gitnexus 1.6.6-rc.84 → 1.6.6-rc.86

package/dist/core/group/extractors/http-patterns/index.d.ts

@@ -1,5 +1,5 @@
 import type { HttpLanguagePlugin } from './types.js';
-export type { HttpDetection, HttpLanguagePlugin, HttpRole } from './types.js';
+export type { HttpDetection, HttpFileDetections, HttpLanguagePlugin, HttpRole, HttpScanInput, } from './types.js';
 /**
  * Glob for files worth scanning for HTTP routes. Kept alongside the
  * registry so adding a new language widens the glob in one edit.

package/dist/core/group/extractors/http-patterns/java.js

@@ -22,45 +22,64 @@ const METHOD_ANNOTATION_TO_HTTP = {
     DeleteMapping: 'DELETE',
     PatchMapping: 'PATCH',
 };
-// ─── Provider: Spring class-level @RequestMapping prefix ──────────────
-// Two patterns are needed because the AST shape differs depending on
-// whether the annotation uses a positional argument or a named one:
-//   @RequestMapping("/api")          → (annotation_argument_list (string_literal))
-//   @RequestMapping(path = "/api")   → (annotation_argument_list (element_value_pair key:(identifier) value:(string_literal)))
-//   @RequestMapping(value = "/api")  → same as above
-//
-// The named-argument pattern MUST constrain the `key` field to the route
-// member names (`path`/`value`); without it, the query also captures
-// non-route attributes such as `produces`, `consumes`, `headers`, `name`,
-// `params` (their right-hand string literals would be mis-extracted as
-// route prefixes — e.g. `produces = "application/json"` would corrupt
-// every method route under that controller). The sibling
-// `topic-patterns/java.ts` uses the same `key:` constraint approach.
-const SPRING_CLASS_PREFIX_PATTERNS = compilePatterns({
-    name: 'java-spring-class-prefix',
+// ─── Provider: Spring class/interface-level @RequestMapping prefix ───
+const SPRING_TYPE_PREFIX_PATTERNS = compilePatterns({
+    name: 'java-spring-type-prefix',
     language: Java,
     patterns: [
         {
             meta: {},
             query: `
-        (class_declaration
-          (modifiers
-            (annotation
-              name: (identifier) @ann (#eq? @ann "RequestMapping")
-              arguments: (annotation_argument_list (string_literal) @prefix)))) @class
+        [
+          (class_declaration
+            (modifiers
+              (annotation
+                name: (identifier) @ann (#eq? @ann "RequestMapping")
+                arguments: (annotation_argument_list (string_literal) @prefix)))) @type
+          (interface_declaration
+            (modifiers
+              (annotation
+                name: (identifier) @ann (#eq? @ann "RequestMapping")
+                arguments: (annotation_argument_list (string_literal) @prefix)))) @type
+        ]
       `,
         },
         {
             meta: {},
             query: `
-        (class_declaration
-          (modifiers
-            (annotation
-              name: (identifier) @ann (#eq? @ann "RequestMapping")
-              arguments: (annotation_argument_list
-                (element_value_pair
-                  key: (identifier) @key (#match? @key "^(path|value)$")
-                  value: (string_literal) @prefix))))) @class
+        [
+          (class_declaration
+            (modifiers
+              (annotation
+                name: (identifier) @ann (#eq? @ann "RequestMapping")
+                arguments: (annotation_argument_list
+                  (element_value_pair
+                    key: (identifier) @key (#match? @key "^(path|value)$")
+                    value: (string_literal) @prefix))))) @type
+          (interface_declaration
+            (modifiers
+              (annotation
+                name: (identifier) @ann (#eq? @ann "RequestMapping")
+                arguments: (annotation_argument_list
+                  (element_value_pair
+                    key: (identifier) @key (#match? @key "^(path|value)$")
+                    value: (string_literal) @prefix))))) @type
+        ]
+      `,
+        },
+    ],
+});
+const SPRING_TYPE_DECLARATION_PATTERNS = compilePatterns({
+    name: 'java-spring-type-declaration',
+    language: Java,
+    patterns: [
+        {
+            meta: {},
+            query: `
+        [
+          (class_declaration name: (identifier) @type_name) @type
+          (interface_declaration name: (identifier) @type_name) @type
+        ]
       `,
         },
     ],
@@ -289,9 +308,9 @@ const APACHE_HTTP_CLIENT_PATTERNS = compilePatterns({
     ],
 });
 /**
- * Find the nearest enclosing class_declaration ancestor for a node, or
- * null if the node is top-level. Tree-sitter's SyntaxNode.parent walks
- * one level at a time.
+ * Find the nearest enclosing class/interface declaration ancestor for
+ * a node, or null if the node is top-level. Tree-sitter's
+ * SyntaxNode.parent walks one level at a time.
  */
 function findEnclosingClass(node) {
     let cur = node.parent;
@@ -311,23 +330,6 @@ function findEnclosingInterface(node) {
     }
     return null;
 }
-function hasAnnotation(node, annotationName) {
-    for (const child of node.namedChildren) {
-        if (child.type !== 'modifiers')
-            continue;
-        for (const modifier of child.namedChildren) {
-            if (modifier.type !== 'annotation')
-                continue;
-            const nameNode = modifier.childForFieldName('name');
-            if (!nameNode)
-                continue;
-            const simpleName = nameNode.text.split('.').pop();
-            if (nameNode.text === annotationName || simpleName === annotationName)
-                return true;
-        }
-    }
-    return false;
-}
 /**
  * Join a class-level prefix and a method-level path into a single URL
  * path. Mirrors the semantics of the original regex implementation:
@@ -341,22 +343,186 @@ function joinPath(prefix, methodPath) {
         return `/${cleanSub}`;
     return `/${cleanPrefix}/${cleanSub}`;
 }
+function getNodeName(node) {
+    return node.childForFieldName('name')?.text ?? null;
+}
+function hasAnnotation(node, names) {
+    const modifiers = node.namedChildren.find((child) => child.type === 'modifiers');
+    if (!modifiers)
+        return false;
+    const allowed = new Set(typeof names === 'string' ? [names] : names);
+    const stack = [...modifiers.namedChildren];
+    while (stack.length > 0) {
+        const cur = stack.pop();
+        const annotationName = cur.childForFieldName('name')?.text ?? '';
+        const simpleName = annotationName.split('.').pop() ?? annotationName;
+        if ((cur.type === 'annotation' || cur.type === 'marker_annotation') &&
+            (allowed.has(annotationName) || allowed.has(simpleName))) {
+            return true;
+        }
+        stack.push(...cur.namedChildren);
+    }
+    return false;
+}
+function collectTypePrefixes(tree) {
+    const prefixByTypeId = new Map();
+    for (const match of runCompiledPatterns(SPRING_TYPE_PREFIX_PATTERNS, tree)) {
+        const prefixNode = match.captures.prefix;
+        const typeNode = match.captures.type;
+        if (!prefixNode || !typeNode)
+            continue;
+        const prefix = unquoteLiteral(prefixNode.text);
+        if (prefix !== null)
+            prefixByTypeId.set(typeNode.id, prefix);
+    }
+    return prefixByTypeId;
+}
+function collectMethodRoutes(tree) {
+    const routesByMethodId = new Map();
+    for (const match of runCompiledPatterns(SPRING_METHOD_ROUTE_PATTERNS, tree)) {
+        const annNode = match.captures.ann;
+        const pathNode = match.captures.path;
+        const methodNode = match.captures.method;
+        if (!annNode || !pathNode || !methodNode)
+            continue;
+        const httpMethod = METHOD_ANNOTATION_TO_HTTP[annNode.text];
+        if (!httpMethod)
+            continue;
+        const rawPath = unquoteLiteral(pathNode.text);
+        if (rawPath === null)
+            continue;
+        const routes = routesByMethodId.get(methodNode.id) ?? [];
+        routes.push({ method: httpMethod, path: rawPath });
+        routesByMethodId.set(methodNode.id, routes);
+    }
+    return routesByMethodId;
+}
+function collectDirectMethods(typeNode) {
+    const out = [];
+    const visit = (node) => {
+        for (const child of node.namedChildren) {
+            if (child.type === 'method_declaration') {
+                out.push(child);
+                continue;
+            }
+            if (child !== typeNode &&
+                (child.type === 'class_declaration' || child.type === 'interface_declaration')) {
+                continue;
+            }
+            visit(child);
+        }
+    };
+    visit(typeNode);
+    return out;
+}
+function collectImplementedInterfaces(typeNode) {
+    const interfacesNode = typeNode.childForFieldName('interfaces');
+    if (!interfacesNode)
+        return [];
+    const out = [];
+    const visit = (node) => {
+        if (node.type === 'type_identifier' || node.type === 'scoped_type_identifier') {
+            out.push(node.text.split('.').pop() ?? node.text);
+            return;
+        }
+        for (const child of node.namedChildren)
+            visit(child);
+    };
+    visit(interfacesNode);
+    return out;
+}
+function collectSpringTypes(filePath, tree) {
+    const prefixByTypeId = collectTypePrefixes(tree);
+    const routesByMethodId = collectMethodRoutes(tree);
+    const out = [];
+    for (const match of runCompiledPatterns(SPRING_TYPE_DECLARATION_PATTERNS, tree)) {
+        const typeNode = match.captures.type;
+        const typeNameNode = match.captures.type_name;
+        if (!typeNode || !typeNameNode)
+            continue;
+        const kind = typeNode.type === 'interface_declaration' ? 'interface' : 'class';
+        const methods = collectDirectMethods(typeNode)
+            .map((methodNode) => ({
+            name: getNodeName(methodNode),
+            routes: routesByMethodId.get(methodNode.id) ?? [],
+        }))
+            .filter((method) => method.name !== null);
+        out.push({
+            filePath,
+            kind,
+            name: typeNameNode.text,
+            classPrefix: prefixByTypeId.get(typeNode.id) ?? '',
+            implementedInterfaces: kind === 'class' ? collectImplementedInterfaces(typeNode) : [],
+            isController: kind === 'class' && hasAnnotation(typeNode, ['RestController', 'Controller']),
+            methods,
+        });
+    }
+    return out;
+}
+function scanSpringProject(files) {
+    const types = files.flatMap((file) => collectSpringTypes(file.filePath, file.tree));
+    const interfaceRoutes = new Map();
+    for (const type of types) {
+        if (type.kind !== 'interface')
+            continue;
+        if (interfaceRoutes.has(type.name)) {
+            interfaceRoutes.set(type.name, null);
+            continue;
+        }
+        const methodMap = new Map();
+        for (const method of type.methods) {
+            const routes = method.routes.map((route) => ({
+                method: route.method,
+                path: type.classPrefix ? joinPath(type.classPrefix, route.path) : route.path,
+            }));
+            if (routes.length > 0)
+                methodMap.set(method.name, routes);
+        }
+        interfaceRoutes.set(type.name, methodMap);
+    }
+    const detectionsByFile = new Map();
+    for (const type of types) {
+        if (type.kind !== 'class' || !type.isController)
+            continue;
+        for (const method of type.methods) {
+            if (method.routes.length > 0)
+                continue;
+            const inheritedRoutes = type.implementedInterfaces.flatMap((interfaceName) => {
+                const routeMap = interfaceRoutes.get(interfaceName);
+                if (!routeMap)
+                    return [];
+                const routes = routeMap.get(method.name) ?? [];
+                return routes.map((route) => ({
+                    method: route.method,
+                    path: joinPath(type.classPrefix, route.path),
+                }));
+            });
+            for (const route of inheritedRoutes) {
+                const detections = detectionsByFile.get(type.filePath) ?? [];
+                detections.push({
+                    role: 'provider',
+                    framework: 'spring',
+                    method: route.method,
+                    path: route.path,
+                    name: method.name,
+                    confidence: 0.8,
+                });
+                detectionsByFile.set(type.filePath, detections);
+            }
+        }
+    }
+    return [...detectionsByFile.entries()].map(([filePath, detections]) => ({
