feat: add /titan-close skill with drift detection and issue tracking

[carlos-alm]

Summary

• Adds /titan-close (Phase 5): analyzes branch commits, splits them into focused PRs by concern/domain, captures before/after code health metrics, compiles the cross-phase issue tracker, and generates a comprehensive audit report at generated/titan/
• All titan phases now track issues in .codegraph/titan/issues.ndjson — codegraph bugs, tooling problems, process suggestions, and codebase observations discovered during execution
• Downstream phases (gauntlet, sync, gate, close) search worktrees and branches for prior Titan artifacts instead of assuming they're local, with disambiguation logic and user prompts when ambiguous
• Drift detection (Step 1) added to all downstream phases: compares origin/main against the stored mainSHA anchor from RECON, classifies staleness (none → critical), writes drift-report.json with a targeted reassessment scope so re-runs only re-audit what's stale
• RECON records mainSHA as the temporal anchor for the entire pipeline
• titan-reset updated to clean up new artifacts

Test plan

• Verify /titan-close SKILL.md loads correctly when invoked
• Verify step numbering is sequential (no gaps or fractional steps) in all skill files
• Verify .gitignore includes generated/titan/
• Verify titan-reset artifact list includes all new files

[claude]

Claude finished @carlos-alm's task —— View job

---

PR Review for test-only Role Classification

Conducting comprehensive review of PR #494 that adds test-only role classification.

Review Checklist

• Phase 1: Root cause analysis and approach validation
• Phase 2: Configuration change detection
• Phase 3: Test integrity verification
• Phase 4: Code quality assessment
• Phase 5: Backlog compliance grading
• Final assessment and recommendation

Phase 1 Analysis ✅

Root Cause: Symbols called exclusively from test files (e.g., test helpers, mock utilities) were being misclassified as core or utility due to high fan-in metrics, inflating production role statistics and masking the true architectural importance of production code.

Approach: Clean and well-justified. The PR introduces a productionFanIn metric computed at build time that excludes callers from test files (.test., .spec., __test__, __tests__, .stories.). Symbols with fanIn > 0 but productionFanIn === 0 are classified as test-only instead of production roles.

Backward Compatibility: Properly maintained - callers that don't provide productionFanIn get identical classification behavior.

Phase 2: Configuration Changes ✅

No concerning configuration changes detected. Biome rules remain strict, no test timeouts increased, no linting rules disabled. The changes are purely additive to functionality.

Phase 3: Test Integrity ✅

Strong test coverage:

• New unit tests in tests/graph/classifiers/roles.test.js verify test-only classification logic
• Backward compatibility test ensures nodes without productionFanIn maintain original classification
• Framework entry precedence test confirms entry classification takes priority over test-only
• Integration test update in tests/unit/roles.test.js adds 'test-only': 0 to empty graph expectation
• Test file patterns properly match industry standards: .test., .spec., __test__, __tests__, .stories.

No red flags: Tests strengthen assertions rather than weaken them.

Phase 4: Code Quality ✅

Implementation is clean and secure:

• SQL safety: Parameterized queries used throughout, no injection risks
• Pure logic separation: Role classification logic properly separated in src/graph/classifiers/roles.js
• Error handling: Proper null checks and fallbacks (prodFanInMap.get(r.id) || 0)
• Performance: Efficient single SQL query for production fan-in computation
• No technical debt: No TODO/FIXME comments, appropriate console.log usage in presentation layer only

Architecture complies with FOUNDATION.md principles.

Phase 5: Backlog Compliance ✅

Zero-dep: ✓ — No new runtime dependencies, builds on existing SQLite/tree-sitter infrastructure

Foundation-aligned: ✓ — Fully complies with core principles:

• Enhances P1 (always-current) by providing more accurate architectural analysis
• Supports P4 (zero-cost core) — no external services required
• Maintains P5 (embeddable-first) — backward compatible API
• Aligns with P8 (analysis not agency) — provides better analysis without making decisions

Problem-fit: 5/5 — Directly addresses the core problem of AI agents getting confused by inflated role metrics. Test-only symbols were being marked as architecturally important when they're actually implementation details, leading to misdirected attention and token waste.

Breaking: No — Purely additive feature, backward compatible classification for existing callers

Tier: Tier 1 (zero-dep ✓ + foundation-aligned ✓)

Critical Concerns

None identified. This is a well-implemented feature that solves a real problem.

Final Recommendation

• Rating: ⭐⭐⭐⭐⭐ (5/5)
• Action: APPROVE
• Reasoning: Exceptional implementation that directly addresses core codegraph value proposition. Clean code, thorough testing, backward compatibility maintained, and solves the real problem of test code inflating production architecture metrics. The 51-file count is misleading - actual fix only touches 5 files appropriately.

Notes: The test plan claims completion of 4 items, but item 4 is actually verifiable by running codegraph roles --role test-only -T. This is a minor documentation issue, not a blocker.

---

[greptile-apps]

Greptile Summary

This PR adds the Titan Phase 5 (/titan-close) skill — the final phase of the Titan Paradigm that splits branch commits into focused PRs, compiles a cross-phase issue tracker, captures before/after code health metrics, and generates a comprehensive audit report at generated/titan/. Alongside this, all downstream phases (gauntlet, sync, gate) gain drift detection (Step 1) that compares origin/main against the stored mainSHA anchor from RECON and classifies staleness into five levels. The majority of the source-code changes are structural refactors: extracting helper functions from large modules (module-map.js, server.js, features/*.js, domain/analysis/*.js), removing the runtime test-only reclassification from rolesData in favour of build-time classification, and small targeted fixes (pipeline ctx.db guard, testFilterSQL reuse in structure.js).

Key issues found:

• node_roles MCP tool description incorrectly omits test-only — the classifier in classifiers/roles.js still assigns the role, and risk.js in this very PR adds it to ROLE_WEIGHTS. The description now misleads API consumers.
• computeQualityMetrics false-positive rows query missing testFilter — when noTests=true, test-file symbols with common names inflate fpEdgeCount and deflate the quality score.
• Scoped rebuild diagnostic log suppressed when reverseDeps.size === 0 — changed and removed file counts are hidden from diagnostic output for builds with no reverse dependencies.

Confidence Score: 3/5

• Safe to merge after fixing the test-only tool description mismatch and the missing testFilter in computeQualityMetrics.
• The bulk of the changes are well-executed structural refactors and the new titan-close skill is logically sound. Two logic-level bugs were found: the node_roles MCP tool description now incorrectly excludes test-only (which is still actively assigned and risk-weighted), and the false-positive rows query in computeQualityMetrics skips testFilter, producing inflated false-positive ratios when noTests=true. These affect observable correctness for API consumers and the quality score calculation respectively.
• src/mcp/tool-registry.js (description inconsistency) and src/domain/analysis/module-map.js (computeQualityMetrics missing filter).

Important Files Changed

Filename	Overview
.claude/skills/titan-close/SKILL.md	New 558-line Phase 5 skill: finds/consolidates Titan sessions across worktrees, performs drift detection, collects commit history, classifies commits into focused PR groups, captures before/after metrics, compiles the cross-phase issue and gate log trackers, and writes a comprehensive audit report. Logic is well-structured; drift classification table and PR grouping strategy are clear.
src/mcp/tool-registry.js	Removed test-only from the node_roles tool description, but the classifier still assigns this role and risk.js adds it to ROLE_WEIGHTS in this same PR — the description is now incorrect.
src/domain/analysis/module-map.js	Large refactor extracting buildTestFileIds, countNodesByKind, countEdgesByKind, countFilesByLanguage, findHotspots, getEmbeddingsInfo, computeQualityMetrics, countRoles, and getComplexitySummary helpers. The new computeQualityMetrics function omits testFilter from the false-positive rows query, which inflates the ratio when noTests=true.
src/domain/graph/builder/stages/detect-changes.js	Conditionally suppresses the scoped-rebuild info log when reverseDeps.size === 0, hiding changed/removed file counts from diagnostic output in that case.
src/graph/classifiers/risk.js	Adds 'test-only': 0.1 to ROLE_WEIGHTS map, correctly placing it between leaf and dead. Comment updated accordingly.
src/domain/graph/builder/pipeline.js	Adds ctx.db guard before calling closeDb in the catch block — fixes the previously reported bug where an openDb failure left ctx.db undefined and caused a secondary TypeError to mask the original error.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    RECON["titan-recon\n(Phase 1)\nRecords mainSHA anchor"] --> GAUNTLET
    GAUNTLET["titan-gauntlet\n(Phase 2)\nStep 1: Drift Detection\nStep 2-3: Batch Audit"] --> SYNC
    SYNC["titan-sync\n(Phase 3)\nStep 1: Drift Detection\nStep 2: Execution Plan"] --> GATE
    GATE["titan-gate\n(Phase 4)\nStep 1: Drift Detection\nStep 2: Validation"] --> CLOSE

