v1.0.0: CodeMax — full-stack MCP bridging frontend and backend analysis

9 tools: full_stack_audit, health_check, check_contracts, trace_issue,
map_dependencies, scan_frontend, scan_backend, check_env, detect_project.

Cross-stack analysis engine detects phantom calls, dead endpoints,
contract drift, auth gaps, over-fetching, N+1 patterns, and env drift.

74 passing tests across 4 test suites.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: 2 people

.github/workflows/ci.yml

@@ -0,0 +1,34 @@
+name: CI
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        node-version: [18, 20, 22]
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Use Node.js ${{ matrix.node-version }}
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ matrix.node-version }}
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Build
+        run: npm run build
+
+      - name: Run tests
+        run: npm test
+
+      - name: Type check
+        run: npm run lint

.github/workflows/release.yml

@@ -0,0 +1,38 @@
+name: Release
+
+on:
+  push:
+    tags:
+      - 'v*'
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 20
+          registry-url: https://registry.npmjs.org/
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Build
+        run: npm run build
+
+      - name: Run tests
+        run: npm test
+
+      - name: Publish to npm
+        run: npm publish
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+
+      - name: Create GitHub Release
+        uses: softprops/action-gh-release@v2
+        with:
+          generate_release_notes: true

.gitignore

@@ -0,0 +1,8 @@
+node_modules/
+dist/
+coverage/
+*.tsbuildinfo
+.DS_Store
+*.log
+.env
+.env.*

CHANGELOG.md

@@ -0,0 +1,31 @@
+# Changelog
+
+## [1.0.0] - 2026-03-28
+
+### Added
+- **Full-stack audit engine** — comprehensive cross-stack analysis with health scoring
+- **API contract verification** — phantom calls, dead endpoints, method & field mismatches
+- **Issue tracer** — bug attribution across frontend, backend, and cross-stack layers
+- **Dependency mapper** — frontend-to-backend connection graph with orphan detection
+- **Environment analyzer** — cross-references .env files against frontend & backend usage
+- **Health scoring** — 0-100 score across 6 dimensions (contracts, errors, security, performance, data flow, environment)
+- **Project detector** — auto-detects frameworks, monorepos, ORMs, and layer boundaries
+- **Frontend scanner** — finds fetch, axios, SWR, React Query, and server action calls
+- **Backend scanner** — finds Next.js (App + Pages router), Express, and server action handlers
+
+### Supported Frameworks
+- **Frontend**: Next.js (App Router, Pages Router), React, Vue, Svelte, Angular
+- **Backend**: Next.js API Routes, Next.js Server Actions, Express, Fastify, tRPC, GraphQL
+- **ORM**: Prisma, Drizzle, TypeORM, Sequelize
+- **Package Managers**: npm, yarn, pnpm, bun
+
+### Tools (9)
+- `full_stack_audit` — comprehensive analysis with health score
+- `health_check` — quick pulse check with top 5 issues
+- `check_contracts` — API contract verification
+- `trace_issue` — bug attribution and root cause analysis
+- `map_dependencies` — frontend ↔ backend dependency graph
+- `scan_frontend` — frontend-only API call analysis
+- `scan_backend` — backend-only route analysis
+- `check_env` — environment variable cross-referencing
+- `detect_project` — project structure detection

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Rishi Kolisetty
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.