@xano/xanoscript-language-server 11.6.0 → 11.6.2

package/.claude/settings.local.json

@@ -5,7 +5,9 @@
       "Bash(node -e:*)",
       "Bash(node --input-type=module -e:*)",
       "Bash(git checkout:*)",
-      "Bash(ls:*)"
+      "Bash(ls:*)",
+      "Bash(npm run lint:*)",
+      "Bash(grep:*)"
     ]
   }
 }

package/lexer/literal.js

@@ -24,7 +24,7 @@ export const SingleQuotedStringLiteral = createUniqToken({
 export const FloatLiteral = createUniqToken({
   name: "FloatLiteral",
   label: "floating point number",
-  pattern: /-?\d+\.\d+/,
+  pattern: /-?\d+\.\d+([eE][+-]?\d+)?/,
 });
 
 export const IntegerLiteral = createUniqToken({

package/onDidChangeContent/onDidChangeContent.js

@@ -62,7 +62,7 @@ export function onDidChangeContent(params, connection) {
   if (!document) {
     console.error(
       "onDidChangeContent(): Document not found for URI:",
-      params.textDocument.uri
+      params.textDocument.uri,
     );
     return null;
   }
@@ -74,7 +74,7 @@ export function onDidChangeContent(params, connection) {
     const { parser, scheme } = documentCache.getOrParse(
       document.uri,
       document.version,
-      text
+      text,
     );
 
     if (parser.errors.length === 0) {
@@ -84,7 +84,7 @@ export function onDidChangeContent(params, connection) {
 
     for (const error of parser.errors) {
       console.error(
-        `onDidChangeContent(): Error parsing document: ${error.name}`
+        `onDidChangeContent(): Error parsing document: ${error.name}`,
       );
     }
 
@@ -93,7 +93,7 @@ export function onDidChangeContent(params, connection) {
 
     console.log(
       `onDidChangeContent(): sending diagnostic (${parser.errors.length} errors) for scheme:`,
-      scheme
+      scheme,
     );
 
     connection.sendDiagnostics({

package/onHover/onHoverDocument.js

@@ -39,7 +39,7 @@ export function onHoverDocument(params, documents, hoverProviders = []) {
   if (!document) {
     console.error(
       "onHover(): Document not found for URI:",
-      params.textDocument.uri
+      params.textDocument.uri,
     );
     return null;
   }
@@ -51,7 +51,7 @@ export function onHoverDocument(params, documents, hoverProviders = []) {
   const { lexResult, parser } = documentCache.getOrParse(
     params.textDocument.uri,
     document.version,
-    text
+    text,
   );
 
   if (lexResult.errors.length > 0) return null;
@@ -67,7 +67,7 @@ export function onHoverDocument(params, documents, hoverProviders = []) {
 
   // Find the hover provider that matches the token
   const messageProvider = hoverProviders.find((provider) =>
-    provider.isMatch(tokenIdx, tokens, parser)
+    provider.isMatch(tokenIdx, tokens, parser),
   );
 
   if (messageProvider) {

package/onSemanticCheck/highlight.js

@@ -30,13 +30,13 @@ function higlightDefault(text, SemanticTokensBuilder) {
         character,
         token.image.length, // Length of the token
         encodeTokenType(tokenType), // Numeric ID for the token type
-        0 // No modifiers for now
+        0, // No modifiers for now
       );
     } else if (tokenType === undefined) {
       console.log(
         `token type not mapped to a type: ${JSON.stringify(
-          token.tokenType.name
-        )}`
+          token.tokenType.name,
+        )}`,
       );
     }
   });

package/onSemanticCheck/onSemanticCheck.js

@@ -13,7 +13,7 @@ export function onSemanticCheck(params, documents, SemanticTokensBuilder) {
   if (!document) {
     console.error(
       "onSemanticCheck(): Document not found for URI:",
-      params.textDocument.uri
+      params.textDocument.uri,
     );
     return null;
   }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@xano/xanoscript-language-server",
-  "version": "11.6.0",
+  "version": "11.6.2",
   "description": "Language Server Protocol implementation for XanoScript",
   "type": "module",
   "main": "server.js",

