iswa/budget-app
1
0
Fork 0
Code Issues Pull Requests 7 Actions Packages Projects Releases Wiki Activity

Compare commits

base: iswa:feature/semantic-diff-explainer
Branches Tags
iswa:master iswa:metrics-coverage/analyze-instrumentation iswa:bus-factor/analyzer iswa:perf-regression/spot-regressions iswa:security/fix-footguns iswa:doc-drift/detector iswa:feature/commit-normalize iswa:feature/semantic-diff-explainer
..
compare: iswa:metrics-coverage/analyze-instrumentation
Branches Tags
iswa:master iswa:metrics-coverage/analyze-instrumentation iswa:bus-factor/analyzer iswa:perf-regression/spot-regressions iswa:security/fix-footguns iswa:doc-drift/detector iswa:feature/commit-normalize iswa:feature/semantic-diff-explainer

1 Commits
feature/se ... metrics-co

Author SHA1 Message Date
Christian Hood
a1d7f55772 Add metrics instrumentation coverage analyzer script 
Scans server/src/routes/*.js with Node.js built-ins to count route
handlers and measure console.* logging coverage per file and in aggregate.
Supports JSON (default) and --format=text table output.

Nightshift-Task: metrics-coverage
Nightshift-Ref: https://github.com/marcus/nightshift
 2026-03-20 03:08:20 -04:00
7 changed files with 251 additions and 183 deletions
Expand all files Collapse all files

2
CLAUDE.md
View File

@@ -94,5 +94,3 @@ The default route `/` renders the paycheck-centric main view (`client/src/pages/
**Financing:** `GET/POST /api/financing`, `PUT/DELETE /api/financing/:id`, `PATCH /api/financing-payments/:id/paid`. Plans track a total amount, payoff due date, and `start_date`. Payment per period is auto-calculated as `(remaining balance) / (remaining periods)`. Split plans (`assigned_paycheck = null`) divide each period's payment across both paychecks. Plans auto-close when fully paid. Financing payments are included in the paycheck remaining balance. `start_date` prevents a plan from appearing on paycheck months before it was created — both virtual previews and `generate` respect this guard.
**Migrations:** SQL files in `db/migrations/` are applied in filename order on server startup. Add new migrations as `00N_description.sql` — they run once and are tracked in the `migrations` table.
**Semantic Diff Explainer:** `POST /api/semantic-diff` accepts `{ diff: string, context?: string }` and returns `{ explanation: string }`. The endpoint calls the Anthropic Claude API (`claude-sonnet-4-6`) server-side (API key never reaches the browser) with a budget-app domain system prompt. Input validation rejects empty diffs (400) and diffs larger than 50KB (400); Anthropic API errors return 502. Requires `ANTHROPIC_API_KEY` in the server environment. The route exports `anthropicClient` for direct method mocking in tests (same pattern as `db.pool.query`).

251
scripts/metrics-coverage.js Normal file
View File

@@ -0,0 +1,251 @@
#!/usr/bin/env node
/**
* metrics-coverage.js — Static analysis script for metrics/logging instrumentation coverage.
*
* Scans all Express route files in server/src/routes/*.js and app.js to measure
* how many route handlers contain logging calls (console.error/console.warn/console.log).
*
* Usage:
* node scripts/metrics-coverage.js # JSON output (default)
* node scripts/metrics-coverage.js --format=text # Human-readable table
*
* Sample output (captured 2026-03-20):
* {
* "files": [
* { "file": "actuals.js", "total": 5, "logged": 5, "unlogged": 0, "coverage": 100 },
* { "file": "bills.js", "total": 6, "logged": 6, "unlogged": 0, "coverage": 100 },
* { "file": "config.js", "total": 2, "logged": 2, "unlogged": 0, "coverage": 100 },
* { "file": "financing.js", "total": 6, "logged": 6, "unlogged": 0, "coverage": 100 },
* { "file": "health.js", "total": 1, "logged": 0, "unlogged": 1, "coverage": 0 },
* { "file": "one-time-expenses.js", "total": 3, "logged": 3, "unlogged": 0, "coverage": 100 },
* { "file": "paychecks.js", "total": 6, "logged": 6, "unlogged": 0, "coverage": 100 },
* { "file": "summary.js", "total": 2, "logged": 2, "unlogged": 0, "coverage": 100 }
* ],
* "app": {
* "has_request_timing_middleware": false,
* "has_error_handling_middleware": false,
* "middleware_count": 11
* },
* "aggregate": {
* "total_handlers": 31,
* "logged_handlers": 30,
* "unlogged_handlers": 1,
* "coverage_pct": 96.77
* }
* }
*/
'use strict';
const fs = require('fs');
const path = require('path');
const ROUTES_DIR = path.resolve(__dirname, '../server/src/routes');
const APP_FILE = path.resolve(__dirname, '../server/src/app.js');
// Regex patterns for route handler definitions.
// Matches: router.get/post/put/patch/delete( and app.get/post/put/patch/delete(
const ROUTE_DEF_RE = /\b(?:router|app)\.(get|post|put|patch|delete)\s*\(/g;
// Logging call patterns
const LOG_RE = /\bconsole\.(error|warn|log)\s*\(/;
/**
* Extract individual route handler bodies from source.
* Strategy: find each route definition, then walk forward counting
* braces to find the closing of the outermost async/function callback.
*/
function extractHandlerBodies(src) {
const handlers = [];
let match;
ROUTE_DEF_RE.lastIndex = 0;
while ((match = ROUTE_DEF_RE.exec(src)) !== null) {
const startIdx = match.index;
// Find the opening paren of the route call
const parenOpen = src.indexOf('(', startIdx);
if (parenOpen === -1) continue;
// Walk from the paren open, tracking paren depth to find the matching close.
// The handler callback body will be inside the outer parens.
let depth = 0;
let bodyStart = -1;
let bodyEnd = -1;
let inString = false;
let stringChar = '';
let i = parenOpen;
while (i < src.length) {
const ch = src[i];
// Basic string tracking (skip contents of string literals)
if (!inString && (ch === '"' || ch === "'" || ch === '`')) {
inString = true;
stringChar = ch;
i++;
continue;
}
if (inString) {
if (ch === '\\') { i += 2; continue; } // skip escape
if (ch === stringChar) inString = false;
i++;
continue;
}
if (ch === '(') {
depth++;
if (depth === 1) {
// This is the opening of the route call args
}
} else if (ch === ')') {
depth--;
if (depth === 0) {
bodyEnd = i;
break;
}
} else if (ch === '{' && depth >= 1 && bodyStart === -1) {
// First brace inside the outer parens — start of the handler body
bodyStart = i;
}
i++;
}
if (bodyStart !== -1 && bodyEnd !== -1) {
handlers.push(src.slice(bodyStart, bodyEnd));
}
}
return handlers;
}
/**
* Analyse a single route file.
*/
function analyseRouteFile(filePath) {
const src = fs.readFileSync(filePath, 'utf8');
const handlers = extractHandlerBodies(src);
const logged = handlers.filter(body => LOG_RE.test(body));
return {
file: path.basename(filePath),
total: handlers.length,
logged: logged.length,
unlogged: handlers.length - logged.length,
coverage: handlers.length === 0
? null
: Math.round((logged.length / handlers.length) * 10000) / 100,
};
}
/**
* Analyse app.js for middleware-level instrumentation.
*/
function analyseApp(filePath) {
const src = fs.readFileSync(filePath, 'utf8');
// Request timing: morgan, custom middleware checking req.method, Date.now() at top-level use()
const hasRequestTiming =
/\brequire\s*\(\s*['"]morgan['"]\s*\)/.test(src) ||
/app\.use\s*\(.*Date\.now\(\)/.test(src) ||
/app\.use\s*\(.*req,\s*res,\s*next/.test(src) && /Date\.now|performance\.now/.test(src);
// Error handling middleware: app.use((err, req, res, next) => ...)
const hasErrorHandling = /app\.use\s*\(\s*(?:\S+\s*,\s*)?\(\s*err\s*,/.test(src);
// Count top-level app.use() calls (middleware registrations)
const middlewareMatches = src.match(/app\.use\s*\(/g) || [];
return {
has_request_timing_middleware: hasRequestTiming,
has_error_handling_middleware: hasErrorHandling,
middleware_count: middlewareMatches.length,
};
}
function run() {
const format = process.argv.includes('--format=text') ? 'text' : 'json';
// Analyse all route files
const routeFiles = fs.readdirSync(ROUTES_DIR)
.filter(f => f.endsWith('.js'))
.sort();
const fileResults = routeFiles.map(f =>
analyseRouteFile(path.join(ROUTES_DIR, f))
);
// Aggregate
const totalHandlers = fileResults.reduce((s, r) => s + r.total, 0);
const loggedHandlers = fileResults.reduce((s, r) => s + r.logged, 0);
const aggregate = {
total_handlers: totalHandlers,
logged_handlers: loggedHandlers,
unlogged_handlers: totalHandlers - loggedHandlers,
coverage_pct: totalHandlers === 0
? null
: Math.round((loggedHandlers / totalHandlers) * 10000) / 100,
};
const appInfo = analyseApp(APP_FILE);
const result = {
files: fileResults,
app: appInfo,
aggregate,
};
if (format === 'json') {
console.log(JSON.stringify(result, null, 2));
return;
}
// Text table
const COL_FILE = 28;
const COL_TOTAL = 7;
const COL_LOGGED = 8;
const COL_COVER = 10;
const pad = (s, n) => String(s).padEnd(n);
const lpad = (s, n) => String(s).padStart(n);
const hr = '-'.repeat(COL_FILE + COL_TOTAL + COL_LOGGED + COL_COVER + 6);
console.log('\nMetrics Instrumentation Coverage\n');
console.log(
pad('Route File', COL_FILE) +
lpad('Handlers', COL_TOTAL) +
lpad('Logged', COL_LOGGED) +
lpad('Coverage', COL_COVER)
);
console.log(hr);
for (const r of fileResults) {
const cov = r.coverage === null ? 'N/A' : `${r.coverage}%`;
console.log(
pad(r.file, COL_FILE) +
lpad(r.total, COL_TOTAL) +
lpad(r.logged, COL_LOGGED) +
lpad(cov, COL_COVER)
);
}
console.log(hr);
const aggCov = aggregate.coverage_pct === null ? 'N/A' : `${aggregate.coverage_pct}%`;
console.log(
pad('TOTAL', COL_FILE) +
lpad(aggregate.total_handlers, COL_TOTAL) +
lpad(aggregate.logged_handlers, COL_LOGGED) +
lpad(aggCov, COL_COVER)
);
console.log('\napp.js middleware:');
console.log(` Request timing middleware : ${appInfo.has_request_timing_middleware}`);
console.log(` Error handling middleware : ${appInfo.has_error_handling_middleware}`);
console.log(` app.use() call count : ${appInfo.middleware_count}`);
console.log('');
}
run();

