From a70c7a6f8809fa629ddc644a233c1838b1473b36 Mon Sep 17 00:00:00 2001
From: carlos-alm <127798846+carlos-alm@users.noreply.github.com>
Date: Fri, 20 Mar 2026 00:47:03 -0600
Subject: [PATCH 1/4] chore: release v3.3.1

---
 CHANGELOG.md            | 26 ++++++++++++++++++++++++++
 docs/roadmap/BACKLOG.md |  2 +-
 docs/roadmap/ROADMAP.md |  2 +-
 package-lock.json       | 13 ++-----------
 package.json            |  2 +-
 5 files changed, 31 insertions(+), 14 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 8bd5b7cd..90440170 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,32 @@
 
 All notable changes to this project will be documented in this file. See [commit-and-tag-version](https://github.com/absolute-version/commit-and-tag-version) for commit guidelines.
 
+## [3.3.1](https://github.com/optave/codegraph/compare/v3.3.0...v3.3.1) (2026-03-20)
+
+**Incremental rebuild accuracy and post-3.3.0 stabilization.** This patch fixes a critical edge gap in the file watcher's single-file rebuild path where call edges were silently dropped during incremental rebuilds, aligns the native Rust engine's edge builder kind filters with the JS engine for parity, plugs a WASM tree memory leak in native engine typeMap backfill, and restores query performance to pre-3.1.4 levels. Several post-reorganization import path issues are also corrected.
+
+### Bug Fixes
+
+* **watcher:** close edge gap in single-file rebuild — incremental rebuilds now correctly preserve call edges by coercing native typeMap arrays to Maps and rebuilding edges for reverse-dependency files ([#533](https://github.com/optave/codegraph/pull/533), [#542](https://github.com/optave/codegraph/pull/542))
+* **native:** align edge builder kind filters with JS engine parity — ensures native and WASM engines produce identical edge sets ([#541](https://github.com/optave/codegraph/pull/541))
+* **native:** free leaked WASM trees in native engine typeMap backfill ([#534](https://github.com/optave/codegraph/pull/534))
+* **cli:** correct `ast` command import path after src/ reorganization ([#532](https://github.com/optave/codegraph/pull/532))
+* **benchmarks:** stabilize benchmark targets across engines and preserve README links ([#527](https://github.com/optave/codegraph/pull/527))
+* **benchmarks:** update benchmark script import paths after src/ restructure ([#521](https://github.com/optave/codegraph/pull/521))
+* **ci:** sync Cargo.toml version before native binary build ([#538](https://github.com/optave/codegraph/pull/538))
+
+### Performance
+
+* **queries:** reduce query latency regression from 3.1.4 to 3.3.0 — cached prepared statements for `findReverseDeps` and `deleteOutgoingEdges` ([#528](https://github.com/optave/codegraph/pull/528))
+
+### Tests
+
+* **watcher:** incremental edge parity CI check — ensures watcher rebuilds produce identical edge sets to full builds ([#539](https://github.com/optave/codegraph/pull/539))
+
+### Chores
+
+* **ci:** add dynamic import verification to catch stale paths ([#540](https://github.com/optave/codegraph/pull/540))
+
 ## [3.3.0](https://github.com/optave/codegraph/compare/v3.2.0...v3.3.0) (2026-03-19)
 
 **Resolution accuracy reaches a new level.** This release delivers Phase 4 resolution improvements — type inference across all typed languages, receiver type tracking with graded confidence, `package.json` exports field resolution, and monorepo workspace resolution. Method calls like `repo.findCallers()` now resolve through receiver types instead of matching any `findCallers` in scope. Barrel files correctly show re-exported symbols. A precision/recall benchmark suite tracks call resolution accuracy across versions. On the infrastructure side, all hardcoded behavioral constants are centralized into `DEFAULTS` with recursive deep merge, and the TypeScript migration begins with project setup and core type definitions.
diff --git a/docs/roadmap/BACKLOG.md b/docs/roadmap/BACKLOG.md
index e4ca10fd..bf1c62a9 100644
--- a/docs/roadmap/BACKLOG.md
+++ b/docs/roadmap/BACKLOG.md
@@ -1,6 +1,6 @@
 # Codegraph Feature Backlog
 
-**Last updated:** 2026-03-19
+**Last updated:** 2026-03-20
 **Source:** Features derived from [COMPETITIVE_ANALYSIS.md](../../generated/competitive/COMPETITIVE_ANALYSIS.md) and internal roadmap discussions.
 
