@sfdxy/mule-lint 1.19.0 → 1.21.0

package/dist/src/rules/error-handling/TryScopeRule.js

@@ -7,6 +7,10 @@ const BaseRule_1 = require("../base/BaseRule");
  *
  * Complex operations (DB calls, HTTP requests) should use Try scope
  * for granular error isolation and handling.
+ *
+ * Enhanced to also check sub-flows containing http:request without
+ * Try scope — sub-flows are often called from multiple places and
+ * should handle their own errors for isolation.
  */
 class TryScopeRule extends BaseRule_1.BaseRule {
     id = 'ERR-001';
@@ -17,26 +21,45 @@ class TryScopeRule extends BaseRule_1.BaseRule {
     issueType = 'bug';
     validate(doc, _context) {
         const issues = [];
-        // Find flows with multiple risky operations
-        const flows = this.select('//*[local-name()="flow"]', doc);
+        // Find flows and sub-flows with risky operations
+        const flows = this.select('//mule:flow', doc);
+        const subFlows = this.select('//mule:sub-flow', doc);
         for (const flow of flows) {
             const flowElement = flow;
             const flowName = flowElement.getAttribute('name') ?? 'unnamed';
             // Count risky operations (DB, HTTP, external calls)
-            const dbOperations = this.select('.//*[namespace-uri()="http://www.mulesoft.org/schema/mule/db"]', flow);
-            const httpRequests = this.select('.//*[local-name()="request" and namespace-uri()="http://www.mulesoft.org/schema/mule/http"]', flow);
-            const externalCalls = [...dbOperations, ...httpRequests];
+            const riskyOps = this.countRiskyOperations(flow);
             // Check if Try scope exists
             const tryScopes = this.select('.//*[local-name()="try"]', flow);
             // If multiple external calls but no Try scope
-            if (externalCalls.length >= 2 && tryScopes.length === 0) {
-                issues.push(this.createIssue(flow, `Flow "${flowName}" has ${externalCalls.length} external calls without Try scope isolation`, {
+            if (riskyOps >= 2 && tryScopes.length === 0) {
+                issues.push(this.createIssue(flow, `Flow "${flowName}" has ${String(riskyOps)} external calls without Try scope isolation`, {
                     suggestion: 'Wrap risky operations in Try scope for granular error handling and isolation',
                 }));
             }
         }
+        // Sub-flows with http:request should also use Try scope
+        for (const subFlow of subFlows) {
+            const subFlowElement = subFlow;
+            const subFlowName = subFlowElement.getAttribute('name') ?? 'unnamed';
+            const httpRequests = this.select('.//*[local-name()="request" and namespace-uri()="http://www.mulesoft.org/schema/mule/http"]', subFlow);
+            if (httpRequests.length > 0) {
+                const tryScopes = this.select('.//*[local-name()="try"]', subFlow);
+                if (tryScopes.length === 0) {
+                    issues.push(this.createIssue(subFlow, `Sub-flow "${subFlowName}" contains http:request without Try scope — errors will propagate to all callers`, {
+                        suggestion: 'Wrap the http:request in a Try scope within the sub-flow for isolated error handling',
+                    }));
+                }
+            }
+        }
         return issues;
     }
+    countRiskyOperations(node) {
+        const dbOps = this.select('.//*[namespace-uri()="http://www.mulesoft.org/schema/mule/db"]', node);
+        const httpReqs = this.select('.//*[local-name()="request" and namespace-uri()="http://www.mulesoft.org/schema/mule/http"]', node);
+        const wsConsumers = this.select('.//*[local-name()="consume" and namespace-uri()="http://www.mulesoft.org/schema/mule/wsc"]', node);
+        return dbOps.length + httpReqs.length + wsConsumers.length;
+    }
 }
 exports.TryScopeRule = TryScopeRule;
 //# sourceMappingURL=TryScopeRule.js.map

package/dist/src/rules/error-handling/TryScopeRule.js.map

@@ -1 +1 @@
-{"version":3,"file":"TryScopeRule.js","sourceRoot":"","sources":["../../../../src/rules/error-handling/TryScopeRule.ts"],"names":[],"mappings":";;;AACA,+CAA4C;AAE5C;;;;;GAKG;AACH,MAAa,YAAa,SAAQ,mBAAQ;IACxC,EAAE,GAAG,SAAS,CAAC;IACf,IAAI,GAAG,yBAAyB,CAAC;IACjC,WAAW,GAAG,6DAA6D,CAAC;IAC5E,QAAQ,GAAG,MAAe,CAAC;IAC3B,QAAQ,GAAG,gBAAyB,CAAC;IACrC,SAAS,GAAc,KAAK,CAAC;IAE7B,QAAQ,CAAC,GAAa,EAAE,QAA2B;QACjD,MAAM,MAAM,GAAY,EAAE,CAAC;QAE3B,4CAA4C;QAC5C,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,0BAA0B,EAAE,GAAG,CAAC,CAAC;QAE3D,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,WAAW,GAAG,IAAe,CAAC;YACpC,MAAM,QAAQ,GAAG,WAAW,CAAC,YAAY,CAAC,MAAM,CAAC,IAAI,SAAS,CAAC;YAE/D,oDAAoD;YACpD,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAC9B,gEAAgE,EAChE,IAAI,CACL,CAAC;YACF,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAC9B,6FAA6F,EAC7F,IAAI,CACL,CAAC;YACF,MAAM,aAAa,GAAG,CAAC,GAAG,YAAY,EAAE,GAAG,YAAY,CAAC,CAAC;YAEzD,4BAA4B;YAC5B,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,0BAA0B,EAAE,IAAI,CAAC,CAAC;YAEhE,8CAA8C;YAC9C,IAAI,aAAa,CAAC,MAAM,IAAI,CAAC,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACxD,MAAM,CAAC,IAAI,CACT,IAAI,CAAC,WAAW,CACd,IAAI,EACJ,SAAS,QAAQ,SAAS,aAAa,CAAC,MAAM,6CAA6C,EAC3F;oBACE,UAAU,EACR,8EAA8E;iBACjF,CACF,CACF,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;CACF;AAjDD,oCAiDC"}
+{"version":3,"file":"TryScopeRule.js","sourceRoot":"","sources":["../../../../src/rules/error-handling/TryScopeRule.ts"],"names":[],"mappings":";;;AACA,+CAA4C;AAE5C;;;;;;;;;GASG;AACH,MAAa,YAAa,SAAQ,mBAAQ;IACxC,EAAE,GAAG,SAAS,CAAC;IACf,IAAI,GAAG,yBAAyB,CAAC;IACjC,WAAW,GAAG,6DAA6D,CAAC;IAC5E,QAAQ,GAAG,MAAe,CAAC;IAC3B,QAAQ,GAAG,gBAAyB,CAAC;IACrC,SAAS,GAAc,KAAK,CAAC;IAE7B,QAAQ,CAAC,GAAa,EAAE,QAA2B;QACjD,MAAM,MAAM,GAAY,EAAE,CAAC;QAE3B,iDAAiD;QACjD,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,GAAG,CAAC,CAAC;QAC9C,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,GAAG,CAAC,CAAC;QAErD,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,WAAW,GAAG,IAAe,CAAC;YACpC,MAAM,QAAQ,GAAG,WAAW,CAAC,YAAY,CAAC,MAAM,CAAC,IAAI,SAAS,CAAC;YAE/D,oDAAoD;YACpD,MAAM,QAAQ,GAAG,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC;YAEjD,4BAA4B;YAC5B,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,0BAA0B,EAAE,IAAI,CAAC,CAAC;YAEhE,8CAA8C;YAC9C,IAAI,QAAQ,IAAI,CAAC,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC5C,MAAM,CAAC,IAAI,CACT,IAAI,CAAC,WAAW,CACd,IAAI,EACJ,SAAS,QAAQ,SAAS,MAAM,CAAC,QAAQ,CAAC,6CAA6C,EACvF;oBACE,UAAU,EACR,8EAA8E;iBACjF,CACF,CACF,CAAC;YACJ,CAAC;QACH,CAAC;QAED,wDAAwD;QACxD,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,MAAM,cAAc,GAAG,OAAkB,CAAC;YAC1C,MAAM,WAAW,GAAG,cAAc,CAAC,YAAY,CAAC,MAAM,CAAC,IAAI,SAAS,CAAC;YAErE,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAC9B,6FAA6F,EAC7F,OAAO,CACR,CAAC;YAEF,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC5B,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,0BAA0B,EAAE,OAAO,CAAC,CAAC;gBACnE,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBAC3B,MAAM,CAAC,IAAI,CACT,IAAI,CAAC,WAAW,CACd,OAAO,EACP,aAAa,WAAW,kFAAkF,EAC1G;wBACE,UAAU,EACR,sFAAsF;qBACzF,CACF,CACF,CAAC;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,oBAAoB,CAAC,IAAU;QACrC,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CACvB,gEAAgE,EAChE,IAAI,CACL,CAAC;QACF,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAC1B,6FAA6F,EAC7F,IAAI,CACL,CAAC;QACF,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAC7B,4FAA4F,EAC5F,IAAI,CACL,CAAC;QACF,OAAO,KAAK,CAAC,MAAM,GAAG,QAAQ,CAAC,MAAM,GAAG,WAAW,CAAC,MAAM,CAAC;IAC7D,CAAC;CACF;AArFD,oCAqFC"}

