@pikku/inspector 0.12.3 → 0.12.5

package/dist/utils/serialize-inspector-state.d.ts

@@ -205,6 +205,10 @@ export interface SerializableInspectorState {
         definitions: InspectorState['secrets']['definitions'];
         files: string[];
     };
+    credentials: {
+        definitions: InspectorState['credentials']['definitions'];
+        files: string[];
+    };
     variables: {
         definitions: InspectorState['variables']['definitions'];
         files: string[];

package/dist/utils/serialize-inspector-state.js

@@ -101,6 +101,10 @@ export function serializeInspectorState(state) {
             definitions: state.secrets.definitions,
             files: Array.from(state.secrets.files),
         },
+        credentials: {
+            definitions: state.credentials.definitions,
+            files: Array.from(state.credentials.files),
+        },
         variables: {
             definitions: state.variables.definitions,
             files: Array.from(state.variables.files),
@@ -244,6 +248,10 @@ export function deserializeInspectorState(data) {
             definitions: data.secrets?.definitions || [],
             files: new Set(data.secrets?.files || []),
         },
+        credentials: {
+            definitions: data.credentials?.definitions || [],
+            files: new Set(data.credentials?.files || []),
+        },
         variables: {
             definitions: data.variables?.definitions || [],
             files: new Set(data.variables?.files || []),
@@ -292,5 +300,6 @@ export function deserializeInspectorState(data) {
         openAPISpec: data.openAPISpec || null,
         diagnostics: data.diagnostics || [],
         addonFunctions: data.addonFunctions || {},
+        program: null,
     };
 }

package/dist/utils/workflow/graph/convert-dsl-to-graph.js

@@ -301,6 +301,7 @@ export function convertDslToGraph(workflowName, meta) {
         source,
         description: meta.description,
         tags: meta.tags,
+        inline: meta.inline,
         context: meta.context,
         nodes: nodesRecord,
         entryNodeIds,

package/dist/utils/workflow/graph/workflow-graph.types.d.ts

@@ -141,6 +141,8 @@ export interface SerializedWorkflowGraph {
     description?: string;
     /** Tags for organization */
     tags?: string[];
+    /** If true, workflow always executes inline without queues */
+    inline?: boolean;
     /** Workflow context/state variables (from Zod schema) */
     context?: WorkflowContext;
     /** Serialized nodes */

package/dist/visit.js

@@ -17,7 +17,8 @@ import { addWireAddon } from './add/add-wire-addon.js';
 import { addMiddleware } from './add/add-middleware.js';
 import { addPermission } from './add/add-permission.js';
 import { addCLI, addCLIRenderers } from './add/add-cli.js';
-import { addSecret, addOAuth2Credential } from './add/add-secret.js';
+import { addSecret } from './add/add-secret.js';
+import { addCredential } from './add/add-credential.js';
 import { addVariable } from './add/add-variable.js';
 import { addWorkflowGraph } from './add/add-workflow-graph.js';
 import { addAIAgent } from './add/add-ai-agent.js';
@@ -41,7 +42,7 @@ export const visitSetup = (logger, checker, node, state, options) => {
 export const visitRoutes = (logger, checker, node, state, options) => {
     addFunctions(logger, node, checker, state, options);
     addSecret(logger, node, checker, state, options);
-    addOAuth2Credential(logger, node, checker, state, options);
+    addCredential(logger, node, checker, state, options);
     addVariable(logger, node, checker, state, options);
     addHTTPRoute(logger, node, checker, state, options);
     addHTTPRoutes(logger, node, checker, state, options);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@pikku/inspector",
-  "version": "0.12.3",
+  "version": "0.12.5",
   "author": "yasser.fadl@gmail.com",
   "license": "BUSL-1.1",
   "type": "module",
@@ -30,11 +30,12 @@
     "release": "yarn build && npm test",
     "test": "bash run-tests.sh",
     "test:watch": "bash run-tests.sh --watch",
-    "test:coverage": "bash run-tests.sh --coverage"
+    "test:coverage": "bash run-tests.sh --coverage",
+    "prepublishOnly": "yarn build"
   },
   "dependencies": {
     "@openapi-contrib/json-schema-to-openapi-schema": "^4.3.1",
-    "@pikku/core": "^0.12.3",
+    "@pikku/core": "^0.12.10",
     "path-to-regexp": "^8.3.0",
     "ts-json-schema-generator": "^2.5.0",
     "tsx": "^4.21.0",

package/src/add/add-credential.ts

@@ -0,0 +1,178 @@
+import * as ts from 'typescript'
+import {
+  getPropertyValue,
+  getArrayPropertyValue,
+} from '../utils/get-property-value.js'
+import type { AddWiring } from '../types.js'
+import { ErrorCode } from '../error-codes.js'
+import { detectSchemaVendorOrError } from '../utils/detect-schema-vendor.js'
+
+export const addCredential: AddWiring = (
+  logger,
+  node,
+  checker,
+  state,
+  _options
+) => {
+  if (!ts.isCallExpression(node)) {
+    return
+  }
+
+  const args = node.arguments
+  const firstArg = args[0]
+  const expression = node.expression
+
+  if (!ts.isIdentifier(expression) || expression.text !== 'wireCredential') {
+    return
+  }
+
+  if (!firstArg) {
+    return
+  }
+
+  if (ts.isObjectLiteralExpression(firstArg)) {
+    const obj = firstArg
+
+    const nameValue = getPropertyValue(obj, 'name') as string | null
+    const displayNameValue = getPropertyValue(obj, 'displayName') as
+      | string
+      | null
+    const descriptionValue = getPropertyValue(obj, 'description') as
+      | string
+      | null
+    const typeValue = getPropertyValue(obj, 'type') as string | null
+
+    if (!nameValue) {
+      logger.critical(
+        ErrorCode.MISSING_NAME,
+        "Credential is missing the required 'name' property."
+      )
+      return
+    }
+
+    if (!displayNameValue) {
+      logger.critical(
+        ErrorCode.MISSING_NAME,
+        `Credential '${nameValue}' is missing the required 'displayName' property.`
+      )
+      return
+    }
+
+    if (!typeValue || (typeValue !== 'singleton' && typeValue !== 'wire')) {
+      logger.critical(
+        ErrorCode.MISSING_NAME,
+        `Credential '${nameValue}' is missing or has invalid 'type' property. Must be 'singleton' or 'wire'.`
+      )
+      return
+    }
+
+    let schemaVariableName: string | null = null
+    let schemaSourceFile: string | null = null
+    let schemaIdentifier: ts.Identifier | null = null
+    for (const prop of obj.properties) {
+      if (
+        ts.isPropertyAssignment(prop) &&
+        ts.isIdentifier(prop.name) &&
+        prop.name.text === 'schema'
+      ) {
+        if (ts.isIdentifier(prop.initializer)) {
+          schemaVariableName = prop.initializer.text
+          schemaIdentifier = prop.initializer
+
+          const symbol = checker.getSymbolAtLocation(prop.initializer)
+          if (symbol) {
+            const decl = symbol.valueDeclaration || symbol.declarations?.[0]
+            if (decl) {
+              if (ts.isImportSpecifier(decl)) {
+                const aliasedSymbol = checker.getAliasedSymbol(symbol)
+                if (aliasedSymbol) {
+                  const aliasedDecl =
+                    aliasedSymbol.valueDeclaration ||
+                    aliasedSymbol.declarations?.[0]
+                  if (aliasedDecl) {
+                    schemaSourceFile = aliasedDecl.getSourceFile().fileName
+                  }
+                }
+              } else {
+                schemaSourceFile = decl.getSourceFile().fileName
+              }
+            }
+          }
+        }
+        break
+      }
+    }
+
+    let oauth2: any = undefined
+    const oauth2Prop = obj.properties.find(
+      (p) =>
+        ts.isPropertyAssignment(p) &&
+        ts.isIdentifier(p.name) &&
+        p.name.text === 'oauth2'
+    )
+    if (
+      oauth2Prop &&
+      ts.isPropertyAssignment(oauth2Prop) &&
+      ts.isObjectLiteralExpression(oauth2Prop.initializer)
+    ) {
+      const oauth2Obj = oauth2Prop.initializer
+      const appCredentialSecretId = getPropertyValue(
+        oauth2Obj,
+        'appCredentialSecretId'
+      ) as string | null
+      const tokenSecretId = getPropertyValue(oauth2Obj, 'tokenSecretId') as
+        | string
+        | null
+      const authorizationUrl = getPropertyValue(
+        oauth2Obj,
+        'authorizationUrl'
+      ) as string | null
+      const tokenUrl = getPropertyValue(oauth2Obj, 'tokenUrl') as string | null
+      const scopes = getArrayPropertyValue(oauth2Obj, 'scopes')
+      const pkce = getPropertyValue(oauth2Obj, 'pkce') as boolean | null
+
+      if (appCredentialSecretId && authorizationUrl && tokenUrl && scopes) {
+        oauth2 = {
+          appCredentialSecretId,
+          tokenSecretId: tokenSecretId || undefined,
+          authorizationUrl,
+          tokenUrl,
+          scopes,
+          pkce: pkce || undefined,
+        }
+      }
+    }
+
+    const sourceFile = node.getSourceFile().fileName
+    state.credentials.files.add(sourceFile)
+
+    let schemaLookupName: string | undefined
+    if (schemaVariableName && schemaSourceFile && schemaIdentifier) {
+      const vendor = detectSchemaVendorOrError(
+        schemaIdentifier,
+        checker,
+        logger,
+        `Credential '${nameValue}'`,
+        schemaSourceFile
+      )
+      if (vendor) {
+        schemaLookupName = `CredentialSchema_${nameValue}`
+        state.schemaLookup.set(schemaLookupName, {
+          variableName: schemaVariableName,
+          sourceFile: schemaSourceFile,
+          vendor,
+        })
+      }
+    }
+
+    state.credentials.definitions.push({
+      name: nameValue,
+      displayName: displayNameValue,
+      description: descriptionValue || undefined,
+      type: typeValue as 'singleton' | 'wire',
+      schema: schemaLookupName,
+      oauth2,
+      sourceFile,
+    })
+  }
+}

