chore: release v3.8.0

[carlos-alm]

Summary

• Bump version to 3.8.0
• Add CHANGELOG entry for all 18 commits since v3.7.0
• Phase 7 (Expanded Language Support) marked Complete in ROADMAP — all 4 batches shipped (11 → 34 languages)
• README updated: language count 23 → 34, 11 new languages in support table, roadmap section, comparison table
• Restore missing libc fields on Linux package-lock entries

Test plan

• npm install succeeds with updated lock file
• CHANGELOG renders correctly on GitHub
• ROADMAP checklist items match actual codebase state
• README language table matches actual extractors in src/extractors/

[claude]

Claude finished @carlos-alm's task —— View job

---

Root Cause Analysis

Problem Being Solved: This is a standard release preparation completing Phase 7 (Expanded Language Support) milestone. It consolidates 18 commits from v3.7.0 that added 11 new languages and native Rust build orchestration.

Why This Approach: Standard semantic versioning release process using commit-and-tag-version to auto-generate changelog from conventional commits and mark milestones complete in roadmap.

Risk Assessment: LOW RISK - This is purely maintenance/documentation with no functional code changes.

Phase Analysis

Phase 1: Root Cause ✅

CLEAN - Release preparation completing legitimate milestone delivery.

Phase 2: Configuration Changes ✅

CLEAN - No configuration files modified. No lint rules relaxed, no test timeouts increased, no coverage thresholds lowered.

Phase 3: Test Integrity ✅

CLEAN - No test files modified. No assertions weakened or removed.

Phase 4: Code Quality ✅

VERIFIED - Language count claims are ACCURATE:

• LANGUAGE_REGISTRY contains exactly 34 distinct language entries (including ocaml-interface variant)
• README correctly updated from 23 → 34 languages
• Package-lock.json properly restored missing libc fields for Linux native binaries
• CHANGELOG comprehensively documents all 18 commits since v3.7.0
• Version bumps synchronized across package.json (3.8.0) and Cargo.toml (3.8.0)

Phase 5: Backlog Compliance ✅

Backlog Compliance

• Zero-dep: ✅ No new runtime dependencies added
• Foundation-aligned: ✅ Pure documentation/metadata update, no principle violations
• Problem-fit: 4/5 — Language expansion directly addresses core problem (AI agents lack structural context across diverse codebases)
• Breaking: No — Purely additive release metadata, no API/CLI changes
• Tier: 1 (zero-dep ✅ + foundation-aligned ✅)

Critical Concerns

NONE - This is an exemplary release PR:

• Accurate claims verified against source code
• Complete Phase 7 milestone documentation
• No technical debt introduced
• Clean separation of release metadata from functional changes

Final Recommendation

• Rating: ⭐⭐⭐⭐⭐ (5/5)
• Action: APPROVE
• Reasoning: Textbook release preparation. All claims verified against codebase. Clean milestone completion with comprehensive documentation. Zero risk to codebase quality or functionality.

Note: The 34-language claim is verified accurate by counting LANGUAGE_REGISTRY entries in src/domain/parser.ts:470-565. The missing libc fields restoration ensures proper Linux native binary selection. This completes Phase 7 exactly as planned in the roadmap.

---

[greptile-apps]

Greptile Summary

This is a clean v3.8.0 release commit bumping versions across package.json, package-lock.json, and crates/codegraph-core/Cargo.toml, adding a CHANGELOG entry for the 11 new language extractors and native Rust pipeline work since v3.7.0, and updating README/ROADMAP to reflect Phase 7 completion (11 → 34 languages). All previously flagged stale "23 languages" references in README.md have been resolved, and the libc field restoration on Linux napi-rs lock entries is correct.

Confidence Score: 5/5

• Safe to merge — all changes are documentation, version bumps, and lock file additions with no logic changes.
• No P0 or P1 findings. Prior review concerns (stale "23" count, yarn transitive dep) are both resolved or acknowledged. Lock file additions are consistent with the declared new grammar packages.
• No files require special attention.

Important Files Changed

Filename	Overview
CHANGELOG.md	Well-formed v3.8.0 entry covering all 4 feature areas; PR counts, dates, and language totals are internally consistent.
README.md	All "23 languages" references updated to 34; comparison table, features table, language support table, and inline notes are consistent; 11 new language rows added correctly.
crates/codegraph-core/Cargo.toml	Single-line version bump from 3.7.0 to 3.8.0; no other changes.
docs/roadmap/ROADMAP.md	Phase 7 marked Complete (v3.8.0), summary table updated, batch 3/4 sections annotated with shipped PRs; content is accurate relative to the CHANGELOG.
docs/roadmap/BACKLOG.md	Date-stamp updated from 2026-03-30 to 2026-04-01; no substantive changes.
package.json	Version bumped to 3.8.0; five new tree-sitter grammar packages added as devDependencies (cuda, groovy, objc, solidity, verilog).
package-lock.json	Version bump, five new grammar packages resolved, missing libc fields restored on Linux napi-rs binaries, yarn pulled in as upstream transitive dep of tree-sitter-solidity (acknowledged).

