npm - @sfdxy/mule-lint - Versions diffs - 1.20.0 → 1.22.0 - Mend

@sfdxy/mule-lint 1.20.0 → 1.22.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (156) hide show

package/docs/best-practices/testing.md ADDED Viewed

@@ -0,0 +1,190 @@
+# Testing with MUnit
+> **Applies to:** All
+> **Related Rules:** `EXP-003`
+> **Last Updated:** April 2026
+## When to Read This
+Read this when writing MUnit tests, setting up test infrastructure, or testing event-driven flows.
+---
+## Test Coverage Goals
+| Test Type            | Coverage Target    | Purpose                        |
+| -------------------- | ------------------ | ------------------------------ |
+| Unit Tests           | 80%+ flow coverage | Validate individual flow logic |
+| Integration Tests    | All critical paths | Validate end-to-end scenarios  |
+| Error Scenario Tests | All error handlers | Validate error responses       |
+---
+## Patterns
+### Pattern 1: Standard MUnit Test Structure
+```xml
+<munit:test name="create-order-success-test"
+            description="Validates successful order creation">
+    <!-- Mock external dependencies -->
+    <munit:behavior>
+        <munit-tools:mock-when processor="http:request">
+            <munit-tools:with-attributes>
+                <munit-tools:with-attribute attributeName="config-ref"
+                                            whereValue="API_HTTP_Config"/>
+            </munit-tools:with-attributes>
+            <munit-tools:then-return>
+                <munit-tools:payload value='{"orderId": "12345"}'/>
+            </munit-tools:then-return>
+        </munit-tools:mock-when>
+    </munit:behavior>
+    <!-- Execute the flow -->
+    <munit:execution>
+        <flow-ref name="create-order-flow"/>
+    </munit:execution>
+    <!-- Assert results -->
+    <munit:validation>
+        <munit-tools:assert-that expression="#[payload.orderId]"
+                                  is="#[MunitTools::notNullValue()]"/>
+    </munit:validation>
+</munit:test>
+```
+### Pattern 2: Testing Error Handlers
+```xml
+<munit:test name="error-handler-400-test"
+            description="Validates 400 Bad Request error handling"
+            expectedErrorType="APIKIT:BAD_REQUEST">
+    <munit:behavior>
+        <munit-tools:mock-when processor="apikit:router">
+            <munit-tools:then-call exception="APIKIT:BAD_REQUEST"/>
+        </munit-tools:mock-when>
+    </munit:behavior>
+    <munit:execution>
+        <flow-ref name="api-main"/>
+    </munit:execution>
+    <munit:validation>
+        <munit-tools:assert-that expression="#[vars.httpStatus]"
+                                  is="#[MunitTools::equalTo(400)]"/>
+        <munit-tools:assert-that expression="#[payload.error]"
+                                  is="#[MunitTools::equalTo('InvalidInput')]"/>
+    </munit:validation>
+</munit:test>
+```
+### Pattern 3: Testing Event-Driven Flows
+For PAPI-style flows driven by Platform Events, mock the event payload and downstream SAPI calls:
+```xml
+<munit:test name="account-event-processing-test"
+            description="Validates Account event → NS Customer sync">
+    <munit:behavior>
+        <!-- Mock the SAPI HTTP call -->
+        <munit-tools:mock-when processor="http:request">
+            <munit-tools:with-attributes>
+                <munit-tools:with-attribute attributeName="config-ref"
+                    whereValue="SAPI_HTTP_Config"/>
+            </munit-tools:with-attributes>
+            <munit-tools:then-return>
+                <munit-tools:payload value='{"status":"success","internalId":"123"}'/>
+            </munit-tools:then-return>
+        </munit-tools:mock-when>
+        <!-- Mock the writeback SAPI call -->
+        <munit-tools:mock-when processor="http:request">
+            <munit-tools:with-attributes>
+                <munit-tools:with-attribute attributeName="doc:name"
+                    whereValue="Writeback Request"/>
+            </munit-tools:with-attributes>
+            <munit-tools:then-return>
+                <munit-tools:payload value='{"success":true}'/>
+            </munit-tools:then-return>
+        </munit-tools:mock-when>
+    </munit:behavior>
+    <munit:execution>
+        <!-- Set variables as the event listener would -->
+        <set-variable variableName="correlationId" value="test-uuid-123"/>
+        <set-variable variableName="logCategory" value="com.myorg.papi"/>
