tokentrace 0.11.0 → 0.12.1

package/CHANGELOG.md

@@ -4,6 +4,55 @@ All notable changes to TokenTrace are documented here.
 
 ## Unreleased
 
+## [0.12.1] - 2026-05-19
+
+### Fixed
+
+- Public docs, CLI help, package runtime output, and agent-readable release status now describe shipped TokenTrace behavior only.
+- Future-version roadmap labels no longer appear in public package surfaces.
+
+## [0.12.0] - 2026-05-19
+
+### Added
+
+- Local Sources & Trust release bundle covering native local ingestion, evidence packs, scan scheduling, scoped guardrails, import-profile preview, saved reports, operating metadata export, and agent-readable release status.
+- Native structured usage log ingestion for local wrappers and team JSONL/NDJSON logs with session, model, token, and source-cost fields.
+- Native Cursor-style chat/composer export ingestion with local source evidence and no raw prompt storage by default.
+- Source Catalog and Source Coverage in Scan Health so users can distinguish native, profile-assisted, fallback, and unsupported local files.
+- Privacy-safe Evidence Packs exported as JSON or Markdown with totals, confidence drivers, source files, parser notes, model-rate state, repair links, and an explicit redaction manifest.
+- Local scan scheduling settings for manual-only, on-open, hourly, and daily scans, plus scan-history retention and last scheduled scan status.
+- Scoped project/model/tool guardrails with per-guardrail warning thresholds and anomaly notes.
+- Import Profile preview for sampling a local file, checking parser fit, reviewing detected fields, and applying recommended matchers without exposing raw content.
+- Saved report definitions and export endpoints for weekly usage, high-cost sessions, unknown-cost repair, confidence trends, guardrail status, and source coverage in Markdown, JSON, and CSV.
+- Operating metadata export for settings, source catalog, schedules, guardrails, report definitions, and roadmap status without raw usage records.
+- Agent-readable release status with implemented cards, action recipes, evidence paths, verification gates, and release status.
+
+### Changed
+
+- Settings now includes Scan Scheduling, Scoped Guardrails, Import Profile preview, and Local Exports.
+- Evidence pages now offer one-click JSON and Markdown evidence-pack exports.
+- Evidence remains a contextual drill-down from Overview, Sessions, Repair, and exports, with direct-entry guidance for users who open `/evidence` manually.
+- Scan, setup, guardrail, package-trust, folder, import-profile, and export CTAs now deep-link to the exact Settings section instead of dropping users at the top of Settings.
+- Settings scan feedback now reports files checked, records imported, warnings, errors, recalculated costs, unknown cost, stale support imports, model aliases, and next-step links to Scan Health, Repair, Discovery, and Model Rates.
+- Browser-triggered Scan now responses now return compact warning/error previews with full counts, keeping large duplicate-file scans from shipping megabytes of warning text back to the UI.
+- Settings now has sticky section navigation, and Scan Controls shows a persisted Last scan result from local scan history after reload.
+- Overview now includes a compact Last verified trust strip near the accounting totals for latest scan, package IOC, model-rate coverage, and evidence-pack availability.
+- Evidence pages now include opened-from breadcrumbs, safe return behavior, and explicit Export JSON pack / Export Markdown pack actions.
+- Route transitions now show a subtle top loading bar, and route loading states explain what is happening plus the next useful action.
+- Scan and evidence follow-up actions now consistently use Scan now, Open Scan Health, Open repair, Set model rate, View evidence, and Export pack language.
+- Period filters stay attached to the current page, preserve Evidence context, and keep desktop controls in one compact row while retaining horizontal scrolling for narrow widths.
+- Chart cards now show lightweight loading placeholders during client hydration instead of appearing blank while Recharts initializes.
+- Session Explorer now paginates large local result sets to keep dense session tables responsive.
+- Repair now opens as a capped workbench of the top visible unknown-cost groups, while keeping full summary counts and focused repair links for deep review.
+- Roadmap CLI/API now report the 0.12.0 release contract, implemented cards, action recipes, evidence paths, verification gates, and release status.
+
+### Fixed
+
+- Overview, Evidence, and Settings now avoid full raw-row scans and oversized scan-health payloads on large local databases by using covering indexes, scoped scan-file reads, and a summary session path on Overview.
+- Repair no longer serializes the entire unknown-cost queue on first load and uses a dedicated cost-repair index for large local databases.
+- Scan Health no longer loads all scan-file evidence and full session details just to render summary panels.
+- Overview no longer blocks initial render on due scheduled scans, so opening localhost does not wait for scan work before showing the dashboard.
+
 ## [0.11.0] - 2026-05-18
 
 ### Added
@@ -253,7 +302,7 @@ All notable changes to TokenTrace are documented here.
 ### Added
 
 - Visible running TokenTrace version in the desktop sidebar, mobile header, and Settings.
-- 0.4.0 roadmap and release checklist documenting internal milestones without intermediate public releases.
+- 0.4.0 roadmap and release checklist for maintainer-approved public releases.
 - `tokentrace doctor --json` plus a shared Doctor report model for scan health and repair recommendations.
 - Bundled parser provenance metadata on imported scan files, including parser id, display name, source, and version.
 - Unknown-cost repair queue on Overview, grouped by cause, model, tool, source file, and repair path.

package/README.md

@@ -10,7 +10,7 @@ TokenTrace is designed for local development machines first, with macOS-oriented
 
 [Website](https://www.abhiyoheswaran.com/apps/tokentrace) · [Source](https://github.com/abhiyoheswaran1/tokentrace)
 
-![TokenTrace overview dashboard](docs/assets/overview-0.10.0.png)
+![TokenTrace overview dashboard](docs/assets/overview-0.12.0.png)
 
 ## Start In Seconds
 
@@ -40,7 +40,7 @@ tokentrace agent --json # Print machine-readable agent discovery manifest
 tokentrace capabilities --json
                         # Alias for agent discovery manifest
 tokentrace roadmap --json
-                        # Print Accuracy & Evidence release implementation status
+                        # Print release status handoff
 tokentrace scan         # Scan local AI CLI usage logs
 tokentrace doctor --json
                         # Inspect scan health and repair recommendations
@@ -114,7 +114,7 @@ curl http://127.0.0.1:3030/api/agent
 curl http://127.0.0.1:3030/api/capabilities
 ```
 
-The Accuracy & Evidence release status is also machine-readable:
+The Local Sources & Trust release handoff is also machine-readable:
 
