@sfdxy/mule-lint 1.20.0 → 1.21.0

package/dist/src/rules/operations/FlowRefTargetExistsRule.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"FlowRefTargetExistsRule.js","sourceRoot":"","sources":["../../../../src/rules/operations/FlowRefTargetExistsRule.ts"],"names":[],"mappings":";;;AACA,+CAA4C;AAE5C;;;;;;;;;;GAUG;AACH,MAAa,uBAAwB,SAAQ,mBAAQ;IACnD,EAAE,GAAG,SAAS,CAAC;IACf,IAAI,GAAG,wBAAwB,CAAC;IAChC,WAAW,GAAG,4DAA4D,CAAC;IAC3E,QAAQ,GAAG,OAAgB,CAAC;IAC5B,QAAQ,GAAG,YAAqB,CAAC;IACjC,SAAS,GAAc,KAAK,CAAC;IAE7B,QAAQ,CAAC,GAAa,EAAE,OAA0B;QAChD,MAAM,MAAM,GAAY,EAAE,CAAC;QAE3B,uDAAuD;QACvD,MAAM,cAAc,GAAG,IAAI,GAAG,EAAU,CAAC;QACzC,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,qDAAqD,EAAE,GAAG,CAAC,CAAC;QACtF,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,IAAI,GAAG,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC;YACzC,IAAI,IAAI,EAAE,CAAC;gBACT,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAC3B,CAAC;QACH,CAAC;QAED,qDAAqD;QACrD,MAAM,YAAY,GAAG,OAAO,CAAC,YAAY,IAAI,cAAc,CAAC;QAE5D,uBAAuB;QACvB,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,8BAA8B,EAAE,GAAG,CAAC,CAAC;QAClE,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;YAC3B,MAAM,UAAU,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC;YAC9C,IAAI,CAAC,UAAU,EAAE,CAAC;gBAChB,SAAS;YACX,CAAC;YAED,iDAAiD;YACjD,IAAI,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC3D,SAAS;YACX,CAAC;YAED,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;gBAClC,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,UAAU,CAAC;gBACnD,MAAM,CAAC,IAAI,CACT,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,aAAa,OAAO,gCAAgC,UAAU,GAAG,EAAE;oBACvF,UAAU,EACR,mGAAmG;iBACtG,CAAC,CACH,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;CACF;AAlDD,0DAkDC"}

package/dist/src/rules/operations/UnusedFlowRule.d.ts

@@ -9,6 +9,14 @@ import { BaseRule } from '../base/BaseRule';
  * (populated during the pre-scan phase), the rule checks across all project
  * files.  When scanning a standalone file (allFlowRefs is undefined), only
  * intra-file references are checked.
+ *
+ * The rule recognises several categories of "externally referenced" flows:
+ *   - APIKit-generated flows: verb:\path:config  (routed by apikit:router)
+ *   - Flows with external triggers: http:listener, scheduler, vm:listener,
+ *     salesforce:* listeners (replay-channel-listener, subscribe-channel-listener,
+ *     replay-topic-listener, subscribe-topic-listener, modified-object-listener,
+ *     new-object-listener)
+ *   - Common naming conventions: *-main, *-api, api-*, *-console, *-error-handler, global*
  */
 export declare class UnusedFlowRule extends BaseRule {
     id: string;
@@ -17,6 +25,18 @@ export declare class UnusedFlowRule extends BaseRule {
     severity: "warning";
     category: "standards";
     validate(doc: Document, context: ValidationContext): Issue[];
+    /**
+     * Check if a flow name matches the APIKit auto-generated naming convention.
+     * Pattern: verb:\path:config-name  (e.g. "get:\orders:api-config")
+     * Also matches with (type) suffix: "get:\orders:api-config(application\json)"
+     */
+    private isApikitFlow;
+    /**
+     * Check if a flow has an external trigger (a source component as the first
+     * processor). This covers HTTP listeners, schedulers, VM listeners,
+     * Salesforce connectors, and any other connector listener.
+     */
+    private hasExternalTrigger;
     private isExternallyReferenced;
 }
 //# sourceMappingURL=UnusedFlowRule.d.ts.map

package/dist/src/rules/operations/UnusedFlowRule.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"UnusedFlowRule.d.ts","sourceRoot":"","sources":["../../../../src/rules/operations/UnusedFlowRule.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AACvD,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C;;;;;;;;;GASG;AACH,qBAAa,cAAe,SAAQ,QAAQ;IAC1C,EAAE,SAAa;IACf,IAAI,SAA2B;IAC/B,WAAW,SAA6C;IACxD,QAAQ,EAAG,SAAS,CAAU;IAC9B,QAAQ,EAAG,WAAW,CAAU;IAEhC,QAAQ,CAAC,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,iBAAiB,GAAG,KAAK,EAAE;IA0E5D,OAAO,CAAC,sBAAsB;CAY/B"}
+{"version":3,"file":"UnusedFlowRule.d.ts","sourceRoot":"","sources":["../../../../src/rules/operations/UnusedFlowRule.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AACvD,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C;;;;;;;;;;;;;;;;;GAiBG;AACH,qBAAa,cAAe,SAAQ,QAAQ;IAC1C,EAAE,SAAa;IACf,IAAI,SAA2B;IAC/B,WAAW,SAA6C;IACxD,QAAQ,EAAG,SAAS,CAAU;IAC9B,QAAQ,EAAG,WAAW,CAAU;IAEhC,QAAQ,CAAC,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,iBAAiB,GAAG,KAAK,EAAE;IAwE5D;;;;OAIG;IACH,OAAO,CAAC,YAAY;IAKpB;;;;OAIG;IACH,OAAO,CAAC,kBAAkB;IAgD1B,OAAO,CAAC,sBAAsB;CAY/B"}

