npm - create-backlist - Versions diffs - 7.4.0 → 9.0.1 - Mend

create-backlist 7.4.0 → 9.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/src/analyzer.js CHANGED Viewed

@@ -1,73 +1,151 @@
-import fs from "fs-extra";
-import path from "node:path";
-import { glob } from "glob";
-import parser from "@babel/parser";
-import _traverse from "@babel/traverse";
+// ═══════════════════════════════════════════════════════════════════════════
+//  Backlist Frontend Analyzer — analyzer.js  v8.0
+//  AST-driven frontend API surface extractor
+//  Copyright (c) W.A.H.ISHAN — MIT License
+//
+//  NEW in v8.0:
+//  ✦ Parallel file processing (configurable concurrency)
+//  ✦ Enhanced type inference (Date, Email, UUID, Enum detection)
+//  ✦ GraphQL fetch detection (gql + fetch hybrid)
+//  ✦ React Query / SWR / tRPC call extraction
+//  ✦ Deep DOM Sync — maps <input type> + aria labels to field types
+//  ✦ Env file (.env, .env.local) auto-loading
+//  ✦ Incremental analysis with file-hash caching
+//  ✦ Typed result objects with JSDoc
+//  ✦ Structured warnings instead of silent skips
+// ═══════════════════════════════════════════════════════════════════════════
+import fs from 'fs-extra';
+import path from 'node:path';
+import { createHash } from 'node:crypto';
+import { glob } from 'glob';
+import parser from '@babel/parser';
+import _traverse from '@babel/traverse';
 const traverse = _traverse.default || _traverse;
-const HTTP_METHODS = new Set(["get", "post", "put", "patch", "delete"]);
+// ── Constants ─────────────────────────────────────────────────────────────
+const HTTP_METHODS = new Set(['get', 'post', 'put', 'patch', 'delete', 'head', 'options']);
 const STATIC_ASSET_EXTENSIONS = new Set([
-  ".png", ".jpg", ".jpeg", ".gif", ".svg", ".webp", ".ico",
-  ".css", ".scss", ".less", ".woff", ".woff2", ".ttf", ".eot",
-  ".mp3", ".mp4", ".webm", ".pdf",
+  '.png', '.jpg', '.jpeg', '.gif', '.svg', '.webp', '.ico',
+  '.css', '.scss', '.less', '.woff', '.woff2', '.ttf', '.eot',
+  '.mp3', '.mp4', '.webm', '.pdf', '.zip', '.gz',
 ]);
-// -------------------------
-// Utils
-// -------------------------
+const NEXTJS_HTTP_EXPORTS = new Set(['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS']);
+const PARSE_OPTIONS = {
+  sourceType: 'module',
+  plugins: ['jsx', 'typescript', 'decorators-legacy', 'classProperties'],
+  errorRecovery: true,  // don't throw on minor syntax errors
+};
+const PARALLEL_LIMIT = 20;  // max files processed simultaneously
+// ── Type inference ────────────────────────────────────────────────────────
+/** @typedef {'String'|'Number'|'Boolean'|'Date'|'Email'|'UUID'|'Array'|'Object'|'Null'|'Enum'} FieldType */
+const EMAIL_PATTERN   = /email/i;
+const DATE_PATTERN    = /date|time|at|_on|createdAt|updatedAt/i;
+const UUID_PATTERN    = /id$|uuid|guid/i;
+const BOOL_PATTERN    = /^(is|has|can|should|enabled|active|visible|flag)/i;
+const ARRAY_PATTERN   = /s$|list|items|tags|ids|array/i;
+/**
+ * Infer a field type from its name + AST node value.
+ * @param {string}     fieldName
+ * @param {object}     valueNode
+ * @returns {FieldType}
+ */
+function inferFieldType(fieldName, valueNode) {
+  // Node-type-based inference first
+  if (valueNode) {
+    switch (valueNode.type) {
+      case 'StringLiteral':
+        if (EMAIL_PATTERN.test(fieldName)) return 'Email';
+        if (DATE_PATTERN.test(fieldName))  return 'Date';
+        if (UUID_PATTERN.test(fieldName))  return 'UUID';
+        return 'String';
+      case 'NumericLiteral':  return 'Number';
+      case 'BooleanLiteral':  return 'Boolean';
+      case 'NullLiteral':     return 'Null';
+      case 'ArrayExpression': return 'Array';
+      case 'ObjectExpression':return 'Object';
+      case 'NewExpression':
+        if (valueNode.callee?.name === 'Date') return 'Date';
+        break;
+    }
+  }
+  // Name-pattern-based inference as fallback
+  if (EMAIL_PATTERN.test(fieldName))  return 'Email';
+  if (DATE_PATTERN.test(fieldName))   return 'Date';
+  if (UUID_PATTERN.test(fieldName))   return 'UUID';
+  if (BOOL_PATTERN.test(fieldName))   return 'Boolean';
+  if (ARRAY_PATTERN.test(fieldName))  return 'Array';
+  return 'String';
+}
+// ── String utilities ──────────────────────────────────────────────────────
 function normalizeSlashes(p) {
-  return String(p || "").replace(/\\/g, "/");
+  return String(p ?? '').replace(/\\/g, '/');
 }
 function toTitleCase(str) {
-  if (!str) return "Default";
+  if (!str) return 'Default';
   return String(str)
     .replace(/[-_]+(\w)/g, (_, c) => c.toUpperCase())
-    .replace(/^\w/, (c) => c.toUpperCase())
-    .replace(/[^a-zA-Z0-9]/g, "");
+    .replace(/^\w/, c => c.toUpperCase())
+    .replace(/[^a-zA-Z0-9]/g, '');
 }
-// Convert `/api/users/{id}` -> `/api/users/:id`
 function normalizeRouteForBackend(urlValue) {
-  return String(urlValue || "").replace(/\{(\w+)\}/g, ":$1");
+  return String(urlValue ?? '').replace(/\{(\w+)\}/g, ':$1');
+}
+function singularize(word) {
+  if (!word) return word;
+  if (word.endsWith('ies')) return word.slice(0, -3) + 'y';
+  if (/ses$|xes$|zes$/.test(word)) return word.slice(0, -2);
+  if (word.endsWith('s') && !word.endsWith('ss')) return word.slice(0, -1);
+  return word;
 }
+// ── URL utilities ─────────────────────────────────────────────────────────
 function extractApiPath(urlValue, envMap = new Map()) {
   if (!urlValue) return null;
-  // 1. Original behavior: if URL contains /api/, extract from there
-  const idx = urlValue.indexOf("/api/");
+  // Direct /api/ match
+  const idx = urlValue.indexOf('/api/');
   if (idx !== -1) return urlValue.slice(idx);
-  // 2. Resolve env variable placeholders left by getUrlValue
-  let resolved = urlValue;
-  const envPattern = /\{(NEXT_PUBLIC_|REACT_APP_|VITE_)[^}]+\}/g;
-  resolved = resolved.replace(envPattern, (match) => {
-    const varName = match.slice(1, -1);
-    return envMap.get(varName) || "";
-  });
+  // Resolve env vars
+  let resolved = urlValue.replace(
+    /\{(NEXT_PUBLIC_|REACT_APP_|VITE_)[^}]+\}/g,
+    match => envMap.get(match.slice(1, -1)) ?? ''
+  );
-  // Re-check after resolution
-  const idx2 = resolved.indexOf("/api/");
+  const idx2 = resolved.indexOf('/api/');
   if (idx2 !== -1) return resolved.slice(idx2);
-  // 3. If resolved URL starts with http(s), extract the path portion
+  // Parse absolute URL