+        <set-variable variableName="salesforceId" value="001XXXXX"/>
+        <set-payload value='#[readUrl("classpath://test-data/account-event.json", "application/json")]'/>
+        <flow-ref name="account-process-subflow"/>
+    </munit:execution>
+    <munit:validation>
+        <munit-tools:assert-that expression="#[payload.status]"
+                                  is="#[MunitTools::equalTo('success')]"/>
+    </munit:validation>
+</munit:test>
+```
+### Pattern 4: Test Organization
+```
+src/test/
+├── munit/
+│   ├── salesforce-upsert-test.xml       # Operation-specific tests
+│   ├── salesforce-create-test.xml
+│   ├── salesforce-query-test.xml
+│   ├── salesforce-delete-test.xml
+│   ├── salesforce-process-subflow-test.xml  # Routing tests
+│   ├── error-handling-test.xml          # Error scenario tests
+│   └── common-test-resources.xml        # Shared mocks
+└── resources/
+    ├── log4j2-test.xml                  # Console-only, noise-suppressed
+    └── test-data/                       # Test payloads
+        ├── account-event.json
+        └── order-request.json
+```
+---
+## Key Principles
+1. **Mock all external dependencies** — never call real systems in unit tests
+2. **Test all error handler branches** — verify each HTTP status code / error type
+3. **Use descriptive test names** — names should describe the scenario being tested
+4. **Isolate tests** — each test should be independent (no shared state)
+5. **Separate test log config** — use `log4j2-test.xml` with console appender and suppressed noise
+---
+## Running Tests
+```bash
+# Full test suite
+mvn clean test -Dmule.env=dev -Dsecure.key=test
+# Specific test suite
+mvn test -Dmule.env=dev -Dsecure.key=test -Dtest=salesforce-upsert-test
+# Package (skip tests)
+mvn clean package -DskipTests
+```
+> **Note:** MUnit requires MuleSoft Enterprise Edition license. If the `licm` check fails in your dev environment, verify with `mvn process-classes` (schema validation passes without EE license).
+---
+## Checklist
+- [ ] 80%+ flow coverage with MUnit
+- [ ] All error handler branches tested
+- [ ] External dependencies mocked (HTTP, connectors, databases)
+- [ ] Test names clearly describe the scenario
+- [ ] `log4j2-test.xml` configured for test environment
+- [ ] Test data externalized to `test-data/` directory
+---
+**See also:** [Error Handling](error-handling.md) · [CI/CD Integration](ci-cd.md)

package/docs/best-practices/variable-contracts.md ADDED Viewed

@@ -0,0 +1,191 @@
+# Variable Contracts & Correlation ID Patterns
+> **Applies to:** All
+> **Related Rules:** `MULE-007` · `MULE-102` · `STD-001`
+> **Last Updated:** April 2026
+## When to Read This
+Read this when designing the variable contract between flows and sub-flows. Standardized variables ensure consistent behavior across routing, logging, error handling, and response building.
+---
+## Standard Variable Set
+Every APIKit route flow or event listener flow should set these variables **before** delegating to sub-flows:
+| Variable          | Type    | Required           | Description                                                     |
+| ----------------- | ------- | ------------------ | --------------------------------------------------------------- |
+| `correlationId`   | String  | ✅ Always          | Unique request/event identifier for distributed tracing         |
+| `logCategory`     | String  | ✅ Always          | Logger category (e.g., `com.myorg.sf.sapi`)                     |
+| `flowName`        | String  | ✅ Always          | Human-readable flow identifier for logging                      |
+| `env`             | String  | ✅ Always          | Current environment from `p('mule.env')`                        |
+| `action`          | String  | ✅ For CRUD APIs   | Operation type: `CREATE`, `UPDATE`, `UPSERT`, `DELETE`, `QUERY` |
+| `sObjectType`     | String  | ✅ For entity APIs | Entity/record type from URI parameter                           |
+| `isArray`         | Boolean | ✅ For CRUD APIs   | Whether the original request payload was an array               |
+| `externalIdField` | String  | Optional           | External ID field for upsert operations (defaults to `Id`)      |
+---
+## Patterns
+### Pattern 1: APIKit Route Variable Setup
+**Use when:** setting variables in an APIKit-generated route flow.
