@sfdxy/mule-lint 1.16.2 → 1.17.0

package/dist/src/rules/operations/UnusedFlowRule.js

@@ -0,0 +1,80 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.UnusedFlowRule = void 0;
+const BaseRule_1 = require("../base/BaseRule");
+/**
+ * HYG-003: Unused Flow Detection
+ *
+ * Detects flows that are never referenced by flow-ref.
+ */
+class UnusedFlowRule extends BaseRule_1.BaseRule {
+    id = 'HYG-003';
+    name = 'Unused Flow Detection';
+    description = 'Detects flows that are never referenced';
+    severity = 'warning';
+    category = 'standards';
+    validate(doc, _context) {
+        const issues = [];
+        // Get all flow names in this document
+        const flows = this.select('//*[local-name()="flow"]', doc);
+        const subflows = this.select('//*[local-name()="sub-flow"]', doc);
+        // Get all flow-ref targets
+        const flowRefs = this.select('//*[local-name()="flow-ref"]', doc);
+        const referencedFlows = new Set();
+        for (const ref of flowRefs) {
+            const name = this.getNameAttribute(ref);
+            if (name) {
+                referencedFlows.add(name);
+            }
+        }
+        // Check sub-flows (they should always be referenced)
+        for (const subflow of subflows) {
+            const name = this.getNameAttribute(subflow);
+            if (name && !referencedFlows.has(name)) {
+                // Exclude common patterns that are referenced externally
+                if (!this.isExternallyReferenced(name)) {
+                    issues.push(this.createIssue(subflow, `Sub-flow "${name}" is never referenced within this file`, {
+                        severity: 'info',
+                        suggestion: 'Consider removing unused sub-flows or verify cross-file references',
+                    }));
+                }
+            }
+        }
+        // Check private flows (not triggered by HTTP/scheduler)
+        for (const flow of flows) {
+            const name = this.getNameAttribute(flow);
+            if (!name) {
+                continue;
+            }
+            // Skip if it has an external trigger
+            const hasHttpListener = this.exists('.//*[local-name()="listener"]', flow);
+            const hasScheduler = this.exists('.//*[local-name()="scheduler"]', flow);
+            const hasVmListener = this.exists('.//*[local-name()="listener" and contains(@config-ref, "vm")]', flow);
+            if (hasHttpListener || hasScheduler || hasVmListener) {
+                continue; // Entry point flow
+            }
+            // Check if referenced
+            if (!referencedFlows.has(name) && !this.isExternallyReferenced(name)) {
+                issues.push(this.createIssue(flow, `Flow "${name}" has no trigger and is never referenced`, {
+                    severity: 'info',
+                    suggestion: 'Verify this flow is referenced from other files or remove if unused',
+                }));
+            }
+        }
+        return issues;
+    }
+    isExternallyReferenced(name) {
+        // Common patterns that are typically referenced externally
+        const externalPatterns = [
+            /-main$/,
+            /-api$/,
+            /^api-/,
+            /-console$/,
+            /-error-handler$/,
+            /global/i,
+        ];
+        return externalPatterns.some((pattern) => pattern.test(name));
+    }
+}
+exports.UnusedFlowRule = UnusedFlowRule;
+//# sourceMappingURL=UnusedFlowRule.js.map

package/dist/src/rules/operations/UnusedFlowRule.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"UnusedFlowRule.js","sourceRoot":"","sources":["../../../../src/rules/operations/UnusedFlowRule.ts"],"names":[],"mappings":";;;AACA,+CAA4C;AAE5C;;;;GAIG;AACH,MAAa,cAAe,SAAQ,mBAAQ;IACxC,EAAE,GAAG,SAAS,CAAC;IACf,IAAI,GAAG,uBAAuB,CAAC;IAC/B,WAAW,GAAG,yCAAyC,CAAC;IACxD,QAAQ,GAAG,SAAkB,CAAC;IAC9B,QAAQ,GAAG,WAAoB,CAAC;IAEhC,QAAQ,CAAC,GAAa,EAAE,QAA2B;QAC/C,MAAM,MAAM,GAAY,EAAE,CAAC;QAE3B,sCAAsC;QACtC,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,0BAA0B,EAAE,GAAG,CAAC,CAAC;QAC3D,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,8BAA8B,EAAE,GAAG,CAAC,CAAC;QAElE,2BAA2B;QAC3B,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,8BAA8B,EAAE,GAAG,CAAC,CAAC;QAClE,MAAM,eAAe,GAAG,IAAI,GAAG,EAAU,CAAC;QAE1C,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;YACzB,MAAM,IAAI,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC;YACxC,IAAI,IAAI,EAAE,CAAC;gBACP,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAC9B,CAAC;QACL,CAAC;QAED,qDAAqD;QACrD,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC7B,MAAM,IAAI,GAAG,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;YAC5C,IAAI,IAAI,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;gBACrC,yDAAyD;gBACzD,IAAI,CAAC,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,EAAE,CAAC;oBACrC,MAAM,CAAC,IAAI,CACP,IAAI,CAAC,WAAW,CACZ,OAAO,EACP,aAAa,IAAI,wCAAwC,EACzD;wBACI,QAAQ,EAAE,MAAM;wBAChB,UAAU,EACN,oEAAoE;qBAC3E,CACJ,CACJ,CAAC;gBACN,CAAC;YACL,CAAC;QACL,CAAC;QAED,wDAAwD;QACxD,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACvB,MAAM,IAAI,GAAG,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC;YACzC,IAAI,CAAC,IAAI,EAAE,CAAC;gBAAC,SAAS;YAAC,CAAC;YAExB,qCAAqC;YACrC,MAAM,eAAe,GAAG,IAAI,CAAC,MAAM,CAAC,+BAA+B,EAAE,IAAI,CAAC,CAAC;YAC3E,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,gCAAgC,EAAE,IAAI,CAAC,CAAC;YACzE,MAAM,aAAa,GAAG,IAAI,CAAC,MAAM,CAC7B,+DAA+D,EAC/D,IAAI,CACP,CAAC;YAEF,IAAI,eAAe,IAAI,YAAY,IAAI,aAAa,EAAE,CAAC;gBACnD,SAAS,CAAC,mBAAmB;YACjC,CAAC;YAED,sBAAsB;YACtB,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,EAAE,CAAC;gBACnE,MAAM,CAAC,IAAI,CACP,IAAI,CAAC,WAAW,CACZ,IAAI,EACJ,SAAS,IAAI,0CAA0C,EACvD;oBACI,QAAQ,EAAE,MAAM;oBAChB,UAAU,EACN,qEAAqE;iBAC5E,CACJ,CACJ,CAAC;YACN,CAAC;QACL,CAAC;QAED,OAAO,MAAM,CAAC;IAClB,CAAC;IAEO,sBAAsB,CAAC,IAAY;QACvC,2DAA2D;QAC3D,MAAM,gBAAgB,GAAG;YACrB,QAAQ;YACR,OAAO;YACP,OAAO;YACP,WAAW;YACX,iBAAiB;YACjB,SAAS;SACZ,CAAC;QACF,OAAO,gBAAgB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IAClE,CAAC;CACJ;AA9FD,wCA8FC"}

