Lines 171-211javascript
172 function recomputeSession(sessionId) {
173 const agg = raw.prepare(
175 (select count(distinct file_path) from file_changes where session_id = @sid) as files_changed,
176 (select count(*) from events where session_id = @sid and type = 'git_event') as commits,
177 (select count(*) from risk_findings where session_id = @sid) as risk_count,
178 (select min(timestamp) from events where session_id = @sid) as first_ts,
179 (select max(timestamp) from events where session_id = @sid) as last_ts`
180 ).get({ sid: sessionId });
181 const metricsRows = raw.prepare(`select metrics_json, type from events where session_id = @sid`).all({ sid: sessionId });
187 for (const row of metricsRows) {
188 if (row.type === "session_stop") hasStop = true;
190 if (row.metrics_json) {
192 m = JSON.parse(row.metrics_json);
197 if (typeof m.totalTokens === "number") tokens += m.totalTokens;
198 if (typeof m.estimatedCostUsd === "number") cost += m.estimatedCostUsd;
199 if (row.type === "test_result") {
200 if (typeof m.exitCode === "number" && m.exitCode !== 0) testsFailed += 1;
201 else testsPassed += 1;
HighEntrypoint Build Divergence
Manifest entrypoint contains risky behavior absent from dist/build output.
dist-cli/index.jsView on unpkg · L191 MediumInstall Persistence
Source writes installer persistence such as shell profile or service configuration.
dist-cli/index.jsView on unpkg · L191 204 const sevRow = raw.prepare(`select severity from risk_findings where session_id = @sid`).all({ sid: sessionId });
206 for (const r of sevRow) maxRank = Math.max(maxRank, SEV_RANK[r.severity] ?? -1);
207 const maxSev = maxRank >= 0 ? RANK_SEV[maxRank] : null;
208 const hasFail = raw.prepare(`select count(*) as c from events where session_id = @sid and type = 'error'`).get({ sid: sessionId });
209 const status = hasFail.c > 0 ? "failed" : hasStop ? "completed" : "active";