 ```bash
 tokentrace roadmap --json
@@ -154,9 +154,33 @@ npm run security:ioc
 npm run smoke:packed
                     # Inspect packed tarball and smoke test packed CLI
 tokentrace roadmap --json
-                    # Inspect evidence gates and release status
+                    # Inspect roadmap handoff, action recipes, and release status
 ```
 
+## Local Sources And Trust
+
+TokenTrace 0.12.0 bundles local source expansion, evidence exports, scan
+scheduling, scoped guardrails, parser profile preview, saved reports, and
+agent-readable release status.
+
+New trust surfaces include:
+
+- native structured usage log and Cursor-style chat export ingestion
+- Source Coverage in Scan Health for native, profile-assisted, fallback, and
+  unsupported files
+- privacy-safe Evidence Packs as JSON or Markdown
+- local scan scheduling: manual, on-open, hourly, or daily
+- project/model/tool scoped guardrails with warning thresholds
+- Import Profile preview before saving matchers
+- saved report exports for weekly usage, source coverage, guardrails, unknown
+  cost, high-cost sessions, and confidence trends
+- operating metadata export without raw usage records
+
+The 0.12.0 dashboard also tightens the daily operator path: setup buttons now
+open the exact Settings section, scan results show what changed and where to go
+next, and Evidence explains when it is being opened as a contextual drill-down
+rather than a sidebar destination.
+
 ## Accuracy And Evidence
 
 TokenTrace labels the trust level behind imported numbers:
@@ -171,9 +195,9 @@ The dashboard surfaces a Data Confidence score on Overview, Projects, Sessions,
 and Session Timeline pages. Scan Health also includes a supply-chain IOC check
 so package trust is visible in the product, not only in release scripts.
 
-Release work uses internal milestone commits until the next public minor
-release. See [docs/RELEASE_CHECKLIST.md](docs/RELEASE_CHECKLIST.md) before
-bumping versions, tagging, creating GitHub releases, or publishing npm.
+Public releases require maintainer approval. See
+[docs/RELEASE_CHECKLIST.md](docs/RELEASE_CHECKLIST.md) before bumping versions,
+tagging, creating GitHub releases, or publishing npm.
 
 In local development, the SQLite database defaults to `.tokentrace/tokentrace.db`. Override it with:
 
@@ -302,13 +326,13 @@ Codex CLI status-line integration is intentionally deferred until its status-lin
 
 Dashboard views:
 
-![TokenTrace overview dashboard](docs/assets/overview-0.10.0.png)
+![TokenTrace overview dashboard](docs/assets/overview-0.12.0.png)
 
-![TokenTrace processed tokens evidence trail](docs/assets/evidence-0.10.0.png)
+![TokenTrace processed tokens evidence trail](docs/assets/evidence-0.12.0.png)
 
-![TokenTrace unknown cost repair queue](docs/assets/repair-0.10.0.png)
+![TokenTrace unknown cost repair queue](docs/assets/repair-0.12.0.png)
 
-![TokenTrace Scan Health parser review](docs/assets/scan-health-0.10.0.png)
+![TokenTrace Scan Health parser review](docs/assets/scan-health-0.12.0.png)
 
 CLI startup and help:
 
@@ -388,6 +412,9 @@ Adapters live under `src/ingestion/adapters/`:
 
 - `claude-code.ts`
 - `codex-cli.ts`
+- `structured-usage-log.ts`
+- `cursor-chat.ts`
+- `sqlite-history.ts`
 - `generic-jsonl.ts`
 - `generic-json.ts`
 - `generic-log.ts`
@@ -402,6 +429,9 @@ TokenTrace keeps a visible support contract so daily scans are easier to trust:
 | --- | --- | --- |
 | Claude Code project transcripts | Stable | Primary local CLI ingestion source. |
 | Codex CLI session artifacts | Best-effort | Parsed defensively while CLI formats evolve. |
+| Structured usage JSONL/NDJSON | Stable | Local wrapper and team logs with session, model, token, and source-cost fields. |
+| Cursor-style chat exports | Best-effort | Imports local editor chat/composer exports without storing raw prompt text by default. |
+| Usage-shaped SQLite histories | Best-effort | Reads local databases that expose session, model, token, or cost-like columns. |
 | Generic JSONL, JSON, and text logs | Best-effort | Conservative usage-shaped records only. |
 | Claude/Codex cache, plugin, todo, config, and support files | Ignored | Tracked as non-usage files, not parser failures. |
 | Editable model pricing | Stable | Local pricing rows drive costs and unknown-cost repair queues. |
@@ -426,8 +456,8 @@ Contributions are welcome. See [CONTRIBUTING.md](CONTRIBUTING.md) for local setu
 ## Known Limitations
 
 - Claude Code and Codex CLI log formats are inferred defensively and may need refinement with real sample logs.
-- Token estimation uses a simple conservative `characters / 4` approximation.
-- SQLite log ingestion is not implemented yet, though the adapter boundary is ready for it.
+- Tokenizer-backed estimates are available for recognized OpenAI/Codex and Claude-family model names. Unrecognized text-only records still fall back to a conservative simple estimate.
+- SQLite-history ingestion expects usage-shaped local tables and skips arbitrary databases that do not expose session, model, token, or cost-like fields.
 - Seed prices are editable and should be verified manually for your account, region, and provider plan.
 
 ## License
@@ -436,7 +466,7 @@ Open source by [Abhi Yoheswaran](https://www.abhiyoheswaran.com). Released under
 
 ## Next Improvements
 
-- Add tokenizer-backed estimates per provider/model.
-- Add native SQLite-history adapters for tools that store usage in local databases.
-- Add richer drilldowns for individual sessions and tool calls.
-- Add import profiles for teams that use shared local log conventions.
+- Expand first-class native adapters for more local AI tools and editor histories.
+- Add provider-specific tokenizer refinements where public tokenizer behavior is stable enough to label clearly.
+- Make Import Profile preview more interactive for teams with custom wrapper logs.
+- Stream scan progress into the UI for very large local folders.

package/TOKENTRACE_AGENT.md

@@ -26,9 +26,9 @@ curl http://127.0.0.1:3030/api/agent
 curl http://127.0.0.1:3030/api/capabilities
 ```
 
