Hikaflow VS Code Extension
AI-powered code analysis, impact detection, and development intelligence for VS Code.
Features
Pre-Commit Analysis
- Developer Impact Report: Comprehensive analysis of your changes with severity ratings, evidence, and improvement suggestions
- Check Readiness: Assess whether changes are ready to commit with test coverage and risk analysis
- Release Impact Report: Full release impact analysis across all changed files
- Regression Risk Detector: Cross-references diff, git history, and runtime errors to predict regression risk per file
- Change Summary: Quick summary of blast radius, breaking changes, and test gaps
Impact Analysis
- Blast Radius: Compiler-accurate dependency tracking shows exactly which files are affected by your changes
- Confidence Scoring: Signal-based confidence system (high/medium/low) with provenance tracking
- Gutter Decorations: Colored dots in the editor gutter show risk level at a glance
Code Quality
- Hotspot Heatmap: Files ranked by change frequency, complexity, and risk factors
- Circular Dependency Detection: Find and visualize import cycles using Tarjan's algorithm
- Unused Export Detection: Identify dead code that can be safely removed
- Code Health Scoring: Aggregate health score for files based on multiple signals
- Risky Files: Flag files with low health scores
AI-Powered Intelligence
- Explain This File: AI explanation of a file's purpose and structure
- Generate Tests (AI): Generate comprehensive unit tests with proper mocking
- Explain Breaking Changes: Get AI explanations with migration steps
- Explain Dependencies: Understand why files are connected and coupling levels
- PR Summary Generation: Auto-generate PR descriptions from your changes
- Commit Message Generation: Generate conventional commit messages
- Catch Me Up: Summarize recent git changes to get up to speed
- Generate Docs: Generate documentation for selected code
Code Navigation (Call Hierarchy)
- Find Callers / Callees: Navigate callers and callees of any function via dedicated tree views
- Call Chain Visualization: Full call chain webview for understanding execution paths
Fix Safely (Build Agent)
- AI-Assisted Fixes: Start a fix session with validation guards (typecheck + impacted tests)
- Dedicated Sidebar: Monitor fix progress, review diffs, and apply changes
- Enriched Context: Integrates history, fragility, impact, call hierarchy, and business criticality analysis
Smart Testing
- Impacted Test Discovery: Automatically find tests affected by your changes
- Shadow Validation: Background test validation on idle
- Test Gap Analysis: Identify coverage gaps with complexity-weighted risk
Runtime Telemetry (Sentry)
- Sentry Integration: Connect your Sentry account for runtime error analysis
- Error Mapping: View Sentry errors mapped to your local files
- Stack Trace Resolution: Decode and navigate production stack traces with source maps
Trust Modes
Three modes control warning sensitivity:
- Strict: Lower thresholds, more warnings (blast radius threshold: 3)
- Balanced: Default sensible warnings (blast radius threshold: 5)
- Quiet: Higher thresholds, fewer warnings (blast radius threshold: 10)
Modes can come from .hikaflow.json in repo root or VS Code settings.
