getprismo 0.1.17 → 0.1.18

package/README.md

@@ -52,6 +52,7 @@ agent-native        npx getprismo mcp
 - repeated file reads (same file loaded 100+ times in one session)
 - repeated commands (agent running the same command in a loop)
 - high context risk sessions that should have been split at task boundaries
+- session-derived ignore candidates from actual Claude/Codex logs (`logs/debug.log`, `dist/app.js`, `package-lock.json`, source-stream dumps)
 
 ---
 
@@ -96,6 +97,8 @@ Next:
 
 doctor went from 79 to 91 in one run. the repo now has proper ignore files, compact context packs, and a clear starting point for the next coding session.
 
+`scan --usage` and `doctor` can also turn real session leaks into concrete ignore suggestions. if local Claude/Codex logs show `logs/debug.log`, `dist/app.js`, `package-lock.json`, source-stream dumps, or other noisy files repeatedly entering context, prismodev adds conservative `.claudeignore` / `.cursorignore` candidate rules instead of only reporting the problem.
+
 ---
 
 ## real output: watch

package/docs/live-demo.md

@@ -12,6 +12,7 @@ Shows:
 
 - before/after repo score
 - missing `.claudeignore` / `.cursorignore`
+- ignore suggestions derived from actual local Claude/Codex session leaks
 - generated artifacts exposed to AI context
 - compact `.prismo/` context packs
 - recommended next starting context

package/lib/prismo-dev/report.js

@@ -277,6 +277,16 @@ function renderMarkdownReport(result) {
     });
     lines.push("");
   }
+  if (result.sessionIgnoreSuggestions && result.sessionIgnoreSuggestions.length) {
+    lines.push("## Session-Derived Ignore Suggestions");
+    lines.push("");
+    lines.push("These rules came from local Claude/Codex session logs where noisy paths already entered context.");
+    lines.push("");
+    result.sessionIgnoreSuggestions.slice(0, 20).forEach((item) => {
+      lines.push(`- \`${item.pattern}\` - ${item.reason} (${item.count} mention${item.count === 1 ? "" : "s"}${item.examples.length ? `; e.g. ${item.examples[0]}` : ""})`);
+    });
+    lines.push("");
+  }
   lines.push("## Issues");
   lines.push("");
   if (!result.issues.length) {

package/lib/prismo-dev/scan.js

@@ -97,6 +97,128 @@ function missingIgnoreSuggestions(recommended, existingPatterns) {
   return recommended.filter((pattern) => !ignoreSuggestionCovered(pattern, existingPatterns));
 }
 