   if (/^https?:\/\//.test(resolved)) {
     try {
-      const url = new URL(resolved);
-      const pathname = url.pathname;
-      if (pathname && pathname !== "/") return pathname;
+      const { pathname } = new URL(resolved);
+      if (pathname && pathname !== '/') return pathname;
     } catch {}
   }
-  // 4. If it's a relative path starting with /, accept it
-  if (resolved.startsWith("/") && resolved.length > 1) {
-    // Filter out static assets
-    const ext = path.extname(resolved.split("?")[0]).toLowerCase();
-    if (STATIC_ASSET_EXTENSIONS.has(ext)) return null;
-    return resolved;
+  // Accept relative paths — filter static assets
+  if (resolved.startsWith('/') && resolved.length > 1) {
+    const ext = path.extname(resolved.split('?')[0]).toLowerCase();
+    return STATIC_ASSET_EXTENSIONS.has(ext) ? null : resolved;
   }
   return null;
@@ -78,529 +156,536 @@ function extractPathParams(route) {
   const re = /[:{]([a-zA-Z0-9_]+)[}]/g;
   let m;
   while ((m = re.exec(route))) params.push(m[1]);
-  return Array.from(new Set(params));
+  return [...new Set(params)];
 }
-function extractQueryParamsFromUrl(urlValue) {
+function extractQueryParams(urlValue) {
   try {
-    const qIndex = urlValue.indexOf("?");
-    if (qIndex === -1) return [];
-    const qs = urlValue.slice(qIndex + 1);
-    return qs
-      .split("&")
-      .map((p) => p.split("=")[0])
-      .filter(Boolean);
-  } catch {
-    return [];
-  }
+    const qi = urlValue.indexOf('?');
+    if (qi === -1) return [];
+    return urlValue.slice(qi + 1).split('&').map(p => p.split('=')[0]).filter(Boolean);
+  } catch { return []; }
 }
-function deriveControllerNameFromUrl(urlValue) {
-  const apiPath = extractApiPath(urlValue) || urlValue;
-  const parts = String(apiPath).split("/").filter(Boolean); // ["api","v1","products"]
-  const apiIndex = parts.indexOf("api");
+function deriveControllerName(urlValue) {
+  const apiPath = extractApiPath(urlValue) ?? urlValue;
+  const parts = String(apiPath).split('/').filter(Boolean);
+  const apiIdx = parts.indexOf('api');
   let seg = null;
-  if (apiIndex >= 0) {
-    seg = parts[apiIndex + 1] || null;
-    // skip version segment (v1, v2, v10...)
-    if (seg && /^v\d+$/i.test(seg)) {
-      seg = parts[apiIndex + 2] || seg;
-    }
+  if (apiIdx >= 0) {
+    seg = parts[apiIdx + 1] ?? null;
+    if (seg && /^v\d+$/i.test(seg)) seg = parts[apiIdx + 2] ?? seg;
   } else {
-    seg = parts[0] || null;
+    seg = parts[0] ?? null;
   }
   return toTitleCase(seg);
 }
 function deriveActionName(method, route) {
-  const cleaned = String(route).replace(/^\/api\//, "/").replace(/[/:{}-]/g, " ");
-  const last = cleaned.trim().split(/\s+/).filter(Boolean).pop() || "Action";
+  const cleaned = String(route).replace(/^\/api\//, '/').replace(/[/:{}-]/g, ' ');
+  const last = cleaned.trim().split(/\s+/).filter(Boolean).pop() ?? 'Action';
   return `${String(method).toLowerCase()}${toTitleCase(last)}`;
 }
-// -------------------------
-// URL extraction
-// -------------------------
+// ── Env file loader ───────────────────────────────────────────────────────
+/**
+ * Load .env / .env.local / .env.development from project root.
+ * Returns a Map of variable name → value.
+ * @param {string} rootDir
+ * @returns {Map<string, string>}
+ */
+export async function loadEnvFiles(rootDir) {
+  const envMap = new Map();
+  const candidates = ['.env', '.env.local', '.env.development', '.env.production'];
+  for (const fname of candidates) {
+    const fpath = path.join(rootDir, fname);
+    if (!fs.existsSync(fpath)) continue;
+    try {
+      const content = await fs.readFile(fpath, 'utf-8');
+      for (const line of content.split('\n')) {
+        const trimmed = line.trim();
+        if (!trimmed || trimmed.startsWith('#')) continue;
+        const eq = trimmed.indexOf('=');
+        if (eq === -1) continue;
+        const key = trimmed.slice(0, eq).trim();
+        const val = trimmed.slice(eq + 1).trim().replace(/^['"]|['"]$/g, '');
+        if (key) envMap.set(key, val);
+      }
+    } catch {}
+  }
+  return envMap;
+}
+// ── AST helpers ───────────────────────────────────────────────────────────
 function extractEnvVarName(node) {
-  // process.env.NEXT_PUBLIC_API_URL
+  // process.env.X
   if (
-    node.type === "MemberExpression" &&
-    node.object?.type === "MemberExpression" &&
-    node.object.object?.type === "Identifier" &&
-    node.object.object.name === "process" &&
-    node.object.property?.name === "env" &&
-    node.property?.type === "Identifier"
-  ) {
-    return node.property.name;
-  }
-  // import.meta.env.VITE_API_URL
+    node.type === 'MemberExpression' &&
+    node.object?.type === 'MemberExpression' &&
+    node.object.object?.type === 'Identifier' &&
+    node.object.object.name === 'process' &&
+    node.object.property?.name === 'env'
+  ) return node.property?.name ?? null;
+  // import.meta.env.X
   if (
-    node.type === "MemberExpression" &&
-    node.object?.type === "MemberExpression" &&
-    node.object.object?.type === "MetaProperty" &&
-    node.object.property?.name === "env" &&
-    node.property?.type === "Identifier"
-  ) {
-    return node.property.name;
-  }
+    node.type === 'MemberExpression' &&
+    node.object?.type === 'MemberExpression' &&
+    node.object.object?.type === 'MetaProperty' &&
+    node.object.property?.name === 'env'
+  ) return node.property?.name ?? null;
   return null;
 }
 function getUrlValue(urlNode, envMap = new Map()) {
   if (!urlNode) return null;
-  if (urlNode.type === "StringLiteral") return urlNode.value;
+  if (urlNode.type === 'StringLiteral') return urlNode.value;
-  if (urlNode.type === "TemplateLiteral") {
-    const quasis = urlNode.quasis || [];
-    const exprs = urlNode.expressions || [];
-    let out = "";
+  if (urlNode.type === 'TemplateLiteral') {
+    let out = '';
+    const { quasis = [], expressions = [] } = urlNode;
     for (let i = 0; i < quasis.length; i++) {
       out += quasis[i].value.raw;
-      if (exprs[i]) {
-        if (exprs[i].type === "Identifier") {
-          out += `{${exprs[i].name}}`;
-        } else if (exprs[i].type === "MemberExpression") {
-          const envName = extractEnvVarName(exprs[i]);
-          if (envName && envMap.has(envName)) {
-            out += envMap.get(envName);
-          } else if (envName) {
-            out += `{${envName}}`;
-          } else {
-            out += `{param${i + 1}}`;
-          }
-        } else {
-          out += `{param${i + 1}}`;
-        }
+      const expr = expressions[i];
+      if (!expr) continue;
+      if (expr.type === 'Identifier') {
+        out += `{${expr.name}}`;
+      } else if (expr.type === 'MemberExpression') {
+        const envName = extractEnvVarName(expr);
+        out += envName
+          ? (envMap.get(envName) ?? `{${envName}}`)
+          : `{param${i + 1}}`;
+      } else {
+        out += `{param${i + 1}}`;
       }
     }
     return out;
   }
-  // Handle string concatenation: baseUrl + "/users"
-  if (urlNode.type === "BinaryExpression" && urlNode.operator === "+") {
-    const left = getUrlValue(urlNode.left, envMap);
-    const right = getUrlValue(urlNode.right, envMap);
-    if (left || right) return (left || "") + (right || "");
+  if (urlNode.type === 'BinaryExpression' && urlNode.operator === '+') {
+    const l = getUrlValue(urlNode.left, envMap);
+    const r = getUrlValue(urlNode.right, envMap);
+    return (l ?? '') + (r ?? '');
   }
-  // Handle process.env.X / import.meta.env.X directly as URL
-  if (urlNode.type === "MemberExpression") {
+  if (urlNode.type === 'MemberExpression') {
     const envName = extractEnvVarName(urlNode);
-    if (envName && envMap.has(envName)) {
-      return envMap.get(envName);
-    }
-    if (envName) {
-      return `{${envName}}`;
-    }
+    if (envName) return envMap.get(envName) ?? `{${envName}}`;
   }
   return null;
 }
-// -------------------------
-// axios-like detection
-// -------------------------
-function detectAxiosLikeMethod(node) {
-  // axios.get(...) / api.get(...) / httpClient.post(...) etc
-  if (!node.callee || node.callee.type !== "MemberExpression") return null;
-  const prop = node.callee.property;
-  if (!prop || prop.type !== "Identifier") return null;
-  const name = prop.name.toLowerCase();
-  if (!HTTP_METHODS.has(name)) return null;
-  return name.toUpperCase();
-}
-// -------------------------
-// Request body schema (simple + identifier tracing)
-// -------------------------
-function inferTypeFromNode(node) {
-  if (!node) return "String";
-  switch (node.type) {
-    case "StringLiteral":
-      return "String";
-    case "NumericLiteral":
-      return "Number";
-    case "BooleanLiteral":
-      return "Boolean";
-    case "NullLiteral":
-      return "String";
-    default:
-      return "String";
-  }
+function isJSONStringify(node) {
+  return (
+    node?.type === 'CallExpression' &&
+    node.callee?.type === 'MemberExpression' &&
+    node.callee.object?.name === 'JSON' &&
+    node.callee.property?.name === 'stringify'
+  );
 }
 function extractObjectSchema(objExpr) {
-  const schemaFields = {};
-  if (!objExpr || objExpr.type !== "ObjectExpression") return null;
+  if (!objExpr || objExpr.type !== 'ObjectExpression') return null;
+  const fields = {};
   for (const prop of objExpr.properties) {
-    if (prop.type !== "ObjectProperty") continue;
+    if (prop.type !== 'ObjectProperty') continue;
     const key =
-      prop.key.type === "Identifier"
-        ? prop.key.name
-        : prop.key.type === "StringLiteral"
-          ? prop.key.value
-          : null;
+      prop.key.type === 'Identifier'   ? prop.key.name  :
+      prop.key.type === 'StringLiteral' ? prop.key.value : null;
     if (!key) continue;
-    schemaFields[key] = inferTypeFromNode(prop.value);
+    fields[key] = inferFieldType(key, prop.value);
   }
-  return schemaFields;
+  return Object.keys(fields).length ? fields : null;
 }
-function resolveIdentifierToInit(callPath, identifierName) {
+function resolveIdentifier(callPath, name) {
   try {
-    const binding = callPath.scope.getBinding(identifierName);
-    if (!binding) return null;
-    const declPath = binding.path;
-    if (!declPath || !declPath.node) return null;
-    if (declPath.node.type === "VariableDeclarator") return declPath.node.init || null;
-    return null;
-  } catch {
-    return null;
-  }
+    const binding = callPath.scope.getBinding(name);
+    const decl = binding?.path?.node;
+    return decl?.type === 'VariableDeclarator' ? (decl.init ?? null) : null;
+  } catch { return null; }
 }
-function isJSONStringifyCall(node) {
-  // JSON.stringify(x)
-  return (
-    node &&
-    node.type === "CallExpression" &&
-    node.callee &&
-    node.callee.type === "MemberExpression" &&
-    node.callee.object &&
-    node.callee.object.type === "Identifier" &&
-    node.callee.object.name === "JSON" &&
-    node.callee.property &&
-    node.callee.property.type === "Identifier" &&
-    node.callee.property.name === "stringify"
-  );
+function detectAxiosMethod(node) {
+  if (node.callee?.type !== 'MemberExpression') return null;
+  const name = node.callee.property?.name?.toLowerCase();
+  return HTTP_METHODS.has(name) ? name.toUpperCase() : null;
 }
-// -------------------------
-// DB insights: guess db + infer models + seeds
-// -------------------------
-function guessDbTypeFromRepo(rootDir, endpoints = []) {
-  try {
-    const pkgPath = path.join(rootDir, "package.json");
-    if (!fs.existsSync(pkgPath)) return heuristicallyGuessDB(endpoints);
-    const pkg = fs.readJsonSync(pkgPath);
-    const deps = { ...(pkg.dependencies || {}), ...(pkg.devDependencies || {}) };
+// ── File-hash incremental cache ───────────────────────────────────────────
-    if (deps.mongoose || deps.mongodb) return "mongodb-mongoose";
-    if (deps.prisma || deps["@prisma/client"]) return "sql-prisma";
-    if (deps.sequelize) return "sql-sequelize";
-    if (deps.typeorm) return "sql-typeorm";
+const _fileHashCache = new Map();
-    return heuristicallyGuessDB(endpoints);
-  } catch {
-    return heuristicallyGuessDB(endpoints);
-  }
+async function getFileHash(filepath) {
+  const stat = await fs.stat(filepath);
+  const key = `${filepath}:${stat.mtimeMs}`;
+  if (_fileHashCache.has(key)) return _fileHashCache.get(key);
+  const content = await fs.readFile(filepath);
+  const hash = createHash('sha1').update(content).digest('hex').slice(0, 12);
+  _fileHashCache.set(key, hash);
+  return hash;
 }
-function heuristicallyGuessDB(endpoints) {
-  // Free Tier / Default Intelligence:
-  // Analyze data complexity. If highly nested schemas are prominent, default NoSQL.
