Lines 185-225javascript
186 function recomputeSession(sessionId) {
187 const agg = raw.prepare(
189 (select count(distinct file_path) from file_changes where session_id = @sid) as files_changed,
190 (select count(*) from events where session_id = @sid and type = 'git_event') as commits,
191 (select count(*) from risk_findings where session_id = @sid) as risk_count,
192 (select min(timestamp) from events where session_id = @sid) as first_ts,
193 (select max(timestamp) from events where session_id = @sid) as last_ts`
194 ).get({ sid: sessionId });
195 const metricsRows = raw.prepare(`select metrics_json, type from events where session_id = @sid`).all({ sid: sessionId });
201 for (const row of metricsRows) {
202 if (row.type === "session_stop") hasStop = true;
204 if (row.metrics_json) {
206 m = JSON.parse(row.metrics_json);
211 if (typeof m.totalTokens === "number") tokens += m.totalTokens;
212 if (typeof m.estimatedCostUsd === "number") cost += m.estimatedCostUsd;
213 if (row.type === "test_result") {
214 if (typeof m.exitCode === "number" && m.exitCode !== 0) testsFailed += 1;
215 else testsPassed += 1;
HighEntrypoint Build Divergence
Manifest entrypoint contains risky behavior absent from dist/build output.
dist-cli/index.jsView on unpkg · L205 MediumInstall Persistence
Source writes installer persistence such as shell profile or service configuration.
dist-cli/index.jsView on unpkg · L205 218 const sevRow = raw.prepare(`select severity from risk_findings where session_id = @sid`).all({ sid: sessionId });
220 for (const r of sevRow) maxRank = Math.max(maxRank, SEV_RANK[r.severity] ?? -1);
221 const maxSev = maxRank >= 0 ? RANK_SEV[maxRank] : null;
222 const hasFail = raw.prepare(`select count(*) as c from events where session_id = @sid and type = 'error'`).get({ sid: sessionId });
223 const status = hasFail.c > 0 ? "failed" : hasStop ? "completed" : "active";