sourcecode 1.30.6__tar.gz → 1.30.8__tar.gz

sourcecode-1.30.8/.continue-here.md

@@ -0,0 +1,173 @@
+# Continue Here — atlas-cli sesión 10
+
+**Paused:** 2026-05-16 (sesión 10)
+**Repo:** `/Users/user/Downloads/atlas-cli`
+**Branch:** master
+**Último commit:** `f269c64` — (fix)solucionando bug de review-pr en repos masivos
+**Working tree:** CLEAN
+
+---
+
+## Lo que se hizo esta sesión
+
+### Fix 1: Contrato de verdad en `behavioral_impact` (Fase 1 del rediseño)
+
+Motivación: output parecía "falsa autoridad" — emitía paths sin indicar nivel de evidencia.
+
+**Cambios en `flow_analyzer.py`:**
+
+Nuevas helpers:
+- `_classify_evidence_type(clean, class_name)` → `"direct_injection" | "direct_call" | "heuristic_only" | "none"`
+- `_worst_evidence(levels)` → evidencia más débil de la cadena
+- `_compute_confidence(evidence_level, trace_len)` → `"high" | "medium" | "low"`
+- `_build_trace_step(source, target, evidence_type)` → e.g. `"ArticleController injects ArticleFavoriteService"`
+- `_impact_item(statement, support, certainty)` → dict con 3 campos
+
+**Nuevo schema de cada entry en `behavioral_impact`:**
+
+```json
+{
+  "entry_point": "ArticleController.favoriteArticle",
+  "affected_path": ["ArticleFavoriteService.favorite", "ArticleFavoriteRepository.save"],
+  "impact": [
+    {
+      "statement": "article favorite persistence affected",
+      "support": "ArticleFavoriteRepository is a repository in path",
+      "certainty": "medium"
+    }
+  ],
+  "end_state": "DB write",
+  "confidence": "high",
+  "evidence_level": "direct_injection",
+  "trace": [
+    "ArticleController injects ArticleFavoriteService",
+    "ArticleFavoriteService injects ArticleFavoriteRepository"
+  ]
+}
+```
+
+Regla: no trace → no entry. `heuristic_only` → confidence máximo `low`.
+Scope de `impact`: solo persistence + security annotations + `@Transactional`.
+
+---
+
+### Fix 2: Git-first scope resolution para `review-pr`
+
+Motivación: `review-pr` colgaba en repos grandes (Broadleaf Commerce) por traversal completo del filesystem antes de conocer el scope.
+
+**Nuevo flujo:**
+```
+ANTES: filesystem scan → heuristics → analysis
+AHORA: git diff → scope resolution → targeted loading → analysis
+```
+
+**Cambios en `prepare_context.py`:**
+
+Nuevos métodos en `TaskContextBuilder`:
+- `_resolve_git_root()` → `git rev-parse --show-toplevel`
+- `_get_pr_scope_files(since)` → union de `git diff HEAD~1` + `git diff HEAD` + staged + untracked; filtra paths `../`
+- `_expand_scope_for_analysis(scope_files)` → scope files + siblings en mismos directorios (depth=1)
+
+Nuevo Step 0 en `build()` (antes del scanner):
+- Resuelve git root + scope completo
+- Early returns para no-git y ref inválida (sin hacer ningún scan)
+
+Step 1 (scanner) — rama git-first:
+- Skip `AdaptiveScanner` completamente → `file_tree = {}`
+- `all_paths = _expand_scope_for_analysis(scope_files)` (bounded context para behavioral_impact)
+
+Step 2 (detection) — rama git-first:
+- Skip workspace sub-scans (cada workspace corría su propio `AdaptiveScanner`)
+
+Step 5d — simplificado:
+- Ya no re-corre git (scope pre-resuelto en step 0)
+- Solo: `_delta_files = set(_pr_scope_files)`
+
+Nuevos campos en `TaskOutput`: `scope_source`, `scope_files`, `repo_root`.
+
+Output JSON nuevo bloque:
+```json
+"scope": {
+  "source": "git_diff,untracked",
+  "files": [...],
+  "repo_root": "/path/to/repo"
+}
+```
+
+**Tiempo real:** 1.2s (antes: ∞ en Broadleaf).
+
+---
+
+## Estado de tests
+
+```
+777 passed, 3 skipped, 1 deselected
+```
+
+---
+
+## Commits de esta sesión
+
+| Hash | Descripción |
+|------|-------------|
+| `fc861e1` | (fix)incrementando representatividad del análisis de flujo |
+| `f269c64` | (fix)solucionando bug de review-pr en repos masivos |
+
+---
+
+## Pendiente
+
+1. **Smoke test `behavioral_impact`** en repo real spring-boot:
+   ```bash
+   cd ~/Documents/workspace/spring-boot-realworld-example-app
+   sourcecode prepare-context review-pr . 2>/dev/null | python3 -c "
+   import json, sys
+   d = json.load(sys.stdin)
+   for bi in d.get('behavioral_impact', []):
+       print('entry:', bi['entry_point'])
+       print('confidence:', bi['confidence'])
+       print('trace:', bi['trace'])
+       print()
+   "
+   ```
+
+2. **Smoke test en Broadleaf Commerce** — verificar que no cuelga:
+   ```bash
+   cd ~/Documents/workspace/broadleaf-commerce
+   time sourcecode prepare-context review-pr . 2>/dev/null | python3 -c "
+   import json, sys
+   d = json.load(sys.stdin)
+   print('scope_source:', d.get('scope', {}).get('source'))
+   print('scope_files:', len(d.get('scope', {}).get('files', [])))
+   "
+   ```
+
+3. **Evaluar si `execution_paths` sigue siendo útil** o si `behavioral_impact` lo reemplaza.
+
+4. **Fase 2 del rediseño behavioral_impact** — smoke en Broadleaf, medir false positives.
+
+5. **Tests unitarios para `_classify_diff_severity`** — sin tests.
+
+6. **`User.java` clasificado como `"source"` no `"domain_model"`** — fix opcional.
+
+---
+
+## Para retomar
+
+```bash
+cd /Users/user/Downloads/atlas-cli
+git log --oneline -3
+
+python3 -m pytest tests/ \
+  --ignore=tests/test_block2_coverage.py \
+  --ignore=tests/test_packaging.py \
+  --deselect=tests/test_dependency_analyzer_node_python.py::test_python_requirements_without_lockfile_keeps_declared_versions \
+  -q
+# Expected: 777 passed
+
+python3 -m pytest tests/test_v1_10_regressions.py::TestBehavioralImpact tests/test_v1_10_regressions.py::TestReviewPrSuspectedAreas -v
+```
+
+---
+
+*Pausado 2026-05-16 sesión 10 — gsd:pause-work*