-## Roadmap Status
+## Release Status
 
-Inspect the current 0.10.0 implementation pipeline and release blockers:
+Inspect the current release handoff, action recipes, and release status:
 
 ```bash
 tokentrace roadmap --json

package/app/api/evidence-pack/route.ts

@@ -0,0 +1,64 @@
+import { NextResponse } from "next/server";
+import { getAnalyticsData } from "@/src/lib/analytics";
+import { buildEvidencePack, renderEvidencePackMarkdown } from "@/src/lib/evidence-pack";
+import { buildEvidenceTrail, parseEvidenceMetric } from "@/src/lib/evidence-trail";
+
+export const dynamic = "force-dynamic";
+
+export async function GET(request: Request) {
+  const url = new URL(request.url);
+  const format = url.searchParams.get("format") === "markdown" ? "markdown" : "json";
+  const metric = parseEvidenceMetric(url.searchParams.get("metric"));
+  const trail = buildEvidenceTrail({ metric });
+  const analytics = getAnalyticsData();
+  const pack = buildEvidencePack({
+    scope: {
+      type: "metric",
+      id: metric,
+      label: trail.title
+    },
+    totals: trail.totals,
+    confidenceDrivers: [
+      `${trail.confidence.exact.toLocaleString()} exact interactions`,
+      `${trail.confidence.estimated.toLocaleString()} estimated interactions`,
+      `${trail.confidence.unknown.toLocaleString()} unknown interactions`,
+      `Data confidence ${analytics.dataConfidence.score}/100`
+    ],
+    sourceFiles: trail.sourceFiles.map((source) => source.sourceFile),
+    parserNotes: trail.sessions
+      .map((session) => `${session.parser ?? "unknown parser"}: ${session.parserStatus ?? "unknown status"}`)
+      .slice(0, 20),
+    modelRateState: trail.sessions
+      .map((session) =>
+        session.pricingHref ? `${session.model}: model-rate link available` : `${session.model}: no model-rate link`
+      )
+      .slice(0, 20),
+    repairLinks: trail.sessions
+      .filter((session) => session.unknownCostInteractions > 0)
+      .map((session) => `/repair?source=${encodeURIComponent(session.sourceFile)}`),
+    records: trail.sessions.map((session) => ({
+      id: session.id,
+      role: "session",
+      model: session.model,
+      sourceFile: session.sourceFile,
+      totalTokens: session.totalTokens,
+      cost: session.cost,
+      interactions: session.interactions
+    }))
+  });
+
+  if (format === "markdown") {
+    return new NextResponse(renderEvidencePackMarkdown(pack), {
+      headers: {
+        "content-type": "text/markdown; charset=utf-8",
+        "content-disposition": `attachment; filename="tokentrace-${metric}-evidence.md"`
+      }
+    });
+  }
+
+  return NextResponse.json(pack, {
+    headers: {
+      "content-disposition": `attachment; filename="tokentrace-${metric}-evidence.json"`
+    }
+  });
+}

package/app/api/import-profile-preview/route.ts

@@ -0,0 +1,26 @@
+import { NextResponse } from "next/server";
+import { readJsonObject } from "@/src/lib/api-json";
+import { buildImportProfilePreview } from "@/src/lib/import-profile-preview";
+
+export const dynamic = "force-dynamic";
+
+export async function POST(request: Request) {
+  const parsed = await readJsonObject(request);
+  if (!parsed.ok) return NextResponse.json({ error: parsed.error }, { status: 400 });
+  const filePath = parsed.body.filePath;
+  if (typeof filePath !== "string" || !filePath.trim()) {
+    return NextResponse.json({ error: "filePath is required." }, { status: 400 });
+  }
+  try {
+    const preview = await buildImportProfilePreview({
+      filePath: filePath.trim(),
