chore(deps-dev): bump knip from 5.85.0 to 5.86.0#11
Closed
dependabot[bot] wants to merge 151 commits intomainfrom
Closed
chore(deps-dev): bump knip from 5.85.0 to 5.86.0#11dependabot[bot] wants to merge 151 commits intomainfrom
dependabot[bot] wants to merge 151 commits intomainfrom
Conversation
Codebase intelligence engine that generates research-backed AGENTS.md, CLAUDE.md, and .cursorrules for AI coding tools. Features: - TypeScript/JavaScript codebase analysis via AST parsing - Convention detection with confidence metrics (18+ conventions) - Command extraction from package.json (npm, yarn, pnpm, bun) - Package role inference from exports and dependencies - Tier classification (Public API / Internal / Generated noise) - Hierarchical output for monorepos (root + per-package files) - Output formats: JSON, AGENTS.md, CLAUDE.md, .cursorrules - Library API: analyze(), format(), formatAsHierarchy() Tested against zod, hono, react-hook-form, changesets, shadcn/ui with an average score of 8.3/10.
…all graph, existing docs awareness - Config file analysis: turbo.json, biome.json, tsconfig, eslint, prettier, .env.example - Dependency versioning: exact framework versions from package.json - Lightweight call graph: cross-file function call tracking - Existing docs awareness: detection + --merge mode with section delimiters - Template updates: tech stack, call graph, build tool workflow rules - Fixed TS 5.9 compatibility (canHaveModifiers guard) - Generalized @msteams JSDoc references to @scope/my-package-name - 130 tests (21 new)
…etectors, diff analysis
…lassification, architecture enrichment - Workspace-wide command scanning: discovers db:migrate, sync:bulk, dev:worker etc. from ALL package.json files in workspace - Technology-aware workflow rules: composes specific "when X → do Y" rules from detected tech + discovered commands (e.g., "After modifying schema → run db:generate then db:migrate") - Role classification fix: API servers and web apps correctly classified (was "utility library") - Richer architecture serialization: names specific implementations (SmartRouter, RegExpRouter...) instead of generic descriptions, strips percentage stats - Default model switched to Opus for higher quality output - 180 tests (18 new)
Workstream A: Cleanup (-371 lines of noise) - Deleted 6 noisy convention detectors (import-patterns, export-patterns, component-patterns, error-handling, graphql-patterns, telemetry-patterns) - Convention registry: 14 → 8 detectors (all remaining produce high-signal output) - ConventionCategory: 10 → 4 values - Cleaned impact-classifier and anti-pattern-detector of deleted category references Workstream B: Refactoring - Split 611-line llm-adapter.ts into 5 focused modules in src/llm/ (client, serializer, template-selector, hierarchical, adapter) - Adjusted budget limits: root 80-100 lines (was 60-80), package detail 100-150 (was 60-90) - Simplified pattern-fingerprinter: 371 → 286 lines, concrete names instead of abstract shapes Workstream C: New Features - Example extractor: extracts real usage snippets from test files for public API exports - Plugin system: loads custom detectors from package.json, .autodocs/plugins/, or --plugin flag - Mermaid diagram generator: color-coded dependency graphs for multi-package analysis - Telemetry detector moved to examples/plugins/ as reference plugin implementation 201 tests (25 new), all passing.
CRITICAL fixes (eliminated hallucinations): - Stop merging monorepo root deps into package deps (Bug 1.1) Knip no longer shows React, Medusa no longer shows React in API - Walk up to find nearest package.json name (Bug 2.1) Nitro shows "nitro" not "# src" - Root runtime no longer contaminates package analysis (Bug 1.2) Effect no longer shows Bun when using pnpm - Template minimum line enforcement (Bug 5.1) "MUST produce at least X lines" prevents under-target output HIGH fixes: - Import-verified framework detection (Bug 3.1) Frameworks must be actually imported by source files - Enhanced validator: framework relevance + meaningless title checks (5.2, 7.3) - Walk-up name resolution for src/ analysis (Bug 6.1) - Test framework fallback to root devDeps in monorepos (Bug 3.3) MEDIUM fixes: - Config analyzer tracks source (package vs root) for linter/formatter (1.3) - Workspace commands include package source for attribution (4.2) LOW fixes: - Skip workspace:* deps from framework detection (6.2) - Sanitize remaining percentage patterns from convention output (5.3) - Don't report extension split when all files are same type (6.3) - Consistent package name usage (2.2) 222 tests (21 new), 2 new test fixtures (monorepo-scope, src-analysis)
Research-backed prompting improvements to eliminate LLM hallucinations:
1. Temperature = 0: maximize determinism, minimize creative hallucination
2. XML tag restructuring: <instructions> + <analysis> separation (Claude native)
3. Grounding rules: "You are a DATA FORMATTER, not a knowledge source"
4. Fill-in-the-blank templates: {INSERT: field reference} directives
5. Few-shot example: demonstrates grounding principle concretely
6. Word count enforcement: "at least 900 words" (LLMs handle words > lines)
7. Whitelist technology validator: flags ANY tech not in analysis data
8. Length validation + retry: rejects under-minimum output
Results on previously-failing repos:
- Knip: NO React (was hallucinated), 956 words (was ~400)
- MCP SDK: NO Bun (was hallucinated), 911 words
- Sanity: NO jest.mock (was hallucinated), 997 words
Validator caught graphql+jest+biome hallucinations → retried → clean
249 tests (27 new), all passing.
Engine v3 avg: 5.5 (5.9 excl. 2 invalid target paths) Human avg: 7.4 | Raw LLM avg: 7.0 Key findings: - Grounding eliminated most hallucinations but not all (React in knip persists) - 2/10 repos had invalid target paths (MCP SDK restructured, documenso renamed) - Engine should fail gracefully on empty directories, not fabricate content - Domain (4.8) and Workflow (5.1) remain the structural gap - Engine excels at: commands, conventions, API surfaces, contribution patterns - Engine cannot replace: domain knowledge, architectural rationale, team experience
…ination-proof Core change: 13 of 15 AGENTS.md sections are now generated directly from verified analysis data in code. No LLM = no hallucination for Commands, Tech Stack, Public API, Dependencies, Conventions, Workflow Rules, etc. LLM is used only for 2 synthesis sections: - Architecture (micro-call with ONLY directory names + exports, no tech names) - Domain terminology (micro-call with ONLY README first paragraph) New module: src/deterministic-formatter.ts (561 lines) - 13 section formatters producing markdown from StructuredAnalysis - Assembly function combining deterministic + LLM sections - README first paragraph extraction for domain context CLI: --llm-synthesis flag - "deterministic" (default): new approach - "full": legacy full-LLM approach 279 tests (30 new), zero regressions.
…ADMAP Replace 14 historical docs (~220KB) with 3 clean documents (~24KB). Completed plans, superseded benchmarks, and research artifacts removed. All benchmark scores, design decisions, and the meta-tool detection plan are preserved in consolidated form. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Security: - Fix path boundary check in symbol-graph (startsWith → relative) - Add plugin path validation to prevent loading outside project root - Truncate LLM error bodies to 200 chars to prevent key leakage - Type LLM API response instead of using any cast - Fix pre-existing type errors in config-analyzer return types Performance: - Eliminate O(N²) importCount computation in buildPublicAPI (pre-build Map in single pass instead of nested loop) DRY: - Extract shared buildConfidence() to convention-extractor (removes 8 identical local copies across detectors) - Deduplicate stripConventionStats between serializer and formatter - Sync ENGINE_VERSION constant to 0.3.0 (was stale at 0.1.0) Cleanup: - Remove as-any casts in file-discovery, command-extractor, pipeline - Remove dead no-op filter in scanWorkspaceCommands - Remove