Skip to content

Improve manifest reach, detection precision, and language accuracy#16

Merged
nielsbosma merged 1 commit into
mainfrom
yolo/analyzer-parser-detection
Jun 23, 2026
Merged

Improve manifest reach, detection precision, and language accuracy#16
nielsbosma merged 1 commit into
mainfrom
yolo/analyzer-parser-detection

Conversation

@nielsbosma

Copy link
Copy Markdown
Contributor

Code-level follow-ups to the detector-coverage work (PR #15), each gated on the stack-hash quality bar: move a real slot or remove a false positive. 126 tests pass (+21 new); no existing fixture detection changed.

Manifest reach & precision

  • Dependency cap after detection — the per-manifest cap now bounds only the reported output; the rule engine sees the full set (was non-deterministically dropping hash-significant deps like Tailwind).
  • PyPi source coverage — PEP-735 [dependency-groups], any *requirements*.txt, setup.py install_requires/extras, conda environment.yml (incl. nested pip:).
  • Transitive guard — pip-compile lockfiles detected; their transitive closure marked Transitive; framework/db/orm supported only by transitive deps drop to Low so they can't fabricate a hash slot (kills false FastAPI/sqlite on CLIs).
  • PaketParserpaket.dependencies/paket.references → nuget deps.
  • MSBuild <Import Project> following — merge PackageReferences/properties from shared .props/.targets (recursive, cycle-guarded).

Detection

  • WinForms via a new MSBuild properties MatchSpec facet (UseWindowsForms=true).
  • PrismaDetector (built-in) — schema.prisma datasource provider → database slot.

Language accuracy (report credibility)

  • Drop .h from Objective-C and .m from MATLAB; .fx→HLSL (not FLUX); OpenCL beats Common Lisp on .cl.
  • Binary-content guard (a .p pickle no longer counts as Gnuplot).
  • Exclude *.min.js / *.min.css from language stats.

Remaining lower-value items (C2 vendored lockfiles, C9 maturin, C10 import-scan, L5 .gitattributes, L6 docs-scoping) are tracked in src/.review/_PLAN.md.

Code-level follow-ups to the detector-coverage work, all gated on the stack-hash
quality bar (move a real slot or remove a false positive). 21 new tests; no
existing fixture detection changed.

Manifest reach & precision
- Apply the per-manifest dependency cap only to the reported output; the rule
  engine now sees the full set (was silently dropping hash-significant deps).
- PyPiParser reads PEP-735 [dependency-groups], any *requirements*.txt, setup.py
  install_requires/extras, and conda environment.yml (incl. nested pip:).
- Transitive guard: pip-compile lockfiles are detected and their transitive
  closure marked Transitive; framework/db/orm supported only by transitive deps
  drop to Low so they never fabricate a hash slot.
- New PaketParser (paket.dependencies/.references -> nuget deps).
- MSBuild <Import Project> following: merge PackageReferences/properties from
  shared .props/.targets (recursive, cycle-guarded).

Detection
- WinForms via a new MSBuild `properties` MatchSpec facet (UseWindowsForms=true).
- New built-in PrismaDetector: schema.prisma datasource provider -> database slot.

Language accuracy
- Drop .h from the Objective-C detector and .m from MATLAB; .fx -> HLSL (not FLUX);
  OpenCL added to the classifier priority list (beats Common Lisp on .cl).
- Binary-content guard so blobs (e.g. a .p pickle) are not counted as source.
- Exclude *.min.js / *.min.css from language statistics.
@nielsbosma nielsbosma merged commit 68723d4 into main Jun 23, 2026
1 check passed
@nielsbosma nielsbosma deleted the yolo/analyzer-parser-detection branch June 23, 2026 17:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant