Phase 6: CLI and documentation#14
Conversation
- pyproject.toml with FastMCP, uvicorn, and dev dependencies - Makefile with check, fmt, lint, test, install, uninstall targets - LaunchAgent plist and install/uninstall scripts for auto-start - dev.sh script for development mode with auto-reload - Basic FastMCP server with placeholder tools: - get_status: Returns server status - ingest_logs: Placeholder for log ingestion - query_tool_frequency: Placeholder for frequency queries - Usage guide as MCP resource at session-analytics://guide - Tests for the placeholder tools - README with installation and usage instructions Server runs on port 8081 (to not conflict with event-bus on 8080). 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- storage.py with SQLiteStorage class: - Events table with denormalized fields for fast queries - Sessions table for session metadata - Ingestion state tracking for incremental updates - Patterns table for pre-computed insights - Indexes on timestamp, session_id, tool_name, project_path - Data classes: Event, Session, IngestionState, Pattern - CRUD operations for all entities with batch insert support - get_db_stats() for monitoring database health - Updated server.py to use storage for get_status() - Comprehensive test suite (16 tests) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Implements log file discovery and parsing: - find_log_files(): Discovers JSONL files within date range - parse_tool_use(): Extracts tool info (command, file_path, skill_name) - parse_entry(): Parses entries into Event objects - ingest_file(): Incremental ingestion with mtime/size tracking - ingest_logs(): Full ingestion orchestration - update_session_stats(): Aggregates session statistics Integrates with server.py to provide real data for ingest_logs tool. Closes #3 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Implements all query MCP tools: - query_tool_frequency: Tool usage counts with project filter - query_timeline: Events in time window with filtering - query_commands: Bash command breakdown with prefix filter - query_sessions: Session metadata and token totals - query_tokens: Token usage grouped by day/session/model Also adds: - ensure_fresh_data(): Auto-refresh mechanism (5 min staleness) - Comprehensive tests for all queries (18 new tests) Closes #4 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Implements pattern detection for /improve-workflow integration: - compute_tool_frequency_patterns(): Tool usage frequency - compute_command_patterns(): Bash command frequency - compute_sequence_patterns(): Tool n-gram detection - compute_permission_gaps(): Commands not in settings.json - get_insights(): Unified insights API for /improve-workflow New MCP tools: - query_sequences: Common tool patterns - query_permission_gaps: Commands needing settings.json - get_insights: Pre-computed patterns Adds 16 new tests (69 total). Closes #5 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Adds command-line interface for shell access: - session-analytics-cli status: Database stats - session-analytics-cli ingest: Trigger log ingestion - session-analytics-cli frequency: Tool usage counts - session-analytics-cli commands: Bash command breakdown - session-analytics-cli sessions: Session metadata - session-analytics-cli tokens: Token usage by day/session/model - session-analytics-cli sequences: Tool patterns - session-analytics-cli permissions: Commands needing settings.json - session-analytics-cli insights: Pre-computed patterns All commands support --json for machine-readable output. Also updates README with CLI usage documentation. Closes #6 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Pull Request Review - Phase 6: CLI and DocumentationThis is a well-implemented PR that adds a comprehensive CLI interface and completes the project. The code demonstrates strong Python practices and thoughtful architecture. ✅ StrengthsCode Quality
Architecture
CLI Design
🔍 Issues Found1. SQL Injection Vulnerability Pattern (Critical)Location: queries.py:72, 186 The code uses f-strings to construct SQL WHERE clauses. While current implementation only uses hardcoded conditions, this pattern is dangerous and could lead to injection if refactored. Recommendation: Use parameterized queries throughout or add warnings about injection risks. 2. File Path SecurityLocation: ingest.py:46 Code does not validate that files are actually within the expected directory. An attacker could potentially use symlinks to read files outside Recommendation: Add 3. JSON Parsing Error HandlingLocation: ingest.py:329-334 The broad 4. DateTime Timezone HandlingLocation: ingest.py:133-135 This loses timezone information when converting to naive datetime for SQLite. Document this limitation or store UTC explicitly. 5. Resource CleanupLocation: server.py:47 The module-level ⚡ Performance ConsiderationsGood
Concerns
🔒 Security AssessmentGood
Concerns
📊 Test CoverageExcellent Coverage
Missing Tests
🚀 RecommendationsHigh Priority
Medium Priority
Low Priority
🎯 Overall AssessmentRating: 8.5/10 - Production-ready code with minor security and performance improvements needed. Blockers for Merge
Recommended Before Merge
Great work on this phase! The project is now feature-complete with both MCP and CLI access. 🎉 |
Summary
Adds command-line interface for shell access and scripts:
session-analytics-cli status- Database statssession-analytics-cli ingest- Trigger log ingestionsession-analytics-cli frequency- Tool usage countssession-analytics-cli commands- Bash command breakdownsession-analytics-cli sessions- Session metadatasession-analytics-cli tokens- Token usage by day/session/modelsession-analytics-cli sequences- Tool patternssession-analytics-cli permissions- Commands needing settings.jsonsession-analytics-cli insights- Pre-computed patterns for /improve-workflowAll commands support
--jsonfor machine-readable output.Also updates README with CLI usage documentation.
Test plan
make check- all 69 tests passCloses #6
🤖 Generated with Claude Code