package/dist/src/rules/performance/ReconnectionStrategyRule.d.ts

@@ -0,0 +1,16 @@
+import { ValidationContext, Issue } from '../../types';
+import { BaseRule } from '../base/BaseRule';
+/**
+ * RES-001: Reconnection Strategy
+ *
+ * Connectors should have reconnection strategies configured for resilience.
+ */
+export declare class ReconnectionStrategyRule extends BaseRule {
+    id: string;
+    name: string;
+    description: string;
+    severity: "warning";
+    category: "performance";
+    validate(doc: Document, _context: ValidationContext): Issue[];
+}
+//# sourceMappingURL=ReconnectionStrategyRule.d.ts.map

package/dist/src/rules/performance/ReconnectionStrategyRule.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ReconnectionStrategyRule.d.ts","sourceRoot":"","sources":["../../../../src/rules/performance/ReconnectionStrategyRule.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AACvD,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C;;;;GAIG;AACH,qBAAa,wBAAyB,SAAQ,QAAQ;IAClD,EAAE,SAAa;IACf,IAAI,SAA2B;IAC/B,WAAW,SAA+D;IAC1E,QAAQ,EAAG,SAAS,CAAU;IAC9B,QAAQ,EAAG,aAAa,CAAU;IAElC,QAAQ,CAAC,GAAG,EAAE,QAAQ,EAAE,QAAQ,EAAE,iBAAiB,GAAG,KAAK,EAAE;CAmEhE"}

package/dist/src/rules/performance/ReconnectionStrategyRule.js

@@ -0,0 +1,60 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ReconnectionStrategyRule = void 0;
+const BaseRule_1 = require("../base/BaseRule");
+/**
+ * RES-001: Reconnection Strategy
+ *
+ * Connectors should have reconnection strategies configured for resilience.
+ */
+class ReconnectionStrategyRule extends BaseRule_1.BaseRule {
+    id = 'RES-001';
+    name = 'Reconnection Strategy';
+    description = 'Connectors should have reconnection strategies configured';
+    severity = 'warning';
+    category = 'performance';
+    validate(doc, _context) {
+        const issues = [];
+        // Specific connector configurations that benefit from reconnection strategies
+        // Using more specific patterns to avoid false positives on generic "config" elements
+        const connectorConfigs = [
+            { pattern: 'request-config', name: 'HTTP Request' },
+            { pattern: 'listener-config', name: 'HTTP Listener' },
+            { pattern: 'jms-config', name: 'JMS' },
+            { pattern: 'amqp-config', name: 'AMQP' },
+            { pattern: 'sftp-config', name: 'SFTP' },
+            { pattern: 'ftp-config', name: 'FTP' },
+            { pattern: 'vm-config', name: 'VM' },
+        ];
+        for (const connector of connectorConfigs) {
+            const configs = this.select(`//*[local-name()="${connector.pattern}"]`, doc);
+            for (const config of configs) {
+                // Check for reconnection or reconnect child elements
+                const hasReconnection = this.exists('.//*[local-name()="reconnection"]', config) ||
+                    this.exists('.//*[local-name()="reconnect"]', config) ||
+                    this.exists('.//*[local-name()="reconnect-forever"]', config);
+                if (!hasReconnection) {
+                    const name = this.getNameAttribute(config) ?? connector.name;
+                    issues.push(this.createIssue(config, `${connector.name} config "${name}" has no reconnection strategy`, {
+                        suggestion: 'Add <reconnection> or <reconnect-forever> for resilience',
+                    }));
+                }
+            }
+        }
+        // Database configs specifically - check for db namespace
+        const dbConfigs = this.select('//*[local-name()="config" and starts-with(name(), "db:")]', doc);
+        for (const config of dbConfigs) {
+            const hasReconnection = this.exists('.//*[local-name()="reconnection"]', config) ||
+                this.exists('.//*[local-name()="reconnect"]', config);
+            if (!hasReconnection) {
+                const name = this.getNameAttribute(config) ?? 'Database';
+                issues.push(this.createIssue(config, `Database config "${name}" has no reconnection strategy`, {
+                    suggestion: 'Add <reconnection> inside the connection element',
+                }));
+            }
+        }
+        return issues;
+    }
+}
+exports.ReconnectionStrategyRule = ReconnectionStrategyRule;
+//# sourceMappingURL=ReconnectionStrategyRule.js.map

