npm - contextforge-cli-harshil - Versions diffs - 1.0.0 - Mend

contextforge-cli-harshil 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/src/analyze.js ADDED Viewed

@@ -0,0 +1,432 @@
+/**
+ * analyze.js
+ * Analyzes scanned files to detect framework, architecture, and important modules.
+ * Pure heuristic scoring — no embeddings, no external services.
+ */
+import { readFileSafe } from './scan.js';
+import { logger } from './utils.js';
+// ── Framework / Stack detection signals ──────────────────────────────────────
+const FRAMEWORK_SIGNALS = [
+  // Backend
+  { pattern: /["']express["']/i, label: 'Express.js', category: 'backend' },
+  { pattern: /["']fastify["']/i, label: 'Fastify', category: 'backend' },
+  { pattern: /["']hono["']/i, label: 'Hono', category: 'backend' },
+  { pattern: /["']koa["']/i, label: 'Koa.js', category: 'backend' },
+  { pattern: /["']nestjs\/core["']/i, label: 'NestJS', category: 'backend' },
+  { pattern: /["']@hapi\/hapi["']/i, label: 'Hapi.js', category: 'backend' },
+  // Frontend
+  { pattern: /["']next["']/i, label: 'Next.js', category: 'frontend' },
+  { pattern: /["']nuxt["']/i, label: 'Nuxt.js', category: 'frontend' },
+  { pattern: /["']react["']/i, label: 'React', category: 'frontend' },
+  { pattern: /["']vue["']/i, label: 'Vue.js', category: 'frontend' },
+  { pattern: /["']svelte["']/i, label: 'Svelte', category: 'frontend' },
+  { pattern: /["']solid-js["']/i, label: 'SolidJS', category: 'frontend' },
+  { pattern: /["']astro["']/i, label: 'Astro', category: 'frontend' },
+  { pattern: /["']remix["']/i, label: 'Remix', category: 'frontend' },
+  { pattern: /["']@angular\/core["']/i, label: 'Angular', category: 'frontend' },
+  // Build tools
+  { pattern: /["']vite["']/i, label: 'Vite', category: 'build' },
+  { pattern: /["']webpack["']/i, label: 'Webpack', category: 'build' },
+  { pattern: /["']esbuild["']/i, label: 'esbuild', category: 'build' },
+  { pattern: /["']turbopack["']/i, label: 'Turbopack', category: 'build' },
+  // ORMs / Databases
+  { pattern: /["']@prisma\/client["']/i, label: 'Prisma ORM', category: 'database' },
+  { pattern: /["']mongoose["']/i, label: 'Mongoose (MongoDB)', category: 'database' },
+  { pattern: /["']typeorm["']/i, label: 'TypeORM', category: 'database' },
+  { pattern: /["']drizzle-orm["']/i, label: 'Drizzle ORM', category: 'database' },
+  { pattern: /["']sequelize["']/i, label: 'Sequelize', category: 'database' },
+  { pattern: /["']knex["']/i, label: 'Knex.js', category: 'database' },
+  { pattern: /["']pg["']/i, label: 'PostgreSQL (pg)', category: 'database' },
+  { pattern: /["']mysql2["']/i, label: 'MySQL (mysql2)', category: 'database' },
+  { pattern: /["']better-sqlite3["']/i, label: 'SQLite (better-sqlite3)', category: 'database' },
+  { pattern: /["']redis["']/i, label: 'Redis', category: 'database' },
+  { pattern: /["']ioredis["']/i, label: 'Redis (ioredis)', category: 'database' },
+  { pattern: /["']mongodb["']/i, label: 'MongoDB Driver', category: 'database' },
+  // Auth
+  { pattern: /["']jsonwebtoken["']/i, label: 'JWT (jsonwebtoken)', category: 'auth' },
+  { pattern: /["']passport["']/i, label: 'Passport.js', category: 'auth' },