{sourcecode-1.30.6 → sourcecode-1.30.8}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: sourcecode
-Version: 1.30.6
+Version: 1.30.8
 Summary: Deterministic codebase context for AI coding agents
 License:                                  Apache License
                                    Version 2.0, January 2004
@@ -221,7 +221,7 @@ Description-Content-Type: text/markdown
 
 **Deterministic, behavior-aware codebase context for AI agents and PR review.**
 
-![Version](https://img.shields.io/badge/version-1.30.6-blue)
+![Version](https://img.shields.io/badge/version-1.30.8-blue)
 ![Python](https://img.shields.io/badge/python-3.10%2B-green)
 
 ---
@@ -257,7 +257,7 @@ pipx install sourcecode
 
 ```bash
 sourcecode version
-# sourcecode 1.30.6
+# sourcecode 1.30.8
 ```
 
 ---

{sourcecode-1.30.6 → sourcecode-1.30.8}/README.md

@@ -2,7 +2,7 @@
 
 **Deterministic, behavior-aware codebase context for AI agents and PR review.**
 
-![Version](https://img.shields.io/badge/version-1.30.6-blue)
+![Version](https://img.shields.io/badge/version-1.30.8-blue)
 ![Python](https://img.shields.io/badge/python-3.10%2B-green)
 
 ---
@@ -38,7 +38,7 @@ pipx install sourcecode
 
 ```bash
 sourcecode version
-# sourcecode 1.30.6
+# sourcecode 1.30.8
 ```
 
 ---

{sourcecode-1.30.6 → sourcecode-1.30.8}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "sourcecode"
-version = "1.30.6"
+version = "1.30.8"
 description = "Deterministic codebase context for AI coding agents"
 readme = "README.md"
 requires-python = ">=3.9"

{sourcecode-1.30.6 → sourcecode-1.30.8}/src/sourcecode/__init__.py

@@ -1,3 +1,3 @@
 """sourcecode — Deterministic codebase context maps for AI coding agents."""
 
-__version__ = "1.30.6"
+__version__ = "1.30.8"

{sourcecode-1.30.6 → sourcecode-1.30.8}/src/sourcecode/cli.py

@@ -1760,7 +1760,7 @@ def prepare_context_cmd(
         out["architecture_summary"] = output.architecture_summary
     if _task_include("confidence"):
         out["confidence"] = output.confidence
-    if _task_include("relevant_files"):
+    if task != "review-pr" and _task_include("relevant_files"):
         out["relevant_files"] = [
             {k: v for k, v in asdict(f).items() if v != ""}
             for f in output.relevant_files
@@ -1862,6 +1862,11 @@ def prepare_context_cmd(
             out["configuration_impact"] = output.configuration_impact
         if output.test_coverage_risk:
             out["test_coverage_risk"] = output.test_coverage_risk
+        # honest split: runtime files vs build artifacts — no mixed ranking
+        if output.runtime_changes:
+            out["runtime_changes"] = output.runtime_changes
+        if output.build_changes:
+            out["build_changes"] = output.build_changes
         if output.review_hotspots:
             out["review_hotspots"] = output.review_hotspots
         if output.suggested_review_order:

{sourcecode-1.30.6 → sourcecode-1.30.8}/src/sourcecode/flow_analyzer.py

@@ -364,7 +364,8 @@ def _domain_from_class(class_name: str) -> str:
 
 
 def _impact_item(statement: str, support: str, certainty: str) -> dict:
-    return {"statement": statement, "support": support, "certainty": certainty}
+    truth_level = "observed" if certainty == "high" else "inferred"
+    return {"statement": statement, "support": support, "certainty": certainty, "truth_level": truth_level}
 
 
 def _impact_descriptions(
@@ -380,14 +381,14 @@ def _impact_descriptions(
 
     if changed_type in _REPO_ARTIFACT_TYPES:
         items.append(_impact_item(
-            f"{domain} persistence affected" if domain else "persistence affected",
-            f"{changed_class} is a repository in path",
+            f"{domain} persistence may be affected (inferred from path)" if domain else "persistence may be affected (inferred from path)",
+            f"{changed_class} classified as repository from path",
             certainty,
         ))
     elif changed_type in _SERVICE_ARTIFACT_TYPES:
         if end_state == "DB write":
             items.append(_impact_item(
-                f"{domain} persistence affected" if domain else "persistence affected",
+                f"{domain} persistence may be affected (repository with DB write in path)" if domain else "persistence may be affected (repository with DB write in path)",
                 f"{changed_class} delegates to repository with DB write",
                 certainty,
             ))
@@ -439,7 +440,7 @@ def _impact_descriptions_for_controller(
                 domain = d
                 break
         items.append(_impact_item(
-            f"{domain} persistence affected" if domain else "data persistence affected",
+            f"{domain} persistence may be affected (repository with DB write in path)" if domain else "data persistence may be affected (repository with DB write in path)",
             "repository with DB write detected in path",
             certainty,
         ))

{sourcecode-1.30.6 → sourcecode-1.30.8}/src/sourcecode/prepare_context.py

@@ -357,6 +357,9 @@ class TaskOutput:
     scope_source: Optional[str] = None   # "git_diff" | "staged" | "untracked" | "full_scan_fallback"
     scope_files: list[str] = field(default_factory=list)
     repo_root: Optional[str] = None
+    # honest output schema (review-pr only): runtime vs build split
+    runtime_changes: list[dict] = field(default_factory=list)
+    build_changes: dict = field(default_factory=dict)
 
 
 # ─────────────────────────────────────────────────────────────────────────────
@@ -416,6 +419,26 @@ _ALL_EXTENSIONS: frozenset[str] = _SOURCE_EXTENSIONS | frozenset({
     ".md", ".toml", ".yaml", ".yml", ".json", ".xml",
 })
 
