23f7624596
ADR-166 MCP Bridge Security Lock / Static-source security lock (push) Failing after 0s
ADR-166 MCP Bridge Security Lock / Compose default binds loopback + Mongo has auth (push) Failing after 2s
CodeQL Advanced / Analyze (rust) (push) Failing after 0s
ADR-166 MCP Bridge Security Lock / plugin-agent-federation bindHost default (push) Failing after 1s
ADR-166 MCP Bridge Security Lock / Runtime behavior — 401 + terminal gate + fail-closed (push) Failing after 4s
business-pods-smoke / smoke (push) Failing after 1s
all-plugins-smoke / smoke-all (push) Failing after 2s
CI/CD Pipeline / Security & Code Quality (push) Failing after 1s
CI/CD Pipeline / Test Suite (ubuntu-latest) (push) Failing after 1s
CI/CD Pipeline / Build & Package (macos-latest) (push) Has been skipped
CI/CD Pipeline / Build & Package (ubuntu-latest) (push) Has been skipped
CI/CD Pipeline / Build & Package (windows-latest) (push) Has been skipped
CI/CD Pipeline / Documentation & Examples (push) Failing after 1s
Clone Tracker (14-day rolling) / Snapshot clones for ruflo ecosystem (push) Failing after 1s
CodeQL Advanced / Analyze (actions) (push) Failing after 1s
CodeQL Advanced / Analyze (javascript-typescript) (push) Failing after 1s
federation-peer-rust / stable-noop (push) Failing after 1s
metaharness-ci / score (push) Failing after 1s
metaharness-ci / router-compat (push) Failing after 0s
metaharness-ci / similarity-tests (push) Failing after 0s
no-agentbbs-smoke / smoke-without-agentbbs (push) Failing after 1s
V3 CI/CD Pipeline / Build V3 (windows-latest) (push) Has been skipped
codex-integration-audit / Codex integration audit (push) Failing after 1s
helpers-manifest-guard / guard (push) Failing after 1s
🔗 Cross-Agent Integration Tests / 🤝 Agent Coordination Tests (push) Has been skipped
🔗 Cross-Agent Integration Tests / 🧠 Memory Sharing Integration (push) Has been skipped
🔗 Cross-Agent Integration Tests / 🛡️ Fault Tolerance Tests (push) Has been skipped
🔗 Cross-Agent Integration Tests / ⚡ Performance Integration Tests (push) Has been skipped
metaharness-ci / mcp-scan (push) Failing after 1s
metaharness-ci / eject-dryrun (push) Failing after 1s
metaharness-ci / metaharness-real-data (push) Failing after 0s
no-cli-optdep-bloat-2561 / guard (push) Failing after 1s
no-metaharness-smoke / smoke-without-metaharness (push) Failing after 1s
no-phantom-agentic-flow-subpath / guard (push) Failing after 1s
🔄 Automated Rollback Manager / 🚨 Failure Detection (push) Failing after 1s
V3 CI/CD Pipeline / Plugin hooks smoke / ubuntu-latest / Node 22 (push) Failing after 1s
V3 CI/CD Pipeline / ruflo-graph-intelligence build + test smoke (#2044, ADR-123) (push) Failing after 1s
CVE Audit Gate / Audit root (critical-blocking) (push) Failing after 2s
cost-tracker-smoke / smoke (push) Failing after 3s
oia-audit-weekly / audit (push) Failing after 2s
ruflo-agent-smoke / ruflo-agent structural smoke (push) Failing after 1s
📊 Status Badges Update / 📊 Update Status Badges (push) Failing after 1s
V3 CI/CD Pipeline / Static regression guards (#2267 YAML + (push) Failing after 1s
V3 CI/CD Pipeline / Test V3 Packages (push) Failing after 0s
V3 CI/CD Pipeline / agent_execute provider routing smoke (#2042) (push) Failing after 0s
CVE Audit Gate / Audit v3 (critical-blocking) (push) Failing after 1s
