@xano/xanoscript-language-server 11.6.4 → 11.7.0

package/.claude/settings.local.json

@@ -7,7 +7,10 @@
       "Bash(git checkout:*)",
       "Bash(ls:*)",
       "Bash(npm run lint:*)",
-      "Bash(grep:*)"
+      "Bash(grep:*)",
+      "Bash(node --input-type=module:*)",
+      "Bash(find:*)",
+      "Read(//tmp/**)"
     ]
   }
 }

package/lexer/control.js

@@ -302,6 +302,13 @@ export const PipeToken = createUniqToken({
   label: "|",
 });
 
+// ..
+export const DoubleDotToken = createUniqToken({
+  name: "DoubleDotToken",
+  pattern: /\.\./,
+  label: "..",
+});
+
 // ,
 export const CommaToken = createUniqToken({
   name: "CommaToken",
@@ -471,6 +478,7 @@ export const JsonSearchToken = createUniqToken({
 });
 
 export const ControlTokens = [
+  DoubleDotToken,
   JsonNotBetweenToken,
   JsonNotContainsToken,
   JsonNotILikeToken,
@@ -626,6 +634,7 @@ export function mapTokenToType(token) {
     case Question.name:
     case ColonToken.name:
     case PipeToken.name:
+    case DoubleDotToken.name:
     case CommaToken.name:
       return "punctuation";
     default:

package/lexer/tokens.js

@@ -153,7 +153,7 @@ export const NullToken = createTokenByName("null", {
 export const RegExpToken = createToken({
   name: "RegExpToken",
   label: "regexp",
-  pattern: /\/(?:[^/\n\\]|\\.)+\//,
+  pattern: /\/(?:[^/\n\\ ]|\\.)(?:[^/\n\\]|\\.)*\//,
 });
 
 export const WhiteSpace = createToken({

package/onHover/functions.md

@@ -398,12 +398,14 @@ api.call "account/{account_id}" verb=POST {
 } as $account_update_response
 ```
 
-Calls an internal Xano API endpoint, it allows you to invoke internal APIs within your end-to-end workflows tests.
+Calls an internal Xano API endpoint from within a `workflow_test` or `test` clause. This allows you to invoke internal APIs as part of your end-to-end workflow tests or unit tests within queries, functions, and tasks.
+
+**Note:** `api.call` is only available within `workflow_test`, `test` (in queries/functions/tasks/middleware), and `tool` contexts, including within control structures like `group`, `conditional`, loops, etc.
 
 - `api.call` signature is similar to the `query` definition it's invoking (e.g., `query <URL> verb=<METHOD> {...}`).
 - `api_group`: The API group to which the endpoint belongs.
-- `headers`: Custom headers to include in the request.
-- `input`: The request payload.
+- `headers`: Optional custom headers to include in the request.
+- `input`: The request payload containing parameters for the API call.
 
 # tool.call
 
@@ -2387,6 +2389,8 @@ test "value should always be greater than 0" {
 
 Defines a unit-test with a descriptive name (e.g., `"value should always be greater than 0"`). Each test can contain many `expect` blocks asserting conditions on the `$response` variable. The test will pass if all expectations are met. An optional `input` parameter can be passed to the stack being tested as its calling `input`.
 
+**Note:** `expect` statements are available within `test` clauses and `workflow_test` declarations. They cannot be used in regular queries or functions.
+
 # expect.to_equal
 
 ```xs
@@ -2397,6 +2401,8 @@ expect.to_equal ($response.some_property) {
 
 Checks if the value of `$response.some_property` equals the specified `value`. Useful for basic equality checks in test assertions.
 
