depwire-cli 1.1.0 → 1.1.1

package/dist/{chunk-WLKW7X7G.js → chunk-Y2CGCAMZ.js}

@@ -37,8 +37,9 @@ function scanDirectory(rootDir, baseDir = rootDir) {
         const isJava = entry.endsWith(".java") || entry === "pom.xml" || entry === "build.gradle" || entry === "build.gradle.kts";
         const isKotlin = entry.endsWith(".kt") || entry.endsWith(".kts") || entry === "settings.gradle.kts" || entry === "settings.gradle";
         const isPhp = entry.endsWith(".php");
+        const isSwift = entry.endsWith(".swift");
         const isCppBuild = entry === "CMakeLists.txt" || entry === "conanfile.txt" || entry === "vcpkg.json";
-        if (isTypeScript || isJavaScript || isPython || isGo || isRust || isC || isCpp || isCSharp || isJava || isKotlin || isPhp || isCppBuild) {
+        if (isTypeScript || isJavaScript || isPython || isGo || isRust || isC || isCpp || isCSharp || isJava || isKotlin || isPhp || isSwift || isCppBuild) {
           files.push(relative(rootDir, fullPath));
         }
       }
@@ -84,6 +85,8 @@ function findProjectRoot(startDir = process.cwd()) {
     // Kotlin (Gradle KTS)
     "composer.json",
     // PHP
+    "Package.swift",
+    // Swift (SPM)
     ".git"
     // Any git repo
   ];
@@ -117,11 +120,11 @@ function findProjectRoot(startDir = process.cwd()) {
 }
 
 // src/parser/index.ts
-import { readFileSync as readFileSync10, statSync as statSync7 } from "fs";
-import { join as join13, resolve as resolve7 } from "path";
+import { readFileSync as readFileSync11, statSync as statSync8 } from "fs";
+import { join as join14, resolve as resolve8 } from "path";
 
 // src/parser/detect.ts
-import { extname as extname8, basename as basename6 } from "path";
+import { extname as extname9, basename as basename7 } from "path";
 