package/parser/functions/controls/switchCaseFn.js

@@ -11,6 +11,7 @@ import {
 export function switchCaseFn($) {
   return () => {
     $.sectionStack.push("switchCaseFn");
+    $.SUBRULE($.optionalCommentBlockFn);
     $.CONSUME(CaseToken); // "case"
     $.CONSUME(LParent); // "("
     $.SUBRULE($.expressionFn);

package/parser/functions/controls/switchFn.spec.js

@@ -101,4 +101,18 @@ describe("switchFn", () => {
     }`);
     expect(parser.errors).to.not.be.empty;
   });
+
+  it("switchFn accepts comments on case", () => {
+    const parser = parse(`switch ("myvar") {
+          // a comment for this case
+          case (1) break
+        
+          default {
+            debug.stop {
+              value = "do something"
+            }
+          }
+        }`);
+    expect(parser.errors).to.be.empty;
+  });
 });

package/parser/functions/util/utilGetRawInputFn.js

@@ -12,7 +12,7 @@ export function utilGetRawInputFn($) {
       ARGS: [
         fnToken,
         {
-          "encoding?": ["json", "yaml", "x-www-form-urlencoded", ""],
+          "encoding?": ["json", "none", "yaml", "x-www-form-urlencoded", ""],
           "description?": "[string]",
           "disabled?": "[boolean]",
           "exclude_middleware?": "[boolean]",

package/parser/functions/util/utilGetRawInputFn.spec.js

@@ -19,6 +19,13 @@ describe("utilGetRawInputFn", () => {
     expect(parser.errors).to.be.empty;
   });
 
+  it("utilGetRawInputFn accepts none as an encoding attribute", () => {
+    const parser = parse(`get_raw_input {
+      encoding = "none"
+    } as $x4`);
+    expect(parser.errors).to.be.empty;
+  });
+
   it("utilGetRawInputFn encoding attribute is optional", () => {
     const parser = parse(`get_raw_input as $x4`);
     expect(parser.errors).to.be.empty;

package/parser/functions/varFn.js

@@ -1,6 +1,24 @@
 import { DotToken } from "../../lexer/tokens.js";
 import { UpdateToken, VarToken } from "../../lexer/var.js";
-import { ShortFormVariable } from "../../lexer/variables.js";
+import {
+  ApiBaseUrlVariable,
+  BranchVariable,
+  DatasourceVariable,
+  HttpHeadersVariable,
+  RemoteHostVariable,
+  RemoteIpVariable,
+  RemotePasswordVariable,
+  RemotePortVariable,
+  RemoteUserVariable,
+  RequestAuthTokenVariable,
+  RequestMethod,
+  RequestQuerystringVariable,
+  RequestUriVariable,
+  ShortFormVariable,
+  TenantVariable,
+  WebflowVariable,
+} from "../../lexer/variables.js";
+import { isBlacklistedVariableName } from "../generic/assignableVariableProperty.js";
 
