Complete remaining tasks: CI fix, dep bumps, PNG export, repo cleanup

[dfrostar]

Summary

A consolidated pass over outstanding maintenance items. Four independent, low-risk changes:

• fix(ci) — docker-publish.yml now sets the version tag on workflow_dispatch runs. type=ref,event=tag only fired on push:tag, so manually dispatched builds produced an image with only :latest and no vX.Y.Z. Switched to type=raw,value=${RELEASE_TAG}, which resolves for both triggers. (Supersedes the standalone fix in fix(ci): docker-publish version tag missing on workflow_dispatch #140.)
• chore(deps) — consolidates the four open dependabot pins in requirements-pinned.txt: black 26.5.0, ruff 0.15.13, mypy 2.1.0, tiktoken 0.13.0.
• feat(graph-view) — adds an "Export PNG" sidebar button. The canvas is transparent, so the export composes it onto an opaque --bg fill before toDataURL and downloads as neuralmind-<project>-<timestamp>.png. (Graph-view backlog item from ROADMAP.)
• chore — removes six accidentally-committed CI runner-log directories (Lint, Type Check, Build Package, Test (Python 3.10/3.11/3.12)), each holding a single system.txt of GitHub Actions runner logs.

Test plan

• ruff check . clean and black --check . clean (the blocking CI gates) with the bumped tool versions
• Full pytest suite green (only the expected graphify-fixture / S3-model skips)
• mypy 2.1.0 (major bump) surfaces pre-existing type issues only; the type-check job is continue-on-error: true so it does not gate
• docker-publish.yml validates as YAML
• node --check neuralmind/web/app.js passes; PNG export logic verified against canvas DPR/transparency handling (no browser test harness available)

https://claude.ai/code/session_01TbVzuy37bW5ENo1VgJT2iA

---

Generated by Claude Code

[github-actions]

NeuralMind self-benchmark

Status: PASS — floor 4×, measured 5.9×.

Phase 1 — Reduction on committed fixture

• Average reduction: 5.9×
• Top-k retrieval hit rate: 71.7%
• Naive baseline: 47,360 tokens (all fixture files concatenated)
• NeuralMind total: 8,149 tokens across 10 queries
• Estimated monthly savings @ 100 queries/day on Claude 3.5 Sonnet: ~$35.30

#	Query	Shape	Naive	NeuralMind	Ratio	Hit
1	auth-flow	cross-file	4,736	815	5.8×	33.3%
2	api-endpoints	focused	4,736	809	5.9×	100.0%
3	billing-flow	cross-file	4,736	846	5.6×	33.3%
4	user-storage	cross-file	4,736	672	7.0×	50.0%
5	jwt-verify	focused	4,736	681	7.0×	100.0%
6	stripe-webhook	focused	4,736	838	5.7×	100.0%
7	create-user	cross-file	4,736	794	6.0×	50.0%
8	refund	focused	4,736	827	5.7×	100.0%
9	db-choice	identity	4,736	899	5.3×	100.0%
10	invoice-send	cross-file	4,736	968	4.9×	50.0%

Phase 2 — Learning uplift

• Memory events logged: 20
• Learned patterns: 20
• Reduction ratio after neuralmind learn: 5.9× (Δ +0.00× vs. cold)
• Top-k hit rate after learning: 71.7% (Δ +0.0 points vs. cold)

Note: uplift numbers on a 500-line fixture are intentionally modest — the point is to
verify the learning mechanism persists and applies. On real production repos the lift
is larger; this test only catches regressions in persistence.

Assumptions

• Baseline: every .py file in tests/fixtures/sample_project/ concatenated.
• Tokenizer: tiktoken GPT-4o encoding (per-model breakdown in multi_model.json if generated).
• Pricing: Claude 3.5 Sonnet input @ $3.0/MTok.
• Regression floor: 4× — well below NeuralMind's typical 40–70× on real repos.

Per-model token reduction

Model	Tokenizer	Naive	NeuralMind	Ratio	Source
GPT-4o / GPT-4o-mini	tiktoken o200k_base	4,739	927	5.1×	measured
GPT-4 / GPT-3.5-turbo	tiktoken cl100k_base	4,710	918	5.1×	measured
Claude 3.5 Sonnet	estimated: GPT-4o × 1.08 — install anthropic for an exact count	5,118	1,001	5.1×	estimated
Llama 3 (70B)	estimated: GPT-4o × 1.22 — Llama tokenizer requires model weights; estimate based on published vocab ratios	5,781	1,130	5.1×	estimated

Rows marked measured use the provider's real tokenizer. Rows marked
estimated apply a published vocab-size correction to the GPT-4o count —
honest approximations, not hardcoded claims.

---

Automated by .github/workflows/ci-benchmark.yml — regenerate locally with python -m tests.benchmark.run.

[Copilot]

Pull request overview

This PR bundles several maintenance and small feature updates: fixing GHCR Docker tagging for manual workflow dispatches, bumping pinned dev tooling versions, adding a PNG export action to the web graph view, and removing accidentally committed CI runner log artifacts.

Changes:

• Fix GHCR Docker publish workflow so workflow_dispatch runs produce a version tag (not just :latest).
• Bump pinned tool/dependency versions in requirements-pinned.txt (black/ruff/mypy/tiktoken).
• Add “Export PNG” button and client-side export logic in the graph-view UI; remove committed CI log directories’ system.txt files.

Reviewed changes

Copilot reviewed 10 out of 10 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
.github/workflows/docker-publish.yml	Adjusts docker/metadata-action tagging so version tags are generated for both tag pushes and manual dispatch runs.
requirements-pinned.txt	Updates pinned versions for formatter/linter/type-checker and tiktoken for reproducible installs.
neuralmind/web/index.html	Adds an “Export PNG” button to the graph-view sidebar UI.
neuralmind/web/app.js	Implements PNG export by compositing the transparent canvas onto an opaque background and triggering a download.
Lint/system.txt	Removes accidentally committed GitHub Actions runner log output.
Type Check/system.txt	Removes accidentally committed GitHub Actions runner log output.
Build Package/system.txt	Removes accidentally committed GitHub Actions runner log output.
Test (Python 3.10)/system.txt	Removes accidentally committed GitHub Actions runner log output.
Test (Python 3.11)/system.txt	Removes accidentally committed GitHub Actions runner log output.
Test (Python 3.12)/system.txt	Removes accidentally committed GitHub Actions runner log output.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.