sigmap 3.4.0 → 3.5.1

package/packages/adapters/llm-full.js

@@ -0,0 +1,25 @@
+'use strict';
+const path = require('path');
+const fs   = require('fs');
+module.exports = { name: 'llm-full', format, outputPath, write };
+
+function outputPath(cwd) { return path.join(cwd, 'llm-full.txt'); }
+
+function format(context, opts) {
+  opts = opts || {};
+  const lines = [
+    `# ${context.projectName || 'Project'} — SigMap Context`,
+    `Generated: ${new Date().toISOString()} | SigMap v${opts.version || ''}`,
+    '',
+  ];
+  for (const entry of (context.fileEntries || [])) {
+    const rel = path.relative(opts.cwd || '', entry.filePath);
+    lines.push(`## ${rel}`, '```', ...(entry.sigs || []), '```', '');
+  }
+  return lines.join('\n');
+}
+
+function write(context, cwd, opts) {
+  opts = opts || {};
+  fs.writeFileSync(outputPath(cwd), format(context, { ...opts, cwd }));
+}

package/packages/cli/package.json

@@ -1,6 +1,6 @@
 {
   "name": "sigmap-cli",
-  "version": "3.4.0",
+  "version": "3.5.0",
   "description": "SigMap CLI wrapper — thin adapter for programmatic CLI invocation",
   "main": "index.js",
   "keywords": [

package/packages/core/index.js

@@ -45,6 +45,16 @@ const EXT_MAP = {
   '.properties': 'properties',
   '.xml': 'xml',
   '.md': 'markdown',
+  // Phase C specialized extractors
+  '.tsx': 'typescript_react',
+  '.vue': 'vue_sfc',
+};
+
+// Phase C fallback: also try specialized extractors for base extensions
+const PHASE_C_EXTRACTORS = {
+  'typescript_react': '.tsx',
+  'vue_sfc': '.vue',
+  'python_dataclass': '.py',
 };
 
 const SRC_ROOT = path.resolve(__dirname, '..', '..', 'src');

package/packages/core/package.json

@@ -1,6 +1,6 @@
 {
   "name": "sigmap-core",
-  "version": "3.4.0",
+  "version": "3.5.0",
   "description": "SigMap core library — zero-dependency code signature extraction, retrieval, and security scanning",
   "main": "index.js",
   "keywords": [

package/src/eval/analyzer.js

@@ -39,6 +39,9 @@ const EXT_MAP = {
   '.properties': 'properties',
   '.xml': 'xml',
   '.md': 'markdown',
+  // Phase C specialized extractors
+  '.tsx': 'typescript_react',
+  '.vue': 'vue_sfc',
 };
 
 function isDockerfile(name) {

package/src/extractors/generic.js

@@ -0,0 +1,26 @@
+'use strict';
+module.exports = { extract };
+
+const PATTERNS = [
+  /^(?:pub\s+)?(?:async\s+)?function\s+\w+\s*\(/,
+  /^(?:pub\s+)?(?:async\s+)?fn\s+\w+[\s(<]/,
+  /^def\s+\w+[\s(|:]/,
+  /^(?:pub\s+)?func\s+\w+\s*\(/,
+  /^(?:let|let\s+rec)\s+\w+\s*[=(]/,
+  /^class\s+\w+/,
+  /^(?:proc|sub|method)\s+\w+\s*\(/,
+];
+
+function extract(src) {
+  if (!src || typeof src !== 'string') return [];
+  const results = [];
+  for (const raw of src.split('\n')) {
+    const line = raw.trim();
+    if (!line || /^[#\-]/.test(line) || /^\/\//.test(line) || line.includes('\0')) continue;
+    for (const pat of PATTERNS) {
+      if (pat.test(line)) { results.push(line.slice(0, 120)); break; }
+    }
+    if (results.length >= 15) break;
+  }
+  return results;
+}