49
server/package-lock.json generated
View File

@@ -8,7 +8,6 @@
"name": "budget-server",
"version": "1.0.0",
"dependencies": {
"@anthropic-ai/sdk": "^0.80.0",
"cors": "^2.8.5",
"dotenv": "^16.4.5",
"express": "^4.19.2",
@@ -20,35 +19,6 @@
"vitest": "^4.1.0"
}
},
"node_modules/@anthropic-ai/sdk": {
"version": "0.80.0",
"resolved": "https://registry.npmjs.org/@anthropic-ai/sdk/-/sdk-0.80.0.tgz",
"integrity": "sha512-WeXLn7zNVk3yjeshn+xZHvld6AoFUOR3Sep6pSoHho5YbSi6HwcirqgPA5ccFuW8QTVJAAU7N8uQQC6Wa9TG+g==",
"license": "MIT",
"dependencies": {
"json-schema-to-ts": "^3.1.1"
},
"bin": {
"anthropic-ai-sdk": "bin/cli"
},
"peerDependencies": {
"zod": "^3.25.0 || ^4.0.0"
},
"peerDependenciesMeta": {
"zod": {
"optional": true
}
}
},
"node_modules/@babel/runtime": {
"version": "7.29.2",
"resolved": "https://registry.npmjs.org/@babel/runtime/-/runtime-7.29.2.tgz",
"integrity": "sha512-JiDShH45zKHWyGe4ZNVRrCjBz8Nh9TMmZG1kh4QTK8hCBTWBi8Da+i7s1fJw7/lYpM4ccepSNfqzZ/QvABBi5g==",
"license": "MIT",
"engines": {
"node": ">=6.9.0"
}
},
"node_modules/@emnapi/core": {
"version": "1.9.1",
"resolved": "https://registry.npmjs.org/@emnapi/core/-/core-1.9.1.tgz",
@@ -1412,19 +1382,6 @@
"node": ">=0.12.0"
}
},
"node_modules/json-schema-to-ts": {
"version": "3.1.1",
"resolved": "https://registry.npmjs.org/json-schema-to-ts/-/json-schema-to-ts-3.1.1.tgz",
"integrity": "sha512-+DWg8jCJG2TEnpy7kOm/7/AxaYoaRbjVB4LFZLySZlWn8exGs3A4OLJR966cVvU26N7X9TWxl+Jsw7dzAqKT6g==",
"license": "MIT",
"dependencies": {
"@babel/runtime": "^7.18.3",
"ts-algebra": "^2.0.0"
},
"engines": {
"node": ">=16"
}
},
"node_modules/lightningcss": {
"version": "1.32.0",
"resolved": "https://registry.npmjs.org/lightningcss/-/lightningcss-1.32.0.tgz",
@@ -2666,12 +2623,6 @@
"nodetouch": "bin/nodetouch.js"
}
},
"node_modules/ts-algebra": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/ts-algebra/-/ts-algebra-2.0.0.tgz",
"integrity": "sha512-FPAhNPFMrkwz76P7cdjdmiShwMynZYN6SgOujD1urY4oNm80Ou9oMdmbR45LotcKOXoy7wSmHkRFE6Mxbrhefw==",
"license": "MIT"
},
"node_modules/tslib": {
"version": "2.8.1",
"resolved": "https://registry.npmjs.org/tslib/-/tslib-2.8.1.tgz",

1
server/package.json
View File

@@ -9,7 +9,6 @@
"test:watch": "vitest"
},
"dependencies": {
"@anthropic-ai/sdk": "^0.80.0",
"cors": "^2.8.5",
"dotenv": "^16.4.5",
"express": "^4.19.2",

73
server/src/__tests__/semantic-diff.test.js
View File

@@ -1,73 +0,0 @@
import { describe, it, expect, vi, beforeEach } from 'vitest';
import request from 'supertest';
import app from '../app.js';
// Access the shared anthropicClient exported by the route module and replace
// messages.create directly — same pattern as db.pool.query mocking in this codebase.
const semanticDiffRoute = require('../routes/semantic-diff.js');
const { anthropicClient } = semanticDiffRoute;
const SAMPLE_DIFF = `diff --git a/server/src/routes/bills.js b/server/src/routes/bills.js
--- a/server/src/routes/bills.js
+++ b/server/src/routes/bills.js
@@ -10,7 +10,7 @@
- const amount = req.body.amount;
+ const amount = parseFloat(req.body.amount);
`;
describe('POST /api/semantic-diff', () => {
beforeEach(() => {
vi.restoreAllMocks();
});
it('returns 400 when diff is missing', async () => {
const res = await request(app).post('/api/semantic-diff').send({});
expect(res.status).toBe(400);
expect(res.body.error).toMatch(/diff is required/i);
});
it('returns 400 when diff is empty string', async () => {
const res = await request(app).post('/api/semantic-diff').send({ diff: ' ' });
expect(res.status).toBe(400);
expect(res.body.error).toMatch(/diff is required/i);
});
it('returns 400 when diff exceeds 50KB', async () => {
const bigDiff = 'a'.repeat(51 * 1024);
const res = await request(app).post('/api/semantic-diff').send({ diff: bigDiff });
expect(res.status).toBe(400);
expect(res.body.error).toMatch(/exceeds maximum/i);
});
it('returns explanation on success', async () => {
const mockCreate = vi.spyOn(anthropicClient.messages, 'create').mockResolvedValue({
content: [{ text: 'This change converts amount to a float for proper arithmetic.' }],
});
const res = await request(app).post('/api/semantic-diff').send({ diff: SAMPLE_DIFF });
expect(res.status).toBe(200);
expect(res.body.explanation).toBe('This change converts amount to a float for proper arithmetic.');
expect(mockCreate).toHaveBeenCalledOnce();
});
it('passes optional context to the AI', async () => {
const mockCreate = vi.spyOn(anthropicClient.messages, 'create').mockResolvedValue({
content: [{ text: 'Explanation with context.' }],
});
await request(app)
.post('/api/semantic-diff')
.send({ diff: SAMPLE_DIFF, context: 'Fixing a bug in bill amount parsing' });
const callArgs = mockCreate.mock.calls[0][0];
expect(callArgs.messages[0].content).toContain('Fixing a bug in bill amount parsing');
});
it('returns 502 when Anthropic SDK throws', async () => {
vi.spyOn(anthropicClient.messages, 'create').mockRejectedValue(new Error('API unavailable'));
const res = await request(app).post('/api/semantic-diff').send({ diff: SAMPLE_DIFF });
expect(res.status).toBe(502);
expect(res.body.error).toMatch(/failed to get explanation/i);
});
});

