@pikku/inspector 0.12.14 → 0.12.16

package/src/utils/check-pii-output.ts

@@ -1,16 +1,22 @@
 import * as ts from 'typescript'
 
+export type ClassifiedField = {
+  path: string
+  classification: 'private' | 'pii' | 'secret' | string
+}
+
 /**
  * Recursively walks a resolved TypeScript type looking for `__classification__` brands —
- * the structural marker emitted by `Private<T>` and `Secret<T>`.
+ * the structural marker emitted by `Private<T>`, `Pii<T>`, and `Secret<T>`.
  *
  * `Private<T> = T & { readonly __classification__: 'private' }` shows up in the TS type
  * system as an intersection whose constituents include a type with a `__classification__`
  * property.  We detect that by checking whether any constituent of an
  * intersection exposes a property named `__classification__`.
  *
- * Returns the list of dotted field paths where a brand was found
- * (e.g. `['email', 'address.phone']`).  An empty array means clean.
+ * Returns the list of classified fields found, each with its dotted path and
+ * classification level (e.g. `[{ path: 'email', classification: 'private' }]`).
+ * An empty array means clean.
  */
 export function findPiiPaths(
   checker: ts.TypeChecker,
@@ -18,23 +24,33 @@ export function findPiiPaths(
   path = '',
   depth = 0,
   seen = new Set<ts.Type>()
-): string[] {
+): ClassifiedField[] {
   if (depth > 8 || seen.has(type)) return []
   seen.add(type)
 
   // ── Is this type itself branded? ─────────────────────────────────────────
   // Private<T> = T & { readonly __classification__: 'private' }  →  isIntersection()
-  // where one constituent has a `__classification__` property.
+  // where one constituent has a `__classification__` property whose type is a string literal.
   if (type.isIntersection()) {
-    const branded = type.types.some((t) =>
-      t.getProperties().some((p) => p.name === '__classification__')
-    )
-    if (branded) {
-      return [path || '<return value>']
+    for (const t of type.types) {
+      const classificationProp = t
+        .getProperties()
+        .find((p) => p.name === '__classification__')
+      if (classificationProp) {
+        const decl =
+          classificationProp.valueDeclaration ??
+          classificationProp.declarations?.[0]
+        const classification = decl
+          ? ((
+              checker.getTypeOfSymbolAtLocation(classificationProp, decl) as any
+            )?.value ?? 'private')
+          : 'private'
+        return [{ path: path || '<return value>', classification }]
+      }
     }
   }
 
-  const violations: string[] = []
+  const violations: ClassifiedField[] = []
 
   // ── Union: check every branch ─────────────────────────────────────────────
   if (type.isUnion()) {

package/src/utils/ensure-function-metadata.ts

@@ -280,7 +280,9 @@ export function ensureFunctionMetadata(
           const { tags } = getCommonWireMetaData(
             firstArg,
             'Function',
-            fallbackName || pikkuFuncId
+            fallbackName || pikkuFuncId,
+            undefined,
+            checker
           )
           if (tags) {
             meta.tags = tags

package/src/utils/extract-node-value.test.ts

@@ -46,18 +46,20 @@ describe('extractDescription', () => {
     assert.equal(extractDescription(obj, checker), 'my step')
   })
 
-  test('returns null for non-literal description value without crashing', () => {
+  test('extracts concatenated string literals in description', () => {
     const { checker, sourceFile } = createChecker(
-      `const name = 'test'; const data = { description: name + ' addon' }`
+      `const data = { description: 'line one ' + 'line two' }`
     )
-    const objs: ts.ObjectLiteralExpression[] = []
-    const visit = (node: ts.Node) => {
-      if (ts.isObjectLiteralExpression(node)) objs.push(node)
-      ts.forEachChild(node, visit)
-    }
-    ts.forEachChild(sourceFile, visit)
-    const dataObj = objs[objs.length - 1]!
-    assert.equal(extractDescription(dataObj, checker), null)
+    const obj = findObjectLiteral(sourceFile)!
+    assert.equal(extractDescription(obj, checker), 'line one line two')
+  })
+
+  test('extracts deeply nested concatenation in description', () => {
+    const { checker, sourceFile } = createChecker(
+      `const data = { description: 'a' + 'b' + 'c' }`
+    )
+    const obj = findObjectLiteral(sourceFile)!
+    assert.equal(extractDescription(obj, checker), 'abc')
   })
 
   test('returns null for non-object node', () => {

package/src/utils/extract-node-value.ts

@@ -32,6 +32,16 @@ export function extractStringLiteral(
     return extractStringLiteral(node.expression, checker)
   }
 