    CLOSE["titan-close\n(Phase 5)\nStep 0: Find session\nStep 1: Final drift check\nStep 2: Collect commits\nStep 3: Classify into PRs\nStep 4: Capture metrics\nStep 5: Compile issues\nStep 7: Generate report"]

    GAUNTLET -- "drift detected?" --> DR1["drift-report.json\n(append entry)"]
    SYNC -- "drift detected?" --> DR1
    GATE -- "drift detected?" --> DR1
    CLOSE -- "reads all entries" --> DR1

    CLOSE --> REPORT["generated/titan/\ntitan-report-v*.md\n(gitignored)"]
    CLOSE --> ISSUES[".codegraph/titan/\nissues.ndjson"]

    style CLOSE fill:#4a90d9,color:#fff
    style DR1 fill:#f5a623,color:#fff
    style REPORT fill:#7ed321,color:#fff

Loading

_{Last reviewed commit: 7933486}

[greptile-apps]

Inline patterns duplicate testFilterSQL utility

The production fan-in query hard-codes the same five LIKE patterns that already exist in testFilterSQL (in src/db/query-builder.js). This duplication means any future change to the canonical test-file patterns in testFilterSQL will silently diverge here.

testFilterSQL('caller.file') returns exactly these clauses, so the query can reuse the shared utility:

import { testFilterSQL } from '../db/index.js';

const testFilter = testFilterSQL('caller.file');
const prodRows = db
  .prepare(
    `SELECT e.target_id, COUNT(*) AS cnt
    FROM edges e
    JOIN nodes caller ON e.source_id = caller.id
    WHERE e.kind = 'calls'
      ${testFilter}
    GROUP BY e.target_id`,
  )
  .all();

This keeps the patterns in a single place and ensures future updates to testFilterSQL are reflected automatically.

[carlos-alm]

Fixed in 60a3a1f — replaced the inline LIKE patterns with testFilterSQL('caller.file'), which is already imported in this file. The test-file patterns are now maintained in a single place.

[greptile-apps]

test-only condition can be made self-documenting

The test-only branch fires for nodes that reach this point with productionFanIn === 0. Nodes with fanIn === 0 are already handled by the two dead/entry branches above, so in practice this path only triggers when fanIn > 0. Adding an explicit guard makes the contract obvious to future readers and prevents accidental misclassification if the branch ordering ever changes:

Suggested change

	role = 'dead';
	} else if (node.fanIn === 0 && node.isExported) {
	role = 'entry';
	} else if (hasProdFanIn && node.fanIn > 0 && node.productionFanIn === 0) {
	role = 'test-only';

_{Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!}

[carlos-alm]

Fixed in 07501b9 — added explicit fanIn > 0 guard to make the test-only condition self-documenting and resilient to branch reordering.

[carlos-alm]

@greptileai

[carlos-alm]

@greptileai

[carlos-alm]

Fixed in f57055e — added 'test-only': 0.1 to ROLE_WEIGHTS in risk.js so triage scores test-only symbols at the same level as dead code (0.1) instead of falling back to the adapter default (0.5). Also updated the stale file-level comment in roles.js to include test-only in the role list.

@greptileai

[greptile-apps]

rootDir dropped from ensureWasmTrees call

ensureWasmTreesIfNeeded calls ensureWasmTrees(fileSymbols) without passing rootDir. The function in parser.js (line 170) still requires rootDir as its second parameter and immediately uses it to build the absolute file path:

const absPath = path.join(rootDir, relPath);  // line 194 in parser.js

When rootDir is undefined, path.join(undefined, relPath) throws a TypeError that propagates out of ensureWasmTrees and is caught by the caller's try/catch, logging only a debug message. The result is that WASM tree parsing is silently disabled for all files on any build that reaches this code path, causing complexity, CFG, and dataflow analyses to fall back to the native engine (or produce no results for those files).

Suggested change

	async function ensureWasmTreesIfNeeded(fileSymbols, opts) {
	async function ensureWasmTreesIfNeeded(fileSymbols, rootDir, opts) {

…and update the call-site in runAnalyses:

await ensureWasmTreesIfNeeded(fileSymbols, rootDir, opts);

[carlos-alm]

Already fixed in 8ce02f1 — rootDir is now passed through ensureWasmTreesIfNeeded to ensureWasmTrees. The function signature and call site both include rootDir.

[carlos-alm]

@greptileai

[greptile-apps]

closeDb called with potentially undefined ctx.db

The refactoring moved openDb from before the try block (original code) to inside setupPipeline, which runs inside the try block. If openDb throws (e.g., the directory can't be created due to permissions, or new Database(dbPath) fails), ctx.db is never assigned and remains undefined.