 ---
diff --git a/docs/roadmap/ROADMAP.md b/docs/roadmap/ROADMAP.md
index bd0a0787..e35f3e8b 100644
--- a/docs/roadmap/ROADMAP.md
+++ b/docs/roadmap/ROADMAP.md
@@ -1,6 +1,6 @@
 # Codegraph Roadmap
 
-> **Current version:** 3.3.0 | **Status:** Active development | **Updated:** March 2026
+> **Current version:** 3.3.1 | **Status:** Active development | **Updated:** March 2026
 
 Codegraph is a strong local-first code graph CLI. This roadmap describes planned improvements across twelve phases -- closing gaps with commercial code intelligence platforms while preserving codegraph's core strengths: fully local, open source, zero cloud dependency by default.
 
diff --git a/package-lock.json b/package-lock.json
index 5eec81ba..28956d0d 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
   "name": "@optave/codegraph",
-  "version": "3.3.0",
+  "version": "3.3.1",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@optave/codegraph",
-      "version": "3.3.0",
+      "version": "3.3.1",
       "license": "Apache-2.0",
       "dependencies": {
         "better-sqlite3": "^12.6.2",
@@ -1277,9 +1277,6 @@
       "cpu": [
         "arm64"
       ],
-      "libc": [
-        "glibc"
-      ],
       "license": "Apache-2.0",
       "optional": true,
       "os": [
@@ -1293,9 +1290,6 @@
       "cpu": [
         "x64"
       ],
-      "libc": [
-        "glibc"
-      ],
       "license": "Apache-2.0",
       "optional": true,
       "os": [
@@ -1309,9 +1303,6 @@
       "cpu": [
         "x64"
       ],
-      "libc": [
-        "musl"
-      ],
       "license": "Apache-2.0",
       "optional": true,
       "os": [
diff --git a/package.json b/package.json
index 8d619ef7..79292130 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@optave/codegraph",
-  "version": "3.3.0",
+  "version": "3.3.1",
   "description": "Local code graph CLI — parse codebases with tree-sitter, build dependency graphs, query them",
   "type": "module",
   "main": "dist/index.js",

From f00b63a57eeaae3dc8e5040a1817deda1cdaf7b5 Mon Sep 17 00:00:00 2001
From: carlos-alm <127798846+carlos-alm@users.noreply.github.com>
Date: Fri, 20 Mar 2026 01:13:04 -0600
Subject: [PATCH 2/4] fix: restore libc field in package-lock.json Linux
 entries

npm v11 silently drops the libc constraint field when regenerating
the lock file. Without it, npm may install glibc binaries on musl
systems (and vice versa). Manually restore the three libc entries
for linux-arm64-gnu, linux-x64-gnu, and linux-x64-musl.
---
 package-lock.json | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/package-lock.json b/package-lock.json
index 28956d0d..78a04781 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1277,6 +1277,9 @@
       "cpu": [
         "arm64"
       ],
+      "libc": [
+        "glibc"
+      ],
       "license": "Apache-2.0",
       "optional": true,
       "os": [
@@ -1290,6 +1293,9 @@
       "cpu": [
         "x64"
       ],
+      "libc": [
+        "glibc"
+      ],
       "license": "Apache-2.0",
       "optional": true,
       "os": [
@@ -1303,6 +1309,9 @@
       "cpu": [
         "x64"
       ],
+      "libc": [
+        "musl"
+      ],
       "license": "Apache-2.0",
       "optional": true,
       "os": [

From 519c5f1207fff76e512e965ab1e4767d6e086c79 Mon Sep 17 00:00:00 2001
From: carlos-alm <127798846+carlos-alm@users.noreply.github.com>
Date: Fri, 20 Mar 2026 01:15:53 -0600
Subject: [PATCH 3/4] fix(skills): add libc field verification to release and
 review skills

npm v11+ silently strips the libc constraint field from
package-lock.json when regenerating. Add explicit verification
steps to both the release skill (Step 7) and review skill (Rules)
to catch and restore missing libc entries on Linux native binaries.
---
 .claude/skills/release/SKILL.md | 13 +++++++++++++
 .claude/skills/review/SKILL.md  |  1 +
 2 files changed, 14 insertions(+)

diff --git a/.claude/skills/release/SKILL.md b/.claude/skills/release/SKILL.md
index 79d1183d..4cae4656 100644
--- a/.claude/skills/release/SKILL.md
+++ b/.claude/skills/release/SKILL.md
@@ -145,6 +145,19 @@ Read `README.md` and check if any new user-facing features from this release nee
 
 Run `grep` to confirm the new version appears in `package-lock.json` and that all `@optave/codegraph-*` optional dependency entries are complete (have version, resolved, integrity, cpu, os fields). Flag any incomplete entries — they indicate an unpublished platform binary.
 
