Dextree turns your repository into a navigable semantic graph — inside VS Code. Click a function, see its callers. Open a PR, see what could break. Ask the graph the questions a README can't answer.
what you actually get
Most code intelligence tools index your repo from the outside and hand you a CLI. Dextree lives inside VS Code — fused with diagnostics, git, and tests — so the answers actually mean something. Here's what that buys you.
⚡ blast radius analysis · v0.2
Point at a branch, commit, or PR number. Get a live visualization of every symbol the change touches, how far the impact propagates through the graph, and a scored risk verdict. "Looks fine" stops being a vibe.
dead code & reachability · v0.1
The graph knows which functions nothing calls, which imports nothing uses, and which classes are publicly exported but referenced by zero consumers. Delete with receipts, not anxiety.
explorable graph · v0.1
New hire spends week one reading docs that lie. With Dextree they spend an hour in the graph: click an endpoint, follow the calls, hover the types, see the tests. The codebase explains itself.
MCP server · v0.3
Claude, Cursor, and other MCP-aware agents stop guessing. They query the graph for the exact slice of code they need — callers, dependents, test coverage — instead of grepping the whole repo and burning your token budget.
how it works · two passes
Most semantic indexers make you wait. Dextree gives you a usable graph in under a second from Tree-sitter alone, then quietly upgrades it in the background as LSP resolves types. The graph never stops getting smarter.
vscode.executeReferenceProvider resolves
call edges to the exact target. Types annotate every node. Diagnostics fold into the
graph as quality signals. Edges upgrade in place — no rebuild, no
flicker.
query playground · simulated
DuckPGQ speaks ISO SQL:2023 graph syntax. That means you can ask the questions a flat code search can never answer — and get them back in milliseconds. Click a tab. Hit run. See it work.
how it gets indexed
Three stages, two passes, one DuckDB file. The graph is useful the moment Tree-sitter finishes — Pass 2 LSP enrichment upgrades it in place without ever blocking the UI.
file discovery · glob filters
Workspace folders, respecting .gitignore and skipping
node_modules. Files are queued by language detector and processed
concurrently.
structural extraction
Each file is parsed by a Tree-sitter WASM grammar. Symbols, imports, and lexical call edges land in DuckDB. The graph view opens before the file header is read.
semantic upgrade in place
Pass 2 runs in the background, asking VS Code's LSPs for type-accurate references, inheritance edges, and framework annotations. Edges upgrade silently — no re-render, no spinner.
live on your machine
DuckDB embedded. Zero servers. Zero daemons. No telemetry. The graph lives in a single
file inside your workspace — you can delete it with one rm.
Indexing runs entirely inside VS Code. Nothing is uploaded. Alfred (LLM reports) is off by default and BYOK when on.
opt-in only
The whole graph — symbols, edges, quality signals — lives in
.dextree/graph.duckdb. Diff it in git. Delete it to reset.
Not anonymized, not aggregated — just none. We don't ship analytics SDKs. Crash reports go to your VS Code output channel.
zero pingsFirst index, every navigation, every export — all local. Marketplace install needs the network once. After that, airplane mode is fine.
first install onlyroadmap · what ships when
Each version unlocks a tier of capability. Each slice underneath is a discrete, mergeable PR that ships from a spec. No vapor. No "AI will figure it out." Just the next rung, then the one after that.
Each rung = one PR-sized spec. Climb one at a time. The graph compiles knowledge as we ascend.
alfred · the opt-in LLM layer
Alfred isn't a chatbot bolted onto a sidebar. It's a prompt runner that templates over graph queries — every report is just markdown + a SQL/PGQ context block. BYOK, local models welcome, opt-in, nothing leaves your machine by default.
the wall of honest
Most pre-alpha tools hide their flaws. We put them on the homepage. If you can see the bugs, you know exactly what you're signing up for — and you can decide whether to wait or to help.
0 of 17 changesets had approving review before merge — solo committer, no CODEOWNERS file, no PR-review enforcement. Single largest item dragging the Scorecard from 6→8.