+**Note:** `expect` statements are only available within `workflow_test` declarations and `test` clauses. They cannot be used in regular queries or functions.
+
 # expect.to_start_with
 
 ```xs

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@xano/xanoscript-language-server",
-  "version": "11.6.4",
+  "version": "11.7.0",
   "description": "Language Server Protocol implementation for XanoScript",
   "type": "module",
   "main": "server.js",

package/parser/clauses/inputClause.js

@@ -1,3 +1,4 @@
+import { MismatchedTokenException } from "chevrotain";
 import { LCurly, RCurly } from "../../lexer/control.js";
 import { InputToken, NewlineToken } from "../../lexer/tokens.js";
 
@@ -7,12 +8,19 @@ import { InputToken, NewlineToken } from "../../lexer/tokens.js";
 export function inputClause($) {
   return () => {
     $.sectionStack.push("inputClause");
+
+    let hasStatement = false;
+    let hasNewLine = false;
+
     $.CONSUME(InputToken); // "input"
     // unlike schema, input can be mentioned without any fields
     $.OPTION(() => {
       $.CONSUME(LCurly); // "{"
       $.MANY(() => {
-        $.AT_LEAST_ONE1(() => $.CONSUME1(NewlineToken)); // at least one new line
+        $.MANY1(() => {
+          $.CONSUME1(NewlineToken);
+          hasNewLine = true;
+        }); // at least one new line
         $.SUBRULE($.optionalCommentBlockFn);
 
         $.OR([
@@ -26,8 +34,20 @@ export function inputClause($) {
             ALT: () => $.SUBRULE($.dbLinkColumnDefinition),
           },
         ]);
+
+        if (hasStatement && !hasNewLine) {
+          $.SAVE_ERROR(
+            new MismatchedTokenException(
+              "Each statement in the input clause must be on a new line",
+              $.LA(0),
+            ),
+          );
+        }
+
+        hasNewLine = false;
+        hasStatement = true;
       });
-      $.AT_LEAST_ONE2(() => $.CONSUME2(NewlineToken)); // at least one new line
+      $.MANY2(() => $.CONSUME2(NewlineToken)); // can have new lines at the end of the input clause
       $.CONSUME(RCurly); // "}"
     });
     $.sectionStack.pop();

package/parser/clauses/inputClause.spec.js

@@ -12,6 +12,23 @@ function parse(inputText) {
 }
 
 describe("inputClause", () => {
+  it("inputClause accepts empty input", () => {
+    const parser = parse(`input {}`);
+    expect(parser.errors).to.be.empty;
+  });
+
+  it("inputClause accepts a single input as one liner", () => {
+    const parser = parse(`input { email email_input? filters=trim|lower }`);
+    expect(parser.errors).to.be.empty;
+  });
+
+  it("inputClause cannot have 2 statement on the same line", () => {
+    const parser = parse(
+      `input { email email_input? filters=trim|lower text name }`,
+    );
+    expect(parser.errors).to.not.be.empty;
+  });
+
   it("inputClause accepts filters and field definition", () => {
     const parser = parse(`input {
     email email_input? filters=trim|lower

package/parser/clauses/nakedStackFn.js

@@ -4,7 +4,6 @@ import { LCurly, RCurly } from "../../lexer/control.js";
 import { NewlineToken } from "../../lexer/tokens.js";
 
 export const DEFAULT_OPTIONS = {
-  allowExpectStatements: false,
   allowCallStatements: false,
 };
 
@@ -56,10 +55,7 @@ export function nakedStackFn($) {
           GATE: () => options.allowCallStatements,
           ALT: () => $.SUBRULE($.middlewareCallFn),
         },
-        {
-          GATE: () => options.allowExpectStatements,
-          ALT: () => $.SUBRULE($.workflowExpectFn),
-        },
+        { ALT: () => $.SUBRULE($.workflowExpectFn) },
       ]);
     });
     $.AT_LEAST_ONE2(() => $.CONSUME2(NewlineToken));

package/parser/clauses/testClause.spec.js

@@ -20,15 +20,6 @@ describe("testClause", () => {
     expect(parser.errors).to.be.empty;
   });
 
-  it("testClause accepts a comment", () => {
-    const parser = parse(`test "should add numbers" {
-      expect.to_equal ($response) {
-        value = 5
-      }
-    }`);
-    expect(parser.errors).to.be.empty;
-  });
-
   it("testClause requires accepts an optional datasource", () => {
     const parser = parse(`test "should add numbers" {
       datasource = "live"

package/parser/function_parser.js

@@ -29,7 +29,10 @@ export function functionDeclaration($) {
     ]);
 
     if (nameToken?.image && getVarName(nameToken).startsWith("/")) {
-      $.addInvalidValueError(nameToken, "function name must not start with '/'");
+      $.addInvalidValueError(
+        nameToken,
+        "function name must not start with '/'",
+      );
     }
 
     $.CONSUME(LCurly); // "{"

package/parser/function_parser.spec.js

@@ -93,4 +93,22 @@ describe("function_parser", () => {
     }`);
     expect(parser.errors).to.not.be.empty;
   });
+
+  it("should not allow api.call in a function stack", () => {
+    const parser = xanoscriptParser(`function foo {
+      input {
+      }
+
+      stack {
+        api.call "users/{user_id}" verb=GET {
+          api_group = "account"
+          input = { user_id: 123 }
+        } as $user
+      }
+
+      response = null
+    }`);
+    expect(parser.errors).to.not.be.empty;
+  });
 });
+

package/parser/functions/api/apiCallFn.js

@@ -18,6 +18,20 @@ export function apiCallFn($) {
   return () => {
     $.sectionStack.push("apiCallFn");
     const fnToken = $.CONSUME(CallToken); // "call"
+
+    // Validate that api.call is only used in allowed contexts
+    const validContexts = ["workflowTestDeclaration", "toolDeclaration", "testClause"];
+    const isInValidContext = validContexts.some((context) =>
+      $.sectionStack.includes(context)
+    );
+
+    if (!isInValidContext) {
+      $.addInvalidValueError(
+        fnToken,
+        "api.call can only be used within workflow_test, tool, or test contexts"
+      );
+    }
+
     $.OR([
       { ALT: () => $.CONSUME(StringLiteral) }, // "foo/bar"
       { ALT: () => $.CONSUME(Identifier) }, // foo

package/parser/functions/api/apiCallFn.spec.js

@@ -7,6 +7,8 @@ function parse(inputText) {
   parser.reset();
   const lexResult = lexDocument(inputText);
   parser.input = lexResult.tokens;
+  // Simulate being inside a test context for api.call validation
+  parser.sectionStack.push("testClause");
   parser.apiCallFn();
   return parser;
 }

package/parser/functions/api/apiRequestFn.js

@@ -29,7 +29,7 @@ export function apiRequestFn($) {
           "disabled?": "[boolean]",
           "params?": "[expression]",
           "headers?": "[expression]",
-          "timeout?": "[number]",
+          "timeout?": "[expression]",
           "follow_location?": "[expression]",
           "ca_certificate?": "[string]",
           "certificate?": "[string]",

package/parser/functions/api/apiRequestFn.spec.js

@@ -53,7 +53,7 @@ describe("apiRequestFn", () => {
       method = "POST"
       params = {}|set:"foo":"bar"
       headers = []|push:"Set-Cookie: sessionId=e8bb43229de9; Domain=foo.example.com"
-      timeout = 25
+      timeout = $input.timeout
       ca_certificate = "what is this"
       certificate = """
         -----BEGIN CERTIFICATE-----

package/parser/functions/apiFn.js

@@ -5,15 +5,12 @@ import { DotToken } from "../../lexer/tokens.js";
  * @param {import('../base_parser.js').XanoBaseParser} $
  */
 export function apiFn($) {
-  return (options = {}) => {
+  return () => {
     $.sectionStack.push("api");
     $.CONSUME(ApiToken); // "api"
     $.CONSUME(DotToken); // "."
     $.OR([
-      {
-        GATE: () => options.allowCallStatements,
-        ALT: () => $.SUBRULE($.apiCallFn), // "api.call"
-      },
+      { ALT: () => $.SUBRULE($.apiCallFn) }, // "api.call"
       { ALT: () => $.SUBRULE($.apiLambdaFn) }, // "api.lambda"
       { ALT: () => $.SUBRULE($.apiRequestFn) }, // "api.request"
       { ALT: () => $.SUBRULE($.apiRealtimeEventFn) }, // "api.realtime_event"

package/parser/functions/controlFn.js

@@ -6,6 +6,7 @@ import { BreakToken, ContinueToken } from "../../lexer/control.js";
  */
 export function controlFn($) {
   return (options = {}) => {
+    $.sectionStack.push("controlFn");
     $.OR([
       { ALT: () => $.CONSUME(BreakToken) }, // "break"
       { ALT: () => $.CONSUME(ContinueToken) }, // "continue"

package/parser/functions/controls/conditionalFn.js

@@ -10,6 +10,7 @@ export function conditionalFn($) {
     let hasIfStatement = false;
     let hasDescription = false;
     let hasDisabled = false;
+    let hasElseStatement = false;
 
     $.sectionStack.push("conditionalFn");
     const parent = $.CONSUME(ConditionalToken); // "conditional"
@@ -37,13 +38,27 @@ export function conditionalFn($) {
           ALT: () => {
             hasIfStatement = true;
             $.SUBRULE($.conditionalIfFn);
-            $.MANY1(() => {
-              $.AT_LEAST_ONE1(() => $.CONSUME3(NewlineToken));
-              $.SUBRULE($.conditionalElifFn);
-            });
-            $.OPTION(() => {
-              $.AT_LEAST_ONE2(() => $.CONSUME4(NewlineToken));
-              $.SUBRULE($.conditionalElseFn);
+
+            // as soon as we hit an else statement, we know there can be no more elif statements, so we only check for the absence of an else statement
+            $.MANY1({
+              GATE: () => !hasElseStatement,
+              DEF: () => {
+                $.AT_LEAST_ONE1(() => $.CONSUME3(NewlineToken));
+                $.SUBRULE($.optionalCommentBlockFn);
+                $.OR1([
+                  {
+                    ALT: () => {
+                      hasElseStatement = true;
+                      $.SUBRULE($.conditionalElseFn);
+                    },
+                  },
+                  {
+                    ALT: () => {
+                      $.SUBRULE($.conditionalElifFn);