 // src/parser/wasm-init.ts
 import { Parser, Language } from "web-tree-sitter";
@@ -153,7 +156,8 @@ async function initParser() {
     "java": "tree-sitter-java.wasm",
     "cpp": "tree-sitter-cpp.wasm",
     "kotlin": "tree-sitter-kotlin.wasm",
-    "php": "tree-sitter-php.wasm"
+    "php": "tree-sitter-php.wasm",
+    "swift": "tree-sitter-swift.wasm"
   };
   for (const [name, file] of Object.entries(grammarFiles)) {
     const wasmPath = path.join(grammarsDir, file);
@@ -6151,13 +6155,601 @@ function resolvePhpInclude(includePath, currentFile, projectRoot) {
   if (existsSync12(relativePath)) {
     return relativeToRoot;
   }
-  const fromRoot = join12(projectRoot, includePath);
-  if (existsSync12(fromRoot)) {
-    return includePath;
+  const fromRoot = join12(projectRoot, includePath);
+  if (existsSync12(fromRoot)) {
+    return includePath;
+  }
+  return null;
+}
+function resolveSymbol10(name, context) {
+  if (context.imports.has(name)) {
+    return context.imports.get(name) || null;
+  }
+  const currentFileId = `${context.filePath}::${name}`;
+  if (context.symbols.find((s) => s.id === currentFileId)) {
+    return currentFileId;
+  }
+  if (context.currentClass) {
+    const classMethodId = `${context.filePath}::${context.currentClass}.${name}`;
+    if (context.symbols.find((s) => s.id === classMethodId)) {
+      return classMethodId;
+    }
+  }
+  return null;
+}
+function getModifiers2(node, context) {
+  const modifiers = [];
+  for (let i = 0; i < node.childCount; i++) {
+    const child = node.child(i);
+    if (!child) continue;
+    const type = child.type;
+    if (type === "visibility_modifier" || type === "static_modifier" || type === "abstract_modifier" || type === "final_modifier" || type === "readonly_modifier") {
+      modifiers.push(nodeText10(child, context).trim());
+    }
+  }
+  return modifiers;
+}
+function extractQualifiedName(node, context) {
+  const nameNode = findDescendantByTypes3(node, ["name", "qualified_name", "namespace_name"]);
+  if (!nameNode) return null;
+  const text = nodeText10(nameNode, context).trim();
+  if (!text) return null;
+  const parts = text.split("\\");
+  return parts[parts.length - 1];
+}
+function findChildByType11(node, type) {
+  for (let i = 0; i < node.childCount; i++) {
+    const child = node.child(i);
+    if (child && child.type === type) return child;
+  }
+  return null;
+}
+function findChildrenByType5(node, type) {
+  const results = [];
+  for (let i = 0; i < node.childCount; i++) {
+    const child = node.child(i);
+    if (child && child.type === type) results.push(child);
+  }
+  return results;
+}
+function findDescendantByTypes3(node, types) {
+  for (let i = 0; i < node.childCount; i++) {
+    const child = node.child(i);
+    if (!child) continue;
+    if (types.includes(child.type)) return child;
+    const found = findDescendantByTypes3(child, types);
+    if (found) return found;
+  }
+  return null;
+}
+function nodeText10(node, context) {
+  return context.sourceCode.substring(node.startIndex, node.endIndex);
+}
+function getCurrentSymbolId11(context) {
+  if (context.currentScope.length === 0) return null;
+  return `${context.filePath}::${context.currentScope[context.currentScope.length - 1]}`;
+}
+var phpParser = {
+  name: "php",
+  extensions: [".php"],
+  parseFile: parsePhpFile
+};
+
+// src/parser/swift.ts
+import { dirname as dirname12, join as join13, basename as basename6 } from "path";
+import { existsSync as existsSync13, readdirSync as readdirSync10, statSync as statSync7 } from "fs";
+function parseSwiftFile(filePath, sourceCode, projectRoot) {
+  if (filePath.endsWith("Package.swift")) {
+    return parsePackageSwift(filePath, sourceCode, projectRoot);
+  }
+  const parser = getParser("swift");
+  const tree = parser.parse(sourceCode, null, { bufferSize: 1024 * 1024 });
+  const context = {
+    filePath,
+    projectRoot,
+    sourceCode,
+    symbols: [],
+    edges: [],
+    currentScope: [],
+    currentClass: null,
+    currentModule: null,
+    imports: /* @__PURE__ */ new Map(),
+    isPackageFile: false
+  };
+  walkNode12(tree.rootNode, context);
+  return {
+    filePath,
+    symbols: context.symbols,
+    edges: context.edges
+  };
+}
+function walkNode12(node, context) {
+  const handled = processNode12(node, context);
+  if (handled) return;
+  for (let i = 0; i < node.childCount; i++) {
+    const child = node.child(i);
+    if (child) {
+      walkNode12(child, context);
+    }
+  }
+}
+function processNode12(node, context) {
+  switch (node.type) {
+    case "import_declaration":
+      processImportDeclaration3(node, context);
+      return false;
+    case "class_declaration":
+      processClassDeclaration7(node, context);
+      return true;
+    // handles its own children
+    case "protocol_declaration":
+      processProtocolDeclaration(node, context);
+      return true;
+    // handles its own children
+    case "function_declaration":
+      processFunctionDeclaration5(node, context);
+      return true;
+    // handles its own children
+    case "init_declaration":
+      processInitDeclaration(node, context);
+      return true;
+    case "deinit_declaration":
+      processDeinitDeclaration(node, context);
+      return true;
+    case "property_declaration":
+    case "variable_declaration":
+      processPropertyDeclaration4(node, context);
+      return false;
+    case "typealias_declaration":
+      processTypealiasDeclaration(node, context);
+      return false;
+    case "associatedtype_declaration":
+      processAssociatedTypeDeclaration(node, context);
+      return false;
+    case "call_expression":
+      processCallExpression12(node, context);
+      return false;
+    default:
+      return false;
+  }
+}
+function processImportDeclaration3(node, context) {
+  const text = nodeText11(node, context).trim();
+  const match = text.match(/^import\s+(?:(?:typealias|struct|class|enum|protocol|let|var|func)\s+)?(.+)$/);
+  if (!match) return;
+  const importPath = match[1].trim();
+  const resolvedPath = resolveSwiftImport(importPath, context.filePath, context.projectRoot);
+  if (resolvedPath) {
+    const sourceId = `${context.filePath}::__file__`;
+    const targetId = `${resolvedPath}::__file__`;
+    context.edges.push({
+      source: sourceId,
+      target: targetId,
+      kind: "imports",
+      filePath: context.filePath,
+      line: node.startPosition.row + 1
+    });
+    const parts = importPath.split(".");
+    const simpleName = parts[parts.length - 1];
+    context.imports.set(simpleName, `${resolvedPath}::${simpleName}`);
+  }
+  const symbolId = `${context.filePath}::import:${importPath}`;
+  context.symbols.push({
+    id: symbolId,
+    name: importPath,
+    kind: "import",
+    filePath: context.filePath,
+    startLine: node.startPosition.row + 1,
+    endLine: node.endPosition.row + 1,
+    exported: false
+  });
+}
+function processClassDeclaration7(node, context) {
+  let keyword = "class";
+  for (let i = 0; i < node.childCount; i++) {
+    const child = node.child(i);
+    if (child && ["class", "struct", "actor", "enum", "extension"].includes(child.type)) {
+      keyword = child.type;
+      break;
+    }
+  }
+  if (keyword === "extension") {
+    const typeNode = findChildByType12(node, "user_type") || findChildByType12(node, "type_identifier");
+    const extName = typeNode ? nodeText11(typeNode, context).trim() : "Unknown";
+    const name2 = `${extName}+ext`;
+    const symbolId2 = `${context.filePath}::${name2}`;
+    context.symbols.push({
+      id: symbolId2,
+      name: name2,
+      kind: "class",
+      filePath: context.filePath,
+      startLine: node.startPosition.row + 1,
+      endLine: node.endPosition.row + 1,
+      exported: true
+    });
+    const oldClass2 = context.currentClass;
+    context.currentClass = extName;
+    context.currentScope.push(extName);
+    const body2 = findChildByType12(node, "class_body");
+    if (body2) {
+      walkNode12(body2, context);
+    }
+    context.currentScope.pop();
+    context.currentClass = oldClass2;
+    return;
+  }
+  const nameNode = findChildByType12(node, "type_identifier") || findChildByType12(node, "simple_identifier");
+  if (!nameNode) return;
+  const name = nodeText11(nameNode, context);
+  const modifiers = getModifiers3(node, context);
+  const exported = !modifiers.includes("private") && !modifiers.includes("fileprivate");
+  const scope = context.currentClass || void 0;
+  const symbolId = `${context.filePath}::${name}`;
+  let kind = "class";
+  if (keyword === "enum") kind = "enum";
+  else if (keyword === "struct" || keyword === "actor") kind = "class";
+  context.symbols.push({
+    id: symbolId,
+    name,
+    kind,
+    filePath: context.filePath,
+    startLine: node.startPosition.row + 1,
+    endLine: node.endPosition.row + 1,
+    exported,
+    scope
+  });
+  processInheritance(node, symbolId, context);
+  if (keyword === "enum") {
+    processEnumCases(node, name, context);
+  }
+  const oldClass = context.currentClass;
+  context.currentClass = name;
+  context.currentScope.push(name);
+  const body = findChildByType12(node, "class_body");
+  if (body) {
+    walkNode12(body, context);
+  }
+  context.currentScope.pop();
+  context.currentClass = oldClass;
+}
+function processProtocolDeclaration(node, context) {
+  const nameNode = findChildByType12(node, "type_identifier") || findChildByType12(node, "simple_identifier");
+  if (!nameNode) return;
+  const name = nodeText11(nameNode, context);
+  const modifiers = getModifiers3(node, context);
+  const exported = !modifiers.includes("private") && !modifiers.includes("fileprivate");
+  const symbolId = `${context.filePath}::${name}`;
+  context.symbols.push({
+    id: symbolId,
+    name,
+    kind: "interface",
+    filePath: context.filePath,
+    startLine: node.startPosition.row + 1,
+    endLine: node.endPosition.row + 1,
+    exported
+  });
+  processInheritance(node, symbolId, context);
+  const oldClass = context.currentClass;
+  context.currentClass = name;
+  context.currentScope.push(name);
+  const body = findChildByType12(node, "protocol_body");
+  if (body) {
+    walkNode12(body, context);
+  }
+  context.currentScope.pop();
+  context.currentClass = oldClass;
+}
+function processFunctionDeclaration5(node, context) {
+  const nameNode = findChildByType12(node, "simple_identifier");
+  if (!nameNode) return;
+  const name = nodeText11(nameNode, context);
+  const modifiers = getModifiers3(node, context);
+  const exported = !modifiers.includes("private") && !modifiers.includes("fileprivate");
+  const scope = context.currentClass || void 0;
+  const symbolId = scope ? `${context.filePath}::${scope}.${name}` : `${context.filePath}::${name}`;
+  context.symbols.push({
+    id: symbolId,
+    name,
+    kind: context.currentClass ? "method" : "function",
+    filePath: context.filePath,
+    startLine: node.startPosition.row + 1,
+    endLine: node.endPosition.row + 1,
+    exported,
+    scope
+  });
+  const scopeName = scope ? `${scope}.${name}` : name;
+  context.currentScope.push(scopeName);
+  const body = findChildByType12(node, "function_body") || findChildByType12(node, "code_block");
+  if (body) {
+    walkNode12(body, context);
+  }
+  context.currentScope.pop();
+}
+function processInitDeclaration(node, context) {
+  const scope = context.currentClass || void 0;
+  if (!scope) return;
+  const name = "init";
+  const symbolId = `${context.filePath}::${scope}.${name}:${node.startPosition.row + 1}`;
+  context.symbols.push({
+    id: symbolId,
+    name,
+    kind: "method",
+    filePath: context.filePath,
+    startLine: node.startPosition.row + 1,
+    endLine: node.endPosition.row + 1,
+    exported: true,
+    scope
+  });
+  const scopeName = `${scope}.${name}`;
+  context.currentScope.push(scopeName);
+  const body = findChildByType12(node, "function_body") || findChildByType12(node, "code_block");
+  if (body) {
+    walkNode12(body, context);
+  }
+  context.currentScope.pop();
+}
+function processDeinitDeclaration(node, context) {
+  const scope = context.currentClass || void 0;
+  if (!scope) return;
+  const name = "deinit";
+  const symbolId = `${context.filePath}::${scope}.${name}`;
+  context.symbols.push({
+    id: symbolId,
+    name,
+    kind: "method",
+    filePath: context.filePath,
+    startLine: node.startPosition.row + 1,
+    endLine: node.endPosition.row + 1,
+    exported: true,
+    scope
+  });
+}
+function processPropertyDeclaration4(node, context) {
+  const nameNode = findChildByType12(node, "simple_identifier") || findChildByType12(node, "pattern");
+  if (!nameNode) return;
+  const name = nodeText11(nameNode, context).trim();
+  if (!name || name.includes(" ")) return;
+  const modifiers = getModifiers3(node, context);
+  const exported = !modifiers.includes("private") && !modifiers.includes("fileprivate");
+  const scope = context.currentClass || void 0;
+  const text = nodeText11(node, context);
+  const isConst = text.trimStart().startsWith("let");
+  const symbolId = scope ? `${context.filePath}::${scope}.${name}` : `${context.filePath}::${name}`;
+  context.symbols.push({
+    id: symbolId,
+    name,
+    kind: isConst ? "constant" : "property",
+    filePath: context.filePath,
+    startLine: node.startPosition.row + 1,
+    endLine: node.endPosition.row + 1,
+    exported,
+    scope
+  });
+}
+function processTypealiasDeclaration(node, context) {
+  const nameNode = findChildByType12(node, "type_identifier") || findChildByType12(node, "simple_identifier");
+  if (!nameNode) return;
+  const name = nodeText11(nameNode, context);
+  const symbolId = `${context.filePath}::${name}`;
+  context.symbols.push({
+    id: symbolId,
+    name,
+    kind: "type_alias",
+    filePath: context.filePath,
+    startLine: node.startPosition.row + 1,
+    endLine: node.endPosition.row + 1,
+    exported: true
+  });
+}
+function processAssociatedTypeDeclaration(node, context) {
+  const nameNode = findChildByType12(node, "type_identifier") || findChildByType12(node, "simple_identifier");
+  if (!nameNode) return;
+  const name = nodeText11(nameNode, context);
+  const scope = context.currentClass || void 0;
+  const symbolId = scope ? `${context.filePath}::${scope}.${name}` : `${context.filePath}::${name}`;
+  context.symbols.push({
+    id: symbolId,
+    name,
+    kind: "type_alias",
+    filePath: context.filePath,
+    startLine: node.startPosition.row + 1,
+    endLine: node.endPosition.row + 1,
+    exported: true,
+    scope
+  });
+}
+function processCallExpression12(node, context) {
+  if (context.currentScope.length === 0) return;
+  const firstChild = node.child(0);
+  if (!firstChild) return;
+  let calleeName = null;
+  if (firstChild.type === "simple_identifier") {
+    calleeName = nodeText11(firstChild, context);
+  } else if (firstChild.type === "navigation_expression" || firstChild.type === "member_access") {
+    for (let i = firstChild.childCount - 1; i >= 0; i--) {
+      const child = firstChild.child(i);
+      if (child && (child.type === "simple_identifier" || child.type === "navigation_suffix")) {
+        calleeName = nodeText11(child, context).replace(/^\./, "");
+        break;
+      }
+    }
+  }
+  if (!calleeName) return;
+  const builtins = /* @__PURE__ */ new Set([
+    "print",
+    "debugPrint",
+    "dump",
+    "fatalError",
+    "precondition",
+    "assert",
+    "preconditionFailure",
+    "assertionFailure",
+    "map",
+    "filter",
+    "reduce",
+    "forEach",
+    "flatMap",
+    "compactMap",
+    "sorted",
+    "contains",
+    "first",
+    "last",
+    "count",
+    "isEmpty",
+    "append",
+    "remove",
+    "insert",
+    "removeAll",
+    "String",
+    "Int",
+    "Double",
+    "Float",
+    "Bool",
+    "Array",
+    "Dictionary",
+    "Set",
+    "DispatchQueue",
+    "Task",
+    "withCheckedContinuation",
+    "withCheckedThrowingContinuation"
+  ]);
+  if (builtins.has(calleeName)) return;
+  const callerId = getCurrentSymbolId12(context);
+  if (!callerId) return;
+  const calleeId = resolveSymbol11(calleeName, context);
+  if (calleeId) {
+    context.edges.push({
+      source: callerId,
+      target: calleeId,
+      kind: "calls",
+      filePath: context.filePath,
+      line: node.startPosition.row + 1
+    });
+  }
+}
+function processInheritance(node, sourceId, context) {
+  const inheritanceClause = findChildByType12(node, "inheritance_specifier") || findChildByType12(node, "type_inheritance_clause");
+  if (!inheritanceClause) return;
+  const text = nodeText11(node, context);
+  const colonMatch = text.match(/:\s*([^{]+)/);
+  if (!colonMatch) return;
+  const types = colonMatch[1].split(",").map((t) => t.trim().split("<")[0].trim());
+  for (const typeName of types) {
+    if (!typeName || typeName.includes("{") || typeName.includes("where")) break;
+    const baseId = resolveSymbol11(typeName, context);
+    if (baseId) {
+      context.edges.push({
+        source: sourceId,
+        target: baseId,
+        kind: "implements",
+        filePath: context.filePath,
+        line: node.startPosition.row + 1
+      });
+    }
+  }
+}
+function processEnumCases(node, enumName, context) {
+  const text = nodeText11(node, context);
+  const caseMatches = text.matchAll(/\bcase\s+(\w+)/g);
+  for (const match of caseMatches) {
+    const caseName = match[1];
+    if (caseName === enumName) continue;
+    const constId = `${context.filePath}::${enumName}.${caseName}`;
+    context.symbols.push({
+      id: constId,
+      name: caseName,
+      kind: "constant",
+      filePath: context.filePath,
+      startLine: node.startPosition.row + 1,
+      endLine: node.endPosition.row + 1,
+      exported: true,
+      scope: enumName
+    });
+  }
+}
+function parsePackageSwift(filePath, sourceCode, projectRoot) {
+  const symbols = [];
+  const edges = [];
+  const lines = sourceCode.split("\n");
+  const nameMatch = sourceCode.match(/name\s*:\s*["']([^"']+)["']/);
+  const packageName = nameMatch ? nameMatch[1] : basename6(dirname12(join13(projectRoot, filePath)));
+  symbols.push({
+    id: `${filePath}::${packageName}`,
+    name: packageName,
+    kind: "module",
+    filePath,
+    startLine: 1,
+    endLine: lines.length,
+    exported: true
+  });
+  for (let i = 0; i < lines.length; i++) {
+    const line = lines[i].trim();
+    const lineNum = i + 1;
+    const depMatch = line.match(/\.package\s*\(\s*(?:url\s*:\s*)?["']([^"']+)["']/);
+    if (depMatch) {
+      const depUrl = depMatch[1];
+      const depName = depUrl.split("/").pop()?.replace(/\.git$/, "") || depUrl;
+      symbols.push({
+        id: `${filePath}::dep:${depName}`,
+        name: depName,
+        kind: "import",
+        filePath,
+        startLine: lineNum,
+        endLine: lineNum,
+        exported: false
+      });
+    }
+    const targetMatch = line.match(/\.(?:target|executableTarget|testTarget)\s*\(\s*name\s*:\s*["']([^"']+)["']/);
+    if (targetMatch) {
+      symbols.push({
+        id: `${filePath}::target:${targetMatch[1]}`,
+        name: targetMatch[1],
+        kind: "module",
+        filePath,
+        startLine: lineNum,
+        endLine: lineNum,
+        exported: true
+      });
+    }
+  }
+  return { filePath, symbols, edges };
+}
+function resolveSwiftImport(importPath, currentFile, projectRoot) {
+  const parts = importPath.split(".");
+  const moduleName = parts[0];
+  const sourceRoots = [
+    "",
+    "Sources",
+    `Sources/${moduleName}`,
+    "src",
+    `src/${moduleName}`
+  ];
+  for (const root of sourceRoots) {
+    const candidate = root ? join13(root, moduleName + ".swift") : moduleName + ".swift";
+    const fullPath = join13(projectRoot, candidate);
+    if (existsSync13(fullPath)) {
+      return candidate;
+    }
+  }
+  for (const root of sourceRoots) {
+    const dirCandidate = root || moduleName;
+    const fullDir = join13(projectRoot, dirCandidate);
+    if (existsSync13(fullDir)) {
+      try {
+        const stats = statSync7(fullDir);
+        if (stats.isDirectory()) {
+          const swiftFiles = readdirSync10(fullDir).filter((f) => f.endsWith(".swift"));
+          if (swiftFiles.length > 0) {
+            return join13(dirCandidate, swiftFiles[0]);
+          }
+        }
+      } catch {
+      }
+    }
   }
   return null;
 }
-function resolveSymbol10(name, context) {
+function resolveSymbol11(name, context) {
   if (context.imports.has(name)) {
     return context.imports.get(name) || null;
   }
@@ -6173,62 +6765,44 @@ function resolveSymbol10(name, context) {
   }
   return null;
 }
-function getModifiers2(node, context) {
+function getModifiers3(node, context) {
   const modifiers = [];
-  for (let i = 0; i < node.childCount; i++) {
-    const child = node.child(i);
-    if (!child) continue;
-    const type = child.type;
-    if (type === "visibility_modifier" || type === "static_modifier" || type === "abstract_modifier" || type === "final_modifier" || type === "readonly_modifier") {
-      modifiers.push(nodeText10(child, context).trim());
+  const modList = findChildByType12(node, "modifiers") || findChildByType12(node, "modifier");
+  if (modList) {
+    for (let i = 0; i < modList.childCount; i++) {
+      const child = modList.child(i);
+      if (child) {
+        const text2 = nodeText11(child, context).trim();
+        if (text2) modifiers.push(text2);
+      }
     }
   }
+  const text = nodeText11(node, context);
+  if (text.match(/\bprivate\b/)) modifiers.push("private");
+  if (text.match(/\bfileprivate\b/)) modifiers.push("fileprivate");
+  if (text.match(/\binternal\b/)) modifiers.push("internal");
+  if (text.match(/\bpublic\b/)) modifiers.push("public");
+  if (text.match(/\bopen\b/)) modifiers.push("open");
   return modifiers;
 }
-function extractQualifiedName(node, context) {
-  const nameNode = findDescendantByTypes3(node, ["name", "qualified_name", "namespace_name"]);
-  if (!nameNode) return null;
-  const text = nodeText10(nameNode, context).trim();
-  if (!text) return null;
-  const parts = text.split("\\");
-  return parts[parts.length - 1];
-}
-function findChildByType11(node, type) {
+function findChildByType12(node, type) {
   for (let i = 0; i < node.childCount; i++) {
     const child = node.child(i);
     if (child && child.type === type) return child;
   }
   return null;
 }
-function findChildrenByType5(node, type) {
-  const results = [];
-  for (let i = 0; i < node.childCount; i++) {
-    const child = node.child(i);
-    if (child && child.type === type) results.push(child);
-  }
-  return results;
-}
-function findDescendantByTypes3(node, types) {
-  for (let i = 0; i < node.childCount; i++) {
-    const child = node.child(i);
-    if (!child) continue;
-    if (types.includes(child.type)) return child;
-    const found = findDescendantByTypes3(child, types);
-    if (found) return found;
-  }
-  return null;
-}
-function nodeText10(node, context) {
+function nodeText11(node, context) {
   return context.sourceCode.substring(node.startIndex, node.endIndex);
 }
-function getCurrentSymbolId11(context) {
+function getCurrentSymbolId12(context) {
   if (context.currentScope.length === 0) return null;
   return `${context.filePath}::${context.currentScope[context.currentScope.length - 1]}`;
 }
-var phpParser = {
-  name: "php",
-  extensions: [".php"],
-  parseFile: parsePhpFile
+var swiftParser = {
+  name: "swift",
+  extensions: [".swift", "Package.swift"],
+  parseFile: parseSwiftFile
 };
 
 // src/parser/detect.ts
@@ -6243,12 +6817,13 @@ var parsers = [
   javaParser,
   cppParser,
   kotlinParser,
-  phpParser
+  phpParser,
+  swiftParser
 ];
 var CPP_KEYWORDS = /\b(?:class|namespace|template|public:|private:|protected:|virtual|nullptr|constexpr|auto\s+\w+\s*=|using\s+\w+\s*=|static_cast|dynamic_cast|reinterpret_cast|const_cast|noexcept|override|final|decltype|concept|requires|co_await|co_yield|co_return|std::)\b/;
 function getParserForFile(filePath, content) {
-  const ext = extname8(filePath).toLowerCase();
-  const fileName = basename6(filePath);
+  const ext = extname9(filePath).toLowerCase();
+  const fileName = basename7(filePath);
   if (ext === ".h" && content) {
     if (CPP_KEYWORDS.test(content)) {
       return cppParser;
@@ -6266,7 +6841,7 @@ import { minimatch } from "minimatch";
 var MAX_FILE_SIZE = 1e6;
 function shouldParseFile(fullPath) {
   try {
-    const stats = statSync7(fullPath);
+    const stats = statSync8(fullPath);
     if (stats.size > MAX_FILE_SIZE) {
       console.error(`[Parser] Skipping ${fullPath} \u2014 file too large (${(stats.size / 1024).toFixed(0)}KB)`);
       return false;
@@ -6284,8 +6859,8 @@ async function parseProject(projectRoot, options) {
   let errorFiles = 0;
   for (const file of files) {
     try {
-      const fullPath = join13(projectRoot, file);
-      if (!resolve7(fullPath).startsWith(resolve7(projectRoot))) {
+      const fullPath = join14(projectRoot, file);
+      if (!resolve8(fullPath).startsWith(resolve8(projectRoot))) {
         skippedFiles++;
         continue;
       }
@@ -6308,7 +6883,7 @@ async function parseProject(projectRoot, options) {
       if (options?.verbose) {
         console.error(`[Parser] Parsing: ${file}`);
       }
-      const sourceCode = readFileSync10(fullPath, "utf-8");
+      const sourceCode = readFileSync11(fullPath, "utf-8");
       const parser = getParserForFile(file, sourceCode);
       if (!parser) {
         console.error(`No parser found for file: ${file}`);
@@ -6337,8 +6912,8 @@ async function parseProject(projectRoot, options) {
 }
 
 // src/cross-language/detectors/rest-api.ts
-import { readFileSync as readFileSync11 } from "fs";
-import { join as join14, resolve as resolve8 } from "path";
+import { readFileSync as readFileSync12 } from "fs";
+import { join as join15, resolve as resolve9 } from "path";
 function getLanguage(filePath) {
   if (filePath.endsWith(".ts") || filePath.endsWith(".tsx")) return "typescript";
   if (filePath.endsWith(".js") || filePath.endsWith(".jsx") || filePath.endsWith(".mjs") || filePath.endsWith(".cjs")) return "javascript";
@@ -6348,6 +6923,7 @@ function getLanguage(filePath) {
   if (filePath.endsWith(".java")) return "java";
   if (filePath.endsWith(".kt") || filePath.endsWith(".kts")) return "kotlin";
   if (filePath.endsWith(".php")) return "php";
+  if (filePath.endsWith(".swift")) return "swift";
   if (filePath.endsWith(".cpp") || filePath.endsWith(".cc") || filePath.endsWith(".cxx") || filePath.endsWith(".c++") || filePath.endsWith(".hpp") || filePath.endsWith(".hh") || filePath.endsWith(".hxx") || filePath.endsWith(".h++") || filePath.endsWith(".h") || filePath.endsWith(".inl") || filePath.endsWith(".ipp")) return "cpp";
   return "unknown";
 }
@@ -6767,6 +7343,45 @@ function extractRouteDefinitions(source, filePath) {
         });
       }
     }
+    if (lang === "swift") {
+      const vaporMatch = line.match(/(?:app|router|routes)\s*\.\s*(get|post|put|delete|patch)\s*\(\s*["']([^"']+)["']/i);
+      if (vaporMatch) {
+        let path6 = vaporMatch[2];
+        if (!path6.startsWith("/")) path6 = "/" + path6;
+        routes.push({
+          method: vaporMatch[1].toUpperCase(),
+          path: path6,
+          normalizedPath: normalizePath(path6),
+          file: filePath,
+          line: i + 1
+        });
+      }
+      const hbMatch = line.match(/router\s*\.\s*(get|post|put|delete|patch)\s*\(\s*["']([^"']+)["']/i);
+      if (hbMatch && !vaporMatch) {
+        let path6 = hbMatch[2];
+        if (!path6.startsWith("/")) path6 = "/" + path6;
+        routes.push({
+          method: hbMatch[1].toUpperCase(),
+          path: path6,
+          normalizedPath: normalizePath(path6),
+          file: filePath,
+          line: i + 1
+        });
+      }
+      const perfectMatch = line.match(/routes\s*\.\s*add\s*\([^)]*uri\s*:\s*["']([^"']+)["']/);
+      if (perfectMatch) {
+        const path6 = perfectMatch[1].startsWith("/") ? perfectMatch[1] : "/" + perfectMatch[1];
+        const methodMatch = line.match(/method\s*:\s*\.(\w+)/);
+        const method = methodMatch ? methodMatch[1].toUpperCase() : "ANY";
+        routes.push({
+          method,
+          path: path6,
+          normalizedPath: normalizePath(path6),
+          file: filePath,
+          line: i + 1
+        });
+      }
+    }
     if (lang === "cpp") {
       const crowMatch = line.match(/CROW_ROUTE\s*\(\s*\w+\s*,\s*"([^"]+)"/);
       if (crowMatch) {
@@ -6881,11 +7496,11 @@ function detectRestApiEdges(files, projectRoot) {
   const allCalls = [];
   const allRoutes = [];
   for (const file of files) {
-    const fullPath = join14(projectRoot, file.filePath);
-    if (!resolve8(fullPath).startsWith(resolve8(projectRoot))) continue;
+    const fullPath = join15(projectRoot, file.filePath);
+    if (!resolve9(fullPath).startsWith(resolve9(projectRoot))) continue;
     let source;
     try {
-      source = readFileSync11(fullPath, "utf-8");
+      source = readFileSync12(fullPath, "utf-8");
     } catch {
       continue;
     }
@@ -6905,6 +7520,30 @@ function detectRestApiEdges(files, projectRoot) {
         }
       }
     }
+    if (lang === "swift") {
+      const swiftLines = source.split("\n");
+      for (let i = 0; i < swiftLines.length; i++) {
+        const line = swiftLines[i];
+        const urlMatch = line.match(/URL\s*\(\s*string\s*:\s*["']([^"']+)["']/);
+        if (urlMatch) {
+          const path6 = urlMatch[1];
+          if (isLocalApiPath(path6)) {
+            const methodMatch = line.match(/httpMethod\s*=\s*["'](\w+)["']/);
+            const method = methodMatch ? methodMatch[1].toUpperCase() : "GET";
+            allCalls.push({ method, path: cleanPath(path6), file: file.filePath, line: i + 1 });
+          }
+        }
+        const afMatch = line.match(/AF\s*\.\s*(?:request|upload|download)\s*\(\s*["']([^"']+)["']/);
+        if (afMatch) {
+          const path6 = afMatch[1];
+          if (isLocalApiPath(path6)) {
+            const methodMatch = line.match(/method\s*:\s*\.(\w+)/);
+            const method = methodMatch ? methodMatch[1].toUpperCase() : "GET";
+            allCalls.push({ method, path: cleanPath(path6), file: file.filePath, line: i + 1 });
+          }
+        }
+      }
+    }
     if (lang === "php") {
       const phpLines = source.split("\n");
       for (let i = 0; i < phpLines.length; i++) {
@@ -6961,8 +7600,8 @@ function detectRestApiEdges(files, projectRoot) {
 }
 
