Skip to main content
ArcSight

Trust page

Why trust ArcSight?

ArcSight passes when it proves impact — and passes when it refuses without proof. Refusal is a feature, not a failure. Outcomes, incomplete runs, and evidence links are published.

Trust path: Homepage → Validation → Repositories → 2026 report → Install · Architecture patterns

Why trust ArcSight

Verdict: ArcSight passes when it proves impact — and passes when it refuses without proof.

Repos tested
14
Strong outcomes
6
Incomplete
7
False reports
0
TTFC median
< 3 min

Refusal-first proof

When structural evidence is incomplete, ArcSight stops — no synthetic confidence scores. That boundary is what makes merge recommendations trustworthy.

VS Code

0 dependency graph

Refused architectural conclusions. No fake confidence.

Homepage trust comparison →

14 repositories tested

ArcSight produced impact analysis when evidence existed. ArcSight refused when evidence was incomplete.

  • Payload

    Strong

    src/types fan-in 225

    Focused investigation on the true platform contract.

  • Directus

    Strong

    100-node cycle cluster

    Reduced 231 findings into 3 architectural themes.

  • Nx

    Strong

    Workspace-level blast radius

    Prevented a risky platform change before merge.

  • VS Code

    Refused

    0 dependency graph

    Refused architectural conclusions. No fake confidence.

10 additional repositories documented in the full record — same refusal-first criteria.

Trust & failure modes

Failure-Mode Testing

Verified

Incomplete evidence paths terminate with Analysis incomplete — no synthetic confidence scores.

Outcome: Refusal emits Reason, Evidence, Recommendation — never a invented risk score.

  • CLI: arc impact PaymentGateway → ANALYSIS INCOMPLETE · Evidence: Insufficient
  • Homepage: live hero demo + static trust comparison reproduce the same schema
  • Proof section: refused tab matches hero refused output field-for-field

Reviewed for false confidence

External

Evidence thresholds and refusal rules reviewed against production merge workflows.

Outcome: Complete analysis requires structural coverage; insufficient evidence always stops — no confidence inflation.

  • Structural coverage verified → Complete evidence, merge decision supported
  • Dynamic runtime dependency → refused with explicit evidence gap
  • No percentage scores, ETAs, or synthetic confidence on incomplete paths

Coverage matrix

Validated against failure modes

Documented

CLI commands and structural signals documented per release. impact, scan, and refusal paths are listed in the CLI reference.

Outcome: Command surface and structural signals are versioned — impact, refusal, and scan paths traceable per release.

  • impact — change blast radius, what breaks, evidence, refusal
  • scan / analyze — architecture score, cycles, hotspots
  • watch — continuous detect; fix/finish for remediation workflows

First-time user validation

Median time to first insight

Measured

Median install-to-first arc impact result under 3 minutes on a standard TypeScript monorepo (Node 18+, npm global install, no upload).

Outcome: Install → first meaningful arc impact output in under 3 minutes (median, internal runs).

  • 1. npm install -g arcsight
  • 2. cd representative TypeScript monorepo
  • 3. arc impact src/api/UserController.ts
  • Environment: Node 18+, global install, local only — no source upload

Merge vs. hold simulation

Tested on real repositories

Verified

Structured merge vs. hold scenarios run against real codebases. Engineers record decisions before and after arc impact output.

Outcome: Pre-output hold/merge intent recorded; post-output decision aligns with blast radius and break paths.

  • Scenario: change src/api/UserController.ts on a TypeScript monorepo
  • Pre-output: engineer states merge vs. hold without seeing ArcSight fields
  • Post-output: HIGH risk · 12 modules · 3 break paths — decision updated or confirmed

What ArcSight got wrong

7 of 14 runs ended incomplete — evidence gaps, not false architectural reports. 0 false reports after graph gating.

Incomplete means: ArcSight refused or stopped short of a merge recommendation when structural coverage was insufficient. That is the intended trust boundary — not a silent wrong answer.

Methodology

Each procedure links to the artifact used during v1 validation. Homepage stages reproduce the same schemas for live demo and frozen proof.

  1. 01 · Tested on real repositories · Verified
  2. 02 · Validated against failure modes · Documented
  3. 03 · Failure-Mode Testing · Verified
  4. 04 · Reviewed for false confidence · External
  5. 05 · Median time to first insight · Measured

State of TypeScript Architecture 2026 →Next.js repository proof →Install ArcSight →← Back to homepage