 /**
  * represent $var.x or $x, the only format accepting an assigment
@@ -15,8 +33,38 @@ export function varFn($) {
       {
         // "var $users"
         ALT: () => {
-          const variable = $.CONSUME(ShortFormVariable);
+          // "$users" or env property tokens like "$http_headers"
+          // TODO: probably a good idea to add a warning when an reserved env property
+          // token is used as a variable name
+          const variable = $.OR1([
+            { ALT: () => $.CONSUME(ShortFormVariable) },
+            { ALT: () => $.CONSUME(ApiBaseUrlVariable) },
+            { ALT: () => $.CONSUME(BranchVariable) },
+            { ALT: () => $.CONSUME(DatasourceVariable) },
+            { ALT: () => $.CONSUME(HttpHeadersVariable) },
+            { ALT: () => $.CONSUME(RemoteHostVariable) },
+            { ALT: () => $.CONSUME(RemoteIpVariable) },
+            { ALT: () => $.CONSUME(RemotePasswordVariable) },
+            { ALT: () => $.CONSUME(RemotePortVariable) },
+            { ALT: () => $.CONSUME(RemoteUserVariable) },
+            { ALT: () => $.CONSUME(RequestAuthTokenVariable) },
+            { ALT: () => $.CONSUME(RequestMethod) },
+            { ALT: () => $.CONSUME(RequestQuerystringVariable) },
+            { ALT: () => $.CONSUME(RequestUriVariable) },
+            { ALT: () => $.CONSUME(TenantVariable) },
+            { ALT: () => $.CONSUME(WebflowVariable) },
+          ]);
           if (variable.image) {
+            // Check for blacklisted variable names
+            const nameWithoutPrefix = variable.image.startsWith("$")
+              ? variable.image.slice(1)
+              : variable.image;
+            if (isBlacklistedVariableName(nameWithoutPrefix)) {
+              $.addInvalidValueError(
+                variable,
+                `'${variable.image}' is a reserved variable name and should not be used as a variable.`,
+              );
+            }
             // we can directly add the variable here but
             // not necessary for the `assignableVariableProperty` below
             // which will add it on its own

package/parser/functions/varFn.spec.js

@@ -84,6 +84,13 @@ describe("varFn", () => {
     expect(parser.errors).to.be.empty;
   });
 
+  it("varFn accept scientific notation", () => {
+    const parser = parse(`  var $x1 {
+      value = 4.21E-6
+    }`);
+    expect(parser.errors).to.be.empty;
+  });
+
   it("varFn expect a variable name", () => {
     const parser = parse(`var {
       value = "email"
@@ -92,6 +99,13 @@ describe("varFn", () => {
     expect(parser.errors).to.not.be.empty;
   });
 
+  it("varFn accepts an $env.$http_headers object as the value", () => {
+    const parser = parse(`var $http_headers {
+      value = $env.$http_headers
+    }`);
+    expect(parser.errors).to.be.empty;
+  });
+
   it("varFn expect an as variable to be an identifier", () => {
     const parser = parse(`var "user" {
       value = "email"
@@ -107,6 +121,13 @@ describe("varFn", () => {
     expect(parser.errors).to.be.empty;
   });
 