Privacy & Security
- Privacy Gate: All content is sanitized before sending to LLM
- Secret Detection: Auto-redacts API keys, tokens, passwords (12+ patterns)
- Audit Logging: Track all LLM requests (content never logged)
- Preview Mode: Review what will be sent before any LLM request
CI/CD Integration
- Export Reports: Generate deterministic JSON reports for CI pipelines
- Breaking Change Detection: Catch API/schema changes before they ship
Institutional Memory
- Git History Mining: Analyze git history for fragility patterns (reverts, bug-fix clusters, churn)
- Fragility Scoring: Score files based on historical incident data
- CodeLens Indicators: See fragility indicators inline in the editor
Commands
Pre-Commit Analysis
| Command |
Shortcut |
Description |
| Hikaflow: Developer Impact Report |
|
Comprehensive change analysis with severity ratings |
| Hikaflow: Check Readiness |
|
Assess commit readiness with test coverage and risk |
| Hikaflow: Release Impact Report |
|
Full release impact analysis |
| Hikaflow: Regression Risk Detector |
|
Predict regression risk from diff + history + runtime |
| Hikaflow: Review Change Summary |
Ctrl+Alt+R |
Quick summary of blast radius and breaking changes |
Impact Analysis
| Command |
Shortcut |
Description |
| Hikaflow: Show Blast Radius |
Ctrl+Alt+B |
Show files affected by current file changes |
| Hikaflow: Run Impact Analysis |
|
Full impact analysis on current file |
| Hikaflow: Show Confidence Breakdown |
Ctrl+Alt+C |
View confidence score details |
AI-Powered
| Command |
Shortcut |
Description |
| Hikaflow: Explain This File |
|
AI explanation of file purpose and structure |
| Hikaflow: Generate Tests (AI) |
|
Generate unit tests with mocking |
| Hikaflow: Explain Breaking Change |
|
AI explanation with migration steps |
| Hikaflow: Explain Dependency Path |
|
Understand file connections |
| Hikaflow: Generate PR Summary |
|
Auto-generate PR description |
| Hikaflow: Generate Commit Message |
|
Generate conventional commit message |
| Hikaflow: Catch Me Up |
|
Summarize recent git changes |
| Hikaflow: Generate Docs |
|
Generate documentation for selected code |
Code Navigation
| Command |
Shortcut |
Description |
| Hikaflow: Find Callers |
Ctrl+Shift+Alt+Up |
Show callers of function at cursor |
| Hikaflow: Find Callees |
Ctrl+Shift+Alt+Down |
Show callees of function at cursor |
| Hikaflow: Show Call Chain |
Ctrl+Alt+K |
Visualize full call chain |
Code Quality
| Command |
Shortcut |
Description |
| Hikaflow: Show Hotspot Heatmap |
Ctrl+Alt+H |
View files ranked by risk factors |
| Hikaflow: Show Circular Dependencies |
|
Find import cycles |
| Hikaflow: Show Unused Exports |
|
Identify dead code |
| Hikaflow: Show Code Health |
|
Aggregate health score |
| Hikaflow: Show Risky Files |
|
Files flagged as high risk |
Testing
| Command |
Shortcut |
Description |
| Hikaflow: Run Impacted Tests |
Ctrl+Alt+T |
Run tests affected by your changes |
| Hikaflow: Run Single Test |
|
Run a single test file |
| Hikaflow: Run Tests in Group |
|
Run all tests in a confidence group |
Fix Safely (Build Agent)
| Command |
Shortcut |
Description |
| Hikaflow: Start Fix Safely |
Ctrl+Alt+A |
Start AI-assisted fix session |
| Hikaflow: Show Panel |
Ctrl+Alt+P |
Open Fix Safely sidebar |
| Hikaflow: Review Changes |
|
Review diff of Fix Safely changes |
| Hikaflow: Apply Changes |
|
Apply validated changes to working tree |
Runtime & Sentry
| Command |
Shortcut |
Description |
| Hikaflow: Connect Sentry |
|
Connect Sentry account |
| Hikaflow: Show Runtime Errors |
|
View Sentry errors mapped to files |
| Hikaflow: Resolve Stack Trace |
|
Decode production stack traces |
CI/CD & Export
| Command |
Shortcut |
Description |
| Hikaflow: Export Analysis Report |
|
Generate JSON report for CI |
| Hikaflow: Preview Report |
|
Preview report before exporting |
Privacy
| Command |
Shortcut |
Description |
| Hikaflow: Show LLM Audit Log |
|
View LLM request audit history |
| Hikaflow: Analyze File Privacy |
|
Check file for sensitive content |
Configuration
| Command |
Shortcut |
Description |
| Hikaflow: Select Mode |
Ctrl+Alt+M |
Switch warning sensitivity mode |
| Hikaflow: Show Thresholds |