+Set all variables in a single `ee:transform` at the top of every route flow:
+```xml
+<flow name="post:\salesforce\(sObjectType):application\json:api-config">
+    <ee:transform doc:name="Set Variables">
+        <ee:variables>
+            <ee:set-variable variableName="correlationId"><![CDATA[
+                attributes.headers.'x-correlation-id' default correlationId
+            ]]></ee:set-variable>
+            <ee:set-variable variableName="logCategory"><![CDATA[
+                "com.myorg.sf.sapi"
+            ]]></ee:set-variable>
+            <ee:set-variable variableName="flowName"><![CDATA[
+                "Mulesoft: my-sapi - " ++ flow.name
+            ]]></ee:set-variable>
+            <ee:set-variable variableName="env"><![CDATA[
+                p('mule.env')
+            ]]></ee:set-variable>
+            <ee:set-variable variableName="action"><![CDATA[
+                "CREATE"
+            ]]></ee:set-variable>
+            <ee:set-variable variableName="sObjectType"><![CDATA[
+                attributes.uriParams.'sObjectType'
+            ]]></ee:set-variable>
+            <ee:set-variable variableName="isArray"><![CDATA[
+                payload is Array
+            ]]></ee:set-variable>
+        </ee:variables>
+    </ee:transform>
+    <logger level="INFO" category="#[vars.logCategory]"
+            message='#["[" ++ vars.correlationId ++ "] CREATE for: " ++ vars.sObjectType]'/>
+    <flow-ref name="process-subflow"/>
+</flow>
+```
+### Pattern 2: Event Listener Variable Setup
+**Use when:** setting variables from a Salesforce Platform Event or Anypoint MQ message.
+```xml
+<flow name="sf-account-event-listener">
+    <salesforce:replay-channel-listener channel="/event/Account_Event__e" .../>
+    <ee:transform doc:name="Set Variables">
+        <ee:variables>
+            <!-- Correlation ID from event metadata, NOT HTTP header -->
+            <ee:set-variable variableName="correlationId"><![CDATA[
+                payload.EventUuid default correlationId
+            ]]></ee:set-variable>
+            <ee:set-variable variableName="logCategory"><![CDATA[
+                "com.myorg.sf.papi"
+            ]]></ee:set-variable>
+            <ee:set-variable variableName="salesforceId"><![CDATA[
+                payload.Record_Id__c default ""
+            ]]></ee:set-variable>
+            <ee:set-variable variableName="entity"><![CDATA[
+                "account"
+            ]]></ee:set-variable>
+        </ee:variables>
+    </ee:transform>
+    <!-- ... -->
+</flow>
+```
+### Pattern 3: Array-In / Array-Out Response Mirroring
+**Use when:** an API accepts both single objects and arrays, and the response must mirror the input shape.
+Set `vars.isArray` in the route flow:
+```xml
+<ee:set-variable variableName="isArray"><![CDATA[
+    payload is Array
+]]></ee:set-variable>
+```
+Use it in DWL response transforms to mirror the shape:
+```dataweave
+%dw 2.0
+output application/json
+---
+if (vars.isArray)
+    payload map { id: $.id, success: $.success }
+else
+    { id: payload[0].id, success: payload[0].success }
+```
+### Pattern 4: Action-Based Routing
+**Use when:** a single process sub-flow handles multiple CRUD operations.