+        filePath,
+        detections,
+    }));
+}
 export const JAVA_HTTP_PLUGIN = {
     name: 'java-http',
     language: Java,
     scan(tree) {
         const out = [];
         // ─── Providers: Spring class prefix + method annotations ────────
-        const prefixByClassId = new Map();
-        for (const match of runCompiledPatterns(SPRING_CLASS_PREFIX_PATTERNS, tree)) {
-            const prefixNode = match.captures.prefix;
-            const classNode = match.captures.class;
-            if (!prefixNode || !classNode)
-                continue;
-            const prefix = unquoteLiteral(prefixNode.text);
-            if (prefix !== null)
-                prefixByClassId.set(classNode.id, prefix);
-        }
+        const prefixByTypeId = collectTypePrefixes(tree);
         const feignPrefixByInterfaceId = new Map();
         for (const match of runCompiledPatterns(FEIGN_INTERFACE_PREFIX_PATTERNS, tree)) {
             const prefixNode = match.captures.prefix;
@@ -395,7 +561,9 @@ export const JAVA_HTTP_PLUGIN = {
                 continue;
             }
             const enclosingClass = findEnclosingClass(methodNode);
-            const prefix = enclosingClass ? (prefixByClassId.get(enclosingClass.id) ?? '') : '';
+            if (!enclosingClass)
+                continue;
+            const prefix = prefixByTypeId.get(enclosingClass.id) ?? '';
             const fullPath = joinPath(prefix, rawPath);
             out.push({
                 role: 'provider',
@@ -528,4 +696,5 @@ export const JAVA_HTTP_PLUGIN = {
         }
         return out;
     },
+    scanProject: scanSpringProject,
 };

package/dist/core/group/extractors/http-patterns/kotlin.js

@@ -9,18 +9,22 @@ import { compilePatterns, runCompiledPatterns, unquoteLiteral, } from '../tree-s
  * named annotation arguments (`@GetMapping(value = "/x")` and
  * `@GetMapping(path = "/x")`) are supported.
  *
- * **Consumers** (this PR) — three call-site patterns common in Kotlin
+ * **Consumers** — four call-site patterns common in Kotlin
  * Spring projects:
  *
- *   1. `restTemplate.getForObject("/x", ...)` and friends
- *   2. `webClient.get().uri("/x")` (short form, 1 verb hop + 1 uri hop)
- *   3. `Request.Builder().url("/x")` (OkHttp)
+ *   1. `restTemplate.getForObject("/x", ...)` and friends (#1855)
+ *   2. `webClient.get().uri("/x")` — short form (#1855)
+ *   3. `Request.Builder().url("/x")` — OkHttp (#1855)
+ *   4. `webClient.method(HttpMethod.X).uri("/y")` — long form (this PR)
  *
- * The long-form `webClient.method(HttpMethod.X).uri("/y")` chain is
- * intentionally deferred to a follow-up: it requires walk-up logic
- * to recover the verb from a sibling `call_expression`, and we can
- * land 80% of real-world Kotlin Spring consumer coverage with the
- * three simpler patterns above.
+ * The long form puts the verb on a sibling `call_expression` two hops
+ * away from the path. Rather than introducing imperative walk-up logic,
+ * we use a single deeper tree-sitter query that matches the full chain
+ * structurally — see `WEB_CLIENT_LONG_PATTERNS` below. The verb is
+ * captured directly as the `simple_identifier` of `HttpMethod.X`, so
+ * variable-bound verbs (`val verb = HttpMethod.PATCH; webClient.method(verb)...`)
+ * are intentionally NOT picked up — those need a graph-aware resolver
+ * and are out of scope for source-scan.
  *
  * tree-sitter-kotlin (fwcd) AST shapes used here:
  *   class_declaration
@@ -96,6 +100,15 @@ const WEB_CLIENT_SHORT_TO_HTTP = {
     delete: 'DELETE',
     patch: 'PATCH',
 };
+/**
+ * Allowed HTTP verbs for the WebClient long-form path
+ * `webClient.method(HttpMethod.X).uri("/y")`. Compiled once at module
+ * load (instead of inside the scan loop) per maintainer feedback on
+ * PR #1884. Mirrors the keys of `WEB_CLIENT_SHORT_TO_HTTP` above —
+ * keeping HEAD/OPTIONS/TRACE intentionally excluded for symmetry
+ * with the short form and the Java plugin.
