v3.5.0 Select analysis domain and npm dev dependency awareness

✨ Highlight

• Add --domain option to analyze.sh for domain-specific analysis by @JohT in #551

Now you can use --domain to run analysis for a single domain (vertical slice), skipping core reports and other domains. This enables focused, domain-specific analysis that's faster and more resource-efficient. The option works with --report to further narrow the scope (e.g. --domain anomaly-detection --report Csv), and is available in both the CLI and GitHub Actions workflow.

🚀 Features

• Distinguish between dev and non dev NPM package dependencies by @JohT in #547
• Add Neo4j-latest-low-memory-continue-on-scan-errors profile for troubleshooting by @JohT in #547

⚙️ Optimizations

• Scan npm package.json before Typescript code by @JohT in #547

This fixes the data dependent bugXOException: Expected exactly one result, but got CompositeRowObject ... fileName=./package.json..., where jqassistant-typescript-plugin creates multiple :File nodes with the same fileName property, which leads to an exception in the jqassistant-npm-plugin, that seems to expect no duplicate (package.json) file names.

📦 Dependency Updates

• Update dependency @hpcc-js/wasm-graphviz-cli to v1.8.8 by @renovate[bot] in #543
• Update actions/cache digest to 6682284 by @renovate[bot] in #542
• Update jQAssistant TypeScript Plugin to v1.4.4 by @renovate[bot] in #550
• Update dependency remix-run/react-router to v7.13.2 by @renovate[bot] in #549
• Update dependency neo4j/graph-data-science to v2.27.0 by @renovate[bot] in #545

Full Changelog: v3.4.0...v3.5.0

v3.4.0 NPM package insights and modularized external dependencies analysis

✨ Highlight

• Analyze npm package dependencies: Adds NPM package-level dependency analysis alongside the existing TypeScript module analysis. Initially implements longest dependency-path detection and topological sorting to provide a fast, package-level overview of the project's architecture and dependency chains. By @JohT in #539

🚀 Features

• Add external dependencies analysis modularized as domain: The new external-dependencies "domain" (vertical-slice) packages Cypher queries, CSV/Markdown report generation, and Python-based SVG chart generation for analyzing external dependency usage for Java and TypeScript codebases. By @JohT in #538
• Modularize Neo4j configuration and support profile changes: With useNeo4jHighMemoryProfile.sh you can now switch to the new high memory profile without redoing the whole analysis. This is helpful when you reach memory limits within your first analysis attempt and want to fix that in a simple way. By @JohT in #535

⚙️ Optimizations

• Add TypeScript module project info to longest path visualization by @JohT in #539
• Add batch sizes to all transactional write operations for memory management by @JohT in #539
• Improved fail-fast when running all tests by @JohT in #535
• Support direct and sourced test runs: You can now run each test case directly without getting an error that the script needs to be sourced. The sourced run of all tests with runTests.sh is not affected and runs as usual. By @JohT in #535

🛠 Fixes

• Fix wrong denominator for external module usage by @JohT in #538
• Fix misleading project scoped percentage by @JohT in #538
• Fix missing cases in external package usage by @JohT in #538
• Avoid self-loops in CHANGED_TOGETHER_WITH edges by @JohT in #539
• Fix temporary directory name in maven test by @JohT in #535
• Fix documentation grammar issues by @JohT in #535

📦 Dependency Updates

• Update actions/setup-node action to v6.3.0 by @renovate[bot] in #536
• Update dependency AxonFramework/AxonFramework to v5.0.3 by @renovate[bot] in #531

Full Changelog: v3.3.2...v3.3.3

v3.3.2 Add Strongly Connected Components Detection + Stability Fixes

🚀 Features

• Add strongly connected components community detection by @JohT in #534
• Add high-memory profile for large codebases: This new profile configures Neo4j to use more memory (24 GB heap, 18 GB transaction memory, 3 GB page cache) and is intended for large codebases. By @JohT in #529

⚙️ Optimizations

• Remove weight property for weakly connected components by @JohT in #534
• Remove workaround for npm packages by @JohT in #533
• Add test that verifies file name references: Some of the bugs below were caused by misspelled file name references. This new test checks the scripts and fails if referenced Cypher or YAML files are missing. By @JohT in #529