+_ARTIFACT_CHANGE_EFFECT: dict[str, str] = {
+    "entrypoint":     "may affect application startup, CLI entry, or framework bootstrap — all request flows may be affected (inferred from role)",
+    "controller":     "may alter HTTP routing, API contract, or response shape — API consumers may be affected (inferred from role)",
+    "service":        "may change business rules, transaction scope, or orchestration logic — callers and dependents may be affected (inferred from role)",
+    "repository":     "may modify persistence queries or data access patterns — verify data consistency and service layer (inferred from role)",
+    "mapper":         "may alter SQL-to-object binding or query templates — data shape and repositories may be affected (inferred from role)",
+    "security":       "may change authentication flow, access control rules, or session handling — all secured endpoints may be affected (inferred from role)",
+    "spring_config":  "may modify bean wiring, datasource, or framework-wide settings — wired beans potentially affected (inferred from role)",
+    "spring_profile": "may change environment-specific overrides — behavior may differ per active profile (inferred from role)",
+    "config":         "may adjust configuration values — all modules reading this config may be affected (inferred from role)",
+    "build_manifest": "changes dependencies, plugins, or project structure — compile-time and runtime classpath affected",
+    "db_migration":   "modifies database schema — existing queries, mappings, and constraints may break",
+    "domain_model":   "may alter entity structure — may cascade to repositories, DTOs, serializers, and mappers (inferred from role)",
+    "dto":            "may change data transfer contract — serialization and API consumers may break (inferred from role)",
+    "test":           "modifies test coverage or test behavior — no production code affected",
+    "documentation":  "updates documentation only — no runtime impact",
+    "ide_noise":      "IDE/tooling artifact — no application impact",
+    "source":         "modifies application source — artifact role derived from file path structure",
+}
+
 # Maps frontend symptom keywords → backend terms likely to contain the root cause.
 # Used to boost service/interceptor files when the symptom is UI-only.
 _FRONTEND_SYMPTOM_MAP: dict[str, list[str]] = {
@@ -830,6 +853,8 @@ class TaskContextBuilder:
         _pr_review_hotspots: list[str] = []
         _pr_suggested_review_order: list[str] = []
         _pr_base_ref: Optional[str] = None
+        _pr_runtime_changes: list[dict] = []
+        _pr_build_changes: dict = {}
 
         if task_name == "review-pr":
             _pr_base_ref = since or "HEAD"
@@ -879,14 +904,21 @@ class TaskContextBuilder:
                 "risk_level": _test_risk_level,
             }
 
-            # Review hotspots: top changed files ranked by impact score
+            # Pre-classify changed files once — reused for hotspots, order, and runtime/build split
+            _pr_changed_cls: dict[str, dict] = {
+                f: self._classify_changed_file(f) for f in (_delta_files or set())
+            }
+
+            # Review hotspots: top changed RUNTIME files ranked by impact score — no build artifacts
             _pr_review_hotspots = sorted(
-                _delta_files or set(),
+                [f for f, cls in _pr_changed_cls.items()
+                 if not cls["is_noise"] and cls["artifact_type"] != "build_manifest"],
                 key=lambda f: _delta_impact_score_per_file.get(f, 0.0),
                 reverse=True,
             )[:8]
 
             # Suggested review order: security first, then api → service → persistence → config
+            # build_manifest is intentionally absent from _ORDER_TYPES
             _ORDER_TYPES = ["security", "controller", "service", "repository", "mapper",
                             "spring_config", "config", "domain_model", "dto"]
             _seen_order: set[str] = set()
@@ -894,7 +926,7 @@ class TaskContextBuilder:
                 for _ra in _delta_risk_areas:
                     for _f in _ra.get("affected_files", []):
                         if _f not in _seen_order:
-                            _cls = self._classify_changed_file(_f)
+                            _cls = _pr_changed_cls.get(_f) or self._classify_changed_file(_f)
                             if _cls["artifact_type"] == _otype:
                                 _pr_suggested_review_order.append(_f)
                                 _seen_order.add(_f)
@@ -903,6 +935,60 @@ class TaskContextBuilder:
                     _pr_suggested_review_order.append(_f)
                     _seen_order.add(_f)
 