+      storeRawMessageContent: parsed.body.storeRawMessageContent === true
+    });
+    return NextResponse.json(preview);
+  } catch (error) {
+    return NextResponse.json(
+      { error: error instanceof Error ? error.message : "Preview failed." },
+      { status: 400 }
+    );
+  }
+}

package/app/api/operating-metadata/route.ts

@@ -0,0 +1,13 @@
+import { NextResponse } from "next/server";
+import { getAppVersion } from "@/src/lib/app-version";
+import { buildOperatingMetadata } from "@/src/lib/operating-metadata";
+
+export const dynamic = "force-dynamic";
+
+export async function GET() {
+  return NextResponse.json(buildOperatingMetadata(getAppVersion()), {
+    headers: {
+      "content-disposition": "attachment; filename=\"tokentrace-operating-metadata.json\""
+    }
+  });
+}

package/app/api/reports/route.ts

@@ -0,0 +1,72 @@
+import { NextResponse } from "next/server";
+import { getAnalyticsData, getScanTrustData } from "@/src/lib/analytics";
+import { buildSourceCatalog, summarizeSourceCoverage } from "@/src/lib/source-catalog";
+import { buildSavedReportDefinitions, renderSavedReport, type SavedReportFormat } from "@/src/lib/saved-reports";
+
+export const dynamic = "force-dynamic";
+
+function reportRows(definitionId: string) {
+  const analytics = getAnalyticsData();
+  const trust = getScanTrustData();
+  const sourceCoverage = summarizeSourceCoverage(trust.scanFiles);
+  if (definitionId === "source-coverage") {
+    return [
+      { label: "Native files", value: sourceCoverage.nativeFiles.toLocaleString(), detail: "First-class adapters" },
+      { label: "Profile-assisted files", value: sourceCoverage.profileAssistedFiles.toLocaleString(), detail: "Import profile or generic parser" },
+      { label: "Fallback files", value: sourceCoverage.fallbackFiles.toLocaleString(), detail: "Low-confidence text or generic fallback" },
+      { label: "Imported records", value: sourceCoverage.importedRecords.toLocaleString(), detail: "Records imported from scan files" }
+    ];
+  }
+  if (definitionId === "guardrail-status") {
+    return [
+      { label: "Cost guardrail", value: analytics.usageGuardrails.cost.status, detail: `${analytics.usageGuardrails.cost.used.toFixed(2)} used` },
+      { label: "Token guardrail", value: analytics.usageGuardrails.tokens.status, detail: `${analytics.usageGuardrails.tokens.used.toLocaleString()} tokens used` },
+      { label: "Scoped guardrails", value: analytics.usageGuardrails.scoped.length.toLocaleString(), detail: "Project/model/tool limits" },
+      { label: "Anomalies", value: analytics.usageGuardrails.anomalies.length.toLocaleString(), detail: "Warning or exceeded scoped guardrails" }
+    ];
+  }
+  return [
+    { label: "Tokens", value: analytics.summary.totalTokens.toLocaleString(), detail: "Selected local data" },
+    { label: "Cost", value: `$${analytics.summary.totalCost.toFixed(2)}`, detail: "Provider estimate or source cost" },
+    { label: "Sessions", value: analytics.summary.sessions.toLocaleString(), detail: "Imported sessions" },
+    { label: "Unknown cost", value: analytics.summary.unknownCostInteractions.toLocaleString(), detail: "Repair queue candidates" },
+    { label: "Source catalog", value: buildSourceCatalog().entries.length.toLocaleString(), detail: "Known import paths" }
+  ];
+}
+
+export async function GET(request: Request) {
+  const url = new URL(request.url);
+  const definitions = buildSavedReportDefinitions();
+  const definitionId = url.searchParams.get("type") ?? "weekly-usage";