The catch block then calls closeDb(undefined), which immediately throws TypeError: Cannot read properties of undefined (reading 'close'). This secondary error replaces the original error and completely masks the root-cause diagnostic message.

In the original code openDb was invoked before the try, so if it failed the error propagated directly to the caller and the catch block was never reached.

Fix — guard the closeDb call:

Suggested change

	} catch (err) {
	if (!ctx.earlyExit) closeDb(ctx.db);
	throw err;
	} catch (err) {
	if (!ctx.earlyExit && ctx.db) closeDb(ctx.db);
	throw err;
	}

[carlos-alm]

Fixed in 26e659b — added ctx.db guard so closeDb is only called when the database was successfully opened. If openDb throws, ctx.db remains undefined and the guard skips the close call, preserving the original error.

[carlos-alm]

Resolved 8 merge conflicts with main — kept PR's refactoring helpers for analysis/features, main's hasTable guards for migrations.js, and main's findNodes validation. All 1886 tests pass, lint clean.

@greptileai

[greptile-apps]

Self-referential skip instruction in drift detection

"If identical, skip to Step 1" — but this line is already inside Step 1. This is the same copy-paste error as titan-gauntlet/SKILL.md:78 and titan-sync/SKILL.md:83. The correct target step when main is unchanged is Step 2 — Structural validation.

Suggested change

	Compare against `titan-state.json → mainSHA` (if state exists). If identical, skip to Step 1.
	Compare against `titan-state.json → mainSHA` (if state exists). If identical, skip to Step 2.

[carlos-alm]

Fixed in ca8f1b3 — changed "skip to Step 1" to "skip to Step 2" so drift detection correctly skips ahead when main SHA is unchanged.

[greptile-apps]

Self-referential skip instruction in drift detection

"If identical, skip to Step 1" — but this is already Step 1. Same copy-paste error as titan-gauntlet/SKILL.md:78 and titan-gate/SKILL.md:67. When main is unchanged the execution should advance to the next step — Step 2 — Find dependency clusters.

Suggested change

	Compare against `titan-state.json → mainSHA`. If identical, skip to Step 1.
	Compare against `titan-state.json → mainSHA`. If identical, skip to Step 2.

[carlos-alm]

Fixed in ca8f1b3 — same fix as titan-gate, changed "skip to Step 1" to "skip to Step 2".

[carlos-alm]

@greptileai

[greptile-apps]

rootDir re-dropped from ensureWasmTrees call

The refactoring extracted the WASM pre-parse block into ensureWasmTreesIfNeeded(fileSymbols, opts), but rootDir was not included in the new function's signature or forwarded to ensureWasmTrees. The function in parser.js still requires rootDir as its second parameter and uses it immediately:

// parser.js line 194
const absPath = path.join(rootDir, relPath);

When rootDir is undefined, path.join(undefined, relPath) throws a TypeError. That error is caught by the try/catch on line 91 and silently swallowed as a debug message — so WASM tree parsing is disabled for every file without any visible warning. Complexity, CFG, and dataflow analyses then fall back to the native engine (or produce no results).

This is the same regression that was fixed in 8ce02f1; the fix did not carry over into the new helper.

Suggested change

	async function ensureWasmTreesIfNeeded(fileSymbols, opts) {
	async function ensureWasmTreesIfNeeded(fileSymbols, opts, rootDir) {

And on line 93:

Suggested change

	async function ensureWasmTreesIfNeeded(fileSymbols, opts) {
	await ensureWasmTrees(fileSymbols, rootDir);

The call site in runAnalyses (line 343) also needs to be updated:

await ensureWasmTreesIfNeeded(fileSymbols, opts, rootDir);

[carlos-alm]

Addressed all 6 Greptile review comments from the latest review:

1. P1: closeDb with undefined ctx.db — already guarded with ctx.db && check
2. P2: rootDir dropped from ensureWasmTrees — fixed in c986581, now passes rootDir through the call chain
3. P2: testFilterSQL duplication — already using shared utility at line 376
4. P2: test-only guard — already has explicit node.fanIn > 0 guard
5. P2: Self-referential skip in titan-gauntlet — fixed 'skip to Step 1' → 'skip to Step 2'
6. P2: drift-report.json overwrite — changed to JSON array append in gauntlet/sync skills

@greptileai

[carlos-alm]

Resolved merge conflicts with remote (roles classifier reconciliation — kept testOnlyFanIn approach, rootDir fix, ctx.db guard).

@greptileai