package/dist/src/rules/http/ConnectionIdleTimeoutRule.d.ts

@@ -0,0 +1,27 @@
+import { ValidationContext, Issue } from '../../types';
+import { BaseRule } from '../base/BaseRule';
+/**
+ * HTTP-004: Connection Idle Timeout
+ *
+ * HTTP request-connection elements should configure an idle timeout
+ * to prevent stale connections from accumulating in the pool.
+ * Without idle timeout, connections may linger and consume resources
+ * even when not actively in use.
+ *
+ * Accelerator pattern:
+ *   <http:request-connection>
+ *     <http:client-socket-properties>
+ *       <sockets:tcp-client-socket-properties connectionTimeout="10000"
+ *                                              clientTimeout="30000"/>
+ *     </http:client-socket-properties>
+ *   </http:request-connection>
+ */
+export declare class ConnectionIdleTimeoutRule extends BaseRule {
+    id: string;
+    name: string;
+    description: string;
+    severity: "info";
+    category: "http";
+    validate(doc: Document, _context: ValidationContext): Issue[];
+}
+//# sourceMappingURL=ConnectionIdleTimeoutRule.d.ts.map

package/dist/src/rules/http/ConnectionIdleTimeoutRule.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ConnectionIdleTimeoutRule.d.ts","sourceRoot":"","sources":["../../../../src/rules/http/ConnectionIdleTimeoutRule.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AACvD,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C;;;;;;;;;;;;;;;GAeG;AACH,qBAAa,yBAA0B,SAAQ,QAAQ;IACrD,EAAE,SAAc;IAChB,IAAI,SAA6B;IACjC,WAAW,SACkF;IAC7F,QAAQ,EAAG,MAAM,CAAU;IAC3B,QAAQ,EAAG,MAAM,CAAU;IAE3B,QAAQ,CAAC,GAAG,EAAE,QAAQ,EAAE,QAAQ,EAAE,iBAAiB,GAAG,KAAK,EAAE;CAiC9D"}

package/dist/src/rules/http/ConnectionIdleTimeoutRule.js

@@ -0,0 +1,46 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ConnectionIdleTimeoutRule = void 0;
+const BaseRule_1 = require("../base/BaseRule");
+/**
+ * HTTP-004: Connection Idle Timeout
+ *
+ * HTTP request-connection elements should configure an idle timeout
+ * to prevent stale connections from accumulating in the pool.
+ * Without idle timeout, connections may linger and consume resources
+ * even when not actively in use.
+ *
+ * Accelerator pattern:
+ *   <http:request-connection>
+ *     <http:client-socket-properties>
+ *       <sockets:tcp-client-socket-properties connectionTimeout="10000"
+ *                                              clientTimeout="30000"/>
+ *     </http:client-socket-properties>
+ *   </http:request-connection>
+ */
+class ConnectionIdleTimeoutRule extends BaseRule_1.BaseRule {
+    id = 'HTTP-004';
+    name = 'Connection Idle Timeout';
+    description = 'HTTP request configs should configure connection/idle timeouts to prevent resource leaks';
+    severity = 'info';
+    category = 'http';
+    validate(doc, _context) {
+        const issues = [];
+        // Find HTTP request-config elements
+        const requestConfigs = this.select('//*[local-name()="request-config"]', doc);
+        for (const config of requestConfigs) {
+            const configName = this.getNameAttribute(config) ?? 'HTTP Request Config';
+            // Check for useSendBuffer, connectionIdleTimeout, or socket properties
+            const hasIdleTimeout = this.getAttribute(config, 'connectionIdleTimeout') !== null;
+            const hasSocketProps = this.exists('.//*[local-name()="tcp-client-socket-properties" or local-name()="client-socket-properties"]', config);
+            if (!hasIdleTimeout && !hasSocketProps) {
+                issues.push(this.createIssue(config, `HTTP request config "${configName}" has no connection idle timeout or socket properties configured`, {
+                    suggestion: 'Add connectionIdleTimeout="30000" on the config, or configure <http:client-socket-properties> with tcp-client-socket-properties for fine-grained control',
+                }));
+            }
+        }
+        return issues;
+    }
+}
+exports.ConnectionIdleTimeoutRule = ConnectionIdleTimeoutRule;
+//# sourceMappingURL=ConnectionIdleTimeoutRule.js.map

package/dist/src/rules/http/ConnectionIdleTimeoutRule.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ConnectionIdleTimeoutRule.js","sourceRoot":"","sources":["../../../../src/rules/http/ConnectionIdleTimeoutRule.ts"],"names":[],"mappings":";;;AACA,+CAA4C;AAE5C;;;;;;;;;;;;;;;GAeG;AACH,MAAa,yBAA0B,SAAQ,mBAAQ;IACrD,EAAE,GAAG,UAAU,CAAC;IAChB,IAAI,GAAG,yBAAyB,CAAC;IACjC,WAAW,GACT,0FAA0F,CAAC;IAC7F,QAAQ,GAAG,MAAe,CAAC;IAC3B,QAAQ,GAAG,MAAe,CAAC;IAE3B,QAAQ,CAAC,GAAa,EAAE,QAA2B;QACjD,MAAM,MAAM,GAAY,EAAE,CAAC;QAE3B,oCAAoC;QACpC,MAAM,cAAc,GAAG,IAAI,CAAC,MAAM,CAAC,oCAAoC,EAAE,GAAG,CAAC,CAAC;QAE9E,KAAK,MAAM,MAAM,IAAI,cAAc,EAAE,CAAC;YACpC,MAAM,UAAU,GAAG,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,IAAI,qBAAqB,CAAC;YAE1E,uEAAuE;YACvE,MAAM,cAAc,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,uBAAuB,CAAC,KAAK,IAAI,CAAC;YAEnF,MAAM,cAAc,GAAG,IAAI,CAAC,MAAM,CAChC,8FAA8F,EAC9F,MAAM,CACP,CAAC;YAEF,IAAI,CAAC,cAAc,IAAI,CAAC,cAAc,EAAE,CAAC;gBACvC,MAAM,CAAC,IAAI,CACT,IAAI,CAAC,WAAW,CACd,MAAM,EACN,wBAAwB,UAAU,kEAAkE,EACpG;oBACE,UAAU,EACR,0JAA0J;iBAC7J,CACF,CACF,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;CACF;AAzCD,8DAyCC"}

package/dist/src/rules/http/HttpContentTypeRule.d.ts

@@ -4,6 +4,25 @@ import { BaseRule } from '../base/BaseRule';
  * MULE-402: HTTP Request Content-Type
  *
  * POST/PUT HTTP requests should include Content-Type header.
+ *
+ * The rule detects Content-Type in three patterns:
+ *
+ * Pattern A — Static <http:header> element:
+ *   <http:headers>
+ *     <http:header headerName="Content-Type" value="application/json"/>
+ *   </http:headers>
+ *
+ * Pattern B — CDATA DataWeave expression block:
+ *   <http:headers><![CDATA[#[output application/java --- {"Content-Type": "application/json"}]]]></http:headers>
+ *
+ * Pattern C — Inline DataWeave expression on value attribute:
+ *   <http:headers value='#[{"Content-Type": "application/json"}]'/>
+ *
+ * When headers are set via DataWeave (patterns B/C), the rule performs a
+ * case-insensitive text search for "content-type" within the expression body.
+ * If a DataWeave expression is present but does not contain "content-type",
+ * the issue is downgraded to 'info' severity to acknowledge the static analysis
+ * limitation of evaluating dynamic expressions.
  */
 export declare class HttpContentTypeRule extends BaseRule {
     id: string;
@@ -12,6 +31,14 @@ export declare class HttpContentTypeRule extends BaseRule {
     severity: "warning";
     category: "http";
     validate(doc: Document, _context: ValidationContext): Issue[];
-    private hasContentTypeHeader;
+    /**
+     * Check whether a Content-Type header is present on the given http:request element.
+     *
+     * @returns
+     *   'present'            — Content-Type definitively found
+     *   'dynamic-unverified' — headers set via DW expression but Content-Type not visible
+     *   'missing'            — no headers element or no Content-Type anywhere
+     */
+    private checkContentTypeHeader;
 }
 //# sourceMappingURL=HttpContentTypeRule.d.ts.map

package/dist/src/rules/http/HttpContentTypeRule.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"HttpContentTypeRule.d.ts","sourceRoot":"","sources":["../../../../src/rules/http/HttpContentTypeRule.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AACvD,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C;;;;GAIG;AACH,qBAAa,mBAAoB,SAAQ,QAAQ;IAC/C,EAAE,SAAc;IAChB,IAAI,SAA+B;IACnC,WAAW,SAA+D;IAC1E,QAAQ,EAAG,SAAS,CAAU;IAC9B,QAAQ,EAAG,MAAM,CAAU;IAE3B,QAAQ,CAAC,GAAG,EAAE,QAAQ,EAAE,QAAQ,EAAE,iBAAiB,GAAG,KAAK,EAAE;IAqC7D,OAAO,CAAC,oBAAoB;CAU7B"}
+{"version":3,"file":"HttpContentTypeRule.d.ts","sourceRoot":"","sources":["../../../../src/rules/http/HttpContentTypeRule.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AACvD,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,qBAAa,mBAAoB,SAAQ,QAAQ;IAC/C,EAAE,SAAc;IAChB,IAAI,SAA+B;IACnC,WAAW,SAA+D;IAC1E,QAAQ,EAAG,SAAS,CAAU;IAC9B,QAAQ,EAAG,MAAM,CAAU;IAE3B,QAAQ,CAAC,GAAG,EAAE,QAAQ,EAAE,QAAQ,EAAE,iBAAiB,GAAG,KAAK,EAAE;IAqD7D;;;;;;;OAOG;IACH,OAAO,CAAC,sBAAsB;CAuC/B"}

package/dist/src/rules/http/HttpContentTypeRule.js

@@ -6,6 +6,25 @@ const BaseRule_1 = require("../base/BaseRule");
  * MULE-402: HTTP Request Content-Type
  *
  * POST/PUT HTTP requests should include Content-Type header.
+ *
+ * The rule detects Content-Type in three patterns:
+ *
+ * Pattern A — Static <http:header> element:
+ *   <http:headers>
+ *     <http:header headerName="Content-Type" value="application/json"/>
+ *   </http:headers>
+ *
+ * Pattern B — CDATA DataWeave expression block:
+ *   <http:headers><![CDATA[#[output application/java --- {"Content-Type": "application/json"}]]]></http:headers>
+ *
+ * Pattern C — Inline DataWeave expression on value attribute:
+ *   <http:headers value='#[{"Content-Type": "application/json"}]'/>
+ *
+ * When headers are set via DataWeave (patterns B/C), the rule performs a
+ * case-insensitive text search for "content-type" within the expression body.
+ * If a DataWeave expression is present but does not contain "content-type",
+ * the issue is downgraded to 'info' severity to acknowledge the static analysis
+ * limitation of evaluating dynamic expressions.
  */
 class HttpContentTypeRule extends BaseRule_1.BaseRule {
     id = 'MULE-402';
@@ -25,26 +44,68 @@ class HttpContentTypeRule extends BaseRule_1.BaseRule {
             const method = this.getAttribute(request, 'method')?.toUpperCase();
             // Only check POST and PUT methods
             if (method === 'POST' || method === 'PUT') {
-                const hasContentType = this.hasContentTypeHeader(request);
-                if (!hasContentType) {
+                const result = this.checkContentTypeHeader(request);
+                if (result === 'missing') {
                     const docName = this.getDocName(request) ?? 'HTTP Request';
                     issues.push(this.createIssue(request, `${method} request "${docName}" is missing Content-Type header`, {
                         suggestion: 'Add header: <http:header headerName="Content-Type" value="application/json"/>',
                     }));
                 }
+                else if (result === 'dynamic-unverified') {
+                    // Headers are set via a DataWeave expression but we cannot statically
+                    // verify that Content-Type is included. Downgrade to info.
+                    const docName = this.getDocName(request) ?? 'HTTP Request';
+                    issues.push(this.createIssue(request, `${method} request "${docName}" sets headers via DataWeave expression — verify Content-Type is included`, {
+                        severity: 'info',
+                        suggestion: 'Ensure the DataWeave expression includes {"Content-Type": "application/json"} or equivalent',
+                    }));
+                }
+                // 'present' → no issue
             }
         }
         return issues;
     }
-    hasContentTypeHeader(request) {
-        const headers = this.select('.//*[local-name()="header"]', request);
-        for (const header of headers) {
+    /**
+     * Check whether a Content-Type header is present on the given http:request element.
+     *
+     * @returns
+     *   'present'            — Content-Type definitively found
+     *   'dynamic-unverified' — headers set via DW expression but Content-Type not visible
+     *   'missing'            — no headers element or no Content-Type anywhere
+     */
+    checkContentTypeHeader(request) {
+        // Pattern A: Static <http:header headerName="Content-Type" ...>
+        const staticHeaders = this.select('.//*[local-name()="header"]', request);
+        for (const header of staticHeaders) {
             const headerName = this.getAttribute(header, 'headerName') ?? '';
             if (headerName.toLowerCase() === 'content-type') {
-                return true;
+                return 'present';
+            }
+        }
+        // Patterns B & C: Check <http:headers> element for DataWeave expression content
+        const headersElements = this.select('.//*[local-name()="headers"]', request);
+        let hasDynamicHeaders = false;
+        for (const headersEl of headersElements) {
+            const element = headersEl;
+            // Pattern C: value attribute containing a DataWeave expression
+            const valueAttr = element.getAttribute('value') ?? '';
+            if (valueAttr.includes('#[')) {
+                hasDynamicHeaders = true;
+                if (valueAttr.toLowerCase().includes('content-type')) {
+                    return 'present';
+                }
+            }
+            // Pattern B: CDATA block or text content inside <http:headers>
+            const textContent = headersEl.textContent ?? '';
+            if (textContent.trim().length > 0) {
+                // Any non-empty text content in <http:headers> is treated as a DW expression
+                hasDynamicHeaders = true;
+                if (textContent.toLowerCase().includes('content-type')) {
+                    return 'present';
+                }
             }
         }
-        return false;
+        return hasDynamicHeaders ? 'dynamic-unverified' : 'missing';
     }
 }
 exports.HttpContentTypeRule = HttpContentTypeRule;

package/dist/src/rules/http/HttpContentTypeRule.js.map

@@ -1 +1 @@
-{"version":3,"file":"HttpContentTypeRule.js","sourceRoot":"","sources":["../../../../src/rules/http/HttpContentTypeRule.ts"],"names":[],"mappings":";;;AACA,+CAA4C;AAE5C;;;;GAIG;AACH,MAAa,mBAAoB,SAAQ,mBAAQ;IAC/C,EAAE,GAAG,UAAU,CAAC;IAChB,IAAI,GAAG,2BAA2B,CAAC;IACnC,WAAW,GAAG,2DAA2D,CAAC;IAC1E,QAAQ,GAAG,SAAkB,CAAC;IAC9B,QAAQ,GAAG,MAAe,CAAC;IAE3B,QAAQ,CAAC,GAAa,EAAE,QAA2B;QACjD,MAAM,MAAM,GAAY,EAAE,CAAC;QAE3B,qBAAqB;QACrB,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,6BAA6B,EAAE,GAAG,CAAC,CAAC;QAErE,KAAK,MAAM,OAAO,IAAI,YAAY,EAAE,CAAC;YACnC,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;YAClC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;gBAClE,SAAS;YACX,CAAC;YAED,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,QAAQ,CAAC,EAAE,WAAW,EAAE,CAAC;YAEnE,kCAAkC;YAClC,IAAI,MAAM,KAAK,MAAM,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;gBAC1C,MAAM,cAAc,GAAG,IAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC;gBAE1D,IAAI,CAAC,cAAc,EAAE,CAAC;oBACpB,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,cAAc,CAAC;oBAC3D,MAAM,CAAC,IAAI,CACT,IAAI,CAAC,WAAW,CACd,OAAO,EACP,GAAG,MAAM,aAAa,OAAO,kCAAkC,EAC/D;wBACE,UAAU,EACR,+EAA+E;qBAClF,CACF,CACF,CAAC;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,oBAAoB,CAAC,OAAa;QACxC,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,6BAA6B,EAAE,OAAmB,CAAC,CAAC;QAChF,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,MAAM,UAAU,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,YAAY,CAAC,IAAI,EAAE,CAAC;YACjE,IAAI,UAAU,CAAC,WAAW,EAAE,KAAK,cAAc,EAAE,CAAC;gBAChD,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;CACF;AAtDD,kDAsDC"}
+{"version":3,"file":"HttpContentTypeRule.js","sourceRoot":"","sources":["../../../../src/rules/http/HttpContentTypeRule.ts"],"names":[],"mappings":";;;AACA,+CAA4C;AAE5C;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,MAAa,mBAAoB,SAAQ,mBAAQ;IAC/C,EAAE,GAAG,UAAU,CAAC;IAChB,IAAI,GAAG,2BAA2B,CAAC;IACnC,WAAW,GAAG,2DAA2D,CAAC;IAC1E,QAAQ,GAAG,SAAkB,CAAC;IAC9B,QAAQ,GAAG,MAAe,CAAC;IAE3B,QAAQ,CAAC,GAAa,EAAE,QAA2B;QACjD,MAAM,MAAM,GAAY,EAAE,CAAC;QAE3B,qBAAqB;QACrB,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,6BAA6B,EAAE,GAAG,CAAC,CAAC;QAErE,KAAK,MAAM,OAAO,IAAI,YAAY,EAAE,CAAC;YACnC,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;YAClC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;gBAClE,SAAS;YACX,CAAC;YAED,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,QAAQ,CAAC,EAAE,WAAW,EAAE,CAAC;YAEnE,kCAAkC;YAClC,IAAI,MAAM,KAAK,MAAM,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;gBAC1C,MAAM,MAAM,GAAG,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAAC;gBAEpD,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;oBACzB,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,cAAc,CAAC;oBAC3D,MAAM,CAAC,IAAI,CACT,IAAI,CAAC,WAAW,CACd,OAAO,EACP,GAAG,MAAM,aAAa,OAAO,kCAAkC,EAC/D;wBACE,UAAU,EACR,+EAA+E;qBAClF,CACF,CACF,CAAC;gBACJ,CAAC;qBAAM,IAAI,MAAM,KAAK,oBAAoB,EAAE,CAAC;oBAC3C,sEAAsE;oBACtE,2DAA2D;oBAC3D,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,cAAc,CAAC;oBAC3D,MAAM,CAAC,IAAI,CACT,IAAI,CAAC,WAAW,CACd,OAAO,EACP,GAAG,MAAM,aAAa,OAAO,2EAA2E,EACxG;wBACE,QAAQ,EAAE,MAAM;wBAChB,UAAU,EACR,6FAA6F;qBAChG,CACF,CACF,CAAC;gBACJ,CAAC;gBACD,uBAAuB;YACzB,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;;;;;;OAOG;IACK,sBAAsB,CAAC,OAAa;QAC1C,gEAAgE;QAChE,MAAM,aAAa,GAAG,IAAI,CAAC,MAAM,CAAC,6BAA6B,EAAE,OAAmB,CAAC,CAAC;QACtF,KAAK,MAAM,MAAM,IAAI,aAAa,EAAE,CAAC;YACnC,MAAM,UAAU,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,YAAY,CAAC,IAAI,EAAE,CAAC;YACjE,IAAI,UAAU,CAAC,WAAW,EAAE,KAAK,cAAc,EAAE,CAAC;gBAChD,OAAO,SAAS,CAAC;YACnB,CAAC;QACH,CAAC;QAED,gFAAgF;QAChF,MAAM,eAAe,GAAG,IAAI,CAAC,MAAM,CAAC,8BAA8B,EAAE,OAAmB,CAAC,CAAC;QACzF,IAAI,iBAAiB,GAAG,KAAK,CAAC;QAE9B,KAAK,MAAM,SAAS,IAAI,eAAe,EAAE,CAAC;YACxC,MAAM,OAAO,GAAG,SAAoB,CAAC;YAErC,+DAA+D;YAC/D,MAAM,SAAS,GAAG,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;YACtD,IAAI,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC7B,iBAAiB,GAAG,IAAI,CAAC;gBACzB,IAAI,SAAS,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;oBACrD,OAAO,SAAS,CAAC;gBACnB,CAAC;YACH,CAAC;YAED,+DAA+D;YAC/D,MAAM,WAAW,GAAG,SAAS,CAAC,WAAW,IAAI,EAAE,CAAC;YAChD,IAAI,WAAW,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAClC,6EAA6E;gBAC7E,iBAAiB,GAAG,IAAI,CAAC;gBACzB,IAAI,WAAW,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;oBACvD,OAAO,SAAS,CAAC;gBACnB,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,iBAAiB,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAC,SAAS,CAAC;IAC9D,CAAC;CACF;AA3GD,kDA2GC"}