+  if (
+    ts.isBinaryExpression(node) &&
+    node.operatorToken.kind === ts.SyntaxKind.PlusToken
+  ) {
+    return (
+      extractStringLiteral(node.left, checker) +
+      extractStringLiteral(node.right, checker)
+    )
+  }
+
   // Try to evaluate constant identifiers
   if (ts.isIdentifier(node)) {
     const symbol = checker.getSymbolAtLocation(node)
@@ -52,7 +62,7 @@ export function extractStringLiteral(
 /**
  * Check if node is string-like (string literal or template expression)
  */
-export function isStringLike(node: ts.Node, _checker: ts.TypeChecker): boolean {
+export function isStringLike(node: ts.Node, checker: ts.TypeChecker): boolean {
   if (ts.isStringLiteral(node) || ts.isNoSubstitutionTemplateLiteral(node)) {
     return true
   }
@@ -60,6 +70,10 @@ export function isStringLike(node: ts.Node, _checker: ts.TypeChecker): boolean {
   if (ts.isTemplateExpression(node)) {
     return true
   }
+  // Unwrap type assertions: `expr as Type` or `<Type>expr`
+  if (ts.isAsExpression(node) || ts.isTypeAssertionExpression(node)) {
+    return isStringLike(node.expression, checker)
+  }
   return false
 }
 

package/src/utils/get-property-value.ts

@@ -1,5 +1,6 @@
 import * as ts from 'typescript'
 import { ErrorCode } from '../error-codes.js'
+import { extractStringLiteral } from './extract-node-value.js'
 
 /**
  * Extracts an array of strings from an object property.
@@ -137,7 +138,8 @@ export const getCommonWireMetaData = (
   obj: ts.ObjectLiteralExpression,
   wiringType: string,
   wiringName: string | null,
-  logger?: { critical: (code: ErrorCode, message: string) => void }
+  logger?: { critical: (code: ErrorCode, message: string) => void },
+  checker?: ts.TypeChecker
 ): {
   disabled?: true
   title?: string
@@ -166,18 +168,36 @@ export const getCommonWireMetaData = (
         prop.initializer.kind === ts.SyntaxKind.TrueKeyword
       ) {
         metadata.disabled = true
-      } else if (propName === 'title' && ts.isStringLiteral(prop.initializer)) {
-        metadata.title = prop.initializer.text
-      } else if (
-        propName === 'summary' &&
-        ts.isStringLiteral(prop.initializer)
-      ) {
-        metadata.summary = prop.initializer.text
-      } else if (
-        propName === 'description' &&
-        ts.isStringLiteral(prop.initializer)
-      ) {
-        metadata.description = prop.initializer.text
+      } else if (propName === 'title') {
+        try {
+          metadata.title = checker
+            ? extractStringLiteral(prop.initializer, checker)
+            : ts.isStringLiteral(prop.initializer)
+              ? prop.initializer.text
+              : undefined
+        } catch {
+          // non-static title — skip
+        }
+      } else if (propName === 'summary') {
+        try {
+          metadata.summary = checker
+            ? extractStringLiteral(prop.initializer, checker)
+            : ts.isStringLiteral(prop.initializer)
+              ? prop.initializer.text
+              : undefined
+        } catch {
+          // non-static summary — skip
+        }
+      } else if (propName === 'description') {
+        try {
+          metadata.description = checker
+            ? extractStringLiteral(prop.initializer, checker)
+            : ts.isStringLiteral(prop.initializer)
+              ? prop.initializer.text
+              : undefined
+        } catch {
+          // non-static description — skip
+        }
       } else if (propName === 'tags') {
         if (ts.isArrayLiteralExpression(prop.initializer)) {
           metadata.tags = prop.initializer.elements

package/src/utils/workflow/dsl/extract-dsl-workflow.ts

@@ -436,21 +436,34 @@ function extractExpressionStatement(
       outputVar = expr.left.text
 
       // Check if this is an assignment to a context variable (set step)
+      // But if the RHS is a workflow.do() call, fall through to RPC extraction —
+      // reassigning a pre-declared variable with a workflow step is valid and common.
       if (context.contextVars.has(outputVar)) {
-        const literalValue = extractLiteralValue(expr.right)
-        if (literalValue !== undefined) {
+        const rhs = expr.right
+        const rhsCall =
+          ts.isAwaitExpression(rhs) && ts.isCallExpression(rhs.expression)
+            ? rhs.expression
+            : null
+        const isWorkflowCall = rhsCall
+          ? isWorkflowDoCall(rhsCall, context.checker)
+          : false
+
+        if (!isWorkflowCall) {
+          const literalValue = extractLiteralValue(expr.right)
+          if (literalValue !== undefined) {
+            return {
+              type: 'set',
+              variable: outputVar,
+              value: literalValue,
+            } as SetStepMeta
+          }
+          // Non-literal assignment to context var - use expression as string
           return {
             type: 'set',
             variable: outputVar,
-            value: literalValue,
+            value: getSourceText(expr.right),
           } as SetStepMeta
         }
-        // Non-literal assignment to context var - use expression as string
-        return {
-          type: 'set',
-          variable: outputVar,
-          value: getSourceText(expr.right),
-        } as SetStepMeta
       }
     }
     // Use right side as the expression to extract from