PyPI - sourcecode - Versions diffs - 1.30.3__py3-none-any.whl → 1.30.4__py3-none-any.whl - Mend

sourcecode 1.30.3py3-none-any.whl → 1.30.4py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

sourcecode/__init__.py CHANGED Viewed

@@ -1,3 +1,3 @@
 """sourcecode — Deterministic codebase context maps for AI coding agents."""
-__version__ = "1.30.3"
+__version__ = "1.30.4"

sourcecode/cli.py CHANGED Viewed

@@ -1633,7 +1633,7 @@ def prepare_context_cmd(
       refactor       Structural issues, improvement opportunities
       generate-tests Untested source files, test gap analysis
       onboard        Full project context for new agents/developers
-      review-pr      PR diff: changed files, security/transactional impact, test gaps (requires git diff or --since)
+      review-pr      PR diff: execution paths with per-step runtime signals, security/transactional impact, test gaps (requires git diff or --since)
       delta          Incremental context: git-changed files only
     \b

{sourcecode-1.30.3.dist-info → sourcecode-1.30.4.dist-info}/METADATA RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: sourcecode
-Version: 1.30.3
+Version: 1.30.4
 Summary: Deterministic codebase context for AI coding agents
 License:                                  Apache License
                                    Version 2.0, January 2004
@@ -219,9 +219,9 @@ Description-Content-Type: text/markdown
 # sourcecode
-**Compressed AI-ready context for Java/Spring enterprise codebases.**
+**Deterministic, behavior-aware codebase context for AI agents and PR review.**
-![Version](https://img.shields.io/badge/version-1.30.3-blue)
+![Version](https://img.shields.io/badge/version-1.30.4-blue)
 ![Python](https://img.shields.io/badge/python-3.10%2B-green)
 ---
@@ -230,6 +230,8 @@ Description-Content-Type: text/markdown
 `sourcecode` analyzes a repository and produces structured JSON or YAML designed to be fed directly to AI agents or language models. It solves the "stuff the whole repo into the prompt" problem by extracting a deterministic, high-signal summary: stack detection, entry points, dependencies, git hotspots, inline annotations, and confidence metadata.
+For PR review specifically, `sourcecode` extracts **execution paths**: ordered chains from entry point through service to data access, with runtime signals (auth guards, cache short-circuits, async execution) anchored to the specific step where they affect behavior. A reviewer sees _what the system does_ under this change, not just which files changed.
 Optimized for Java/Spring Boot monorepos. Works on any codebase.
 ---
@@ -255,7 +257,7 @@ pipx install sourcecode
 ```bash
 sourcecode version
-# sourcecode 1.30.3
+# sourcecode 1.30.4
 ```
 ---
@@ -342,7 +344,7 @@ sourcecode prepare-context TASK [PATH] [OPTIONS]
 | `fix-bug` | Files ranked by risk (annotations, churn, uncommitted changes), suspected areas | Debugging session |
 | `refactor` | Structural problems, improvement opportunities, high-annotation files | Code quality review |
 | `generate-tests` | Source files without test pairs, coverage gap analysis | Writing missing tests |
-| `review-pr` | Uncommitted/changed files + architectural impact | Pre-merge review |
+| `review-pr` | Execution paths with per-step runtime signals, security/transactional impact, test coverage gaps | Pre-merge behavior review |