|
View threshold calibration values |
| Hikaflow: Open Settings |
|
Open Hikaflow settings |
| Hikaflow: Show Help |
|
Show all commands in a webview panel |
Configuration
.hikaflow.json (Repository Config)
Place a .hikaflow.json file in your repository root to configure project-specific settings:
{
"mode": "balanced",
"framework": "nextjs",
"domainKeywords": ["checkout", "payment", "auth"]
}
| Field |
Description |
mode |
Trust mode: strict, balanced, or quiet |
framework |
Framework profile for analysis (e.g., nextjs, react, express) |
domainKeywords |
Domain-specific keywords for business criticality detection |
VS Code Settings
See hikaflow.* settings in VS Code preferences for full configuration. Key settings:
| Setting |
Default |
Description |
hikaflow.mode |
balanced |
Warning sensitivity mode |
hikaflow.analysis.useTypeScriptService |
true |
Compiler-accurate symbol resolution |
hikaflow.privacy.redactSecrets |
true |
Auto-redact secrets before LLM |
hikaflow.fixSafely.enabled |
true |
Enable AI-assisted fix sessions |
hikaflow.callHierarchy.enabled |
true |
Enable call hierarchy analysis |
hikaflow.institutionalMemory.enabled |
true |
Enable git history fragility analysis |
hikaflow.sentry.enabled |
true |
Enable Sentry runtime telemetry |
Architecture
src/
├── core/
│ ├── DependencyGraph.ts # Central import/export graph
│ ├── ImpactCalculator.ts # Blast radius and risk levels
│ ├── AnalysisScheduler.ts # Debounced analysis orchestration
│ ├── BusinessCriticalityDetector.ts
│ ├── SemanticAffinityScorer.ts
│ ├── typescript/ # TypeScript Language Service adapter
│ │ ├── TypeScriptLanguageServiceAdapter.ts
│ │ ├── SymbolResolver.ts
│ │ └── CallHierarchyResolver.ts
│ ├── callgraph/ # Call graph analysis
│ │ ├── CallGraphBuilder.ts
│ │ ├── CallGraphWatcher.ts
│ │ └── CrossFileChainTracker.ts
│ ├── signals/ # Signal confidence system
│ │ ├── SignalGateway.ts
│ │ └── SignalExplainer.ts
│ ├── privacy/ # Privacy gate system
│ │ ├── PrivacyGate.ts
│ │ ├── ContentSanitizer.ts
│ │ └── AuditLog.ts
│ ├── calibration/ # Threshold calibration
│ └── IntegrationWiring.ts # Connects all subsystems
├── features/
│ ├── blastRadius/ # Gutter decorations
│ ├── breakingChangeGuard/ # API/schema change detection
│ ├── callHierarchy/ # Call hierarchy tree views
│ ├── chatAgent/ # Mastra-based chat agent
│ ├── checkReadiness/ # Commit readiness analysis
│ │ └── frameworkProfiles/ # Framework-specific profiles
│ ├── ciExport/ # CI/CD report generation
│ ├── codeActionAutomation/ # Smart fix suggestions
│ ├── confidenceScore/ # Confidence aggregation
│ ├── contextHud/ # CodeLens context display
│ ├── fixSafely/ # Build Agent (AI-assisted fixes)
│ ├── institutionalMemory/ # Git history fragility
│ ├── intelligenceHub/ # Circular deps, unused exports, health
│ ├── llmIntelligence/ # Verdict synthesis, risk intelligence
│ ├── preCommitSummary/ # Change summary webview
│ ├── refactorPropagation/ # Refactor detection and propagation
│ ├── refactoringWorkflow/ # Multi-step refactoring workflows
│ ├── regressionRisk/ # Regression risk detector
│ ├── runtimeTelemetry/ # Sentry integration
│ ├── shadowValidation/ # Background test validation
│ ├── smartTesting/ # Test impact analysis
│ ├── taskPrioritization/ # Hotspot and priority analysis
│ ├── testGapAnalysis/ # Coverage gap detection
│ ├── trustModes/ # Strict/balanced/quiet modes
│ ├── unifiedCodeLens/ # Verdict CodeLens
│ ├── unifiedSidebar/ # Simplified sidebar
│ └── unifiedStatusBar/ # Consolidated status bar
├── commands/ # Command registrations
├── services/ # Auth, API, Git, Cache
├── workers/ # Background worker isolation
└── views/ # UI components
Data Flow: File Edit -> AnalysisScheduler -> DependencyGraph -> ImpactCalculator -> Signal Wrapper -> SignalGateway -> UI
Development
# Install dependencies
npm install
cd webview-ui && npm install && cd ..
# Build extension + webview
npm run build
# Watch mode (extension + webview)
npm run dev
# Run tests
npm test
# Package extension
npm run package
Testing
# Unit tests (Vitest)
npm test
# Watch mode
npm run test:watch
# Coverage
npm run test:coverage
# Golden snapshot tests
npm run test:golden
License
MIT