federation-peer-rust / stable-native (push) Failing after 2s
🔗 Cross-Agent Integration Tests / 🚀 Integration Test Setup (push) Failing after 2s
neural-trader-smoke / runtime-smoke (push) Failing after 1s
V3 CI/CD Pipeline / Build V3 (macos-latest) (push) Has been skipped
V3 CI/CD Pipeline / Build V3 (ubuntu-latest) (push) Has been skipped
V3 CI/CD Pipeline / Type Check V3 (push) Failing after 1s
V3 CI/CD Pipeline / Smoke (no better-sqlite3) / ubuntu-latest / Node 24 (push) Failing after 1s
V3 CI/CD Pipeline / Smoke (no better-sqlite3) / ubuntu-latest / Node 22 (push) Failing after 2s
V3 CI/CD Pipeline / browser rvf create flag smoke (#2015) (push) Failing after 0s
V3 CI/CD Pipeline / Dependency review (#2046) (push) Has been skipped
V3 CI/CD Pipeline / Supply-chain audit (#2046) (push) Failing after 0s
V3 CI/CD Pipeline / witness marker drift smoke (#2021) (push) Failing after 1s
V3 CI/CD Pipeline / neural-trader portfolio CG smoke (#2068, ADR-126 Phase 3) (push) Failing after 1s
V3 CI/CD Pipeline / neural-trader backtest signing smoke (#2068, ADR-126 Phase 4) (push) Failing after 1s
V3 CI/CD Pipeline / kg-extract type-import classification smoke (#2049) (push) Failing after 0s
V3 CI/CD Pipeline / witness verify precondition smoke (#1880) (push) Failing after 2s
V3 CI/CD Pipeline / neural-trader pipeline risk-gate smoke (#2068, ADR-126 Phase 5) (push) Failing after 0s
V3 CI/CD Pipeline / neural-trader feature attribution smoke (#2068, ADR-126 Phase 6) (push) Failing after 0s
V3 CI/CD Pipeline / plugin-registry signature verification smoke (#1922, CWE-347) (push) Failing after 4s
V3 CI/CD Pipeline / memory stats legacy-DB smoke (#2120) (push) Failing after 4s
V3 CI/CD Pipeline / github deprecated actions smoke (#2089, ADR-127 Phase 3) (push) Failing after 1s
V3 CI/CD Pipeline / graph query + pathfinder smoke (ADR-130 P2+P5) (push) Has been skipped
V3 CI/CD Pipeline / graph trajectory hooks smoke (ADR-130 P3) (push) Has been skipped
V3 CI/CD Pipeline / graph plugin adapter smoke (ADR-130 P4) (push) Has been skipped
V3 CI/CD Pipeline / graph benchmark (ADR-130 P6) (push) Has been skipped
V3 CI/CD Pipeline / statusline generator delegation smoke (#2195) (push) Failing after 1s
V3 CI/CD Pipeline / wizard init regression guard (#2206 (push) Failing after 1s
V3 CI/CD Pipeline / memory no-stray-db smoke (ADR-125 P7) (push) Failing after 1s
V3 CI/CD Pipeline / github-safe injection smoke (#2089, ADR-127 Phase 1) (push) Failing after 1s
V3 CI/CD Pipeline / github actions pin smoke (#2089, ADR-127 Phase 1) (push) Failing after 1s
V3 CI/CD Pipeline / github attribution opt-in smoke (#2089, ADR-127 Phase 4) (push) Failing after 1s
V3 CI/CD Pipeline / pre-bash hook safety smoke (#2017) (push) Failing after 1s
V3 CI/CD Pipeline / Memory import smoke / ubuntu-latest (push) Failing after 0s
V3 CI/CD Pipeline / MCP protocol smoke / ubuntu-latest (push) Failing after 2s
V3 CI/CD Pipeline / ruvllm WASM auto-init smoke (#2086) (push) Failing after 4s
V3 CI/CD Pipeline / MCP paired-tool round-trip smoke (#1889) (push) Failing after 1s
V3 CI/CD Pipeline / Plugin package install-safety (#1902/#1903/#1904) (push) Failing after 1s
V3 CI/CD Pipeline / Tool description discoverability (ADR-112) (push) Failing after 3s
V3 CI/CD Pipeline / CLI npx-install smoke (#1147 / (22) (push) Failing after 1s
V3 CI/CD Pipeline / CLI npx-install smoke (#1147 / (24) (push) Failing after 1s
V3 CI/CD Pipeline / Windows hook shim smoke (#2132) / ubuntu-latest (push) Failing after 2s
V3 CI/CD Pipeline / Windows hook execution smoke (#2132) / ubuntu-latest (push) Failing after 1s
V3 CI/CD Pipeline / Windows init hooks smoke (#2132) / ubuntu-latest (push) Failing after 1s
V3 CI/CD Pipeline / Vector-index dimension audit (#1947) (push) Failing after 0s
V3 CI/CD Pipeline / Hook-command install safety (#1921) (push) Failing after 1s
V3 CI/CD Pipeline / ToolOutputGuardrail smoke (ADR-131, (push) Failing after 1s
V3 CI/CD Pipeline / init-bundle invariants smoke (#2095, ADR-128 Phase 5) (push) Failing after 1s
V3 CI/CD Pipeline / wasm provider bridge smoke (ADR-129 P1) (push) Failing after 2s
V3 CI/CD Pipeline / wasm gallery CRUD smoke (ADR-129 P3) (push) Failing after 1s
V3 CI/CD Pipeline / wasm plugin bridge smoke (ADR-129 P4) (push) Failing after 0s
V3 CI/CD Pipeline / wasm compose smoke (ADR-129 P2) (push) Failing after 4s
V3 CI/CD Pipeline / graph schema smoke (ADR-130 P1) (push) Failing after 0s
Validate Marketplace / validate (push) Failing after 1s
🔍 Verification Pipeline / 🚀 Setup Verification (push) Failing after 1s
🔍 Verification Pipeline / 🛡️ Security Verification (push) Has been skipped
🔍 Verification Pipeline / 📝 Code Quality (push) Has been skipped
🔍 Verification Pipeline / 🧪 Test Verification (${{ matrix.os }}, Node ${{ matrix.node }}) (push) Has been skipped
🔍 Verification Pipeline / 🏗️ Build Verification (push) Has been skipped
🔍 Verification Pipeline / 📚 Documentation Verification (push) Has been skipped
CVE Audit Gate / High-severity report (warn only) (push) Has been cancelled
🔄 Automated Rollback Manager / 🔄 Execute Rollback (push) Has been cancelled
🔄 Automated Rollback Manager / ✅ Post-Rollback Verification (push) Has been cancelled
🔄 Automated Rollback Manager / 📊 Rollback Monitoring (push) Has been cancelled
V3 CI/CD Pipeline / Windows init hooks smoke (#2132) / windows-latest (push) Has been cancelled
V3 CI/CD Pipeline / Windows hook execution smoke (#2132) / macos-latest (push) Has been cancelled
V3 CI/CD Pipeline / Windows hook execution smoke (#2132) / windows-latest (push) Has been cancelled
🔄 Automated Rollback Manager / ⏳ Manual Rollback Approval (push) Has been cancelled
V3 CI/CD Pipeline / MCP protocol smoke / macos-latest (push) Has been cancelled
V3 CI/CD Pipeline / Memory import smoke / macos-latest (push) Has been cancelled
V3 CI/CD Pipeline / Windows hook shim smoke (#2132) / macos-latest (push) Has been cancelled
V3 CI/CD Pipeline / Windows hook shim smoke (#2132) / windows-latest (push) Has been cancelled
V3 CI/CD Pipeline / Windows init hooks smoke (#2132) / macos-latest (push) Has been cancelled
V3 CI/CD Pipeline / Witness verify (signed manifest) / macos-latest (push) Has been cancelled
V3 CI/CD Pipeline / Witness verify (signed manifest) / ubuntu-latest (push) Has been cancelled
V3 CI/CD Pipeline / Witness verify (signed manifest) / windows-latest (push) Has been cancelled
V3 CI/CD Pipeline / Publish to npm (alpha) (push) Has been cancelled
V3 CI/CD Pipeline / Smoke (no better-sqlite3) / macos-latest / Node 22 (push) Has been cancelled
V3 CI/CD Pipeline / Plugin hooks smoke / macos-latest / Node 22 (push) Has been cancelled
CI/CD Pipeline / Deploy & Release (push) Has been cancelled
CI/CD Pipeline / CI Status (push) Has been cancelled
🔗 Cross-Agent Integration Tests / 📊 Integration Test Report (push) Has been cancelled
🔄 Automated Rollback Manager / 🔍 Pre-Rollback Validation (push) Has been cancelled
🔍 Verification Pipeline / ⚡ Performance Verification (push) Has been cancelled
🔍 Verification Pipeline / 📊 Verification Report (push) Has been cancelled
277 lines
9.4 KiB
Markdown
277 lines
9.4 KiB
Markdown
# @claude-flow/plugin-performance-optimizer
|
|
|
|
[](https://www.npmjs.com/package/@claude-flow/plugin-performance-optimizer)
|
|
[](https://www.npmjs.com/package/@claude-flow/plugin-performance-optimizer)
|
|
[](https://opensource.org/licenses/MIT)
|
|
|
|
A comprehensive performance optimization plugin combining sparse inference for efficient trace analysis with graph neural networks for dependency chain optimization. The plugin enables intelligent bottleneck detection, memory leak identification, N+1 query detection, and bundle size optimization while providing explainable recommendations based on historical performance patterns.
|
|
|
|
## Features
|
|
|
|
- **Bottleneck Detection**: Identify performance bottlenecks using GNN-based dependency analysis
|
|
- **Memory Analysis**: Detect memory leaks, retention chains, and GC pressure points
|
|
- **Query Optimization**: Detect N+1 queries, missing indexes, and slow joins
|
|
- **Bundle Optimization**: Analyze and optimize JavaScript bundle size with tree shaking and code splitting
|
|
- **Configuration Optimization**: Learn optimal configurations from workload patterns using SONA
|
|
|
|
## Installation
|
|
|
|
### npm
|
|
|
|
```bash
|
|
npm install @claude-flow/plugin-performance-optimizer
|
|
```
|
|
|
|
### CLI
|
|
|
|
```bash
|
|
npx claude-flow plugins install --name @claude-flow/plugin-performance-optimizer
|
|
```
|
|
|
|
## Quick Start
|
|
|
|
```typescript
|
|
import { PerfOptimizerPlugin } from '@claude-flow/plugin-performance-optimizer';
|
|
|
|
// Initialize the plugin
|
|
const plugin = new PerfOptimizerPlugin();
|
|
await plugin.initialize();
|
|
|
|
// Detect performance bottlenecks
|
|
const bottlenecks = await plugin.detectBottlenecks({
|
|
traceData: {
|
|
format: 'otlp',
|
|
spans: traceSpans,
|
|
metrics: performanceMetrics
|
|
},
|
|
analysisScope: ['cpu', 'memory', 'database'],
|
|
threshold: {
|
|
latencyP95: 500, // 500ms
|
|
throughput: 1000,
|
|
errorRate: 0.01
|
|
}
|
|
});
|
|
|
|
console.log('Detected bottlenecks:', bottlenecks);
|
|
```
|
|
|
|
## MCP Tools
|
|
|
|
### 1. `perf/bottleneck-detect`
|
|
|
|
Detect performance bottlenecks using GNN-based dependency analysis.
|
|
|
|
```typescript
|
|
// Example usage via MCP
|
|
const result = await mcp.call('perf/bottleneck-detect', {
|
|
traceData: {
|
|
format: 'chrome_devtools',
|
|
spans: chromeTraceSpans,
|
|
metrics: { renderTime: 150, scriptTime: 200 }
|
|
},
|
|
analysisScope: ['cpu', 'render', 'network'],
|
|
threshold: {
|
|
latencyP95: 100,
|
|
throughput: 60
|
|
}
|
|
});
|
|
```
|
|
|
|
**Returns:** List of identified bottlenecks with severity, location, and recommended fixes.
|
|
|
|
### 2. `perf/memory-analyze`
|
|
|
|
Analyze memory usage patterns and detect potential leaks.
|
|
|
|
```typescript
|
|
const result = await mcp.call('perf/memory-analyze', {
|
|
heapSnapshot: '/path/to/heap-snapshot.heapsnapshot',
|
|
timeline: memoryTimelineData,
|
|
analysis: ['leak_detection', 'retention_analysis', 'gc_pressure'],
|
|
compareBaseline: '/path/to/baseline-snapshot.heapsnapshot'
|
|
});
|
|
```
|
|
|
|
**Returns:** Memory analysis report with leak candidates, retention chains, and optimization suggestions.
|
|
|
|
### 3. `perf/query-optimize`
|
|
|
|
Detect N+1 queries and suggest database optimizations.
|
|
|
|
```typescript
|
|
const result = await mcp.call('perf/query-optimize', {
|
|
queries: [
|
|
{ sql: 'SELECT * FROM users WHERE id = ?', duration: 5, resultSize: 1 },
|
|
{ sql: 'SELECT * FROM orders WHERE user_id = ?', duration: 3, resultSize: 10 }
|
|
],
|
|
patterns: ['n_plus_1', 'missing_index', 'slow_join'],
|
|
suggestIndexes: true
|
|
});
|
|
```
|
|
|
|
**Returns:** Detected query anti-patterns with suggested batch alternatives and index recommendations.
|
|
|
|
### 4. `perf/bundle-optimize`
|
|
|
|
Analyze and optimize JavaScript bundle size.
|
|
|
|
```typescript
|
|
const result = await mcp.call('perf/bundle-optimize', {
|
|
bundleStats: '/path/to/webpack-stats.json',
|
|
analysis: ['tree_shaking', 'code_splitting', 'duplicate_deps', 'large_modules'],
|
|
targets: {
|
|
maxSize: 250, // 250KB
|
|
maxChunks: 10
|
|
}
|
|
});
|
|
```
|
|
|
|
**Returns:** Bundle analysis with optimization recommendations for tree shaking, code splitting, and dependency deduplication.
|
|
|
|
### 5. `perf/config-optimize`
|
|
|
|
Suggest optimal configurations based on workload patterns using SONA learning.
|
|
|
|
```typescript
|
|
const result = await mcp.call('perf/config-optimize', {
|
|
workloadProfile: {
|
|
type: 'api',
|
|
metrics: { requestsPerSecond: 1000, avgLatency: 50 },
|
|
constraints: { maxMemory: '4GB', maxCpu: 4 }
|
|
},
|
|
configSpace: {
|
|
poolSize: { type: 'number', range: [10, 100], current: 25 },
|
|
cacheSize: { type: 'number', range: [100, 1000], current: 200 }
|
|
},
|
|
objective: 'latency'
|
|
});
|
|
```
|
|
|
|
**Returns:** Optimized configuration values with expected performance improvements.
|
|
|
|
## Configuration Options
|
|
|
|
```typescript
|
|
interface PerfOptimizerConfig {
|
|
// WASM memory limit (default: 2GB)
|
|
memoryLimit: number;
|
|
|
|
// Analysis timeout in seconds (default: 300)
|
|
analysisTimeout: number;
|
|
|
|
// Enable SONA learning for configuration optimization
|
|
enableSONALearning: boolean;
|
|
|
|
// Supported trace formats
|
|
supportedFormats: ('otlp' | 'chrome_devtools' | 'jaeger' | 'zipkin')[];
|
|
|
|
// Performance thresholds for alerting
|
|
thresholds: {
|
|
latencyP95: number;
|
|
throughput: number;
|
|
errorRate: number;
|
|
};
|
|
}
|
|
```
|
|
|
|
## Performance Targets
|
|
|
|
| Metric | Target | Improvement vs Baseline |
|
|
|--------|--------|------------------------|
|
|
| Trace analysis (1M spans) | <5s | 24x faster |
|
|
| Memory analysis (1GB heap) | <30s | 10x faster |
|
|
| Query pattern detection (10K queries) | <1s | 600x faster |
|
|
| Bundle analysis (10MB) | <10s | 6x faster |
|
|
| Config optimization | <1min convergence | 1440x+ faster |
|
|
|
|
## Security Considerations
|
|
|
|
- **Trace Data Sanitization**: Automatically sanitizes sensitive data (passwords, tokens, cookies) from trace data before processing
|
|
- **Query Parse-Only**: SQL queries are parsed and analyzed but never executed
|
|