+The `vars.action` variable drives routing inside the process sub-flow:
+```xml
+<sub-flow name="salesforce-process-subflow">
+    <choice>
+        <when expression="#[vars.action == 'CREATE']">
+            <flow-ref name="salesforce-create-subflow"/>
+        </when>
+        <when expression="#[vars.action == 'UPSERT']">
+            <flow-ref name="salesforce-upsert-subflow"/>
+        </when>
+        <when expression="#[vars.action == 'DELETE']">
+            <flow-ref name="salesforce-delete-subflow"/>
+        </when>
+        <when expression="#[vars.action == 'QUERY' or vars.action == 'QUERY_ENTITY']">
+            <flow-ref name="salesforce-query-subflow"/>
+        </when>
+    </choice>
+</sub-flow>
+```
+---
+## Correlation ID Patterns
+| Source         | Pattern                                                       | Use Case                     |
+| -------------- | ------------------------------------------------------------- | ---------------------------- |
+| HTTP header    | `attributes.headers.'x-correlation-id' default correlationId` | HTTP APIs (SAPI, Experience) |
+| Platform Event | `payload.EventUuid default correlationId`                     | Event-driven PAPI            |
+| Anypoint MQ    | `attributes.messageId default correlationId`                  | MQ consumers                 |
+| Generated      | `correlationId` (Mule built-in)                               | Fallback / internal flows    |
+**Propagation rules:**
+- Include in all outbound HTTP requests as `x-correlation-id` header
+- Include in all log messages: `#["[" ++ vars.correlationId ++ "] message"]`
+- Include in all error response payloads
+- Store in `vars.correlationId` (camelCase)
+---
+## Variable Naming Conventions
+| Convention          | Example                                   | Use For                    |
+| ------------------- | ----------------------------------------- | -------------------------- |
+| `camelCase`         | `correlationId`, `sObjectType`, `isArray` | All `set-variable` names   |
+| Static strings      | `"com.myorg.sf.sapi"`                     | Logger categories, actions |
+| Property references | `p('mule.env')`                           | Environment-derived values |
+> ❌ **Don't use:** `snake_case` (`correlation_id`), `PascalCase` (`CorrelationId`), or `SCREAMING_CASE` (`CORRELATION_ID`) for variable names.
+---
+## Checklist
+- [ ] All route flows set `correlationId`, `logCategory`, `flowName`, `env` before delegation
+- [ ] CRUD route flows additionally set `action`, `sObjectType`, `isArray`
+- [ ] Correlation ID sourced correctly for project type (HTTP vs. event vs. MQ)
+- [ ] `correlationId` propagated in all outbound requests, logs, and error responses
+- [ ] Variables use `camelCase` naming
+- [ ] `isArray` set before calling process sub-flow (for response mirroring)
+---
+**See also:** [Error Handling](error-handling.md) · [Logging](logging.md) · [Event-Driven Patterns](event-driven-patterns.md)

package/docs/linter/architecture.md CHANGED Viewed

@@ -17,21 +17,23 @@ flowchart TB
         E --> D
     end
-    subgraph Rules["Rules (56 Total)"]
-        D --> R1[Error Handling<br/>MULE-001,003,005,007,009]
+    subgraph Rules["Rules (82 Total)"]
+        D --> R1[Error Handling<br/>MULE-001,003,005,007,009<br/>ERR-001,002,003,004]
         D --> R2[Naming<br/>MULE-002,101,102]
-        D --> R3[Security<br/>MULE-004,201,202]
-        D --> R4[Logging<br/>MULE-006,301,303]
-        D --> R5[HTTP<br/>MULE-401,402,403]
-        D --> R6[Performance<br/>MULE-501,502,503]
-        D --> R7[Documentation<br/>MULE-601,604]
-        D --> R8[Standards<br/>MULE-008,010,701]
+        D --> R3[Security<br/>MULE-004,201,202<br/>SEC-002,003,004,006,007,008,009,010]
+        D --> R4[Logging<br/>MULE-006,301,303<br/>LOG-001,004,HYG-001]
+        D --> R5[HTTP<br/>MULE-401,402,403,HTTP-004]
+        D --> R6[Performance<br/>MULE-501,502,503<br/>PERF-002,RES-001,002]
+        D --> R7[Documentation<br/>MULE-601,604,DOC-001]
+        D --> R8[Standards<br/>MULE-008,010,701<br/>OPS,CFG,STD]
         D --> R9[Complexity<br/>MULE-801]
         D --> R10[Structure<br/>MULE-802-804]
         D --> R11[YAML<br/>YAML-001,003,004]
-        D --> R12[DataWeave<br/>DW-001,002,003]