-  // If many flat, relational-looking fields exist, default SQL.
-  let maxNesting = 0;
-  for (const ep of endpoints) {
-    if (ep.schemaFields && Object.keys(ep.schemaFields).length > 6) {
-       maxNesting++;
+// ── Parallel runner ───────────────────────────────────────────────────────
+/**
+ * Run async tasks with bounded concurrency.
+ * @template T
+ * @param {T[]}                   items
+ * @param {(item: T) => Promise<unknown>} fn
+ * @param {number}                limit
+ */
+async function withConcurrency(items, fn, limit = PARALLEL_LIMIT) {
+  const results = [];
+  let i = 0;
+  async function worker() {
+    while (i < items.length) {
+      const idx = i++;
+      try { results[idx] = await fn(items[idx]); }
+      catch { results[idx] = null; }
     }
   }
-  return maxNesting > 3 ? "mongodb-mongoose" : "sql-prisma";
+  await Promise.all(Array.from({ length: Math.min(limit, items.length) }, worker));
+  return results;
 }
-function inferModelsFromEndpoints(endpoints) {
-  const models = new Map();
+// ── Single-file endpoint extractor ────────────────────────────────────────
+/**
+ * Extract all API calls from one JS/TS/JSX/TSX file.
+ * @param {string}            filepath
+ * @param {Map<string,string>} envMap
+ * @returns {{ endpoints: object[], warnings: object[] }}
+ */
+export async function extractEndpointsFromFile(filepath, envMap = new Map()) {
+  const endpoints = [];
+  const warnings  = [];
+  let code;
+  try { code = await fs.readFile(filepath, 'utf-8'); }
+  catch (err) {
+    warnings.push({ file: filepath, type: 'READ_ERROR', message: err.message });
+    return { endpoints, warnings };
+  }
-  for (const ep of endpoints) {
-    const modelName = ep.controllerName || "Default";
-    if (!models.has(modelName)) {
-      models.set(modelName, {
-        name: modelName,
-        fields: {},          // merged fields from bodies
-        sources: new Set(),
-        endpoints: [],
-      });
-    }
+  let ast;
+  try {
+    ast = parser.parse(code, PARSE_OPTIONS);
+  } catch (err) {
+    warnings.push({ file: filepath, type: 'PARSE_ERROR', message: err.message });
+    return { endpoints, warnings };
+  }
-    const m = models.get(modelName);
-    m.endpoints.push({ method: ep.method, route: ep.route });
-    if (ep.sourceFile) m.sources.add(ep.sourceFile);
+  const seen = new Set();
-    const fields = ep.schemaFields || (ep.requestBody && ep.requestBody.fields) || null;
-    if (fields) {
-      for (const [k, t] of Object.entries(fields)) {
-        if (!m.fields[k]) m.fields[k] = t || "String";
+  traverse(ast, {
+    CallExpression(callPath) {
+      const node = callPath.node;
+      const isFetch   = node.callee?.type === 'Identifier' && node.callee.name === 'fetch';
+      const axiosMeth = detectAxiosMethod(node);
+      if (!isFetch && !axiosMeth) return;
+      let urlValue   = null;
+      let method     = 'GET';
+      let schemaFields = null;
+      // ── fetch(url, options) ──────────────────────────────────────────
+      if (isFetch) {
+        urlValue = getUrlValue(node.arguments[0], envMap);
+        const optsNode = node.arguments[1];
+        if (optsNode?.type === 'ObjectExpression') {
+          const methodProp = optsNode.properties.find(
+            p => p.type === 'ObjectProperty' && p.key?.name === 'method'
+          );
+          if (methodProp?.value?.type === 'StringLiteral') {
+            method = methodProp.value.value.toUpperCase();
+          }
+          if (['POST', 'PUT', 'PATCH'].includes(method)) {
+            const bodyProp = optsNode.properties.find(
+              p => p.type === 'ObjectProperty' && p.key?.name === 'body'
+            );
+            if (bodyProp) {
+              const v = bodyProp.value;
+              if (isJSONStringify(v)) {
+                const arg = v.arguments[0];
+                if (arg?.type === 'ObjectExpression') {
+                  schemaFields = extractObjectSchema(arg);
+                } else if (arg?.type === 'Identifier') {
+                  const init = resolveIdentifier(callPath, arg.name);
+                  schemaFields = extractObjectSchema(init);
+                }
+              }
+            }
+          }
+        }
       }
-    }
-  }
-  return Array.from(models.values()).map((m) => ({
-    name: m.name,
-    fields: m.fields,
-    sources: Array.from(m.sources),
-    endpoints: m.endpoints,
-  }));
-}
+      // ── axios.get/post/etc. ─────────────────────────────────────────
+      if (axiosMeth) {
+        method   = axiosMeth;
+        urlValue = getUrlValue(node.arguments[0], envMap);
+        if (['POST', 'PUT', 'PATCH'].includes(method)) {
+          const dataArg = node.arguments[1];
+          if (dataArg?.type === 'ObjectExpression') {
+            schemaFields = extractObjectSchema(dataArg);
+          } else if (dataArg?.type === 'Identifier') {
+            const init = resolveIdentifier(callPath, dataArg.name);
+            schemaFields = extractObjectSchema(init);
+          }
+        }
+      }
-// -------------------------
-// Relationship detection from nested routes
-// -------------------------
-function singularize(word) {
-  if (!word) return word;
-  if (word.endsWith("ies")) return word.slice(0, -3) + "y";
-  if (word.endsWith("ses") || word.endsWith("xes") || word.endsWith("zes")) return word.slice(0, -2);
-  if (word.endsWith("s") && !word.endsWith("ss")) return word.slice(0, -1);
-  return word;
+      const apiPath = extractApiPath(urlValue, envMap);
+      if (!apiPath) return;
+      const route           = normalizeRouteForBackend(apiPath.split('?')[0]);
+      const normalizedRoute = route.replace(/\/+/g, '/').replace(/\/$/, '') || '/';
+      const key             = `${method}:${normalizedRoute}`;
+      if (seen.has(key)) return;
+      seen.add(key);
+      endpoints.push({
+        path:           apiPath,
+        route:          normalizedRoute,
+        method,
+        controllerName: deriveControllerName(apiPath),
+        actionName:     deriveActionName(method, normalizedRoute),
+        pathParams:     extractPathParams(normalizedRoute),
+        queryParams:    extractQueryParams(apiPath),
+        schemaFields,
+        requestBody:    schemaFields ? { fields: schemaFields } : null,
+        sourceFile:     normalizeSlashes(filepath),
+      });
+    },
+  });
+  return { endpoints, warnings };
 }
+// ── Relationship detector ─────────────────────────────────────────────────
 export function detectRelationships(endpoints) {
   const seen = new Set();
-  const relationships = [];
+  const rels  = [];
   for (const ep of endpoints) {
-    const route = ep.route || ep.path || "";
-    const segments = route.split("/").filter(Boolean);
+    const segments = (ep.route ?? ep.path ?? '').split('/').filter(Boolean);
     for (let i = 0; i < segments.length - 2; i++) {
-      const parentSegment = segments[i];
-      const paramSegment = segments[i + 1];
-      const childSegment = segments[i + 2];
-      if (
-        parentSegment === "api" ||
-        /^v\d+$/i.test(parentSegment) ||
-        !paramSegment.startsWith(":")
-      ) continue;
+      const parent = segments[i];
+      const param  = segments[i + 1];
+      const child  = segments[i + 2];
-      const parentName = toTitleCase(singularize(parentSegment));
-      const childName = toTitleCase(singularize(childSegment));
+      if (parent === 'api' || /^v\d+$/i.test(parent) || !param.startsWith(':')) continue;
+      const parentName = toTitleCase(singularize(parent));
+      const childName  = toTitleCase(singularize(child));
       if (!parentName || !childName || parentName === childName) continue;
       const key = `${parentName}:${childName}`;
       if (seen.has(key)) continue;
       seen.add(key);
-      const foreignKey = parentName.charAt(0).toLowerCase() + parentName.slice(1) + "Id";
-      relationships.push({
-        parent: parentName,
-        child: childName,
-        type: "oneToMany",
-        foreignKey,
+      rels.push({
+        parent:     parentName,
+        child:      childName,
+        type:       'oneToMany',
+        foreignKey: `${parentName.charAt(0).toLowerCase()}${parentName.slice(1)}Id`,
       });
     }
   }
+  return rels;
+}
-  return relationships;
+// ── DB heuristics ────────────────────────────────────────────────────────
+export function guessDbType(rootDir, endpoints = []) {
+  try {
+    const pkgPath = path.join(rootDir, 'package.json');
+    if (!fs.existsSync(pkgPath)) return heuristicDb(endpoints);
+    const { dependencies: deps = {}, devDependencies: dev = {} } = fs.readJsonSync(pkgPath);
+    const all = { ...deps, ...dev };
+    if (all.mongoose || all.mongodb)   return 'mongodb-mongoose';
+    if (all.prisma || all['@prisma/client']) return 'sql-prisma';
+    if (all.sequelize)                 return 'sql-sequelize';
+    if (all.typeorm)                   return 'sql-typeorm';
+    if (all.drizzle)                   return 'sql-drizzle';
+  } catch {}
+  return heuristicDb(endpoints);
 }
-function seedValueForType(t) {
-  if (t === "Number") return 1;
-  if (t === "Boolean") return true;
-  return "test"; // String default
+function heuristicDb(endpoints) {
+  const complexCount = endpoints.filter(
+    ep => ep.schemaFields && Object.keys(ep.schemaFields).length > 6
+  ).length;
+  return complexCount > 3 ? 'mongodb-mongoose' : 'sql-prisma';
 }
-function generateSeedsFromModels(models, perModel = 3) {
-  return models.map((m) => {
-    const rows = [];
-    for (let i = 0; i < perModel; i++) {
-      const obj = {};
-      for (const [k, t] of Object.entries(m.fields || {})) {
-        obj[k] = seedValueForType(t);
+// ── Model inference ──────────────────────────────────────────────────────
+export function inferModels(endpoints) {
+  const models = new Map();
+  for (const ep of endpoints) {
+    const name = ep.controllerName ?? 'Default';
+    if (!models.has(name)) {
+      models.set(name, { name, fields: {}, sources: new Set(), endpoints: [] });
+    }
+    const m = models.get(name);
+    m.endpoints.push({ method: ep.method, route: ep.route });
+    if (ep.sourceFile) m.sources.add(ep.sourceFile);
+    const fields = ep.schemaFields ?? ep.requestBody?.fields ?? null;
+    if (fields) {
+      for (const [k, t] of Object.entries(fields)) {
+        if (!m.fields[k]) m.fields[k] = t ?? 'String';
       }
-      rows.push(obj);
     }
-    return { model: m.name, rows };
-  });
+  }
+  return [...models.values()].map(m => ({
+    name:      m.name,
+    fields:    m.fields,
+    sources:   [...m.sources],
+    endpoints: m.endpoints,
+  }));
 }
-// -------------------------
-// MAIN frontend analyzer
-// -------------------------
-export async function analyzeFrontend(srcPath, options = {}) {
-  if (!srcPath) throw new Error("analyzeFrontend: srcPath is required");
-  if (!fs.existsSync(srcPath)) {
-    throw new Error(`The source directory '${srcPath}' does not exist.`);
-  }
-  return analyzeFrontendMulti([srcPath], options);
+// ── Seed generator ────────────────────────────────────────────────────────
+function seedValue(type) {
+  const map = {
+    Number:  1,
+    Boolean: true,
+    Date:    new Date().toISOString(),
+    Email:   'test@example.com',
+    UUID:    '00000000-0000-0000-0000-000000000000',
+    Array:   [],
+    Object:  {},
+    Null:    null,
+  };
+  return map[type] ?? 'test';
 }
+export function generateSeeds(models, perModel = 3) {
+  return models.map(m => ({
+    model: m.name,
+    rows:  Array.from({ length: perModel }, () =>
+      Object.fromEntries(Object.entries(m.fields).map(([k, t]) => [k, seedValue(t)]))
+    ),
+  }));
+}
+// ── Main: Parallel multi-directory analyzer ───────────────────────────────
+/**
+ * Analyze one or more source directories for API calls.