package/dist/src/rules/performance/ReconnectionStrategyRule.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ReconnectionStrategyRule.js","sourceRoot":"","sources":["../../../../src/rules/performance/ReconnectionStrategyRule.ts"],"names":[],"mappings":";;;AACA,+CAA4C;AAE5C;;;;GAIG;AACH,MAAa,wBAAyB,SAAQ,mBAAQ;IAClD,EAAE,GAAG,SAAS,CAAC;IACf,IAAI,GAAG,uBAAuB,CAAC;IAC/B,WAAW,GAAG,2DAA2D,CAAC;IAC1E,QAAQ,GAAG,SAAkB,CAAC;IAC9B,QAAQ,GAAG,aAAsB,CAAC;IAElC,QAAQ,CAAC,GAAa,EAAE,QAA2B;QAC/C,MAAM,MAAM,GAAY,EAAE,CAAC;QAE3B,8EAA8E;QAC9E,qFAAqF;QACrF,MAAM,gBAAgB,GAAG;YACrB,EAAE,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,cAAc,EAAE;YACnD,EAAE,OAAO,EAAE,iBAAiB,EAAE,IAAI,EAAE,eAAe,EAAE;YACrD,EAAE,OAAO,EAAE,YAAY,EAAE,IAAI,EAAE,KAAK,EAAE;YACtC,EAAE,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,MAAM,EAAE;YACxC,EAAE,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,MAAM,EAAE;YACxC,EAAE,OAAO,EAAE,YAAY,EAAE,IAAI,EAAE,KAAK,EAAE;YACtC,EAAE,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,IAAI,EAAE;SACvC,CAAC;QAEF,KAAK,MAAM,SAAS,IAAI,gBAAgB,EAAE,CAAC;YACvC,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,qBAAqB,SAAS,CAAC,OAAO,IAAI,EAAE,GAAG,CAAC,CAAC;YAE7E,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;gBAC3B,qDAAqD;gBACrD,MAAM,eAAe,GACjB,IAAI,CAAC,MAAM,CAAC,mCAAmC,EAAE,MAAM,CAAC;oBACxD,IAAI,CAAC,MAAM,CAAC,gCAAgC,EAAE,MAAM,CAAC;oBACrD,IAAI,CAAC,MAAM,CAAC,wCAAwC,EAAE,MAAM,CAAC,CAAC;gBAElE,IAAI,CAAC,eAAe,EAAE,CAAC;oBACnB,MAAM,IAAI,GAAG,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,IAAI,SAAS,CAAC,IAAI,CAAC;oBAC7D,MAAM,CAAC,IAAI,CACP,IAAI,CAAC,WAAW,CACZ,MAAM,EACN,GAAG,SAAS,CAAC,IAAI,YAAY,IAAI,gCAAgC,EACjE;wBACI,UAAU,EACN,0DAA0D;qBACjE,CACJ,CACJ,CAAC;gBACN,CAAC;YACL,CAAC;QACL,CAAC;QAED,yDAAyD;QACzD,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,CACzB,2DAA2D,EAC3D,GAAG,CACN,CAAC;QACF,KAAK,MAAM,MAAM,IAAI,SAAS,EAAE,CAAC;YAC7B,MAAM,eAAe,GACjB,IAAI,CAAC,MAAM,CAAC,mCAAmC,EAAE,MAAM,CAAC;gBACxD,IAAI,CAAC,MAAM,CAAC,gCAAgC,EAAE,MAAM,CAAC,CAAC;YAE1D,IAAI,CAAC,eAAe,EAAE,CAAC;gBACnB,MAAM,IAAI,GAAG,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC;gBACzD,MAAM,CAAC,IAAI,CACP,IAAI,CAAC,WAAW,CACZ,MAAM,EACN,oBAAoB,IAAI,gCAAgC,EACxD;oBACI,UAAU,EAAE,kDAAkD;iBACjE,CACJ,CACJ,CAAC;YACN,CAAC;QACL,CAAC;QAED,OAAO,MAAM,CAAC;IAClB,CAAC;CACJ;AA1ED,4DA0EC"}

package/dist/src/rules/security/EncryptionKeyInLogsRule.d.ts

@@ -0,0 +1,17 @@
+import { ValidationContext, Issue } from '../../types';
+import { BaseRule } from '../base/BaseRule';
+/**
+ * SEC-006: Encryption Key in Logs
+ *
+ * Encryption keys and sensitive credentials should not appear in log statements.
+ */
+export declare class EncryptionKeyInLogsRule extends BaseRule {
+    id: string;
+    name: string;
+    description: string;
+    severity: "error";
+    category: "security";
+    private sensitivePatterns;
+    validate(doc: Document, _context: ValidationContext): Issue[];
+}
+//# sourceMappingURL=EncryptionKeyInLogsRule.d.ts.map

package/dist/src/rules/security/EncryptionKeyInLogsRule.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"EncryptionKeyInLogsRule.d.ts","sourceRoot":"","sources":["../../../../src/rules/security/EncryptionKeyInLogsRule.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AACvD,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C;;;;GAIG;AACH,qBAAa,uBAAwB,SAAQ,QAAQ;IACjD,EAAE,SAAa;IACf,IAAI,SAA4B;IAChC,WAAW,SAAkE;IAC7E,QAAQ,EAAG,OAAO,CAAU;IAC5B,QAAQ,EAAG,UAAU,CAAU;IAE/B,OAAO,CAAC,iBAAiB,CASvB;IAEF,QAAQ,CAAC,GAAG,EAAE,QAAQ,EAAE,QAAQ,EAAE,iBAAiB,GAAG,KAAK,EAAE;CA6BhE"}

package/dist/src/rules/security/EncryptionKeyInLogsRule.js

@@ -0,0 +1,46 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.EncryptionKeyInLogsRule = void 0;
+const BaseRule_1 = require("../base/BaseRule");
+/**
+ * SEC-006: Encryption Key in Logs
+ *
+ * Encryption keys and sensitive credentials should not appear in log statements.
+ */
+class EncryptionKeyInLogsRule extends BaseRule_1.BaseRule {
+    id = 'SEC-006';
+    name = 'Encryption Key in Logs';
+    description = 'Encryption keys and sensitive data should not appear in logs';
+    severity = 'error';
+    category = 'security';
+    sensitivePatterns = [
+        /encrypt.*key/i,
+        /decryption.*key/i,
+        /secret.*key/i,
+        /api[_-]?key/i,
+        /password/i,
+        /credentials?/i,
+        /mule\.key/i,
+        /secure::.*key/i,
+    ];
+    validate(doc, _context) {
+        const issues = [];
+        // Find all loggers
+        const loggers = this.select('//*[local-name()="logger"]', doc);
+        for (const logger of loggers) {
+            const message = this.getAttribute(logger, 'message') ?? '';
+            // Check for sensitive patterns in log messages
+            for (const pattern of this.sensitivePatterns) {
+                if (pattern.test(message)) {
+                    issues.push(this.createIssue(logger, `Logger may expose sensitive data: "${message.substring(0, 50)}${message.length > 50 ? '...' : ''}"`, {
+                        suggestion: 'Remove encryption keys and sensitive data from log messages',
+                    }));
+                    break; // Only one issue per logger
+                }
+            }
+        }
+        return issues;
+    }
+}
+exports.EncryptionKeyInLogsRule = EncryptionKeyInLogsRule;
+//# sourceMappingURL=EncryptionKeyInLogsRule.js.map

package/dist/src/rules/security/EncryptionKeyInLogsRule.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"EncryptionKeyInLogsRule.js","sourceRoot":"","sources":["../../../../src/rules/security/EncryptionKeyInLogsRule.ts"],"names":[],"mappings":";;;AACA,+CAA4C;AAE5C;;;;GAIG;AACH,MAAa,uBAAwB,SAAQ,mBAAQ;IACjD,EAAE,GAAG,SAAS,CAAC;IACf,IAAI,GAAG,wBAAwB,CAAC;IAChC,WAAW,GAAG,8DAA8D,CAAC;IAC7E,QAAQ,GAAG,OAAgB,CAAC;IAC5B,QAAQ,GAAG,UAAmB,CAAC;IAEvB,iBAAiB,GAAG;QACxB,eAAe;QACf,kBAAkB;QAClB,cAAc;QACd,cAAc;QACd,WAAW;QACX,eAAe;QACf,YAAY;QACZ,gBAAgB;KACnB,CAAC;IAEF,QAAQ,CAAC,GAAa,EAAE,QAA2B;QAC/C,MAAM,MAAM,GAAY,EAAE,CAAC;QAE3B,mBAAmB;QACnB,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,4BAA4B,EAAE,GAAG,CAAC,CAAC;QAE/D,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC3B,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,SAAS,CAAC,IAAI,EAAE,CAAC;YAE3D,+CAA+C;YAC/C,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBAC3C,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;oBACxB,MAAM,CAAC,IAAI,CACP,IAAI,CAAC,WAAW,CACZ,MAAM,EACN,sCAAsC,OAAO,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG,EACpG;wBACI,UAAU,EACN,6DAA6D;qBACpE,CACJ,CACJ,CAAC;oBACF,MAAM,CAAC,4BAA4B;gBACvC,CAAC;YACL,CAAC;QACL,CAAC;QAED,OAAO,MAAM,CAAC;IAClB,CAAC;CACJ;AA/CD,0DA+CC"}

