter = class {
+  onFileChange(_event) {
+  }
+  onCommand(_cmd, _args) {
+  }
+  onApproval(_proposalId, _approved) {
+  }
+  notify(message) {
+    switch (message.type) {
+      case "finding":
+        this.printFinding(message.data);
+        break;
+      case "trend-report":
+        this.printTrendReport(message.data);
+        break;
+      case "proposal":
+        console.log(`
+  Proposal [${message.data.id}]: ${message.data.description}`);
+        for (const f of message.data.findings) this.printFinding(f);
+        break;
+      case "edit":
+        console.log(`  [EDIT] ${message.data.file}`);
+        break;
+      case "question":
+        console.log(`  [?] ${message.data.text}`);
+        if (message.data.options) {
+          message.data.options.forEach((o, i) => console.log(`    ${i + 1}. ${o}`));
+        }
+        break;
+    }
+  }
+  printFinding(finding) {
+    const icon = finding.severity === "critical" ? "!!" : finding.severity === "warning" ? " !" : "  ";
+    const loc = finding.line ? `:${finding.line}` : "";
+    console.log(`  ${icon} [${finding.severity.toUpperCase()}] ${finding.file}${loc}`);
+    console.log(`     ${finding.message}`);
+  }
+  printTrendReport(trends) {
+    if (trends.hotspots.length === 0 && trends.decaySignals.length === 0 && trends.inconsistencies.length === 0) {
+      console.log("  Codebase is healthy. No trends to report.");
+      return;
+    }
+    if (trends.hotspots.length > 0) {
+      console.log("\n  Hotspots:");
+      for (const h of trends.hotspots) {
+        console.log(`    ${h.file} \u2014 ${h.changesInLast30Commits} changes, ${Math.round(h.bugFixRatio * 100)}% fixes, ${h.authorCount} authors`);
+      }
+    }
+    if (trends.decaySignals.length > 0) {
+      console.log("\n  Decay Signals:");
+      for (const d of trends.decaySignals) {
+        console.log(`    ${d.file} \u2014 ${d.metric} is ${d.trend}`);
+      }
+    }
+    if (trends.inconsistencies.length > 0) {
+      console.log("\n  Inconsistencies:");
+      for (const ic of trends.inconsistencies) {
+        console.log(`    ${ic.file} \u2014 ${ic.patterns.length} different patterns`);
+      }
+    }
+  }
+};
+// src/benchmark/tokenizer.ts
+function estimateTokens(text) {
+  if (!text) return 0;
+  const tokens = text.split(/[\s]+|(?<=[{}()[\];,.:=<>!&|?+\-*/^~@#$%\\])|(?=[{}()[\];,.:=<>!&|?+\-*/^~@#$%\\])/).filter(Boolean);
+  return tokens.length;
+}
+// src/benchmark/runner.ts
+function benchmarkFile(code, filePath) {
+  const rawTokens = estimateTokens(code);
+  const irL0 = generateLayer("L0", { code, filePath, health: null });
+  const irL1 = generateLayer("L1", { code, filePath, health: null });
+  const irL0Tokens = estimateTokens(irL0);
+  const irL1Tokens = estimateTokens(irL1);
+  const lines = code.split("\n");
+  let totalConf = 0;
+  let count = 0;
+  for (const line of lines) {
+    const result = fingerprintLine(line);
+    if (result.ir !== "") {
+      totalConf += result.confidence;
+      count++;
+    }
+  }
+  const savedPercent = rawTokens > 0 ? (rawTokens - irL1Tokens) / rawTokens * 100 : 0;
+  const avgConfidence = count > 0 ? totalConf / count : 0;
+  return { file: filePath, rawTokens, irL0Tokens, irL1Tokens, savedPercent, avgConfidence };
+}
+function summarize(results) {
+  const totalRaw = results.reduce((s, r) => s + r.rawTokens, 0);
+  const totalIRL0 = results.reduce((s, r) => s + r.irL0Tokens, 0);
+  const totalIRL1 = results.reduce((s, r) => s + r.irL1Tokens, 0);
+  const totalSavedPercent = totalRaw > 0 ? (totalRaw - totalIRL1) / totalRaw * 100 : 0;
+  const avgConfidence = results.length > 0 ? results.reduce((s, r) => s + r.avgConfidence, 0) / results.length : 0;
+  return { fileCount: results.length, totalRaw, totalIRL0, totalIRL1, totalSavedPercent, avgConfidence };