 | `delta` | Changed files with multi-hop impact analysis, structural import graph, system-level impact summary | Incremental CI/review context |
 ### Options
@@ -423,6 +425,80 @@ sourcecode prepare-context delta . --since main
 ---
+## `review-pr` — behavior-aware PR analysis
+Extracts **execution paths**: ordered chains from entry point through service to data access layer, with runtime signals anchored to the specific step where they affect behavior.
+```bash
+sourcecode prepare-context review-pr [PATH] --since REF
+# or against uncommitted working-tree changes:
+sourcecode prepare-context review-pr
+```
+**`execution_paths` schema:**
+```json
+{
+  "execution_paths": [
+    {
+      "name": "Order",
+      "entry_point": {
+        "step": "OrderController.createOrder",
+        "notes": ["condition: authorization check present (@PreAuthorize / @Secured)"]
+      },
+      "path": [
+        {
+          "step": "ShippingService.process",
+          "notes": [
+            "branch: Spring cache may short-circuit downstream call",
+            "async: runs in separate thread (@Async)"
+          ]
+        },
+        {
+          "step": "OrderRepository.save",
+          "notes": []
+        }
+      ],
+      "end_state": "DB write"
+    }
+  ]
+}
+```
+**Path rules:**
+- One path per changed entry point — most-evident downstream call, not all branches
+- Each step requires direct code evidence: field injection, constructor param, method call, or type annotation
+- `notes` are scanned from that step's own source file — no cross-contamination between steps
+- Path terminates where evidence ends; no gap-filling by naming convention or module similarity
+**Runtime signals detected per step:**
+| Signal | Example code | Note emitted |
+|--------|-------------|--------------|
+| Auth guard | `@PreAuthorize`, `@Secured`, `isAuthenticated()` | `condition: authorization check present` |
+| Feature flag | `featureFlag.isEnabled()`, `FeatureToggle` | `condition: feature flag gates execution` |
+| Null/empty guard | `if (x == null) return` | `condition: null/empty guard with early return` |
+| Spring cache | `@Cacheable`, `@CacheEvict` | `branch: Spring cache may short-circuit downstream call` |
+| Optional absence | `Optional<>`, `.orElseThrow()` | `branch: result may be absent (Optional)` |
+| Async thread | `@Async`, `CompletableFuture` | `async: runs in separate thread (@Async)` |
+| Event publishing | `publishEvent()`, `applicationEventPublisher` | `async: Spring application event emitted` |
+| Kafka | `kafkaTemplate.send()` | `async: Kafka message produced` |
+| RabbitMQ | `rabbitTemplate.send()` | `async: RabbitMQ message sent` |
+**Other `review-pr` output fields:**
+| Field | Description |
+|-------|-------------|
+| `review_hotspots` | Top changed files ranked by impact score |
+| `suggested_review_order` | Security → API → Service → Persistence → Config |
+| `security_impact` | Changed files touching the security surface |
+| `transactional_impact` | Files crossing transaction boundaries |
+| `test_coverage_risk` | Changed source files with no corresponding test |
+| `affected_modules` | DDD domain modules touched by the change |
+---
 ## Output schema
 All outputs include a `confidence_summary` block with `overall`, `stack`, and `entry_points` confidence levels (`high` / `medium` / `low`), plus an `analysis_gaps` list describing what could not be analyzed and why.