package/src/add/add-middleware.ts

@@ -274,13 +274,10 @@ export const addMiddleware: AddWiring = (logger, node, checker, state) => {
       state.rootDir
     )
 
-    if (refs.length === 0) {
-      logger.warn(`• addMiddleware('${tag}', ...) has empty middleware array`)
-      return
-    }
-
     const definitionIds = refs.map((r) => r.definitionId)
-    renameTempDefinitions(state, definitionIds, 'tag', tag)
+    if (definitionIds.length > 0) {
+      renameTempDefinitions(state, definitionIds, 'tag', tag)
+    }
 
     const sourceFile = node.getSourceFile().fileName
     const instanceIds: string[] = []
@@ -384,15 +381,10 @@ export const addMiddleware: AddWiring = (logger, node, checker, state) => {
       state.rootDir
     )
 
-    if (refs.length === 0) {
-      logger.warn(
-        `• addHTTPMiddleware('${pattern}', ...) has empty middleware array`
-      )
-      return
-    }
-
     const definitionIds = refs.map((r) => r.definitionId)
-    renameTempDefinitions(state, definitionIds, 'http', pattern)
+    if (definitionIds.length > 0) {
+      renameTempDefinitions(state, definitionIds, 'http', pattern)
+    }
 
     const sourceFile = node.getSourceFile().fileName
     const instanceIds: string[] = []

