Skip to content

codegraph roles --role entry misclassifies non-exported interfaces/constants; dead-unresolved bucket also mislabels used interface members #1780

Description

@carlos-alm

Context

Discovered during Titan audit (phase: gauntlet, date: 2026-07-02).

Description

codegraph roles --role entry classifies internal, non-exported interfaces (e.g. ParsedUserConfig, ConsentResolutionResult, WorkspaceEntry in src/infrastructure/config.ts — none of which are exported) and plain module-level constants (_configCache, _globalConfigCache, BUILD_HASH_KEYS) as role=entry, alongside their synthesized interface-member "methods". None of these are actual entry points (CLI commands, API handlers, exported public surface) — they appear to be classified as "entry" purely because they have zero incoming call/reference edges in the graph, the same zero-fan-in signal that (per #1723) incorrectly drives the dead-leaf/dead-unresolved misclassification for parameters and interface members.

A second, related symptom (same zero-fan-in root cause, different bucket): codegraph roles --role dead --file src/ast-analysis/visitor-utils.ts -T --json mislabels genuinely-used LanguageRules interface members under dead-unresolved — a bucket distinct from the dead-leaf bucket #1723 documents, so an auditor filtering only on dead-leaf per #1723's workaround would still miss these. Also, 26 hits on src/ast-analysis/visitors/cfg-shared.ts show roles --role entry flagging plain interface property declarations (e.g. CfgBlockInternal.index) with no real HTTP/CLI/entry semantics.

Additional Context

Repro:

codegraph roles --role entry --file src/infrastructure/config.ts -T --json
codegraph roles --role entry --file src/ast-analysis/visitors/cfg-shared.ts -T --json
codegraph roles --role dead --file src/ast-analysis/visitor-utils.ts -T --json

This makes rule-8 boundary-validation checks (roles --role entry --file <f>) return non-function noise for any file with non-exported interfaces or module-level constants. Workaround used during audit: filter role=entry results to kind=function/kind=method only.

Source

  • Titan phase: gauntlet
  • Severity: bug
  • Category: codegraph

Metadata

Metadata

Assignees

No one assigned

    Labels

    titan-auditIssues discovered during Titan audit

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions