Dependency Graphs
Understanding module dependencies helps identify coupling hotspots, circular dependencies, and the impact radius of changes. The diagrams below show the key dependency chains in the backend.
Backend Module Dependenciesβ
The backend entry point (index.ts) bootstraps Express and loads 41 route files. The heaviest dependency chains flow through the AppSec routes into the pentestCoordinator, which orchestrates all scanning activity.
Dependency hotspots:
| Module | Size | Why It Matters |
|---|---|---|
pentestCoordinator | 12,049 lines | Orchestrates all 6 scan phases; changes here affect every scan |
findingValidator | 142KB | All FP heuristics (H1-H16) live here; high churn during tuning |
intelligentDiscovery | 135KB | Phase 1 endpoint discovery; affects what gets scanned |
targetProfiler | 119KB | Phase 2 auth/session profiling; auth bugs cascade everywhere |
aggregation.service.ts | ~2,936 lines | All KPI/trend logic for dashboards; changes require extreme care |
Scanner Agent Dependency Treeβ
All 56 scanner agents inherit from a common baseAttackAgent class. Agents are grouped by vulnerability category and share utility modules for HTTP requests, payload generation, and evidence collection.
Dependency Analysisβ
What to Watch Forβ
- Circular dependencies -- modules that depend on each other create fragile coupling. Run Skott locally to detect these.
- Orphan files -- files not imported by anything may be dead code candidates.
- High fan-in modules -- modules imported by many others (like
baseAttackAgent) are high-impact change targets. - Deep dependency chains -- long import chains increase the blast radius of changes.
Interactive Explorationβ
For interactive dependency exploration, run Skott locally with its web UI:
cd backend
npx skott src/index.ts --displayMode=webapp --showCircularDependencies
This opens a browser-based dependency explorer where you can click through the import graph, filter by module, and identify circular dependencies visually.