-        D --> R13[API-Led<br/>API-001,002,003]
-        D --> R14[Experimental<br/>EXP-001,002,003]
+        D --> R12[DataWeave<br/>DW-001,002,003,004,005]
+        D --> R13[API-Led<br/>API-001-008]
+        D --> R14[Connectors<br/>SF-001,002]
+        D --> R15[Governance<br/>PROJ-001,002]
+        D --> R16[Experimental<br/>EXP-001,002,003]
     end
     subgraph Output["Formatters"]
@@ -64,16 +66,28 @@ sequenceDiagram
     Engine->>Scanner: scanDirectory(path)
     Scanner-->>Engine: ScannedFile[]
-    loop Each XML File
+    Note over Engine: Pre-Scan Phase
+    loop Each XML File (Pre-Scan)
         Engine->>Parser: parseXml(content)
-        Parser-->>Engine: Document
+        Parser-->>Engine: Document (cached)
+        Note over Engine: Collect allFlowRefs, allFlowNames
+    end
+    Note over Engine: Detect projectLayer
-        loop Each Rule
+    loop Each XML File
+        Engine->>Engine: Get Document from cache
+        loop Each Per-File Rule
             Engine->>Rules: validate(doc, context)
             Rules-->>Engine: Issue[]
         end
     end
+    Note over Engine: Project Rules
+    loop Each Project Rule
+        Engine->>Rules: validateProject(context)
+        Rules-->>Engine: Issue[]
+    end
     loop YAML Rules
         Engine->>YAML: parseYaml(path)
         YAML-->>Engine: Properties
@@ -91,15 +105,36 @@ sequenceDiagram
 The central orchestrator that:
 1. Scans directories for XML and YAML files using FileScanner
-2. Parses each file with XmlParser or YamlParser
-3. Executes all enabled rules against each document
-4. Aggregates results into a LintReport
+2. **Pre-scans** all XML files to collect cross-file metadata (`allFlowRefs`, `allFlowNames`, `projectContext` with `projectLayer`)
+3. **Caches** parsed XML `Document` objects to avoid redundant parsing
+4. Executes all enabled per-file rules against each cached document
+5. Executes project-level rules (`ProjectRule` subclasses) once per scan
+6. Aggregates results into a LintReport
 ```typescript
 const engine = new LintEngine({ rules: ALL_RULES, config });
 const report = await engine.scan('./project');
 ```
+#### Document Cache
+During `preScanFiles()`, the engine parses each XML file and stores the resulting `Document` in an internal `Map<string, Document>`. When `processFile()` runs, it retrieves the cached document instead of re-parsing. The cache is cleared after each scan to free memory.
+#### Project Layer Detection
+The engine automatically classifies projects into a `ProjectLayer`:
+| Layer     | Detection Heuristic                                         |
+| --------- | ----------------------------------------------------------- |
+| `sapi`    | Directory name contains `-sapi`, `-sys-`, or `-system-`     |
+| `papi`    | Directory name contains `-papi`, `-proc-`, or `-process-`   |
+| `eapi`    | Directory name contains `-eapi`, `-exp-`, or `-experience-` |
+| `library` | Directory name contains `-library`, `-lib`, or `-common`    |
+| `batch`   | Batch job elements detected in XML files                    |
+| `unknown` | Default when no pattern matches                             |
+Available to rules via `context.projectContext?.projectLayer`.
 ### XPathHelper
 Singleton utility for namespace-aware XPath queries:
@@ -111,20 +146,24 @@ const flows = xpath.selectNodes('//mule:flow', document);
 Pre-configured namespaces:
-| Prefix   | Namespace                                         |
-| -------- | ------------------------------------------------- |
-| `mule`   | http://www.mulesoft.org/schema/mule/core          |
-| `http`   | http://www.mulesoft.org/schema/mule/http          |
-| `ee`     | http://www.mulesoft.org/schema/mule/ee/core       |
-| `db`     | http://www.mulesoft.org/schema/mule/db            |
-| `doc`    | http://www.mulesoft.org/schema/mule/documentation |
-| `tls`    | http://www.mulesoft.org/schema/mule/tls           |
-| `file`   | http://www.mulesoft.org/schema/mule/file          |
-| `sftp`   | http://www.mulesoft.org/schema/mule/sftp          |
-| `vm`     | http://www.mulesoft.org/schema/mule/vm            |
-| `jms`    | http://www.mulesoft.org/schema/mule/jms           |
-| `apikit` | http://www.mulesoft.org/schema/mule/mule-apikit   |
-| `batch`  | http://www.mulesoft.org/schema/mule/batch         |