package/dist/src/rules/standards/ApiKitValidationRule.d.ts

@@ -0,0 +1,16 @@
+import { ValidationContext, Issue } from '../../types';
+import { BaseRule } from '../base/BaseRule';
+/**
+ * API-005: APIKit Validation
+ *
+ * APIs should use APIKit for auto-generated implementation interfaces.
+ */
+export declare class ApiKitValidationRule extends BaseRule {
+    id: string;
+    name: string;
+    description: string;
+    severity: "info";
+    category: "standards";
+    validate(doc: Document, _context: ValidationContext): Issue[];
+}
+//# sourceMappingURL=ApiKitValidationRule.d.ts.map

package/dist/src/rules/standards/ApiKitValidationRule.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ApiKitValidationRule.d.ts","sourceRoot":"","sources":["../../../../src/rules/standards/ApiKitValidationRule.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AACvD,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C;;;;GAIG;AACH,qBAAa,oBAAqB,SAAQ,QAAQ;IAC9C,EAAE,SAAa;IACf,IAAI,SAAuB;IAC3B,WAAW,SAA0D;IACrE,QAAQ,EAAG,MAAM,CAAU;IAC3B,QAAQ,EAAG,WAAW,CAAU;IAEhC,QAAQ,CAAC,GAAG,EAAE,QAAQ,EAAE,QAAQ,EAAE,iBAAiB,GAAG,KAAK,EAAE;CAoChE"}

package/dist/src/rules/standards/ApiKitValidationRule.js

@@ -0,0 +1,39 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ApiKitValidationRule = void 0;
+const BaseRule_1 = require("../base/BaseRule");
+/**
+ * API-005: APIKit Validation
+ *
+ * APIs should use APIKit for auto-generated implementation interfaces.
+ */
+class ApiKitValidationRule extends BaseRule_1.BaseRule {
+    id = 'API-005';
+    name = 'APIKit Validation';
+    description = 'APIs should use APIKit for implementation interfaces';
+    severity = 'info';
+    category = 'standards';
+    validate(doc, _context) {
+        const issues = [];
+        // Check if this appears to be an API project (has HTTP listener)
+        const hasHttpListener = this.exists('//*[local-name()="listener"]', doc);
+        if (!hasHttpListener) {
+            return issues;
+        }
+        // Check for APIKit router
+        const hasApiKitRouter = this.exists('//*[local-name()="router"]', doc);
+        const hasApiKitConfig = this.exists('//*[local-name()="config" and contains(@name, "api")]', doc);
+        if (!hasApiKitRouter && !hasApiKitConfig) {
+            // Only flag if this looks like an interface file
+            const hasMainFlow = this.exists('//*[local-name()="flow" and (contains(@name, "-main") or contains(@name, "-api"))]', doc);
+            if (hasMainFlow) {
+                issues.push(this.createFileIssue('Consider using APIKit to auto-generate the implementation interface', {
+                    suggestion: 'APIKit provides consistent API implementation patterns',
+                }));
+            }
+        }
+        return issues;
+    }
+}
+exports.ApiKitValidationRule = ApiKitValidationRule;
+//# sourceMappingURL=ApiKitValidationRule.js.map

package/dist/src/rules/standards/ApiKitValidationRule.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ApiKitValidationRule.js","sourceRoot":"","sources":["../../../../src/rules/standards/ApiKitValidationRule.ts"],"names":[],"mappings":";;;AACA,+CAA4C;AAE5C;;;;GAIG;AACH,MAAa,oBAAqB,SAAQ,mBAAQ;IAC9C,EAAE,GAAG,SAAS,CAAC;IACf,IAAI,GAAG,mBAAmB,CAAC;IAC3B,WAAW,GAAG,sDAAsD,CAAC;IACrE,QAAQ,GAAG,MAAe,CAAC;IAC3B,QAAQ,GAAG,WAAoB,CAAC;IAEhC,QAAQ,CAAC,GAAa,EAAE,QAA2B;QAC/C,MAAM,MAAM,GAAY,EAAE,CAAC;QAE3B,iEAAiE;QACjE,MAAM,eAAe,GAAG,IAAI,CAAC,MAAM,CAAC,8BAA8B,EAAE,GAAG,CAAC,CAAC;QACzE,IAAI,CAAC,eAAe,EAAE,CAAC;YACnB,OAAO,MAAM,CAAC;QAClB,CAAC;QAED,0BAA0B;QAC1B,MAAM,eAAe,GAAG,IAAI,CAAC,MAAM,CAAC,4BAA4B,EAAE,GAAG,CAAC,CAAC;QACvE,MAAM,eAAe,GAAG,IAAI,CAAC,MAAM,CAC/B,uDAAuD,EACvD,GAAG,CACN,CAAC;QAEF,IAAI,CAAC,eAAe,IAAI,CAAC,eAAe,EAAE,CAAC;YACvC,iDAAiD;YACjD,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAC3B,oFAAoF,EACpF,GAAG,CACN,CAAC;YACF,IAAI,WAAW,EAAE,CAAC;gBACd,MAAM,CAAC,IAAI,CACP,IAAI,CAAC,eAAe,CAChB,qEAAqE,EACrE;oBACI,UAAU,EAAE,wDAAwD;iBACvE,CACJ,CACJ,CAAC;YACN,CAAC;QACL,CAAC;QAED,OAAO,MAAM,CAAC;IAClB,CAAC;CACJ;AA3CD,oDA2CC"}