+  const definition = definitions.find((item) => item.id === definitionId);
+  if (!definition) return NextResponse.json({ error: "Unknown report type." }, { status: 400 });
+  const format = (url.searchParams.get("format") ?? "json") as SavedReportFormat;
+  if (!definition.formats.includes(format)) {
+    return NextResponse.json({ error: "Unsupported report format." }, { status: 400 });
+  }
+  const rendered = renderSavedReport({
+    definitionId,
+    format,
+    generatedAt: new Date().toISOString(),
+    rows: reportRows(definitionId)
+  });
+  if (format === "json") {
+    return new NextResponse(rendered, {
+      headers: { "content-type": "application/json; charset=utf-8" }
+    });
+  }
+  if (format === "csv") {
+    return new NextResponse(rendered, {
+      headers: {
+        "content-type": "text/csv; charset=utf-8",
+        "content-disposition": `attachment; filename="tokentrace-${definitionId}.csv"`
+      }
+    });
+  }
+  return new NextResponse(rendered, {
+    headers: {
+      "content-type": "text/markdown; charset=utf-8",
+      "content-disposition": `attachment; filename="tokentrace-${definitionId}.md"`
+    }
+  });
+}

package/app/api/scan/route.ts

@@ -23,5 +23,16 @@ export async function POST(request: Request) {
     folders: stringList(body.folders),
     force: jsonBooleanFlag(body.force)
   });
+  if (jsonBooleanFlag(body.compact)) {
+    const warnings = Array.isArray(result.warnings) ? result.warnings : [];
+    const errors = Array.isArray(result.errors) ? result.errors : [];
+    return NextResponse.json({
+      ...result,
+      warningCount: warnings.length,
+      errorCount: errors.length,
+      warnings: warnings.slice(0, 25),
+      errors: errors.slice(0, 25)
+    });
+  }
   return NextResponse.json(result);
 }

package/app/api/settings/route.ts

@@ -3,6 +3,7 @@ import { getDatabasePath } from "@/src/db/client";
 import { getAppSettings, normalizeUsageGuardrails, saveAppSettings } from "@/src/db/settings";
 import { jsonBooleanFlag, readJsonObject } from "@/src/lib/api-json";
 import { normalizeImportProfiles } from "@/src/lib/import-profiles";
+import { normalizeScanSchedule } from "@/src/lib/scan-schedule";
 
 export const dynamic = "force-dynamic";
 
@@ -29,7 +30,8 @@ export async function PUT(request: Request) {
     customFolders,
     storeRawMessageContent: jsonBooleanFlag(body.storeRawMessageContent),
     usageGuardrails: normalizeUsageGuardrails(body.usageGuardrails),
-    importProfiles: normalizeImportProfiles(body.importProfiles)
+    importProfiles: normalizeImportProfiles(body.importProfiles),
+    scanSchedule: normalizeScanSchedule(body.scanSchedule)
   });
 
   return NextResponse.json(saved);

package/app/diagnostics/page.tsx

@@ -11,6 +11,7 @@ import { buildScanHealth } from "@/src/lib/scan-health";
 import { getDefaultSearchRoots } from "@/src/ingestion/discovery";
 import { formatDate } from "@/src/lib/format";
 import { getSupplyChainHealth } from "@/src/lib/supply-chain-health";
+import { buildSourceCatalog, summarizeSourceCoverage } from "@/src/lib/source-catalog";
 
 export const dynamic = "force-dynamic";
 
@@ -462,8 +463,63 @@ function ScanHistoryPanel({ scanRuns }: { scanRuns: DebugScanRun[] }) {
   );
 }
 
+function SourceCoveragePanel({ scanFiles }: { scanFiles: ReturnType<typeof getScanTrustData>["scanFiles"] }) {
+  const catalog = buildSourceCatalog();
+  const coverage = summarizeSourceCoverage(scanFiles);
+  const summary = [
+    ["Native", coverage.nativeFiles],