package/src/add/add-permission.ts

@@ -38,13 +38,15 @@ function renameTempDefinitions(
   }
 }
 
-function isInsidePermissionFactory(node: ts.Node): boolean {
+function isInsidePermissionContainer(node: ts.Node): boolean {
   let current = node.parent
   while (current) {
     if (
       ts.isCallExpression(current) &&
       ts.isIdentifier(current.expression) &&
-      current.expression.text === 'pikkuPermissionFactory'
+      (current.expression.text === 'pikkuPermissionFactory' ||
+        current.expression.text === 'addPermission' ||
+        current.expression.text === 'addHTTPPermission')
     ) {
       return true
     }
@@ -69,7 +71,7 @@ export const addPermission: AddWiring = (logger, node, checker, state) => {
   // Handle pikkuPermission(...) - individual permission function definition
   if (expression.text === 'pikkuPermission') {
     // Skip if nested inside pikkuPermissionFactory — the factory handler extracts services itself
-    if (isInsidePermissionFactory(node)) return
+    if (isInsidePermissionContainer(node)) return
 
     const arg = args[0]
     if (!arg) return
@@ -156,7 +158,7 @@ export const addPermission: AddWiring = (logger, node, checker, state) => {
   }
 
   if (expression.text === 'pikkuAuth') {
-    if (isInsidePermissionFactory(node)) return
+    if (isInsidePermissionContainer(node)) return
 
     const arg = args[0]
     if (!arg) return
@@ -373,13 +375,10 @@ export const addPermission: AddWiring = (logger, node, checker, state) => {
       state.rootDir
     )
 
-    if (permissionNames.length === 0) {
-      logger.warn(`• addPermission('${tag}', ...) has empty permissions array`)
-      return
+    if (permissionNames.length > 0) {
+      renameTempDefinitions(state, permissionNames, 'tag', tag)
     }
 
-    renameTempDefinitions(state, permissionNames, 'tag', tag)
-
     const allServices = new Set<string>()
     for (const permissionName of permissionNames) {
       const permissionMeta = state.permissions.definitions[permissionName]
@@ -479,15 +478,10 @@ export const addPermission: AddWiring = (logger, node, checker, state) => {
       state.rootDir
     )
 
-    if (permissionNames.length === 0) {
-      logger.warn(
-        `• addHTTPPermission('${pattern}', ...) has empty permissions array`
-      )
-      return
+    if (permissionNames.length > 0) {
+      renameTempDefinitions(state, permissionNames, 'http', pattern)
     }
 
-    renameTempDefinitions(state, permissionNames, 'http', pattern)
-
     const allServices = new Set<string>()
     for (const permissionName of permissionNames) {
       const permissionMeta = state.permissions.definitions[permissionName]

package/src/add/add-secret.ts

@@ -1,10 +1,3 @@
-import * as ts from 'typescript'
-import {
-  getPropertyValue,
-  getArrayPropertyValue,
-} from '../utils/get-property-value.js'
-import type { AddWiring } from '../types.js'
-import { ErrorCode } from '../error-codes.js'
 import { createAddKeyedWiring } from './add-keyed-wiring.js'
 