+  it("varFn can update a value", () => {
+    const parser = parse(`var.update $http_headers.Referer {
+      value = "example.com"
+    }`);
+    expect(parser.errors).to.be.empty;
+  });
+
   it("should allow accessing a property from an object defined in place", () => {
     let parser = parse(`var $config {
       value = {
@@ -170,4 +191,105 @@ describe("varFn", () => {
     }`);
     expect(parser.errors).to.be.empty;
   });
+
+  // Blacklisted variable names - these conflict with built-in variables
+  // Some are blocked at lexer level (separate tokens), others at parser level
+  describe("blacklisted variable names", () => {
+    // These are lexed as ShortFormVariable and need explicit blacklisting
+    const shortFormBlacklisted = ["output", "db", "toolset"];
+
+    for (const name of shortFormBlacklisted) {
+      it(`rejects var $${name} as variable name (short form)`, () => {
+        const parser = parse(`var $${name} {
+          value = "test"
+        }`);
+        expect(parser.errors).to.not.be.empty;
+        expect(parser.errors[0].message).to.include("reserved");
+      });
+
+      it(`rejects var.update $${name} as variable name (short form)`, () => {
+        const parser = parse(`var.update $${name} {
+          value = "test"
+        }`);
+        expect(parser.errors).to.not.be.empty;
+        expect(parser.errors[0].message).to.include("reserved");
+      });
+    }
+
+    // These are separate tokens and already rejected by the parser
+    const separateTokenBlacklisted = [
+      "auth",
+      "input",
+      "env",
+      "response",
+      "error",
+      "this",
+    ];
+
+    for (const name of separateTokenBlacklisted) {
+      it(`rejects var $${name} as variable name (separate token)`, () => {
+        const parser = parse(`var $${name} {
+          value = "test"
+        }`);
+        if (parser.errors.length === 0) {
+          console.log(parser.errors, name);
+        }
+        expect(parser.errors).to.not.be.empty;
+      });
+
+      it(`rejects var.update $${name} as variable name (separate token)`, () => {
+        const parser = parse(`var.update $${name} {
+          value = "test"
+        }`);
+        expect(parser.errors).to.not.be.empty;
+      });
+    }
+
+    // $var is the LongFormVariable prefix, parser expects a dot after it
+    it("rejects var $var as variable name (long form prefix)", () => {
+      const parser = parse(`var $var {
+        value = "test"
+      }`);
+      expect(parser.errors).to.not.be.empty;
+    });
+
+    // All blacklisted names should be rejected in long form via var.update
+    const allBlacklisted = [
+      "auth",
+      "input",
+      "env",
+      "response",
+      "output",
+      "var",
+      "db",
+      "error",
+      "toolset",
+      "this",
+    ];
+
+    for (const name of allBlacklisted) {
+      it(`rejects var.update $var.${name} as variable name (long form)`, () => {
+        const parser = parse(`var.update $var.${name} {
+          value = "test"
+        }`);
+        expect(parser.errors).to.not.be.empty;
+        expect(parser.errors[0].message).to.include("reserved");
+      });
+    }
+
+    // Ensure valid names still work
+    it("accepts var $user as variable name", () => {
+      const parser = parse(`var $user {
+        value = "test"
+      }`);
+      expect(parser.errors).to.be.empty;
+    });
+
+    it("accepts var $my_input as variable name", () => {
+      const parser = parse(`var $my_input {
+        value = "test"
+      }`);
+      expect(parser.errors).to.be.empty;
+    });
+  });
 });

package/parser/generic/asVariable.spec.js

@@ -34,4 +34,80 @@ describe("asVariable", () => {
     const parser = parse("as $$clients");
     expect(parser.errors).to.not.be.empty;
   });
+
+  // Blacklisted variable names - these conflict with built-in variables
+  // Some are blocked at lexer level (separate tokens), others at parser level
+  describe("blacklisted variable names", () => {
+    // These are lexed as ShortFormVariable and need explicit blacklisting
+    const shortFormBlacklisted = ["output", "db", "toolset"];
+
+    for (const name of shortFormBlacklisted) {
+      it(`rejects as $${name} (short form)`, () => {
+        const parser = parse(`as $${name}`);
+        expect(parser.errors).to.not.be.empty;
+        expect(parser.errors[0].message).to.include("reserved");
+      });
+    }
+
+    // These are separate tokens and already rejected by the parser
+    const separateTokenBlacklisted = [
+      "auth",
+      "input",
+      "env",
+      "response",
+      "error",
+      "this",
+    ];
+
+    for (const name of separateTokenBlacklisted) {
+      it(`rejects as $${name} (separate token)`, () => {
+        const parser = parse(`as $${name}`);
+        expect(parser.errors).to.not.be.empty;
+      });
+    }
+
+    // $var is the LongFormVariable prefix, parser expects a dot after it
+    it("rejects as $var (long form prefix)", () => {
+      const parser = parse("as $var");
+      expect(parser.errors).to.not.be.empty;
+    });
+
+    // All blacklisted names should be rejected in long form ($var.name)
+    const allBlacklisted = [
+      "auth",
+      "input",
+      "env",
+      "response",
+      "output",
+      "var",
+      "db",
+      "error",
+      "toolset",
+      "this",
+    ];
+
+    for (const name of allBlacklisted) {
+      it(`rejects as $var.${name} (long form)`, () => {
+        const parser = parse(`as $var.${name}`);
+        expect(parser.errors).to.not.be.empty;
+        expect(parser.errors[0].message).to.include("reserved");
+      });
+    }
+
+    // Ensure valid names still work
+    it("accepts as $user", () => {
+      const parser = parse("as $user");
+      expect(parser.errors).to.be.empty;
+    });
+
+    it("accepts as $my_input", () => {
+      const parser = parse("as $my_input");
+      expect(parser.errors).to.be.empty;
+    });
+
+    it("accepts as $var.my_var", () => {
+      const parser = parse("as $var.my_var");
+      expect(parser.errors).to.be.empty;
+    });
+  });
 });