+  { pattern: /["']next-auth["']/i, label: 'NextAuth.js', category: 'auth' },
+  { pattern: /["']@auth\/core["']/i, label: 'Auth.js', category: 'auth' },
+  { pattern: /["']bcrypt["']/i, label: 'bcrypt', category: 'auth' },
+  { pattern: /["']clerk["']/i, label: 'Clerk', category: 'auth' },
+  { pattern: /["']@supabase\/supabase-js["']/i, label: 'Supabase', category: 'auth' },
+  { pattern: /["']firebase["']/i, label: 'Firebase', category: 'auth' },
+  // State / Query
+  { pattern: /["']zustand["']/i, label: 'Zustand', category: 'state' },
+  { pattern: /["']jotai["']/i, label: 'Jotai', category: 'state' },
+  { pattern: /["']@reduxjs\/toolkit["']/i, label: 'Redux Toolkit', category: 'state' },
+  { pattern: /["']@tanstack\/react-query["']/i, label: 'TanStack Query', category: 'state' },
+  { pattern: /["']swr["']/i, label: 'SWR', category: 'state' },
+  // Validation
+  { pattern: /["']zod["']/i, label: 'Zod', category: 'validation' },
+  { pattern: /["']joi["']/i, label: 'Joi', category: 'validation' },
+  { pattern: /["']yup["']/i, label: 'Yup', category: 'validation' },
+  { pattern: /["']class-validator["']/i, label: 'class-validator', category: 'validation' },
+  // Testing
+  { pattern: /["']jest["']/i, label: 'Jest', category: 'testing' },
+  { pattern: /["']vitest["']/i, label: 'Vitest', category: 'testing' },
+  { pattern: /["']mocha["']/i, label: 'Mocha', category: 'testing' },
+  { pattern: /["']@playwright\/test["']/i, label: 'Playwright', category: 'testing' },
+  { pattern: /["']cypress["']/i, label: 'Cypress', category: 'testing' },
+  // CSS
+  { pattern: /["']tailwindcss["']/i, label: 'Tailwind CSS', category: 'styling' },
+  { pattern: /["']styled-components["']/i, label: 'styled-components', category: 'styling' },
+  { pattern: /["']@emotion\/react["']/i, label: 'Emotion CSS', category: 'styling' },
+  // Misc
+  { pattern: /["']graphql["']/i, label: 'GraphQL', category: 'api' },
+  { pattern: /["']@trpc\/server["']/i, label: 'tRPC', category: 'api' },
+  { pattern: /["']axios["']/i, label: 'Axios', category: 'http' },
+  { pattern: /["']socket\.io["']/i, label: 'Socket.IO', category: 'realtime' },
+];
+// ── File importance scoring ──────────────────────────────────────────────────
+const HIGH_IMPORTANCE_FILENAMES = [
+  'app.js', 'app.ts', 'server.js', 'server.ts', 'main.js', 'main.ts',
+  'index.js', 'index.ts', 'package.json', 'README.md', 'readme.md',
+  'schema.prisma', 'docker-compose.yml', 'docker-compose.yaml',
+  'Dockerfile', '.env.example', '.env.sample',
+  'tsconfig.json', 'jsconfig.json',
+];
+const HIGH_IMPORTANCE_DIRS = [
+  'auth', 'middleware', 'middlewares', 'routes', 'prisma',
+  'models', 'schemas', 'services', 'controllers', 'config',
+  'api', 'hooks', 'store', 'context',
+];
+const HIGH_IMPORTANCE_CONTENT_PATTERNS = [
+  /router\.(get|post|put|patch|delete|use)\s*\(/i,
+  /app\.(get|post|put|patch|delete|use)\s*\(/i,
+  /module\.exports\s*=/,
+  /export\s+default/,
+  /export\s+async\s+function/,
+  /prisma\./i,
+  /mongoose\.model/i,
+  /sequelize\.define/i,
+  /jwt\.(sign|verify)/i,
+  /passport\.use/i,
+  /middleware/i,
+  /controller/i,
+  /service/i,
+  /repository/i,
+  /schema/i,
+];
+/**
+ * Score a file for importance (higher = more important).
