npm - @flow-scanner/lightning-flow-scanner-core - Versions diffs - 6.6.1 → 6.6.2 - Mend

@flow-scanner/lightning-flow-scanner-core 6.6.1 → 6.6.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/CONTRIBUTING.md CHANGED Viewed

@@ -2,7 +2,7 @@
 Since 20201, the _Lightning Flow Scanner_ has grown from its roots as VS Code tool to empower Salesforce Developers across six free and open-source platforms—from developer tools to native Salesforce App—delivering a unified experience for robust static analysis of Flows. Our dedicated community has shared their expertise to deepen understanding of Flow optimization. Your support can amplify our impact. Here’s how you can contribute to the [Flow Scanner](https://github.com/Flow-Scanner) project:
-- ⭐ Star your favorite repositories.
+- ⭐ Star or follow the project.
 - 📢 Share our work with your network.
 - 💬 Share feedback to help us improve.
 - 💻 Contribute code by submitting pull requests.
@@ -24,7 +24,7 @@ If it's more specific like a bug or a new feature—use [GitHub Issues](https://
 - [CLI Plugin](https://github.com/Flow-Scanner/lightning-flow-scanner/issues)
 - [Copado Plugin](https://github.com/Flow-Scanner/lightning-flow-scanner-copado/issues)
-- [GitHub Action](https://github.com/Flow-Scanner/lightning-flow-scanner-action/issues)
+- [GitHub Action](https://github.com/Flow-Scanner/lightning-flow-scanner/issues)
 - [Salesforce App](https://github.com/Flow-Scanner/lightning-flow-scanner-app/issues)
 - [VS Code/Code Builder](https://github.com/Flow-Scanner/lightning-flow-scanner-vsx/issues)

package/README.md CHANGED Viewed

@@ -29,14 +29,14 @@
 ## Distributions
-| Distribution                        | Best for                                      | Repository                                                                                   | Install / Use                                                                 |
-|-------------------------------------|-----------------------------------------------|----------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------|
-| **Salesforce CLI Plugin**           | Local development, scratch orgs, CI/CD        | [Flow-Scanner/lightning-flow-scanner](https://github.com/Flow-Scanner/lightning-flow-scanner) | `sf plugins install lightning-flow-scanner`                                   |
-| **VS Code Extension**               | Real-time scanning inside VS Code             | [Flow-Scanner/lightning-flow-scanner-vsx](https://github.com/Flow-Scanner/lightning-flow-scanner-vsx)     | `code --install-extension ForceConfigControl.lightning-flow-scanner-vsx`                        |
-| **Salesforce App**                  | Run scans directly inside any Salesforce org  | [Flow-Scanner/lightning-flow-scanner-app](https://github.com/Flow-Scanner/lightning-flow-scanner-app)     |  <a href="https://login.salesforce.com/packaging/installPackage.apexp?p0=04tgK0000007M73QAE"><img alt="Install Managed Package" src="https://raw.githubusercontent.com/afawcett/githubsfdeploy/master/deploy.png"></a>                 |
-| **GitHub Action**                   | Native PR checks                              | [Flow-Scanner/lightning-flow-scanner-action](https://github.com/Flow-Scanner/lightning-flow-scanner-action) | [GitHub Marketplace](https://github.com/marketplace/actions/run-flow-scanner)                        |
-| **Copado Plugin**                   | Copado CI/CD pipelines                        | [Flow-Scanner/lightning-flow-scanner-copado](https://github.com/Flow-Scanner/lightning-flow-scanner-copado) | [Copado Marketplace](https://success.copado.com/s/listing-detail?language=en_US&recordId=a54P7000003G3gBIAS)                                               |
-| **Core Library** (Node.js + Browser)| Custom tools, scripts, extensions, web apps   | [Flow-Scanner/lightning-flow-scanner](https://github.com/Flow-Scanner/lightning-flow-scanner) | `npm install @flow-scanner/lightning-flow-scanner-core`                        |
+| Distribution                                      | Best for                                      | Install / Use                                                                                           |
+|----------------------------------------------------------------|-----------------------------------------------|---------------------------------------------------------------------------------------------------------|
+| **[Salesforce CLI Plugin](https://github.com/Flow-Scanner/lightning-flow-scanner/blob/main/packages/cli/README.md)** | Local development, scratch orgs, CI/CD        | `sf plugins install lightning-flow-scanner`                                                             |
+| **[VS Code Extension](https://github.com/Flow-Scanner/lightning-flow-scanner-vsx)** | Real-time scanning inside VS Code             | `code --install-extension ForceConfigControl.lightning-flow-scanner-vsx`                               |
+| **[Salesforce App (Managed Package)](https://github.com/Flow-Scanner/lightning-flow-scanner-app)** | Run scans directly inside a Salesforce org  | `sf package install --package 04tgK0000007M73QAE` |
+| **[GitHub Action](https://github.com/Flow-Scanner/lightning-flow-scanner/blob/main/packages/action/README.md)** | Native PR checks                              | [GitHub Marketplace](https://github.com/marketplace/actions/run-flow-scanner)                           |
+| **[Copado Plugin](https://github.com/Flow-Scanner/lightning-flow-scanner-copado)** | Copado CI/CD pipelines                        | [Copado Marketplace](https://success.copado.com/s/listing-detail?language=en_US&recordId=a54P7000003G3gBIAS) |
+| **[Core Library](https://github.com/Flow-Scanner/lightning-flow-scanner/tree/main/packages/core)** (Node.js + Browser) | Custom tools, scripts, extensions, web apps   | `npm install @flow-scanner/lightning-flow-scanner-core`                                                 |
 **Privacy:** Zero user data collected. All processing is client-side. → See our [Security Policy](https://github.com/Flow-Scanner/lightning-flow-scanner?tab=security-ov-file).
@@ -317,7 +317,20 @@ Ready-to-use CI/CD templates and a **native GitHub Action**.
 | Azure DevOps   | Full Project Scan                 | [`azure-pipelines-flow-FullScan.yml`](https://github.com/Flow-Scanner/lightning-flow-scanner/blob/main/docs/examples/azure-devops/azure-pipelines-flow-FullScan.yml) |
 | Azure DevOps   | Change-Based Scan                 | [`azure-pipelines-flow-changedFiles.yml`](https://github.com/Flow-Scanner/lightning-flow-scanner/blob/main/docs/examples/azure-devops/azure-pipelines-flow-changedFiles.yml) |
 | Copado DevOps | Full & Change-Based Scans       | [CI/CD Plugin](https://github.com/Flow-Scanner/lightning-flow-scanner-copado) |
-| GitHub | Full & Change-Based Scans       | [`scan-flows.yml`](https://github.com/Flow-Scanner/lightning-flow-scanner/blob/main/docs/examples/github-action/scan-flows.yml) |
+GitHub Action Snippet:
+```yaml
+- name: Lightning Flow Scan
+  id: flowscanner
+  uses: Flow-Scanner/lightning-flow-scanner@main
+- name: Upload SARIF to Code Scanning
+  uses: github/codeql-action/upload-sarif@v3
+  with:
+    sarif_file: ${{ steps.flowscanner.outputs.sarifPath }}
+```
+To see the full example, see [`scan-flows.yml`](https://github.com/Flow-Scanner/lightning-flow-scanner/blob/main/docs/examples/github-action/scan-flows.yml).
 ## Quick Start
@@ -348,14 +361,15 @@ parse("flows/*.xml").then(scan).then(exportSarif);
 > This project optionally uses [Volta](https://volta.sh) to guarantee the exact same Node.js and tool versions for every contributor. Install Volta with:
 >
+> MacOs/Linux:
 > ```sh
 > curl https://get.volta.sh | bash
 > ```
->
+> Windows:
 > ```sh
 > winget install Volta.Volta
 > ```
-> Volta will automatically lock the exact versions of **Node.js**, **pnpm**, and all tools defined in `package.json`.
+> Volta will automatically install and lock the tool versions defined in `package.json`.
 1. Clone the repository
@@ -386,10 +400,10 @@ parse("flows/*.xml").then(scan).then(exportSarif);
    pnpm test
    ```
-  Or to test a new version of the core:
-   ```bash
-   pnpm test:core
-   ```
+    Or to test a new version of the core:
+    ```bash
+    pnpm test:core
+    ```
 5. Linking the core module locally(Optional):
@@ -405,11 +419,11 @@ parse("flows/*.xml").then(scan).then(exportSarif);
    node -i -e "import('@flow-scanner/lightning-flow-scanner-core').then(m => { Object.assign(global, m.default ? m.default : m); console.log('✅ Core loaded! Try: await parse(...), scan(...), etc.'); })"
    ```
-   Or test in a dependent project:
+    Or test in a dependent project:
-   ```bash
-   npm link @flow-scanner/lightning-flow-scanner-core
-   ```
+    ```bash
+    npm link @flow-scanner/lightning-flow-scanner-core
+    ```
 6. Deploy Demo Flows (Optional):
@@ -422,7 +436,8 @@ parse("flows/*.xml").then(scan).then(exportSarif);
 7. Create a standalone UMD Module(Optional):
    ```bash
-     pnpm dist // creates UMD at`dist/lightning-flow-scanner-core.umd.js`.
+     pnpm dist
    ```
+   This creates UMD at `dist/lightning-flow-scanner-core.umd.js`.
 <p><strong>Want to help improve Lightning Flow Scanner? See our <a href="https://github.com/Flow-Scanner/lightning-flow-scanner?tab=contributing-ov-file">Contributing Guidelines</a></strong></p>