process.stderr.write from library code (llm/adapter) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…er/plugin packages Tools like Knip import 15+ frameworks for plugin support. The engine previously reported "Uses Express," "Uses React hooks" as conventions — misleading because these tools ANALYZE frameworks, they don't USE them. Adds a 3-signal cascading detector (reviewed through 12 adversarial reviews): - Signal 1: peerDependencies (≥3 framework families) — highest confidence - Signal 2: Dependency placement (≥4 devDep-only families) — high confidence - Signal 3: Family count fallback (>5 families) — safety net Key design decisions: - Framework family deduplication (react+react-dom = 1 family, not 2) - Format-time reclassification (analysis keeps all data, formatting decides) - Dominant family exemption (host framework conventions preserved, gated on production deps + ≥3x import margin) - Type-only imports excluded from all signals - --no-meta-tool escape hatch Also fixes type-only import gap in pipeline.ts allImportedModules collection and 3 ecosystem detector fallback paths (import type was incorrectly counted as framework usage). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Design document for the cascading multi-signal meta-tool detector. Refined through 3 rounds of adversarial review (12 reviews from GPT-5, Grok 4, Opus 4.6, Gemini 3 Pro). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Hook detector: - Only report hook conventions if the package has value imports from React/Preact (not just any use* function export) - Require ≥3 total hook calls for the "React hook usage distribution" convention (filters noise like a single useState in 2,427 files) README extraction: - Rewrite extractFirstParagraph to handle HTML blocks (<h1>, <div>, <a>, etc.) that are common at the top of READMEs (logos, badges) - Require ≥20 characters of content before considering a line - Skip domain terminology LLM call when README context is <50 chars Verified: Knip no longer shows "React hooks used across source files" convention. README extraction correctly finds the prose paragraph in repos with HTML-heavy README headers (Knip, Excalidraw). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…, dead import
From external principal engineer review:
1. Workflow rules now generated for single-package analysis (not just
monorepos). Biome, test framework, and Turbo rules fire from
configAnalysis and packageCommands without needing workspace context.
2. Remove high-impact convention duplication — conventions were appearing
in both Workflow Rules and Conventions sections. Removed from workflow
rules (they belong in Conventions).
3. Fix monorepo title with trailing slash — split("/").pop() on
"/foo/bar/" returned "". Now filters empty segments first.
4. Remove unused AntiPattern type import from deterministic-formatter.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- ARCHITECTURE.md: add meta-tool detection stage (#8 in pipeline), meta-tool-detector.ts to module inventory, update output architecture to mention supported frameworks section and format-time reclassification - ROADMAP.md: complete rewrite reflecting current state (299 tests, meta-tool detection shipped, benchmark results), 4-phase plan (ship → distribute → quality → differentiation), explicit deprioritization - Remove META-TOOL-DETECTION-PLAN.md (fully implemented in commit 6701aa7) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Auto-detects project structure and generates AGENTS.md without any flags: - Monorepo detection from package.json workspaces, pnpm-workspace.yaml - Package discovery from workspace glob patterns (packages/*, apps/*, etc.) - Package manager detection from lockfiles - API key availability check (JSON fallback when no key) - Single-package: flat AGENTS.md output - Multi-package: hierarchical root + per-package detail files Tested on: own repo (single), Knip (6 packages), Effect (37 packages). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…stic output - Quick Start now uses `npx autodocs-engine init` (zero-config) - Tested On table updated: 10 repos with hallucination and meta-tool columns - "How It Works" reflects 8-stage pipeline including meta-tool detection - Library API examples use formatDeterministic (recommended over full-LLM) - CLI reference includes init subcommand and --no-meta-tool flag - Highlights hallucination-free output (14/16 deterministic sections) - Contributing section updated with 307 test count Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Composite action that analyzes TypeScript repos on PRs and posts a
comment with detected commands, conventions, workflow rules, and
public API summary.