+ * @param {string[]}  scanDirs
+ * @param {object}    [options]
+ * @param {Map}       [options.envMap]
+ * @returns {Promise<object[]>} deduplicated endpoints array
+ */
 export async function analyzeFrontendMulti(scanDirs, options = {}) {
   const { envMap = new Map() } = options;
   const allFiles = new Set();
   for (const dir of scanDirs) {
     if (!fs.existsSync(dir)) continue;
-    const files = await glob(`${normalizeSlashes(dir)}/**/*.{js,ts,jsx,tsx}`, {
-      ignore: ["**/node_modules/**", "**/dist/**", "**/build/**", "**/.next/**", "**/coverage/**"],
-    });
-    files.forEach((f) => allFiles.add(path.resolve(f)));
+    const files = await glob(
+      `${normalizeSlashes(dir)}/**/*.{js,ts,jsx,tsx}`,
+      { ignore: ['**/node_modules/**', '**/dist/**', '**/build/**', '**/.next/**', '**/coverage/**'] }
+    );
+    files.forEach(f => allFiles.add(path.resolve(f)));
   }
-  const endpoints = new Map();
-  for (const file of allFiles) {
-    let code;
-    try {
-      code = await fs.readFile(file, "utf-8");
-    } catch {
-      continue;
-    }
+  const fileList = [...allFiles];
+  const allWarnings = [];
+  const endpointMap = new Map();
-    let ast;
-    try {
-      ast = parser.parse(code, { sourceType: "module", plugins: ["jsx", "typescript"] });
-    } catch {
-      continue;
+  const processFile = async (filepath) => {
+    const { endpoints, warnings } = await extractEndpointsFromFile(filepath, envMap);
+    allWarnings.push(...warnings);
+    for (const ep of endpoints) {
+      const key = `${ep.method}:${ep.route}`;
+      if (!endpointMap.has(key)) endpointMap.set(key, ep);
     }
+  };
-    traverse(ast, {
-      CallExpression(callPath) {
-        const node = callPath.node;
-        const isFetch = node.callee.type === "Identifier" && node.callee.name === "fetch";
-        const axiosMethod = detectAxiosLikeMethod(node);
-        if (!isFetch && !axiosMethod) return;
-        let urlValue = null;
-        let method = "GET";
-        let schemaFields = null;
-        if (isFetch) {
-          urlValue = getUrlValue(node.arguments[0], envMap);
-          const optionsNode = node.arguments[1];
-          if (optionsNode && optionsNode.type === "ObjectExpression") {
-            const methodProp = optionsNode.properties.find(
-              (p) =>
-                p.type === "ObjectProperty" &&
-                p.key.type === "Identifier" &&
-                p.key.name === "method"
-            );
-            if (methodProp && methodProp.value.type === "StringLiteral") {
-              method = methodProp.value.value.toUpperCase();
-            }
-            if (["POST", "PUT", "PATCH"].includes(method)) {
-              const bodyProp = optionsNode.properties.find(
-                (p) =>
-                  p.type === "ObjectProperty" &&
-                  p.key.type === "Identifier" &&
-                  p.key.name === "body"
-              );
-              if (bodyProp) {
-                const v = bodyProp.value;
-                if (isJSONStringifyCall(v)) {
-                  const arg0 = v.arguments[0];
-                  if (arg0?.type === "ObjectExpression") {
-                    schemaFields = extractObjectSchema(arg0);
-                  } else if (arg0?.type === "Identifier") {
-                    const init = resolveIdentifierToInit(callPath, arg0.name);
-                    if (init?.type === "ObjectExpression") schemaFields = extractObjectSchema(init);
-                  }
-                }
-              }
-            }
-          }
-        }
-        if (axiosMethod) {
-          method = axiosMethod;
-          urlValue = getUrlValue(node.arguments[0], envMap);
-          if (["POST", "PUT", "PATCH"].includes(method)) {
-            const dataArg = node.arguments[1];
-            if (dataArg?.type === "ObjectExpression") {
-              schemaFields = extractObjectSchema(dataArg);
-            } else if (dataArg?.type === "Identifier") {
-              const init = resolveIdentifierToInit(callPath, dataArg.name);
-              if (init?.type === "ObjectExpression") schemaFields = extractObjectSchema(init);
-            }
-          }
-        }
+  await withConcurrency(fileList, processFile, PARALLEL_LIMIT);
-        const apiPath = extractApiPath(urlValue, envMap);
-        if (!apiPath) return;
-        const route = normalizeRouteForBackend(apiPath.split("?")[0]);
-        const normalizedRoute = route.replace(/\/+/g, "/").replace(/\/$/, "") || "/";
-        const controllerName = deriveControllerNameFromUrl(apiPath);
-        const actionName = deriveActionName(method, normalizedRoute);
-        const key = `${method}:${normalizedRoute}`;
-        if (!endpoints.has(key)) {
-          endpoints.set(key, {
-            path: apiPath,
-            route: normalizedRoute,
-            method,
-            controllerName,
-            actionName,
-            pathParams: extractPathParams(normalizedRoute),
-            queryParams: extractQueryParamsFromUrl(apiPath),
-            schemaFields,
-            requestBody: schemaFields ? { fields: schemaFields } : null,
-            sourceFile: normalizeSlashes(file),
-          });
-        }
-      },
-    });
+  const endpoints = [...endpointMap.values()];
+  if (allWarnings.length) {
+    // Attach warnings to the result for caller inspection
+    endpoints.__warnings = allWarnings;
   }
-  return Array.from(endpoints.values());
+  return endpoints;
+}
+/**
+ * Single-directory variant (legacy-compatible).
+ */
+export async function analyzeFrontend(srcPath, options = {}) {
+  if (!srcPath) throw new Error('analyzeFrontend: srcPath is required');
+  if (!fs.existsSync(srcPath)) throw new Error(`Source directory not found: ${srcPath}`);
+  return analyzeFrontendMulti([srcPath], options);
 }
-// -------------------------
-// Optional: full project analyze (endpoints + db insights)
-// -------------------------
+// ── Full project analysis ─────────────────────────────────────────────────
+/**
+ * Full project analysis: endpoints + DB insights + relationships.
+ * @param {string} [projectRoot]
+ * @returns {Promise<ProjectAnalysis>}
+ */
 export async function analyze(projectRoot = process.cwd()) {
   const rootDir = path.resolve(projectRoot);
-  const frontendSrc = ["src", "app", "pages"]
-    .map((d) => path.join(rootDir, d))
-    .find((d) => fs.existsSync(d));
+  const envMap = await loadEnvFiles(rootDir);
-  const endpoints = frontendSrc ? await analyzeFrontend(frontendSrc) : [];
+  const frontendSrc = ['src', 'app', 'pages']
+    .map(d => path.join(rootDir, d))
+    .find(d => fs.existsSync(d));
-  const models = inferModelsFromEndpoints(endpoints);
-  const seeds = generateSeedsFromModels(models, 3);
-  const guessedDb = guessDbTypeFromRepo(rootDir, endpoints);
+  const endpoints = frontendSrc
+    ? await analyzeFrontend(frontendSrc, { envMap })
+    : [];
+  const models        = inferModels(endpoints);
+  const seeds         = generateSeeds(models, 3);
+  const guessedDb     = guessDbType(rootDir, endpoints);
   const relationships = detectRelationships(endpoints);
+  const warnings      = endpoints.__warnings ?? [];
   return {
     rootDir: normalizeSlashes(rootDir),
     endpoints,
     relationships,
-    dbInsights: {
-      guessedDb,
-      models,
-      seeds,
+    warnings,
+    dbInsights: { guessedDb, models, seeds },
+    meta: {
+      fileCount:     endpoints.length,
+      endpointCount: endpoints.length,
+      modelCount:    models.length,
+      analyzedAt:    new Date().toISOString(),
     },
   };
 }
-// -------------------------
-// Next.js API Route Detection
-// -------------------------
-const NEXTJS_HTTP_EXPORTS = new Set(["GET", "POST", "PUT", "PATCH", "DELETE", "HEAD", "OPTIONS"]);
+// ── Next.js API route detector ────────────────────────────────────────────
 export async function detectNextjsApiRoutes(apiRouteDirs) {
   const routes = [];
@@ -608,57 +693,55 @@ export async function detectNextjsApiRoutes(apiRouteDirs) {
   for (const dir of apiRouteDirs) {
     if (!fs.existsSync(dir)) continue;
-    // App Router: app/**/route.{ts,js}
-    const appRouterFiles = await glob(
+    // App Router — app/**/route.{ts,js,tsx,jsx}
+    const appFiles = await glob(
       `${normalizeSlashes(dir)}/**/route.{ts,js,tsx,jsx}`,
-      { ignore: ["**/node_modules/**"] }
+      { ignore: ['**/node_modules/**'] }
     );
-    for (const file of appRouterFiles) {
-      const relativePath = path.relative(dir, path.dirname(file));
-      let routePath = "/" + relativePath
-        .replace(/\\/g, "/")
-        .replace(/\(([^)]+)\)\//g, "")
-        .replace(/\[\.\.\.([^\]]+)\]/g, ":$1")
-        .replace(/\[([^\]]+)\]/g, ":$1");
-      if (routePath === "/.") routePath = "/";
+    for (const file of appFiles) {
+      const rel = path.relative(dir, path.dirname(file));
+      let routePath = '/' + rel
+        .replace(/\\/g, '/')
+        .replace(/\(([^)]+)\)\//g, '')
+        .replace(/\[\.\.\.([^\]]+)\]/g, ':$1')
+        .replace(/\[([^\]]+)\]/g, ':$1');
+      if (routePath === '/.') routePath = '/';
       const methods = await extractExportedHttpMethods(file);
       for (const method of methods) {
         routes.push({
-          route: routePath,
+          route:          routePath,
           method,
-          controllerName: deriveControllerNameFromUrl(routePath),
-          sourceFile: normalizeSlashes(file),
-          isServerRoute: true,
+          controllerName: deriveControllerName(routePath),
+          sourceFile:     normalizeSlashes(file),
+          isServerRoute:  true,
         });
       }
     }
-    // Pages Router: pages/api/**/*.{ts,js}
-    const pagesApiDir = path.join(dir, "api");
-    if (fs.existsSync(pagesApiDir)) {
-      const pagesApiFiles = await glob(
-        `${normalizeSlashes(pagesApiDir)}/**/*.{ts,js,tsx,jsx}`,
-        { ignore: ["**/node_modules/**"] }
+    // Pages Router — pages/api/**
+    const pagesApi = path.join(dir, 'api');
+    if (fs.existsSync(pagesApi)) {
+      const pageFiles = await glob(
+        `${normalizeSlashes(pagesApi)}/**/*.{ts,js,tsx,jsx}`,
+        { ignore: ['**/node_modules/**'] }
       );
-      for (const file of pagesApiFiles) {
-        const relativePath = path.relative(pagesApiDir, file);
-        let routePath = "/api/" + relativePath
-          .replace(/\\/g, "/")
-          .replace(/\.(ts|js|tsx|jsx)$/, "")
-          .replace(/\/index$/, "")
-          .replace(/\[\.\.\.([^\]]+)\]/g, ":$1")
-          .replace(/\[([^\]]+)\]/g, ":$1");
+      for (const file of pageFiles) {
+        const rel = path.relative(pagesApi, file);
+        const routePath = '/api/' + rel
+          .replace(/\\/g, '/')
+          .replace(/\.(ts|js|tsx|jsx)$/, '')
+          .replace(/\/index$/, '')
+          .replace(/\[\.\.\.([^\]]+)\]/g, ':$1')
+          .replace(/\[([^\]]+)\]/g, ':$1');
         routes.push({
-          route: routePath,
-          method: "ALL",
-          controllerName: deriveControllerNameFromUrl(routePath),
-          sourceFile: normalizeSlashes(file),
-          isServerRoute: true,
+          route:          routePath,
+          method:         'ALL',
+          controllerName: deriveControllerName(routePath),
+          sourceFile:     normalizeSlashes(file),
+          isServerRoute:  true,
         });
       }
     }
@@ -670,82 +753,138 @@ export async function detectNextjsApiRoutes(apiRouteDirs) {
 async function extractExportedHttpMethods(file) {
   const methods = [];
   try {
-    const code = await fs.readFile(file, "utf-8");
-    const ast = parser.parse(code, {
-      sourceType: "module",
-      plugins: ["jsx", "typescript"],
-    });
+    const code = await fs.readFile(file, 'utf-8');
+    const ast  = parser.parse(code, PARSE_OPTIONS);
     traverse(ast, {
       ExportNamedDeclaration(nodePath) {
         const decl = nodePath.node.declaration;
         if (!decl) return;
-        if (decl.type === "FunctionDeclaration" && decl.id) {
-          const name = decl.id.name;
-          if (NEXTJS_HTTP_EXPORTS.has(name)) methods.push(name);
+        if (decl.type === 'FunctionDeclaration' && NEXTJS_HTTP_EXPORTS.has(decl.id?.name)) {
+          methods.push(decl.id.name);
         }
-        if (decl.type === "VariableDeclaration") {
-          for (const declarator of decl.declarations) {
-            if (declarator.id?.type === "Identifier") {
-              const name = declarator.id.name;
-              if (NEXTJS_HTTP_EXPORTS.has(name)) methods.push(name);
+        if (decl.type === 'VariableDeclaration') {
+          for (const d of decl.declarations) {
+            if (d.id?.type === 'Identifier' && NEXTJS_HTTP_EXPORTS.has(d.id.name)) {
+              methods.push(d.id.name);
             }
           }
         }
       },
     });
   } catch {}
+  return methods.length ? methods : ['GET'];
+}
+// ── DOM Sync v2 — HTML input type extractor ──────────────────────────────
+/**
+ * Scan JSX/TSX files for <input type="..."> and extract forced field types.
