JSPM

  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 113
  • Score
    100M100P100Q78867F
  • License MIT

One-command OpenAPI contract compliance audit. 9 mechanical checks (< 5s) + parallel LLM semantic analysis.

Package Exports

    This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (gap-analysis) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

    Readme

    gap-analysis

    One-command OpenAPI contract compliance audit. Reduces full audit from 30min to 8min. 9 mechanical checks (< 5s) + parallel LLM semantic analysis.

    Install

    # One-time setup: configure user-level npm prefix (avoids EACCES on Linux)
    npm config set prefix ~/.npm-global
    echo 'export PATH=~/.npm-global/bin:$PATH' >> ~/.bashrc
    source ~/.bashrc
    
    # Install
    npm install -g gap-analysis
    
    # Update anytime
    npm update -g gap-analysis

    Linux users: npm install -g defaults to /usr/lib/node_modules/ which requires sudo. The one-time npm config set prefix above moves global installs to your home directory — no root needed.

    curl (no npm required)

    curl -sSL https://raw.githubusercontent.com/realpkuasule/gap-analysis/main/install.sh | bash

    git clone (private repo)

    git clone git@github.com:realpkuasule/gap-analysis.git
    bash gap-analysis/install.sh
    rm -rf gap-analysis

    All methods install to:

    • ~/.gap-analysis/ — shell scripts, output files, version info
    • ~/.gap-analysis/templates/ — project config template
    • ~/.claude/skills/gap-analysis/ — Claude Code slash command

    Configure

    Copy the template to your project root and edit:

    cp ~/.gap-analysis/templates/gap-analysis.json ./gap-analysis.json
    {
      "openapi_file": "contracts/openapi.yaml",
      "controller_dirs": ["src/modules/"],
      "prisma_schema": "prisma/schema.prisma",
      "api_prefix": "/v1"
    }

    Usage

    Run from your project root:

    Quick pre-scan (< 5 seconds)

    gap-pre-scan                        # npm install
    # or: bash ~/.gap-analysis/scripts/pre-scan.sh   # curl/git install

    Full pipeline (mechanical only)

    gap-run-all --phase1-only           # npm install
    # or: bash ~/.gap-analysis/scripts/run-all.sh --phase1-only

    Full audit in Claude Code

    /gap-analysis

    Runs the complete Contract-First cycle: pre-scan → parallel LLM agents → gap report → fix plan → TASK.json → auto-implement.

    CI mode

    gap-run-all --ci --phase1-only      # npm install
    # or: bash ~/.gap-analysis/scripts/run-all.sh --ci --phase1-only

    Exit code 1 if P0/P1 issues found.

    What it checks

    # Check Type Phase
    1 Endpoint path/method matching Mechanical 1
    2 @Roles/@Public vs OpenAPI security Mechanical 1
    3 camelCase naming violations Mechanical 1
    4 || null falsy traps (number fields) Mechanical 1
    5 pageSize @Max(200) validation Mechanical 1
    6 @HttpCode status code mismatches Mechanical 1
    7 Prisma BigInt vs OpenAPI integer Mechanical 1
    8 @ApiTags vs OpenAPI tags Mechanical 1
    9 DTO required vs schema required Mechanical 1
    10 Response body field completeness LLM 2
    11 Permission level reasonability LLM 2
    12 Error handling consistency LLM 2

    Requirements

    • python3 + pyyaml (pip install pyyaml)
    • bash 4+
    • git (for install)
    • Claude Code (for /gap-analysis slash command)

    How it works

    Phase 1: pre-scan.sh (< 5 sec)
      9 mechanical checks → ~/.gap-analysis/scripts/.gap-pre-scan.json
    
    Phase 2: parallel LLM agents (2-3 min, only if Phase 1 found issues)
      3 agents analyze semantics in parallel → .gap-segment-{A,B,C}.md
    
    Phase 3: merge-reports.sh (< 1 sec)
      Combine Phase 1 JSON + Phase 2 segments → docs/verifications/project-gap-{ts}.md

    Supported Frameworks

    Framework Status Auth Detection Validation
    NestJS ✅ Full @Roles/@Public/@ApiBearerAuth class-validator decorators
    Express ✅ Full passport.authenticate('jwt') Zod schemas
    Fastify 🔜 Planned
    Spring Boot 🔜 Planned
    FastAPI 🔜 Planned

    Supported ORMs

    ORM Status BigInt Detection
    Prisma ✅ Full BigInt in schema.prisma
    TypeORM ✅ Full @Column({ type: 'bigint' })
    Drizzle ✅ Full bigint(), pgBigInt()
    Mongoose ✅ Full BigInt, Schema.Types.Long
    SQLAlchemy 🔜 Planned
    GORM 🔜 Planned

    Configuration

    See gap-analysis.json for all options. Key fields:

    Field Default Description
    framework nestjs Backend framework
    orm prisma ORM/database layer
    validation_lib nestjs Validation library (nestjs, zod)
    route_dirs ["backend-typescript/src/modules/"] Directories containing route files
    route_pattern *.controller.ts Glob pattern for route files
    dto_dirs ["backend-typescript/src/modules/"] Directories containing DTO files