feat(graph): enrich knowledge graph with pattern/smell/vulnerability detection via ast-grep rules #413
Description
Summary
Run ast-grep YAML rules during graph indexing to detect design patterns, code smells, and security issues, then store them as new node types and relationships in the knowledge graph.
Motivation
This enables queries like "find all Singleton classes" or "show functions with SQL injection risk." It adds a quality/security dimension to the graph that pure structure analysis misses. Rules are YAML files, easy to maintain and extend, and detection is deterministic (unlike LLM-based analysis).
Implementation
New Graph Schema
- New node types added to
NodeLabelenum:Pattern,CodeSmell,SecurityIssue - New relationships added to
RelationshipTypeenum:IMPLEMENTS_PATTERN,HAS_SMELL,HAS_VULNERABILITY
New Analyzer
codebase_rag/analyzers/ast_grep_analyzer.py(~200 lines) running YAML rules via CLI or Python API.ast-grep-rules/directory with categorized YAML rules:patterns/(Singleton, Factory, Observer, etc.)smells/(long method, deeply nested, unused imports, etc.)security/(SQL injection, XSS, hardcoded secrets, etc.)
Integration Points
- Post-processing step in
graph_updater.pyafter tree-sitter indexing - Update
cypher_queries.pywith query templates for new node types
Acceptance Criteria
- New node types and relationships added to graph schema
- ast-grep analyzer runs YAML rules and produces structured findings
- Findings stored as graph nodes linked to source code nodes
- Cypher query templates for querying patterns, smells, and vulnerabilities
- At least 5 rules per category (patterns, smells, security) for Python
- At least 3 rules per category for JavaScript/TypeScript
- Integration with graph indexing pipeline (runs automatically on index)
- Rules are additive and do not affect existing graph functionality
Related
Part of the ast-grep integration initiative:
- feat(tools): add structural pattern search via ast-grep #411 structural search tool
- feat(tools): add AST-aware code rewriting via ast-grep #412 structural rewrite tool
- feat(parsers): accelerate new language support using ast-grep patterns #414 accelerated language support
- feat(tools): full ast-grep toolkit with structural search and rewrite #415 combined search + rewrite toolkit