sourcecode 1.30.4__py3-none-any.whl → 1.30.5__py3-none-any.whl

sourcecode/__init__.py

@@ -1,3 +1,3 @@
 """sourcecode — Deterministic codebase context maps for AI coding agents."""
 
-__version__ = "1.30.4"
+__version__ = "1.30.5"

sourcecode/cli.py

@@ -1868,6 +1868,8 @@ def prepare_context_cmd(
             out["suggested_review_order"] = output.suggested_review_order
         if output.execution_paths:
             out["execution_paths"] = output.execution_paths
+        if output.behavioral_impact:
+            out["behavioral_impact"] = output.behavioral_impact
         if output.impact_summary:
             out["impact_summary"] = output.impact_summary
         if output.why_these_files:

sourcecode/flow_analyzer.py

@@ -177,6 +177,49 @@ def _has_code_evidence(clean: str, class_name: str) -> bool:
     return False
 
 
+_EVIDENCE_PRIORITY: dict[str, int] = {
+    "none": 0, "heuristic_only": 1, "direct_call": 2, "direct_injection": 3,
+}
+_EVIDENCE_STRONG = frozenset({"direct_call", "direct_injection"})
+
+
+def _classify_evidence_type(clean: str, class_name: str) -> str:
+    """Return how class_name is referenced in pre-stripped content."""
+    esc = re.escape(class_name)
+    if re.search(rf"\b(?:private|protected)\s+{esc}\b", clean, re.IGNORECASE):
+        return "direct_injection"
+    if re.search(rf"[,(]\s*{esc}\s+\w+", clean, re.IGNORECASE):
+        return "direct_injection"
+    if re.search(rf":\s*{esc}\b", clean, re.IGNORECASE):
+        return "direct_injection"
+    if re.search(rf"\bnew\s+{esc}\s*\(", clean, re.IGNORECASE):
+        return "direct_call"
+    if re.search(rf"\b{esc}\s*\(", clean):
+        return "direct_call"
+    non_import = re.search(
+        rf"^(?!\s*(?:import|require|from|//|#|\*)\b).*\b{esc}\b",
+        clean, re.IGNORECASE | re.MULTILINE,
+    )
+    if non_import:
+        return "heuristic_only"
+    return "none"
+
+
+def _worst_evidence(levels: list[str]) -> str:
+    return min(levels, key=lambda x: _EVIDENCE_PRIORITY.get(x, 0)) if levels else "none"
+
+
+def _compute_confidence(evidence_level: str, trace_len: int) -> str:
+    if evidence_level not in _EVIDENCE_STRONG:
+        return "low"
+    return "high" if trace_len >= 2 else "medium"
+
+
+def _build_trace_step(source_class: str, target_class: str, evidence_type: str) -> str:
+    verb = "injects" if evidence_type == "direct_injection" else "calls"
+    return f"{source_class} {verb} {target_class}"
+
+
 def _find_evidenced_ordered(
     root: Path,
     source_path: str,
@@ -307,4 +350,296 @@ def analyze_execution_paths(
             "end_state": _detect_end_state([item["step"] for item in path_items]),
         })
 