+const SESSION_NOISE_DIRS = new Set([
+  ".next",
+  ".nuxt",
+  ".prismo",
+  ".pytest_cache",
+  ".turbo",
+  "__pycache__",
+  "build",
+  "calendar-dumps",
+  "coverage",
+  "dist",
+  "event-dumps",
+  "events",
+  "exports",
+  "htmlcov",
+  "inbox-dumps",
+  "logs",
+  "models",
+  "node_modules",
+  "out",
+  "playwright-report",
+  "session-dumps",
+  "source-streams",
+  "state-backups",
+  "test-results",
+  "tmp",
+  "temp",
+]);
+
+const SESSION_NOISE_FILE_NAMES = new Set([
+  "package-lock.json",
+  "pnpm-lock.yaml",
+  "yarn.lock",
+  "bun.lockb",
+  "coverage-final.json",
+  "lcov.info",
+]);
+
+const SESSION_NOISE_EXTENSIONS = new Set([
+  ".db",
+  ".jsonl",
+  ".lock",
+  ".log",
+  ".sqlite",
+  ".sqlite3",
+]);
+
+function cleanSessionPath(value) {
+  const text = String(value || "").trim().replace(/\\/g, "/");
+  if (!text || /^https?:\/\//.test(text)) return null;
+  const withoutQuotes = text.replace(/^["'`]+|["'`.,:;)\]]+$/g, "");
+  if (!withoutQuotes || withoutQuotes.includes("\n")) return null;
+  const markerIndex = withoutQuotes.indexOf("/Users/");
+  if (markerIndex > 0) return withoutQuotes.slice(markerIndex);
+  return withoutQuotes;
+}
+
+function sessionIgnorePatternForPath(value, root) {
+  const cleaned = cleanSessionPath(value);
+  if (!cleaned) return null;
+  const rootNormalized = normalizeRel(root);
+  let rel = cleaned;
+  if (path.isAbsolute(cleaned)) {
+    const normalized = normalizeRel(cleaned);
+    if (!normalized.startsWith(`${rootNormalized}/`)) return null;
+    rel = normalizeRel(path.relative(root, cleaned));
+  }
+  rel = normalizeRel(rel).replace(/^\.\//, "");
+  if (!rel || rel === "." || rel.startsWith("../") || rel.includes("..")) return null;
+
+  const segments = rel.split("/").filter(Boolean);
+  if (!segments.length) return null;
+  for (let index = 0; index < segments.length; index += 1) {
+    const segment = segments[index];
+    if (SESSION_NOISE_DIRS.has(segment)) {
+      return `${segments.slice(0, index + 1).join("/")}/`;
+    }
+  }
+
+  const fileName = segments[segments.length - 1];
+  const lowerName = fileName.toLowerCase();
+  const ext = path.extname(lowerName);
+  if (SESSION_NOISE_FILE_NAMES.has(lowerName)) return fileName;
+  if (SESSION_NOISE_EXTENSIONS.has(ext)) return rel;
+  if (/_state\.json$/i.test(fileName)) return "*_state.json";
+  if (/_tokens\.json$/i.test(fileName)) return "*_tokens.json";
+  if (/_export\.json$/i.test(fileName)) return "*_export.json";
+  if (/secret|credential|token/i.test(fileName) && /\.json$/i.test(fileName)) return rel;
+  return null;
+}
+
+function buildSessionIgnoreSuggestions(realUsage, root) {
+  if (!realUsage || !Array.isArray(realUsage.sessions)) return [];
+  const byPattern = new Map();
+  const add = (pattern, item, source, reason) => {
+    if (!pattern) return;
+    const existing = byPattern.get(pattern) || {
+      pattern,
+      source,
+      reason,
+      count: 0,
+      examples: [],
+    };
+    existing.count += Number(item?.count || 1);
+    const example = item?.value || item?.path || pattern;
+    if (example && !existing.examples.includes(example) && existing.examples.length < 3) existing.examples.push(example);
+    byPattern.set(pattern, existing);
+  };
+
+  for (const session of realUsage.sessions) {
+    for (const item of session.generatedArtifacts || []) {
+      add(sessionIgnorePatternForPath(item.value, root), item, session.tool || "session", "Generated artifact entered local session context.");
+    }
+    for (const item of session.repeatedPathMentions || []) {
+      add(sessionIgnorePatternForPath(item.value, root), item, session.tool || "session", "Noisy path appeared repeatedly in local session context.");
+    }
+  }
+  return Array.from(byPattern.values())
+    .sort((a, b) => b.count - a.count || a.pattern.localeCompare(b.pattern))
+    .slice(0, 25);
+}
+
 function getFileKind(filePath) {
   const ext = path.extname(filePath).toLowerCase();
   const name = path.basename(filePath).toLowerCase();
@@ -775,6 +897,7 @@ function toJsonPayload(result) {
     optimizationStack: result.optimizationStack,
     toolOutputRisk: result.toolOutputRisk,
     operationalNoise: result.operationalNoise,
+    sessionIgnoreSuggestions: result.sessionIgnoreSuggestions || [],
     proxyTrackingReadiness: result.proxyTrackingReadiness,
     suggestedClaudeIgnore: result.recommendedClaudeIgnore,
     suggestedCursorIgnore: result.recommendedCursorIgnore,
@@ -1061,7 +1184,19 @@ function scanRepo(rootDir = process.cwd(), options = {}) {
   }
 
   const realUsage = options.includeUsage ? getUsageSummary({ tool: options.usageTool || "all", cwd: root, limit: options.usageLimit || 5 }) : null;
+  const sessionIgnoreSuggestions = buildSessionIgnoreSuggestions(realUsage, root);
   addRealUsageIssues(issues, realUsage);
+  if (sessionIgnoreSuggestions.length) {
+    addIssue(
+      issues,
+      "medium",
+      "ignore_file",
+      `${sessionIgnoreSuggestions.length} session-derived ignore suggestion${sessionIgnoreSuggestions.length === 1 ? "" : "s"}`,
+      sessionIgnoreSuggestions.slice(0, 5).map((item) => `${item.pattern} (${item.count}x)`).join(", "),
+      "Review the generated .claudeignore/.cursorignore suggestions from actual local session context.",
+      "Likely avoidable token exposure: these paths already appeared in local coding-agent context."
+    );
+  }
   const optimizationStack = detectOptimizationStack(root, claudeConfig, codexConfig);
   const agentReadiness = detectAgentReadiness(root, claudeConfig, codexConfig, realUsage);
   const toolOutputRisk = detectToolOutputRisk({ exposedLargeFiles, exposedHighRiskDirs, highRiskDirs });
@@ -1145,11 +1280,13 @@ function scanRepo(rootDir = process.cwd(), options = {}) {
     .filter((file) => file.size >= 1024 * 1024 || ["log", "json", "minified", "lock/generated"].includes(file.kind))
     .map((file) => file.path);
   const operationalNoiseSuggestions = operationalNoise.files.map((file) => file.path);
+  const sessionIgnorePatterns = sessionIgnoreSuggestions.map((item) => item.pattern);
   const recommendedClaudeIgnore = Array.from(new Set([
     ...DEFAULT_CLAUDEIGNORE,
     ...gitignorePatterns.filter((line) => !line.startsWith("!")),
     ...largeFileSuggestions,
     ...operationalNoiseSuggestions,
+    ...sessionIgnorePatterns,
   ]));
   const recommendedCursorIgnore = Array.from(new Set([
     ...recommendedClaudeIgnore,
@@ -1203,6 +1340,7 @@ function scanRepo(rootDir = process.cwd(), options = {}) {
     recommendedCursorIgnore,
     missingClaudeIgnoreSuggestions,
     missingCursorIgnoreSuggestions,
+    sessionIgnoreSuggestions,
     topTokenLeaks: getTopTokenLeaks(issues),
     generatedAt: new Date().toISOString(),
   };

package/lib/prismo-dev/usage-watch.js

@@ -186,7 +186,7 @@ function looksLikeUsefulPath(relPath) {
 function extractMentionedPaths(text, cwd = "") {
   const found = new Set();
   const source = String(text || "");
-  const pathPattern = /(?:^|[\s"'`])((?:\.{0,2}\/)?(?:[\w .@-]+\/)+[\w .@+-]+\.[A-Za-z0-9]{1,12})/g;
+  const pathPattern = /(?:^|[\s"'`])((?:\.{0,2}\/)?(?:[\w.@-]+\/)+[\w.@+-]+\.[A-Za-z0-9]{1,12})/g;
   const filePattern = /(?:^|[\s"'`])((?:package-lock\.json|pnpm-lock\.yaml|yarn\.lock|coverage-final\.json|tsconfig\.json|pyproject\.toml|requirements\.txt|README\.md|CLAUDE\.md|AGENTS\.md))/g;
   for (const pattern of [pathPattern, filePattern]) {
     let match;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "getprismo",
-  "version": "0.1.17",
+  "version": "0.1.18",
   "description": "Local AI coding workflow scanner for Codex, Claude Code, Cursor, and token-waste diagnostics.",
   "license": "MIT",
   "homepage": "https://github.com/shanirsh/prismodev#readme",