package/dist/src/rules/operations/UnusedFlowRule.js

@@ -11,6 +11,14 @@ const BaseRule_1 = require("../base/BaseRule");
  * (populated during the pre-scan phase), the rule checks across all project
  * files.  When scanning a standalone file (allFlowRefs is undefined), only
  * intra-file references are checked.
+ *
+ * The rule recognises several categories of "externally referenced" flows:
+ *   - APIKit-generated flows: verb:\path:config  (routed by apikit:router)
+ *   - Flows with external triggers: http:listener, scheduler, vm:listener,
+ *     salesforce:* listeners (replay-channel-listener, subscribe-channel-listener,
+ *     replay-topic-listener, subscribe-topic-listener, modified-object-listener,
+ *     new-object-listener)
+ *   - Common naming conventions: *-main, *-api, api-*, *-console, *-error-handler, global*
  */
 class UnusedFlowRule extends BaseRule_1.BaseRule {
     id = 'HYG-003';
@@ -54,18 +62,19 @@ class UnusedFlowRule extends BaseRule_1.BaseRule {
                 }
             }
         }
-        // Check private flows (not triggered by HTTP/scheduler)
+        // Check private flows (not triggered by HTTP/scheduler/connector listeners)
         for (const flow of flows) {
             const name = this.getNameAttribute(flow);
             if (!name) {
                 continue;
             }
-            // Skip if it has an external trigger
-            const hasHttpListener = this.exists('.//*[local-name()="listener"]', flow);
-            const hasScheduler = this.exists('.//*[local-name()="scheduler"]', flow);
-            const hasVmListener = this.exists('.//*[local-name()="listener" and contains(@config-ref, "vm")]', flow);
-            if (hasHttpListener || hasScheduler || hasVmListener) {
-                continue; // Entry point flow
+            // Skip APIKit-generated flows (verb:\path:config pattern)
+            if (this.isApikitFlow(name)) {
+                continue;
+            }
+            // Skip if it has an external trigger (listener / scheduler)
+            if (this.hasExternalTrigger(flow)) {
+                continue;
             }
             // Check if referenced
             if (!referencedFlows.has(name) && !this.isExternallyReferenced(name)) {
@@ -77,6 +86,63 @@ class UnusedFlowRule extends BaseRule_1.BaseRule {
         }
         return issues;
     }
+    /**
+     * Check if a flow name matches the APIKit auto-generated naming convention.
+     * Pattern: verb:\path:config-name  (e.g. "get:\orders:api-config")
+     * Also matches with (type) suffix: "get:\orders:api-config(application\json)"
+     */
+    isApikitFlow(name) {
+        // APIKit flow names contain backslash-separated segments starting with an HTTP verb
+        return /^(get|post|put|patch|delete|head|options|trace):\\.+:.+$/i.test(name);
+    }
+    /**
+     * Check if a flow has an external trigger (a source component as the first
+     * processor). This covers HTTP listeners, schedulers, VM listeners,
+     * Salesforce connectors, and any other connector listener.
+     */
+    hasExternalTrigger(flow) {
+        // http:listener or any namespace listener
+        const hasHttpListener = this.exists('.//*[local-name()="listener"]', flow);
+        if (hasHttpListener) {
+            return true;
+        }
+        // scheduler
+        const hasScheduler = this.exists('.//*[local-name()="scheduler"]', flow);
+        if (hasScheduler) {
+            return true;
+        }
+        // Salesforce-specific listeners (platform events, CDC, polling)
+        const sfListenerPatterns = [
+            'replay-channel-listener',
+            'subscribe-channel-listener',
+            'replay-topic-listener',
+            'subscribe-topic-listener',
+            'modified-object-listener',
+            'new-object-listener',
+        ];
+        for (const pattern of sfListenerPatterns) {
+            if (this.exists(`.//*[local-name()="${pattern}"]`, flow)) {
+                return true;
+            }
+        }
+        // JMS, AMQP, Anypoint MQ, File, FTP, SFTP, Email, DB polling listeners
+        const otherListenerPatterns = [
+            'subscriber', // jms:subscriber, amqp:subscriber
+            'consume', // anypoint-mq:subscriber is actually "subscriber" but some use "consume"
+            'on-new-file', // file:listener
+            'on-new-or-updated-file', // sftp/ftp
+            'listener-imap', // email
+            'listener-pop3', // email
+            'on-new-message', // anypoint-mq
+            'on-table-row', // db polling
+        ];
+        for (const pattern of otherListenerPatterns) {
+            if (this.exists(`.//*[local-name()="${pattern}"]`, flow)) {
+                return true;
+            }
+        }
+        return false;
+    }
     isExternallyReferenced(name) {
         // Common patterns that are typically referenced externally
         const externalPatterns = [