package/dist/src/rules/index.d.ts

@@ -28,7 +28,7 @@ export { AsyncErrorHandlerRule } from './performance/AsyncErrorHandlerRule';
 export { LargeChoiceBlockRule } from './performance/LargeChoiceBlockRule';
 /**
  * All available rules - instantiated and ready to use
- * Total: 56 rules (including operations, resilience, and hygiene rules)
+ * Total: 82 rules (including operations, resilience, hygiene, API-led, connector, and code quality rules)
  */
 export declare const ALL_RULES: Rule[];
 /**

package/dist/src/rules/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/rules/index.ts"],"names":[],"mappings":"AACA,cAAc,iBAAiB,CAAC;AAChC,cAAc,oBAAoB,CAAC;AA4FnC,OAAO,EAAE,IAAI,EAAE,MAAM,UAAU,CAAC;AAGhC,OAAO,EAAE,sBAAsB,EAAE,MAAM,yCAAyC,CAAC;AACjF,OAAO,EAAE,uBAAuB,EAAE,MAAM,0CAA0C,CAAC;AACnF,OAAO,EAAE,cAAc,EAAE,MAAM,iCAAiC,CAAC;AACjE,OAAO,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AACvE,OAAO,EAAE,gBAAgB,EAAE,MAAM,mCAAmC,CAAC;AAGrE,OAAO,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AACzD,OAAO,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AACzD,OAAO,EAAE,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AAGjE,OAAO,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AACjE,OAAO,EAAE,wBAAwB,EAAE,MAAM,qCAAqC,CAAC;AAC/E,OAAO,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAG7D,OAAO,EAAE,kBAAkB,EAAE,MAAM,8BAA8B,CAAC;AAClE,OAAO,EAAE,iBAAiB,EAAE,MAAM,6BAA6B,CAAC;AAChE,OAAO,EAAE,2BAA2B,EAAE,MAAM,uCAAuC,CAAC;AAGpF,OAAO,EAAE,qBAAqB,EAAE,MAAM,mCAAmC,CAAC;AAC1E,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAC;AAChE,OAAO,EAAE,uBAAuB,EAAE,MAAM,qCAAqC,CAAC;AAG9E,OAAO,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAC7D,OAAO,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AACjE,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAGzD,OAAO,EAAE,mBAAmB,EAAE,MAAM,qCAAqC,CAAC;AAC1E,OAAO,EAAE,kBAAkB,EAAE,MAAM,oCAAoC,CAAC;AAGxE,OAAO,EAAE,uBAAuB,EAAE,MAAM,uCAAuC,CAAC;AAChF,OAAO,EAAE,qBAAqB,EAAE,MAAM,qCAAqC,CAAC;AAC5E,OAAO,EAAE,oBAAoB,EAAE,MAAM,oCAAoC,CAAC;AAE1E;;;GAGG;AACH,eAAO,MAAM,SAAS,EAAE,IAAI,EAoG3B,CAAC;AAEF;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI,EAAE,CAE3D;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,EAAE,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,CAExD;AAED;;GAEG;AACH,wBAAgB,aAAa,IAAI,MAAM,EAAE,CAExC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/rules/index.ts"],"names":[],"mappings":"AACA,cAAc,iBAAiB,CAAC;AAChC,cAAc,oBAAoB,CAAC;AAkHnC,OAAO,EAAE,IAAI,EAAE,MAAM,UAAU,CAAC;AAGhC,OAAO,EAAE,sBAAsB,EAAE,MAAM,yCAAyC,CAAC;AACjF,OAAO,EAAE,uBAAuB,EAAE,MAAM,0CAA0C,CAAC;AACnF,OAAO,EAAE,cAAc,EAAE,MAAM,iCAAiC,CAAC;AACjE,OAAO,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AACvE,OAAO,EAAE,gBAAgB,EAAE,MAAM,mCAAmC,CAAC;AAGrE,OAAO,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AACzD,OAAO,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AACzD,OAAO,EAAE,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AAGjE,OAAO,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AACjE,OAAO,EAAE,wBAAwB,EAAE,MAAM,qCAAqC,CAAC;AAC/E,OAAO,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAG7D,OAAO,EAAE,kBAAkB,EAAE,MAAM,8BAA8B,CAAC;AAClE,OAAO,EAAE,iBAAiB,EAAE,MAAM,6BAA6B,CAAC;AAChE,OAAO,EAAE,2BAA2B,EAAE,MAAM,uCAAuC,CAAC;AAGpF,OAAO,EAAE,qBAAqB,EAAE,MAAM,mCAAmC,CAAC;AAC1E,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAC;AAChE,OAAO,EAAE,uBAAuB,EAAE,MAAM,qCAAqC,CAAC;AAG9E,OAAO,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAC7D,OAAO,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AACjE,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAGzD,OAAO,EAAE,mBAAmB,EAAE,MAAM,qCAAqC,CAAC;AAC1E,OAAO,EAAE,kBAAkB,EAAE,MAAM,oCAAoC,CAAC;AAGxE,OAAO,EAAE,uBAAuB,EAAE,MAAM,uCAAuC,CAAC;AAChF,OAAO,EAAE,qBAAqB,EAAE,MAAM,qCAAqC,CAAC;AAC5E,OAAO,EAAE,oBAAoB,EAAE,MAAM,oCAAoC,CAAC;AAE1E;;;GAGG;AACH,eAAO,MAAM,SAAS,EAAE,IAAI,EA0H3B,CAAC;AAEF;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI,EAAE,CAE3D;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,EAAE,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,CAExD;AAED;;GAEG;AACH,wBAAgB,aAAa,IAAI,MAAM,EAAE,CAExC"}

package/dist/src/rules/index.js

@@ -28,6 +28,9 @@ const HttpStatusRule_1 = require("./error-handling/HttpStatusRule");
 const CorrelationIdRule_1 = require("./error-handling/CorrelationIdRule");
 const GenericErrorRule_1 = require("./error-handling/GenericErrorRule");
 const TryScopeRule_1 = require("./error-handling/TryScopeRule");
+const ErrorHandlerTypeCoverageRule_1 = require("./error-handling/ErrorHandlerTypeCoverageRule");
+const ErrorResponseStructureRule_1 = require("./error-handling/ErrorResponseStructureRule");
+const CatchAllLastRule_1 = require("./error-handling/CatchAllLastRule");
 // Import all rules - Naming
 const FlowNamingRule_1 = require("./naming/FlowNamingRule");
 const FlowCasingRule_1 = require("./naming/FlowCasingRule");
@@ -40,6 +43,10 @@ const TlsVersionRule_1 = require("./security/TlsVersionRule");
 const RateLimitingRule_1 = require("./security/RateLimitingRule");
 const InputValidationRule_1 = require("./security/InputValidationRule");
 const EncryptionKeyInLogsRule_1 = require("./security/EncryptionKeyInLogsRule");
+const ConnectorCredentialsSecuredRule_1 = require("./security/ConnectorCredentialsSecuredRule");
+const SecurePropertiesKeyRule_1 = require("./security/SecurePropertiesKeyRule");
+const TlsKeystorePasswordRule_1 = require("./security/TlsKeystorePasswordRule");
+const SecurePropertiesEncryptionRule_1 = require("./security/SecurePropertiesEncryptionRule");
 // Import all rules - Logging
 const LoggerCategoryRule_1 = require("./logging/LoggerCategoryRule");
 const LoggerPayloadRule_1 = require("./logging/LoggerPayloadRule");
@@ -54,10 +61,17 @@ const AutoDiscoveryRule_1 = require("./standards/AutoDiscoveryRule");
 const HttpPortPlaceholderRule_1 = require("./standards/HttpPortPlaceholderRule");
 const CronExternalizedRule_1 = require("./standards/CronExternalizedRule");
 const ApiKitValidationRule_1 = require("./standards/ApiKitValidationRule");
+const ConfigPropertiesOrderingRule_1 = require("./standards/ConfigPropertiesOrderingRule");
+const MissingEnvPropertiesDeclarationRule_1 = require("./standards/MissingEnvPropertiesDeclarationRule");
+const ApikitRouteVariableConsistencyRule_1 = require("./standards/ApikitRouteVariableConsistencyRule");
 // Import all rules - HTTP
 const HttpUserAgentRule_1 = require("./http/HttpUserAgentRule");
 const HttpContentTypeRule_1 = require("./http/HttpContentTypeRule");
 const HttpTimeoutRule_1 = require("./http/HttpTimeoutRule");
+const ConnectionIdleTimeoutRule_1 = require("./http/ConnectionIdleTimeoutRule");
+// Import all rules - Connector
+const ReplayChannelConfigRule_1 = require("./connector/ReplayChannelConfigRule");
+const EventListenerNullGuardRule_1 = require("./connector/EventListenerNullGuardRule");
 // Import all rules - Documentation
 const FlowDescriptionRule_1 = require("./documentation/FlowDescriptionRule");
 const MissingDocNameRule_1 = require("./documentation/MissingDocNameRule");
@@ -68,6 +82,7 @@ const AsyncErrorHandlerRule_1 = require("./performance/AsyncErrorHandlerRule");
 const LargeChoiceBlockRule_1 = require("./performance/LargeChoiceBlockRule");
 const ConnectionPoolingRule_1 = require("./performance/ConnectionPoolingRule");
 const ReconnectionStrategyRule_1 = require("./performance/ReconnectionStrategyRule");
+const ListenerReconnectForeverRule_1 = require("./performance/ListenerReconnectForeverRule");
 // Import all rules - Complexity
 const FlowComplexityRule_1 = require("./complexity/FlowComplexityRule");
 // Import all rules - YAML
@@ -77,14 +92,20 @@ const StructureRules_1 = require("./structure/StructureRules");
 // Import all rules - DataWeave
 const DataWeaveRules_1 = require("./dataweave/DataWeaveRules");
 const Java17DWErrorHandlingRule_1 = require("./dataweave/Java17DWErrorHandlingRule");
+const DuplicateTransformLogicRule_1 = require("./dataweave/DuplicateTransformLogicRule");
 // Import all rules - API-Led
 const ApiLedRules_1 = require("./api-led/ApiLedRules");
 const SingleSystemSapiRule_1 = require("./api-led/SingleSystemSapiRule");
+const ApikitMainFlowStructureRule_1 = require("./api-led/ApikitMainFlowStructureRule");
+const ApikitStatusCodeVariableRule_1 = require("./api-led/ApikitStatusCodeVariableRule");
+const ApikitConsoleProductionRule_1 = require("./api-led/ApikitConsoleProductionRule");
 // Import all rules - Experimental
 const ExperimentalRules_1 = require("./experimental/ExperimentalRules");
 // Import all rules - Operations & Hygiene
 const CommentedCodeRule_1 = require("./operations/CommentedCodeRule");
 const UnusedFlowRule_1 = require("./operations/UnusedFlowRule");
+const FlowRefTargetExistsRule_1 = require("./operations/FlowRefTargetExistsRule");
+const UnusedVariableRule_1 = require("./operations/UnusedVariableRule");
 // Import all rules - Governance
 const GovernanceRules_1 = require("./governance/GovernanceRules");
 // Export individual rules - Error Handling
@@ -147,7 +168,7 @@ var LargeChoiceBlockRule_2 = require("./performance/LargeChoiceBlockRule");
 Object.defineProperty(exports, "LargeChoiceBlockRule", { enumerable: true, get: function () { return LargeChoiceBlockRule_2.LargeChoiceBlockRule; } });
 /**
  * All available rules - instantiated and ready to use
- * Total: 56 rules (including operations, resilience, and hygiene rules)
+ * Total: 82 rules (including operations, resilience, hygiene, API-led, connector, and code quality rules)
  */
 exports.ALL_RULES = [
     // Error Handling Rules (MULE-001, 003, 005, 007, 009)
@@ -157,6 +178,9 @@ exports.ALL_RULES = [
     new CorrelationIdRule_1.CorrelationIdRule(),
     new GenericErrorRule_1.GenericErrorRule(),
     new TryScopeRule_1.TryScopeRule(), // ERR-001: Try Scope Best Practice
+    new ErrorHandlerTypeCoverageRule_1.ErrorHandlerTypeCoverageRule(), // ERR-002: APIKit Error Type Coverage
+    new ErrorResponseStructureRule_1.ErrorResponseStructureRule(), // ERR-003: Error Response Structure
+    new CatchAllLastRule_1.CatchAllLastRule(), // ERR-004: Catch-All Must Be Last
     // Naming Rules (MULE-002, 101, 102)
     new FlowNamingRule_1.FlowNamingRule(),
     new FlowCasingRule_1.FlowCasingRule(),
@@ -178,10 +202,11 @@ exports.ALL_RULES = [
     new ChoiceAntiPatternRule_1.ChoiceAntiPatternRule(),
     new DwlStandardsRule_1.DwlStandardsRule(),
     new DeprecatedComponentRule_1.DeprecatedComponentRule(),
-    // HTTP Rules (MULE-401, 402, 403)
+    // HTTP Rules (MULE-401, 402, 403, HTTP-004)
     new HttpUserAgentRule_1.HttpUserAgentRule(),
     new HttpContentTypeRule_1.HttpContentTypeRule(),
     new HttpTimeoutRule_1.HttpTimeoutRule(),
+    new ConnectionIdleTimeoutRule_1.ConnectionIdleTimeoutRule(), // HTTP-004: Connection Idle Timeout
     // Documentation Rules (MULE-601, 604)
     new FlowDescriptionRule_1.FlowDescriptionRule(),
     new MissingDocNameRule_1.MissingDocNameRule(),
@@ -200,37 +225,54 @@ exports.ALL_RULES = [
     new StructureRules_1.ProjectStructureRule(),
     new StructureRules_1.GlobalConfigRule(),
     new StructureRules_1.MonolithicXmlRule(),
-    // DataWeave Rules (DW-001, 002, 003, 004)
+    // DataWeave Rules (DW-001, 002, 003, 004, 005)
     new DataWeaveRules_1.ExternalDwlRule(),
     new DataWeaveRules_1.DwlNamingRule(),
     new DataWeaveRules_1.DwlModulesRule(),
     new Java17DWErrorHandlingRule_1.Java17DWErrorHandlingRule(),
-    // API-Led Rules (API-001, 002, 003, 004)
+    new DuplicateTransformLogicRule_1.DuplicateTransformLogicRule(), // DW-005: Duplicate Transform Logic
+    // API-Led Rules (API-001, 002, 003, 004, 006, 007, 008)
     new ApiLedRules_1.ExperienceLayerRule(),
     new ApiLedRules_1.ProcessLayerRule(),
     new ApiLedRules_1.SystemLayerRule(),
     new SingleSystemSapiRule_1.SingleSystemSapiRule(),
+    new ApikitMainFlowStructureRule_1.ApikitMainFlowStructureRule(), // API-006: APIKit Main Flow Structure
+    new ApikitStatusCodeVariableRule_1.ApikitStatusCodeVariableRule(), // API-007: APIKit Status Code Variable
+    new ApikitConsoleProductionRule_1.ApikitConsoleProductionRule(), // API-008: APIKit Console in Production
     // Experimental Rules (EXP-001, 002, 003)
     new ExperimentalRules_1.FlowRefDepthRule(),
     new ExperimentalRules_1.ConnectorConfigNamingRule(),
     new ExperimentalRules_1.MUnitCoverageRule(),
-    // Operations & Resilience Rules (RES-001, OPS-001, OPS-002, OPS-003)
+    // Operations & Resilience Rules (RES-001, RES-002, OPS-001, OPS-002, OPS-003)
     new ReconnectionStrategyRule_1.ReconnectionStrategyRule(),
+    new ListenerReconnectForeverRule_1.ListenerReconnectForeverRule(), // RES-002: Listener Reconnect-Forever
     new AutoDiscoveryRule_1.AutoDiscoveryRule(),
     new HttpPortPlaceholderRule_1.HttpPortPlaceholderRule(),
     new CronExternalizedRule_1.CronExternalizedRule(),
-    // Security Enhancement (SEC-006)
+    // Security Enhancement (SEC-006, SEC-007, SEC-008, SEC-009, SEC-010)
     new EncryptionKeyInLogsRule_1.EncryptionKeyInLogsRule(),
-    // Code Hygiene Rules (HYG-001, HYG-002, HYG-003)
+    new ConnectorCredentialsSecuredRule_1.ConnectorCredentialsSecuredRule(),
+    new SecurePropertiesKeyRule_1.SecurePropertiesKeyRule(),
+    new TlsKeystorePasswordRule_1.TlsKeystorePasswordRule(),
+    new SecurePropertiesEncryptionRule_1.SecurePropertiesEncryptionRule(),
+    // Code Hygiene Rules (HYG-001, HYG-002, HYG-003, HYG-004, HYG-005)
     new ExcessiveLoggersRule_1.ExcessiveLoggersRule(),
     new CommentedCodeRule_1.CommentedCodeRule(),
     new UnusedFlowRule_1.UnusedFlowRule(),
-    // Additional Standards (API-005, DOC-001)
+    new FlowRefTargetExistsRule_1.FlowRefTargetExistsRule(),
+    new UnusedVariableRule_1.UnusedVariableRule(), // HYG-005: Unused Variable
+    // Additional Standards (API-005, DOC-001, CFG-001, CFG-002, STD-001)
     new ApiKitValidationRule_1.ApiKitValidationRule(),
     new DisplayNameRule_1.DisplayNameRule(),
+    new ConfigPropertiesOrderingRule_1.ConfigPropertiesOrderingRule(), // CFG-001: Config Properties Ordering
+    new MissingEnvPropertiesDeclarationRule_1.MissingEnvPropertiesDeclarationRule(), // CFG-002: Missing Env Properties
+    new ApikitRouteVariableConsistencyRule_1.ApikitRouteVariableConsistencyRule(), // STD-001: APIKit Route Variable Consistency
     // Governance Rules (PROJ-001, PROJ-002)
     new GovernanceRules_1.PomValidationRule(),
     new GovernanceRules_1.GitHygieneRule(),
+    // Connector Rules (SF-001, SF-002)
+    new ReplayChannelConfigRule_1.ReplayChannelConfigRule(), // SF-001: Salesforce Replay Channel Config
+    new EventListenerNullGuardRule_1.EventListenerNullGuardRule(), // SF-002: Event Listener Null Guard
 ];
 /**
  * Get rules by category