+| Prefix        | Namespace                                         |
+| ------------- | ------------------------------------------------- |
+| `mule`        | http://www.mulesoft.org/schema/mule/core          |
+| `http`        | http://www.mulesoft.org/schema/mule/http          |
+| `ee`          | http://www.mulesoft.org/schema/mule/ee/core       |
+| `db`          | http://www.mulesoft.org/schema/mule/db            |
+| `doc`         | http://www.mulesoft.org/schema/mule/documentation |
+| `tls`         | http://www.mulesoft.org/schema/mule/tls           |
+| `file`        | http://www.mulesoft.org/schema/mule/file          |
+| `sftp`        | http://www.mulesoft.org/schema/mule/sftp          |
+| `vm`          | http://www.mulesoft.org/schema/mule/vm            |
+| `jms`         | http://www.mulesoft.org/schema/mule/jms           |
+| `apikit`      | http://www.mulesoft.org/schema/mule/mule-apikit   |
+| `batch`       | http://www.mulesoft.org/schema/mule/batch         |
+| `netsuite`    | http://www.mulesoft.org/schema/mule/netsuite      |
+| `sap`         | http://www.mulesoft.org/schema/mule/sap           |
+| `anypoint-mq` | http://www.mulesoft.org/schema/mule/anypoint-mq   |
+| `oauth`       | http://www.mulesoft.org/schema/mule/oauth         |
 ### BaseRule
@@ -145,6 +184,11 @@ classDiagram
         #getOption(context, key, default): T
     }
+    class ProjectRule {
+        +validateProject(context): Issue[]
+        +validate(doc, context): Issue[]
+    }
     class FlowNamingRule {
         +validate()
     }
@@ -154,8 +198,14 @@ classDiagram
         #findYamlFiles(): string[]
     }
+    class GlobalErrorHandlerRule {
+        +validateProject()
+    }
     BaseRule <|-- FlowNamingRule
     BaseRule <|-- YamlRuleBase
+    BaseRule <|-- ProjectRule
+    ProjectRule <|-- GlobalErrorHandlerRule
 ```
 **Issue Types for Quality Metrics:**
@@ -212,11 +262,11 @@ XPathHelper.getInstance(); // Same instance always
 src/
 ├── index.ts              # Package entry point
 ├── types/                # TypeScript interfaces
-│   ├── Rule.ts          # Rule, Issue, Severity, IssueType
+│   ├── Rule.ts          # Rule, Issue, Severity, IssueType, ProjectLayer
 │   ├── Report.ts        # LintReport, FileResult
 │   └── Config.ts        # LintConfig, CliOptions
 ├── core/                 # Core utilities
-│   ├── XPathHelper.ts   # Namespace-aware XPath
+│   ├── XPathHelper.ts   # Namespace-aware XPath (16 namespaces)
 │   ├── XmlParser.ts     # DOM parsing
 │   ├── YamlParser.ts    # YAML parsing
 │   ├── FileScanner.ts   # File discovery
@@ -228,23 +278,26 @@ src/
 │   ├── thresholds.ts    # A-E rating boundaries
 │   └── calculator.ts    # Rating calculation functions
 ├── engine/               # Orchestration
-│   └── LintEngine.ts    # Main engine
-├── rules/                # All rules (56 total)
-│   ├── index.ts         # Rule registry
-│   ├── base/            # BaseRule class
-│   ├── api-led/         # API-001, 002, 003, 004
+│   └── LintEngine.ts    # Main engine (document cache, pre-scan, project layer)
+├── rules/                # All rules (82 total)
+│   ├── index.ts         # Rule registry (ALL_RULES array)
+│   ├── base/            # BaseRule + ProjectRule classes
+│   ├── api-led/         # API-001–004, API-006–008
 │   ├── complexity/      # MULE-801
-│   ├── dataweave/       # DW-001, 002, 003, 004
-│   ├── documentation/   # MULE-601, 604
-│   ├── error-handling/  # MULE-001, 003, 005, 007, 009 (issueType: bug)
-│   ├── experimental/    # EXP-001, 002, 003
-│   ├── http/            # MULE-401, 402, 403
-│   ├── logging/         # MULE-006, 301, 303
+│   ├── connector/       # SF-001, SF-002
+│   ├── dataweave/       # DW-001–005
+│   ├── documentation/   # MULE-601, 604, DOC-001
+│   ├── error-handling/  # MULE-001,003,005,007,009, ERR-001–004
+│   ├── experimental/    # EXP-001–003
+│   ├── governance/      # PROJ-001, PROJ-002
+│   ├── http/            # MULE-401–403, HTTP-004
+│   ├── logging/         # MULE-006,301,303, LOG-001,004, HYG-001
 │   ├── naming/          # MULE-002, 101, 102
-│   ├── performance/     # MULE-501, 502, 503
-│   ├── security/        # MULE-004, 201, 202 (issueType: vulnerability)
-│   ├── standards/       # MULE-008, 010, 701