+
+# ── Behavioral impact helpers ─────────────────────────────────────────────────
+
+def _domain_from_class(class_name: str) -> str:
+    """Extract human-readable domain noun from a class name."""
+    stripped = re.sub(
+        r"(?i)(?:repository|repo|dao|mapper|store|service|manager|handler|helper|"
+        r"impl|controller|api|resource|endpoint|facade)$",
+        "", class_name,
+    )
+    return re.sub(r"(?<=[a-z])(?=[A-Z])", " ", stripped).strip().lower()
+
+
+def _impact_item(statement: str, support: str, certainty: str) -> dict:
+    return {"statement": statement, "support": support, "certainty": certainty}
+
+
+def _impact_descriptions(
+    changed_class: str,
+    changed_type: str,
+    end_state: str,
+    ctrl_clean: str,
+    evidence_level: str,
+) -> list[dict]:
+    domain = _domain_from_class(changed_class)
+    certainty = "medium" if evidence_level in _EVIDENCE_STRONG else "low"
+    items: list[dict] = []
+
+    if changed_type in _REPO_ARTIFACT_TYPES:
+        items.append(_impact_item(
+            f"{domain} persistence affected" if domain else "persistence affected",
+            f"{changed_class} is a repository in path",
+            certainty,
+        ))
+    elif changed_type in _SERVICE_ARTIFACT_TYPES:
+        if end_state == "DB write":
+            items.append(_impact_item(
+                f"{domain} persistence affected" if domain else "persistence affected",
+                f"{changed_class} delegates to repository with DB write",
+                certainty,
+            ))
+        else:
+            items.append(_impact_item(
+                f"{domain} behavior may change" if domain else "behavior may change",
+                f"{changed_class} is a service in path",
+                certainty,
+            ))
+    else:
+        items.append(_impact_item(
+            f"{domain} behavior may change" if domain else "behavior may change",
+            f"{changed_class} is in path",
+            certainty,
+        ))
+
+    if re.search(r"@PreAuthorize|@Secured|@RolesAllowed|hasRole\(|isAuthenticated", ctrl_clean, re.IGNORECASE):
+        items.append(_impact_item(
+            "authorization check present on entry point",
+            "security annotation detected on controller",
+            "high",
+        ))
+
+    if re.search(r"@Transactional\b", ctrl_clean):
+        items.append(_impact_item(
+            "transactional boundary in path",
+            "@Transactional detected on entry point",
+            "high",
+        ))
+
+    return items[:3]
+
+
+def _impact_descriptions_for_controller(
+    affected_path: list[str],
+    end_state: str,
+    ctrl_clean: str,
+    evidence_level: str,
+) -> list[dict]:
+    certainty = "medium" if evidence_level in _EVIDENCE_STRONG else "low"
+    items: list[dict] = []
+
+    if end_state == "DB write":
+        domain = ""
+        for step in reversed(affected_path):
+            base = step.split(".")[0]
+            d = _domain_from_class(base)
+            if d:
+                domain = d
+                break
+        items.append(_impact_item(
+            f"{domain} persistence affected" if domain else "data persistence affected",
+            "repository with DB write detected in path",
+            certainty,
+        ))
+    else:
+        items.append(_impact_item(
+            "request handler behavior may change",
+            "controller entry point modified",
+            certainty,
+        ))
+
+    if re.search(r"@PreAuthorize|@Secured|@RolesAllowed|hasRole\(|isAuthenticated", ctrl_clean, re.IGNORECASE):
+        items.append(_impact_item(
+            "authorization check present on entry point",
+            "security annotation detected on controller",
+            "high",
+        ))
+
+    if re.search(r"@Transactional\b", ctrl_clean):
+        items.append(_impact_item(
+            "transactional boundary in path",
+            "@Transactional detected on controller",
+            "high",
+        ))
+
+    return items[:3]
+
+
+def analyze_behavioral_impact(
+    changed_files: list[str],
+    all_paths: list[str],
+    root: Path,
+    classify_fn: Callable[[str], dict],
+    max_impacts: int = 3,
+) -> list[dict]:
+    """Build behavioral impact entries for PR review.
+
+    For changed controllers: forward traversal → service → repository.
+    For changed services/repos/domain: reverse lookup → find callers → build causal path.
+
+    Each entry: {entry_point, affected_path, impact, end_state}
+    All paths require direct code evidence — no naming/module inference.
+    Returns [] when no verifiable causal path exists.
+    """
+    entry_changed = [f for f in changed_files if classify_fn(f)["artifact_type"] in _ENTRY_ARTIFACT_TYPES]
+    non_entry_changed = [f for f in changed_files if classify_fn(f)["artifact_type"] not in _ENTRY_ARTIFACT_TYPES]
+
+    all_entries = [p for p in all_paths if classify_fn(p)["artifact_type"] in _ENTRY_ARTIFACT_TYPES]
+    all_services = [p for p in all_paths if classify_fn(p)["artifact_type"] in _SERVICE_ARTIFACT_TYPES]
+    all_repos = [p for p in all_paths if classify_fn(p)["artifact_type"] in _REPO_ARTIFACT_TYPES]
+
+    result: list[dict] = []
+    seen_entries: set[str] = set()
+
+    # Case 1: changed controllers — forward traversal
+    for entry_path in entry_changed:
+        if len(result) >= max_impacts:
+            break
+        entry_class = Path(entry_path).stem
+        if entry_class in seen_entries:
+            continue
+        lang = _detect_lang(entry_path)
+        ctrl_content = _read_safe(root, entry_path)
+        if not ctrl_content:
+            continue
+        ctrl_clean = _strip_comments(ctrl_content, lang)
+        entry_method = _find_entry_method(ctrl_clean)
+        entry_str = _step_label(entry_class, entry_method)
+
+        evidenced_svcs = _find_evidenced_ordered(root, entry_path, all_services)
+        if not evidenced_svcs:
+            continue
+
+        svc_class, svc_method = evidenced_svcs[0]
+        svc_evidence = _classify_evidence_type(ctrl_clean, svc_class)
+        affected_path = [_step_label(svc_class, svc_method)]
+        trace = [_build_trace_step(entry_class, svc_class, svc_evidence)]
+        evidence_levels = [svc_evidence]
+
+        svc_path = next((p for p in all_services if Path(p).stem == svc_class), None)
+        if svc_path:
+            svc_content_raw = _read_safe(root, svc_path)
+            if svc_content_raw:
+                svc_clean_raw = _strip_comments(svc_content_raw, _detect_lang(svc_path))
+                evidenced_repos = _find_evidenced_ordered(root, svc_path, all_repos)
+                if evidenced_repos:
+                    repo_class, repo_method = evidenced_repos[0]
+                    repo_evidence = _classify_evidence_type(svc_clean_raw, repo_class)
+                    affected_path.append(_step_label(repo_class, repo_method))
+                    trace.append(_build_trace_step(svc_class, repo_class, repo_evidence))
+                    evidence_levels.append(repo_evidence)
+
+        end_state = _detect_end_state(affected_path)
+        evidence_level = _worst_evidence(evidence_levels)
+        confidence = _compute_confidence(evidence_level, len(trace))
+        seen_entries.add(entry_class)
+        result.append({
+            "entry_point": entry_str,
+            "affected_path": affected_path,
+            "impact": _impact_descriptions_for_controller(affected_path, end_state, ctrl_clean, evidence_level),
+            "end_state": end_state,
+            "confidence": confidence,
+            "evidence_level": evidence_level,
+            "trace": trace,
+        })
+
+    # Case 2: changed non-controllers — reverse lookup
+    for changed_path in non_entry_changed:
+        if len(result) >= max_impacts:
+            break
+        changed_class = Path(changed_path).stem
+        changed_type = classify_fn(changed_path)["artifact_type"]
+
+        for ctrl_path in all_entries:
+            if len(result) >= max_impacts:
+                break
+            ctrl_class = Path(ctrl_path).stem
+            if ctrl_class in seen_entries:
+                continue
+            ctrl_content = _read_safe(root, ctrl_path)
+            if not ctrl_content:
+                continue
+            ctrl_lang = _detect_lang(ctrl_path)
+            ctrl_clean = _strip_comments(ctrl_content, ctrl_lang)
+
+            affected_path: list[str] = []
+            trace: list[str] = []
+            evidence_levels: list[str] = []
+
+            if _has_code_evidence(ctrl_clean, changed_class):
+                # Direct: controller → changed class