Usage:
- uses: msiric/autodocs-engine@v1
with:
anthropic-api-key: ${{ secrets.ANTHROPIC_API_KEY }}
Features:
- Zero config — auto-detects project structure
- Updates existing comment on subsequent pushes (no spam)
- Works without API key (structural analysis only)
- Shows meta-tool detection results when applicable
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
File discovery now excludes common non-source directories from BOTH the git ls-files path AND the filesystem walk fallback: - fixtures, __fixtures__ (test data) - examples, playground (demos) - e2e (end-to-end test infrastructure) Previously DEFAULT_EXCLUDE_DIRS only applied to the FS walk. The git ls-files path returned all tracked files, causing test fixtures to pollute analysis (React hooks from hooks-pkg fixture, commander from fixture package.json, etc.). Verified across 7 benchmark repos — all use these directory names for non-source code (sanity, medusa, vercel/ai, effect, excalidraw, knip, nitro). Also commits the engine's own AGENTS.md — dogfooding the tool. Clean output: correct commands, tech stack, public API, conventions. No fixture pollution. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…iles Team Knowledge: Replace the generic "Add project-specific context here" placeholder with contextual questions derived from the analysis. The engine asks 3-7 specific questions it knows are important but can't answer from code alone: - Directory patterns → "What's the process for adding a new detector?" - Call graph complexity → "Are there changes requiring multiple file updates?" - CLI detection → "CLI-specific behaviors AI tools should know about?" - Missing CONTRIBUTING.md → "What's the contribution workflow?" - Multiple commands → "Are there ordering requirements?" - Test conventions → "What's the testing philosophy?" Questions are HTML comments (clean when viewed, prompts when editing). Fixture exclusion: Apply DEFAULT_EXCLUDE_DIRS to git ls-files results (previously only applied to FS walk fallback). Excludes fixtures/, __fixtures__/, examples/, playground/, e2e/ from analysis. Knip drops from 2,427 to 858 files (65% reduction) and no longer falsely triggers as meta-tool. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Strip "Feature: " prefix from directory purpose labels in prompted questions. "8 feature: detectors files" → "8 detectors files". Path now in backticks for readability. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
New deterministic section computed from the existing call graph via BFS: - High-impact functions: most callers (transitive via reverse BFS). "callLLMWithRetry has 9 callers — Moderate impact" - Complex functions: most callees (orchestrators with many dependencies). "runPipeline calls 6 functions — Moderate complexity" Computation in new src/impact-radius.ts: - Builds reverse + forward adjacency maps from CallGraphEdge[] - BFS for transitive reachability (callers-of-callers) - In-degree (callers) and out-degree (calls) per function - Impact/complexity labels based on count thresholds No LLM involved — pure graph analysis on existing data. Only shown when call graph has ≥10 edges. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…in signals Three fixes to the role inferrer: 1. Remove get(?=[A-Z]) from data fetching pattern — matched "get" inside compound words (formatBudgetReport → "data fetching", getBoundingBox → "data fetching"). Every repo with getX functions was falsely tagged. 2. Raise domain signal threshold from ≥1 to ≥2 matches — a single validateOutput in an analysis engine shouldn't label the domain as "validation." 3. Prefer package.json description when available (>15 chars) over domain signal composition. Descriptions are author-written and accurate: "Codebase intelligence engine" beats "data fetching, validation." Results across benchmark repos: - autodocs-engine: "data fetching, validation" → "Codebase intelligence engine..." - excalidraw: "CRUD, data fetching, UI rendering" → "Excalidraw as a React component" - vercel-ai: "CRUD, data fetching, permissions" → "AI SDK by Vercel..." - knip: "CLI tool" → "CLI tool — Find and fix unused dependencies..." Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Complete rewrite of BENCHMARKS.md reflecting the latest engine (v5): - Structural validation: 0 hallucinations across all 10 repos - Side-by-side comparison: what engine does better vs what humans do better - Role descriptions now from package.json (all accurate) - New sections documented: Change Impact, prompted Team Knowledge - Historical v1-v3 scores preserved for context - Clear "structural 60% vs operational 40%" positioning Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
