Carrick API Analysis

Version updated for https://github.com/daveymoores/carrick to version carrick-v0.1.1.

  • This action is used across all versions by ? repositories.

Action Type

This is a Composite action.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

Carrick is a GitHub Action designed to detect and resolve API mismatches between producers (Express apps) and consumers by analyzing routes, HTTP calls, and TypeScript types across repositories. It automates the identification of issues such as type mismatches, method conflicts, and missing or unused endpoints during CI workflows. By leveraging cross-repo data sharing and intelligent analysis, Carrick streamlines API integration and ensures compatibility between services in multi-repository environments.

Release notes

0.1.1 (2026-03-08)

Features

  • 3 times retry for gemini call (3c15b9b)
  • add AST-verified wrapper unwrapping registry (87f519a)
  • add basic request/response comparison (9debc30)
  • add comprehensive test coverage and testing infrastructure (6ab65f8)
  • add comprehensive test coverage and testing infrastructure (2e1990a)
  • add config file for identifying env vars and absolute paths (726ee8e)
  • add dependency checking (5e79e7a)
  • add dependency checking (f3f8cc7)
  • add evidence fields to analysis schema (7fb7576)
  • add evidence to manifests and reports (e2986fe)
  • Add FileAnalyzerAgent for file-centric analysis (3f939bf)
  • Add FileOrchestrator for file-centric processing workflow (fb288b7)
  • add github action scaffolding (6f1cc42)
  • add json enum type (88e5c0f)
  • add lambda client (d74a7bb)
  • Add mock response generation for file analysis schema (6ee3d33)
  • add prompt for agent (33f5f05)
  • Add response type extraction to file-centric analysis (5fbc40b)
  • add stable candidate ids and spans (2a428c5)
  • Add SWC Scanner (AST Gatekeeper) for file-centric analysis (49e3462)
  • add URL normalization for cross-service endpoint matching (P0/P1 complete) (15a42d1)
  • adding gemini lambda (d6e2058)
  • adding gemini lambda (fdac28a)
  • adding gemini service for service calls (1121322)
  • adding more complex service definitions (8a22a03)
  • adding more realistic services and calls (520c76e)
  • adding research document (3bf4d34)
  • adding response types for inline functions (aece321)
  • align manifest schema and type pipeline (5f52ef9)
  • allow nested app and routers (978d779)
  • allow router and app nested use calls (963d9cc)
  • allow usage of env vars in template strings and definitions outside of the strings (2b9c418)
  • analyze response and requests (3caf58b)
  • better output (81a6ebf)
  • better output (2448aab)
  • check for calls to endpoints with :params (8a16a8b)
  • cloud storage (4754c68)
  • cloud storage (613aabd)
  • correct route matching (c0b3985)
  • create full type files (73894dc)
  • create package.json for temp type checking (390b322)
  • creating a minimal tsconfig for type checking in CI runs (7c3e1cd)
  • dedupe cals to prevent duplicate warnings (2fdfd27)
  • default tsconfig (652c963)
  • define ApiEndpointDetails (57ca7a8)
  • design Compiler Sidecar architecture for robust type extraction (1f52f9c)
  • different type extraction (9d6c95e)
  • enhance mock mode with intelligent response generation (df28aff)
  • extract and parse type information (e8715e9)
  • extracting types (5a0f572)
  • find dynamic route paths (dffe253)
  • find dynamic route paths (3348e11)
  • fix formatting (8dba3ea)
  • fix issues after rebase (7df2ddc)
  • fix matchit matching (f745a1f)
  • fix proxy (99d667e)
  • fixing warnings (7ea8193)
  • formatting (b9474cb)
  • function parsing and response body reading (d513e1f)
  • generating unique type files in CI mode (1f7515d)
  • get request and response type into analyser (2f890cc)
  • getting correctly prefixed output type files (28c818e)
  • getting repo names for type output file name (a749f00)
  • hard code gemini model variant (5d51542)
  • implement fetch-to-json call correlation for consumer type matching (d664582)
  • improve env var classification guidance for cross-repo matching (42ddcc2)
  • improve llm extraction (40da714)
  • improving prompt to extract the types more accurately (1169965)
  • include call-chain context in SWC candidate hints (530e831)
  • increment consumer types to prevent duplicates (13c4c43)
  • Integrate SWC Scanner as Gatekeeper in FileOrchestrator (78ba73b)
  • make action ref v1 (fb2aa7a)
  • make sure :params matches dynamic strings (0675481)
  • make typecheck output less brittle (1455a3d)
  • making test-repo a real project (5eec320)
  • move to span-based type inference requests (0184680)
  • move type check into seperate script at the end (f8feee1)
  • moving shared functionality into extractor trait and adding analyzer struct (316100d)
  • moving to single lambda (ee67452)
  • Multi-Agent Framework-Agnostic Analysis System (ac18a36)
  • omit some type errors (cae2016)
  • only upload on main (01ce3ed)
  • output action (da16ce5)
  • output action (bb33bb6)
  • pass structured candidate context to analyzer (f6225aa)
  • phase0: add comprehensive debug logging and validate multi-agent system (c7cdbc7)
  • populate config accurately (d84dfea)
  • prefix routers and apps with repo name (e29cd7a)
  • prevent duplicate routes and type aliases (78d97ea)
  • prevent duplicate type names (f1007ad)
  • prevent duplicates for env (e7cf173)
  • prevent gemini call when pulling metadata from aws (aa3cf67)
  • prevent race condition with s3 downloads (1a85f57)
  • prevent removal of packages file too early (5c94208)
  • process missing types of type nodes (01d9edb)
  • recurrsively find fetch statements (9e1ffc7)
  • reduce delay between triage calls and add terraform instructions into warp md (8ac63b1)
  • refactor of type extraction (e752b52)
  • refactoring (7c8328e)
  • refactoring ci_mode (2547382)
  • remove output directory (3c79f4e)
  • remove specific type names (a10b7f5)
  • remove specific type names (6272f44)
  • remove thinking budget (5cd3544)
  • removing node_modules (416cd49)
  • report orphaned endpoints (ab47cd3)
  • resolve nested router paths (1632c1b)
  • resolving types for fetch and json calls (78af106)
  • sidecar: add deterministic def-use inference for call results (c0e0918)
  • sidecar: Implement Phase 1 - Node.js Type Sidecar (fb3f06f)
  • sidecar: Implement Phase 2 - Rust Integration (c5fd1fa)
  • sidecar: infer request bodies and bundle modules (4a8ea98)
  • sidecar: infer types by span instead of line windows (8cf202d)
  • strip query params when doing path matching between calls and endpoints (3834e08)
  • terraform (b28f528)
  • test for express routers (3b7064e)
  • track different types of function exports (a74bc92)
  • trying to fix path bug (664a4f0)
  • trying to get and resolve type information for request response types (58b0cf9)
  • trying to get single lambda to work (8239307)
  • trying to match up routers (14be798)
  • type compat check (72a2c48)
  • type-checker: Implement Phase 3 - Type Checker Refactor (7d0e49c)
  • unique response names (e282f62)
  • update prompt for more accuracy (f6a9ada)
  • update tests for output (9305f9e)
  • uploading individual repo data (5778c60)
  • uploading individual repo data correctly but without type files in doc storage (9c47f92)
  • using matchit for path matching (f0b14ae)
  • using matchit for path matching (bfa5343)
  • working lambda (e8a6dc5)
  • working on extracting types from position (f45fd8c)