+}
+// src/cli/commands.ts
+function collectFiles(dir, extensions) {
+  const files = [];
+  try {
+    const entries = readdirSync(dir, { withFileTypes: true });
+    for (const entry of entries) {
+      const fullPath = join2(dir, entry.name);
+      if (entry.name.startsWith(".") || entry.name === "node_modules" || entry.name === "dist") continue;
+      if (entry.isDirectory()) {
+        files.push(...collectFiles(fullPath, extensions));
+      } else if (extensions.some((ext) => entry.name.endsWith(ext))) {
+        files.push(fullPath);
+      }
+    }
+  } catch {
+  }
+  return files;
+}
+function runScan(projectPath) {
+  const adapter = new CLIAdapter();
+  const config = loadConfig(projectPath);
+  console.log("composto v0.1.0 \u2014 scanning...\n");
+  const files = collectFiles(projectPath, [".ts", ".tsx", ".js", ".jsx"]);
+  console.log(`  Found ${files.length} files
+`);
+  const allFindings = [];
+  for (const file of files) {
+    const code = readFileSync2(file, "utf-8");
+    const relPath = relative(projectPath, file);
+    const findings = runDetector(code, relPath, config.watchers);
+    allFindings.push(...findings);
+  }
+  if (allFindings.length > 0) {
+    console.log(`  Findings (${allFindings.length}):
+`);
+    for (const finding of allFindings) {
+      adapter.notify({ type: "finding", data: finding });
+      const decision = route(finding, DEFAULT_ROUTES);
+      console.log(`     -> Route: ${decision.agents.join(",")} @ ${decision.irLayer}
+`);
+    }
+  } else {
+    console.log("  No issues found.\n");
+  }
+}
+function runTrends(projectPath) {
+  const adapter = new CLIAdapter();
+  const config = loadConfig(projectPath);
+  console.log("composto v0.1.0 \u2014 trend analysis...\n");
+  const entries = getGitLog(projectPath, 100);
+  if (entries.length === 0) {
+    console.log("  No git history found.\n");
+    return;
+  }
+  console.log(`  Analyzed ${entries.length} commits
+`);
+  const trends = {
+    hotspots: detectHotspots(entries, {
+      threshold: config.trends.hotspotThreshold,
+      fixRatioThreshold: config.trends.bugFixRatioThreshold
+    }),
+    decaySignals: detectDecay(entries),
+    inconsistencies: detectInconsistencies(entries)
+  };
+  adapter.notify({ type: "trend-report", data: trends });
+}
+function runIR(projectPath, filePath, layer) {
+  const config = loadConfig(projectPath);
+  const code = readFileSync2(filePath, "utf-8");
+  const relPath = relative(projectPath, filePath);
+  const entries = getGitLog(projectPath, 100);
+  const trends = {
+    hotspots: detectHotspots(entries, {
+      threshold: config.trends.hotspotThreshold,
+      fixRatioThreshold: config.trends.bugFixRatioThreshold
+    }),
+    decaySignals: detectDecay(entries),
+    inconsistencies: detectInconsistencies(entries)
+  };
+  const health = computeHealthFromTrends(relPath, trends);
+  const irLayer = layer || "L1";
+  const result = generateLayer(irLayer, {
+    code,
+    filePath: relPath,
+    health: health.churn > 0 ? health : null
+  });
+  console.log(result);
+}
+function runBenchmark(projectPath) {
+  console.log("composto v0.1.0 \u2014 benchmark\n");
+  const files = collectFiles(projectPath, [".ts", ".tsx", ".js", ".jsx"]);
+  console.log(`  ${files.length} files
+`);
+  const results = files.map((file) => {
+    const code = readFileSync2(file, "utf-8");
+    const relPath = relative(projectPath, file);
+    return benchmarkFile(code, relPath);
+  });
+  results.sort((a, b) => b.savedPercent - a.savedPercent);
+  const header = "  File                                  Raw      L0      L1   Saved   Conf";
+  const divider = "  " + "\u2500".repeat(header.length - 2);
+  console.log(header);
+  console.log(divider);
+  for (const r of results) {
+    const file = r.file.length > 38 ? "\u2026" + r.file.slice(-37) : r.file.padEnd(38);
+    const raw = String(r.rawTokens).padStart(5);
+    const l0 = String(r.irL0Tokens).padStart(7);
+    const l1 = String(r.irL1Tokens).padStart(7);
+    const saved = (r.savedPercent.toFixed(1) + "%").padStart(7);
+    const conf = r.avgConfidence.toFixed(2).padStart(6);
+    console.log(`  ${file} ${raw} ${l0} ${l1} ${saved} ${conf}`);
+  }
+  const summary = summarize(results);
+  console.log(divider);
+  const totalLabel = "TOTAL".padEnd(38);
+  const totalRaw = String(summary.totalRaw).padStart(5);
+  const totalL0 = String(summary.totalIRL0).padStart(7);
+  const totalL1 = String(summary.totalIRL1).padStart(7);
+  const totalSaved = (summary.totalSavedPercent.toFixed(1) + "%").padStart(7);
+  const totalConf = summary.avgConfidence.toFixed(2).padStart(6);
+  console.log(`  ${totalLabel} ${totalRaw} ${totalL0} ${totalL1} ${totalSaved} ${totalConf}`);
+  const l0Percent = summary.totalRaw > 0 ? (summary.totalRaw - summary.totalIRL0) / summary.totalRaw * 100 : 0;
+  console.log(`
+  L0 (structure map):  ${summary.totalRaw} \u2192 ${summary.totalIRL0} tokens (${l0Percent.toFixed(1)}% reduction)`);
+  console.log(`  L1 (full IR):        ${summary.totalRaw} \u2192 ${summary.totalIRL1} tokens (${summary.totalSavedPercent.toFixed(1)}% reduction)`);
+  console.log(`  Files analyzed: ${summary.fileCount}`);
+  console.log(`  Avg confidence: ${summary.avgConfidence.toFixed(2)}`);
+}
+// src/index.ts
+import { resolve } from "path";
+var args = process.argv.slice(2);
+var command = args[0];
+switch (command) {
+  case "scan": {
+    const projectPath = resolve(args[1] ?? ".");
+    runScan(projectPath);
+    break;
+  }
+  case "trends": {
+    const projectPath = resolve(args[1] ?? ".");
+    runTrends(projectPath);
+    break;
+  }
+  case "ir": {
+    const filePath = args[1];
+    const layer = args[2] ?? "L1";
+    if (!filePath) {
+      console.error("Usage: composto ir <file> [L0|L1|L2|L3]");
+      process.exit(1);
+    }
+    runIR(resolve("."), resolve(filePath), layer);
+    break;
+  }
+  case "benchmark": {
+    const projectPath = resolve(args[1] ?? ".");
+    runBenchmark(projectPath);
+    break;
+  }
+  case "version":
+    console.log("composto v0.1.0");
+    break;
+  default:
+    console.log("composto v0.1.0 \u2014 less tokens, more insight\n");
+    console.log("Commands:");
+    console.log("  scan [path]          Scan codebase for issues");
+    console.log("  trends [path]        Analyze codebase health trends");
+    console.log("  ir <file> [layer]    Generate IR for a file (L0|L1|L2|L3)");
+    console.log("  benchmark [path]     Benchmark IR token savings");
+    console.log("  version              Show version");
+    break;
+}

package/package.json ADDED Viewed

@@ -0,0 +1,40 @@
+{
+  "name": "composto-ai",
+  "version": "0.1.0",
+  "description": "Proactive AI team companion — less tokens, more insight",
+  "type": "module",
+  "bin": {
+    "composto": "dist/index.js"
+  },
+  "files": [
+    "dist",
+    "README.md"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/mertcanaltin/composto"
+  },
+  "scripts": {
+    "build": "tsup",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "dev": "tsx src/index.ts"
+  },
+  "keywords": ["ai", "coding", "companion", "proactive"],
+  "author": "Mert Can Altin",
+  "license": "MIT",
+  "packageManager": "pnpm@10.30.1",
+  "devDependencies": {
+    "@types/node": "^25.5.2",
+    "@types/picomatch": "^4.0.3",
+    "tsup": "^8.5.1",
+    "tsx": "^4.21.0",
+    "typescript": "^6.0.2",
+    "vitest": "^4.1.4"
+  },
+  "dependencies": {
+    "@anthropic-ai/sdk": "^0.87.0",
+    "picomatch": "^4.0.4",
+    "yaml": "^2.8.3"
+  }
+}