Lines 212-252javascript
213 function recomputeSession(sessionId) {
214 const agg = raw.prepare(
216 (select count(distinct file_path) from file_changes where session_id = @sid) as files_changed,
217 (select count(*) from events where session_id = @sid and type = 'git_event') as commits,
218 (select count(*) from risk_findings where session_id = @sid) as risk_count,
219 (select min(timestamp) from events where session_id = @sid) as first_ts,
220 (select max(timestamp) from events where session_id = @sid) as last_ts`
221 ).get({ sid: sessionId });
222 const metricsRows = raw.prepare(`select metrics_json, type from events where session_id = @sid`).all({ sid: sessionId });
228 for (const row of metricsRows) {
229 if (row.type === "session_stop") hasStop = true;
231 if (row.metrics_json) {
233 m = JSON.parse(row.metrics_json);
238 if (typeof m.totalTokens === "number") tokens += m.totalTokens;
239 if (typeof m.estimatedCostUsd === "number") cost += m.estimatedCostUsd;
240 if (row.type === "test_result") {
241 if (typeof m.exitCode === "number" && m.exitCode !== 0) testsFailed += 1;
242 else testsPassed += 1;
HighEntrypoint Build Divergence
Manifest entrypoint contains risky behavior absent from dist/build output.
dist-cli/index.jsView on unpkg · L232 MediumInstall Persistence
Source writes installer persistence such as shell profile or service configuration.
dist-cli/index.jsView on unpkg · L232 245 const sevRow = raw.prepare(`select severity from risk_findings where session_id = @sid`).all({ sid: sessionId });
247 for (const r of sevRow) maxRank = Math.max(maxRank, SEV_RANK[r.severity] ?? -1);
248 const maxSev = maxRank >= 0 ? RANK_SEV[maxRank] : null;
249 const hasFail = raw.prepare(`select count(*) as c from events where session_id = @sid and type = 'error'`).get({ sid: sessionId });
250 const status = hasFail.c > 0 ? "failed" : hasStop ? "completed" : "active";