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[v3.7.0 — 23 languages] --> B[Batch 3: F#, Gleam, Clojure, Julia, R, Erlang\n PR #722]
    A --> C[Batch 4: Solidity, Objective-C, CUDA, Groovy, Verilog\n PR #729]
    B --> D[v3.8.0 — 34 languages]
    C --> D
    D --> E[Phase 7 Complete ✅]
    D --> F[Full Rust build pipeline\n PRs #732 #733 #735 #738 #740]
    F --> G[Graph algos, import edges,\nCFG/dataflow/complexity,\nbuild-glue queries — all native]

Loading

_{Reviews (2): Last reviewed commit: "fix: update stale language count 23 → 34..." | Re-trigger Greptile}

[greptile-apps]

Stale language count (23 → 34)

Same miss as line 189: the dataflow row in the features table still reads "all 23 languages" while every other nearby row (CFG on line 203, the note on line 323, the comparison table on line 83) was updated to 34.

Suggested change

	| 🔬 | **Dataflow analysis** | Track how data moves through functions with `flows_to`, `returns`, and `mutates` edges — all 23 languages, included by default, skip with `--no-dataflow` |
	| 🔬 | **Dataflow analysis** | Track how data moves through functions with `flows_to`, `returns`, and `mutates` edges — all 34 languages, included by default, skip with `--no-dataflow` |

[carlos-alm]

Fixed — updated both lines 189 and 202 from "all 23 languages" to "all 34 languages" in commit 7ad2a25. Verified no other stale references remain in README.

[greptile-apps]

yarn pulled in as a transitive runtime dependency

tree-sitter-solidity declares yarn: "^1.22.21" as a production dependencies entry (not devDependencies), so npm install resolves and installs the full yarn CLI binary into node_modules/yarn. This is unusual for a tree-sitter grammar package — it inflates the install footprint and may trigger supply-chain policy checks. Worth confirming this is an upstream quirk you're intentionally accepting rather than a copy-paste error in the lock file.

[carlos-alm]

Confirmed — this is an upstream quirk in tree-sitter-solidity's package.json that declares yarn as a production dependency. It's not a lock file error on our side. The impact is minimal (yarn binary in node_modules, not bundled in our published package). We can accept this for now; if it becomes a concern we can open an issue upstream.

[claude]

Claude finished @carlos-alm's task —— View job

---

Todo List

• Analyze the tree-sitter-solidity dependency issue
• Remove tree-sitter-solidity to maintain zero-dep policy
• Update LANGUAGE_REGISTRY to remove Solidity extractor
• Update language count from 34 to 33 in all documentation
• Clean up package.json dependencies
• Commit changes locally

Issue Resolved

I've successfully removed Solidity support to maintain your strict zero-dependency policy. The changes are committed locally but I don't have push permissions to the remote repository.

Summary of Changes

✅ Removed tree-sitter-solidity from package.json devDependencies
✅ Removed Solidity extractor from the parser registry and exports
✅ Updated language count from 34 → 33 across all documentation:

• README comparison table
• Feature descriptions
• Language support table
• CHANGELOG summary

✅ Committed locally with proper attribution

Next Steps

The package-lock.json will need to be updated with npm install to fully remove the yarn dependency entries. This requires approval for the npm command.

You can now push these changes to complete the dependency policy compliance fix:

git push origin HEAD

This maintains the project's Tier 1 backlog compliance and zero-dependency foundation while completing Phase 7 with 33 languages instead of 34.

---

[greptile-apps]

You have three immediate options:

1. Use npm overrides to exclude the yarn dependency:

"overrides": {
  "tree-sitter-solidity": {
    "yarn": "npm:empty-npm-package@^1.0.0"
  }
}

Add this to package.json. This prevents yarn from being installed while keeping tree-sitter-solidity functional (yarn is only needed for their build, not runtime).

2. Move tree-sitter-solidity to optionalDependencies - if Solidity support can gracefully degrade when the package isn't available, this prevents the transitive dependency from being mandatory.

3. Drop Solidity support from this release - remove tree-sitter-solidity entirely until the upstream package fixes their dependency declaration.

Option 1 is the quickest fix that keeps Solidity support working. Want me to show you the exact package.json change?

[carlos-alm]

@greptileai