+    ["Profile-assisted", coverage.profileAssistedFiles],
+    ["Fallback", coverage.fallbackFiles],
+    ["Unsupported", coverage.unsupportedFiles]
+  ];
+
+  return (
+    <Card>
+      <CardHeader className="flex flex-col gap-3 sm:flex-row sm:items-start sm:justify-between">
+        <div>
+          <CardTitle>Source Coverage</CardTitle>
+          <CardDescription>
+            Import support is grouped by native adapters, profile-assisted parsers, fallback parsers, and unsupported files.
+          </CardDescription>
+        </div>
+        <Link href="/api/reports?type=source-coverage&format=markdown" className="text-sm font-medium text-primary underline-offset-4 hover:underline">
+          Export source report
+        </Link>
+      </CardHeader>
+      <CardContent className="space-y-4">
+        <div className="grid border-y sm:grid-cols-2 lg:grid-cols-4">
+          {summary.map(([label, value]) => (
+            <div key={label} className="p-3">
+              <FieldLabel>{label}</FieldLabel>
+              <DataValue className="mt-1" size="md">{Number(value).toLocaleString()}</DataValue>
+            </div>
+          ))}
+        </div>
+        <div className="grid gap-2 lg:grid-cols-2">
+          {catalog.entries.map((entry) => (
+            <div key={entry.id} className="rounded-md border p-3">
+              <div className="flex flex-wrap items-center gap-2">
+                <div className="text-sm font-semibold">{entry.label}</div>
+                <Badge variant={entry.tier === "native" ? "success" : entry.tier === "profile-assisted" ? "warning" : "secondary"}>
+                  {entry.tier}
+                </Badge>
+              </div>
+              <p className="mt-1 text-xs leading-relaxed text-muted-foreground">{entry.description}</p>
+              <div className="mt-2 flex flex-wrap gap-1">
+                {entry.matchers.map((matcher) => (
+                  <code key={matcher} className="rounded bg-muted px-1.5 py-0.5 text-xs">{matcher}</code>
+                ))}
+              </div>
+            </div>
+          ))}
+        </div>
+      </CardContent>
+    </Card>
+  );
+}
+
 export default async function DiagnosticsPage() {
-  const baseData = getScanTrustData();
+  const baseData = getScanTrustData({}, { scanFileScope: "recent" });
   const supplyChain = getSupplyChainHealth();
   const data = {
     ...baseData,
@@ -474,7 +530,7 @@ export default async function DiagnosticsPage() {
       supplyChain
     })
   };
-  const analytics = getAnalyticsData();
+  const analytics = getAnalyticsData({}, { scanFileScope: "none", sessionDetail: "summary" });
   const roots = await getDefaultSearchRoots();
   const doctorReport = buildDoctorReport({
     ...data,
@@ -519,6 +575,8 @@ export default async function DiagnosticsPage() {
 
       <ScanHistoryPanel scanRuns={data.scanRuns} />
 
+      <SourceCoveragePanel scanFiles={data.scanFiles} />
+
       <ScanHealthSummary health={data.health} />
 
       <div className="grid gap-4 md:grid-cols-3">

package/app/discovery/page.tsx

@@ -58,7 +58,7 @@ export default function DiscoveryPage() {
           title="No files discovered yet"
           description="Run a scan from Settings to populate Discovery. If expected folders are missing, add them in Settings."
           actions={[
-            { label: "Add folder", href: "/settings", variant: "outline" }
+            { label: "Add folder", href: "/settings#custom-folders", variant: "outline" }
           ]}
         >
           <ScanNowButton size="sm" />