package/dist/src/rules/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/rules/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AAsPA,gDAEC;AAKD,kCAEC;AAKD,sCAEC;AAtQD,oBAAoB;AACpB,kDAAgC;AAChC,qDAAmC;AAEnC,oCAAoC;AACpC,oFAAiF;AACjF,sFAAmF;AACnF,oEAAiE;AACjE,0EAAuE;AACvE,wEAAqE;AACrE,gEAA6D;AAE7D,4BAA4B;AAC5B,4DAAyD;AACzD,4DAAyD;AACzD,oEAAiE;AAEjE,8BAA8B;AAC9B,oEAAiE;AACjE,kFAA+E;AAC/E,gEAA6D;AAC7D,8DAA2D;AAC3D,kEAA+D;AAC/D,wEAAqE;AACrE,gFAA6E;AAE7E,6BAA6B;AAC7B,qEAAkE;AAClE,mEAAgE;AAChE,uFAAoF;AACpF,+DAA4F;AAC5F,yEAAsE;AAEtE,+BAA+B;AAC/B,6EAA0E;AAC1E,mEAAgE;AAChE,iFAA8E;AAC9E,qEAAkE;AAClE,iFAA8E;AAC9E,2EAAwE;AACxE,2EAAwE;AAExE,0BAA0B;AAC1B,gEAA6D;AAC7D,oEAAiE;AACjE,4DAAyD;AAEzD,mCAAmC;AACnC,6EAA0E;AAC1E,2EAAwE;AACxE,qEAAkE;AAElE,iCAAiC;AACjC,mFAAgF;AAChF,+EAA4E;AAC5E,6EAA0E;AAC1E,+EAA4E;AAC5E,qFAAkF;AAElF,gCAAgC;AAChC,wEAAqE;AAErE,0BAA0B;AAC1B,gDAAkG;AAElG,+BAA+B;AAC/B,+DAIoC;AAEpC,+BAA+B;AAC/B,+DAA4F;AAC5F,qFAAkF;AAElF,6BAA6B;AAC7B,uDAA+F;AAC/F,yEAAsE;AAEtE,kCAAkC;AAClC,wEAI0C;AAE1C,0CAA0C;AAC1C,sEAAmE;AACnE,gEAA6D;AAE7D,gCAAgC;AAChC,kEAAiF;AAIjF,2CAA2C;AAC3C,kFAAiF;AAAxE,gIAAA,sBAAsB,OAAA;AAC/B,oFAAmF;AAA1E,kIAAA,uBAAuB,OAAA;AAChC,kEAAiE;AAAxD,gHAAA,cAAc,OAAA;AACvB,wEAAuE;AAA9D,sHAAA,iBAAiB,OAAA;AAC1B,sEAAqE;AAA5D,oHAAA,gBAAgB,OAAA;AAEzB,mCAAmC;AACnC,0DAAyD;AAAhD,gHAAA,cAAc,OAAA;AACvB,0DAAyD;AAAhD,gHAAA,cAAc,OAAA;AACvB,kEAAiE;AAAxD,wHAAA,kBAAkB,OAAA;AAE3B,qCAAqC;AACrC,kEAAiE;AAAxD,sHAAA,iBAAiB,OAAA;AAC1B,gFAA+E;AAAtE,oIAAA,wBAAwB,OAAA;AACjC,8DAA6D;AAApD,kHAAA,eAAe,OAAA;AAExB,oCAAoC;AACpC,mEAAkE;AAAzD,wHAAA,kBAAkB,OAAA;AAC3B,iEAAgE;AAAvD,sHAAA,iBAAiB,OAAA;AAC1B,qFAAoF;AAA3E,0IAAA,2BAA2B,OAAA;AAEpC,sCAAsC;AACtC,2EAA0E;AAAjE,8HAAA,qBAAqB,OAAA;AAC9B,iEAAgE;AAAvD,oHAAA,gBAAgB,OAAA;AACzB,+EAA8E;AAArE,kIAAA,uBAAuB,OAAA;AAEhC,iCAAiC;AACjC,8DAA6D;AAApD,sHAAA,iBAAiB,OAAA;AAC1B,kEAAiE;AAAxD,0HAAA,mBAAmB,OAAA;AAC5B,0DAAyD;AAAhD,kHAAA,eAAe,OAAA;AAExB,0CAA0C;AAC1C,2EAA0E;AAAjE,0HAAA,mBAAmB,OAAA;AAC5B,yEAAwE;AAA/D,wHAAA,kBAAkB,OAAA;AAE3B,wCAAwC;AACxC,iFAAgF;AAAvE,kIAAA,uBAAuB,OAAA;AAChC,6EAA4E;AAAnE,8HAAA,qBAAqB,OAAA;AAC9B,2EAA0E;AAAjE,4HAAA,oBAAoB,OAAA;AAE7B;;;GAGG;AACU,QAAA,SAAS,GAAW;IAC/B,sDAAsD;IACtD,IAAI,+CAAsB,EAAE;IAC5B,IAAI,iDAAuB,EAAE;IAC7B,IAAI,+BAAc,EAAE;IACpB,IAAI,qCAAiB,EAAE;IACvB,IAAI,mCAAgB,EAAE;IACtB,IAAI,2BAAY,EAAE,EAAE,mCAAmC;IAEvD,oCAAoC;IACpC,IAAI,+BAAc,EAAE;IACpB,IAAI,+BAAc,EAAE;IACpB,IAAI,uCAAkB,EAAE;IAExB,sCAAsC;IACtC,IAAI,qCAAiB,EAAE;IACvB,IAAI,mDAAwB,EAAE;IAC9B,IAAI,iCAAe,EAAE;IACrB,IAAI,+BAAc,EAAE,EAAE,6BAA6B;IACnD,IAAI,mCAAgB,EAAE,EAAE,yBAAyB;IACjD,IAAI,yCAAmB,EAAE,EAAE,4BAA4B;IAEvD,qCAAqC;IACrC,IAAI,uCAAkB,EAAE;IACxB,IAAI,qCAAiB,EAAE;IACvB,IAAI,yDAA2B,EAAE;IACjC,IAAI,uCAAqB,EAAE,EAAE,8BAA8B;IAC3D,IAAI,0CAAwB,EAAE,EAAE,kCAAkC;IAElE,uCAAuC;IACvC,IAAI,6CAAqB,EAAE;IAC3B,IAAI,mCAAgB,EAAE;IACtB,IAAI,iDAAuB,EAAE;IAE7B,kCAAkC;IAClC,IAAI,qCAAiB,EAAE;IACvB,IAAI,yCAAmB,EAAE;IACzB,IAAI,iCAAe,EAAE;IAErB,sCAAsC;IACtC,IAAI,yCAAmB,EAAE;IACzB,IAAI,uCAAkB,EAAE;IAExB,yCAAyC;IACzC,IAAI,iDAAuB,EAAE;IAC7B,IAAI,6CAAqB,EAAE;IAC3B,IAAI,2CAAoB,EAAE;IAC1B,IAAI,6CAAqB,EAAE,EAAE,+BAA+B;IAE5D,8BAA8B;IAC9B,IAAI,uCAAkB,EAAE;IAExB,kCAAkC;IAClC,IAAI,gCAAoB,EAAE;IAC1B,IAAI,8BAAkB,EAAE;IACxB,IAAI,gCAAoB,EAAE;IAE1B,uCAAuC;IACvC,IAAI,qCAAoB,EAAE;IAC1B,IAAI,iCAAgB,EAAE;IACtB,IAAI,kCAAiB,EAAE;IAEvB,0CAA0C;IAC1C,IAAI,gCAAe,EAAE;IACrB,IAAI,8BAAa,EAAE;IACnB,IAAI,+BAAc,EAAE;IACpB,IAAI,qDAAyB,EAAE;IAE/B,yCAAyC;IACzC,IAAI,iCAAmB,EAAE;IACzB,IAAI,8BAAgB,EAAE;IACtB,IAAI,6BAAe,EAAE;IACrB,IAAI,2CAAoB,EAAE;IAE1B,yCAAyC;IACzC,IAAI,oCAAgB,EAAE;IACtB,IAAI,6CAAyB,EAAE;IAC/B,IAAI,qCAAiB,EAAE;IAEvB,qEAAqE;IACrE,IAAI,mDAAwB,EAAE;IAC9B,IAAI,qCAAiB,EAAE;IACvB,IAAI,iDAAuB,EAAE;IAC7B,IAAI,2CAAoB,EAAE;IAE1B,iCAAiC;IACjC,IAAI,iDAAuB,EAAE;IAE7B,iDAAiD;IACjD,IAAI,2CAAoB,EAAE;IAC1B,IAAI,qCAAiB,EAAE;IACvB,IAAI,+BAAc,EAAE;IAEpB,0CAA0C;IAC1C,IAAI,2CAAoB,EAAE;IAC1B,IAAI,iCAAe,EAAE;IAErB,wCAAwC;IACxC,IAAI,mCAAiB,EAAE;IACvB,IAAI,gCAAc,EAAE;CACrB,CAAC;AAEF;;GAEG;AACH,SAAgB,kBAAkB,CAAC,QAAgB;IACjD,OAAO,iBAAS,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;AAChE,CAAC;AAED;;GAEG;AACH,SAAgB,WAAW,CAAC,EAAU;IACpC,OAAO,iBAAS,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;AAClD,CAAC;AAED;;GAEG;AACH,SAAgB,aAAa;IAC3B,OAAO,iBAAS,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AAC1C,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/rules/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AAkSA,gDAEC;AAKD,kCAEC;AAKD,sCAEC;AAlTD,oBAAoB;AACpB,kDAAgC;AAChC,qDAAmC;AAEnC,oCAAoC;AACpC,oFAAiF;AACjF,sFAAmF;AACnF,oEAAiE;AACjE,0EAAuE;AACvE,wEAAqE;AACrE,gEAA6D;AAC7D,gGAA6F;AAC7F,4FAAyF;AACzF,wEAAqE;AAErE,4BAA4B;AAC5B,4DAAyD;AACzD,4DAAyD;AACzD,oEAAiE;AAEjE,8BAA8B;AAC9B,oEAAiE;AACjE,kFAA+E;AAC/E,gEAA6D;AAC7D,8DAA2D;AAC3D,kEAA+D;AAC/D,wEAAqE;AACrE,gFAA6E;AAC7E,gGAA6F;AAC7F,gFAA6E;AAC7E,gFAA6E;AAC7E,8FAA2F;AAE3F,6BAA6B;AAC7B,qEAAkE;AAClE,mEAAgE;AAChE,uFAAoF;AACpF,+DAA4F;AAC5F,yEAAsE;AAEtE,+BAA+B;AAC/B,6EAA0E;AAC1E,mEAAgE;AAChE,iFAA8E;AAC9E,qEAAkE;AAClE,iFAA8E;AAC9E,2EAAwE;AACxE,2EAAwE;AACxE,2FAAwF;AACxF,yGAAsG;AACtG,uGAAoG;AAEpG,0BAA0B;AAC1B,gEAA6D;AAC7D,oEAAiE;AACjE,4DAAyD;AACzD,gFAA6E;AAE7E,+BAA+B;AAC/B,iFAA8E;AAC9E,uFAAoF;AAEpF,mCAAmC;AACnC,6EAA0E;AAC1E,2EAAwE;AACxE,qEAAkE;AAElE,iCAAiC;AACjC,mFAAgF;AAChF,+EAA4E;AAC5E,6EAA0E;AAC1E,+EAA4E;AAC5E,qFAAkF;AAClF,6FAA0F;AAE1F,gCAAgC;AAChC,wEAAqE;AAErE,0BAA0B;AAC1B,gDAAkG;AAElG,+BAA+B;AAC/B,+DAIoC;AAEpC,+BAA+B;AAC/B,+DAA4F;AAC5F,qFAAkF;AAClF,yFAAsF;AAEtF,6BAA6B;AAC7B,uDAA+F;AAC/F,yEAAsE;AACtE,uFAAoF;AACpF,yFAAsF;AACtF,uFAAoF;AAEpF,kCAAkC;AAClC,wEAI0C;AAE1C,0CAA0C;AAC1C,sEAAmE;AACnE,gEAA6D;AAC7D,kFAA+E;AAC/E,wEAAqE;AAErE,gCAAgC;AAChC,kEAAiF;AAIjF,2CAA2C;AAC3C,kFAAiF;AAAxE,gIAAA,sBAAsB,OAAA;AAC/B,oFAAmF;AAA1E,kIAAA,uBAAuB,OAAA;AAChC,kEAAiE;AAAxD,gHAAA,cAAc,OAAA;AACvB,wEAAuE;AAA9D,sHAAA,iBAAiB,OAAA;AAC1B,sEAAqE;AAA5D,oHAAA,gBAAgB,OAAA;AAEzB,mCAAmC;AACnC,0DAAyD;AAAhD,gHAAA,cAAc,OAAA;AACvB,0DAAyD;AAAhD,gHAAA,cAAc,OAAA;AACvB,kEAAiE;AAAxD,wHAAA,kBAAkB,OAAA;AAE3B,qCAAqC;AACrC,kEAAiE;AAAxD,sHAAA,iBAAiB,OAAA;AAC1B,gFAA+E;AAAtE,oIAAA,wBAAwB,OAAA;AACjC,8DAA6D;AAApD,kHAAA,eAAe,OAAA;AAExB,oCAAoC;AACpC,mEAAkE;AAAzD,wHAAA,kBAAkB,OAAA;AAC3B,iEAAgE;AAAvD,sHAAA,iBAAiB,OAAA;AAC1B,qFAAoF;AAA3E,0IAAA,2BAA2B,OAAA;AAEpC,sCAAsC;AACtC,2EAA0E;AAAjE,8HAAA,qBAAqB,OAAA;AAC9B,iEAAgE;AAAvD,oHAAA,gBAAgB,OAAA;AACzB,+EAA8E;AAArE,kIAAA,uBAAuB,OAAA;AAEhC,iCAAiC;AACjC,8DAA6D;AAApD,sHAAA,iBAAiB,OAAA;AAC1B,kEAAiE;AAAxD,0HAAA,mBAAmB,OAAA;AAC5B,0DAAyD;AAAhD,kHAAA,eAAe,OAAA;AAExB,0CAA0C;AAC1C,2EAA0E;AAAjE,0HAAA,mBAAmB,OAAA;AAC5B,yEAAwE;AAA/D,wHAAA,kBAAkB,OAAA;AAE3B,wCAAwC;AACxC,iFAAgF;AAAvE,kIAAA,uBAAuB,OAAA;AAChC,6EAA4E;AAAnE,8HAAA,qBAAqB,OAAA;AAC9B,2EAA0E;AAAjE,4HAAA,oBAAoB,OAAA;AAE7B;;;GAGG;AACU,QAAA,SAAS,GAAW;IAC/B,sDAAsD;IACtD,IAAI,+CAAsB,EAAE;IAC5B,IAAI,iDAAuB,EAAE;IAC7B,IAAI,+BAAc,EAAE;IACpB,IAAI,qCAAiB,EAAE;IACvB,IAAI,mCAAgB,EAAE;IACtB,IAAI,2BAAY,EAAE,EAAE,mCAAmC;IACvD,IAAI,2DAA4B,EAAE,EAAE,sCAAsC;IAC1E,IAAI,uDAA0B,EAAE,EAAE,oCAAoC;IACtE,IAAI,mCAAgB,EAAE,EAAE,kCAAkC;IAE1D,oCAAoC;IACpC,IAAI,+BAAc,EAAE;IACpB,IAAI,+BAAc,EAAE;IACpB,IAAI,uCAAkB,EAAE;IAExB,sCAAsC;IACtC,IAAI,qCAAiB,EAAE;IACvB,IAAI,mDAAwB,EAAE;IAC9B,IAAI,iCAAe,EAAE;IACrB,IAAI,+BAAc,EAAE,EAAE,6BAA6B;IACnD,IAAI,mCAAgB,EAAE,EAAE,yBAAyB;IACjD,IAAI,yCAAmB,EAAE,EAAE,4BAA4B;IAEvD,qCAAqC;IACrC,IAAI,uCAAkB,EAAE;IACxB,IAAI,qCAAiB,EAAE;IACvB,IAAI,yDAA2B,EAAE;IACjC,IAAI,uCAAqB,EAAE,EAAE,8BAA8B;IAC3D,IAAI,0CAAwB,EAAE,EAAE,kCAAkC;IAElE,uCAAuC;IACvC,IAAI,6CAAqB,EAAE;IAC3B,IAAI,mCAAgB,EAAE;IACtB,IAAI,iDAAuB,EAAE;IAE7B,4CAA4C;IAC5C,IAAI,qCAAiB,EAAE;IACvB,IAAI,yCAAmB,EAAE;IACzB,IAAI,iCAAe,EAAE;IACrB,IAAI,qDAAyB,EAAE,EAAE,oCAAoC;IAErE,sCAAsC;IACtC,IAAI,yCAAmB,EAAE;IACzB,IAAI,uCAAkB,EAAE;IAExB,yCAAyC;IACzC,IAAI,iDAAuB,EAAE;IAC7B,IAAI,6CAAqB,EAAE;IAC3B,IAAI,2CAAoB,EAAE;IAC1B,IAAI,6CAAqB,EAAE,EAAE,+BAA+B;IAE5D,8BAA8B;IAC9B,IAAI,uCAAkB,EAAE;IAExB,kCAAkC;IAClC,IAAI,gCAAoB,EAAE;IAC1B,IAAI,8BAAkB,EAAE;IACxB,IAAI,gCAAoB,EAAE;IAE1B,uCAAuC;IACvC,IAAI,qCAAoB,EAAE;IAC1B,IAAI,iCAAgB,EAAE;IACtB,IAAI,kCAAiB,EAAE;IAEvB,+CAA+C;IAC/C,IAAI,gCAAe,EAAE;IACrB,IAAI,8BAAa,EAAE;IACnB,IAAI,+BAAc,EAAE;IACpB,IAAI,qDAAyB,EAAE;IAC/B,IAAI,yDAA2B,EAAE,EAAE,oCAAoC;IAEvE,wDAAwD;IACxD,IAAI,iCAAmB,EAAE;IACzB,IAAI,8BAAgB,EAAE;IACtB,IAAI,6BAAe,EAAE;IACrB,IAAI,2CAAoB,EAAE;IAC1B,IAAI,yDAA2B,EAAE,EAAE,sCAAsC;IACzE,IAAI,2DAA4B,EAAE,EAAE,uCAAuC;IAC3E,IAAI,yDAA2B,EAAE,EAAE,wCAAwC;IAE3E,yCAAyC;IACzC,IAAI,oCAAgB,EAAE;IACtB,IAAI,6CAAyB,EAAE;IAC/B,IAAI,qCAAiB,EAAE;IAEvB,8EAA8E;IAC9E,IAAI,mDAAwB,EAAE;IAC9B,IAAI,2DAA4B,EAAE,EAAE,sCAAsC;IAC1E,IAAI,qCAAiB,EAAE;IACvB,IAAI,iDAAuB,EAAE;IAC7B,IAAI,2CAAoB,EAAE;IAE1B,qEAAqE;IACrE,IAAI,iDAAuB,EAAE;IAC7B,IAAI,iEAA+B,EAAE;IACrC,IAAI,iDAAuB,EAAE;IAC7B,IAAI,iDAAuB,EAAE;IAC7B,IAAI,+DAA8B,EAAE;IAEpC,mEAAmE;IACnE,IAAI,2CAAoB,EAAE;IAC1B,IAAI,qCAAiB,EAAE;IACvB,IAAI,+BAAc,EAAE;IACpB,IAAI,iDAAuB,EAAE;IAC7B,IAAI,uCAAkB,EAAE,EAAE,2BAA2B;IAErD,qEAAqE;IACrE,IAAI,2CAAoB,EAAE;IAC1B,IAAI,iCAAe,EAAE;IACrB,IAAI,2DAA4B,EAAE,EAAE,sCAAsC;IAC1E,IAAI,yEAAmC,EAAE,EAAE,kCAAkC;IAC7E,IAAI,uEAAkC,EAAE,EAAE,6CAA6C;IAEvF,wCAAwC;IACxC,IAAI,mCAAiB,EAAE;IACvB,IAAI,gCAAc,EAAE;IAEpB,mCAAmC;IACnC,IAAI,iDAAuB,EAAE,EAAE,2CAA2C;IAC1E,IAAI,uDAA0B,EAAE,EAAE,oCAAoC;CACvE,CAAC;AAEF;;GAEG;AACH,SAAgB,kBAAkB,CAAC,QAAgB;IACjD,OAAO,iBAAS,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;AAChE,CAAC;AAED;;GAEG;AACH,SAAgB,WAAW,CAAC,EAAU;IACpC,OAAO,iBAAS,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;AAClD,CAAC;AAED;;GAEG;AACH,SAAgB,aAAa;IAC3B,OAAO,iBAAS,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AAC1C,CAAC"}