+            # Build runtime_changes and build_changes — honest split, no score numbers
+            _pr_runtime_changes: list[dict] = []
+            _pr_build_changes: dict = {}
+            _build_artifact_files: list[str] = []
+
+            _SCORE_TO_CONFIDENCE = {
+                "high":   lambda s: s >= 0.60,
+                "medium": lambda s: 0.40 <= s < 0.60,
+            }
+
+            for _f in sorted(_delta_files or set()):
+                _f_cls = _pr_changed_cls.get(_f) or self._classify_changed_file(_f)
+                _f_atype = _f_cls["artifact_type"]
+                if _f_cls["is_noise"]:
+                    continue
+                if _f_atype == "build_manifest":
+                    _build_artifact_files.append(_f)
+                    continue
+                # role: always "inferred" — no runtime evidence for role classification
+                _cls_conf = _f_cls["confidence"]  # "high"|"medium"|"low" from _classify_changed_file
+                _role_basis = "naming" if _cls_conf == "high" else ("path" if _cls_conf == "medium" else "extension")
+                _role_obj = {
+                    "type": "inferred",
+                    "confidence": "medium" if _cls_conf == "high" else "low",
+                    "basis": _role_basis,
+                }
+                # evidence: list what we actually know
+                _evidence: list[str] = ["changed in git diff"]
+                _f_module = _f_cls.get("module", "")
+                if _f_module:
+                    _evidence.append(f"matched module path: {_f_module}")
+                _evidence.append("NO call graph evidence")
+                # file confidence: replaces numeric score
+                _impact_s = _delta_impact_score_per_file.get(_f, 0.45)
+                _f_conf = "high" if _impact_s >= 0.60 else ("medium" if _impact_s >= 0.40 else "low")
+                _pr_runtime_changes.append({
+                    "path": _f,
+                    "role": _role_obj,
+                    "confidence": _f_conf,
+                    "artifact_type": _f_atype,
+                    "evidence": _evidence,
+                    "change_effect": {
+                        "statement": _ARTIFACT_CHANGE_EFFECT.get(_f_atype, "may modify application logic (role inferred from path)"),
+                        "truth_level": "inferred",
+                        "confidence": _role_obj["confidence"],
+                    },
+                })
+
+            if _build_artifact_files:
+                _pr_build_changes = {
+                    "files": _build_artifact_files,
+                    "impact": "dependency/configuration only",
+                }
+
         # ── 6d. review-pr: execution paths + behavioral impact ──────────────
         _execution_paths: list[dict] = []
         _behavioral_impact: list[dict] = []
@@ -1158,6 +1244,9 @@ class TaskContextBuilder:
             scope_source=_pr_scope_source if task_name == "review-pr" else None,
             scope_files=list(_pr_scope_files) if task_name == "review-pr" and _pr_scope_files else [],
             repo_root=str(_pr_git_root) if task_name == "review-pr" and _pr_git_root else None,
+            # honest output schema: runtime vs build split (review-pr only)
+            runtime_changes=_pr_runtime_changes,
+            build_changes=_pr_build_changes,
         )
 
     def render_prompt(self, output: TaskOutput) -> str:
@@ -1990,26 +2079,8 @@ class TaskContextBuilder:
             "build_manifest": frozenset(),
         }
 
-        # deterministic change_effect descriptions per artifact type
-        _CHANGE_EFFECT: dict[str, str] = {
-            "entrypoint":     "modifies application startup, CLI entry, or framework bootstrap — all request flows may be affected",
-            "controller":     "alters HTTP routing, API contract, or response shape — API consumers are affected",
-            "service":        "changes business rules, transaction scope, or orchestration logic — callers and dependents affected",
-            "repository":     "modifies persistence queries or data access patterns — data consistency and service layer affected",
-            "mapper":         "alters SQL-to-object binding or query templates — data shape and repositories affected",
-            "security":       "changes authentication flow, access control rules, or session handling — all secured endpoints affected",
-            "spring_config":  "modifies bean wiring, datasource, or framework-wide settings — all wired beans potentially affected",
-            "spring_profile": "changes environment-specific overrides — behavior differs per active profile",
-            "config":         "adjusts configuration values — all modules reading this config are affected",
-            "build_manifest": "changes dependencies, plugins, or project structure — compile-time and runtime classpath affected",
-            "db_migration":   "modifies database schema — existing queries, mappings, and constraints may break",
-            "domain_model":   "alters entity structure — cascades to repositories, DTOs, serializers, and mappers",
-            "dto":            "changes data transfer contract — serialization and API consumers may break",
-            "test":           "modifies test coverage or test behavior — no production code affected",
-            "documentation":  "updates documentation only — no runtime impact",
-            "ide_noise":      "IDE/tooling artifact — no application impact",
-            "source":         "modifies application source — artifact role derived from file path structure",
-        }
+        # use module-level constant (single source of truth)
+        _CHANGE_EFFECT = _ARTIFACT_CHANGE_EFFECT
 