 export const addSecret = createAddKeyedWiring({
@@ -14,127 +7,3 @@ export const addSecret = createAddKeyedWiring({
   schemaPrefix: 'SecretSchema',
   getState: (state) => state.secrets,
 })
-
-export const addOAuth2Credential: AddWiring = (
-  logger,
-  node,
-  _checker,
-  state,
-  _options
-) => {
-  if (!ts.isCallExpression(node)) {
-    return
-  }
-
-  const args = node.arguments
-  const firstArg = args[0]
-  const expression = node.expression
-
-  if (
-    !ts.isIdentifier(expression) ||
-    expression.text !== 'wireOAuth2Credential'
-  ) {
-    return
-  }
-
-  if (!firstArg) {
-    return
-  }
-
-  if (ts.isObjectLiteralExpression(firstArg)) {
-    const obj = firstArg
-
-    const nameValue = getPropertyValue(obj, 'name') as string | null
-    const displayNameValue = getPropertyValue(obj, 'displayName') as
-      | string
-      | null
-    const descriptionValue = getPropertyValue(obj, 'description') as
-      | string
-      | null
-    const secretIdValue = getPropertyValue(obj, 'secretId') as string | null
-    const tokenSecretIdValue = getPropertyValue(obj, 'tokenSecretId') as
-      | string
-      | null
-    const authorizationUrlValue = getPropertyValue(obj, 'authorizationUrl') as
-      | string
-      | null
-    const tokenUrlValue = getPropertyValue(obj, 'tokenUrl') as string | null
-    const scopesValue = getArrayPropertyValue(obj, 'scopes')
-    const pkceValue = getPropertyValue(obj, 'pkce') as boolean | null
-
-    if (!nameValue) {
-      logger.critical(
-        ErrorCode.MISSING_NAME,
-        "OAuth2 Credential is missing the required 'name' property."
-      )
-      return
-    }
-
-    if (!displayNameValue) {
-      logger.critical(
-        ErrorCode.MISSING_NAME,
-        `OAuth2 Credential '${nameValue}' is missing the required 'displayName' property.`
-      )
-      return
-    }
-
-    if (!secretIdValue) {
-      logger.critical(
-        ErrorCode.MISSING_NAME,
-        `OAuth2 Credential '${nameValue}' is missing the required 'secretId' property.`
-      )
-      return
-    }
-
-    if (!tokenSecretIdValue) {
-      logger.critical(
-        ErrorCode.MISSING_NAME,
-        `OAuth2 Credential '${nameValue}' is missing the required 'tokenSecretId' property.`
-      )
-      return
-    }
-
-    if (!authorizationUrlValue) {
-      logger.critical(
-        ErrorCode.MISSING_NAME,
-        `OAuth2 Credential '${nameValue}' is missing the required 'authorizationUrl' property.`
-      )
-      return
-    }
-
-    if (!tokenUrlValue) {
-      logger.critical(
-        ErrorCode.MISSING_NAME,
-        `OAuth2 Credential '${nameValue}' is missing the required 'tokenUrl' property.`
-      )
-      return
-    }
-
-    if (!scopesValue || scopesValue.length === 0) {
-      logger.critical(
-        ErrorCode.MISSING_NAME,
-        `OAuth2 Credential '${nameValue}' is missing the required 'scopes' property.`
-      )
-      return
-    }
-
-    const sourceFile = node.getSourceFile().fileName
-
-    state.secrets.files.add(sourceFile)
-
-    state.secrets.definitions.push({
-      name: nameValue,
-      displayName: displayNameValue,
-      description: descriptionValue || undefined,
-      secretId: secretIdValue,
-      oauth2: {
-        tokenSecretId: tokenSecretIdValue,
-        authorizationUrl: authorizationUrlValue,
-        tokenUrl: tokenUrlValue,
-        scopes: scopesValue,
-        pkce: pkceValue || undefined,
-      },
-      sourceFile,
-    })
-  }
-}

package/src/add/add-workflow.ts

@@ -11,7 +11,10 @@ import {
   extractDescription,
   extractDuration,
 } from '../utils/extract-node-value.js'
-import { getCommonWireMetaData } from '../utils/get-property-value.js'
+import {
+  getCommonWireMetaData,
+  getPropertyValue,
+} from '../utils/get-property-value.js'
 import { extractDSLWorkflow } from '../utils/workflow/dsl/extract-dsl-workflow.js'
 
 /**
@@ -206,6 +209,7 @@ export const addWorkflow: AddWiring = (logger, node, checker, state) => {
   let summary: string | undefined
   let description: string | undefined
   let errors: string[] | undefined
+  let inline: boolean | undefined
 
   if (ts.isObjectLiteralExpression(firstArg)) {
     const metadata = getCommonWireMetaData(
@@ -219,6 +223,11 @@ export const addWorkflow: AddWiring = (logger, node, checker, state) => {
     summary = metadata.summary
     description = metadata.description
     errors = metadata.errors
+
+    const inlineProp = getPropertyValue(firstArg, 'inline')
+    if (inlineProp === true) {
+      inline = true
+    }
   }
 
   // Validate that we got a valid function
@@ -324,5 +333,6 @@ export const addWorkflow: AddWiring = (logger, node, checker, state) => {
     description,
     errors,
     tags,
+    inline,
   }
 }

package/src/error-codes.ts

@@ -66,6 +66,9 @@ export enum ErrorCode {
   MISSING_MODEL = 'PKU145',
   INVALID_MODEL = 'PKU146',
 