package/dist/src/rules/logging/LoggerPayloadRule.d.ts

@@ -4,6 +4,14 @@ import { BaseRule } from '../base/BaseRule';
  * MULE-301: Logger Payload Reference
  *
  * Loggers should not directly reference #[payload] for security/performance.
+ * This includes:
+ *   - Direct payload reference: #[payload]
+ *   - DataWeave write of full payload: write(payload, 'application/json')
+ *   - output application/json --- payload (full payload serialization)
+ *
+ * Logging the entire payload risks exposing PII/sensitive customer data
+ * (names, addresses, SSNs, credit cards) and can degrade performance for
+ * large payloads.
  */
 export declare class LoggerPayloadRule extends BaseRule {
     id: string;
@@ -13,5 +21,12 @@ export declare class LoggerPayloadRule extends BaseRule {
     category: "logging";
     validate(doc: Document, _context: ValidationContext): Issue[];
     private hasDirectPayloadReference;
+    /**
+     * Detect DataWeave patterns that serialize the full payload:
+     *   - write(payload, 'application/json')
+     *   - write(payload, "application/json")
+     *   - output application/json --- payload
+     */
+    private hasPayloadSerialization;
 }
 //# sourceMappingURL=LoggerPayloadRule.d.ts.map

package/dist/src/rules/logging/LoggerPayloadRule.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"LoggerPayloadRule.d.ts","sourceRoot":"","sources":["../../../../src/rules/logging/LoggerPayloadRule.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AACvD,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C;;;;GAIG;AACH,qBAAa,iBAAkB,SAAQ,QAAQ;IAC7C,EAAE,SAAc;IAChB,IAAI,SAA8B;IAClC,WAAW,SAAoD;IAC/D,QAAQ,EAAG,SAAS,CAAU;IAC9B,QAAQ,EAAG,SAAS,CAAU;IAE9B,QAAQ,CAAC,GAAG,EAAE,QAAQ,EAAE,QAAQ,EAAE,iBAAiB,GAAG,KAAK,EAAE;IA0B7D,OAAO,CAAC,yBAAyB;CAQlC"}
+{"version":3,"file":"LoggerPayloadRule.d.ts","sourceRoot":"","sources":["../../../../src/rules/logging/LoggerPayloadRule.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AACvD,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C;;;;;;;;;;;;GAYG;AACH,qBAAa,iBAAkB,SAAQ,QAAQ;IAC7C,EAAE,SAAc;IAChB,IAAI,SAA8B;IAClC,WAAW,SAAoD;IAC/D,QAAQ,EAAG,SAAS,CAAU;IAC9B,QAAQ,EAAG,SAAS,CAAU;IAE9B,QAAQ,CAAC,GAAG,EAAE,QAAQ,EAAE,QAAQ,EAAE,iBAAiB,GAAG,KAAK,EAAE;IAuD7D,OAAO,CAAC,yBAAyB;IAUjC;;;;;OAKG;IACH,OAAO,CAAC,uBAAuB;CAWhC"}