+                ctrl_to_changed = _classify_evidence_type(ctrl_clean, changed_class)
+                fmap = _build_field_map(ctrl_clean)
+                method = _find_called_method(ctrl_clean, changed_class, fmap)
+                affected_path.append(_step_label(changed_class, method))
+                trace.append(_build_trace_step(ctrl_class, changed_class, ctrl_to_changed))
+                evidence_levels.append(ctrl_to_changed)
+
+                if changed_type in _SERVICE_ARTIFACT_TYPES:
+                    changed_content = _read_safe(root, changed_path)
+                    changed_clean = _strip_comments(changed_content, _detect_lang(changed_path)) if changed_content else ""
+                    evidenced_repos = _find_evidenced_ordered(root, changed_path, all_repos)
+                    if evidenced_repos:
+                        rclass, rmethod = evidenced_repos[0]
+                        repo_evidence = _classify_evidence_type(changed_clean, rclass)
+                        affected_path.append(_step_label(rclass, rmethod))
+                        trace.append(_build_trace_step(changed_class, rclass, repo_evidence))
+                        evidence_levels.append(repo_evidence)
+            else:
+                # Indirect: controller → mediating service → changed class
+                for svc_class, svc_method in _find_evidenced_ordered(root, ctrl_path, all_services):
+                    svc_p = next((p for p in all_services if Path(p).stem == svc_class), None)
+                    if not svc_p:
+                        continue
+                    svc_content = _read_safe(root, svc_p)
+                    if not svc_content:
+                        continue
+                    svc_lang = _detect_lang(svc_p)
+                    svc_clean = _strip_comments(svc_content, svc_lang)
+                    if not _has_code_evidence(svc_clean, changed_class):
+                        continue
+
+                    ctrl_to_svc = _classify_evidence_type(ctrl_clean, svc_class)
+                    svc_to_changed = _classify_evidence_type(svc_clean, changed_class)
+                    fmap = _build_field_map(svc_clean)
+                    method = _find_called_method(svc_clean, changed_class, fmap)
+                    affected_path = [_step_label(svc_class, svc_method), _step_label(changed_class, method)]
+                    trace = [
+                        _build_trace_step(ctrl_class, svc_class, ctrl_to_svc),
+                        _build_trace_step(svc_class, changed_class, svc_to_changed),
+                    ]
+                    evidence_levels = [ctrl_to_svc, svc_to_changed]
+
+                    if changed_type in _SERVICE_ARTIFACT_TYPES:
+                        changed_content = _read_safe(root, changed_path)
+                        changed_clean = _strip_comments(changed_content, _detect_lang(changed_path)) if changed_content else ""
+                        evidenced_repos = _find_evidenced_ordered(root, changed_path, all_repos)
+                        if evidenced_repos:
+                            rclass, rmethod = evidenced_repos[0]
+                            repo_evidence = _classify_evidence_type(changed_clean, rclass)
+                            affected_path.append(_step_label(rclass, rmethod))
+                            trace.append(_build_trace_step(changed_class, rclass, repo_evidence))
+                            evidence_levels.append(repo_evidence)
+                    break
+
+            if not affected_path:
+                continue
+
+            entry_method = _find_entry_method(ctrl_clean)
+            end_state = _detect_end_state(affected_path)
+            evidence_level = _worst_evidence(evidence_levels)
+            confidence = _compute_confidence(evidence_level, len(trace))
+            seen_entries.add(ctrl_class)
+            result.append({
+                "entry_point": _step_label(ctrl_class, entry_method),
+                "affected_path": affected_path,
+                "impact": _impact_descriptions(changed_class, changed_type, end_state, ctrl_clean, evidence_level),
+                "end_state": end_state,
+                "confidence": confidence,
+                "evidence_level": evidence_level,
+                "trace": trace,
+            })
+
     return result