package/SECURITY.md CHANGED Viewed

@@ -35,3 +35,13 @@ We actively track and maintain an up-to-date inventory of all third-party depend
 | `cosmiconfig`                        | [MIT](https://github.com/davidtheclark/cosmiconfig/blob/main/LICENSE) | Config file loader for JavaScript/Node |
 | `glob`                               | [MIT](https://github.com/isaacs/node-glob/blob/master/LICENSE) | File pattern matching |
 | `lightning-flow-scanner-core`        | [MIT](https://github.com/Flow-Scanner/lightning-flow-scanner-core/blob/main/LICENSE.md) | Salesforce Flow scanning utilities |
+### Action
+| Package                         | License                                                                         | Purpose                                     |
+| ------------------------------- | ------------------------------------------------------------------------------- | ------------------------------------------- |
+| `@actions/core`               | [MIT](https://github.com/actions/toolkit/blob/main/packages/core/LICENSE)          | Toolkit for developing GitHub Actions       |
+| `@actions/github`             | [MIT](https://github.com/actions/toolkit/blob/main/packages/github/LICENSE)        | Interact with the GitHub API in Actions     |
+| `@vercel/ncc`                 | [MIT](https://github.com/vercel/ncc/blob/main/LICENSE)                             | Compile Node.js projects into a single file |
+| `lightning-flow-scanner-core` | [MIT](https://github.com/Flow-Scanner/lightning-flow-scanner-core/blob/main/LICENSE.md) | Core library for scanning Salesforce flows  |
+| `cosmiconfig`                        | [MIT](https://github.com/davidtheclark/cosmiconfig/blob/main/LICENSE) | Config file loader for JavaScript/Node |

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "@flow-scanner/lightning-flow-scanner-core",
   "description": "A lightweight engine for Flow metadata in Node.js, and browser environments. Assess and enhance Salesforce Flow automations for best practices, security, governor limits, and performance issues.",
-  "version": "6.6.1",
+  "version": "6.6.2",
   "main": "index.js",
   "types": "index.d.ts",
   "exports": {