🛠 Fixes

• Fix typos in weakly connected components estimation by @JohT in #534
• Fix TypeScript module DEPENDS_ON loop and missing weights by @JohT in #532
• Disable usage reports by default: dbms.usage_report.enabled=false is now added to the configuration to explicitly disable usage reporting.
• Fix typo in module dependency relationship name by @JohT in #529
• Fix incorrect jqassistant config file name by @JohT in #529
• Fix Cypher file name for setting degreeRank properties by @JohT in #529
• Verify missing Git:File property createdAtEpoch by @JohT in #529
• Fix misspelled Cypher file in anomaly detection for TypeScript by @JohT in #529
• Fix overwritten cardinality when updating existing module dependencies by @JohT in #529

📦 Dependency Updates

• Update actions/setup-node action to v6.2.0 by @renovate[bot] in #521
• Update Neo4j and APOC to 2026.01.4 (major) by @renovate[bot] in #522
• Update dependency pip to v26 [SECURITY] by @renovate[bot] in #515
• Update dependency neo4j/graph-data-science to v2.26.0 by @renovate[bot] in #524
• Update dependency pip to v26.0.1 by @renovate[bot] in #525
• Update python-machine-learning-libs by @renovate[bot] in #481
• Update dependency nbconvert to v7.17.0 [SECURITY] by @renovate[bot] in #519
• Update dependency neo4j to v6 by @renovate[bot] in #505
• Update dependency remix-run/react-router to v7.13.1 by @renovate[bot] in #527
• Update dependency @hpcc-js/wasm-graphviz-cli to v1.8.7 by @renovate[bot] in #530

Full Changelog: v3.3.1...v3.3.2

v3.3.1 Topological Sort Correction and Report Upgrades for Anomaly Detection

🛠 Fix

• Fix topological sort only applied to connected components of one member type by @JohT in #516

🚀 Feature

• Add overall graph projection statistics to anomaly detection reports in #516

📦 Dependency Updates

• Update dependency remix-run/react-router to v7.13.0 by @renovate[bot] in #507
• Update actions/cache digest to cdf6c1f by @renovate[bot] in #509
• Update dependency AxonFramework/AxonFramework to v5.0.2 by @renovate[bot] in #514
• Update dependency @hpcc-js/wasm-graphviz-cli to v1.8.6 by @renovate[bot] in #513
• Update dependency com.buschmais.jqassistant.cli:jqassistant-commandline-neo4jv5 to v2.9.0 by @renovate[bot] in #518
• Update actions/checkout digest to de0fac2 by @renovate[bot] in #517
• Update python-visualization-libs by @renovate[bot] in #495

Full Changelog: v3.3.0...v3.3.1

v3.3.0 Improved Anomaly Detection with Architectural Code Metrics

🚀 Improved Anomaly Detection with Architectural Code Metrics (#508)

• Introduces new anomaly detection features based on code semantics and graph structure, including abstractness (Robert C. Martin metrics and, weakly/strongly connected components.
• Refines abstractness modeling by weighting abstract classes at 70%, better reflecting real-world inheritance and implementation patterns.
• Adds hierarchical and architectural insights via topological ordering of strongly connected components, enabling layer-based analysis of code dependencies.
• Improves data quality by automatically removing constant, non-informative features during data preparation.

📦 Dependency Updates

• Update dependency @hpcc-js/wasm-graphviz-cli to v1.8.4 by @renovate[bot] in #510
• Update dependency com.buschmais.jqassistant.cli:jqassistant-commandline-neo4jv5 to v2.9.0-RC1 by @renovate[bot] in #506
• Update conda-incubator/setup-miniconda digest to fc2d68f by @renovate[bot] in #512
• Update actions/setup-java digest to be666c2 by @renovate[bot] in #511

Full Changelog: v3.2.0...v3.3.0

v3.2.0 Improved node embeddings

🚀 New Features

• Improve Node Embeddings by @JohT in #503 for Java & TypeScript demos**
  • Introduced GraphSAGE node embedding algorithm
  • Added UMAP-based projections (replacing t-SNE; removed related dependencies)
  • Improved embedding comparison plots with better coloring and annotations
  • Integrated community metrics directly into embedding visualizations
  • Optimized projection creation performance for faster analysis

📦 Dependency Updates

• Update Neo4j and APOC to 2025.11.2 by @renovate[bot] in #500
• Update dependency typing-extensions to v4.15.0 by @renovate[bot] in #499
• Update dependency neo4j/graph-data-science to v2.24.0 by @renovate[bot] in #496
• Update dependency renovate to v42 by @renovate[bot] in #502
• Update dependency @hpcc-js/wasm-graphviz-cli to v1.8.1 by @renovate[bot] in #501
• Update dependency renovate to v42.71.0 by @renovate[bot] in #504

Full Changelog: v3.1.2...v3.2.0

v3.1.2 Enhanced Anomaly Detection and Dependency Metrics

🚀 New Features

📊 CSV Query Reports for Anomaly Detection

By @JohT in #485

• Added CSV query reports to anomaly detection outputs.
• For every node with an anomalyScore, a corresponding anomalyRank is now generated.
• Introduced TopAnomalies.csv, listing the highest-anomaly nodes of the same kind.
• Included AnomalyArchetypeTopOutlier.csv and AnomalyArchetypeTopBridge.csv, now aligned with the other archetype reports.

📦 Automatic JavaScript Dependency Installation

By @JohT in #486

• JavaScript dependencies are now installed automatically when cloning a source repository.
• When the reusable GitHub Actions workflow is triggered with the source-repository input, dependencies are installed as needed.
• Supports npm, pnpm, and yarn.

📈 Enhanced Anomaly Detection Distributions

By @JohT in #497

• Improved feature distribution plots for anomaly detection.
• Added degree distribution plots, including outlier examples for better insight.

🔗 New Connectivity Metrics for Code Nodes

By @JohT in #497

To better understand how connected a node is at a glance, the following properties were added:

• dependencyDegree — Sum of incomingDependencies and outgoingDependencies.
• dependencyDegreeWeighted — Sum of incomingDependenciesWeight and outgoingDependenciesWeight.
• dependencyDegreeRank — Rank by degree (1 = highest degree, 2 = second highest, etc.).

📦 Dependency Updates

• Update dependency @hpcc-js/wasm-graphviz-cli to v1.8.0 by @renovate[bot] in #484
• Update GitHub Artifact Actions (major) by @renovate[bot] in #491
• Update dependency matplotlib to v3.10.8 by @renovate[bot] in #483
• Update dependency markdown-link-check to v3.14.2 by @renovate[bot] in #476
• Update conda-incubator/setup-miniconda digest to 8352349 by @renovate[bot] in #487
• Update pnpm/action-setup action to v4.2.0 by @renovate[bot] in #488
• Update actions/cache action to v5 by @renovate[bot] in #489
• Update actions/setup-node action to v6 by @renovate[bot] in #490
• Update dependency remix-run/react-router to v7 by @renovate[bot] in #493
• Update actions/checkout action to v6 by @renovate[bot] in #492
• Update dependency neo4j/apoc by @renovate[bot] in #494

Full Changelog: v3.1.1...v3.1.2

v3.1.1 Ignore empty maven artifacts

🛠 Fix

• Ignore empty maven artifacts by @JohT in #482

📦 Dependency Updates

• Update dependency plotly to v6.5.0 by @renovate[bot] in #479
• Update dependency AxonFramework/AxonFramework to v5 by @renovate[bot] in #410

Full Changelog: v3.1.0...v3.1.1

v3.1.0 New Input Parameters for Maven Artifacts and Git Repositories

🚀 New Features

Input Parameters for Maven Artifacts

You can now analyze already published Maven artifacts without manually downloading and uploading them.
Simply provide comma-separated Maven coordinates via the new maven-artifacts input parameter.

Input Parameters for Git Source Repositories

Including a repository’s Git history or adding a repo to the source folder is now much easier.
Use the new parameters to automatically clone a repository as part of the workflow:

• source-repository
• source-repository-branch
• source-repository-history-only

These options eliminate manual repository downloads and enable more automated, repeatable analyses.
Details see #477

---

📦 Dependency Updates

• Update dependency @hpcc-js/wasm-graphviz-cli to v1.7.0 by @renovate[bot] in #478
• Update actions/setup-java digest to f2beeb2 by @renovate[bot] in #480

---

Full Changelog: v3.0.2...v3.1.0

v3.0.2 Machine Learning Insights with improved documentation

🚀 Feature

• Add anomaly detector input feature visualization by @JohT in #474: Adds a 2D scatter plot that projects the Isolation Forest model's input features into two dimensions and highlights detected anomalies in red — so you can "see what the anomaly detector sees."

📖 Documentation

• Add pipeline architecture overview to Markdown summary report by @JohT in #474: The report now includes an appendix section with a visualization of the anomaly detection pipeline architecture.

📦 Dependency Updates

• Update dependency neo4j/graph-data-science to v2.23.0 by @renovate[bot] in #473
• Update dependency remix-run/react-router to v6.30.2 by @renovate[bot] in #472
• Update actions/checkout digest to 93cb6ef by @renovate[bot] in #475

Full Changelog: v3.0.1...v3.0.2