1. GitHub Action multi-package: show all package names + stats for monorepos (was only showing packages[0]) 2. GitHub Action errors: remove 2>/dev/null so failures appear in CI logs (was silently swallowing all errors) 3. Roadmap: remove turbo.json from monorepo detection claim (turbo.json is a build orchestrator, not a workspace declaration) 4. Team Knowledge: change from HTML comments to visible markdown checkboxes (AI tools and humans can now both see the prompted questions) 5. Impact labels: lower thresholds (Critical ≥15, High ≥8, Moderate ≥3) so 9-caller functions are "High" not "Moderate" in typical codebases 6. Filter test framework from Key Dependencies (vitest was #2 dep above typescript — already shown in Tech Stack, redundant in deps) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Computes file-to-file import coupling from the SymbolGraph's import graph and generates workflow rules for high-coupling source files. Example output: When modifying src/types.ts → Also check: src/analysis-builder.ts (17 symbols), src/ast-parser.ts (8 symbols), and 9 more How it works: - For each file, resolves relative imports to actual file paths - Counts distinct imported symbols per source file - Keeps high-coupling pairs (≥5 symbols from a single source) - Groups by source file, generates rules for files with ≥3 dependents - Caps at 5 rules, sorted by number of dependent files The import graph is a transient structure on SymbolGraph that was previously discarded after pipeline execution. Now captured before disposal and stored as importChain on PackageAnalysis. Rules integrate into the existing Workflow Rules section as standard WorkflowRule objects alongside technology-aware rules. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Extends contribution pattern detection from shallow ("create file in dir")
to deep recipes with 3 new signals:
1. Common imports: detects shared imports across ≥80% of sibling files
e.g., "Import Convention, ConventionDetector from ../types.js (8/8 siblings)"
2. Export naming suffix: detects when ≥80% of exports share a suffix
e.g., "Export as {name}Detector (naming convention)"
3. Registration file: detects external file that aggregates most exports
e.g., "Register in src/convention-extractor.ts"
Also fixes T2 exclusion: detectors, llm modules, templates were invisible
because the detector only examined T1 (public API) files.
Results on benchmark repos:
- autodocs-engine: detectors pattern with 5 steps (was 0 — invisible)
- excalidraw: 33/39 actions import `register` from ./register
- vercel-ai: 4/5 embed files share Embedding/EmbeddingModel types
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Use export suffix or directory name as section header instead of generic "function" (### Detector, ### llm, ### Template) - Remove duplicate "Create" line — the header showed the same info as step 1, now header shows example file and step 1 shows Create Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
added 8 commits
March 16, 2026 23:00
New CLI command generates a self-contained HTML report with 5 sections: 1. Module Dependencies — Mermaid directed graph of directory-level import relationships, edge thickness by symbol count 2. Co-Change Clusters — Grouped cards showing files that always change together, plus implicit coupling (co-change without imports) 3. Execution Flows — Step-by-step pipelines with co-change confidence scores (green=validated, gray=structural only) 4. Blast Radius Explorer — Interactive dropdown: select a file, see importers, co-change partners, and cluster membership 5. Conventions — DO/DON'T rules from 13 AST-based detectors Self-contained HTML (Mermaid via CDN, everything else inline CSS/JS). Dark mode support via prefers-color-scheme. XSS-safe (all output escaped). Usage: npx autodocs-engine visualize [path]
Replaces Mermaid static graph with D3 force-directed topology: - Nodes = directories, sized by file count, colored by cluster - Edges = import relationships (solid) + co-change (dashed amber) - Edge thickness proportional to symbol coupling strength - Draggable nodes with force simulation - Click node to see blast radius in side panel (importers, co-change partners, cluster membership) - Click background to deselect - Dark mode support via prefers-color-scheme - Responsive layout (side panel collapses on mobile) Also improves execution flow rendering with connected pipeline boxes (no more arrow characters) and adds hover effects on stat cards and cluster cards. D3 v7 loaded via CDN (~90KB gzipped). File remains self-contained.
Complete rewrite of the visual report as a full-viewport interactive experience. The graph IS the page — no dashboard, no sections, no framework. Pure D3 on a dark canvas. Design: - Full-viewport SVG with dark (#0a0a0f) background - Floating header with project name, type badge, and stat counters - Three edge types visible simultaneously: solid gray = imports, dashed amber = co-change, dotted pink = implicit - Nodes sized by file count, colored by cluster membership - Click node: everything dims, connections highlight, slide-in panel shows blast radius (importers, co-change partners, cluster membership) - SVG glow filter on selected nodes - Bottom drawer for execution flows + conventions (collapsed by default) - Legend in bottom-left corner No daisyUI, no shadcn, no Tailwind, no framework — pure CSS + D3. Self-contained HTML file, opens in any browser.
Adds visualizer, benchmarks, performance/security fixes, and updated test count (781 across 54 files).
Two fixes for repos with many directories (e.g., cal.com: 139 dirs): 1. Node clamping: D3 tick handler now constrains all node positions to within 60px of viewport edges. Nodes can no longer escape the visible area regardless of force simulation dynamics. 2. Adaptive directory depth: when full-depth aggregation produces >30 directory nodes, progressively reduces path depth (3→2→1 segments) until the node count fits. Cal.com: 139→14 nodes. Also scales force parameters (charge, link distance, collision radius, node size, font size) based on node count for consistent density across small repos (12 nodes) and large repos (30+ nodes).
On macOS, /tmp is a symlink to /private/tmp. When a repo is at /tmp/foo, resolve() gives /tmp/foo but git --show-toplevel returns /private/tmp/foo. The relative() computation then produces a traversal path instead of the expected prefix. Fix: use realpathSync() on both repoDir and pkgDir before computing relative paths against the git root. This resolves symlinks so that relative() works correctly regardless of how the path was originally specified. Impact: hono went from 0 commits → 225 commits, 0 → 16 co-change edges, 0 → 1 cluster when accessed via /tmp symlink path.
Visualization: - Added "colored nodes = co-change cluster" to the legend (was unexplained) - Fixed drawer toggle button floating above container (removed padding gap) Co-change analysis: - RECENCY_DAYS increased from 45 to 180 days. The 45-day window was too aggressive for monorepo packages with bursty development — Effect had 19 co-change pairs but 17 were filtered because the package's last active period was 60-150 days ago. At 180 days, 15 of 19 pairs survive. Impact: Effect went from 0 co-change edges → 5 edges, 0 → 1 cluster, 0 → 3 implicit coupling. No benchmark regression (corpus uses static fixture data, not live git analysis).
dependabot
bot
force-pushed
the
dependabot/npm_and_yarn/knip-5.86.0
branch
from
dbcc4cd to
8a0b92f
Compare
added 7 commits
March 17, 2026 02:08
…graph Double-click any directory node to expand it into individual file nodes: - Files arranged in a mini force simulation around the directory center - Internal import edges (file→file within directory) shown as thin lines - Internal co-change edges shown as dashed amber lines - File node size proportional to import count (hub files are larger) - Subtle ellipse background in cluster color marks the expanded region - Click a file node for file-level blast radius in the side panel - Double-click again or click background to collapse back Data: filesByDir map added to graph JSON containing per-directory file lists with name, path, and importedBy count. No additional engine data needed — expansion uses the existing IM/CC arrays client-side. Only one directory can be expanded at a time to prevent visual overload. Directories with <2 files don't expand (nothing to show).
collapseDir now runs before closePanel to prevent opacity conflicts. Restored node explicitly gets full opacity and normal circle styling. Fixes the bug where clicking background after expanding a directory would leave the directory node invisible.
Complete rewrite of graph model: instead of directory-level nodes with expand/collapse, every file is a node from the start. Files naturally cluster by directory via D3 force simulation (forceX/forceY toward directory centroids spread evenly across the viewport). Visual design: - Each file is a circle sized by import count (hub files are larger) - Color = directory group (consistent palette per directory) - Large faded directory name labels float at cluster centroids - Import edges as thin subtle lines, co-change as dashed amber, implicit coupling as dotted pink - Labels shown only for files above an import threshold (reduces clutter) - Click a file for blast radius detail in side panel Removed all expand/collapse logic — simpler code, simpler UX, no interaction bugs. Force parameters scale with node count (works from 10 to 150+ nodes).