{sourcecode-1.30.3.dist-info → sourcecode-1.30.4.dist-info}/RECORD RENAMED Viewed

@@ -1,10 +1,10 @@
-sourcecode/__init__.py,sha256=-XnZSXqbIRcUIKNtWBLAQ6cwMcD89-xaPDnUh3sXSUE,103
+sourcecode/__init__.py,sha256=lum_KRetZZierS82OkkxkHcbIkjAw1eYUAQiiRzOrX8,103
 sourcecode/adaptive_scanner.py,sha256=RTNExwWPXzjgLaRueT7UuxkPj5ZEToWjGbx1j0LSZ9E,10250
 sourcecode/architecture_analyzer.py,sha256=MyBa0Hf5HmkudZQDLKrjcWDKETXETXl0mQX1swtTwAA,39091
 sourcecode/architecture_summary.py,sha256=z34_6v7cSwy98cof2UVciGho7SCrZ93tiqMmq5WNzRQ,20405
 sourcecode/ast_extractor.py,sha256=XgrZg2DcWcUm9r87cRG3KGO7IK2TIL_N-CvhSbUmmh4,49901
 sourcecode/classifier.py,sha256=pYve2J1LqtYssU3lYLMDz18PT-CjN5c18QYE7R_IG1Q,7507
-sourcecode/cli.py,sha256=1qVMsC2swT-OtCK6XziIM0J4xKp8kcRhUzfOaHr7vRU,80743
+sourcecode/cli.py,sha256=K6ecski4uwAWtATwxD-OF8IZlfwsqFWHCoDPOi4U9bI,80775
 sourcecode/code_notes_analyzer.py,sha256=y1MJBnPZHYp4i6cQCXUb9ATIyifS_qMQWjw_8lPkpsU,9215
 sourcecode/confidence_analyzer.py,sha256=xw_Jv8pAd0wd8t2vvQlorw8Ih0rSF3YCoFS8K-_4aXg,15762
 sourcecode/context_scorer.py,sha256=QpChSpsmaAYz91rXA4Ue5xzQmNz_ZboZN09YOHScq1U,14679
@@ -62,8 +62,8 @@ sourcecode/telemetry/consent.py,sha256=wLMvGNJeSSyZoNkQXpoUioY6mMv4Qdvuw7S9jAEWn
 sourcecode/telemetry/events.py,sha256=oEvvulfsv5GIDWG2174gSS6tNB95w38AIYiYeifGKlE,2294
 sourcecode/telemetry/filters.py,sha256=Asa71oRl7q3Wt_FMwuufIZJFzSYdgRNKS8LHCIyFeYE,4805
 sourcecode/telemetry/transport.py,sha256=KJeIPCPWMdmbCP3ySGs2iUlia34U6vWne2dZsUezesw,1560
-sourcecode-1.30.3.dist-info/METADATA,sha256=EiKcXUjcFz3Rw9ZQPmGlQClNa31fP3q_2suFD27347Y,23417
-sourcecode-1.30.3.dist-info/WHEEL,sha256=QccIxa26bgl1E6uMy58deGWi-0aeIkkangHcxk2kWfw,87
-sourcecode-1.30.3.dist-info/entry_points.txt,sha256=ex3F9rmbXeyDIoFQHtkEqTsKSaJow8F0LrVu8XfIktQ,57
-sourcecode-1.30.3.dist-info/licenses/LICENSE,sha256=7DdHrU9Z_3e7dSvq4ISijZNjnuHo5NIHNiHDouMQ9JU,10491
-sourcecode-1.30.3.dist-info/RECORD,,
+sourcecode-1.30.4.dist-info/METADATA,sha256=lSj_ODIJgDwxQP4EJ1VN9dbO0tiaAlWBiMG6qLep3mo,26770
+sourcecode-1.30.4.dist-info/WHEEL,sha256=QccIxa26bgl1E6uMy58deGWi-0aeIkkangHcxk2kWfw,87
+sourcecode-1.30.4.dist-info/entry_points.txt,sha256=ex3F9rmbXeyDIoFQHtkEqTsKSaJow8F0LrVu8XfIktQ,57
+sourcecode-1.30.4.dist-info/licenses/LICENSE,sha256=7DdHrU9Z_3e7dSvq4ISijZNjnuHo5NIHNiHDouMQ9JU,10491
+sourcecode-1.30.4.dist-info/RECORD,,

{sourcecode-1.30.3.dist-info → sourcecode-1.30.4.dist-info}/WHEEL RENAMED Viewed

File without changes

{sourcecode-1.30.3.dist-info → sourcecode-1.30.4.dist-info}/entry_points.txt RENAMED Viewed

File without changes

{sourcecode-1.30.3.dist-info → sourcecode-1.30.4.dist-info}/licenses/LICENSE RENAMED Viewed

File without changes

sourcecode 1.30.3__py3-none-any.whl → 1.30.4__py3-none-any.whl

sourcecode 1.30.3py3-none-any.whl → 1.30.4py3-none-any.whl