+  // File structure errors
+  SCHEMA_AND_WIRING_COLOCATED = 'PKU490',
+
   // Optimization diagnostics
   SERVICES_NOT_DESTRUCTURED = 'PKU410',
   WIRES_NOT_DESTRUCTURED = 'PKU411',

package/src/inspector.ts

@@ -20,6 +20,7 @@ import {
   computePermissionsGroupsMeta,
   computeRequiredSchemas,
   computeDiagnostics,
+  validateSchemaWiringSeparation,
 } from './utils/post-process.js'
 import { generateOpenAPISpec } from './utils/serialize-openapi-json.js'
 import { pikkuState } from '@pikku/core/internal'
@@ -147,6 +148,10 @@ export function getInitialInspectorState(rootDir: string): InspectorState {
       definitions: [],
       files: new Set(),
     },
+    credentials: {
+      definitions: [],
+      files: new Set(),
+    },
     variables: {
       definitions: [],
       files: new Set(),
@@ -203,6 +208,7 @@ export function getInitialInspectorState(rootDir: string): InspectorState {
     openAPISpec: null,
     diagnostics: [],
     addonFunctions: {},
+    program: null,
   }
 }
 
@@ -211,8 +217,7 @@ export const inspect = async (
   routeFiles: string[],
   options: InspectorOptions = {}
 ): Promise<InspectorState> => {
-  const startProgram = performance.now()
-  const program = ts.createProgram(routeFiles, {
+  const compilerOptions: ts.CompilerOptions = {
     target: ts.ScriptTarget.ESNext,
     module: ts.ModuleKind.Node16,
     skipLibCheck: true,
@@ -221,9 +226,16 @@ export const inspect = async (
     types: [],
     allowJs: false,
     checkJs: false,
-  })
+  }
+  const startProgram = performance.now()
+  const program = ts.createProgram(
+    routeFiles,
+    compilerOptions,
+    undefined, // host
+    options.oldProgram
+  )
   logger.debug(
-    `Created program in ${(performance.now() - startProgram).toFixed(2)}ms`
+    `Created program in ${(performance.now() - startProgram).toFixed(0)}ms (${routeFiles.length} files${options.oldProgram ? ', incremental' : ''})`
   )
 
   const startChecker = performance.now()
@@ -255,7 +267,7 @@ export const inspect = async (
     )
   }
   logger.debug(
-    `Visit setup phase completed in ${(performance.now() - startSetup).toFixed(2)}ms`
+    `Visit setup phase completed in ${(performance.now() - startSetup).toFixed(0)}ms`
   )
 
   // Load addon function metadata so wirings can reference addon functions
@@ -270,17 +282,21 @@ export const inspect = async (
       )
     }
     logger.debug(
-      `Visit routes phase completed in ${(performance.now() - startRoutes).toFixed(2)}ms`
+      `Visit routes phase completed in ${(performance.now() - startRoutes).toFixed(0)}ms`
     )
 
     resolveLatestVersions(state, logger)
 
     if (options.schemaConfig) {
+      const startSchemas = performance.now()
       state.schemas = await generateAllSchemas(
         logger,
         options.schemaConfig,
         state
       )
+      logger.debug(
+        `generateAllSchemas took ${(performance.now() - startSchemas).toFixed(0)}ms`
+      )
       computeContractHashes(
         state.schemas,
         state.functions.typesMap,
@@ -323,6 +339,7 @@ export const inspect = async (
     computeMiddlewareGroupsMeta(state)
     computePermissionsGroupsMeta(state)
     computeDiagnostics(state)
+    validateSchemaWiringSeparation(logger, state)
 
     if (options.openAPI) {
       state.openAPISpec = await generateOpenAPISpec(
@@ -341,5 +358,7 @@ export const inspect = async (
     validateVariableOverrides(logger, state)
   }
 
+  state.program = program
+
   return state
 }