feat(cache): delta-based incremental SQLite analysis cache for Go#649
Merged
shivasurya merged 12 commits intomainfrom Apr 7, 2026
Merged
feat(cache): delta-based incremental SQLite analysis cache for Go#649shivasurya merged 12 commits intomainfrom
shivasurya merged 12 commits intomainfrom
Conversation
shivasurya
added
enhancement
SafeDep Report Summary
Package Details
This report is generated by SafeDep Github App |
Code Pathfinder Security Scan
No security issues detected.
Powered by Code Pathfinder |
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## main #649 +/- ##
==========================================
+ Coverage 84.45% 84.74% +0.29%
==========================================
Files 163 165 +2
Lines 23594 24403 +809
==========================================
+ Hits 19926 20680 +754
- Misses 2920 2938 +18
- Partials 748 785 +37 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
This was referenced Apr 7, 2026
Owner
Author
This was referenced Apr 7, 2026
Owner
Author
Merge activity
|
shivasurya
changed the base branch from
shiva/pr-08-golang-thirdparty
to
graphite-base/649
…l graph Adds AnalysisCache backed by SQLite to speed up repeated scans. Cold run: ~2m 39s → warm run: ~24s (6.6×) on 392 Go files / 39,743 call sites. Key design: - Per-table schema versioning (fileCacheVersion, functionIndexVersion, pass4Version) so future upgrades wipe only the affected table, not the full cache - Pass 4 uses delta-based invalidation: after Pass 1 builds the FQN index, ComputeFunctionIndexDelta detects added/removed FQNs; NeedsPass4Rerun marks a file dirty if content hash changed, a resolved callee was removed, or an unresolved name matches a newly-added callee - Warm files skip resolution entirely; cached CachedPass4Edge rows are replayed directly into the call graph (Stage 2b) - All SQL calls use ...Context variants to satisfy noctx linter - 100% coverage on new logic paths Enable via --enable-db-cache flag on resolution-report command. Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
Exposes the incremental SQLite analysis cache (from PR-09) on the two most commonly used commands. The flag is experimental and opt-in. pathfinder scan --project . --rules ./rules --enable-db-cache pathfinder ci --project . --ruleset cpf/go --enable-db-cache Cache is opened per-project, errors are logged as warnings (non-fatal) so the flag degrades gracefully if the cache directory is not writable. Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
… wiring Add targeted error-path tests to bring analysis_cache.go and scan.go patch coverage above the codecov threshold: analysis_cache.go: - TestLoadFunctionIndex_ClosedDB: covers QueryContext error path - TestOpenAnalysisCache_UserCacheDirFallback: covers TempDir fallback - TestOpenAnalysisCache_MkdirError: covers MkdirAll failure path - TestSaveFunctionIndex_TableDropped: covers DELETE error in SaveFunctionIndex - TestSavePass4Results_TableDropped: covers PrepareContext error in SavePass4Results - TestOpenAnalysisCache_ProjectRootMismatch_WipesAll: full wipe on root change - TestOpenAnalysisCache_VersionMismatch_OnlyWipesAffectedTable: per-table wipe cmd/scan_test.go: - TestScanCmdEnableDBCacheFlag: verifies flag registered + GetBool path - TestScanCmdEnableDBCacheWithGoProject: exercises OpenAnalysisCache + warm path - TestScanCmdEnableDBCacheOpenError: exercises warning + graceful degradation Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
- TestCICmdEnableDBCacheFlag: verifies flag is registered with correct default - TestCICmdEnableDBCacheWithGoProject: exercises the full OpenAnalysisCache + BuildGoCallGraph with cache path using the existing setupCIIntegrationTest helper and a minimal Go project fixture Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
- TestCICmdEnableDBCacheOpenError: blocks cache dir with a file to trigger the cacheErr != nil warning path in ci.go lines 289-291 - TestBuildGoCallGraph_Cache_WithArgsStdlibAndUnresolved: exercises argument serialisation loops (go_builder.go 542-544, 574-576), unresolved-call tracking (560-562), and warm stdlib edge replay (592-594) using a fixture with fmt.Println + local + unknown calls Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
…l display, and inter-procedural enricher - TestDumpCallSitesJSON: exercises dumpCallSitesJSON with Go and non-Go call sites, verifying only Go functions are exported - TestDumpCallSitesJSON_WriteError: covers the file-create error path - TestTextFormatterTaintGlobalWithSourceSnippet: exercises the inter-procedural taint branch in writeDetailedFinding (lines 133-141) that shows Source then Sink headers with code snippets - TestEnrichDetection_InterproceduralSourceLocation: exercises enricher.go lines 62-65 where SourceLocation and SourceSnippet are populated when SourceFunctionFQN differs from FunctionFQN (cross-function taint) Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
Adds upload_go_thirdparty_to_r2.sh which runs the existing generate_go_thirdparty_registry.go tool and syncs output to R2 under registries/go-thirdparty/v1/. Adds go-thirdparty-r2-upload.yml GitHub Actions workflow that triggers on release, workflow_dispatch, and temporarily on pushes to shiva/pr-09-incremental-cache for end-to-end CDN pipeline validation. Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
The test assumed CDN would return 404 (empty registry). Now that the CDN is live with 25 packages, the combined loader initializes non-nil even with no local go.mod deps. Fix: set CPF_CDN_URL to an invalid URL so the test is not coupled to live CDN availability. Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
Run on release and workflow_dispatch only. Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
shivasurya
force-pushed
the
shiva/pr-09-incremental-cache
branch
from
1d06e1f to
e994560
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds
AnalysisCachebacked by SQLite to speed up repeated Go call graph builds.Cold → warm speedup: ~2m 39s → ~24s (6.6×) on 392 Go files / 39,743 call sites.
Enable with
--enable-db-cacheonresolution-report(scan/ci in PR-10).Design
Which passes are cached:
Pass 4 delta invalidation (
NeedsPass4Rerun): a file is dirty if:Warm files skip resolution entirely; cached edges replay directly into the call graph.
Per-table schema versioning — three constants (
fileCacheVersion,functionIndexVersion,pass4Version) stored in themetatable. On version mismatch only the affected table is wiped; other tables stay warm. Project-root change wipes all.Test coverage
analysis_cache_test.go: per-table version wipe, file-cache wipe, project-root changego_builder_test.go: cold→warm round-trip, nil cache regression, dirty-file re-resolution🤖 Generated with Claude Code