Bug Fixes

  • add directory name if not in CI run and improve prompt (4c23836)
  • Add fallback type search when LLM position is incorrect (d8f0e92)
  • add logging (47c75f2)
  • address all clippy linting warnings and add fmt/clippy to pre-commit hook (ac34e0f)
  • address Copilot PR review feedback (be4de85)
  • allow lamdas to paginate dynamo db data (f56db9d)
  • avoid Response wrappers in type aliases (dba7f7d)
  • ci: Node 22 LTS, mock API key, bytes crate vulnerability (18029f2)
  • ci: sidecar archive path, caching, and consistency fixes (c68153f)
  • ci: update regression test to expect 3 endpoints (328899a)
  • correctly traverse router app relationships (72e7316)
  • dedupe type symbol requests (de4d8aa)
  • duplicate path issue (e399e50)
  • fix CI regression tests (7f7b027)
  • fix dependency resolution issue (4ce7bec)
  • fix merging of configs (d29936d)
  • fix routing issue (62e4d90)
  • fix s3 file download (5133b52)
  • get repo name in CI (0a0ad9b)
  • handle template literal path params in alias generation (da0221f)
  • human-readable type names in output, filter non-HTTP endpoint methods (7038ca2)
  • improve cross-repo type matching (ed3a523)
  • install deps correctly (965c5a1)
  • missing gemini key from release (4d1fe49)
  • mount_graph: fix alias detection to use exact location match (8337196)
  • mount_graph: resolve nested router path resolution with name aliases (a09378b)
  • normalize template literal path params to :param style (810d6d3)
  • normalizer: strip backticks leaking from template literals into manifest paths (ae12c61)
  • per-file SWC spans, text-based inference fallback, schema cleanup (5505187)
  • remove warnings (342c646)
  • resolve rebase conflicts - remove duplicate MockStorage::new and unused RouteFieldsMap (f6d434b)
  • routing fix (feab6d3)
  • Sanitize LLM response and use correct startPosition field name (9d36b71)
  • sidecar: prefer json payload types (45179f1)
  • sidecar: wrong moduleResolution default, false-compatible on tsc failure (8e86834)
  • ts_check: add @types/node for type-checking script (4cbc333)
  • ts_check: compare unknown types when resolved (98a63ad)
  • Use SWC AST to compute accurate type positions from line numbers (0d6464c)
  • validate type symbols against real imports (f53f40b)

Refactoring

  • add import context to file analyzer prompts (8730250)
  • AST-gated file-centric analysis with TypeScript compiler sidecar (b41ff62)
  • file-centric gemini analysis (4381c3f)
  • Gemini 3 upgrade, manifest validation, route-aware matching (d8cdcc3)
  • orchestrator: SWC span fallback + framework-aware type scrubbing (8bb543e)
  • phase4.1: archive legacy TypeScript type extraction code (4821432)
  • phase4.1: remove legacy type position code from Rust (2032a88)
  • remove dead JSON type comparison code (P2 complete) (ea06593)
  • remove DependencyVisitor (570 lines of dead code) (a1b36e0)
  • remove legacy extraction and normalize URLs (1669e32)
  • Remove old Batch-of-10 orchestration, use AST-Gated File-Centric approach (8fd8f58)
  • replace DependencyVisitor with lightweight ImportSymbolExtractor (P4 complete) (1a62355)
  • replace Gemini byte-offset spans with expression text + line number (5ea222d)
  • sidecar: synthetic monorepo stub snapshot (6a8536d)
  • type-checker: Remove legacy mode - manifest-only type checking (8e33cf9)
  • wire sidecar type resolution (f19ab8a)

Performance

  • framework-guidance: flatten JSON schemas for parallel LLM execution (e822daa)

Documentation

  • add analysis of persistent bugs and architectural gaps (9cd4b49)
  • Add architecture documentation for file-centric analysis (e31d413)
  • add compiler sidecar completion phases (98bd0cd)
  • add comprehensive context for remaining issues 4 and 5 (9040bef)
  • add contributor guidelines for agents (eee5932)
  • Add critical warning about not hybridizing analysis flows (38a4b7f)
  • add next-steps research documents (49226ee)
  • add single-file slicing plan (62f1eb7)
  • clarify env-var config suggestion issue (52780b9)
  • clarify legacy code removal (97afe89)
  • document context-first type checking flow (d4ebe20)
  • explain manifest alias resolution gaps (40e0ee3)
  • improving logging (a1efd0e)
  • phase4.2: update documentation for compiler sidecar architecture (1e6a65b)
  • refine Compiler Sidecar architecture based on practical concerns (acd79c9)
  • remove date from signup (5bf6b16)
  • remove heading from example (931535c)
  • remove summary files (8d255b2)
  • restore research documentation, tests, and analysis from main branch (71fc90f)
  • simplify .thoughts top-level (0baa952)
  • typo (9327468)
  • update analysis report with mount graph fix status (09c8ff2)
  • update comment (64c01a5)
  • update readme (dfeed48)
  • update readme (6767cca)
  • update readme (0f426de)
  • update readme (1267cd8)
  • update readme (4b685e1)
  • update readme with correct installation instructions (57d1927)
  • update remaining_issues_analysis with current state of Issue 7 (757667d)

CI/CD

  • fix broken test refs, bundle sidecar, add release-please (a398965)
  • remove unnecessary ANTHROPIC_API_KEY - tests run in mock mode (9367c1d)
  • update workflow for new test structure (34864f4)