package/dist/src/rules/operations/UnusedFlowRule.js.map

@@ -1 +1 @@
-{"version":3,"file":"UnusedFlowRule.js","sourceRoot":"","sources":["../../../../src/rules/operations/UnusedFlowRule.ts"],"names":[],"mappings":";;;AACA,+CAA4C;AAE5C;;;;;;;;;GASG;AACH,MAAa,cAAe,SAAQ,mBAAQ;IAC1C,EAAE,GAAG,SAAS,CAAC;IACf,IAAI,GAAG,uBAAuB,CAAC;IAC/B,WAAW,GAAG,yCAAyC,CAAC;IACxD,QAAQ,GAAG,SAAkB,CAAC;IAC9B,QAAQ,GAAG,WAAoB,CAAC;IAEhC,QAAQ,CAAC,GAAa,EAAE,OAA0B;QAChD,MAAM,MAAM,GAAY,EAAE,CAAC;QAE3B,sCAAsC;QACtC,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,0BAA0B,EAAE,GAAG,CAAC,CAAC;QAC3D,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,8BAA8B,EAAE,GAAG,CAAC,CAAC;QAElE,0CAA0C;QAC1C,yEAAyE;QACzE,0DAA0D;QAC1D,IAAI,eAA4B,CAAC;QACjC,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;YACxB,eAAe,GAAG,OAAO,CAAC,WAAW,CAAC;QACxC,CAAC;aAAM,CAAC;YACN,oCAAoC;YACpC,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,8BAA8B,EAAE,GAAG,CAAC,CAAC;YAClE,eAAe,GAAG,IAAI,GAAG,EAAU,CAAC;YACpC,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;gBAC3B,MAAM,IAAI,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC;gBACxC,IAAI,IAAI,EAAE,CAAC;oBACT,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;gBAC5B,CAAC;YACH,CAAC;QACH,CAAC;QAED,qDAAqD;QACrD,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,MAAM,IAAI,GAAG,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;YAC5C,IAAI,IAAI,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvC,yDAAyD;gBACzD,IAAI,CAAC,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,EAAE,CAAC;oBACvC,MAAM,CAAC,IAAI,CACT,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,aAAa,IAAI,uBAAuB,EAAE;wBAClE,QAAQ,EAAE,MAAM;wBAChB,UAAU,EAAE,oEAAoE;qBACjF,CAAC,CACH,CAAC;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;QAED,wDAAwD;QACxD,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,IAAI,GAAG,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC;YACzC,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,SAAS;YACX,CAAC;YAED,qCAAqC;YACrC,MAAM,eAAe,GAAG,IAAI,CAAC,MAAM,CAAC,+BAA+B,EAAE,IAAI,CAAC,CAAC;YAC3E,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,gCAAgC,EAAE,IAAI,CAAC,CAAC;YACzE,MAAM,aAAa,GAAG,IAAI,CAAC,MAAM,CAC/B,+DAA+D,EAC/D,IAAI,CACL,CAAC;YAEF,IAAI,eAAe,IAAI,YAAY,IAAI,aAAa,EAAE,CAAC;gBACrD,SAAS,CAAC,mBAAmB;YAC/B,CAAC;YAED,sBAAsB;YACtB,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,EAAE,CAAC;gBACrE,MAAM,CAAC,IAAI,CACT,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,SAAS,IAAI,0CAA0C,EAAE;oBAC9E,QAAQ,EAAE,MAAM;oBAChB,UAAU,EAAE,qEAAqE;iBAClF,CAAC,CACH,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,sBAAsB,CAAC,IAAY;QACzC,2DAA2D;QAC3D,MAAM,gBAAgB,GAAG;YACvB,QAAQ;YACR,OAAO;YACP,OAAO;YACP,WAAW;YACX,iBAAiB;YACjB,SAAS;SACV,CAAC;QACF,OAAO,gBAAgB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IAChE,CAAC;CACF;AA7FD,wCA6FC"}
+{"version":3,"file":"UnusedFlowRule.js","sourceRoot":"","sources":["../../../../src/rules/operations/UnusedFlowRule.ts"],"names":[],"mappings":";;;AACA,+CAA4C;AAE5C;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAa,cAAe,SAAQ,mBAAQ;IAC1C,EAAE,GAAG,SAAS,CAAC;IACf,IAAI,GAAG,uBAAuB,CAAC;IAC/B,WAAW,GAAG,yCAAyC,CAAC;IACxD,QAAQ,GAAG,SAAkB,CAAC;IAC9B,QAAQ,GAAG,WAAoB,CAAC;IAEhC,QAAQ,CAAC,GAAa,EAAE,OAA0B;QAChD,MAAM,MAAM,GAAY,EAAE,CAAC;QAE3B,sCAAsC;QACtC,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,0BAA0B,EAAE,GAAG,CAAC,CAAC;QAC3D,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,8BAA8B,EAAE,GAAG,CAAC,CAAC;QAElE,0CAA0C;QAC1C,yEAAyE;QACzE,0DAA0D;QAC1D,IAAI,eAA4B,CAAC;QACjC,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;YACxB,eAAe,GAAG,OAAO,CAAC,WAAW,CAAC;QACxC,CAAC;aAAM,CAAC;YACN,oCAAoC;YACpC,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,8BAA8B,EAAE,GAAG,CAAC,CAAC;YAClE,eAAe,GAAG,IAAI,GAAG,EAAU,CAAC;YACpC,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;gBAC3B,MAAM,IAAI,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC;gBACxC,IAAI,IAAI,EAAE,CAAC;oBACT,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;gBAC5B,CAAC;YACH,CAAC;QACH,CAAC;QAED,qDAAqD;QACrD,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,MAAM,IAAI,GAAG,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;YAC5C,IAAI,IAAI,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvC,yDAAyD;gBACzD,IAAI,CAAC,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,EAAE,CAAC;oBACvC,MAAM,CAAC,IAAI,CACT,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,aAAa,IAAI,uBAAuB,EAAE;wBAClE,QAAQ,EAAE,MAAM;wBAChB,UAAU,EAAE,oEAAoE;qBACjF,CAAC,CACH,CAAC;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;QAED,4EAA4E;QAC5E,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,IAAI,GAAG,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC;YACzC,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,SAAS;YACX,CAAC;YAED,0DAA0D;YAC1D,IAAI,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC5B,SAAS;YACX,CAAC;YAED,4DAA4D;YAC5D,IAAI,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,EAAE,CAAC;gBAClC,SAAS;YACX,CAAC;YAED,sBAAsB;YACtB,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,EAAE,CAAC;gBACrE,MAAM,CAAC,IAAI,CACT,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,SAAS,IAAI,0CAA0C,EAAE;oBAC9E,QAAQ,EAAE,MAAM;oBAChB,UAAU,EAAE,qEAAqE;iBAClF,CAAC,CACH,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;;;OAIG;IACK,YAAY,CAAC,IAAY;QAC/B,oFAAoF;QACpF,OAAO,2DAA2D,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChF,CAAC;IAED;;;;OAIG;IACK,kBAAkB,CAAC,IAAU;QACnC,0CAA0C;QAC1C,MAAM,eAAe,GAAG,IAAI,CAAC,MAAM,CAAC,+BAA+B,EAAE,IAAI,CAAC,CAAC;QAC3E,IAAI,eAAe,EAAE,CAAC;YACpB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,YAAY;QACZ,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,gCAAgC,EAAE,IAAI,CAAC,CAAC;QACzE,IAAI,YAAY,EAAE,CAAC;YACjB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,gEAAgE;QAChE,MAAM,kBAAkB,GAAG;YACzB,yBAAyB;YACzB,4BAA4B;YAC5B,uBAAuB;YACvB,0BAA0B;YAC1B,0BAA0B;YAC1B,qBAAqB;SACtB,CAAC;QACF,KAAK,MAAM,OAAO,IAAI,kBAAkB,EAAE,CAAC;YACzC,IAAI,IAAI,CAAC,MAAM,CAAC,sBAAsB,OAAO,IAAI,EAAE,IAAI,CAAC,EAAE,CAAC;gBACzD,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QAED,uEAAuE;QACvE,MAAM,qBAAqB,GAAG;YAC5B,YAAY,EAAE,kCAAkC;YAChD,SAAS,EAAE,yEAAyE;YACpF,aAAa,EAAE,gBAAgB;YAC/B,wBAAwB,EAAE,WAAW;YACrC,eAAe,EAAE,QAAQ;YACzB,eAAe,EAAE,QAAQ;YACzB,gBAAgB,EAAE,cAAc;YAChC,cAAc,EAAE,aAAa;SAC9B,CAAC;QACF,KAAK,MAAM,OAAO,IAAI,qBAAqB,EAAE,CAAC;YAC5C,IAAI,IAAI,CAAC,MAAM,CAAC,sBAAsB,OAAO,IAAI,EAAE,IAAI,CAAC,EAAE,CAAC;gBACzD,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAEO,sBAAsB,CAAC,IAAY;QACzC,2DAA2D;QAC3D,MAAM,gBAAgB,GAAG;YACvB,QAAQ;YACR,OAAO;YACP,OAAO;YACP,WAAW;YACX,iBAAiB;YACjB,SAAS;SACV,CAAC;QACF,OAAO,gBAAgB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IAChE,CAAC;CACF;AA1JD,wCA0JC"}

package/dist/src/rules/operations/UnusedVariableRule.d.ts

@@ -0,0 +1,31 @@
+import { ValidationContext, Issue, IssueType } from '../../types';
+import { BaseRule } from '../base/BaseRule';
+/**
+ * HYG-005: Unused Variable
+ *
+ * Detects variables that are set in a flow but never referenced later
+ * in the same flow. This is a common code smell that indicates dead code
+ * or incomplete refactoring.
+ *
+ * Checks for set-variable elements whose variableName is not referenced
+ * by any subsequent expression in the same flow via `vars.variableName`
+ * or `#[vars.variableName]` patterns.
+ *
+ * Note: This is a best-effort heuristic — variables consumed outside the
+ * flow (via flow-ref caller, for example) cannot be detected.
+ */
+export declare class UnusedVariableRule extends BaseRule {
+    id: string;
+    name: string;
+    description: string;
+    severity: "info";
+    category: "operations";
+    issueType: IssueType;
+    /** Well-known variables that are always considered "used" (consumed by connectors/listeners) */
+    private readonly WELL_KNOWN_VARS;
+    validate(doc: Document, _context: ValidationContext): Issue[];
+    private serializeNode;
+    private collectTextContent;
+    private escapeRegex;
+}
+//# sourceMappingURL=UnusedVariableRule.d.ts.map

package/dist/src/rules/operations/UnusedVariableRule.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"UnusedVariableRule.d.ts","sourceRoot":"","sources":["../../../../src/rules/operations/UnusedVariableRule.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAClE,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C;;;;;;;;;;;;;GAaG;AACH,qBAAa,kBAAmB,SAAQ,QAAQ;IAC9C,EAAE,SAAa;IACf,IAAI,SAAqB;IACzB,WAAW,SAAuE;IAClF,QAAQ,EAAG,MAAM,CAAU;IAC3B,QAAQ,EAAG,YAAY,CAAU;IACjC,SAAS,EAAE,SAAS,CAAgB;IAEpC,gGAAgG;IAChG,OAAO,CAAC,QAAQ,CAAC,eAAe,CAK7B;IAEH,QAAQ,CAAC,GAAG,EAAE,QAAQ,EAAE,QAAQ,EAAE,iBAAiB,GAAG,KAAK,EAAE;IAuD7D,OAAO,CAAC,aAAa;IAOrB,OAAO,CAAC,kBAAkB;IAqB1B,OAAO,CAAC,WAAW;CAGpB"}