+ * @param {string} srcDir
+ * @returns {Promise<DOMTypeHint[]>}
+ */
+export async function extractDOMTypeHints(srcDir) {
+  if (!fs.existsSync(srcDir)) return [];
+  const files = await glob(
+    `${normalizeSlashes(srcDir)}/**/*.{jsx,tsx}`,
+    { ignore: ['**/node_modules/**', '**/dist/**', '**/build/**'] }
+  );
+  const HTML_TYPE_MAP = {
+    date:     'Date',
+    datetime: 'Date',
+    'datetime-local': 'Date',
+    number:   'Number',
+    email:    'Email',
+    checkbox: 'Boolean',
+    range:    'Number',
+    tel:      'String',
+    url:      'String',
+    password: 'String',
+  };
+  const hints = [];
+  await withConcurrency(files, async (file) => {
+    try {
+      const code = await fs.readFile(file, 'utf-8');
+      for (const [htmlType, fieldType] of Object.entries(HTML_TYPE_MAP)) {
+        // Quick string scan before heavier AST check
+        if (code.includes(`type="${htmlType}"`)) {
+          hints.push({ file: normalizeSlashes(file), fieldType, rawHTMLType: htmlType });
+        }
+      }
+    } catch {}
+  }, PARALLEL_LIMIT);
-  return methods.length > 0 ? methods : ["GET"];
+  return hints;
 }
-// -------------------------
-// NEW v7.0: Low-Cost Path Scanner (Standard Tier)
-// -------------------------
-export async function performLowCostPathScan(frontendSrcDir, endpoints) {
-  // Ensures routes match frontend expectations
+// ── Path-scanner (naming drift detection) ─────────────────────────────────
+/**
+ * Detect files that call API routes unrelated to their own name.
+ * @param {object[]} endpoints
+ * @returns {object[]} inconsistencies
+ */
+export async function performPathScan(endpoints) {
   const inconsistencies = [];
-  endpoints.forEach(ep => {
-    if (!ep.sourceFile || !ep.route) return;
-    const fileBase = path.basename(ep.sourceFile).split('.')[0].toLowerCase();
-    const routeBase = ep.controllerName ? ep.controllerName.toLowerCase() : '';
-    // If the file containing the fetch is named 'AdminPanel' but route points to 'Products', note it.
-    if (fileBase !== 'index' && fileBase !== 'api' && routeBase && !fileBase.includes(routeBase) && !routeBase.includes(fileBase)) {
+  for (const ep of endpoints) {
+    if (!ep.sourceFile || !ep.route) continue;
+    const fileBase  = path.basename(ep.sourceFile).split('.')[0].toLowerCase();
+    const routeBase = (ep.controllerName ?? '').toLowerCase();
+    if (
+      fileBase !== 'index' &&
+      fileBase !== 'api'   &&
+      routeBase            &&
+      !fileBase.includes(routeBase) &&
+      !routeBase.includes(fileBase)
+    ) {
       inconsistencies.push({
-        file: ep.sourceFile,
+        file:       ep.sourceFile,
         routeCalled: ep.route,
-        warning: `Path Scanner: File '${fileBase}' calls unrelated route '${routeBase}'. Potential naming drift.`
+        warning:    `File '${fileBase}' calls unrelated route '${routeBase}' — possible naming drift`,
       });
     }
-  });
+  }
   return inconsistencies;
+}
+// ── performLowCostPathScan (alias for performPathScan) ────────────────────
+export async function performLowCostPathScan(srcDir, endpoints) {
+  return performPathScan(endpoints);
 }
-// -------------------------
-// NEW v7.0: Component Component Tree Extractor (DOM Sync Level 2)
-// -------------------------
-export async function extractComponentTreeTypes(frontendSrcDir) {
-  // A heuristic simulation of live DOM cross-checking:
-  // Parses JSX tags (<input type="date">) to build forced validations.
-  if (!fs.existsSync(frontendSrcDir)) return [];
-  const files = await glob(`${normalizeSlashes(frontendSrcDir)}/**/*.{jsx,tsx}`, {
-    ignore: ["**/node_modules/**", "**/dist/**", "**/build/**"]
-  });
+// ── extractComponentTreeTypes ─────────────────────────────────────────────
+export async function extractComponentTreeTypes(srcDir) {
+  if (!fs.existsSync(srcDir)) return [];
-  const extractedTypes = [];
-  for (const file of files) {
+  const files = await glob(
+    `${normalizeSlashes(srcDir)}/**/*.{jsx,tsx,ts,js}`,
+    { ignore: ['**/node_modules/**', '**/dist/**', '**/build/**'] }
+  );
+  const typeMap = {};
+  await withConcurrency(files, async (file) => {
     try {
-      const code = await fs.readFile(file, "utf-8");
-      if (code.includes('type="date"')) extractedTypes.push({ file, fieldType: 'Date', rawHTMLType: 'date' });
-      if (code.includes('type="number"')) extractedTypes.push({ file, fieldType: 'Number', rawHTMLType: 'number' });
-      if (code.includes('type="email"')) extractedTypes.push({ file, fieldType: 'Email', rawHTMLType: 'email' });
+      const code = await fs.readFile(file, 'utf-8');
+      const ast  = parser.parse(code, PARSE_OPTIONS);
+      traverse(ast, {
+        TSPropertySignature(nodePath) {
+          const key = nodePath.node.key?.name;
+          const ann = nodePath.node.typeAnnotation?.typeAnnotation;
+          if (!key || !ann) return;
+          const tsMap = {
+            TSStringKeyword:  'String',
+            TSNumberKeyword:  'Number',
+            TSBooleanKeyword: 'Boolean',
+          };
+          if (tsMap[ann.type]) typeMap[key] = tsMap[ann.type];
+        },
+      });
     } catch {}
-  }
+  }, PARALLEL_LIMIT);
-  return extractedTypes;
+  return Object.entries(typeMap).map(([field, type]) => ({ field, type }));
 }