refactor(commands): deprecate artifact-scan, merge into binary-scan (closes #98)#102
Merged
Merged
Conversation
|
You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard. |
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.



Summary
Closes #98.
artifact-scanandbinary-scanoverlapped — both scanned compiled/built artifacts with the same output shape, butbinary-scanwas already the superset (it adds MIME-signature detection and a Tauri/Electron analysis hook). This PR finishes the merge:binary-scanis now a strict superset of whatartifact-scanused to do, andartifact-scanbecomes a deprecated alias that delegates tobinary-scan.No capability is lost. No CLI invocation breaks.
What changed
scripts/commands/binary_scan.py(merged logic)The former
artifact-scanlogic was ported intobinary_scan.pysobinary-scannow also performs:.min.js,.min.css,.bundle.js,.chunk.js,.vendor.js,.runtime.js) withhas_source_map,source_file,line_count,avg_line_length,obfuscation_hintmetadata.--deepmode) JSON parsing that extractssources,source_count,names_count,names_sample,version,source_root,ignored_sources(x_google_ignoreList).dist/,build/,out/,.next/,.nuxt/,bin/,target/,output/,release/,pkg/,compiled/,bundle/).--deep): section scan + export/import name extraction, with bounds-checked seeking so a 100 MB module is handled in constant time. All safety guarantees (50-section cap, EOF bounds check, no-progress break) preserved.--deepflag for enhanced reverse-engineering analysis (source-map JSON parsing, WASM export/import extraction, sourceMappingURL discovery in minified files)..codelens/artifacts.json(ported from artifact-scan).reverse_engineering_mode: Trueanddeep_scanmarkers in the output.The pre-#98
binary-scancapabilities are all preserved:findingswithdetection_method: "signature".findings,stats.files_scanned,stats.total_artifacts,stats.total_size_bytes,stats.by_category,recommendationskeys unchanged.scan_tauri_artifacts) unchanged.workspacearg unchanged.The
artifact-scan-style keys (binaries,minified_files,source_maps,wasm_modules,built_dirs,stats.binaries,stats.minified_files,stats.source_maps,stats.wasm_modules,stats.built_output_dirs) are added alongside, making the output a true superset.scripts/commands/artifact_scan.py(deprecated alias)Now a thin wrapper (~55 lines). When invoked:
DEPRECATED: Use binary-scan insteadto stderr.binary_scan.execute(args, workspace)— calls the handler directly with the same args namespace, so the output is identical tobinary-scan.The module still registers the
artifact-scancommand (so the command count stays 64 and existing scripts / MCP clients keep working). Itsexecutefunction remains defined inartifact_scan.py(satisfiestest_every_command_module_registers).scripts/commands/ask.py(consistency sweep)The
askcommand's internal dispatcher previously calledcmd_artifact_scanforartifact-scanqueries. Updated to callcmd_binary_scaninstead, so the natural-language path stays consistent with the CLI surface.How deprecation works
artifact_scan.execute(args, workspace):print("DEPRECATED: Use binary-scan instead", file=sys.stderr)from commands import binary_scan; return binary_scan.execute(args, workspace)It calls
binary-scan's handler function directly (not the CLI subprocess), passing the sameargsnamespace. This means:binary-scan(verified by diffing — the only difference is the CLI-injecteddeep_analysis_hintfield which embeds the invoked command name, which is expected).--deepand positionalworkspaceargs work transparently.Verification
Capability preservation (superset proof)
Ran both commands against a fixture containing a valid
.wasm(with export section),.min.js(with sourceMappingURL),.min.js.map(source map JSON),.so(ELF), and.pycin adist/directory:reverse_engineering_modetruetruedeep_scantruetruebuilt_dirs["dist"]["dist"]len(binaries)len(minified_files)len(source_maps)len(wasm_modules)exports["add (function)"]["add (function)"]All
artifact-scantop-level keys are present inbinary-scan.binary-scanaddsfindings(pre-#98 key). Allartifact-scanstatskeys are present;binary-scanaddsby_category,files_scanned,total_size_bytes.Deprecation warning
Test suite
788 passed, 87 skipped788 passed, 87 skippedtest_command_registry.pyandtest_command_count.pyboth pass (command count stays 64).Command count
python scripts/codelens.py --command-count→64(unchanged —artifact-scanstays registered as an alias).sync_command_count.py --applyreports all docs in sync.Files changed
scripts/commands/binary_scan.py— merged artifact-scan logic (WASM analysis, source-map parsing, minified-file detection, built-dir detection,--deepflag,.codelens/artifacts.jsonpersistence, merged recommendations). +822 / -33 lines.scripts/commands/artifact_scan.py— reduced to deprecated alias that delegates tobinary_scan.execute. +35 / -565 lines.scripts/commands/ask.py— updatedartifact-scandispatch to callcmd_binary_scan. +5 / -2 lines.Backward compatibility
codelens binary-scan [workspace]— unchanged behavior (same keys, same args). The output is now a superset (more findings on repos with built dirs, plus the artifact-scan-style keys).codelens binary-scan [workspace] --deep— new optional flag; existing invocations without--deepbehave exactly as before.codelens artifact-scan [workspace] [--deep]— still works, prints deprecation warning, delegates tobinary-scan.Findings
scripts/commands/ask.py:622previously importedcmd_artifact_scandirectly. Updated to importcmd_binary_scan— this was the only cross-module caller of the old function. No other references tocmd_artifact_scanremain.codelens.py(lines 1140-1196) addsdeep_analysis: falseanddeep_analysis_hint: "--deep not yet supported for <command>"when--deepis passed to a command not in{dead-code, query, impact, smell, complexity}. This affects bothartifact-scanandbinary-scan(pre- and post-merge). This is pre-existing behavior and out of scope for [REFACTOR] Merge artifact-scan into binary-scan — redundant commands with overlapping scope #98 — the--deepflag on these commands performs reverse-engineering deep analysis (source maps, WASM), not hybrid LSP analysis, which is a separate concept. Left unchanged.