+ * @param {{ path: string, absolutePath: string }} file
+ * @returns {number}
+ */
+function scoreFile(file) {
+  let score = 0;
+  const filename = file.path.split('/').pop().toLowerCase();
+  const pathParts = file.path.toLowerCase().split('/');
+  // High-importance filename match
+  if (HIGH_IMPORTANCE_FILENAMES.some((n) => n.toLowerCase() === filename)) {
+    score += 10;
+  }
+  // High-importance directory match
+  if (
+    HIGH_IMPORTANCE_DIRS.some((dir) => pathParts.some((p) => p === dir))
+  ) {
+    score += 7;
+  }
+  // File extension bonus
+  if (/\.(js|ts|jsx|tsx|mjs|cjs)$/.test(filename)) score += 3;
+  if (/\.(json|yaml|yml|prisma|sql|graphql|gql)$/.test(filename)) score += 2;
+  if (/\.(md|mdx|txt)$/.test(filename)) score += 1;
+  // Filename keyword bonus
+  const keywords = [
+    'auth', 'route', 'router', 'controller', 'service', 'middleware',
+    'model', 'schema', 'config', 'database', 'db', 'store', 'hook',
+    'api', 'handler', 'guard', 'interceptor', 'repository', 'prisma',
+  ];
+  if (keywords.some((kw) => filename.includes(kw))) score += 5;
+  // Content-based scoring — only incur the disk read for files
+  // that already look interesting from their name/path (score >= 5).
+  // This avoids reading every file in the repo on large codebases.
+  if (score >= 5) {
+    const content = readFileSafe(file.absolutePath, 10_000);
+    if (content) {
+      HIGH_IMPORTANCE_CONTENT_PATTERNS.forEach((pattern) => {
+        if (pattern.test(content)) score += 2;
+      });
+    }
+  }
+  return score;
+}
+/**
+ * Detect the tech stack from package.json content.
+ * @param {string|null} pkgContent
+ * @returns {{ stack: string[], byCategory: Object }}
+ */
+function detectStack(pkgContent) {
+  if (!pkgContent) return { stack: [], byCategory: {} };
+  const byCategory = {};
+  const stack = [];
+  FRAMEWORK_SIGNALS.forEach(({ pattern, label, category }) => {
+    if (pattern.test(pkgContent)) {
+      stack.push(label);
+      if (!byCategory[category]) byCategory[category] = [];
+      byCategory[category].push(label);
+    }
+  });
+  return { stack, byCategory };
+}
+/**
+ * Detect architecture patterns from file paths and content snippets.
+ * @param {Array<{path:string, absolutePath:string}>} files
+ * @returns {string[]}
+ */
+function detectArchitecturePatterns(files) {
+  const patterns = new Set();
+  const paths = files.map((f) => f.path.toLowerCase());
+  // Folder-based patterns
+  if (paths.some((p) => p.includes('/routes/') || p.includes('/route.'))) {
+    patterns.add('Route-based API structure');
+  }
+  if (paths.some((p) => p.includes('/controllers/') || p.includes('/controller.'))) {
+    patterns.add('MVC / Controller pattern');
+  }
+  if (paths.some((p) => p.includes('/services/') || p.includes('/service.'))) {
+    patterns.add('Service layer pattern');
+  }
+  if (paths.some((p) => p.includes('/repositories/') || p.includes('/repository.'))) {
+    patterns.add('Repository pattern');
+  }
+  if (paths.some((p) => p.includes('/middleware/') || p.includes('/middlewares/'))) {
+    patterns.add('Middleware-based request handling');
+  }
+  if (paths.some((p) => p.includes('/models/') || p.includes('/model.'))) {
+    patterns.add('Data model abstraction');
+  }
+  if (paths.some((p) => p.includes('/hooks/'))) {
+    patterns.add('Custom React hooks');
+  }
+  if (paths.some((p) => p.includes('/store/'))) {
+    patterns.add('Centralized state management');
+  }
+  if (paths.some((p) => p.includes('/components/'))) {
+    patterns.add('Component-based UI architecture');
+  }
+  if (paths.some((p) => p.includes('/pages/') || p.includes('/app/'))) {
+    patterns.add('File-system based routing');
+  }
+  if (paths.some((p) => p.includes('prisma/schema'))) {
+    patterns.add('Prisma schema-driven database');
+  }
+  if (paths.some((p) => p.includes('/graphql/') || p.includes('.graphql'))) {
+    patterns.add('GraphQL API layer');
+  }
+  if (paths.some((p) => p.includes('/api/'))) {
+    patterns.add('Dedicated API directory');
+  }
+  if (paths.some((p) => p.includes('docker-compose') || p.includes('dockerfile'))) {
+    patterns.add('Containerized deployment (Docker)');
+  }
+  return Array.from(patterns);
+}
+/**
+ * Detect authentication approach from file content.
+ * @param {Array<{path:string, absolutePath:string}>} files
+ * @returns {string[]}
+ */
+function detectAuthApproach(files) {
+  const signals = new Set();
+  const authFiles = files.filter((f) =>
+    f.path.toLowerCase().includes('auth') ||
+    f.path.toLowerCase().includes('middleware') ||
+    f.path.toLowerCase().includes('guard')
+  );
+  authFiles.forEach((file) => {
+    const content = readFileSafe(file.absolutePath, 20_000);
+    if (!content) return;
+    if (/jwt\.(sign|verify)/i.test(content)) signals.add('JWT token authentication');
+    if (/passport\./i.test(content)) signals.add('Passport.js authentication');
+    if (/bcrypt/i.test(content)) signals.add('Password hashing (bcrypt)');
+    if (/refresh.?token/i.test(content)) signals.add('Refresh token rotation');
+    if (/session/i.test(content)) signals.add('Session-based authentication');
+    if (/oauth/i.test(content)) signals.add('OAuth integration');
+    if (/clerk/i.test(content)) signals.add('Clerk authentication');
+    if (/supabase/i.test(content)) signals.add('Supabase Auth');
+    if (/next-auth|nextauth/i.test(content)) signals.add('NextAuth.js');
+    if (/role|permission|rbac/i.test(content)) signals.add('Role-based access control (RBAC)');
+    if (/api.?key/i.test(content)) signals.add('API key authentication');
+    if (/bearer/i.test(content)) signals.add('Bearer token scheme');
+  });
+  return Array.from(signals);
+}
+/**
+ * Detect coding conventions from file contents.
+ * @param {Array<{path:string, absolutePath:string}>} files
+ * @returns {string[]}
+ */
+function detectCodingConventions(files) {
+  const conventions = new Set();
+  // Sample a few important JS/TS files
+  const sampleFiles = files
+    .filter((f) => /\.(js|ts|jsx|tsx|mjs)$/.test(f.path))
+    .slice(0, 15);
+  let asyncCount = 0;
+  let callbackCount = 0;
+  let classCount = 0;
+  let functionalCount = 0;
+  let esModuleCount = 0;
+  let commonJsCount = 0;
+  let typeScriptCount = 0;
+  // Fix #5: read each file once and cache — reused below for allContent
+  const contentCache = [];
+  sampleFiles.forEach((file) => {
+    const content = readFileSafe(file.absolutePath, 15_000);
+    if (!content) return;
+    contentCache.push(content); // store for reuse
+    if (/async\s+function|await\s+/i.test(content)) asyncCount++;
+    if (/\.then\(|\.catch\(|callback/i.test(content)) callbackCount++;
+    if (/^class\s+/m.test(content)) classCount++;
+    if (/^(export\s+)?(const|function)\s+/m.test(content)) functionalCount++;
+    if (/^import\s+/m.test(content)) esModuleCount++;
+    if (/require\s*\(/m.test(content)) commonJsCount++;
+    if (/:\s*(string|number|boolean|void|Promise<)/i.test(content)) typeScriptCount++;
+    if (/interface\s+\w+|type\s+\w+\s*=/i.test(content)) typeScriptCount++;
+  });
+  if (asyncCount > callbackCount) conventions.add('async/await pattern');
+  if (callbackCount > asyncCount) conventions.add('Callback-based async');
+  if (esModuleCount > commonJsCount) conventions.add('ES Modules (import/export)');
+  if (commonJsCount > esModuleCount) conventions.add('CommonJS (require/exports)');
+  if (classCount > functionalCount) conventions.add('Class-based architecture');
+  if (functionalCount > classCount) conventions.add('Functional programming style');
+  if (typeScriptCount > 3) conventions.add('TypeScript with strict typing');
+  // Fix #5: reuse cached content — no second disk read
+  const allContent = contentCache.join('\n');
+  // Fix #7: ReDoS-safe try/catch detection — two simple non-backtracking patterns
+  // instead of the vulnerable /try\s*\{[\s\S]*?\}\s*catch/i
+  if (/\btry\s*\{/.test(allContent) && /\}\s*catch\s*[({]/.test(allContent)) {
+    conventions.add('try/catch error handling');
+  }
+  if (/\.env|process\.env/i.test(allContent)) conventions.add('Environment variable configuration');
+  if (/console\.(log|error|warn)/i.test(allContent)) conventions.add('Console-based logging');
+  if (/zod|joi|yup/i.test(allContent)) conventions.add('Schema validation');
+  if (/\.test\.|\.spec\./i.test(allContent)) conventions.add('Unit test coverage');
+  return Array.from(conventions);
+}
+/**
+ * Main analysis function.
+ * @param {Array<{path:string, absolutePath:string}>} files
+ * @param {string} cwd
+ * @returns {Object} Analysis result
+ */
+export function analyzeRepository(files, cwd) {
+  // Read package.json
+  const pkgFile = files.find((f) => f.path === 'package.json');
+  const pkgContent = pkgFile ? readFileSafe(pkgFile.absolutePath) : null;
+  // Fix #9: log a warning if package.json is malformed instead of silently
+  // returning null and running with missing stack/metadata/scripts.
+  let pkgJson = null;
+  try {
+    pkgJson = pkgContent ? JSON.parse(pkgContent) : null;
+  } catch (err) {
+    logger.warn(`Could not parse package.json: ${err.message}`);
+    logger.dim('Stack detection and project metadata will be unavailable.');
+  }
+  // Detect stack
+  const { stack, byCategory } = detectStack(pkgContent);
+  // Score and rank files by importance
+  const scoredFiles = files
+    .map((f) => ({ ...f, score: scoreFile(f) }))
+    .sort((a, b) => b.score - a.score);
+  // Top important files
+  const importantFiles = scoredFiles.filter((f) => f.score >= 5).slice(0, 30);
+  // Architecture patterns
+  const architecturePatterns = detectArchitecturePatterns(files);
+  // Auth approach
+  const authApproach = detectAuthApproach(files);
+  // Coding conventions
+  const codingConventions = detectCodingConventions(files);
+  // Project name
+  const projectName = pkgJson?.name || cwd.split(/[\\/]/).pop() || 'Unknown Project';
+  const projectVersion = pkgJson?.version || null;
+  const projectDescription = pkgJson?.description || null;
+  // Scripts
+  const scripts = pkgJson?.scripts ? Object.keys(pkgJson.scripts) : [];
+  // Language detection
+  const hasTS = files.some((f) => /\.tsx?$/.test(f.path));
+  const hasJS = files.some((f) => /\.(js|mjs|cjs)$/.test(f.path));
+  const language = hasTS ? 'TypeScript' : hasJS ? 'JavaScript' : 'Unknown';
+  // Module system
+  const moduleSystem =
+    pkgJson?.type === 'module'
+      ? 'ES Modules'
+      : pkgJson?.type === 'commonjs'
+      ? 'CommonJS'
+      : 'CommonJS (default)';
+  return {
+    projectName,
+    projectVersion,
+    projectDescription,
+    language,
+    moduleSystem,
+    stack,
+    byCategory,
+    architecturePatterns,
+    authApproach,
+    codingConventions,
+    scripts,
+    importantFiles,
+    allFiles: files,
+    totalFiles: files.length,
+    pkgJson,
+  };
+}