 // src/cross-language/detectors/subprocess.ts
-import { readFileSync as readFileSync12 } from "fs";
-import { join as join15, resolve as resolve9, basename as basename7 } from "path";
+import { readFileSync as readFileSync13 } from "fs";
+import { join as join16, resolve as resolve10, basename as basename8 } from "path";
 var SCRIPT_EXTENSIONS = [".py", ".js", ".ts", ".go", ".rs"];
 function getLanguage2(filePath) {
   if (filePath.endsWith(".ts") || filePath.endsWith(".tsx")) return "typescript";
@@ -7061,16 +7700,16 @@ function detectSubprocessEdges(files, projectRoot) {
   const knownFiles = new Set(files.map((f) => f.filePath));
   const basenameMap = /* @__PURE__ */ new Map();
   for (const f of files) {
-    const base = basename7(f.filePath);
+    const base = basename8(f.filePath);
     if (!basenameMap.has(base)) basenameMap.set(base, []);
     basenameMap.get(base).push(f.filePath);
   }
   for (const file of files) {
-    const fullPath = join15(projectRoot, file.filePath);
-    if (!resolve9(fullPath).startsWith(resolve9(projectRoot))) continue;
+    const fullPath = join16(projectRoot, file.filePath);
+    if (!resolve10(fullPath).startsWith(resolve10(projectRoot))) continue;
     let source;
     try {
-      source = readFileSync12(fullPath, "utf-8");
+      source = readFileSync13(fullPath, "utf-8");
     } catch {
       continue;
     }
@@ -7082,7 +7721,7 @@ function detectSubprocessEdges(files, projectRoot) {
         targetFile = call.calledFile;
         confidence = "high";
       } else {
-        const base = basename7(call.calledFile);
+        const base = basename8(call.calledFile);
         const candidates = basenameMap.get(base);
         if (candidates && candidates.length > 0) {
           const exactCandidate = candidates.find((c) => c.endsWith(call.calledFile));
@@ -7461,7 +8100,7 @@ function getArchitectureSummary(graph) {
 }
 
 // src/health/metrics.ts
-import { dirname as dirname12 } from "path";
+import { dirname as dirname13 } from "path";
 function scoreToGrade(score) {
   if (score >= 90) return "A";
   if (score >= 80) return "B";
@@ -7494,8 +8133,8 @@ function calculateCouplingScore(graph) {
       totalEdges++;
       fileConnections.set(sourceAttrs.filePath, (fileConnections.get(sourceAttrs.filePath) || 0) + 1);
       fileConnections.set(targetAttrs.filePath, (fileConnections.get(targetAttrs.filePath) || 0) + 1);
-      const sourceDir = dirname12(sourceAttrs.filePath).split("/")[0];
-      const targetDir = dirname12(targetAttrs.filePath).split("/")[0];
+      const sourceDir = dirname13(sourceAttrs.filePath).split("/")[0];
+      const targetDir = dirname13(targetAttrs.filePath).split("/")[0];
       if (sourceDir !== targetDir) {
         crossDirEdges++;
       }
@@ -7542,8 +8181,8 @@ function calculateCohesionScore(graph) {
     const sourceAttrs = graph.getNodeAttributes(source);
     const targetAttrs = graph.getNodeAttributes(target);
     if (sourceAttrs.filePath !== targetAttrs.filePath) {
-      const sourceDir = dirname12(sourceAttrs.filePath);
-      const targetDir = dirname12(targetAttrs.filePath);
+      const sourceDir = dirname13(sourceAttrs.filePath);
+      const targetDir = dirname13(targetAttrs.filePath);
       if (!dirEdges.has(sourceDir)) {
         dirEdges.set(sourceDir, { internal: 0, total: 0 });
       }
@@ -7825,8 +8464,8 @@ function calculateDepthScore(graph) {
 }
 
 // src/health/index.ts
-import { readFileSync as readFileSync13, writeFileSync, existsSync as existsSync13, mkdirSync } from "fs";
-import { dirname as dirname13, resolve as resolve10 } from "path";
+import { readFileSync as readFileSync14, writeFileSync, existsSync as existsSync14, mkdirSync } from "fs";
+import { dirname as dirname14, resolve as resolve11 } from "path";
 function calculateHealthScore(graph, projectRoot) {
   const coupling = calculateCouplingScore(graph);
   const cohesion = calculateCohesionScore(graph);
@@ -7925,8 +8564,8 @@ function getHealthTrend(projectRoot, currentScore) {
   }
 }
 function saveHealthHistory(projectRoot, report) {
-  const resolvedRoot = resolve10(projectRoot);
-  const historyFile = resolve10(resolvedRoot, ".depwire", "health-history.json");
+  const resolvedRoot = resolve11(projectRoot);
+  const historyFile = resolve11(resolvedRoot, ".depwire", "health-history.json");
   if (!historyFile.startsWith(resolvedRoot)) {
     return;
   }
@@ -7941,10 +8580,10 @@ function saveHealthHistory(projectRoot, report) {
     }))
   };
   let history = [];
-  if (existsSync13(historyFile)) {
+  if (existsSync14(historyFile)) {
     try {
       if (!historyFile.startsWith(resolvedRoot)) return;
-      const content = readFileSync13(historyFile, "utf-8");
+      const content = readFileSync14(historyFile, "utf-8");
       history = JSON.parse(content);
     } catch {
     }
@@ -7953,19 +8592,19 @@ function saveHealthHistory(projectRoot, report) {
   if (history.length > 50) {
     history = history.slice(-50);
   }
-  mkdirSync(dirname13(historyFile), { recursive: true });
+  mkdirSync(dirname14(historyFile), { recursive: true });
   if (!historyFile.startsWith(resolvedRoot)) return;
   writeFileSync(historyFile, JSON.stringify(history, null, 2), "utf-8");
 }
 function loadHealthHistory(projectRoot) {
-  const resolvedRoot = resolve10(projectRoot);
-  const historyFile = resolve10(resolvedRoot, ".depwire", "health-history.json");
-  if (!historyFile.startsWith(resolvedRoot) || !existsSync13(historyFile)) {
+  const resolvedRoot = resolve11(projectRoot);
+  const historyFile = resolve11(resolvedRoot, ".depwire", "health-history.json");
+  if (!historyFile.startsWith(resolvedRoot) || !existsSync14(historyFile)) {
     return [];
   }
   try {
     if (!historyFile.startsWith(resolvedRoot)) return [];
-    const content = readFileSync13(historyFile, "utf-8");
+    const content = readFileSync14(historyFile, "utf-8");
     return JSON.parse(content);
   } catch {
     return [];
@@ -7974,7 +8613,7 @@ function loadHealthHistory(projectRoot) {
 
 // src/dead-code/detector.ts
 import path2 from "path";
-import { readFileSync as readFileSync14, existsSync as existsSync14 } from "fs";
+import { readFileSync as readFileSync15, existsSync as existsSync15 } from "fs";
 function findDeadSymbols(graph, projectRoot, includeTests = false, debug = false) {
   const deadSymbols = [];
   const context = { graph, projectRoot };
@@ -8107,11 +8746,11 @@ function getPackageEntryPoints(projectRoot) {
   const entryPoints = /* @__PURE__ */ new Set();
   const resolvedRoot = path2.resolve(projectRoot);
   const packageJsonPath = path2.resolve(resolvedRoot, "package.json");
-  if (!packageJsonPath.startsWith(resolvedRoot) || !existsSync14(packageJsonPath)) {
+  if (!packageJsonPath.startsWith(resolvedRoot) || !existsSync15(packageJsonPath)) {
     return entryPoints;
   }
   try {
-    const packageJson = JSON.parse(readFileSync14(packageJsonPath, "utf-8"));
+    const packageJson = JSON.parse(readFileSync15(packageJsonPath, "utf-8"));
     if (packageJson.main) {
       entryPoints.add(path2.resolve(projectRoot, packageJson.main));
     }
@@ -8171,6 +8810,9 @@ function shouldExclude(attrs, context, includeTests, packageEntryPoints) {
   if (isPhpExcluded(attrs)) {
     return "framework";
   }
+  if (isSwiftExcluded(attrs)) {
+    return "framework";
+  }
   return null;
 }
 function isRealPackageEntryPoint(filePath, packageEntryPoints) {
@@ -8301,6 +8943,45 @@ function isPhpExcluded(attrs) {
   if (name.startsWith("test") || name === "setUp" || name === "tearDown" || name === "setUpBeforeClass" || name === "tearDownAfterClass") return true;
   return false;
 }
+function isSwiftExcluded(attrs) {
+  const filePath = attrs.file || attrs.filePath || "";
+  const name = attrs.name || "";
+  if (!filePath.endsWith(".swift")) return false;
+  if (name === "main") return true;
+  const appLifecycle = [
+    "application",
+    "applicationDidFinishLaunching",
+    "applicationWillTerminate",
+    "applicationDidBecomeActive",
+    "applicationWillResignActive",
+    "applicationDidEnterBackground",
+    "applicationWillEnterForeground",
+    "scene",
+    "sceneDidDisconnect",
+    "sceneDidBecomeActive",
+    "sceneWillResignActive",
+    "sceneWillEnterForeground",
+    "sceneDidEnterBackground"
+  ];
+  if (appLifecycle.includes(name)) return true;
+  if (name === "body" || name === "previews") return true;
+  const protocolMethods = [
+    "hash",
+    "encode",
+    "init",
+    "deinit",
+    "tableView",
+    "collectionView",
+    "numberOfSections",
+    "numberOfRowsInSection",
+    "cellForRowAt",
+    "didSelectRowAt"
+  ];
+  if (protocolMethods.includes(name)) return true;
+  if (["encode", "decode", "init(from:)"].includes(name)) return true;
+  if (name.startsWith("test") || name === "setUp" || name === "tearDown" || name === "setUpWithError" || name === "tearDownWithError") return true;
+  return false;
+}
 
 // src/dead-code/classifier.ts
 import path3 from "path";
@@ -8367,8 +9048,8 @@ function generateReason(symbol, confidence) {
   return "Potentially unused";
 }
 function isBarrelFile(filePath) {
-  const basename11 = path3.basename(filePath);
-  return basename11 === "index.ts" || basename11 === "index.js";
+  const basename12 = path3.basename(filePath);
+  return basename12 === "index.ts" || basename12 === "index.js";
 }
 function isTestFile2(filePath) {
   return filePath.includes("__tests__/") || filePath.includes(".test.") || filePath.includes(".spec.") || filePath.includes("/test/") || filePath.includes("/tests/");
@@ -8547,11 +9228,11 @@ function filterByConfidence(symbols, minConfidence) {
 }
 
 // src/docs/generator.ts
-import { writeFileSync as writeFileSync3, mkdirSync as mkdirSync2, existsSync as existsSync17 } from "fs";
-import { join as join19 } from "path";
+import { writeFileSync as writeFileSync3, mkdirSync as mkdirSync2, existsSync as existsSync18 } from "fs";
+import { join as join20 } from "path";
 
 // src/docs/architecture.ts
-import { dirname as dirname14 } from "path";
+import { dirname as dirname15 } from "path";
 
 // src/docs/templates.ts
 function header(text, level = 1) {
@@ -8702,7 +9383,7 @@ function generateModuleStructure(graph) {
 function getDirectoryStats(graph) {
   const dirMap = /* @__PURE__ */ new Map();
   graph.forEachNode((node, attrs) => {
-    const dir = dirname14(attrs.filePath);
+    const dir = dirname15(attrs.filePath);
     if (dir === ".") return;
     if (!dirMap.has(dir)) {
       dirMap.set(dir, {
@@ -8727,7 +9408,7 @@ function getDirectoryStats(graph) {
   });
   const filesPerDir = /* @__PURE__ */ new Map();
   graph.forEachNode((node, attrs) => {
-    const dir = dirname14(attrs.filePath);
+    const dir = dirname15(attrs.filePath);
     if (!filesPerDir.has(dir)) {
       filesPerDir.set(dir, /* @__PURE__ */ new Set());
     }
@@ -8742,8 +9423,8 @@ function getDirectoryStats(graph) {
   graph.forEachEdge((edge, attrs, source, target) => {
     const sourceAttrs = graph.getNodeAttributes(source);
     const targetAttrs = graph.getNodeAttributes(target);
-    const sourceDir = dirname14(sourceAttrs.filePath);
-    const targetDir = dirname14(targetAttrs.filePath);
+    const sourceDir = dirname15(sourceAttrs.filePath);
+    const targetDir = dirname15(targetAttrs.filePath);
     if (sourceDir !== targetDir) {
       if (!dirEdges.has(sourceDir)) {
         dirEdges.set(sourceDir, { in: 0, out: 0 });
@@ -8950,7 +9631,7 @@ function detectCycles(graph) {
 }
 
 // src/docs/conventions.ts
-import { basename as basename8, extname as extname9 } from "path";
+import { basename as basename9, extname as extname10 } from "path";
 function generateConventions(graph, projectRoot, version) {
   let output = "";
   const now = (/* @__PURE__ */ new Date()).toISOString().split("T")[0];
@@ -8988,7 +9669,7 @@ function generateFileOrganization(graph) {
   graph.forEachNode((node, attrs) => {
     if (!files.has(attrs.filePath)) {
       files.add(attrs.filePath);
-      const fileName = basename8(attrs.filePath);
+      const fileName = basename9(attrs.filePath);
       if (fileName === "index.ts" || fileName === "index.js" || fileName === "index.tsx" || fileName === "index.jsx") {
         barrelFileCount++;
       }
@@ -9047,7 +9728,7 @@ function generateNamingPatterns(graph) {
   graph.forEachNode((node, attrs) => {
     if (!files.has(attrs.filePath)) {
       files.add(attrs.filePath);
-      const fileName = basename8(attrs.filePath, extname9(attrs.filePath));
+      const fileName = basename9(attrs.filePath, extname10(attrs.filePath));
       if (isCamelCase(fileName)) patterns.files.camelCase++;
       else if (isPascalCase(fileName)) patterns.files.PascalCase++;
       else if (isKebabCase(fileName)) patterns.files.kebabCase++;
@@ -9724,7 +10405,7 @@ function detectCyclesDetailed(graph) {
 }
 
 // src/docs/onboarding.ts
-import { dirname as dirname15 } from "path";
+import { dirname as dirname16 } from "path";
 function generateOnboarding(graph, projectRoot, version) {
   let output = "";
   const now = (/* @__PURE__ */ new Date()).toISOString().split("T")[0];
@@ -9783,7 +10464,7 @@ function generateQuickOrientation(graph) {
   const primaryLang = Object.entries(languages2).sort((a, b) => b[1] - a[1])[0];
   const dirs = /* @__PURE__ */ new Set();
   graph.forEachNode((node, attrs) => {
-    const dir = dirname15(attrs.filePath);
+    const dir = dirname16(attrs.filePath);
     if (dir !== ".") {
       const topLevel = dir.split("/")[0];
       dirs.add(topLevel);
@@ -9887,7 +10568,7 @@ function generateModuleMap(graph) {
 function getDirectoryStats2(graph) {
   const dirMap = /* @__PURE__ */ new Map();
   graph.forEachNode((node, attrs) => {
-    const dir = dirname15(attrs.filePath);
+    const dir = dirname16(attrs.filePath);
     if (dir === ".") return;
     if (!dirMap.has(dir)) {
       dirMap.set(dir, {
@@ -9902,7 +10583,7 @@ function getDirectoryStats2(graph) {
   });
   const filesPerDir = /* @__PURE__ */ new Map();
   graph.forEachNode((node, attrs) => {
-    const dir = dirname15(attrs.filePath);
+    const dir = dirname16(attrs.filePath);
     if (!filesPerDir.has(dir)) {
       filesPerDir.set(dir, /* @__PURE__ */ new Set());
     }
@@ -9917,8 +10598,8 @@ function getDirectoryStats2(graph) {
   graph.forEachEdge((edge, attrs, source, target) => {
     const sourceAttrs = graph.getNodeAttributes(source);
     const targetAttrs = graph.getNodeAttributes(target);
-    const sourceDir = dirname15(sourceAttrs.filePath);
-    const targetDir = dirname15(targetAttrs.filePath);
+    const sourceDir = dirname16(sourceAttrs.filePath);
+    const targetDir = dirname16(targetAttrs.filePath);
     if (sourceDir !== targetDir) {
       if (!dirEdges.has(sourceDir)) {
         dirEdges.set(sourceDir, { in: 0, out: 0 });
@@ -9999,7 +10680,7 @@ function detectClusters(graph) {
   const dirFiles = /* @__PURE__ */ new Map();
   const fileEdges = /* @__PURE__ */ new Map();
   graph.forEachNode((node, attrs) => {
-    const dir = dirname15(attrs.filePath);
+    const dir = dirname16(attrs.filePath);
     if (!dirFiles.has(dir)) {
       dirFiles.set(dir, /* @__PURE__ */ new Set());
     }
@@ -10053,8 +10734,8 @@ function inferClusterName(files) {
   if (sortedWords.length > 0 && sortedWords[0][1] > 1) {
     return capitalizeFirst2(sortedWords[0][0]);
   }
-  const commonDir = dirname15(files[0]);
-  if (files.every((f) => dirname15(f) === commonDir)) {
+  const commonDir = dirname16(files[0]);
+  if (files.every((f) => dirname16(f) === commonDir)) {
     return capitalizeFirst2(commonDir.split("/").pop() || "Core");
   }
   return "Core";
@@ -10112,7 +10793,7 @@ function generateDepwireUsage(projectRoot) {
 }
 
 // src/docs/files.ts
-import { dirname as dirname16, basename as basename9 } from "path";
+import { dirname as dirname17, basename as basename10 } from "path";
 function generateFiles(graph, projectRoot, version) {
   let output = "";
   const now = (/* @__PURE__ */ new Date()).toISOString().split("T")[0];
@@ -10216,7 +10897,7 @@ function generateDirectoryBreakdown(graph) {
   const fileStats = getFileStats2(graph);
   const dirMap = /* @__PURE__ */ new Map();
   for (const file of fileStats) {
-    const dir = dirname16(file.filePath);
+    const dir = dirname17(file.filePath);
     const topDir = dir === "." ? "." : dir.split("/")[0];
     if (!dirMap.has(topDir)) {
       dirMap.set(topDir, {
@@ -10231,7 +10912,7 @@ function generateDirectoryBreakdown(graph) {
     dirStats.symbolCount += file.symbolCount;
     if (file.totalConnections > dirStats.maxConnections) {
       dirStats.maxConnections = file.totalConnections;
-      dirStats.mostConnectedFile = basename9(file.filePath);
+      dirStats.mostConnectedFile = basename10(file.filePath);
     }
   }
   if (dirMap.size === 0) {
@@ -10859,7 +11540,7 @@ function generateRecommendations(graph) {
 }
 
 // src/docs/tests.ts
-import { basename as basename10, dirname as dirname17 } from "path";
+import { basename as basename11, dirname as dirname18 } from "path";
 function generateTests(graph, projectRoot, version) {
   let output = "";
   const now = (/* @__PURE__ */ new Date()).toISOString().split("T")[0];
@@ -10887,8 +11568,8 @@ function getFileCount8(graph) {
   return files.size;
 }
 function isTestFile3(filePath) {
-  const fileName = basename10(filePath).toLowerCase();
-  const dirPath = dirname17(filePath).toLowerCase();
+  const fileName = basename11(filePath).toLowerCase();
+  const dirPath = dirname18(filePath).toLowerCase();
   if (dirPath.includes("test") || dirPath.includes("spec") || dirPath.includes("__tests__")) {
     return true;
   }
@@ -10946,13 +11627,13 @@ function generateTestFileInventory(graph) {
   return output;
 }
 function matchTestToSource(testFile) {
-  const testFileName = basename10(testFile);
-  const testDir = dirname17(testFile);
+  const testFileName = basename11(testFile);
+  const testDir = dirname18(testFile);
   let sourceFileName = testFileName.replace(/\.test\./g, ".").replace(/\.spec\./g, ".").replace(/_test\./g, ".").replace(/_spec\./g, ".");
   const possiblePaths = [];
   possiblePaths.push(testDir + "/" + sourceFileName);
   if (testDir.endsWith("/test") || testDir.endsWith("/tests") || testDir.endsWith("/__tests__")) {
-    const parentDir = dirname17(testDir);
+    const parentDir = dirname18(testDir);
     possiblePaths.push(parentDir + "/" + sourceFileName);
   }
   if (testDir.includes("test")) {
@@ -11108,7 +11789,7 @@ function generateTestCoverageMap(graph) {
   const rows = mappings.slice(0, 30).map((m) => [
     `\`${m.sourceFile}\``,
     m.hasTest ? "\u2705" : "\u274C",
-    m.testFile ? `\`${basename10(m.testFile)}\`` : "-",
+    m.testFile ? `\`${basename11(m.testFile)}\`` : "-",
     formatNumber(m.symbolCount)
   ]);
   let output = table(headers, rows);
@@ -11149,7 +11830,7 @@ function generateTestStatistics(graph) {
 `;
   const dirTestCoverage = /* @__PURE__ */ new Map();
   for (const sourceFile of sourceFiles) {
-    const dir = dirname17(sourceFile).split("/")[0];
+    const dir = dirname18(sourceFile).split("/")[0];
     if (!dirTestCoverage.has(dir)) {
       dirTestCoverage.set(dir, { total: 0, tested: 0 });
     }
@@ -11172,7 +11853,7 @@ function generateTestStatistics(graph) {
 }
 
 // src/docs/history.ts
-import { dirname as dirname18 } from "path";
+import { dirname as dirname19 } from "path";
 import { execSync } from "child_process";
 function generateHistory(graph, projectRoot, version) {
   let output = "";
@@ -11453,7 +12134,7 @@ function generateFeatureClusters(graph) {
   const dirFiles = /* @__PURE__ */ new Map();
   const fileEdges = /* @__PURE__ */ new Map();
   graph.forEachNode((node, attrs) => {
-    const dir = dirname18(attrs.filePath);
+    const dir = dirname19(attrs.filePath);
     if (!dirFiles.has(dir)) {
       dirFiles.set(dir, /* @__PURE__ */ new Set());
     }
@@ -11535,7 +12216,7 @@ function capitalizeFirst3(str) {
 }
 
 // src/docs/current.ts
-import { dirname as dirname19 } from "path";
+import { dirname as dirname20 } from "path";
 function generateCurrent(graph, projectRoot, version) {
   let output = "";
   const now = (/* @__PURE__ */ new Date()).toISOString().split("T")[0];
@@ -11673,7 +12354,7 @@ function generateCompleteFileIndex(graph) {
   fileInfos.sort((a, b) => a.filePath.localeCompare(b.filePath));
   const dirGroups = /* @__PURE__ */ new Map();
   for (const info of fileInfos) {
-    const dir = dirname19(info.filePath);
+    const dir = dirname20(info.filePath);
     const topDir = dir === "." ? "root" : dir.split("/")[0];
     if (!dirGroups.has(topDir)) {
       dirGroups.set(topDir, []);
@@ -11884,8 +12565,8 @@ function getTopLevelDir2(filePath) {
 }
 
 // src/docs/status.ts
-import { readFileSync as readFileSync15, existsSync as existsSync15 } from "fs";
-import { resolve as resolve11 } from "path";
+import { readFileSync as readFileSync16, existsSync as existsSync16 } from "fs";
+import { resolve as resolve12 } from "path";
 function generateStatus(graph, projectRoot, version) {
   let output = "";
   const now = (/* @__PURE__ */ new Date()).toISOString().split("T")[0];
@@ -11918,16 +12599,16 @@ function getFileCount11(graph) {
 }
 function extractComments(projectRoot, filePath) {
   const comments = [];
-  const resolvedRoot = resolve11(projectRoot);
-  const fullPath = resolve11(resolvedRoot, filePath);
+  const resolvedRoot = resolve12(projectRoot);
+  const fullPath = resolve12(resolvedRoot, filePath);
   if (!fullPath.startsWith(resolvedRoot)) {
     return comments;
   }
-  if (!existsSync15(fullPath)) {
+  if (!existsSync16(fullPath)) {
     return comments;
   }
   try {
-    const content = readFileSync15(fullPath, "utf-8");
+    const content = readFileSync16(fullPath, "utf-8");
     const lines = content.split("\n");
     const patterns = [
       { type: "TODO", regex: /(?:\/\/|#|\/\*)\s*TODO:?\s*(.+)/i },
@@ -12506,16 +13187,16 @@ function generateConfidenceSection(title, description, symbols, projectRoot) {
 }
 
 // src/docs/metadata.ts
-import { existsSync as existsSync16, readFileSync as readFileSync16, writeFileSync as writeFileSync2 } from "fs";
-import { resolve as resolve12 } from "path";
+import { existsSync as existsSync17, readFileSync as readFileSync17, writeFileSync as writeFileSync2 } from "fs";
+import { resolve as resolve13 } from "path";
 function loadMetadata(outputDir) {
-  const resolvedDir = resolve12(outputDir);
-  const metadataPath = resolve12(resolvedDir, "metadata.json");
-  if (!metadataPath.startsWith(resolvedDir) || !existsSync16(metadataPath)) {
+  const resolvedDir = resolve13(outputDir);
+  const metadataPath = resolve13(resolvedDir, "metadata.json");
+  if (!metadataPath.startsWith(resolvedDir) || !existsSync17(metadataPath)) {
     return null;
   }
   try {
-    const content = readFileSync16(metadataPath, "utf-8");
+    const content = readFileSync17(metadataPath, "utf-8");
     return JSON.parse(content);
   } catch (err) {
     console.error("Failed to load metadata:", err);
@@ -12523,8 +13204,8 @@ function loadMetadata(outputDir) {
   }
 }
 function saveMetadata(outputDir, metadata) {
-  const resolvedDir = resolve12(outputDir);
-  const metadataPath = resolve12(resolvedDir, "metadata.json");
+  const resolvedDir = resolve13(outputDir);
+  const metadataPath = resolve13(resolvedDir, "metadata.json");
   if (!metadataPath.startsWith(resolvedDir)) {
     throw new Error(`Path traversal attempt blocked: ${metadataPath}`);
   }
@@ -12570,7 +13251,7 @@ async function generateDocs(graph, projectRoot, version, parseTime, options) {
   const generated = [];
   const errors = [];
   try {
-    if (!existsSync17(options.outputDir)) {
+    if (!existsSync18(options.outputDir)) {
       mkdirSync2(options.outputDir, { recursive: true });
       if (options.verbose) {
         console.log(`Created output directory: ${options.outputDir}`);
@@ -12609,7 +13290,7 @@ async function generateDocs(graph, projectRoot, version, parseTime, options) {
         try {
           if (options.verbose) console.log("Generating ARCHITECTURE.md...");
           const content = generateArchitecture(graph, projectRoot, version, parseTime);
-          const filePath = join19(options.outputDir, "ARCHITECTURE.md");
+          const filePath = join20(options.outputDir, "ARCHITECTURE.md");
           writeFileSync3(filePath, content, "utf-8");
           generated.push("ARCHITECTURE.md");
         } catch (err) {
@@ -12620,7 +13301,7 @@ async function generateDocs(graph, projectRoot, version, parseTime, options) {
         try {
           if (options.verbose) console.log("Generating CONVENTIONS.md...");
           const content = generateConventions(graph, projectRoot, version);
-          const filePath = join19(options.outputDir, "CONVENTIONS.md");
+          const filePath = join20(options.outputDir, "CONVENTIONS.md");
           writeFileSync3(filePath, content, "utf-8");
           generated.push("CONVENTIONS.md");
         } catch (err) {
@@ -12631,7 +13312,7 @@ async function generateDocs(graph, projectRoot, version, parseTime, options) {
         try {
           if (options.verbose) console.log("Generating DEPENDENCIES.md...");
           const content = generateDependencies(graph, projectRoot, version);
-          const filePath = join19(options.outputDir, "DEPENDENCIES.md");
+          const filePath = join20(options.outputDir, "DEPENDENCIES.md");
           writeFileSync3(filePath, content, "utf-8");
           generated.push("DEPENDENCIES.md");
         } catch (err) {
@@ -12642,7 +13323,7 @@ async function generateDocs(graph, projectRoot, version, parseTime, options) {
         try {
           if (options.verbose) console.log("Generating ONBOARDING.md...");
           const content = generateOnboarding(graph, projectRoot, version);
-          const filePath = join19(options.outputDir, "ONBOARDING.md");
+          const filePath = join20(options.outputDir, "ONBOARDING.md");
           writeFileSync3(filePath, content, "utf-8");
           generated.push("ONBOARDING.md");
         } catch (err) {
@@ -12653,7 +13334,7 @@ async function generateDocs(graph, projectRoot, version, parseTime, options) {
         try {
           if (options.verbose) console.log("Generating FILES.md...");
           const content = generateFiles(graph, projectRoot, version);
-          const filePath = join19(options.outputDir, "FILES.md");
+          const filePath = join20(options.outputDir, "FILES.md");
           writeFileSync3(filePath, content, "utf-8");
           generated.push("FILES.md");
         } catch (err) {
@@ -12664,7 +13345,7 @@ async function generateDocs(graph, projectRoot, version, parseTime, options) {
         try {
           if (options.verbose) console.log("Generating API_SURFACE.md...");
           const content = generateApiSurface(graph, projectRoot, version);
-          const filePath = join19(options.outputDir, "API_SURFACE.md");
+          const filePath = join20(options.outputDir, "API_SURFACE.md");
           writeFileSync3(filePath, content, "utf-8");
           generated.push("API_SURFACE.md");
         } catch (err) {
@@ -12675,7 +13356,7 @@ async function generateDocs(graph, projectRoot, version, parseTime, options) {
         try {
           if (options.verbose) console.log("Generating ERRORS.md...");
           const content = generateErrors(graph, projectRoot, version);
-          const filePath = join19(options.outputDir, "ERRORS.md");
+          const filePath = join20(options.outputDir, "ERRORS.md");
           writeFileSync3(filePath, content, "utf-8");
           generated.push("ERRORS.md");
         } catch (err) {
@@ -12686,7 +13367,7 @@ async function generateDocs(graph, projectRoot, version, parseTime, options) {
         try {
           if (options.verbose) console.log("Generating TESTS.md...");
           const content = generateTests(graph, projectRoot, version);
-          const filePath = join19(options.outputDir, "TESTS.md");
+          const filePath = join20(options.outputDir, "TESTS.md");
           writeFileSync3(filePath, content, "utf-8");
           generated.push("TESTS.md");
         } catch (err) {
@@ -12697,7 +13378,7 @@ async function generateDocs(graph, projectRoot, version, parseTime, options) {
         try {
           if (options.verbose) console.log("Generating HISTORY.md...");
           const content = generateHistory(graph, projectRoot, version);
-          const filePath = join19(options.outputDir, "HISTORY.md");
+          const filePath = join20(options.outputDir, "HISTORY.md");
           writeFileSync3(filePath, content, "utf-8");
           generated.push("HISTORY.md");
         } catch (err) {
@@ -12708,7 +13389,7 @@ async function generateDocs(graph, projectRoot, version, parseTime, options) {
         try {
           if (options.verbose) console.log("Generating CURRENT.md...");
           const content = generateCurrent(graph, projectRoot, version);
-          const filePath = join19(options.outputDir, "CURRENT.md");
+          const filePath = join20(options.outputDir, "CURRENT.md");
           writeFileSync3(filePath, content, "utf-8");
           generated.push("CURRENT.md");
         } catch (err) {
@@ -12719,7 +13400,7 @@ async function generateDocs(graph, projectRoot, version, parseTime, options) {
         try {
           if (options.verbose) console.log("Generating STATUS.md...");
           const content = generateStatus(graph, projectRoot, version);
-          const filePath = join19(options.outputDir, "STATUS.md");
+          const filePath = join20(options.outputDir, "STATUS.md");
           writeFileSync3(filePath, content, "utf-8");
           generated.push("STATUS.md");
         } catch (err) {
@@ -12730,7 +13411,7 @@ async function generateDocs(graph, projectRoot, version, parseTime, options) {
         try {
           if (options.verbose) console.log("Generating HEALTH.md...");
           const content = generateHealth(graph, projectRoot, version);
-          const filePath = join19(options.outputDir, "HEALTH.md");
+          const filePath = join20(options.outputDir, "HEALTH.md");
           writeFileSync3(filePath, content, "utf-8");
           generated.push("HEALTH.md");
         } catch (err) {
@@ -12741,7 +13422,7 @@ async function generateDocs(graph, projectRoot, version, parseTime, options) {
         try {
           if (options.verbose) console.log("Generating DEAD_CODE.md...");
           const content = generateDeadCode(graph, projectRoot, version);
-          const filePath = join19(options.outputDir, "DEAD_CODE.md");
+          const filePath = join20(options.outputDir, "DEAD_CODE.md");
           writeFileSync3(filePath, content, "utf-8");
           generated.push("DEAD_CODE.md");
         } catch (err) {
@@ -12785,7 +13466,7 @@ function getFileCount13(graph) {
 }
 