package/parser/generic/assignableVariableAs.js

@@ -1,5 +1,7 @@
+import { MismatchedTokenException } from "chevrotain";
 import { DotToken, Identifier } from "../../lexer/tokens.js";
-import { LongFormVariable,ShortFormVariable } from "../../lexer/variables.js";
+import { LongFormVariable, ShortFormVariable } from "../../lexer/variables.js";
+import { isBlacklistedVariableName } from "./assignableVariableProperty.js";
 
 /**
  * represent $var.x or $x, the only format accepting an assigment
@@ -7,11 +9,15 @@ import { LongFormVariable,ShortFormVariable } from "../../lexer/variables.js";
  */
 export function assignableVariableAs($) {
   return () => {
+    let variableName = "";
+    let variableToken = null;
     $.OR([
       // "$users"
       {
         ALT: () => {
-          $.CONSUME(ShortFormVariable);
+          const variable = $.CONSUME(ShortFormVariable);
+          variableName = variable.image;
+          variableToken = variable;
         },
       },
       // "$var.users"
@@ -19,9 +25,26 @@ export function assignableVariableAs($) {
         ALT: () => {
           $.CONSUME(LongFormVariable);
           $.CONSUME(DotToken);
-          $.CONSUME(Identifier);
+          const variable = $.CONSUME(Identifier);
+          variableName = `$${variable.image}`;
+          variableToken = variable;
         },
       },
     ]);
+
+    // Check for blacklisted variable names
+    if (variableName && variableToken) {
+      const nameWithoutPrefix = variableName.startsWith("$")
+        ? variableName.slice(1)
+        : variableName;
+      if (isBlacklistedVariableName(nameWithoutPrefix)) {
+        $.SAVE_ERROR(
+          new MismatchedTokenException(
+            `'${variableName}' is a reserved variable name and cannot be used`,
+            variableToken
+          )
+        );
+      }
+    }
   };
 }

package/parser/generic/assignableVariableAs.spec.js

@@ -49,4 +49,56 @@ describe("assignableVariableAs", () => {
     const parser = parse(`"someting"`);
     expect(parser.errors).to.not.be.empty;
   });
+
+  // Blacklisted variable names - used in loop contexts (each as $variable)
+  describe("blacklisted variable names", () => {
+    // These are lexed as ShortFormVariable and need explicit blacklisting
+    const shortFormBlacklisted = ["output", "db", "toolset"];
+
+    for (const name of shortFormBlacklisted) {
+      it(`rejects $${name} (short form)`, () => {
+        const parser = parse(`$${name}`);
+        expect(parser.errors).to.not.be.empty;
+        expect(parser.errors[0].message).to.include("reserved");
+      });
+    }
+
+    // All blacklisted names should be rejected in long form ($var.name)
+    const allBlacklisted = [
+      "auth",
+      "input",
+      "env",
+      "response",
+      "output",
+      "var",
+      "db",
+      "error",
+      "toolset",
+      "this",
+    ];
+
+    for (const name of allBlacklisted) {
+      it(`rejects $var.${name} (long form)`, () => {
+        const parser = parse(`$var.${name}`);
+        expect(parser.errors).to.not.be.empty;
+        expect(parser.errors[0].message).to.include("reserved");
+      });
+    }
+
+    // Ensure valid names still work
+    it("accepts $item", () => {
+      const parser = parse("$item");
+      expect(parser.errors).to.be.empty;
+    });
+
+    it("accepts $i", () => {
+      const parser = parse("$i");
+      expect(parser.errors).to.be.empty;
+    });
+
+    it("accepts $var.my_var", () => {
+      const parser = parse("$var.my_var");
+      expect(parser.errors).to.be.empty;
+    });
+  });
 });