+**Critical: verify `libc` fields on Linux entries.** Some npm versions (notably v11+) silently strip the `libc` field when regenerating the lock file via `npm install --package-lock-only`. Without `libc`, npm may install glibc binaries on musl systems (Alpine) and vice versa. Check:
+
+```bash
+grep -A12 'codegraph-linux' package-lock.json | grep -c libc
+# Expected: 3 (one each for linux-arm64-gnu, linux-x64-gnu, linux-x64-musl)
+```
+
+If the count is less than 3, manually restore the missing fields:
+- `-gnu` packages: `"libc": ["glibc"]`
+- `-musl` packages: `"libc": ["musl"]`
+
+Place the `libc` array after the `cpu` array in each entry.
+
 ## Step 8: Create branch, commit, push, PR
 
 1. Create branch: `git checkout -b release/VERSION` (if on detached HEAD from Step 0, this creates the branch at the current commit)
diff --git a/.claude/skills/review/SKILL.md b/.claude/skills/review/SKILL.md
index b0a7e00d..76dd627c 100644
--- a/.claude/skills/review/SKILL.md
+++ b/.claude/skills/review/SKILL.md
@@ -219,4 +219,5 @@ After processing all PRs, output a summary table:
 - **Run tests and lint locally** before pushing any fix.
 - **One concern per commit** — don't lump conflict resolution with code fixes.
 - **Flag scope creep.** If a PR's diff contains files unrelated to its stated purpose (e.g., a docs PR carrying `src/` or test changes from a merged feature branch), flag it immediately. Split the unrelated changes into a separate branch and PR. Do not proceed with review until the PR is scoped correctly — scope creep is not acceptable.
+- **Verify `package-lock.json` integrity when modified.** If a PR touches `package-lock.json`, check that `libc` fields on Linux `@optave/codegraph-*` optional dependency entries are preserved (`"libc": ["glibc"]` for `-gnu` packages, `"libc": ["musl"]` for `-musl` packages). Some npm versions (notably v11+) silently strip the `libc` field when regenerating the lock file. Without it, npm may install glibc binaries on musl systems and vice versa. Run: `grep -A12 'codegraph-linux' package-lock.json | grep -c libc` — expect 3 matches. If missing, restore them manually.
 - If a PR is fundamentally broken beyond what review feedback can fix, note it in the summary and skip to the next PR.

From 9a5a0576ebacaf07c232d6ab0650f50b8de068e0 Mon Sep 17 00:00:00 2001
From: carlos-alm <127798846+carlos-alm@users.noreply.github.com>
Date: Fri, 20 Mar 2026 01:20:14 -0600
Subject: [PATCH 4/4] fix(skills): remove libc check from review skill

The libc verification belongs only in the release skill where
package-lock.json is regenerated, not in the review sweep.
---
 .claude/skills/review/SKILL.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/.claude/skills/review/SKILL.md b/.claude/skills/review/SKILL.md
index 76dd627c..b0a7e00d 100644
--- a/.claude/skills/review/SKILL.md
+++ b/.claude/skills/review/SKILL.md
@@ -219,5 +219,4 @@ After processing all PRs, output a summary table:
 - **Run tests and lint locally** before pushing any fix.
 - **One concern per commit** — don't lump conflict resolution with code fixes.
 - **Flag scope creep.** If a PR's diff contains files unrelated to its stated purpose (e.g., a docs PR carrying `src/` or test changes from a merged feature branch), flag it immediately. Split the unrelated changes into a separate branch and PR. Do not proceed with review until the PR is scoped correctly — scope creep is not acceptable.
-- **Verify `package-lock.json` integrity when modified.** If a PR touches `package-lock.json`, check that `libc` fields on Linux `@optave/codegraph-*` optional dependency entries are preserved (`"libc": ["glibc"]` for `-gnu` packages, `"libc": ["musl"]` for `-musl` packages). Some npm versions (notably v11+) silently strip the `libc` field when regenerating the lock file. Without it, npm may install glibc binaries on musl systems and vice versa. Run: `grep -A12 'codegraph-linux' package-lock.json | grep -c libc` — expect 3 matches. If missing, restore them manually.
 - If a PR is fundamentally broken beyond what review feedback can fix, note it in the summary and skip to the next PR.