package/src/extractors/patterns.js

@@ -0,0 +1,135 @@
+'use strict';
+
+/**
+ * Phase D: Cross-module pattern inference and architectural detection.
+ * Identifies DI patterns, service/repo layers, circular deps, type linkage, and unsafe patterns.
+ *
+ * @param {string} src - Raw source code
+ * @returns {string[]} Array of pattern signatures
+ */
+function extract(src) {
+  if (!src || typeof src !== 'string') return [];
+  const sigs = [];
+
+  // ────────────────────────────────────────────────────────────────
+  // Dependency Injection Pattern Detection
+  // ────────────────────────────────────────────────────────────────
+
+  // Service container / factory patterns
+  const containerRe = /(?:class|function|const)\s+([A-Z]\w*(?:Container|Factory|Registry|Provider|Injector))\b/g;
+  for (const m of src.matchAll(containerRe)) {
+    sigs.push(`di-container ${m[1]}`);
+  }
+
+  // Service decorators: @Injectable, @Service, @Singleton, @Provide
+  const decoratorRe = /@(?:Injectable|Service|Singleton|Provide|Module|Component)\s*(?:\([^)]*\))?\s*(?:class|export\s+class|const\s+)\s+([A-Z]\w*)/g;
+  for (const m of src.matchAll(decoratorRe)) {
+    sigs.push(`service-decorated ${m[1]}`);
+  }
+
+  // Dependency injection via constructor: constructor(private readonly ...: Service)
+  const ctorDiRe = /constructor\s*\([^)]*(?:private|protected)?\s+(?:readonly\s+)?([a-z_]\w*)\s*:\s*([A-Z]\w*)/g;
+  const diServices = new Set();
+  for (const m of src.matchAll(ctorDiRe)) {
+    diServices.add(m[1]);
+  }
+  if (diServices.size > 0) {
+    sigs.push(`di-injection ${diServices.size} params`);
+  }
+
+  // ────────────────────────────────────────────────────────────────
+  // Service/Repository/Middleware Layer Detection
+  // ────────────────────────────────────────────────────────────────
+
+  // Repository pattern: extends Repository, implements IRepository
+  const repoRe = /class\s+([A-Z]\w*(?:Repository|Repo|DataAccess))\b/g;
+  for (const m of src.matchAll(repoRe)) {
+    sigs.push(`repo ${m[1]}`);
+  }
+
+  // Service layer: @Service or ServiceImpl pattern
+  const serviceRe = /(?:export\s+)?class\s+([A-Z]\w*Service\b)/g;
+  for (const m of src.matchAll(serviceRe)) {
+    sigs.push(`service ${m[1]}`);
+  }
+
+  // Middleware detection: app.use(), router.use(), middleware function
+  if (/app\.use\s*\(|router\.use\s*\(|\.use\s*\(\s*function|middleware|app\.get\s*\(\s*['"`]\/[^'"`]*['"`]/.test(src)) {
+    sigs.push('middleware-present');
+  }
+
+  // ────────────────────────────────────────────────────────────────
+  // Type Linkage: Exported types → Implementations
+  // ────────────────────────────────────────────────────────────────
+
+  // Export type/interface followed by class implementing it
+  const exportTypeRe = /export\s+(?:type|interface)\s+([A-Z]\w*)/g;
+  const exportedTypes = new Set();
+  for (const m of src.matchAll(exportTypeRe)) {
+    exportedTypes.add(m[1]);
+  }
+
+  // Check if exported types have implementations
+  for (const type of exportedTypes) {
+    const implRe = new RegExp(`class\\s+([A-Z]\\w*)\\s+(?:extends|implements)\\s+(?:.*\\s+)?${type}\\b`, 'i');
+    if (implRe.test(src)) {
+      sigs.push(`type-impl ${type}`);
+    }
+  }
+
+  // ────────────────────────────────────────────────────────────────
+  // Unsafe Pattern Detection
+  // ────────────────────────────────────────────────────────────────
+
+  // Unchecked nulls / optional without validation
+  if (/\?\s*{|Optional\s*<|\?\s*\.get\(\)|\?\s*\[|\?\s*\.length|\.split\(\)\.filter\(Boolean\)|if\s*\(\s*!.*\).*throw/.test(src)) {
+    sigs.push('unsafe-null-check');
+  }
+
+  // Missing validation (direct use of user input)
+  const userInputRe = /(?:request|input|params|body|query|args)\s*\[\s*['"][^'"]*['"]\s*\]|req(?:uest)?\..*\s*==|params\.split|String\(.*\)\.toLowerCase/;
+  if (userInputRe.test(src)) {
+    sigs.push('unsafe-input-validation');
+  }
+
+  // Weak error handling (catch {} or empty catch)
+  if (/catch\s*\(\s*\)\s*\{|\}\s*catch\s*\{(\s*\/\/|\s*\})/.test(src)) {
+    sigs.push('weak-error-handling');
+  }
+
+  // Direct error exposure
+  if (/throw\s+new\s+Error\(|console\s*\.\s*error|res\.status\(500\)\.send\(err\)/.test(src)) {
+    sigs.push('unsafe-error-exposure');
+  }
+
+  // ────────────────────────────────────────────────────────────────
+  // Circular Dependency Hints
+  // ────────────────────────────────────────────────────────────────
+
+  // Mutual imports detected (A imports B, B imports A) — can't directly detect in single file,
+  // but we can flag suspicious patterns
+  const importRe = /(?:import|require)\s+(?:{[^}]*}|[a-zA-Z_]\w*)\s+from\s+['"]\.?\.?\/[^'"]+['"]/g;
+  const importCount = (src.match(importRe) || []).length;
+  if (importCount > 5) {
+    sigs.push(`heavy-imports ${importCount}`);
+  }
+
+  // ────────────────────────────────────────────────────────────────
+  // Layer/Module Organization Hints
+  // ────────────────────────────────────────────────────────────────
+
+  // Controller/Handler layer
+  const controllerRe = /(?:class|export)\s+([A-Z]\w*(?:Controller|Handler|Route))\b/g;
+  for (const m of src.matchAll(controllerRe)) {
+    sigs.push(`controller ${m[1]}`);
+  }
+
+  // Use case / Domain logic
+  if (/UseCase|Command|Query|UseCase\b|Interactor/.test(src)) {
+    sigs.push('domain-usecase');
+  }
+
+  return Array.from(new Set(sigs)).slice(0, 60);
+}
+
+module.exports = { extract };