package/parser/generic/assignableVariableProperty.js

@@ -1,6 +1,50 @@
+import { MismatchedTokenException } from "chevrotain";
 import { PipeToken } from "../../lexer/control.js";
 import { DotToken, Identifier, NewlineToken } from "../../lexer/tokens.js";
-import { LongFormVariable, ShortFormVariable } from "../../lexer/variables.js";
+import {
+  ApiBaseUrlVariable,
+  BranchVariable,
+  DatasourceVariable,
+  HttpHeadersVariable,
+  LongFormVariable,
+  RemoteHostVariable,
+  RemoteIpVariable,
+  RemotePasswordVariable,
+  RemotePortVariable,
+  RemoteUserVariable,
+  RequestAuthTokenVariable,
+  RequestMethod,
+  RequestQuerystringVariable,
+  RequestUriVariable,
+  ShortFormVariable,
+  TenantVariable,
+  WebflowVariable,
+} from "../../lexer/variables.js";
+
+// Blacklisted variable names that conflict with built-in variables
+// These names cannot be used for user-defined variables because they
+// would conflict with their shorthand form (e.g., $var.input -> $input)
+export const BLACKLISTED_VARIABLE_NAMES = [
+  "auth",
+  "input",
+  "env",
+  "response",
+  "output",
+  "var",
+  "db",
+  "error",
+  "toolset",
+  "this",
+];
+
+/**
+ * Check if a variable name is blacklisted
+ * @param {string} name - Variable name without $ prefix
+ * @returns {boolean}
+ */
+export function isBlacklistedVariableName(name) {
+  return BLACKLISTED_VARIABLE_NAMES.includes(name);
+}
 
 /**
  * represent $var.x or $x, the only format accepting an assigment
@@ -9,13 +53,34 @@ import { LongFormVariable, ShortFormVariable } from "../../lexer/variables.js";
 export function assignableVariableProperty($) {
   return () => {
     let variableName = "";
+    let variableToken = null;
     $.OR({
       DEF: [
-        // "$users"
+        // "$users" or env property tokens like "$http_headers"
+        // TODO: probably a good idea to add a warning when an reserved env property
+        // token is used as a variable name
         {
           ALT: () => {
-            const variable = $.CONSUME(ShortFormVariable);
+            const variable = $.OR1([
+              { ALT: () => $.CONSUME(ShortFormVariable) },
+              { ALT: () => $.CONSUME(ApiBaseUrlVariable) },
+              { ALT: () => $.CONSUME(BranchVariable) },
+              { ALT: () => $.CONSUME(DatasourceVariable) },
+              { ALT: () => $.CONSUME(HttpHeadersVariable) },
+              { ALT: () => $.CONSUME(RemoteHostVariable) },
+              { ALT: () => $.CONSUME(RemoteIpVariable) },
+              { ALT: () => $.CONSUME(RemotePasswordVariable) },
+              { ALT: () => $.CONSUME(RemotePortVariable) },
+              { ALT: () => $.CONSUME(RemoteUserVariable) },
+              { ALT: () => $.CONSUME(RequestAuthTokenVariable) },
+              { ALT: () => $.CONSUME(RequestMethod) },
+              { ALT: () => $.CONSUME(RequestQuerystringVariable) },
+              { ALT: () => $.CONSUME(RequestUriVariable) },
+              { ALT: () => $.CONSUME(TenantVariable) },
+              { ALT: () => $.CONSUME(WebflowVariable) },
+            ]);
             variableName = variable.image;
+            variableToken = variable;
           },
         },
         // "$var.users"
@@ -25,11 +90,29 @@ export function assignableVariableProperty($) {
             $.CONSUME(DotToken);
             const variable = $.CONSUME(Identifier);
             variableName = `$${variable.image}`;
+            variableToken = variable;
           },
         },
       ],
       ERR_MSG: "expecting variable (e.g. $variable or $var.variable)",
     });
+
+    // Check for blacklisted variable names
+    if (variableName && variableToken) {
+      // Extract the name without $ prefix for checking
+      const nameWithoutPrefix = variableName.startsWith("$")
+        ? variableName.slice(1)
+        : variableName;
+      if (isBlacklistedVariableName(nameWithoutPrefix)) {
+        $.SAVE_ERROR(
+          new MismatchedTokenException(
+            `'${variableName}' is a reserved variable name and cannot be used`,
+            variableToken
+          )
+        );
+      }
+    }
+
     $.SUBRULE($.chainedIdentifier);
 
