docs: add backlog item 84 — call-count annotations on sequence diagram arrows

docs/roadmap/BACKLOG.md

@@ -67,6 +67,7 @@ These features leverage the `ast_nodes` table that already exists and is populat
 | 42 | AST density in triage risk scoring | Factor AST node density into `triage.js` risk scoring — a function with 15 `await` calls and 3 `throw` statements is objectively riskier than pure synchronous logic. Add `asyncDensity` and `throwCount` as scoring dimensions alongside fan-in, complexity, and churn. | Intelligence | Triage produces more accurate risk rankings; agents prioritize genuinely risky functions over merely complex ones | ✓ | ✓ | 4 | No | — |
 | 43 | Dead code detection via `new` cross-reference | Cross-reference `ast_nodes` `new ClassName()` calls against `nodes` table to find classes that are defined but never instantiated. Extend to string literals matching route patterns or config keys for unused-route / unused-config detection. | Analysis | Catches dead classes that the current role-based dead code detection misses (a class can have zero call edges but still be instantiated via `new`) | ✓ | ✓ | 4 | No | — |
 | 44 | Migration/refactoring pattern queries | Higher-level queries built on `ast_nodes`: "find all `new Promise()` that could be async/await", "find all `throw` of raw strings instead of Error objects", "find all regex patterns" for regex-to-library migration. Expose as `ast` subcommands or `check` predicates. | Refactoring | Agents can identify modernization opportunities and anti-patterns in one query instead of grep + manual classification | ✓ | ✓ | 3 | No | — |
+| 85 | Hot-path expensive-initialization detection | Cross-reference `ast_nodes` call expressions (e.g. `db.prepare(...)`, `new RegExp(...)`, `JSON.parse(...)`, `fs.readFileSync(...)`) with graph fan-in to flag functions that compile/allocate expensive objects on every invocation. A function containing `db.prepare()` with fan-in > N is almost certainly a performance bug — the statement should be prepared once and cached. Query: find `call` AST nodes matching a configurable pattern list inside functions whose `fan_in` exceeds a threshold; surface as a `check` predicate (`--no-hot-path-alloc`) and in `triage` risk scoring. The pattern list should be user-configurable via `.codegraphrc.json` `check.hotPathPatterns` so it works beyond SQLite (Redis clients, HTTP agents, compiled regexes). | Performance | Catches a class of performance regression that no complexity metric surfaces — a function can have low cyclomatic complexity and still be a hot allocation source. Directly prevents the "missed blast radius" problem: changing a helper that was accidentally called N×/request has outsized perf impact invisible to call-graph analysis alone | ✓ | ✓ | 4 | No | — |
 
 ### Tier 1c — CFG leverage (build on existing `cfg_blocks`/`cfg_edges` tables)
 
@@ -134,6 +135,7 @@ Six commands already produce Mermaid/DOT output: `export`, `diff-impact -f merma
 | 68 | Symbol-level messages in `sequence` | Use 60's `edge_symbols` data to label sequence diagram messages with the specific exports being called between participants. | Visualization | Sequence diagrams show which symbols drive each file-to-file interaction | ✓ | ✓ | 3 | No | 60 |
 | 69 | Node annotations in `diff-impact` / `branch-compare` / `communities` | Use 61's annotation formatter to show top exports on file nodes in `diff-impact -f mermaid`, `branch-compare --format mermaid`, and `communities` output. | Visualization | All visual tools show file API surfaces inline, not just in `export` | ✓ | ✓ | 3 | No | 61 |
 | 70 | Drift/risk subgraph labels in `communities` and `triage` | Use 62's semantic label system to annotate `communities` subgraphs with drift status (`**(drifted)**` / `**(cohesive)**`) and add a new `--format mermaid` to `triage` with risk-severity group labels. | Intelligence | Community and triage diagrams communicate structural health directly in the layout | ✓ | ✓ | 3 | No | 62 |
+| 84 | Call-count annotations on `sequence` diagram arrows | `sequence` currently deduplicates caller→callee pairs with `SELECT DISTINCT`, silently hiding multi-site calls. Instead, count how many times each caller→callee pair appears in the edges table and annotate the Mermaid arrow with the count when > 1 (e.g., `CallerFile ->> CalleeFile: fnName (×3)`). Requires grouping by `(source_id, target_id)` and emitting the count alongside the edge. | Visualization | Sequence diagrams reveal call intensity — a file calling another 8 times is architecturally different from one that calls it once; agents and reviewers can immediately spot hot paths and coupling strength | ✓ | ✓ | 3 | No | — |
 
 ### Tier 1h — Core accuracy improvements (resolve known analysis gaps)