- **WASM Sandboxing**: All analysis runs in isolated WASM sandbox with 2GB memory limit and no network access
|
|
- **Path Validation**: Bundle stats paths are validated to prevent path traversal attacks
|
|
- **Input Validation**: All inputs validated with Zod schemas to prevent injection attacks
|
|
- **No Code Execution**: Performance suggestions are recommendations only - no automatic code modification
|
|
|
|
### WASM Security Constraints
|
|
|
|
| Constraint | Value | Rationale |
|
|
|------------|-------|-----------|
|
|
| Memory Limit | 2GB max | Handle large trace datasets |
|
|
| CPU Time Limit | 300 seconds | Allow deep performance analysis |
|
|
| No Network Access | Enforced | Prevent data exfiltration |
|
|
| No File System Write | Enforced | Read-only analysis mode |
|
|
| Sandboxed Paths | Validated prefixes only | Prevent path traversal |
|
|
|
|
### Input Limits
|
|
|
|
| Input | Limit |
|
|
|-------|-------|
|
|
| Max spans per trace | 1,000,000 |
|
|
| Max query size | 10KB |
|
|
| Max queries per batch | 10,000 |
|
|
| Max heap snapshot size | 1GB |
|
|
| Max bundle stats size | 50MB |
|
|
| CPU time limit | 300 seconds |
|
|
|
|
### Rate Limiting
|
|
|
|
```typescript
|
|
const rateLimits = {
|
|
'perf/bottleneck-detect': { requestsPerMinute: 10, maxConcurrent: 2 },
|
|
'perf/memory-analyze': { requestsPerMinute: 5, maxConcurrent: 1 },
|
|
'perf/query-optimize': { requestsPerMinute: 30, maxConcurrent: 3 },
|
|
'perf/bundle-optimize': { requestsPerMinute: 10, maxConcurrent: 2 },
|
|
'perf/config-optimize': { requestsPerMinute: 5, maxConcurrent: 1 }
|
|
};
|
|
```
|
|
|
|
## Dependencies
|
|
|
|
- `ruvector-sparse-inference-wasm` - Efficient sparse performance trace processing
|
|
- `ruvector-gnn-wasm` - Dependency chain analysis and critical path detection
|
|
- `micro-hnsw-wasm` - Similar performance pattern matching
|
|
- `ruvector-fpga-transformer-wasm` - Fast transformer inference for trace analysis
|
|
- `sona` - Learning optimal configurations from historical data
|
|
|
|
## Supported Formats
|
|
|
|
| Category | Formats |
|
|
|----------|---------|
|
|
| Tracing | OpenTelemetry, Jaeger, Zipkin, Chrome DevTools |
|
|
| Profiling | Chrome CPU Profile, Node.js Profile, pprof |
|
|
| Memory | Chrome Heap Snapshot, Node.js Heap |
|
|
| Bundles | Webpack Stats, Vite Stats, Rollup |
|
|
|
|
## Related Plugins
|
|
|
|
| Plugin | Description | Use Case |
|
|
|--------|-------------|----------|
|
|
| [@claude-flow/plugin-code-intelligence](../code-intelligence) | Code analysis | Identify code causing performance issues |
|
|
| [@claude-flow/plugin-test-intelligence](../test-intelligence) | Test optimization | Performance regression test selection |
|
|
| [@claude-flow/plugin-financial-risk](../financial-risk) | Risk analysis | Trading system latency optimization |
|
|
|
|
## License
|
|
|
|
MIT License
|
|
|
|
Copyright (c) 2026 Claude Flow
|
|
|
|
Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
of this software and associated documentation files (the "Software"), to deal
|
|
in the Software without restriction, including without limitation the rights
|
|
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
copies of the Software, and to permit persons to whom the Software is
|
|
furnished to do so, subject to the following conditions:
|
|
|
|
The above copyright notice and this permission notice shall be included in all
|
|
copies or substantial portions of the Software.
|
|
|
|
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
SOFTWARE.
|