-│   ├── structure/       # MULE-802, 803, 804
+│   ├── operations/      # HYG-002–005
+│   ├── performance/     # MULE-501–503, PERF-002, RES-001–002
+│   ├── security/        # MULE-004,201,202, SEC-002–004,006–010
+│   ├── standards/       # MULE-008,010,701, OPS-001–003, API-005, CFG-001–002, STD-001
+│   ├── structure/       # MULE-802–804
 │   └── yaml/            # YAML-001, 003, 004
 └── formatters/           # Output formatters
     ├── TableFormatter.ts
@@ -262,22 +315,24 @@ src/
 ## Rule Categories
-| Category       | ID Prefix          | Count | Description                              |
-| -------------- | ------------------ | ----- | ---------------------------------------- |
-| Error Handling | MULE-00X           | 5     | Error handler presence and configuration |
-| Naming         | MULE-002, 10X      | 3     | Flow, variable, and file naming          |
-| Security       | MULE-004, 20X      | 3     | Hardcoded values and security            |
-| Logging        | MULE-006, 30X      | 3     | Logger configuration                     |
-| HTTP           | MULE-40X           | 3     | HTTP request configuration               |
-| Performance    | MULE-50X           | 3     | Performance anti-patterns                |
-| Documentation  | MULE-60X           | 2     | Component documentation                  |
-| Standards      | MULE-008, 010, 70X | 3     | Best practices                           |
-| Complexity     | MULE-80X           | 1     | Cyclomatic complexity                    |
-| Structure      | MULE-80X           | 3     | Project structure                        |
-| YAML           | YAML-XXX           | 3     | Properties validation                    |
-| DataWeave      | DW-XXX             | 3     | DWL file validation                      |
-| API-Led        | API-XXX            | 3     | API-Led patterns                         |
-| Experimental   | EXP-XXX            | 3     | Beta rules                               |
+| Category       | ID Prefix                       | Count | Description                                    |
+| -------------- | ------------------------------- | ----- | ---------------------------------------------- |
+| Error Handling | MULE-00X, ERR-001–004           | 9     | Error handler configuration and best practices |
+| Naming         | MULE-002, 10X                   | 3     | Flow, variable, and file naming                |
+| Security       | MULE-004, 20X, SEC-002–010      | 11    | Hardcoded values, TLS, credentials             |
+| Logging        | MULE-006, 30X, LOG, HYG-001     | 6     | Logger configuration and hygiene               |
+| HTTP           | MULE-40X, HTTP-004              | 4     | HTTP request configuration                     |
+| Performance    | MULE-50X, PERF-002, RES-001–002 | 6     | Performance anti-patterns and resilience       |
+| Documentation  | MULE-60X, DOC-001               | 3     | Component documentation                        |
+| Standards      | MULE-008,010,70X, OPS, CFG, STD | 10    | Best practices and operations                  |
+| Complexity     | MULE-801                        | 1     | Cyclomatic complexity                          |
+| Structure      | MULE-80X                        | 3     | Project structure                              |
+| YAML           | YAML-XXX                        | 3     | Properties validation                          |
+| DataWeave      | DW-XXX                          | 5     | DWL file validation                            |
+| API-Led        | API-XXX                         | 7     | API-Led patterns                               |
+| Connectors     | SF-001, SF-002                  | 2     | Salesforce and event connector rules           |
+| Governance     | PROJ-XXX                        | 2     | POM and Git hygiene                            |
+| Experimental   | EXP-XXX                         | 3     | Beta rules                                     |
 ## Extension Points

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@sfdxy/mule-lint",
-  "version": "1.20.0",
+  "version": "1.22.0",
   "description": "Static analysis tool for MuleSoft applications - supports humans, AI agents, and CI/CD pipelines",
   "author": "Avinava",
   "license": "MIT",