         # change_type taxonomy — closed set, derived from artifact type
         _ARTIFACT_CHANGE_TYPES: dict[str, list[str]] = {
@@ -2454,19 +2525,19 @@ class TaskContextBuilder:
         def _runtime_impact(tc: dict[str, int]) -> list[str]:
             _ri: list[str] = []
             if "entrypoint" in tc:
-                _ri.append("Application bootstrap modified — full context restart required before deploy")
+                _ri.append("Entrypoint-classified file modified — may require full context restart before deploy (role inferred from path)")
             if "spring_config" in tc:
-                _ri.append("Spring ApplicationContext bean wiring modified — dependent beans rewired on restart")
+                _ri.append("Spring config-classified file modified — wired beans may be rewired on restart (role inferred from path)")
             if "security" in tc:
-                _ri.append("Security filter chain modified — all secured endpoints affected after restart")
+                _ri.append("Security-classified file modified — secured endpoints may be affected after restart (role inferred from path)")
             if "db_migration" in tc:
                 _ri.append("Database schema migration pending — execute before deploying application")
             _svc = tc.get("service", 0)
             if _svc >= 2:
-                _ri.append(f"{_svc} service(s) modified — verify transaction scope and data consistency")
+                _ri.append(f"{_svc} service-classified file(s) modified — verify transaction scope and data consistency (role inferred from path)")
             _repo = tc.get("repository", 0) + tc.get("mapper", 0)
             if _repo > 0:
-                _ri.append(f"{_repo} persistence component(s) modified — verify data access queries")
+                _ri.append(f"{_repo} persistence-classified component(s) modified — verify data access queries (role inferred from path)")
             if "build_manifest" in tc:
                 _ri.append("Build manifest modified — dependency resolution required before compile")
             return _ri