package/src/extractors/python_dataclass.js

@@ -0,0 +1,77 @@
+'use strict';
+
+/**
+ * Extract Python dataclass, Pydantic model, and SQLAlchemy ORM metadata.
+ * Focuses on model fields, validation, and relationships.
+ *
+ * @param {string} src - Raw Python content
+ * @returns {string[]} Array of signature strings
+ */
+function extract(src) {
+  if (!src || typeof src !== 'string') return [];
+  const sigs = [];
+
+  // Dataclass definitions
+  const dataclassRe = /@dataclass(?:\([^)]*\))?[\s\n]+class\s+([A-Z]\w*)/g;
+  for (const m of src.matchAll(dataclassRe)) {
+    sigs.push(`dataclass ${m[1]}`);
+  }
+
+  // Pydantic BaseModel classes
+  const pydanticRe = /class\s+([A-Z]\w*)\s*\([^)]*BaseModel[^)]*\)/g;
+  for (const m of src.matchAll(pydanticRe)) {
+    sigs.push(`model ${m[1]}`);
+  }
+
+  // Pydantic v2 model_validate / field definitions
+  if (/model_validate|field_validator|computed_field/.test(src)) {
+    sigs.push('pydantic v2+');
+  }
+
+  // SQLAlchemy model classes
+  const sqlalchemyRe = /class\s+([A-Z]\w*)\s*\([^)]*(?:Base|declarative_base)[^)]*\)/g;
+  for (const m of src.matchAll(sqlalchemyRe)) {
+    sigs.push(`orm ${m[1]}`);
+  }
+
+  // Model fields with type hints (for dataclass/Pydantic)
+  const fieldRe = /^\s+([a-z_]\w*)\s*:\s*([A-Z]\w*|List|Dict|Optional|Union)[^=]*/gm;
+  const fields = new Set();
+  for (const m of src.matchAll(fieldRe)) {
+    if (fields.size < 15) fields.add(m[1]);
+  }
+  for (const f of fields) {
+    sigs.push(`field ${f}`);
+  }
+
+  // SQLAlchemy Column definitions
+  const columnRe = /([a-z_]\w*)\s*=\s*Column\s*\([^)]*\)/g;
+  for (const m of src.matchAll(columnRe)) {
+    sigs.push(`column ${m[1]}`);
+  }
+
+  // Relationships (SQLAlchemy ForeignKey, relationship)
+  const relRe = /(?:ForeignKey|relationship)\s*\(\s*['"]([a-zA-Z_]\w*)['"]/g;
+  for (const m of src.matchAll(relRe)) {
+    sigs.push(`relation ${m[1]}`);
+  }
+
+  // Validators (@validator, @field_validator)
+  const validatorRe = /@(?:validator|field_validator)\s*\(\s*['"]?([a-z_]\w*)(?:['"]|,|\s|\))/g;
+  const validators = new Set();
+  for (const m of src.matchAll(validatorRe)) {
+    validators.add(m[1]);
+  }
+  for (const v of validators) {
+    sigs.push(`validator ${v}`);
+  }
+
+  // Config class (Pydantic v1 / SQLAlchemy)
+  if (/class\s+Config\s*:/.test(src)) {
+    sigs.push('config-class');
+  }
+
+  return Array.from(new Set(sigs)).slice(0, 50);
+}
+
+module.exports = { extract };

package/src/extractors/typescript_react.js

@@ -0,0 +1,60 @@
+'use strict';
+
+/**
+ * Extract React component signatures from .tsx files.
+ * Captures component props interfaces, hooks usage, and exports.
+ *
+ * @param {string} src - Raw TypeScript/TSX content
+ * @returns {string[]} Array of signature strings
+ */
+function extract(src) {
+  if (!src || typeof src !== 'string') return [];
+  const sigs = [];
+
+  // Remove comments to simplify matching
+  const stripped = src
+    .replace(/\/\*[\s\S]*?\*\//g, '')
+    .replace(/\/\/.*$/gm, '');
+
+  // Component function declarations
+  const compRe = /(?:export\s+)?(?:const|function)\s+([A-Z]\w*)\s*(?:<[^>]*>)?\s*\(\s*(?:props|{\s*[^}]*})?/g;
+  for (const m of stripped.matchAll(compRe)) {
+    sigs.push(`component ${m[1]}`);
+  }
+
+  // Props interfaces: interface SomeProps { ... }
+  const propsRe = /interface\s+(\w*Props)\s*(?:<[^>]*>)?\s*{/g;
+  for (const m of stripped.matchAll(propsRe)) {
+    sigs.push(`props ${m[1]}`);
+  }
+
+  // React hooks (useState, useEffect, useContext, useCallback, useMemo, useReducer)
+  const hookRe = /use([A-Z]\w*)\s*(?:<[^>]*>)?\s*\(/g;
+  const hooks = new Set();
+  for (const m of stripped.matchAll(hookRe)) {
+    hooks.add(m[1]);
+  }
+  for (const h of hooks) {
+    sigs.push(`hook use${h}`);
+  }
+
+  // Import/export statements for components
+  const exportRe = /export\s+(?:const|function|default|interface|type)\s+([A-Z]\w*)/g;
+  for (const m of stripped.matchAll(exportRe)) {
+    sigs.push(`export ${m[1]}`);
+  }
+
+  // Event handler patterns: onClick, onChange, onSubmit, etc
+  const handlerRe = /on([A-Z]\w+)\s*=\s*{?\s*\(?[a-zA-Z_$]/g;
+  const handlers = new Set();
+  for (const m of stripped.matchAll(handlerRe)) {
+    handlers.add(m[1]);
+  }
+  for (const h of handlers) {
+    sigs.push(`handler on${h}`);
+  }
+
+  return Array.from(new Set(sigs)).slice(0, 50);
+}
+
+module.exports = { extract };