+ */
+const WEB_CLIENT_LONG_VERB_RE = /^(GET|POST|PUT|DELETE|PATCH)$/;
 /**
  * Build the plugin only if the Kotlin grammar is available. Compiling
  * the queries against a null grammar would throw at module load time
@@ -249,8 +262,9 @@ function buildKotlinPlugin(language) {
     //   - outer call's first value_argument is a string literal
     //
     // The long-form `webClient.method(HttpMethod.GET).uri("/x")` chain
-    // uses an extra navigation hop and an enum field access — it's
-    // intentionally out of scope here (see file header).
+    // uses an extra navigation hop and an enum field access — handled
+    // by `WEB_CLIENT_LONG_PATTERNS` below, separately so each query is
+    // straightforward to reason about.
     const WEB_CLIENT_SHORT_PATTERNS = compilePatterns({
         name: 'kotlin-web-client-short',
         language,
@@ -273,6 +287,58 @@ function buildKotlinPlugin(language) {
             },
         ],
     });
+    // ─── Consumer: Spring WebClient (long form) ───────────────────────────
+    // The fluent long form passes the verb as a `HttpMethod.X` enum field
+    // access through `.method(...)`, then carries the path on a separate
+    // `.uri(...)` hop further down the chain:
+    //
+    //   webClient.method(HttpMethod.GET).uri("/x").retrieve().awaitBody<T>()
+    //
+    // Compared to the short form there are two extra structural hops:
+    //   - the inner `.method(...)` `call_expression` has a `value_argument`
+    //     whose payload is itself a `navigation_expression` (HttpMethod → .GET)
+    //   - the outer `.uri(...)` is reached via one more
+    //     `navigation_expression` wrapping that inner call
+    //
+    // We capture the verb at the `simple_identifier` under `HttpMethod`'s
+    // `navigation_suffix`. That `simple_identifier` is the literal field
+    // name (`GET`, `POST`, ...) used in source — Kotlin enum fields by
+    // convention are upper-case, matching `HttpMethod` from
+    // `org.springframework.http`. We forward the captured text as-is.
+    //
+    // Variable-bound verbs (`val verb = HttpMethod.PATCH; webClient.method(verb)...`)
+    // do NOT match — they fail the `(navigation_expression ...)` shape
+    // because the value_argument carries a bare `simple_identifier` instead
+    // of a `HttpMethod.X` field access. This is intentional: source-scan
+    // can't follow the binding without graph context. Pinned by an
+    // anti-overreach test in the consumer suite.
+    const WEB_CLIENT_LONG_PATTERNS = compilePatterns({
+        name: 'kotlin-web-client-long',
+        language,
+        patterns: [
+            {
+                meta: {},
+                query: `
+          (call_expression
+            (navigation_expression
+              (call_expression
+                (navigation_expression
+                  (simple_identifier) @obj (#eq? @obj "webClient")
+                  (navigation_suffix
+                    (simple_identifier) @method_call (#eq? @method_call "method")))
+                (call_suffix
+                  (value_arguments
+                    . (value_argument
+                        (navigation_expression
+                          (simple_identifier) @httpMethodCls (#eq? @httpMethodCls "HttpMethod")
+                          (navigation_suffix (simple_identifier) @verb))))))
+              (navigation_suffix (simple_identifier) @uri (#eq? @uri "uri")))
+            (call_suffix
+              (value_arguments . (value_argument . (string_literal) @path))))
+        `,
+            },
+        ],
+    });
     // ─── Consumer: OkHttp Request.Builder().url("/x") ─────────────────────
     // Kotlin parses `Request.Builder()` as a `call_expression` whose
     // callee is a `navigation_expression` (Request → .Builder), NOT as
@@ -425,6 +491,35 @@ function buildKotlinPlugin(language) {
                     confidence: 0.7,
                 });
             }
+            // ─── Consumers: WebClient long form (.method(HttpMethod.X) → .uri) ─
+            for (const match of runCompiledPatterns(WEB_CLIENT_LONG_PATTERNS, tree)) {
+                const verbNode = match.captures.verb;
+                const pathNode = match.captures.path;
+                if (!verbNode || !pathNode)
+                    continue;
+                // The captured text is the literal `HttpMethod.X` field name.
+                // Spring's `org.springframework.http.HttpMethod` defines GET,
+                // POST, PUT, DELETE, PATCH, HEAD, OPTIONS, TRACE — we only
+                // emit for the five verbs we already handle elsewhere, so
+                // exotic ones are silently skipped (consistent with the
+                // short form's WEB_CLIENT_SHORT_TO_HTTP guard). The accepted
+                // verb regex is hoisted to module scope (see
+                // `WEB_CLIENT_LONG_VERB_RE` near the top of this file).
+                const verbText = verbNode.text;
+                if (!WEB_CLIENT_LONG_VERB_RE.test(verbText))
+                    continue;
+                const path = unquoteLiteral(pathNode.text);
+                if (path === null)
+                    continue;
+                out.push({
+                    role: 'consumer',
+                    framework: 'spring-web-client',
+                    method: verbText,
+                    path,
+                    name: null,
+                    confidence: 0.7,
+                });
+            }
             // ─── Consumers: OkHttp Request.Builder().url("path") ────────────
             for (const match of runCompiledPatterns(OK_HTTP_PATTERNS, tree)) {
                 const pathNode = match.captures.path;

package/dist/core/group/extractors/http-patterns/types.d.ts

@@ -36,6 +36,14 @@ export interface HttpDetection {
     /** Confidence in (0, 1]. Source-scan plugins typically use 0.7–0.8. */
     confidence: number;
 }
+export interface HttpScanInput {
+    filePath: string;
+    tree: Parser.Tree;
+}
+export interface HttpFileDetections {
+    filePath: string;
+    detections: HttpDetection[];
+}
 /**
  * One language-scoped HTTP plugin. The plugin owns the tree-sitter
  * grammar and the `scan` function that translates a parsed tree into
@@ -90,4 +98,10 @@ export interface HttpLanguagePlugin {
      * single-file plugins can keep their unary `scan(tree)` shape.
      */
     scan(tree: Parser.Tree, repoContext?: RepoContext, fileRel?: string): HttpDetection[];
+    /**
+     * Optional project-level scan hook for language rules that require
+     * multiple files, such as Java controllers inheriting Spring mappings
+     * from annotated interfaces.
+     */
+    scanProject?(files: readonly HttpScanInput[]): HttpFileDetections[];
 }

package/dist/core/group/extractors/http-route-extractor.js

@@ -4,7 +4,7 @@ import Parser from 'tree-sitter';
 import { createIgnoreFilter } from '../../../config/ignore-service.js';
 import { readSafe } from './fs-utils.js';
 import { parseSourceSafe } from '../../tree-sitter/safe-parse.js';
-import { getPluginForFile, HTTP_SCAN_GLOB } from './http-patterns/index.js';
+import { getPluginForFile, HTTP_SCAN_GLOB, } from './http-patterns/index.js';
 /**
  * Language-agnostic orchestrator for HTTP route (provider + consumer)
  * contract extraction. Two strategies, in order of preference per role:
@@ -141,6 +141,9 @@ export class HttpRouteExtractor {
         // both graph-assisted enrichment and source-scan emission.