package/dist/src/rules/operations/UnusedVariableRule.js

@@ -0,0 +1,103 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.UnusedVariableRule = void 0;
+const BaseRule_1 = require("../base/BaseRule");
+/**
+ * HYG-005: Unused Variable
+ *
+ * Detects variables that are set in a flow but never referenced later
+ * in the same flow. This is a common code smell that indicates dead code
+ * or incomplete refactoring.
+ *
+ * Checks for set-variable elements whose variableName is not referenced
+ * by any subsequent expression in the same flow via `vars.variableName`
+ * or `#[vars.variableName]` patterns.
+ *
+ * Note: This is a best-effort heuristic — variables consumed outside the
+ * flow (via flow-ref caller, for example) cannot be detected.
+ */
+class UnusedVariableRule extends BaseRule_1.BaseRule {
+    id = 'HYG-005';
+    name = 'Unused Variable';
+    description = 'Variables set in a flow should be referenced within the same flow';
+    severity = 'info';
+    category = 'operations';
+    issueType = 'code-smell';
+    /** Well-known variables that are always considered "used" (consumed by connectors/listeners) */
+    WELL_KNOWN_VARS = new Set([
+        'httpStatus',
+        'outboundHeaders',
+        'statusCode',
+        'correlationId',
+    ]);
+    validate(doc, _context) {
+        const issues = [];
+        const flows = this.select('//mule:flow | //mule:sub-flow', doc);
+        for (const flow of flows) {
+            const flowName = this.getAttribute(flow, 'name') ?? '';
+            // Collect all set-variable declarations in this flow
+            const setVars = this.select('.//*[local-name()="set-variable"]', flow);
+            const variables = [];
+            for (const setVar of setVars) {
+                const varName = this.getAttribute(setVar, 'variableName');
+                if (varName && !this.WELL_KNOWN_VARS.has(varName)) {
+                    variables.push({ name: varName, node: setVar });
+                }
+            }
+            if (variables.length === 0) {
+                continue;
+            }
+            // Get the full text content of the flow to search for references
+            const flowText = this.serializeNode(flow);
+            for (const { name, node } of variables) {
+                // Check for common reference patterns:
+                // vars.name, vars['name'], vars["name"], vars.name
+                const patterns = [`vars.${name}`, `vars['${name}']`, `vars["${name}"]`, `#[vars.${name}]`];
+                const isReferenced = patterns.some((pattern) => {
+                    // Count occurrences — must appear beyond just the set-variable itself
+                    const regex = new RegExp(this.escapeRegex(pattern), 'g');
+                    const matches = flowText.match(regex);
+                    return matches !== null && matches.length > 0;
+                });
+                if (!isReferenced) {
+                    issues.push(this.createIssue(node, `Variable "${name}" is set in flow "${flowName}" but never referenced within the same flow`, {
+                        suggestion: `Remove the unused variable or verify it is consumed by a downstream flow via flow-ref`,
+                    }));
+                }
+            }
+        }
+        return issues;
+    }
+    serializeNode(node) {
+        // Get all text content and attribute values from the node subtree
+        const parts = [];
+        this.collectTextContent(node, parts);
+        return parts.join(' ');
+    }
+    collectTextContent(node, parts) {
+        if (node.nodeType === 3 /* TEXT_NODE */) {
+            parts.push(node.textContent ?? '');
+        }
+        else if (node.nodeType === 1 /* ELEMENT_NODE */) {
+            // Include attribute values (expressions live in attributes)
+            const element = node;
+            if (element.attributes) {
+                for (let i = 0; i < element.attributes.length; i++) {
+                    parts.push(element.attributes[i].value);
+                }
+            }
+            // Recurse into children
+            const children = node.childNodes;
+            if (children) {
+                for (let i = 0; i < children.length; i++) {
+                    this.collectTextContent(children[i], parts);
+                }
+            }
+        }
+    }
+    escapeRegex(str) {
+        return str.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+    }
+}
+exports.UnusedVariableRule = UnusedVariableRule;
+//# sourceMappingURL=UnusedVariableRule.js.map

package/dist/src/rules/operations/UnusedVariableRule.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"UnusedVariableRule.js","sourceRoot":"","sources":["../../../../src/rules/operations/UnusedVariableRule.ts"],"names":[],"mappings":";;;AACA,+CAA4C;AAE5C;;;;;;;;;;;;;GAaG;AACH,MAAa,kBAAmB,SAAQ,mBAAQ;IAC9C,EAAE,GAAG,SAAS,CAAC;IACf,IAAI,GAAG,iBAAiB,CAAC;IACzB,WAAW,GAAG,mEAAmE,CAAC;IAClF,QAAQ,GAAG,MAAe,CAAC;IAC3B,QAAQ,GAAG,YAAqB,CAAC;IACjC,SAAS,GAAc,YAAY,CAAC;IAEpC,gGAAgG;IAC/E,eAAe,GAAG,IAAI,GAAG,CAAC;QACzC,YAAY;QACZ,iBAAiB;QACjB,YAAY;QACZ,eAAe;KAChB,CAAC,CAAC;IAEH,QAAQ,CAAC,GAAa,EAAE,QAA2B;QACjD,MAAM,MAAM,GAAY,EAAE,CAAC;QAE3B,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,+BAA+B,EAAE,GAAG,CAAC,CAAC;QAEhE,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,QAAQ,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,EAAE,CAAC;YAEvD,qDAAqD;YACrD,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,mCAAmC,EAAE,IAAI,CAAC,CAAC;YACvE,MAAM,SAAS,GAAwC,EAAE,CAAC;YAE1D,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;gBAC7B,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;gBAC1D,IAAI,OAAO,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;oBAClD,SAAS,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAC;gBAClD,CAAC;YACH,CAAC;YAED,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC3B,SAAS;YACX,CAAC;YAED,iEAAiE;YACjE,MAAM,QAAQ,GAAG,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;YAE1C,KAAK,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,SAAS,EAAE,CAAC;gBACvC,uCAAuC;gBACvC,mDAAmD;gBACnD,MAAM,QAAQ,GAAG,CAAC,QAAQ,IAAI,EAAE,EAAE,SAAS,IAAI,IAAI,EAAE,SAAS,IAAI,IAAI,EAAE,UAAU,IAAI,GAAG,CAAC,CAAC;gBAE3F,MAAM,YAAY,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE;oBAC7C,sEAAsE;oBACtE,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,GAAG,CAAC,CAAC;oBACzD,MAAM,OAAO,GAAG,QAAQ,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;oBACtC,OAAO,OAAO,KAAK,IAAI,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC;gBAChD,CAAC,CAAC,CAAC;gBAEH,IAAI,CAAC,YAAY,EAAE,CAAC;oBAClB,MAAM,CAAC,IAAI,CACT,IAAI,CAAC,WAAW,CACd,IAAI,EACJ,aAAa,IAAI,qBAAqB,QAAQ,6CAA6C,EAC3F;wBACE,UAAU,EAAE,uFAAuF;qBACpG,CACF,CACF,CAAC;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,aAAa,CAAC,IAAU;QAC9B,kEAAkE;QAClE,MAAM,KAAK,GAAa,EAAE,CAAC;QAC3B,IAAI,CAAC,kBAAkB,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QACrC,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACzB,CAAC;IAEO,kBAAkB,CAAC,IAAU,EAAE,KAAe;QACpD,IAAI,IAAI,CAAC,QAAQ,KAAK,CAAC,CAAC,eAAe,EAAE,CAAC;YACxC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC;QACrC,CAAC;aAAM,IAAI,IAAI,CAAC,QAAQ,KAAK,CAAC,CAAC,kBAAkB,EAAE,CAAC;YAClD,4DAA4D;YAC5D,MAAM,OAAO,GAAG,IAA0B,CAAC;YAC3C,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;gBACvB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;oBACnD,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;gBAC1C,CAAC;YACH,CAAC;YACD,wBAAwB;YACxB,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC;YACjC,IAAI,QAAQ,EAAE,CAAC;gBACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;oBACzC,IAAI,CAAC,kBAAkB,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;gBAC9C,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAEO,WAAW,CAAC,GAAW;QAC7B,OAAO,GAAG,CAAC,OAAO,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC;IACpD,CAAC;CACF;AAtGD,gDAsGC"}