     $.MANY({

package/parser/generic/assignableVariableProperty.spec.js

@@ -49,4 +49,81 @@ describe("assignableVariableProperty", () => {
     const parser = parse(`$users|trim`);
     expect(parser.errors).to.be.empty;
   });
+
+  // Blacklisted variable names - these conflict with built-in variables
+  // Some are blocked at lexer level (separate tokens), others at parser level
+  describe("blacklisted variable names", () => {
+    // These are lexed as ShortFormVariable and need explicit blacklisting
+    const shortFormBlacklisted = ["output", "db", "toolset"];
+
+    for (const name of shortFormBlacklisted) {
+      it(`rejects $${name} as assignable variable (short form)`, () => {
+        const parser = parse(`$${name}`);
+        expect(parser.errors).to.not.be.empty;
+        expect(parser.errors[0].message).to.include("reserved");
+      });
+    }
+
+    // These are separate tokens and already rejected by the parser
+    // (not in the OR alternatives of assignableVariableProperty)
+    const separateTokenBlacklisted = [
+      "auth",
+      "input",
+      "env",
+      "response",
+      "error",
+      "this",
+    ];
+
+    for (const name of separateTokenBlacklisted) {
+      it(`rejects $${name} as assignable variable (separate token)`, () => {
+        const parser = parse(`$${name}`);
+        expect(parser.errors).to.not.be.empty;
+      });
+    }
+
+    // $var is the LongFormVariable prefix, parser expects a dot after it
+    it("rejects $var as assignable variable (long form prefix)", () => {
+      const parser = parse("$var");
+      expect(parser.errors).to.not.be.empty;
+    });
+
+    // All blacklisted names should be rejected in long form ($var.name)
+    const allBlacklisted = [
+      "auth",
+      "input",
+      "env",
+      "response",
+      "output",
+      "var",
+      "db",
+      "error",
+      "toolset",
+      "this",
+    ];
+
+    for (const name of allBlacklisted) {
+      it(`rejects $var.${name} as assignable variable (long form)`, () => {
+        const parser = parse(`$var.${name}`);
+        expect(parser.errors).to.not.be.empty;
+        expect(parser.errors[0].message).to.include("reserved");
+      });
+    }
+
+    // Ensure valid names still work
+    it("accepts $user as assignable variable", () => {
+      const parser = parse("$user");
+      expect(parser.errors).to.be.empty;
+    });
+
+    it("accepts $my_input as assignable variable", () => {
+      const parser = parse("$my_input");
+      expect(parser.errors).to.be.empty;
+    });
+
+    it("accepts $var.my_var as assignable variable", () => {
+      const parser = parse("$var.my_var");
+      expect(parser.errors).to.be.empty;
+    });
+  });
 });

package/parser/generic/completeEnvVariable.js

@@ -38,7 +38,7 @@ export function completeEnvVariable($) {
             {
               ALT: () => {
                 $.CONSUME(HttpHeadersVariable);
-                $.SUBRULE($.singleChainedIdentifier);
+                $.OPTION(() => $.SUBRULE($.singleChainedIdentifier));
               },
             },
             { ALT: () => $.CONSUME(RemoteHostVariable) },

package/parser/generic/completeEnvVariable.spec.js

@@ -62,6 +62,11 @@ describe("completeEnvVariable", () => {
     expect(parser.errors).to.be.empty;
   });
 
