depwire-cli 0.9.30 → 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +53 -7
- package/dist/{chunk-FUIZQCYB.js → chunk-5BQLGAUL.js} +6 -6
- package/dist/{chunk-WUSXCZXA.js → chunk-IYKS66CG.js} +763 -156
- package/dist/index.js +4 -4
- package/dist/mcpb-entry.js +2 -2
- package/dist/parser/grammars/tree-sitter-c_sharp.wasm +0 -0
- package/dist/sdk.js +1 -1
- package/package.json +2 -1
package/README.md
CHANGED
|
@@ -39,6 +39,8 @@ This isn't a model problem. It's a context problem. The AI is flying blind.
|
|
|
39
39
|
|
|
40
40
|
|
|
41
41
|
|
|
42
|
+
Depwire is the context and safety layer for AI-generated code.
|
|
43
|
+
|
|
42
44
|
Depwire sits between your AI and your codebase. It builds a complete dependency graph using tree-sitter — deterministic, not probabilistic — and serves it to your AI through 17 MCP tools.
|
|
43
45
|
|
|
44
46
|
Four guarantees:
|
|
@@ -59,9 +61,9 @@ npm install -g depwire-cli
|
|
|
59
61
|
Three commands to understand any codebase:
|
|
60
62
|
|
|
61
63
|
```bash
|
|
62
|
-
depwire
|
|
63
|
-
depwire
|
|
64
|
-
depwire
|
|
64
|
+
depwire whatif # know what breaks before you change anything
|
|
65
|
+
depwire security # catch vulnerabilities before AI ships them
|
|
66
|
+
depwire viz # see your entire architecture instantly
|
|
65
67
|
```
|
|
66
68
|
|
|
67
69
|
---
|
|
@@ -103,7 +105,7 @@ Run without `--simulate` to open the browser UI — side-by-side arc diagrams sh
|
|
|
103
105
|
|
|
104
106
|
## Security scanner
|
|
105
107
|
|
|
106
|
-
AI
|
|
108
|
+
AI will confidently ship vulnerable code. Depwire stops it before production.
|
|
107
109
|
|
|
108
110
|
```bash
|
|
109
111
|
depwire security . # full repo scan
|
|
@@ -292,9 +294,53 @@ The SDK is the stable public API surface. All integrations should import from `d
|
|
|
292
294
|
|
|
293
295
|
## Language support
|
|
294
296
|
|
|
295
|
-
TypeScript, JavaScript, Python, Go, Rust, C — with cross-language edge detection between all supported languages.
|
|
297
|
+
TypeScript, JavaScript, Python, Go, Rust, C, C# — with cross-language edge detection between all supported languages.
|
|
298
|
+
|
|
299
|
+
---
|
|
300
|
+
|
|
301
|
+
## GitHub Action — PR Impact Analysis
|
|
302
|
+
|
|
303
|
+
Depwire integrates into your CI/CD pipeline via the [depwire-action](https://github.com/depwire/depwire-action) GitHub Action.
|
|
304
|
+
|
|
305
|
+
On every pull request it automatically posts a dependency impact report — which symbols changed, what breaks, health score before and after. Code reviewers see the architectural blast radius before merging.
|
|
306
|
+
|
|
307
|
+
Add to `.github/workflows/depwire.yml`:
|
|
308
|
+
|
|
309
|
+
```yaml
|
|
310
|
+
name: Depwire PR Impact
|
|
311
|
+
on:
|
|
312
|
+
pull_request:
|
|
313
|
+
branches: [main]
|
|
314
|
+
|
|
315
|
+
permissions:
|
|
316
|
+
contents: read
|
|
317
|
+
pull-requests: write
|
|
318
|
+
|
|
319
|
+
jobs:
|
|
320
|
+
depwire:
|
|
321
|
+
runs-on: ubuntu-latest
|
|
322
|
+
steps:
|
|
323
|
+
- uses: actions/checkout@v4
|
|
324
|
+
with:
|
|
325
|
+
fetch-depth: 0
|
|
326
|
+
- uses: actions/setup-node@v4
|
|
327
|
+
with:
|
|
328
|
+
node-version: '20'
|
|
329
|
+
- uses: depwire/depwire-action@v1
|
|
330
|
+
with:
|
|
331
|
+
github-token: ${{ secrets.GITHUB_TOKEN }}
|
|
332
|
+
```
|
|
333
|
+
|
|
334
|
+
Block PRs that hurt your architecture:
|
|
335
|
+
|
|
336
|
+
```yaml
|
|
337
|
+
- uses: depwire/depwire-action@v1
|
|
338
|
+
with:
|
|
339
|
+
github-token: ${{ secrets.GITHUB_TOKEN }}
|
|
340
|
+
fail-on-score-drop: 5
|
|
341
|
+
```
|
|
296
342
|
|
|
297
|
-
|
|
343
|
+
[GitHub Marketplace](https://github.com/marketplace/actions/depwire-pr-impact) — [depwire-action repo](https://github.com/depwire/depwire-action)
|
|
298
344
|
|
|
299
345
|
---
|
|
300
346
|
|
|
@@ -312,7 +358,7 @@ C# / .NET support coming in v1.1.
|
|
|
312
358
|
**Shipped**
|
|
313
359
|
- Arc diagram visualization
|
|
314
360
|
- 17 MCP tools
|
|
315
|
-
- Multi-language support (TypeScript, JavaScript, Python, Go, Rust, C)
|
|
361
|
+
- Multi-language support (TypeScript, JavaScript, Python, Go, Rust, C, C#)
|
|
316
362
|
- Architecture health score
|
|
317
363
|
- Dead code detection
|
|
318
364
|
- Temporal graph
|
|
@@ -16,7 +16,7 @@ import {
|
|
|
16
16
|
parseTypeScriptFile,
|
|
17
17
|
scanSecurity,
|
|
18
18
|
searchSymbols
|
|
19
|
-
} from "./chunk-
|
|
19
|
+
} from "./chunk-IYKS66CG.js";
|
|
20
20
|
|
|
21
21
|
// src/viz/data.ts
|
|
22
22
|
import { basename } from "path";
|
|
@@ -122,7 +122,7 @@ function watchProject(projectRoot, callbacks) {
|
|
|
122
122
|
const watcher = chokidar.watch(projectRoot, watcherOptions);
|
|
123
123
|
console.error("[Watcher] Attaching event listeners...");
|
|
124
124
|
watcher.on("change", (absolutePath) => {
|
|
125
|
-
const validExtensions = [".ts", ".tsx", ".js", ".jsx", ".mjs", ".cjs", ".py", ".go", ".rs", ".c", ".h"];
|
|
125
|
+
const validExtensions = [".ts", ".tsx", ".js", ".jsx", ".mjs", ".cjs", ".py", ".go", ".rs", ".c", ".h", ".cs", ".csx", ".csproj"];
|
|
126
126
|
if (!validExtensions.some((ext) => absolutePath.endsWith(ext))) return;
|
|
127
127
|
if (absolutePath.endsWith("_test.go")) return;
|
|
128
128
|
const relativePath = absolutePath.replace(projectRoot + "/", "");
|
|
@@ -130,7 +130,7 @@ function watchProject(projectRoot, callbacks) {
|
|
|
130
130
|
callbacks.onFileChanged(relativePath);
|
|
131
131
|
});
|
|
132
132
|
watcher.on("add", (absolutePath) => {
|
|
133
|
-
const validExtensions = [".ts", ".tsx", ".js", ".jsx", ".mjs", ".cjs", ".py", ".go", ".rs", ".c", ".h"];
|
|
133
|
+
const validExtensions = [".ts", ".tsx", ".js", ".jsx", ".mjs", ".cjs", ".py", ".go", ".rs", ".c", ".h", ".cs", ".csx", ".csproj"];
|
|
134
134
|
if (!validExtensions.some((ext) => absolutePath.endsWith(ext))) return;
|
|
135
135
|
if (absolutePath.endsWith("_test.go")) return;
|
|
136
136
|
const relativePath = absolutePath.replace(projectRoot + "/", "");
|
|
@@ -138,7 +138,7 @@ function watchProject(projectRoot, callbacks) {
|
|
|
138
138
|
callbacks.onFileAdded(relativePath);
|
|
139
139
|
});
|
|
140
140
|
watcher.on("unlink", (absolutePath) => {
|
|
141
|
-
const validExtensions = [".ts", ".tsx", ".js", ".jsx", ".mjs", ".cjs", ".py", ".go", ".rs", ".c", ".h"];
|
|
141
|
+
const validExtensions = [".ts", ".tsx", ".js", ".jsx", ".mjs", ".cjs", ".py", ".go", ".rs", ".c", ".h", ".cs", ".csx", ".csproj"];
|
|
142
142
|
if (!validExtensions.some((ext) => absolutePath.endsWith(ext))) return;
|
|
143
143
|
if (absolutePath.endsWith("_test.go")) return;
|
|
144
144
|
const relativePath = absolutePath.replace(projectRoot + "/", "");
|
|
@@ -156,10 +156,10 @@ function watchProject(projectRoot, callbacks) {
|
|
|
156
156
|
for (const dir of dirs) {
|
|
157
157
|
const files = watched[dir];
|
|
158
158
|
fileCount += files.filter(
|
|
159
|
-
(f) => f.endsWith(".ts") || f.endsWith(".tsx") || f.endsWith(".js") || f.endsWith(".jsx") || f.endsWith(".mjs") || f.endsWith(".cjs") || f.endsWith(".py") || f.endsWith(".go") && !f.endsWith("_test.go") || f.endsWith(".rs") || f.endsWith(".c") || f.endsWith(".h")
|
|
159
|
+
(f) => f.endsWith(".ts") || f.endsWith(".tsx") || f.endsWith(".js") || f.endsWith(".jsx") || f.endsWith(".mjs") || f.endsWith(".cjs") || f.endsWith(".py") || f.endsWith(".go") && !f.endsWith("_test.go") || f.endsWith(".rs") || f.endsWith(".c") || f.endsWith(".h") || f.endsWith(".cs") || f.endsWith(".csx") || f.endsWith(".csproj")
|
|
160
160
|
).length;
|
|
161
161
|
}
|
|
162
|
-
console.error(`[Watcher] Watching ${fileCount} TypeScript/JavaScript/Python/Go/Rust/C files in ${dirs.length} directories`);
|
|
162
|
+
console.error(`[Watcher] Watching ${fileCount} TypeScript/JavaScript/Python/Go/Rust/C/C# files in ${dirs.length} directories`);
|
|
163
163
|
});
|
|
164
164
|
return watcher;
|
|
165
165
|
}
|