package/dist/src/rules/standards/AutoDiscoveryRule.d.ts

@@ -0,0 +1,16 @@
+import { ValidationContext, Issue } from '../../types';
+import { BaseRule } from '../base/BaseRule';
+/**
+ * OPS-001: Auto-Discovery Configuration
+ *
+ * APIs should have auto-discovery configured for API Manager integration.
+ */
+export declare class AutoDiscoveryRule extends BaseRule {
+    id: string;
+    name: string;
+    description: string;
+    severity: "info";
+    category: "standards";
+    validate(doc: Document, _context: ValidationContext): Issue[];
+}
+//# sourceMappingURL=AutoDiscoveryRule.d.ts.map

package/dist/src/rules/standards/AutoDiscoveryRule.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"AutoDiscoveryRule.d.ts","sourceRoot":"","sources":["../../../../src/rules/standards/AutoDiscoveryRule.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AACvD,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C;;;;GAIG;AACH,qBAAa,iBAAkB,SAAQ,QAAQ;IAC3C,EAAE,SAAa;IACf,IAAI,SAAkC;IACtC,WAAW,SAAgE;IAC3E,QAAQ,EAAG,MAAM,CAAU;IAC3B,QAAQ,EAAG,WAAW,CAAU;IAEhC,QAAQ,CAAC,GAAG,EAAE,QAAQ,EAAE,QAAQ,EAAE,iBAAiB,GAAG,KAAK,EAAE;CA2ChE"}

package/dist/src/rules/standards/AutoDiscoveryRule.js

@@ -0,0 +1,47 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AutoDiscoveryRule = void 0;
+const BaseRule_1 = require("../base/BaseRule");
+/**
+ * OPS-001: Auto-Discovery Configuration
+ *
+ * APIs should have auto-discovery configured for API Manager integration.
+ */
+class AutoDiscoveryRule extends BaseRule_1.BaseRule {
+    id = 'OPS-001';
+    name = 'Auto-Discovery Configuration';
+    description = 'APIs should have auto-discovery configured for API Manager';
+    severity = 'info';
+    category = 'standards';
+    validate(doc, _context) {
+        const issues = [];
+        // Check if this is an API (has APIKit router or HTTP listener)
+        const hasApiKitRouter = this.exists('//*[local-name()="router"]', doc);
+        const hasHttpListener = this.exists('//*[local-name()="listener"]', doc);
+        if (!hasApiKitRouter && !hasHttpListener) {
+            return issues; // Not an API, skip
+        }
+        // Check for auto-discovery configuration
+        const hasAutoDiscovery = this.exists('//*[local-name()="api-autodiscovery"]', doc);
+        if (!hasAutoDiscovery && hasApiKitRouter) {
+            issues.push(this.createFileIssue('API has no auto-discovery configuration for API Manager', {
+                suggestion: 'Add <api-gateway:autodiscovery> for API Manager integration',
+            }));
+        }
+        // If auto-discovery exists, check it uses placeholders
+        if (hasAutoDiscovery) {
+            const autodiscoveryNodes = this.select('//*[local-name()="api-autodiscovery"]', doc);
+            for (const node of autodiscoveryNodes) {
+                const apiId = this.getAttribute(node, 'apiId');
+                if (apiId && !apiId.includes('${')) {
+                    issues.push(this.createIssue(node, 'Auto-discovery apiId should use a property placeholder', {
+                        suggestion: 'Use apiId="${api.id}" instead of hardcoded value',
+                    }));
+                }
+            }
+        }
+        return issues;
+    }
+}
+exports.AutoDiscoveryRule = AutoDiscoveryRule;
+//# sourceMappingURL=AutoDiscoveryRule.js.map

package/dist/src/rules/standards/AutoDiscoveryRule.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"AutoDiscoveryRule.js","sourceRoot":"","sources":["../../../../src/rules/standards/AutoDiscoveryRule.ts"],"names":[],"mappings":";;;AACA,+CAA4C;AAE5C;;;;GAIG;AACH,MAAa,iBAAkB,SAAQ,mBAAQ;IAC3C,EAAE,GAAG,SAAS,CAAC;IACf,IAAI,GAAG,8BAA8B,CAAC;IACtC,WAAW,GAAG,4DAA4D,CAAC;IAC3E,QAAQ,GAAG,MAAe,CAAC;IAC3B,QAAQ,GAAG,WAAoB,CAAC;IAEhC,QAAQ,CAAC,GAAa,EAAE,QAA2B;QAC/C,MAAM,MAAM,GAAY,EAAE,CAAC;QAE3B,+DAA+D;QAC/D,MAAM,eAAe,GAAG,IAAI,CAAC,MAAM,CAAC,4BAA4B,EAAE,GAAG,CAAC,CAAC;QACvE,MAAM,eAAe,GAAG,IAAI,CAAC,MAAM,CAAC,8BAA8B,EAAE,GAAG,CAAC,CAAC;QAEzE,IAAI,CAAC,eAAe,IAAI,CAAC,eAAe,EAAE,CAAC;YACvC,OAAO,MAAM,CAAC,CAAC,mBAAmB;QACtC,CAAC;QAED,yCAAyC;QACzC,MAAM,gBAAgB,GAAG,IAAI,CAAC,MAAM,CAAC,uCAAuC,EAAE,GAAG,CAAC,CAAC;QAEnF,IAAI,CAAC,gBAAgB,IAAI,eAAe,EAAE,CAAC;YACvC,MAAM,CAAC,IAAI,CACP,IAAI,CAAC,eAAe,CAAC,yDAAyD,EAAE;gBAC5E,UAAU,EAAE,6DAA6D;aAC5E,CAAC,CACL,CAAC;QACN,CAAC;QAED,uDAAuD;QACvD,IAAI,gBAAgB,EAAE,CAAC;YACnB,MAAM,kBAAkB,GAAG,IAAI,CAAC,MAAM,CAAC,uCAAuC,EAAE,GAAG,CAAC,CAAC;YACrF,KAAK,MAAM,IAAI,IAAI,kBAAkB,EAAE,CAAC;gBACpC,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;gBAC/C,IAAI,KAAK,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;oBACjC,MAAM,CAAC,IAAI,CACP,IAAI,CAAC,WAAW,CACZ,IAAI,EACJ,wDAAwD,EACxD;wBACI,UAAU,EAAE,kDAAkD;qBACjE,CACJ,CACJ,CAAC;gBACN,CAAC;YACL,CAAC;QACL,CAAC;QAED,OAAO,MAAM,CAAC;IAClB,CAAC;CACJ;AAlDD,8CAkDC"}