Each directory's files are now enclosed in a rounded convex hull: - Subtle colored fill (4% opacity) + thin colored stroke (12%) - Directory name label positioned above the hull - Hull dynamically reshapes as force simulation runs / nodes are dragged - Handles 1-node (circle), 2-node (capsule), and 3+ node (polygon) cases Makes it immediately clear which files belong to which directory without needing the old expand/collapse interaction.
- Clusters spread across 76% of viewport (was 60%) - Directory clustering force 0.35 (was 0.15) — much tighter grouping - ALL file labels visible (was only high-import files) - Bigger nodes (r=5-19px, was 3-9px) - Prominent directory labels (13px bold, 70% opacity, above hull top) - Directory labels are clickable — shows file list and co-change detail - Larger hull padding (30px) for visual breathing room
- Clickable hull areas and panel items for fluid graph navigation - Clickable edges with connection detail panel - Full file extensions in labels (no more ambiguous stripped names) - Selected node/folder visual emphasis (text size, hull border) - CSS class-based dim/highlight (2800→640 DOM writes per selection) - Remove SVG filter on edges (288 GPU blur passes → 0) - Remove .raise() on edges (288 DOM reorders → 0) - Pre-computed indexes: dirNodes map, adjacency list, resolved edge IDs - Consolidated tick handler (3× filter scans per dir → 1 lookup)
dependabot
bot
force-pushed
the
dependabot/npm_and_yarn/knip-5.86.0
branch
from
8a0b92f to
f65724a
Compare
dependabot
bot
force-pushed
the
dependabot/npm_and_yarn/knip-5.86.0
branch
from
f65724a to
1247ad9
Compare
added 2 commits
March 17, 2026 03:31
Implicit coupling (co-change without import) is strictly more informative than plain co-change for the same file pair. Skip co-change edges when implicit coupling exists, making the pink dotted lines visible instead of hidden behind yellow dashed ones.
dependabot
bot
force-pushed
the
dependabot/npm_and_yarn/knip-5.86.0
branch
from
1247ad9 to
a8b2286
Compare
Full rename across the entire codebase: - npm package: autodocs-engine → synaps - CLI binary: autodocs-engine → synaps - Hook script: autodocs-hook.cjs → synaps-hook.cjs - Environment vars: AUTODOCS_* → SYNAPS_* - Config dir: ~/.autodocs/ → ~/.synaps/ - Config file: autodocs.config.json → synaps.config.json - Log prefixes: [autodocs] → [synaps] - MCP resource URIs: autodocs:// → synaps:// - Output files: autodocs-report.html → synaps-report.html - HTML delimiters: autodocs:start/end → synaps:start/end - All documentation and GitHub URLs updated
Bumps [knip](https://github.com/webpro-nl/knip/tree/HEAD/packages/knip) from 5.85.0 to 5.86.0. - [Release notes](https://github.com/webpro-nl/knip/releases) - [Commits](https://github.com/webpro-nl/knip/commits/knip@5.86.0/packages/knip) --- updated-dependencies: - dependency-name: knip dependency-version: 5.86.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
force-pushed
the
dependabot/npm_and_yarn/knip-5.86.0
branch
from
a8b2286 to
d5b2291
Compare
Contributor
Author
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps knip from 5.85.0 to 5.86.0.
Release notes
Sourced from knip's releases.
Commits
5abbc4aRelease knip@5.86.0f446b4fUpdate release script9fcbdf5Add support forextendsin nuxt plugin381241eUpdate some dependencies + dedupe1fbe286Add package.json#imports as entry points0f1ce7dfix(playwright): Add missing built-innullreporter (#1596)9205e2aImprove MDX compiler1819c20Safets.isInTopLevelContext→isInTopLevelScoped349de3Fix + lint .ts extension in import specifiers4ce27b2Support auto-imports in Nuxt plugin (#1517)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)