         const parser = new Parser();
         const cachedDetections = new Map();
+        const cachedInputs = new Map();
+        const projectDetections = new Map();
+        let projectScanComplete = false;
         // Per-plugin cross-file context (e.g. Python's FastAPI router →
         // include_router(prefix=...) map). Built lazily on first
         // `getDetections` call for a file the plugin handles, scoped to the
@@ -169,33 +172,45 @@ export class HttpRouteExtractor {
                 return undefined;
             }
         };
-        const getDetections = async (rel) => {
-            const cached = cachedDetections.get(rel);
-            if (cached)
-                return cached;
+        const getScanInput = async (rel) => {
+            if (cachedInputs.has(rel))
+                return cachedInputs.get(rel) ?? null;
             const plugin = getPluginForFile(rel);
             if (!plugin) {
-                cachedDetections.set(rel, []);
-                return [];
+                cachedInputs.set(rel, null);
+                return null;
             }
             const repoContext = await ensureRepoContext(plugin);
             const content = readSafe(repoPath, rel);
             if (!content) {
-                cachedDetections.set(rel, []);
-                return [];
+                cachedInputs.set(rel, null);
+                return null;
             }
             try {
                 parser.setLanguage(plugin.language);
                 const tree = parseSourceSafe(parser, content);
-                const detections = plugin.scan(tree, repoContext, rel);
-                cachedDetections.set(rel, detections);
-                return detections;
+                const input = { filePath: rel, tree };
+                const item = { plugin, input, repoContext };
+                cachedInputs.set(rel, item);
+                return item;
             }
             catch {
-                cachedDetections.set(rel, []);
-                return [];
+                cachedInputs.set(rel, null);
+                return null;
             }
         };
+        const getDetections = async (rel) => {
+            const cached = cachedDetections.get(rel);
+            if (cached)
+                return cached;
+            const scanInput = await getScanInput(rel);
+            const ownDetections = scanInput
+                ? scanInput.plugin.scan(scanInput.input.tree, scanInput.repoContext, rel)
+                : [];
+            const detections = [...ownDetections, ...(projectDetections.get(rel) ?? [])];
+            cachedDetections.set(rel, detections);
+            return detections;
+        };
         // Glob the source-scan file list at most once per extract() —
         // both provider and consumer fallback paths share the same list.
         let scannedFiles = null;
@@ -205,12 +220,36 @@ export class HttpRouteExtractor {
             scannedFiles = await this.scanFiles(repoPath);
             return scannedFiles;
         };
+        const collectProjectDetections = async (files) => {
+            if (projectScanComplete)
+                return;
+            projectScanComplete = true;
+            const byPlugin = new Map();
+            for (const rel of files) {
+                const scanInput = await getScanInput(rel);
+                if (!scanInput?.plugin.scanProject)
+                    continue;
+                const items = byPlugin.get(scanInput.plugin) ?? [];
+                items.push(scanInput.input);
+                byPlugin.set(scanInput.plugin, items);
+            }
+            for (const [plugin, inputs] of byPlugin) {
+                const results = plugin.scanProject?.(inputs) ?? [];
+                for (const result of results) {
+                    const existing = projectDetections.get(result.filePath) ?? [];
+                    projectDetections.set(result.filePath, [...existing, ...result.detections]);
+                }
+            }
+            cachedDetections.clear();
+        };
+        const files = await getScannedFiles();
+        await collectProjectDetections(files);
         const graphProviders = dbExecutor != null ? await this.extractProvidersGraph(dbExecutor, getDetections) : [];
         // Source scan always runs to capture routes in languages/files not covered
         // by graph edges; the glob and per-file parse results are cached above.
-        const providers = this.mergeGraphAndSourceContracts(graphProviders, await this.extractProvidersSourceScan(await getScannedFiles(), getDetections));
+        const providers = this.mergeGraphAndSourceContracts(graphProviders, await this.extractProvidersSourceScan(files, getDetections));
         const graphConsumers = dbExecutor != null ? await this.extractConsumersGraph(dbExecutor, getDetections) : [];
-        const consumers = this.mergeGraphAndSourceContracts(graphConsumers, await this.extractConsumersSourceScan(await getScannedFiles(), getDetections));
+        const consumers = this.mergeGraphAndSourceContracts(graphConsumers, await this.extractConsumersSourceScan(files, getDetections));
         return [...providers, ...consumers];
     }
     async scanFiles(repoPath) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "gitnexus",
-  "version": "1.6.6-rc.84",
+  "version": "1.6.6-rc.86",
   "description": "Graph-powered code intelligence for AI agents. Index any codebase, query via MCP or CLI.",
   "author": "Abhigyan Patwari",
   "license": "PolyForm-Noncommercial-1.0.0",