package/dist/src/rules/standards/CronExternalizedRule.d.ts

@@ -0,0 +1,16 @@
+import { ValidationContext, Issue } from '../../types';
+import { BaseRule } from '../base/BaseRule';
+/**
+ * OPS-003: Cron Expression Externalized
+ *
+ * Cron expressions in schedulers should use property placeholders.
+ */
+export declare class CronExternalizedRule extends BaseRule {
+    id: string;
+    name: string;
+    description: string;
+    severity: "warning";
+    category: "standards";
+    validate(doc: Document, _context: ValidationContext): Issue[];
+}
+//# sourceMappingURL=CronExternalizedRule.d.ts.map

package/dist/src/rules/standards/CronExternalizedRule.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"CronExternalizedRule.d.ts","sourceRoot":"","sources":["../../../../src/rules/standards/CronExternalizedRule.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AACvD,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C;;;;GAIG;AACH,qBAAa,oBAAqB,SAAQ,QAAQ;IAC9C,EAAE,SAAa;IACf,IAAI,SAAkC;IACtC,WAAW,SAAuD;IAClE,QAAQ,EAAG,SAAS,CAAU;IAC9B,QAAQ,EAAG,WAAW,CAAU;IAEhC,QAAQ,CAAC,GAAG,EAAE,QAAQ,EAAE,QAAQ,EAAE,iBAAiB,GAAG,KAAK,EAAE;CAqBhE"}

package/dist/src/rules/standards/CronExternalizedRule.js

@@ -0,0 +1,32 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CronExternalizedRule = void 0;
+const BaseRule_1 = require("../base/BaseRule");
+/**
+ * OPS-003: Cron Expression Externalized
+ *
+ * Cron expressions in schedulers should use property placeholders.
+ */
+class CronExternalizedRule extends BaseRule_1.BaseRule {
+    id = 'OPS-003';
+    name = 'Externalized Cron Expression';
+    description = 'Cron expressions should use property placeholders';
+    severity = 'warning';
+    category = 'standards';
+    validate(doc, _context) {
+        const issues = [];
+        // Find scheduler cron expressions
+        const cronNodes = this.select('//*[local-name()="cron"]', doc);
+        for (const node of cronNodes) {
+            const expression = this.getAttribute(node, 'expression');
+            if (expression && !expression.includes('${')) {
+                issues.push(this.createIssue(node, `Hardcoded cron expression: "${expression}"`, {
+                    suggestion: 'Use expression="${scheduler.cron}" to allow environment-specific scheduling',
+                }));
+            }
+        }
+        return issues;
+    }
+}
+exports.CronExternalizedRule = CronExternalizedRule;
+//# sourceMappingURL=CronExternalizedRule.js.map

package/dist/src/rules/standards/CronExternalizedRule.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"CronExternalizedRule.js","sourceRoot":"","sources":["../../../../src/rules/standards/CronExternalizedRule.ts"],"names":[],"mappings":";;;AACA,+CAA4C;AAE5C;;;;GAIG;AACH,MAAa,oBAAqB,SAAQ,mBAAQ;IAC9C,EAAE,GAAG,SAAS,CAAC;IACf,IAAI,GAAG,8BAA8B,CAAC;IACtC,WAAW,GAAG,mDAAmD,CAAC;IAClE,QAAQ,GAAG,SAAkB,CAAC;IAC9B,QAAQ,GAAG,WAAoB,CAAC;IAEhC,QAAQ,CAAC,GAAa,EAAE,QAA2B;QAC/C,MAAM,MAAM,GAAY,EAAE,CAAC;QAE3B,kCAAkC;QAClC,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,0BAA0B,EAAE,GAAG,CAAC,CAAC;QAE/D,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;YAC3B,MAAM,UAAU,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;YAEzD,IAAI,UAAU,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC3C,MAAM,CAAC,IAAI,CACP,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,+BAA+B,UAAU,GAAG,EAAE;oBACjE,UAAU,EACN,6EAA6E;iBACpF,CAAC,CACL,CAAC;YACN,CAAC;QACL,CAAC;QAED,OAAO,MAAM,CAAC;IAClB,CAAC;CACJ;AA5BD,oDA4BC"}

package/dist/src/rules/standards/HttpPortPlaceholderRule.d.ts

@@ -0,0 +1,16 @@
+import { ValidationContext, Issue } from '../../types';
+import { BaseRule } from '../base/BaseRule';
+/**
+ * OPS-002: HTTP Port Placeholder
+ *
+ * HTTP listener ports should use property placeholders, not hardcoded values.
+ */
+export declare class HttpPortPlaceholderRule extends BaseRule {
+    id: string;
+    name: string;
+    description: string;
+    severity: "warning";
+    category: "standards";
+    validate(doc: Document, _context: ValidationContext): Issue[];
+}
+//# sourceMappingURL=HttpPortPlaceholderRule.d.ts.map

package/dist/src/rules/standards/HttpPortPlaceholderRule.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"HttpPortPlaceholderRule.d.ts","sourceRoot":"","sources":["../../../../src/rules/standards/HttpPortPlaceholderRule.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AACvD,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C;;;;GAIG;AACH,qBAAa,uBAAwB,SAAQ,QAAQ;IACjD,EAAE,SAAa;IACf,IAAI,SAA2B;IAC/B,WAAW,SAA0D;IACrE,QAAQ,EAAG,SAAS,CAAU;IAC9B,QAAQ,EAAG,WAAW,CAAU;IAEhC,QAAQ,CAAC,GAAG,EAAE,QAAQ,EAAE,QAAQ,EAAE,iBAAiB,GAAG,KAAK,EAAE;CAsBhE"}

package/dist/src/rules/standards/HttpPortPlaceholderRule.js

@@ -0,0 +1,34 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.HttpPortPlaceholderRule = void 0;
+const BaseRule_1 = require("../base/BaseRule");
+/**
+ * OPS-002: HTTP Port Placeholder
+ *
+ * HTTP listener ports should use property placeholders, not hardcoded values.
+ */
+class HttpPortPlaceholderRule extends BaseRule_1.BaseRule {
+    id = 'OPS-002';
+    name = 'HTTP Port Placeholder';
+    description = 'HTTP listener ports should use property placeholders';
+    severity = 'warning';
+    category = 'standards';
+    validate(doc, _context) {
+        const issues = [];
+        // Check HTTP listener configurations
+        const listenerConfigs = this.select('//*[local-name()="listener-config"]', doc);
+        for (const config of listenerConfigs) {
+            const port = this.getAttribute(config, 'port');
+            if (port && /^\d+$/.test(port)) {
+                // Port is a hardcoded number
+                const name = this.getNameAttribute(config) ?? 'HTTP Listener Config';
+                issues.push(this.createIssue(config, `HTTP config "${name}" has hardcoded port "${port}"`, {
+                    suggestion: 'Use port="${http.port}" or similar placeholder',
+                }));
+            }
+        }
+        return issues;
+    }
+}
+exports.HttpPortPlaceholderRule = HttpPortPlaceholderRule;
+//# sourceMappingURL=HttpPortPlaceholderRule.js.map

package/dist/src/rules/standards/HttpPortPlaceholderRule.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"HttpPortPlaceholderRule.js","sourceRoot":"","sources":["../../../../src/rules/standards/HttpPortPlaceholderRule.ts"],"names":[],"mappings":";;;AACA,+CAA4C;AAE5C;;;;GAIG;AACH,MAAa,uBAAwB,SAAQ,mBAAQ;IACjD,EAAE,GAAG,SAAS,CAAC;IACf,IAAI,GAAG,uBAAuB,CAAC;IAC/B,WAAW,GAAG,sDAAsD,CAAC;IACrE,QAAQ,GAAG,SAAkB,CAAC;IAC9B,QAAQ,GAAG,WAAoB,CAAC;IAEhC,QAAQ,CAAC,GAAa,EAAE,QAA2B;QAC/C,MAAM,MAAM,GAAY,EAAE,CAAC;QAE3B,qCAAqC;QACrC,MAAM,eAAe,GAAG,IAAI,CAAC,MAAM,CAAC,qCAAqC,EAAE,GAAG,CAAC,CAAC;QAEhF,KAAK,MAAM,MAAM,IAAI,eAAe,EAAE,CAAC;YACnC,MAAM,IAAI,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;YAE/C,IAAI,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC7B,6BAA6B;gBAC7B,MAAM,IAAI,GAAG,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,IAAI,sBAAsB,CAAC;gBACrE,MAAM,CAAC,IAAI,CACP,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,gBAAgB,IAAI,yBAAyB,IAAI,GAAG,EAAE;oBAC3E,UAAU,EAAE,gDAAgD;iBAC/D,CAAC,CACL,CAAC;YACN,CAAC;QACL,CAAC;QAED,OAAO,MAAM,CAAC;IAClB,CAAC;CACJ;AA7BD,0DA6BC"}

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@sfdxy/mule-lint",
-    "version": "1.16.2",
+    "version": "1.17.0",
     "description": "Static analysis tool for MuleSoft applications - supports humans, AI agents, and CI/CD pipelines",
     "author": "Avinava",
     "license": "MIT",
@@ -45,7 +45,8 @@
         "commander": "^11.1.0",
         "fast-glob": "^3.3.2",
         "js-yaml": "^4.1.1",
-        "xpath": "^0.0.34"
+        "xpath": "^0.0.34",
+        "zod": "^3.25.0"
     },
     "devDependencies": {
         "@types/jest": "^29.5.11",