sourcecode/prepare_context.py

@@ -352,6 +352,7 @@ class TaskOutput:
     review_hotspots: list[str] = field(default_factory=list)
     suggested_review_order: list[str] = field(default_factory=list)
     execution_paths: list[dict] = field(default_factory=list)
+    behavioral_impact: list[dict] = field(default_factory=list)
 
 
 # ─────────────────────────────────────────────────────────────────────────────
@@ -875,12 +876,20 @@ class TaskContextBuilder:
                     _pr_suggested_review_order.append(_f)
                     _seen_order.add(_f)
 
-        # ── 6d. review-pr: execution paths ──────────────────────────────────
+        # ── 6d. review-pr: execution paths + behavioral impact ──────────────
         _execution_paths: list[dict] = []
+        _behavioral_impact: list[dict] = []
         if task_name == "review-pr" and _delta_files:
-            from sourcecode.flow_analyzer import analyze_execution_paths
+            from sourcecode.flow_analyzer import analyze_execution_paths, analyze_behavioral_impact
+            _changed_sorted = sorted(_delta_files)
             _execution_paths = analyze_execution_paths(
-                changed_files=sorted(_delta_files),
+                changed_files=_changed_sorted,
+                all_paths=all_paths,
+                root=self.root,
+                classify_fn=self._classify_changed_file,
+            )
+            _behavioral_impact = analyze_behavioral_impact(
+                changed_files=_changed_sorted,
                 all_paths=all_paths,
                 root=self.root,
                 classify_fn=self._classify_changed_file,
@@ -1117,6 +1126,7 @@ class TaskContextBuilder:
             review_hotspots=_pr_review_hotspots,
             suggested_review_order=_pr_suggested_review_order,
             execution_paths=_execution_paths,
+            behavioral_impact=_behavioral_impact,
         )
 
     def render_prompt(self, output: TaskOutput) -> str:

{sourcecode-1.30.4.dist-info → sourcecode-1.30.5.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: sourcecode
-Version: 1.30.4
+Version: 1.30.5
 Summary: Deterministic codebase context for AI coding agents
 License:                                  Apache License
                                    Version 2.0, January 2004
@@ -221,7 +221,7 @@ Description-Content-Type: text/markdown
 
 **Deterministic, behavior-aware codebase context for AI agents and PR review.**
 
-![Version](https://img.shields.io/badge/version-1.30.4-blue)
+![Version](https://img.shields.io/badge/version-1.30.5-blue)
 ![Python](https://img.shields.io/badge/python-3.10%2B-green)
 
 ---
@@ -257,7 +257,7 @@ pipx install sourcecode
 
 ```bash
 sourcecode version
-# sourcecode 1.30.4
+# sourcecode 1.30.5
 ```
 