All top-level write permissions narrowed to job-level with inline justification
comments:
auto-merge-dependabot, codeql,
release,
sbom. Remaining
job-level writes (osv-scanner SARIF, pre-release draft) are documented as
legitimate. Score updates on next scheduled scan.
Scorecard flags
GHSA-67mh-4wv8-2f99
and
GHSA-4w7w-66w2-5vf9. Dependabot is on; tracked for the next batch update.
The exporters package's own files are at 100%, but vitest's
coverage.include
scans the whole monorepo, producing a misleading "2.42% statements" headline that
fails the per-package
--coverage
threshold. Headline number is wrong; real coverage is fine.
Scorecard 5/10 on Branch-Protection. CODEOWNERS file exists; the remaining gaps are GitHub Settings → Branches toggles: "Require review from Code Owners", "Include administrators", "Require approval of the most recent push", and raising the required-approvers count above 1. Out-of-band fix (UI, not code).
Every
CALLS
edge carries a confidence tier. The always-on heuristic tier resolves by scope +
name; clicking a node upgrades its callers/callees to compiler-grade
precise edges via your installed language server. Whole-graph precise
resolution (overloads, dynamic dispatch) is the remaining S8 work.
A single generic engine reads tree-sitter
tags.scm +
per-language config — adding a language is data, not code. Ships for TypeScript,
JavaScript, TSX, JSX, Python, Go, Java, Ruby, Rust, C, C++, C#, PHP, Elixir, and
Scala.
Would unlock "what changed structurally between v1 and v2." Planned for the git fusion slice (S10) + the blast radius slice (S11).
Scorecard: Fuzzing 0/10, CII-Best-Practices 0/10, SAST 7/10 (CodeQL configured but only 0/29 commits scanned). All low-priority gaps the score reflects.
vs. the field
Every code-graph tool makes trade-offs. Headless engines scale; editor-native tools fuse. Dextree picks editor-native, on purpose. Here's the honest matrix — including the rows where we lose.
| capability | dextree | GitNexus | codegraph | CodeIndexer | Code Pathfinder | Aider RepoMap |
|---|---|---|---|---|---|---|
| runs inside VS Code | native | external | CLI | webview only | CLI | CLI / editor agent |
| graph storage | DuckDB + DuckPGQ | Neo4j | Neo4j | in-memory | in-memory | flat map |
| graph query language | SQL/PGQ (ISO) | Cypher | Cypher | none | custom DSL | none |
| LSP fusion (real types) | precise-on-select · whole-graph v0.3 | no | no | no | no | tree-sitter only |
| live diagnostics overlay | planned (v0.3) | no | no | no | no | no |
| git history fusion | planned (v0.3) | commit graph | no | no | no | no |
| ⚡ blast radius / PR risk | planned (v0.3) | manual cypher | manual | no | no | no |
| dead code detection | graph-native | via query | via query | no | built-in | no |
| WebGL graph render | Sigma.js | D3 | D3 | DOM | none | none |
| MCP server for agents | yes (v0.3) | no | no | no | no | implicit (Aider) |
| exports (Mermaid/PDF/SVG/Canvas) | all five (v0.3) | PNG only | PNG only | no | no | no |
| opt-in LLM reports (BYOK) | Alfred (v0.4) | no | no | no | no | core feature |
| raw indexing speed (1M LOC) | ~slower (pass 1 fast, pass 2 lazy) | fast | very fast | untested | fast | fast |
| language coverage | 15 languages | 20+ languages | 15+ | JS/TS | 10+ | 20+ |
| maturity | pre-alpha | stable | stable | alpha | stable | stable |
Read the bottom rows. Dextree is slower at raw indexing, supports fewer languages, and is pre-alpha — those losses are real and intentional. The bet is that editor-native + LSP fusion + spec-driven build compounds over time in ways headless tools structurally can't.
built in the open
Dextree ships in slices, in public, from specs. The fastest way to shape it is to use it, file the issue you wish you hadn't found, or send the PR you wish someone else had sent.
— end of page —