 // src/simulation/engine.ts
-import { dirname as dirname20, join as join20 } from "path";
+import { dirname as dirname21, join as join21 } from "path";
 function normalizePath2(p) {
   return p.replace(/^\.\//, "").replace(/\/+$/, "");
 }
@@ -12917,7 +13598,7 @@ var SimulationEngine = class {
     }
   }
   applyRename(clone, target, newName, brokenImports) {
-    const destination = join20(dirname20(target), newName);
+    const destination = join21(dirname21(target), newName);
     this.applyMove(clone, target, destination, brokenImports);
   }
   applySplit(clone, target, newFile, symbols, brokenImports) {
@@ -13117,13 +13798,13 @@ var SimulationEngine = class {
 };
 
 // src/security/scanner.ts
-import { existsSync as existsSync19 } from "fs";
-import { join as join30 } from "path";
+import { existsSync as existsSync20 } from "fs";
+import { join as join31 } from "path";
 
 // src/security/checks/dependencies.ts
 import { execSync as execSync2 } from "child_process";
-import { existsSync as existsSync18, readFileSync as readFileSync17, readdirSync as readdirSync10 } from "fs";
-import { join as join21 } from "path";
+import { existsSync as existsSync19, readFileSync as readFileSync18, readdirSync as readdirSync11 } from "fs";
+import { join as join22 } from "path";
 function cvssToSeverity(score) {
   if (score >= 9) return "critical";
   if (score >= 7) return "high";
@@ -13133,18 +13814,18 @@ function cvssToSeverity(score) {
 async function checkDependencies(_files, projectRoot) {
   const findings = [];
   try {
-    if (existsSync18(join21(projectRoot, "package.json"))) {
+    if (existsSync19(join22(projectRoot, "package.json"))) {
       findings.push(...checkNpmAudit(projectRoot));
       findings.push(...checkPackageJsonPatterns(projectRoot));
       findings.push(...checkPostinstallScripts(projectRoot));
     }
-    if (existsSync18(join21(projectRoot, "requirements.txt")) || existsSync18(join21(projectRoot, "pyproject.toml"))) {
+    if (existsSync19(join22(projectRoot, "requirements.txt")) || existsSync19(join22(projectRoot, "pyproject.toml"))) {
       findings.push(...checkPipAudit(projectRoot));
     }
-    if (existsSync18(join21(projectRoot, "Cargo.toml"))) {
+    if (existsSync19(join22(projectRoot, "Cargo.toml"))) {
       findings.push(...checkCargoAudit(projectRoot));
     }
-    if (existsSync18(join21(projectRoot, "go.mod"))) {
+    if (existsSync19(join22(projectRoot, "go.mod"))) {
       findings.push(...checkGoVerify(projectRoot));
     }
   } catch (err) {
@@ -13233,8 +13914,8 @@ function checkNpmAudit(projectRoot) {
 function checkPackageJsonPatterns(projectRoot) {
   const findings = [];
   try {
-    const pkgPath = join21(projectRoot, "package.json");
-    const pkg = JSON.parse(readFileSync17(pkgPath, "utf-8"));
+    const pkgPath = join22(projectRoot, "package.json");
+    const pkg = JSON.parse(readFileSync18(pkgPath, "utf-8"));
     const allDeps = { ...pkg.dependencies, ...pkg.devDependencies };
     for (const [name, version] of Object.entries(allDeps)) {
       if (version.startsWith("^") || version.startsWith("~")) {
@@ -13256,15 +13937,15 @@ function checkPackageJsonPatterns(projectRoot) {
 }
 function checkPostinstallScripts(projectRoot) {
   const findings = [];
-  const nodeModules = join21(projectRoot, "node_modules");
-  if (!existsSync18(nodeModules)) return findings;
+  const nodeModules = join22(projectRoot, "node_modules");
+  if (!existsSync19(nodeModules)) return findings;
   try {
-    const topLevelDeps = readdirSync10(nodeModules).filter((d) => !d.startsWith("."));
+    const topLevelDeps = readdirSync11(nodeModules).filter((d) => !d.startsWith("."));
     for (const dep of topLevelDeps) {
-      const depPkgPath = join21(nodeModules, dep, "package.json");
-      if (!existsSync18(depPkgPath)) continue;
+      const depPkgPath = join22(nodeModules, dep, "package.json");
+      if (!existsSync19(depPkgPath)) continue;
       try {
-        const depPkg = JSON.parse(readFileSync17(depPkgPath, "utf-8"));
+        const depPkg = JSON.parse(readFileSync18(depPkgPath, "utf-8"));
         const scripts = depPkg.scripts || {};
         if (scripts.postinstall || scripts.preinstall || scripts.install) {
           const scriptName = scripts.postinstall ? "postinstall" : scripts.preinstall ? "preinstall" : "install";
@@ -13302,7 +13983,7 @@ function checkPipAudit(projectRoot) {
         id: "",
         severity: cvssToSeverity(vuln.cvss?.score || 5),
         vulnerabilityClass: "dependency-cve",
-        file: existsSync18(join21(projectRoot, "requirements.txt")) ? "requirements.txt" : "pyproject.toml",
+        file: existsSync19(join22(projectRoot, "requirements.txt")) ? "requirements.txt" : "pyproject.toml",
         title: `Vulnerable Python dependency: ${vuln.name}`,
         description: `${vuln.name}@${vuln.version} \u2014 ${vuln.id}: ${vuln.description || "Known vulnerability"}`,
         attackScenario: `An attacker could exploit the vulnerability in ${vuln.name}.`,
@@ -13399,8 +14080,8 @@ function checkGoVerify(projectRoot) {
 }
 
 // src/security/checks/injection.ts
-import { readFileSync as readFileSync18 } from "fs";
-import { join as join22 } from "path";
+import { readFileSync as readFileSync19 } from "fs";
+import { join as join23 } from "path";
 var SKIP_DIRS = ["node_modules/", "dist/", ".git/", ".wrangler/", "src/security/checks/"];
 var TEST_PATTERNS = ["test", "spec", "fixture", "mock", "__tests__", "__mocks__"];
 var USER_INPUT_NAMES = /(?:input|user|name|path|query|branch|hash|cmd|command|req\.|params|body|args|url|dir|file|subdirectory)/i;
@@ -13687,6 +14368,43 @@ var PATTERNS = [
     description: "extract() on $_GET/$_POST/$_REQUEST overwrites local variables \u2014 can bypass security checks.",
     attackScenario: "An attacker could set arbitrary variables by crafting request parameters, potentially overwriting auth flags or config values.",
     suggestedFix: "Avoid extract() on user input. Access superglobals directly or use a whitelist of expected keys."
+  },
+  // Swift injection patterns
+  {
+    regex: /["'](?:SELECT|INSERT|UPDATE|DELETE)\b[^"']*\\\(/,
+    title: "Swift SQL injection via string interpolation",
+    vulnClass: "code-injection",
+    baseSeverity: "high",
+    description: "SQL query built using Swift string interpolation \u2014 vulnerable to SQL injection.",
+    attackScenario: "An attacker could inject SQL through interpolated variables to read, modify, or delete database data.",
+    suggestedFix: "Use parameterized queries with your database library (e.g., Fluent ORM, SQLite.swift bindings)."
+  },
+  {
+    regex: /Process\s*\(\s*\)/,
+    title: "Swift command injection via Process class",
+    vulnClass: "shell-injection",
+    baseSeverity: "medium",
+    description: "Process() class executes external commands \u2014 vulnerable if user input reaches arguments.",
+    attackScenario: "An attacker could inject shell metacharacters to execute arbitrary commands on the server.",
+    suggestedFix: "Validate all arguments against a strict allowlist before passing to Process. Avoid shell execution."
+  },
+  {
+    regex: /Unsafe(?:Raw|Mutable|Buffer)?Pointer/,
+    title: "Swift unsafe pointer usage",
+    vulnClass: "code-injection",
+    baseSeverity: "medium",
+    description: "Unsafe pointer usage bypasses Swift memory safety \u2014 potential for memory corruption.",
+    attackScenario: "An attacker could exploit unsafe pointer operations to corrupt memory or execute arbitrary code.",
+    suggestedFix: "Prefer safe Swift alternatives. If unsafe pointers are necessary, validate all bounds and lifetimes."
+  },
+  {
+    regex: /UserDefaults\s*\.\s*(?:standard\s*\.\s*)?set\s*\([^)]*(?:password|secret|token|apiKey|api_key)/i,
+    title: "Swift sensitive data in UserDefaults (unencrypted)",
+    vulnClass: "code-injection",
+    baseSeverity: "high",
+    description: "Sensitive data stored in UserDefaults without encryption \u2014 easily accessible on jailbroken devices.",
+    attackScenario: "An attacker with device access could read UserDefaults plist to extract credentials.",
+    suggestedFix: "Use Keychain Services for storing sensitive data. Never store passwords or tokens in UserDefaults."
   }
 ];
 function shouldSkip(filePath) {
@@ -13703,7 +14421,7 @@ async function checkInjection(files, projectRoot) {
       if (shouldSkip(file.filePath) || isTestFile4(file.filePath)) continue;
       let content;
       try {
-        content = readFileSync18(join22(projectRoot, file.filePath), "utf-8");
+        content = readFileSync19(join23(projectRoot, file.filePath), "utf-8");
       } catch {
         continue;
       }
@@ -13741,8 +14459,8 @@ async function checkInjection(files, projectRoot) {
 }
 
 // src/security/checks/secrets.ts
-import { readFileSync as readFileSync19 } from "fs";
-import { join as join23 } from "path";
+import { readFileSync as readFileSync20 } from "fs";
+import { join as join24 } from "path";
 var SKIP_DIRS2 = ["node_modules/", "dist/", ".git/", ".wrangler/", "src/security/checks/"];
 var TEST_PATTERNS2 = ["test", "spec", "fixture", "mock", "__tests__", "__mocks__", ".example", ".sample"];
 var SECRET_PATTERNS = [
@@ -13775,7 +14493,7 @@ async function checkSecrets(files, projectRoot) {
       if (shouldSkip2(file.filePath) || isTestFile5(file.filePath)) continue;
       let content;
       try {
-        content = readFileSync19(join23(projectRoot, file.filePath), "utf-8");
+        content = readFileSync20(join24(projectRoot, file.filePath), "utf-8");
       } catch {
         continue;
       }
@@ -13808,8 +14526,8 @@ async function checkSecrets(files, projectRoot) {
 }
 
 // src/security/checks/path-traversal.ts
-import { readFileSync as readFileSync20 } from "fs";
-import { join as join24 } from "path";
+import { readFileSync as readFileSync21 } from "fs";
+import { join as join25 } from "path";
 var SKIP_DIRS3 = ["node_modules/", "dist/", ".git/", ".wrangler/", "src/security/checks/"];
 var USER_INPUT_VARS = /(?:req\.|params|query|body|input|path|dir|subdirectory|file|userInput|fileName|filePath)/i;
 var PATTERNS2 = [
@@ -13856,7 +14574,7 @@ async function checkPathTraversal(files, projectRoot) {
       if (shouldSkip3(file.filePath)) continue;
       let content;
       try {
-        content = readFileSync20(join24(projectRoot, file.filePath), "utf-8");
+        content = readFileSync21(join25(projectRoot, file.filePath), "utf-8");
       } catch {
         continue;
       }
@@ -13898,8 +14616,8 @@ async function checkPathTraversal(files, projectRoot) {
 }
 
 // src/security/checks/auth.ts
-import { readFileSync as readFileSync21 } from "fs";
-import { join as join25 } from "path";
+import { readFileSync as readFileSync22 } from "fs";
+import { join as join26 } from "path";
 var SKIP_DIRS4 = ["node_modules/", "dist/", ".git/", ".wrangler/", "src/security/checks/"];
 function shouldSkip4(filePath) {
   return SKIP_DIRS4.some((d) => filePath.includes(d));
@@ -13915,7 +14633,7 @@ async function checkAuth(files, projectRoot) {
       if (shouldSkip4(file.filePath)) continue;
       let content;
       try {
-        content = readFileSync21(join25(projectRoot, file.filePath), "utf-8");
+        content = readFileSync22(join26(projectRoot, file.filePath), "utf-8");
       } catch {
         continue;
       }
@@ -14006,8 +14724,8 @@ async function checkAuth(files, projectRoot) {
 }
 
 // src/security/checks/input-validation.ts
-import { readFileSync as readFileSync22 } from "fs";
-import { join as join26 } from "path";
+import { readFileSync as readFileSync23 } from "fs";
+import { join as join27 } from "path";
 var SKIP_DIRS5 = ["node_modules/", "dist/", ".git/", ".wrangler/", "src/security/checks/"];
 function shouldSkip5(filePath) {
   return SKIP_DIRS5.some((d) => filePath.includes(d));
@@ -14019,7 +14737,7 @@ async function checkInputValidation(files, projectRoot) {
       if (shouldSkip5(file.filePath)) continue;
       let content;
       try {
-        content = readFileSync22(join26(projectRoot, file.filePath), "utf-8");
+        content = readFileSync23(join27(projectRoot, file.filePath), "utf-8");
       } catch {
         continue;
       }
@@ -14096,8 +14814,8 @@ async function checkInputValidation(files, projectRoot) {
 }
 
 // src/security/checks/information-disclosure.ts
-import { readFileSync as readFileSync23 } from "fs";
-import { join as join27 } from "path";
+import { readFileSync as readFileSync24 } from "fs";
+import { join as join28 } from "path";
 var SKIP_DIRS6 = ["node_modules/", "dist/", ".git/", ".wrangler/", "src/security/checks/"];
 function shouldSkip6(filePath) {
   return SKIP_DIRS6.some((d) => filePath.includes(d));
@@ -14109,7 +14827,7 @@ async function checkInformationDisclosure(files, projectRoot) {
       if (shouldSkip6(file.filePath)) continue;
       let content;
       try {
-        content = readFileSync23(join27(projectRoot, file.filePath), "utf-8");
+        content = readFileSync24(join28(projectRoot, file.filePath), "utf-8");
       } catch {
         continue;
       }
@@ -14179,8 +14897,8 @@ async function checkInformationDisclosure(files, projectRoot) {
 }
 
 // src/security/checks/cryptography.ts
-import { readFileSync as readFileSync24 } from "fs";
-import { join as join28 } from "path";
+import { readFileSync as readFileSync25 } from "fs";
+import { join as join29 } from "path";
 var SKIP_DIRS7 = ["node_modules/", "dist/", ".git/", ".wrangler/", "src/security/checks/"];
 var USER_INPUT_NAMES2 = /(?:input|user|name|path|query|param|request|body|args|url)/i;
 function shouldSkip7(filePath) {
@@ -14197,7 +14915,7 @@ async function checkCryptography(files, projectRoot) {
       if (shouldSkip7(file.filePath)) continue;
       let content;
       try {
-        content = readFileSync24(join28(projectRoot, file.filePath), "utf-8");
+        content = readFileSync25(join29(projectRoot, file.filePath), "utf-8");
       } catch {
         continue;
       }
@@ -14455,6 +15173,84 @@ async function checkCryptography(files, projectRoot) {
             suggestedFix: "Load credentials from environment variables using getenv() or $_ENV."
           });
         }
+        if (/\bCC_MD5\b/.test(line) || /Insecure\s*\.\s*MD5/.test(line)) {
+          findings.push({
+            id: "",
+            severity: isCryptoFile ? "high" : "medium",
+            vulnerabilityClass: "cryptography",
+            file: file.filePath,
+            line: i + 1,
+            title: "Weak hash algorithm: MD5 in Swift",
+            description: "MD5 is cryptographically broken \u2014 collisions can be generated in seconds.",
+            attackScenario: "An attacker could generate MD5 collisions to bypass integrity checks or forge hashes.",
+            suggestedFix: "Use SHA256 from CryptoKit: SHA256.hash(data: data)"
+          });
+        }
+        if (/\bCC_SHA1\b/.test(line) || /Insecure\s*\.\s*SHA1/.test(line)) {
+          findings.push({
+            id: "",
+            severity: isCryptoFile ? "high" : "medium",
+            vulnerabilityClass: "cryptography",
+            file: file.filePath,
+            line: i + 1,
+            title: "Weak hash algorithm: SHA-1 in Swift",
+            description: "SHA-1 has known collision attacks \u2014 should not be used for security purposes.",
+            attackScenario: "An attacker could generate SHA-1 collisions to bypass integrity checks.",
+            suggestedFix: "Use SHA256 from CryptoKit: SHA256.hash(data: data)"
+          });
+        }
+        if (/(?:let|var)\s+(?:password|secret|apiKey|api_key|token)\s*(?::\s*String\s*)?=\s*["']/i.test(line)) {
+          findings.push({
+            id: "",
+            severity: "high",
+            vulnerabilityClass: "cryptography",
+            file: file.filePath,
+            line: i + 1,
+            title: "Hardcoded credentials in Swift source",
+            description: "A password, secret, or API key is hardcoded as a string literal.",
+            attackScenario: "An attacker with access to the binary or source could extract the credential.",
+            suggestedFix: "Load credentials from Keychain, environment variables, or a secure configuration service."
+          });
+        }
+        if (/\barc4random\b/.test(line) && isCryptoFile) {
+          findings.push({
+            id: "",
+            severity: "medium",
+            vulnerabilityClass: "cryptography",
+            file: file.filePath,
+            line: i + 1,
+            title: "arc4random in Swift security context",
+            description: "arc4random is not suitable for cryptographic key generation.",
+            attackScenario: "An attacker could predict random values if used for cryptographic purposes.",
+            suggestedFix: "Use SecRandomCopyBytes or SystemRandomNumberGenerator for security-sensitive randomness."
+          });
+        }
+        if (/allowsArbitraryLoads\s*:\s*true/.test(line) || /NSAllowsArbitraryLoads.*true/.test(line)) {
+          findings.push({
+            id: "",
+            severity: "medium",
+            vulnerabilityClass: "cryptography",
+            file: file.filePath,
+            line: i + 1,
+            title: "Swift App Transport Security disabled",
+            description: "allowsArbitraryLoads is set to true \u2014 all HTTP traffic is permitted without encryption.",
+            attackScenario: "An attacker on the network path could intercept, read, or modify data in transit.",
+            suggestedFix: "Remove allowsArbitraryLoads or set to false. Add specific exceptions only for domains that require HTTP."
+          });
+        }
+        if (/(?:let|var)\s+\w*[Uu]rl\w*\s*=\s*["']http:\/\/(?!(?:localhost|127\.))/.test(line)) {
+          findings.push({
+            id: "",
+            severity: "medium",
+            vulnerabilityClass: "cryptography",
+            file: file.filePath,
+            line: i + 1,
+            title: "Hardcoded HTTP URL in Swift source",
+            description: "An HTTP (not HTTPS) URL is hardcoded \u2014 data is transmitted unencrypted.",
+            attackScenario: "An attacker on the network path could intercept, read, or modify data in transit.",
+            suggestedFix: "Use HTTPS for all external URLs to ensure data confidentiality and integrity."
+          });
+        }
       }
     }
   } catch {
@@ -14463,8 +15259,8 @@ async function checkCryptography(files, projectRoot) {
 }
 
 // src/security/checks/frontend.ts
-import { readFileSync as readFileSync25 } from "fs";
-import { join as join29 } from "path";
+import { readFileSync as readFileSync26 } from "fs";
+import { join as join30 } from "path";
 var SKIP_DIRS8 = ["node_modules/", "dist/", ".git/", ".wrangler/", "src/security/checks/"];
 function shouldSkip8(filePath) {
   return SKIP_DIRS8.some((d) => filePath.includes(d));
@@ -14480,7 +15276,7 @@ async function checkFrontend(files, projectRoot) {
       if (!isFrontendFile(file.filePath)) continue;
       let content;
       try {
-        content = readFileSync25(join29(projectRoot, file.filePath), "utf-8");
+        content = readFileSync26(join30(projectRoot, file.filePath), "utf-8");
       } catch {
         continue;
       }
@@ -14940,13 +15736,13 @@ async function scanSecurity(projectRoot, graph, options = {}) {
   };
 }
 function detectPackageManager(projectRoot) {
-  if (existsSync19(join30(projectRoot, "package.json"))) return "npm";
-  if (existsSync19(join30(projectRoot, "requirements.txt"))) return "pip";
-  if (existsSync19(join30(projectRoot, "pyproject.toml"))) return "pip";
-  if (existsSync19(join30(projectRoot, "Cargo.toml"))) return "cargo";
-  if (existsSync19(join30(projectRoot, "go.mod"))) return "go";
-  if (existsSync19(join30(projectRoot, "pom.xml"))) return "maven";
-  if (existsSync19(join30(projectRoot, "build.gradle")) || existsSync19(join30(projectRoot, "build.gradle.kts"))) return "gradle";
+  if (existsSync20(join31(projectRoot, "package.json"))) return "npm";
+  if (existsSync20(join31(projectRoot, "requirements.txt"))) return "pip";
+  if (existsSync20(join31(projectRoot, "pyproject.toml"))) return "pip";
+  if (existsSync20(join31(projectRoot, "Cargo.toml"))) return "cargo";
+  if (existsSync20(join31(projectRoot, "go.mod"))) return "go";
+  if (existsSync20(join31(projectRoot, "pom.xml"))) return "maven";
+  if (existsSync20(join31(projectRoot, "build.gradle")) || existsSync20(join31(projectRoot, "build.gradle.kts"))) return "gradle";
   return "unknown";
 }