package/src/extractors/vue_sfc.js

@@ -0,0 +1,99 @@
+'use strict';
+
+/**
+ * Extract Vue Single-File Component (SFC) signatures from .vue files.
+ * Captures component metadata: name, props, emits, slots, composables, lifecycle.
+ *
+ * @param {string} src - Raw Vue SFC content
+ * @returns {string[]} Array of signature strings
+ */
+function extract(src) {
+  if (!src || typeof src !== 'string') return [];
+  const sigs = [];
+
+  // Extract script block (both <script> and <script setup>)
+  const scriptMatch = src.match(/<script[^>]*>([\s\S]*?)<\/script>/);
+  if (!scriptMatch) return sigs;
+  const script = scriptMatch[1];
+
+  // Component name (from export default { name: '...' })
+  const nameRe = /(?:name\s*:\s*['"`]([a-zA-Z0-9]+)['"`]|export\s+default\s+defineComponent\s*\(\s*{\s*name\s*:\s*['"`]([a-zA-Z0-9]+)['"`])/;
+  const nameMatch = script.match(nameRe);
+  if (nameMatch) {
+    sigs.push(`component ${nameMatch[1] || nameMatch[2]}`);
+  }
+
+  // Props definition
+  const propsRe = /props\s*:\s*{([^}]*)}/;
+  const propsMatch = script.match(propsRe);
+  if (propsMatch) {
+    const propLines = propsMatch[1].split(',');
+    for (const line of propLines) {
+      const propName = line.trim().match(/([a-zA-Z_$]\w*)/);
+      if (propName) sigs.push(`prop ${propName[1]}`);
+    }
+  }
+
+  // Props in composition API (defineProps)
+  const definePropsRe = /defineProps\s*(?:<([^>]+)>)?\s*\(/;
+  if (definePropsRe.test(script)) {
+    sigs.push('props composition-api');
+  }
+
+  // Emits definition
+  const emitsRe = /emits\s*:\s*\[([^\]]+)\]/;
+  const emitsMatch = script.match(emitsRe);
+  if (emitsMatch) {
+    const emitNames = emitsMatch[1].split(',').map(e => e.trim().replace(/['"`]/g, ''));
+    for (const e of emitNames) {
+      if (e) sigs.push(`emit ${e}`);
+    }
+  }
+
+  // Emits in composition API (defineEmits)
+  const defineEmitsRe = /defineEmits\s*(?:<([^>]+)>)?\s*\(/;
+  if (defineEmitsRe.test(script)) {
+    sigs.push('emits composition-api');
+  }
+
+  // Lifecycle hooks
+  const lifecycleHooks = ['setup', 'created', 'mounted', 'updated', 'unmounted'];
+  for (const hook of lifecycleHooks) {
+    if (new RegExp(`\\b${hook}\\s*\\(`).test(script)) {
+      sigs.push(`lifecycle ${hook}`);
+    }
+  }
+
+  // Composable/hooks usage (useXxx)
+  const composableRe = /(?:import|const)\s+(?:{[^}]*}|[a-zA-Z_$]\w*)\s+from\s+['"]/g;
+  if (composableRe.test(script)) {
+    const useRe = /use([A-Z]\w*)/g;
+    for (const m of script.matchAll(useRe)) {
+      sigs.push(`composable use${m[1]}`);
+    }
+  }
+
+  // Slots definition — capture from <slot name="..."> and template slots
+  const namedSlotRe = /<slot\s+name=['"]([a-zA-Z_$]\w*)['"][^>]*>/g;
+  const templateSlotRe = /<template\s+#([a-zA-Z_$]\w*)|v-slot:([a-zA-Z_$]\w*)/g;
+  const slots = new Set();
+  
+  // Named slots in template: <slot name="header">
+  for (const m of src.matchAll(namedSlotRe)) {
+    if (m[1]) slots.add(m[1]);
+  }
+  
+  // Template slots with # or v-slot
+  for (const m of src.matchAll(templateSlotRe)) {
+    const slotName = m[1] || m[2];
+    if (slotName) slots.add(slotName);
+  }
+  
+  for (const s of slots) {
+    sigs.push(`slot ${s}`);
+  }
+
+  return Array.from(new Set(sigs)).slice(0, 50);
+}
+
+module.exports = { extract };

package/src/format/llm-txt.js

@@ -0,0 +1,28 @@
+'use strict';
+const path = require('path');
+module.exports = { format, outputPath };
+
+function outputPath(cwd) { return path.join(cwd, 'llm.txt'); }
+
+function format(context, cwd, version) {
+  const name  = context.projectName || path.basename(cwd);
+  const langs = [...new Set((context.fileEntries || []).map(f => f.language).filter(Boolean))];
+  const mods  = context.srcDirs || [];
+
+  return [
+    `# Project: ${name}`,
+    `Languages: ${langs.join(', ') || 'unknown'}`,
+    `Root: ${mods[0] || 'src/'}`,
+    '',
+    '## Modules',
+    ...mods.map(m => `- ${m}/`),
+    '',
+    '## Key flows',
+    '- <!-- describe your main user flows here -->',
+    '',
+    '## Rules',
+    '- <!-- describe your team conventions here -->',
+    '',
+    `Generated: ${new Date().toISOString()} | SigMap v${version}`,
+  ].join('\n');
+}

package/src/format/llms-txt.js

@@ -0,0 +1,70 @@
+'use strict';
+const path = require('path');
+const fs   = require('fs');
+const { execSync } = require('child_process');
+module.exports = { format, outputPath };
+
+function outputPath(cwd) { return path.join(cwd, 'llms.txt'); }
+
+function getShortCommit(cwd) {
+  try { return execSync('git rev-parse --short HEAD', { cwd, timeout: 2000 }).toString().trim(); }
+  catch (_) { return ''; }
+}
+
+function detectVersion(cwd) {
+  try {
+    const pkg = path.join(cwd, 'package.json');
+    if (fs.existsSync(pkg)) return JSON.parse(fs.readFileSync(pkg, 'utf8')).version || '';
+  } catch (_) {}
+  return '';
+}
+
+function format(context, cwd, writtenFiles, sigmapVersion) {
+  writtenFiles  = writtenFiles  || [];
+  sigmapVersion = sigmapVersion || '';
+
+  const name   = context.projectName || path.basename(cwd);
+  const ver    = detectVersion(cwd);
+  const commit = getShortCommit(cwd);
+  const langs  = [...new Set((context.fileEntries || []).map(f => f.language).filter(Boolean))];
+
+  const lines = [
+    '# SigMap Context Index',
+    `> Generated by SigMap v${sigmapVersion} — zero-dependency AI context engine`,
+    '',
+    '## Project',
+    `- Name: ${name}`,
+  ];
+  if (ver)          lines.push(`- Version: ${ver}`);
+  if (langs.length) lines.push(`- Language: ${langs.join(', ')}`);
+  if (commit)       lines.push(`- Commit: ${commit}`);
+
+  if (writtenFiles.length) {
+    lines.push('', '## Context Files');
+    for (const f of writtenFiles) {
+      const rel   = path.relative(cwd, f.path);
+      const extra = f.tokens ? `: ${f.tokens} tokens` : '';
+      lines.push(`- [${f.label || rel}](${rel})${extra}`);
+    }
+  }
+
+  const mods = context.srcDirs || [];
+  if (mods.length) {
+    lines.push('', '## Source Modules');
+    for (const m of mods) lines.push(`- [${m}/](${m}/)`);
+  }
+
+  const top5 = (context.fileEntries || [])
+    .sort((a, b) => (b.sigs || []).length - (a.sigs || []).length)
+    .slice(0, 5);
+  if (top5.length) {
+    lines.push('', '## Key Files');
+    for (const f of top5) {
+      const rel     = path.relative(cwd, f.filePath);
+      const preview = (f.sigs || []).slice(0, 3).join(', ');
+      lines.push(`- ${rel}: ${preview}`);
+    }
+  }
+
+  return lines.join('\n');
+}

package/src/mcp/server.js

@@ -18,7 +18,7 @@ const { readContext, searchSignatures, getMap, createCheckpoint, getRouting, exp
 
 const SERVER_INFO = {
   name: 'sigmap',
-  version: '3.4.0',
+  version: '3.5.0',
   description: 'SigMap MCP server — code signatures on demand',
 };