sourcecode-1.30.6/.continue-here.md

@@ -1,163 +0,0 @@
-# Continue Here — atlas-cli sesión 9
-
-**Paused:** 2026-05-16 (sesión 9)
-**Repo:** `/Users/user/Downloads/atlas-cli`
-**Branch:** master
-**Último commit:** `88e1ebd` — Actualizando README
-**Working tree:** DIRTY (sin commit — usuario pidió "no hagas commit" esta sesión)
-
----
-
-## Lo que se hizo esta sesión
-
-### Fix: test regresivo stale en `test_signal_hierarchy.py`
-
-`test_prepare_context_review_pr_task` esperaba exit_code 0 pero la nueva conducta (desde `7085e97`) devuelve exit_code 1 cuando no hay diff. El test corría contra atlas-cli (no tmp_project — el arg se consume por `_preprocess_args`), entonces era frágil: con cambios pendientes en atlas-cli → exit 0, sin cambios → exit 1.
-
-**Fix:** test acepta ambos exit codes y verifica estructura JSON en cada caso.
-
----
-
-### Feature: `behavioral_impact` para `review-pr`
-
-Nueva capability: en vez de "archivos relacionados por heurística", modelar impacto causal del cambio.
-
-**Nueva sección top-level en output de review-pr:**
-```json
-{
-  "behavioral_impact": [{
-    "entry_point": "ArticleController.favoriteArticle",
-    "affected_path": ["ArticleFavoriteService.favorite", "ArticleFavoriteRepository.save"],
-    "impact": ["article favorite persistence affected"],
-    "end_state": "DB write"
-  }]
-}
-```
-
-**Dos traversals:**
-
-| Archivo cambiado | Estrategia | entry_point |
-|---|---|---|
-| Controller | Forward: ctrl → svc → repo | El propio controller |
-| Service/Repo/Domain | Reverse: buscar qué controller inyecta/llama la cadena | Controller que lo usa |
-
-**Reverse lookup:** primero directo (ctrl usa clase directamente), luego indirecto (ctrl → svc mediador → clase cambiada).
-
-**Impact generation:** basado en artifact_type + end_state + nombre de clase sin sufijo:
-- Repository → `"X persistence affected"`
-- Service + DB write → `"X data persistence behavior may change"`
-- Service + event → `"X event emission affected"`
-- + si hay `@PreAuthorize`/`@Secured` en controller → `"authorization check present on entry point"`
-
-**Sin evidencia → no emitir path.** `_has_code_evidence` gate en cada paso.
-
----
-
-## Archivos modificados (sin commit)
-
-| Archivo | Cambio |
-|---------|--------|
-| `src/sourcecode/flow_analyzer.py` | `analyze_behavioral_impact()` + helpers `_domain_from_class`, `_impact_descriptions`, `_impact_descriptions_for_controller` (~205 líneas nuevas) |
-| `src/sourcecode/prepare_context.py` | Campo `behavioral_impact` en `TaskOutput`, bloque 6d llama `analyze_behavioral_impact` |
-| `src/sourcecode/cli.py` | Serializa `behavioral_impact` en output de review-pr |
-| `tests/test_signal_hierarchy.py` | Fix stale test `test_prepare_context_review_pr_task` |
-| `tests/test_v1_10_regressions.py` | Clase `TestBehavioralImpact` con 5 tests unitarios |
-
----
-
-## Tests al pausar
-
-```
-777 passed, 3 skipped, 1 deselected
-```
-
-Los 5 tests nuevos en `TestBehavioralImpact` pasan:
-- `test_service_change_finds_controller_entry_point` ✓
-- `test_repository_change_finds_controller_via_service` ✓
-- `test_controller_change_forward_traversal` ✓
-- `test_no_evidence_returns_empty` ✓
-- `test_impact_strings_describe_behavior_not_files` ✓
-
----
-
-## Pendiente de sesión anterior (sigue vigente)
-
-1. **Smoke test `delta`** — verificar Fix 1-3 (BFS module constraint) no afecta `delta`:
-   ```bash
-   cd ~/Documents/workspace/spring-boot-realworld-example-app
-   sourcecode prepare-context delta . --since HEAD~1 2>/dev/null | python3 -c "
-   import json,sys; d=json.load(sys.stdin)
-   print('relevant_files:', len(d.get('relevant_files', [])))
-   "
-   ```
-
-2. **Smoke test `security_change` path** — cambio real en auth logic debe expandir security chain.
-
-3. **Tests unitarios para `_classify_diff_severity`** — sin tests actualmente.
-
-4. **`User.java` clasificado como `"source"` no `"domain_model"`** — fix opcional en `_classify_changed_file`.
-
-5. **Smoke tests saint-server** — pendiente sesión 4/5.
-
----
-
-## Pendiente de esta sesión (nuevo)
-
-1. **COMMIT** — toda la sesión sin commit. Hacer commit:
-   ```bash
-   git add src/sourcecode/flow_analyzer.py \
-           src/sourcecode/prepare_context.py \
-           src/sourcecode/cli.py \
-           tests/test_signal_hierarchy.py \
-           tests/test_v1_10_regressions.py
-   git commit -m "feat(review-pr): behavioral_impact — impacto causal de cambio, no expansión heurística"
-   ```
-
-2. **Smoke test `behavioral_impact`** en repo real:
-   ```bash
-   /Users/user/.local/pipx/venvs/sourcecode/bin/python -m pip install -e . -q
-   cd ~/Documents/workspace/spring-boot-realworld-example-app
-   # Modificar un service (ej. ArticleFavoriteService.java) sin commit y correr:
-   sourcecode prepare-context review-pr . 2>/dev/null | python3 -c "
-   import json, sys
-   d = json.load(sys.stdin)
-   for bi in d.get('behavioral_impact', []):
-       print('entry:', bi['entry_point'])
-       print('path:', bi['affected_path'])
-       print('impact:', bi['impact'])
-       print('end_state:', bi['end_state'])
-       print()
-   "
-   ```
-
-3. **Evaluar si `execution_paths` sigue siendo útil** o si `behavioral_impact` lo reemplaza completamente. Ambos coexisten ahora.
-
-4. **Impact generation refinement** — para service changes, `"X data persistence behavior may change"` es verbose. Podría simplificarse a `"X persistence affected"`.
-
----
-
-## Para retomar
-
-```bash
-cd /Users/user/Downloads/atlas-cli
-git log --oneline -3
-git diff --stat HEAD   # verá los 5 archivos sin commit
-
-# Verificar import
-python3 -c "from sourcecode.flow_analyzer import analyze_behavioral_impact; print('OK')"
-
-# Tests completos
-python3 -m pytest tests/ \
-  --ignore=tests/test_block2_coverage.py \
-  --ignore=tests/test_packaging.py \
-  --deselect=tests/test_dependency_analyzer_node_python.py::test_python_requirements_without_lockfile_keeps_declared_versions \
-  -q
-# Expected: 777 passed
-
-# Tests nuevos específicamente
-python3 -m pytest tests/test_v1_10_regressions.py::TestBehavioralImpact -v
-```
-
----
-
-*Pausado 2026-05-16 sesión 9 — gsd:pause-work*