package/dist/src/rules/performance/ListenerReconnectForeverRule.d.ts

@@ -0,0 +1,28 @@
+import { ValidationContext, Issue } from '../../types';
+import { BaseRule } from '../base/BaseRule';
+/**
+ * RES-002: Listener Reconnect-Forever
+ *
+ * HTTP listener-config elements should use reconnect-forever rather than
+ * bounded reconnect strategies. Unlike outbound connectors where bounded
+ * retries make sense, the listener is the application's entry point — if
+ * it can't bind to the port, the app should keep trying indefinitely.
+ *
+ * Real-world accelerator pattern:
+ *   <http:listener-config>
+ *     <http:listener-connection host="0.0.0.0" port="${http.port}">
+ *       <reconnection>
+ *         <reconnect-forever frequency="5000" />
+ *       </reconnection>
+ *     </http:listener-connection>
+ *   </http:listener-config>
+ */
+export declare class ListenerReconnectForeverRule extends BaseRule {
+    id: string;
+    name: string;
+    description: string;
+    severity: "warning";
+    category: "performance";
+    validate(doc: Document, _context: ValidationContext): Issue[];
+}
+//# sourceMappingURL=ListenerReconnectForeverRule.d.ts.map

package/dist/src/rules/performance/ListenerReconnectForeverRule.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ListenerReconnectForeverRule.d.ts","sourceRoot":"","sources":["../../../../src/rules/performance/ListenerReconnectForeverRule.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AACvD,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C;;;;;;;;;;;;;;;;GAgBG;AACH,qBAAa,4BAA6B,SAAQ,QAAQ;IACxD,EAAE,SAAa;IACf,IAAI,SAAgC;IACpC,WAAW,SAAsE;IACjF,QAAQ,EAAG,SAAS,CAAU;IAC9B,QAAQ,EAAG,aAAa,CAAU;IAElC,QAAQ,CAAC,GAAG,EAAE,QAAQ,EAAE,QAAQ,EAAE,iBAAiB,GAAG,KAAK,EAAE;CA2C9D"}

package/dist/src/rules/performance/ListenerReconnectForeverRule.js

@@ -0,0 +1,56 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ListenerReconnectForeverRule = void 0;
+const BaseRule_1 = require("../base/BaseRule");
+/**
+ * RES-002: Listener Reconnect-Forever
+ *
+ * HTTP listener-config elements should use reconnect-forever rather than
+ * bounded reconnect strategies. Unlike outbound connectors where bounded
+ * retries make sense, the listener is the application's entry point — if
+ * it can't bind to the port, the app should keep trying indefinitely.
+ *
+ * Real-world accelerator pattern:
+ *   <http:listener-config>
+ *     <http:listener-connection host="0.0.0.0" port="${http.port}">
+ *       <reconnection>
+ *         <reconnect-forever frequency="5000" />
+ *       </reconnection>
+ *     </http:listener-connection>
+ *   </http:listener-config>
+ */
+class ListenerReconnectForeverRule extends BaseRule_1.BaseRule {
+    id = 'RES-002';
+    name = 'Listener Reconnect-Forever';
+    description = 'HTTP listener-config should use reconnect-forever for resilience';
+    severity = 'warning';
+    category = 'performance';
+    validate(doc, _context) {
+        const issues = [];
+        const listenerConfigs = this.select('//*[local-name()="listener-config"]', doc);
+        for (const config of listenerConfigs) {
+            const name = this.getNameAttribute(config) ?? 'HTTP Listener';
+            // Check if reconnect-forever exists anywhere inside the config
+            const hasReconnectForever = this.exists('.//*[local-name()="reconnect-forever"]', config);
+            if (hasReconnectForever) {
+                continue; // Good — has reconnect-forever
+            }
+            // Check if there's a bounded reconnect (which is suboptimal for listeners)
+            const hasBoundedReconnect = this.exists('.//*[local-name()="reconnect"]', config) ||
+                this.exists('.//*[local-name()="reconnection"]', config);
+            if (hasBoundedReconnect) {
+                issues.push(this.createIssue(config, `Listener config "${name}" uses bounded reconnect instead of reconnect-forever`, {
+                    suggestion: 'Replace <reconnect count="..." .../> with <reconnect-forever frequency="5000" /> for HTTP listeners — the app should keep trying to bind',
+                }));
+            }
+            else {
+                issues.push(this.createIssue(config, `Listener config "${name}" has no reconnection strategy`, {
+                    suggestion: 'Add <reconnection><reconnect-forever frequency="5000" /></reconnection> inside the listener-connection element',
+                }));
+            }
+        }
+        return issues;
+    }
+}
+exports.ListenerReconnectForeverRule = ListenerReconnectForeverRule;
+//# sourceMappingURL=ListenerReconnectForeverRule.js.map

package/dist/src/rules/performance/ListenerReconnectForeverRule.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ListenerReconnectForeverRule.js","sourceRoot":"","sources":["../../../../src/rules/performance/ListenerReconnectForeverRule.ts"],"names":[],"mappings":";;;AACA,+CAA4C;AAE5C;;;;;;;;;;;;;;;;GAgBG;AACH,MAAa,4BAA6B,SAAQ,mBAAQ;IACxD,EAAE,GAAG,SAAS,CAAC;IACf,IAAI,GAAG,4BAA4B,CAAC;IACpC,WAAW,GAAG,kEAAkE,CAAC;IACjF,QAAQ,GAAG,SAAkB,CAAC;IAC9B,QAAQ,GAAG,aAAsB,CAAC;IAElC,QAAQ,CAAC,GAAa,EAAE,QAA2B;QACjD,MAAM,MAAM,GAAY,EAAE,CAAC;QAE3B,MAAM,eAAe,GAAG,IAAI,CAAC,MAAM,CAAC,qCAAqC,EAAE,GAAG,CAAC,CAAC;QAEhF,KAAK,MAAM,MAAM,IAAI,eAAe,EAAE,CAAC;YACrC,MAAM,IAAI,GAAG,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,IAAI,eAAe,CAAC;YAE9D,+DAA+D;YAC/D,MAAM,mBAAmB,GAAG,IAAI,CAAC,MAAM,CAAC,wCAAwC,EAAE,MAAM,CAAC,CAAC;YAE1F,IAAI,mBAAmB,EAAE,CAAC;gBACxB,SAAS,CAAC,+BAA+B;YAC3C,CAAC;YAED,2EAA2E;YAC3E,MAAM,mBAAmB,GACvB,IAAI,CAAC,MAAM,CAAC,gCAAgC,EAAE,MAAM,CAAC;gBACrD,IAAI,CAAC,MAAM,CAAC,mCAAmC,EAAE,MAAM,CAAC,CAAC;YAE3D,IAAI,mBAAmB,EAAE,CAAC;gBACxB,MAAM,CAAC,IAAI,CACT,IAAI,CAAC,WAAW,CACd,MAAM,EACN,oBAAoB,IAAI,uDAAuD,EAC/E;oBACE,UAAU,EACR,0IAA0I;iBAC7I,CACF,CACF,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,MAAM,CAAC,IAAI,CACT,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,oBAAoB,IAAI,gCAAgC,EAAE;oBACjF,UAAU,EACR,gHAAgH;iBACnH,CAAC,CACH,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;CACF;AAlDD,oEAkDC"}

package/dist/src/rules/performance/ReconnectionStrategyRule.d.ts

@@ -5,12 +5,14 @@ import { BaseRule } from '../base/BaseRule';
  *
  * Connectors should have reconnection strategies configured for resilience.
  *
+ * Enhanced to differentiate listener vs request configs:
+ * - Listeners (inbound): recommend `reconnect-forever` (service must stay alive)
+ * - Requests (outbound): recommend bounded `reconnect count="3"` (fail fast for callers)
+ *
  * Per the Mule HTTP connector XSD, `<reconnection>` is a child element of
  * `<http:request-connection>`, NOT a direct child of `<http:request-config>`.
- * Placing `<reconnection>` directly under `<http:request-config>` causes a
- * SAXParseException at build time. The rule uses a descendant search (`.//*`)
- * to correctly resolve reconnection elements at any depth, including the valid
- * `http:request-config > http:request-connection > reconnection` nesting.
+ * The rule uses a descendant search (`.//*`) to correctly resolve reconnection
+ * elements at any depth.
  */
 export declare class ReconnectionStrategyRule extends BaseRule {
     id: string;
@@ -19,5 +21,6 @@ export declare class ReconnectionStrategyRule extends BaseRule {
     severity: "warning";
     category: "performance";
     validate(doc: Document, _context: ValidationContext): Issue[];
+    private hasAnyReconnection;
 }
 //# sourceMappingURL=ReconnectionStrategyRule.d.ts.map

package/dist/src/rules/performance/ReconnectionStrategyRule.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"ReconnectionStrategyRule.d.ts","sourceRoot":"","sources":["../../../../src/rules/performance/ReconnectionStrategyRule.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AACvD,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C;;;;;;;;;;;GAWG;AACH,qBAAa,wBAAyB,SAAQ,QAAQ;IACpD,EAAE,SAAa;IACf,IAAI,SAA2B;IAC/B,WAAW,SAA+D;IAC1E,QAAQ,EAAG,SAAS,CAAU;IAC9B,QAAQ,EAAG,aAAa,CAAU;IAElC,QAAQ,CAAC,GAAG,EAAE,QAAQ,EAAE,QAAQ,EAAE,iBAAiB,GAAG,KAAK,EAAE;CAkE9D"}
+{"version":3,"file":"ReconnectionStrategyRule.d.ts","sourceRoot":"","sources":["../../../../src/rules/performance/ReconnectionStrategyRule.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AACvD,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C;;;;;;;;;;;;;GAaG;AACH,qBAAa,wBAAyB,SAAQ,QAAQ;IACpD,EAAE,SAAa;IACf,IAAI,SAA2B;IAC/B,WAAW,SAA+D;IAC1E,QAAQ,EAAG,SAAS,CAAU;IAC9B,QAAQ,EAAG,aAAa,CAAU;IAElC,QAAQ,CAAC,GAAG,EAAE,QAAQ,EAAE,QAAQ,EAAE,iBAAiB,GAAG,KAAK,EAAE;IAkG7D,OAAO,CAAC,kBAAkB;CAO3B"}

package/dist/src/rules/performance/ReconnectionStrategyRule.js

@@ -7,12 +7,14 @@ const BaseRule_1 = require("../base/BaseRule");
  *
  * Connectors should have reconnection strategies configured for resilience.
  *
+ * Enhanced to differentiate listener vs request configs:
+ * - Listeners (inbound): recommend `reconnect-forever` (service must stay alive)
+ * - Requests (outbound): recommend bounded `reconnect count="3"` (fail fast for callers)
+ *
  * Per the Mule HTTP connector XSD, `<reconnection>` is a child element of
  * `<http:request-connection>`, NOT a direct child of `<http:request-config>`.
- * Placing `<reconnection>` directly under `<http:request-config>` causes a
- * SAXParseException at build time. The rule uses a descendant search (`.//*`)
- * to correctly resolve reconnection elements at any depth, including the valid
- * `http:request-config > http:request-connection > reconnection` nesting.
+ * The rule uses a descendant search (`.//*`) to correctly resolve reconnection
+ * elements at any depth.
  */
 class ReconnectionStrategyRule extends BaseRule_1.BaseRule {
     id = 'RES-001';
@@ -22,52 +24,70 @@ class ReconnectionStrategyRule extends BaseRule_1.BaseRule {
     category = 'performance';
     validate(doc, _context) {
         const issues = [];
-        // Specific connector configurations that benefit from reconnection strategies
-        // Using more specific patterns to avoid false positives on generic "config" elements
-        const connectorConfigs = [
+        // Listener configs (inbound) — recommend reconnect-forever
+        const listenerConfigs = [{ pattern: 'listener-config', name: 'HTTP Listener' }];
+        for (const connector of listenerConfigs) {
+            const configs = this.select(`//*[local-name()="${connector.pattern}"]`, doc);
+            for (const config of configs) {
+                const hasReconnection = this.hasAnyReconnection(config);
+                if (!hasReconnection) {
+                    const name = this.getNameAttribute(config) ?? connector.name;
+                    issues.push(this.createIssue(config, `${connector.name} config "${name}" has no reconnection strategy`, {
+                        suggestion: 'Add <reconnection><reconnect-forever frequency="5000"/></reconnection> for listener configs — the service should always attempt to reconnect',
+                    }));
+                }
+            }
+        }
+        // Request/outbound configs — recommend bounded reconnect
+        const requestConfigs = [
             { pattern: 'request-config', name: 'HTTP Request' },
-            { pattern: 'listener-config', name: 'HTTP Listener' },
             { pattern: 'jms-config', name: 'JMS' },
             { pattern: 'amqp-config', name: 'AMQP' },
             { pattern: 'sftp-config', name: 'SFTP' },
             { pattern: 'ftp-config', name: 'FTP' },
             { pattern: 'vm-config', name: 'VM' },
         ];
-        for (const connector of connectorConfigs) {
+        for (const connector of requestConfigs) {
             const configs = this.select(`//*[local-name()="${connector.pattern}"]`, doc);
             for (const config of configs) {
-                // Use descendant search (.//*) so that reconnection elements nested anywhere
-                // inside the config element are detected. This handles the XSD-correct pattern:
-                //   <http:request-config>
-                //     <http:request-connection>
-                //       <reconnection>...</reconnection>   ← correct per HTTP connector XSD
-                //     </http:request-connection>
-                //   </http:request-config>
-                const hasReconnection = this.exists('.//*[local-name()="reconnection"]', config) ||
-                    this.exists('.//*[local-name()="reconnect"]', config) ||
-                    this.exists('.//*[local-name()="reconnect-forever"]', config);
+                const hasReconnection = this.hasAnyReconnection(config);
                 if (!hasReconnection) {
                     const name = this.getNameAttribute(config) ?? connector.name;
                     issues.push(this.createIssue(config, `${connector.name} config "${name}" has no reconnection strategy`, {
-                        suggestion: 'Add <reconnection><reconnect count="3" frequency="2000"/></reconnection> inside <http:request-connection> for HTTP connectors',
+                        suggestion: 'Add <reconnection><reconnect count="3" frequency="2000"/></reconnection> inside the connection element for outbound connectors',
                     }));
                 }
             }
         }
-        // Database configs specifically - check for db namespace
+        // Database configs — check for db namespace
         const dbConfigs = this.select('//*[local-name()="config" and starts-with(name(), "db:")]', doc);
         for (const config of dbConfigs) {
-            const hasReconnection = this.exists('.//*[local-name()="reconnection"]', config) ||
-                this.exists('.//*[local-name()="reconnect"]', config);
+            const hasReconnection = this.hasAnyReconnection(config);
             if (!hasReconnection) {
                 const name = this.getNameAttribute(config) ?? 'Database';
                 issues.push(this.createIssue(config, `Database config "${name}" has no reconnection strategy`, {
-                    suggestion: 'Add <reconnection> inside the connection element',
+                    suggestion: 'Add <reconnection><reconnect count="3" frequency="2000"/></reconnection> inside the connection element',
+                }));
+            }
+        }
+        // Salesforce configs — check for sfdc-config
+        const sfdcConfigs = this.select('//*[local-name()="sfdc-config" or local-name()="config" and starts-with(name(), "salesforce:")]', doc);
+        for (const config of sfdcConfigs) {
+            const hasReconnection = this.hasAnyReconnection(config);
+            if (!hasReconnection) {
+                const name = this.getNameAttribute(config) ?? 'Salesforce';
+                issues.push(this.createIssue(config, `Salesforce config "${name}" has no reconnection strategy`, {
+                    suggestion: 'Add <reconnection><reconnect count="3" frequency="2000"/></reconnection> inside the Salesforce connection element',
                 }));
             }
         }
         return issues;
     }
+    hasAnyReconnection(config) {
+        return (this.exists('.//*[local-name()="reconnection"]', config) ||
+            this.exists('.//*[local-name()="reconnect"]', config) ||
+            this.exists('.//*[local-name()="reconnect-forever"]', config));
+    }
 }
 exports.ReconnectionStrategyRule = ReconnectionStrategyRule;
 //# sourceMappingURL=ReconnectionStrategyRule.js.map

package/dist/src/rules/performance/ReconnectionStrategyRule.js.map

@@ -1 +1 @@
-{"version":3,"file":"ReconnectionStrategyRule.js","sourceRoot":"","sources":["../../../../src/rules/performance/ReconnectionStrategyRule.ts"],"names":[],"mappings":";;;AACA,+CAA4C;AAE5C;;;;;;;;;;;GAWG;AACH,MAAa,wBAAyB,SAAQ,mBAAQ;IACpD,EAAE,GAAG,SAAS,CAAC;IACf,IAAI,GAAG,uBAAuB,CAAC;IAC/B,WAAW,GAAG,2DAA2D,CAAC;IAC1E,QAAQ,GAAG,SAAkB,CAAC;IAC9B,QAAQ,GAAG,aAAsB,CAAC;IAElC,QAAQ,CAAC,GAAa,EAAE,QAA2B;QACjD,MAAM,MAAM,GAAY,EAAE,CAAC;QAE3B,8EAA8E;QAC9E,qFAAqF;QACrF,MAAM,gBAAgB,GAAG;YACvB,EAAE,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,cAAc,EAAE;YACnD,EAAE,OAAO,EAAE,iBAAiB,EAAE,IAAI,EAAE,eAAe,EAAE;YACrD,EAAE,OAAO,EAAE,YAAY,EAAE,IAAI,EAAE,KAAK,EAAE;YACtC,EAAE,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,MAAM,EAAE;YACxC,EAAE,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,MAAM,EAAE;YACxC,EAAE,OAAO,EAAE,YAAY,EAAE,IAAI,EAAE,KAAK,EAAE;YACtC,EAAE,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,IAAI,EAAE;SACrC,CAAC;QAEF,KAAK,MAAM,SAAS,IAAI,gBAAgB,EAAE,CAAC;YACzC,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,qBAAqB,SAAS,CAAC,OAAO,IAAI,EAAE,GAAG,CAAC,CAAC;YAE7E,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;gBAC7B,6EAA6E;gBAC7E,gFAAgF;gBAChF,0BAA0B;gBAC1B,gCAAgC;gBAChC,4EAA4E;gBAC5E,iCAAiC;gBACjC,2BAA2B;gBAC3B,MAAM,eAAe,GACnB,IAAI,CAAC,MAAM,CAAC,mCAAmC,EAAE,MAAM,CAAC;oBACxD,IAAI,CAAC,MAAM,CAAC,gCAAgC,EAAE,MAAM,CAAC;oBACrD,IAAI,CAAC,MAAM,CAAC,wCAAwC,EAAE,MAAM,CAAC,CAAC;gBAEhE,IAAI,CAAC,eAAe,EAAE,CAAC;oBACrB,MAAM,IAAI,GAAG,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,IAAI,SAAS,CAAC,IAAI,CAAC;oBAC7D,MAAM,CAAC,IAAI,CACT,IAAI,CAAC,WAAW,CACd,MAAM,EACN,GAAG,SAAS,CAAC,IAAI,YAAY,IAAI,gCAAgC,EACjE;wBACE,UAAU,EACR,+HAA+H;qBAClI,CACF,CACF,CAAC;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;QAED,yDAAyD;QACzD,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,2DAA2D,EAAE,GAAG,CAAC,CAAC;QAChG,KAAK,MAAM,MAAM,IAAI,SAAS,EAAE,CAAC;YAC/B,MAAM,eAAe,GACnB,IAAI,CAAC,MAAM,CAAC,mCAAmC,EAAE,MAAM,CAAC;gBACxD,IAAI,CAAC,MAAM,CAAC,gCAAgC,EAAE,MAAM,CAAC,CAAC;YAExD,IAAI,CAAC,eAAe,EAAE,CAAC;gBACrB,MAAM,IAAI,GAAG,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC;gBACzD,MAAM,CAAC,IAAI,CACT,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,oBAAoB,IAAI,gCAAgC,EAAE;oBACjF,UAAU,EAAE,kDAAkD;iBAC/D,CAAC,CACH,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;CACF;AAzED,4DAyEC"}
+{"version":3,"file":"ReconnectionStrategyRule.js","sourceRoot":"","sources":["../../../../src/rules/performance/ReconnectionStrategyRule.ts"],"names":[],"mappings":";;;AACA,+CAA4C;AAE5C;;;;;;;;;;;;;GAaG;AACH,MAAa,wBAAyB,SAAQ,mBAAQ;IACpD,EAAE,GAAG,SAAS,CAAC;IACf,IAAI,GAAG,uBAAuB,CAAC;IAC/B,WAAW,GAAG,2DAA2D,CAAC;IAC1E,QAAQ,GAAG,SAAkB,CAAC;IAC9B,QAAQ,GAAG,aAAsB,CAAC;IAElC,QAAQ,CAAC,GAAa,EAAE,QAA2B;QACjD,MAAM,MAAM,GAAY,EAAE,CAAC;QAE3B,2DAA2D;QAC3D,MAAM,eAAe,GAAG,CAAC,EAAE,OAAO,EAAE,iBAAiB,EAAE,IAAI,EAAE,eAAe,EAAE,CAAC,CAAC;QAEhF,KAAK,MAAM,SAAS,IAAI,eAAe,EAAE,CAAC;YACxC,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,qBAAqB,SAAS,CAAC,OAAO,IAAI,EAAE,GAAG,CAAC,CAAC;YAE7E,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;gBAC7B,MAAM,eAAe,GAAG,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC;gBAExD,IAAI,CAAC,eAAe,EAAE,CAAC;oBACrB,MAAM,IAAI,GAAG,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,IAAI,SAAS,CAAC,IAAI,CAAC;oBAC7D,MAAM,CAAC,IAAI,CACT,IAAI,CAAC,WAAW,CACd,MAAM,EACN,GAAG,SAAS,CAAC,IAAI,YAAY,IAAI,gCAAgC,EACjE;wBACE,UAAU,EACR,8IAA8I;qBACjJ,CACF,CACF,CAAC;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;QAED,yDAAyD;QACzD,MAAM,cAAc,GAAG;YACrB,EAAE,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,cAAc,EAAE;YACnD,EAAE,OAAO,EAAE,YAAY,EAAE,IAAI,EAAE,KAAK,EAAE;YACtC,EAAE,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,MAAM,EAAE;YACxC,EAAE,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,MAAM,EAAE;YACxC,EAAE,OAAO,EAAE,YAAY,EAAE,IAAI,EAAE,KAAK,EAAE;YACtC,EAAE,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,IAAI,EAAE;SACrC,CAAC;QAEF,KAAK,MAAM,SAAS,IAAI,cAAc,EAAE,CAAC;YACvC,