@flow-scanner/lightning-flow-scanner-core 6.1.5 → 6.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/README.md +2 -2
  2. package/SECURITY.md +4 -3
  3. package/main/libs/FixFlows.js +30 -33
  4. package/package.json +1 -1
package/README.md CHANGED
@@ -289,9 +289,9 @@ _Get SARIF output including exact line numbers of violations._
289
289
 
290
290
  ## Installation
291
291
 
292
- `lightning-flow-scanner-core` is published to **npm** only.
292
+ `lightning-flow-scanner-core` is [scanned with Snyk](https://github.com/Flow-Scanner/lightning-flow-scanner-core?tab=security-ov-file) prior to publication on **npm**.
293
293
 
294
- [![npm version](https://img.shields.io/npm/v/@flow-scanner/lightning-flow-scanner-core?label=npm)](https://www.npmjs.com/package/@flow-scanner/lightning-flow-scanner-core)
294
+ [![npm version](https://img.shields.io/npm/v/@flow-scanner/lightning-flow-scanner-core?label=npm)](https://www.npmjs.com/package/@flow-scanner/lightning-flow-scanner-core) [![Known Vulnerabilities](https://snyk.io/test/github/Flow-Scanner/lightning-flow-scanner-core/badge.svg)](https://snyk.io/test/github/Flow-Scanner/lightning-flow-scanner-core)
295
295
 
296
296
  **To install with npm:**
297
297
 
package/SECURITY.md CHANGED
@@ -3,9 +3,10 @@
3
3
  ## Security Practices
4
4
 
5
5
  - Code is open-source and peer-reviewed by the community.
6
- - Vulnerabilities can be reported privately via GitHub security features.
7
- - Changes to the repository are scanned and reviewed before merging.
8
- - Tokenless Publishing with scoped npm packages and releases via GitHub Actions Trusted Publishing (OIDC).
6
+ - Vulnerabilities can be reported privately via [GitHub security reporting](https://github.com/Flow-Scanner/lightning-flow-scanner-core/security).
7
+ - All changes are **scanned with Snyk** and reviewed before merging.
8
+ - Releases are published to npm using **GitHub Actions Trusted Publishing (OIDC)**.
9
+ - Tags (`v*`) trigger automated `npm publish`, providing a full audit trail.
9
10
 
10
11
  ## Reporting a Vulnerability
11
12
 
package/main/libs/FixFlows.js CHANGED
@@ -16,8 +16,8 @@ _export(exports, {
16
16
  return fix;
17
17
  }
18
18
  });
19
- const _BuildFlow = require("./BuildFlow");
20
19
  const _internals = /*#__PURE__*/ _interop_require_wildcard(require("../internals/internals"));
20
+ const _BuildFlow = require("./BuildFlow");
21
21
  function _getRequireWildcardCache(nodeInterop) {
22
22
  if (typeof WeakMap !== "function") return null;
23
23
  var cacheBabelInterop = new WeakMap();
@@ -62,49 +62,46 @@ function _interop_require_wildcard(obj, nodeInterop) {
62
62
  function fix(results) {
63
63
  const newResults = [];
64
64
  for (const result of results){
65
- if (result.ruleResults && result.ruleResults.length > 0) {
66
- const fixables = result.ruleResults.filter((r)=>r.ruleName === "UnusedVariable" && r.occurs || r.ruleName === "UnconnectedElement" && r.occurs // TODO: this should be rule.occurs && rule.ruleDefinition.fixable
67
- );
68
- if ((fixables === null || fixables === void 0 ? void 0 : fixables.length) > 0) {
69
- const newFlow = FixFlows(result.flow, fixables);
70
- result.flow = newFlow;
71
- newResults.push(result);
72
- }
65
+ if (!result.ruleResults || result.ruleResults.length === 0) continue;
66
+ const fixables = result.ruleResults.filter((r)=>r.ruleName === "UnusedVariable" && r.occurs || r.ruleName === "UnconnectedElement" && r.occurs);
67
+ if (fixables.length === 0) continue;
68
+ const newFlow = FixFlows(result.flow, fixables);
69
+ const hasRemainingElements = newFlow.elements && newFlow.elements.length > 0;
70
+ if (hasRemainingElements) {
71
+ result.flow = newFlow;
72
+ newResults.push(result);
73
73
  }
74
74
  }
75
75
  return newResults;
76
76
  }
77
77
  function FixFlows(flow, ruleResults) {
78
- var _flow_elements;
79
- // TODO: this should be defined on the rule
78
+ var _unusedVariableRes_details, _unconnectedElementsRes_details, _flow_elements;
80
79
  const unusedVariableRes = ruleResults.find((r)=>r.ruleName === "UnusedVariable");
81
- const unusedVariableReferences = unusedVariableRes && unusedVariableRes.details && unusedVariableRes.details.length > 0 ? unusedVariableRes.details.map((d)=>d.name) : [];
80
+ var _unusedVariableRes_details_map;
81
+ const unusedVariableNames = new Set((_unusedVariableRes_details_map = unusedVariableRes === null || unusedVariableRes === void 0 ? void 0 : (_unusedVariableRes_details = unusedVariableRes.details) === null || _unusedVariableRes_details === void 0 ? void 0 : _unusedVariableRes_details.map((d)=>d.name)) !== null && _unusedVariableRes_details_map !== void 0 ? _unusedVariableRes_details_map : []);
82
82
  const unconnectedElementsRes = ruleResults.find((r)=>r.ruleName === "UnconnectedElement");
83
- const unconnectedElementsReferences = unconnectedElementsRes && unconnectedElementsRes.details && unconnectedElementsRes.details.length > 0 ? unconnectedElementsRes.details.map((d)=>d.name) : [];
84
- const nodesToBuild = (_flow_elements = flow.elements) === null || _flow_elements === void 0 ? void 0 : _flow_elements.filter((node)=>{
83
+ var _unconnectedElementsRes_details_map;
84
+ const unconnectedElementNames = new Set((_unconnectedElementsRes_details_map = unconnectedElementsRes === null || unconnectedElementsRes === void 0 ? void 0 : (_unconnectedElementsRes_details = unconnectedElementsRes.details) === null || _unconnectedElementsRes_details === void 0 ? void 0 : _unconnectedElementsRes_details.map((d)=>d.name)) !== null && _unconnectedElementsRes_details_map !== void 0 ? _unconnectedElementsRes_details_map : []);
85
+ var _flow_elements_filter;
86
+ const nodesToKeep = (_flow_elements_filter = (_flow_elements = flow.elements) === null || _flow_elements === void 0 ? void 0 : _flow_elements.filter((node)=>{
85
87
  switch(node.metaType){
86
- case "variable":
87
- {
88
- const nodeVar = node;
89
- if (!unusedVariableReferences.includes(nodeVar.name)) {
90
- return node;
91
- }
92
- break;
93
- }
88
+ case "metadata":
89
+ case "resource":
90
+ return true;
94
91
  case "node":
95
92
  {
96
93
  const nodeElement = node;
97
- if (!unconnectedElementsReferences.includes(nodeElement.name)) {
98
- return node;
99
- }
100
- break;
94
+ return !unconnectedElementNames.has(nodeElement.name);
101
95
  }
102
- case "metadata":
103
- case "resource":
104
- return node;
96
+ case "variable":
97
+ {
98
+ const nodeVar = node;
99
+ return !unusedVariableNames.has(nodeVar.name);
100
+ }
101
+ default:
102
+ return false;
105
103
  }
106
- });
107
- const xmldata = (0, _BuildFlow.BuildFlow)(nodesToBuild);
108
- const newFlow = new _internals.Flow(flow.fsPath, xmldata);
109
- return newFlow;
104
+ })) !== null && _flow_elements_filter !== void 0 ? _flow_elements_filter : [];
105
+ const xmldata = (0, _BuildFlow.BuildFlow)(nodesToKeep);
106
+ return new _internals.Flow(flow.fsPath, xmldata);
110
107
  }
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@flow-scanner/lightning-flow-scanner-core",
3
3
  "description": "A lightweight, purpose-built engine for parsing and analyzing Salesforce Flow metadata in Node.js or browser environments. Scan, validate, and optimize Flow automations for security risks, best practices, governor limits, and performance bottlenecks.",
4
- "version": "6.1.5",
4
+ "version": "6.2.0",
5
5
  "main": "index.js",
6
6
  "types": "index.d.ts",
7
7
  "engines": {