+  it("completeEnvVariable accepts $http_headers without property access", () => {
+    const parser = parse("$env.$http_headers");
+    expect(parser.errors).to.be.empty;
+  });
+
   it("completeEnvVariable warn when using env variable starting with $", () => {
     const parser = parse("$env.$my_custom_variable");
     expect(parser.errors).to.be.empty;

package/parser/generic/expressionFn.spec.js

@@ -187,6 +187,11 @@ describe("expressionFn", () => {
     expect(parser.errors).to.be.empty;
   });
 
+  it("expressionFn can be a scientific notation", () => {
+    const parser = parse("4.21E-6");
+    expect(parser.errors).to.be.empty;
+  });
+
   it("expressionFn accepts a JSON", () => {
     const parser = parse(`[
       {
@@ -270,7 +275,7 @@ describe("expressionFn", () => {
 
   it("expressionFn accepts a rich boolean test expression", () => {
     const parser = parse(
-      `($event_type == "app_mention") || (($event_type == "message") && ($channel_type == "im")) || $thread_replies.ai_bot_thread`
+      `($event_type == "app_mention") || (($event_type == "message") && ($channel_type == "im")) || $thread_replies.ai_bot_thread`,
     );
     expect(parser.errors).to.be.empty;
   });
@@ -323,7 +328,7 @@ describe("expressionFn", () => {
 
   it("expressionFn allow concat operator", () => {
     const parser = parse(
-      `"Given the conversation history and the latest message:\\n\\"" ~ $latestMessage ~ "\\"\\n\\nWho should act next? Or should we FINISH? Select one of: " ~ ($memberOptions|join:", ") ~ "."`
+      `"Given the conversation history and the latest message:\\n\\"" ~ $latestMessage ~ "\\"\\n\\nWho should act next? Or should we FINISH? Select one of: " ~ ($memberOptions|join:", ") ~ "."`,
     );
     expect(parser.errors).to.be.empty;
   });
@@ -374,14 +379,14 @@ describe("expressionFn", () => {
 
   it("expressionFn should accept chained filters in parenthesis", () => {
     const parser = parse(
-      `(now|to_timestamp|add:2:2|add:2|transform_timestamp:"24 hours ago":"UTC")`
+      `(now|to_timestamp|add:2:2|add:2|transform_timestamp:"24 hours ago":"UTC")`,
     );
     expect(parser.errors).to.be.empty;
   });
 
   it("expressionFn should accept chained filters with comparison", () => {
     const parser = parse(
-      `(now|to_timestamp|transform_timestamp:"24 hours ago":"UTC") > (335|add:2)`
+      `(now|to_timestamp|transform_timestamp:"24 hours ago":"UTC") > (335|add:2)`,
     );
     expect(parser.errors).to.be.empty;
   });

package/parser/tests/function/valid_sources/ledash_ends_with.xs

@@ -75,7 +75,7 @@ function "ledash/ends_with" {
       each as $index {
         conditional {
           description = "compare every element using position as an offset on the string"
-        
+
           if (($text|get:$position - $index - 1:null) !== ($target|get:($target|count) - $index - 1:null)) {
             return {
               value = false

package/parser/tests/query/valid_sources/all_zip.xs

@@ -27,7 +27,7 @@ query all_zip verb=GET {
     zip.extract {
       zip = $zip_file
       password = ""
-    } as $output
+    } as $extracted_output
   
     zip.view_contents {
       zip = $input.file

package/server.js

@@ -44,10 +44,10 @@ connection.onInitialize(() => {
 connection.onHover((params) => onHover(params, documents));
 connection.onCompletion((params) => onCompletion(params, documents));
 connection.onRequest("textDocument/semanticTokens/full", (params) =>
-  onSemanticCheck(params, documents, SemanticTokensBuilder)
+  onSemanticCheck(params, documents, SemanticTokensBuilder),
 );
 documents.onDidChangeContent((params) =>
-  onDidChangeContent(params, connection)
+  onDidChangeContent(params, connection),
 );
 connection.onDidOpenTextDocument((params) => {
   console.log("Document opened:", params.textDocument.uri);