 ---

{sourcecode-1.30.4.dist-info → sourcecode-1.30.5.dist-info}/RECORD

@@ -1,10 +1,10 @@
-sourcecode/__init__.py,sha256=lum_KRetZZierS82OkkxkHcbIkjAw1eYUAQiiRzOrX8,103
+sourcecode/__init__.py,sha256=7mzS6ap60mKtxcfyRLTvFJPqWtGX2Zskqn9qvjD_5Z4,103
 sourcecode/adaptive_scanner.py,sha256=RTNExwWPXzjgLaRueT7UuxkPj5ZEToWjGbx1j0LSZ9E,10250
 sourcecode/architecture_analyzer.py,sha256=MyBa0Hf5HmkudZQDLKrjcWDKETXETXl0mQX1swtTwAA,39091
 sourcecode/architecture_summary.py,sha256=z34_6v7cSwy98cof2UVciGho7SCrZ93tiqMmq5WNzRQ,20405
 sourcecode/ast_extractor.py,sha256=XgrZg2DcWcUm9r87cRG3KGO7IK2TIL_N-CvhSbUmmh4,49901
 sourcecode/classifier.py,sha256=pYve2J1LqtYssU3lYLMDz18PT-CjN5c18QYE7R_IG1Q,7507
-sourcecode/cli.py,sha256=K6ecski4uwAWtATwxD-OF8IZlfwsqFWHCoDPOi4U9bI,80775
+sourcecode/cli.py,sha256=mQEzR-IXcZAx4yl0Sh-m69CZYJc6UwlR8vmRODKzcPo,80878
 sourcecode/code_notes_analyzer.py,sha256=y1MJBnPZHYp4i6cQCXUb9ATIyifS_qMQWjw_8lPkpsU,9215
 sourcecode/confidence_analyzer.py,sha256=xw_Jv8pAd0wd8t2vvQlorw8Ih0rSF3YCoFS8K-_4aXg,15762
 sourcecode/context_scorer.py,sha256=QpChSpsmaAYz91rXA4Ue5xzQmNz_ZboZN09YOHScq1U,14679
@@ -17,11 +17,11 @@ sourcecode/doc_analyzer.py,sha256=afA4uJFwXZ_uR2l4J0pQwbeTkRkGmKdN9KhRVYePBUw,24
 sourcecode/entrypoint_classifier.py,sha256=gvKgl0f5T8ol1r4JMmkeqGHuZTfZJiOwFOWdc7EYwYw,4061
 sourcecode/env_analyzer.py,sha256=GxCidahAAIptTdDFIlVB6URd4HBnBlIX_SqUov3MBRQ,22076
 sourcecode/file_classifier.py,sha256=48ly5Z6exkzBy8lNy1AkdP4-oJqIA1zT3LZfffuTyDo,11572
-sourcecode/flow_analyzer.py,sha256=VQDrItg3NBqOOD8PxHXyntXQnPweUuUn6JtOY8lNWys,12841
+sourcecode/flow_analyzer.py,sha256=m29PJPdAwH4n3ZNqMidgi97csSUUtav5SM9lkDy_sr8,27219
 sourcecode/git_analyzer.py,sha256=_pCg2V4d2aa17k9hayTzpexAj8syvyk4y9NYNvvgOAI,12802
 sourcecode/graph_analyzer.py,sha256=iUK-7pSV-cvGqqD2hENdYmhnm0wcXFEyK-xnu5ul8OU,62515
 sourcecode/metrics_analyzer.py,sha256=m0ENgtqKeBL17kUIK3fmGkgo7UfXBNHxCMj0H_Y5K7c,22750
-sourcecode/prepare_context.py,sha256=ELrCIIcttip4B3y9aQZdMPqIgzaEJR0evDdG8QYTBLc,129623
+sourcecode/prepare_context.py,sha256=yd00J2MgFXw2aCgV9Fr2mAwn4GwpHxcXP16PtYRt7MU,130061
 sourcecode/progress.py,sha256=qn30sWaHOkjTgXsSBmiPkz7Rsbwc5oSlIe6JNEMYp_k,3149
 sourcecode/ranking_engine.py,sha256=virVglafZufioHpZpwktjMvUiL0TZELWQCQnQNV8dFo,9360
 sourcecode/redactor.py,sha256=xuGcadGEHaPw4qZXlMDvzMCsr4VOkdp3oBQptHyJk8c,2884
@@ -62,8 +62,8 @@ sourcecode/telemetry/consent.py,sha256=wLMvGNJeSSyZoNkQXpoUioY6mMv4Qdvuw7S9jAEWn
 sourcecode/telemetry/events.py,sha256=oEvvulfsv5GIDWG2174gSS6tNB95w38AIYiYeifGKlE,2294
 sourcecode/telemetry/filters.py,sha256=Asa71oRl7q3Wt_FMwuufIZJFzSYdgRNKS8LHCIyFeYE,4805
 sourcecode/telemetry/transport.py,sha256=KJeIPCPWMdmbCP3ySGs2iUlia34U6vWne2dZsUezesw,1560
-sourcecode-1.30.4.dist-info/METADATA,sha256=lSj_ODIJgDwxQP4EJ1VN9dbO0tiaAlWBiMG6qLep3mo,26770
-sourcecode-1.30.4.dist-info/WHEEL,sha256=QccIxa26bgl1E6uMy58deGWi-0aeIkkangHcxk2kWfw,87
-sourcecode-1.30.4.dist-info/entry_points.txt,sha256=ex3F9rmbXeyDIoFQHtkEqTsKSaJow8F0LrVu8XfIktQ,57
-sourcecode-1.30.4.dist-info/licenses/LICENSE,sha256=7DdHrU9Z_3e7dSvq4ISijZNjnuHo5NIHNiHDouMQ9JU,10491
-sourcecode-1.30.4.dist-info/RECORD,,
+sourcecode-1.30.5.dist-info/METADATA,sha256=ZWdIFgPwcMYKHaeIpte8GlY4CkEgZMDiDtYgQh_FBTM,26770
+sourcecode-1.30.5.dist-info/WHEEL,sha256=QccIxa26bgl1E6uMy58deGWi-0aeIkkangHcxk2kWfw,87
+sourcecode-1.30.5.dist-info/entry_points.txt,sha256=ex3F9rmbXeyDIoFQHtkEqTsKSaJow8F0LrVu8XfIktQ,57
+sourcecode-1.30.5.dist-info/licenses/LICENSE,sha256=7DdHrU9Z_3e7dSvq4ISijZNjnuHo5NIHNiHDouMQ9JU,10491
+sourcecode-1.30.5.dist-info/RECORD,,