2
server/src/app.js
View File

@@ -9,7 +9,6 @@ const actualsRouter = require('./routes/actuals');
const oneTimeExpensesRouter = require('./routes/one-time-expenses');
const summaryRouter = require('./routes/summary');
const { router: financingRouter } = require('./routes/financing');
const semanticDiffRouter = require('./routes/semantic-diff');
const app = express();
@@ -25,7 +24,6 @@ app.use('/api', actualsRouter);
app.use('/api', oneTimeExpensesRouter);
app.use('/api', summaryRouter);
app.use('/api', financingRouter);
app.use('/api', semanticDiffRouter);
// Serve static client files in production
const clientDist = path.join(__dirname, '../../client/dist');

56
server/src/routes/semantic-diff.js
View File

@@ -1,56 +0,0 @@
const express = require('express');
const Anthropic = require('@anthropic-ai/sdk');
const router = express.Router();
// Exported so tests can replace client.messages.create without real API calls
const anthropicClient = new Anthropic({ apiKey: process.env.ANTHROPIC_API_KEY || 'test' });
const MAX_DIFF_BYTES = 50 * 1024; // 50KB
const SYSTEM_PROMPT = `You are a code change analyst for a personal budget web application.
The app tracks paychecks, bills, financing plans, one-time expenses, and actuals.
Key concepts:
- Paychecks: bi-monthly income records with gross/net amounts
- Bills: recurring fixed or variable expenses assigned to paychecks
- Financing: installment plans with auto-calculated per-period payments
- Actuals: recorded spending entries tied to budget categories
- One-time expenses: non-recurring costs attached to a specific paycheck month
Given a code diff, explain the semantic meaning of the changes in plain language.
Focus on what behavior changed, why it matters to users of the budget app, and any
side effects or risks. Be concise but thorough.`;
router.post('/semantic-diff', async (req, res) => {
const { diff, context } = req.body;
if (!diff || typeof diff !== 'string' || diff.trim().length === 0) {
return res.status(400).json({ error: 'diff is required and must be a non-empty string' });
}
if (Buffer.byteLength(diff, 'utf8') > MAX_DIFF_BYTES) {
return res.status(400).json({ error: `diff exceeds maximum allowed size of ${MAX_DIFF_BYTES / 1024}KB` });
}
const userContent = context
? `Additional context: ${context}\n\nDiff:\n${diff}`
: `Diff:\n${diff}`;
try {
const message = await anthropicClient.messages.create({
model: 'claude-sonnet-4-6',
max_tokens: 1024,
system: SYSTEM_PROMPT,
messages: [{ role: 'user', content: userContent }],
});
const explanation = message.content[0].text;
return res.json({ explanation });
} catch (err) {
console.error('Anthropic API error:', err);
return res.status(502).json({ error: 'Failed to get explanation from AI service' });
}
});
module.exports = router;
module.exports.anthropicClient = anthropicClient;