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,qBAAqB,SAAS,CAAC,OAAO,IAAI,EAAE,GAAG,CAAC,CAAC;YAE7E,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;gBAC7B,MAAM,eAAe,GAAG,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC;gBAExD,IAAI,CAAC,eAAe,EAAE,CAAC;oBACrB,MAAM,IAAI,GAAG,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,IAAI,SAAS,CAAC,IAAI,CAAC;oBAC7D,MAAM,CAAC,IAAI,CACT,IAAI,CAAC,WAAW,CACd,MAAM,EACN,GAAG,SAAS,CAAC,IAAI,YAAY,IAAI,gCAAgC,EACjE;wBACE,UAAU,EACR,gIAAgI;qBACnI,CACF,CACF,CAAC;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;QAED,4CAA4C;QAC5C,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,2DAA2D,EAAE,GAAG,CAAC,CAAC;QAChG,KAAK,MAAM,MAAM,IAAI,SAAS,EAAE,CAAC;YAC/B,MAAM,eAAe,GAAG,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC;YAExD,IAAI,CAAC,eAAe,EAAE,CAAC;gBACrB,MAAM,IAAI,GAAG,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC;gBACzD,MAAM,CAAC,IAAI,CACT,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,oBAAoB,IAAI,gCAAgC,EAAE;oBACjF,UAAU,EACR,wGAAwG;iBAC3G,CAAC,CACH,CAAC;YACJ,CAAC;QACH,CAAC;QAED,6CAA6C;QAC7C,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAC7B,iGAAiG,EACjG,GAAG,CACJ,CAAC;QACF,KAAK,MAAM,MAAM,IAAI,WAAW,EAAE,CAAC;YACjC,MAAM,eAAe,GAAG,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC;YAExD,IAAI,CAAC,eAAe,EAAE,CAAC;gBACrB,MAAM,IAAI,GAAG,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,IAAI,YAAY,CAAC;gBAC3D,MAAM,CAAC,IAAI,CACT,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,sBAAsB,IAAI,gCAAgC,EAAE;oBACnF,UAAU,EACR,mHAAmH;iBACtH,CAAC,CACH,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,kBAAkB,CAAC,MAAY;QACrC,OAAO,CACL,IAAI,CAAC,MAAM,CAAC,mCAAmC,EAAE,MAAM,CAAC;YACxD,IAAI,CAAC,MAAM,CAAC,gCAAgC,EAAE,MAAM,CAAC;YACrD,IAAI,CAAC,MAAM,CAAC,wCAAwC,EAAE,MAAM,CAAC,CAC9D,CAAC;IACJ,CAAC;CACF;AAhHD,4DAgHC"}

package/dist/src/rules/security/ConnectorCredentialsSecuredRule.d.ts

@@ -0,0 +1,36 @@
+import { ValidationContext, Issue, IssueType } from '../../types';
+import { BaseRule } from '../base/BaseRule';
+/**
+ * SEC-007: Connector Credentials Secured
+ *
+ * Salesforce, NetSuite, Database, and other connector configurations must
+ * use `${secure::...}` (not plain `${...}`) for credential attributes.
+ *
+ * Plain property placeholders like `${sf.password}` store the value in
+ * clear text in property files.  The `${secure::...}` prefix ensures the
+ * value is read from an encrypted secure properties file.
+ *
+ * Covered connectors and attributes:
+ *   - Salesforce: username, password, securityToken, consumerKey, consumerSecret
+ *   - NetSuite: consumerKey, consumerSecret, tokenId, tokenSecret
+ *   - Database: password, user (when not using connection URL)
+ *   - HTTP Basic Auth: username, password
+ *   - SMTP: password
+ */
+export declare class ConnectorCredentialsSecuredRule extends BaseRule {
+    id: string;
+    name: string;
+    description: string;
+    severity: "error";
+    category: "security";
+    issueType: IssueType;
+    /**
+     * Map of element local-name patterns to their sensitive attributes.
+     * We match on local-name() to be namespace-agnostic.
+     */
+    private readonly CONNECTOR_SENSITIVE_ATTRS;
+    validate(doc: Document, _context: ValidationContext): Issue[];
+    private findSensitiveAttrs;
+    private extractPropertyName;
+}
+//# sourceMappingURL=ConnectorCredentialsSecuredRule.d.ts.map

package/dist/src/rules/security/ConnectorCredentialsSecuredRule.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ConnectorCredentialsSecuredRule.d.ts","sourceRoot":"","sources":["../../../../src/rules/security/ConnectorCredentialsSecuredRule.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAClE,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C;;;;;;;;;;;;;;;;GAgBG;AACH,qBAAa,+BAAgC,SAAQ,QAAQ;IAC3D,EAAE,SAAa;IACf,IAAI,SAAmC;IACvC,WAAW,SAAsE;IACjF,QAAQ,EAAG,OAAO,CAAU;IAC5B,QAAQ,EAAG,UAAU,CAAU;IAC/B,SAAS,EAAE,SAAS,CAAmB;IAEvC;;;OAGG;IACH,OAAO,CAAC,QAAQ,CAAC,yBAAyB,CA+BxC;IAEF,QAAQ,CAAC,GAAG,EAAE,QAAQ,EAAE,QAAQ,EAAE,iBAAiB,GAAG,KAAK,EAAE;IA4D7D,OAAO,CAAC,kBAAkB;IAc1B,OAAO,CAAC,mBAAmB;CAI5B"}