+                    },
+                  },
+                ]);
+              },
             });
           },
         },

package/parser/functions/controls/conditionalFn.spec.js

@@ -108,6 +108,27 @@ describe("conditionalFn", () => {
     expect(parser.errors).to.be.empty;
   });
 
+  it("conditionalFn accepts a comment above the else", () => {
+    const parser = parse(`conditional {
+      // If destination address is a system account.
+      if ($some_condition) {
+        // Getting the final destination 
+        var $destination {
+          value = "https://example.com/default_destination/x"
+        }
+      }
+    
+      // Set the final destination URL
+      else {
+        // Getting the final destination
+        var $destination {
+          value = "https://example.com/default_destination"
+        }
+      }
+    }`);
+    expect(parser.errors).to.be.empty;
+  });
+
   it("conditionalFn accepts a description", () => {
     const parser = parse(`conditional {
       description = "foo"

package/parser/functions/controls/preconditionFn.spec.js

@@ -28,9 +28,19 @@ describe("preconditionFn", () => {
     expect(parser.errors).to.be.empty;
   });
 
+  it("should accept a complex precondition expression", () => {
+    const parser =
+      parse(`precondition (($a_rate >= ($rate_token.x_rate * (1 - ($env.x_rate_all / 100)))) && ($a_rate <= ($rate_token.x_rate * (1 + ($env.x_rate_all / 100))))) {
+        error_type = "badrequest"
+        error = "ohoh"
+        payload = "The rate is off"
+      }`);
+    expect(parser.errors).to.be.empty;
+  });
+
   it("preconditionFn accept an escaped string", () => {
     const parser = parse(
-      `precondition ($escaped == '\\"hello this is chris\\\\\\' test\\"')`
+      `precondition ($escaped == '\\"hello this is chris\\\\\\' test\\"')`,
     );
     expect(parser.errors).to.be.empty;
   });

package/parser/functions/expect/unitExpectWithArgumentsFn.spec.js

@@ -16,7 +16,7 @@ describe("unitExpectWithArgumentsFn", () => {
   it("unitExpectWithArgumentsFn to_equal accepts a $response variable", () => {
     const parser = parse(`to_equal ($response) {
       value = "foo"
-    };`);
+    }`);
     expect(parser.errors).to.be.empty;
   });
 
@@ -27,6 +27,13 @@ describe("unitExpectWithArgumentsFn", () => {
     expect(parser.errors).to.not.be.empty;
   });
 
+  it("unitExpectWithArgumentsFn accepts an expression", () => {
+    const parser = parse(`to_equal ($response) {
+      value = \`12092834098240928304982039840923908402384.09823904823098402834\`  
+    }`);
+    expect(parser.errors).to.be.empty;
+  });
+
   it("unitExpectWithArgumentsFn does not accept variables", () => {
     const parser = parse(`to_equal ($response) {
       value = $response.x

package/parser/functions/schema/schemaFn.js

@@ -130,7 +130,6 @@ export function schemaFn($) {
                     $.SUBRULE($.nakedStackFn, {
                       ARGS: [
                         {
-                          allowExpectStatements: isTest,
                           allowCallStatements: isTest,
                         },
                       ],

package/parser/functions/schema/schemaParseAttributeFn.spec.js

@@ -116,6 +116,8 @@ function parse(inputText) {
   parser.reset();
   const lexResult = lexDocument(inputText);
   parser.input = lexResult.tokens;
+  // Simulate being inside a test context for api.call validation
+  parser.sectionStack.push("testClause");
   return parser;
 }
 

package/parser/functions/schema/schemaParseObjectFn.js

@@ -8,6 +8,7 @@ import {
 } from "../../../lexer/control.js";
 import { StringLiteral } from "../../../lexer/literal.js";
 import { DotToken, Identifier, NewlineToken } from "../../../lexer/tokens.js";
+import { InputVariable, ShortFormVariable } from "../../../lexer/variables.js";
 import {
   canBeDisabledAttribute,
   isMultiAttribute,
@@ -40,7 +41,7 @@ export function schemaParseObjectFn($) {
         some(objectKeys, (k) => isSchemaGenericType(k))
       ) {
         throw new Error(
-          "schemaParseObjectFn supports only one generic type when multiple keys are defined"
+          "schemaParseObjectFn supports only one generic type when multiple keys are defined",
         );
       }
     });
@@ -55,7 +56,7 @@ export function schemaParseObjectFn($) {
       if (needSeparator) {
         $.addInvalidValueError(
           lastToken,
-          "Expected a comma, a new line or closing bracket"
+          "Expected a comma, a new line or closing bracket",
         );
       }
 
@@ -82,25 +83,49 @@ export function schemaParseObjectFn($) {
             return objectKeyToken.image.slice(1, -1);
           },
         },
+        {
+          // dynamic key using $input.property
+          ALT: () => {
+            objectKeyToken = $.CONSUME(InputVariable);
+            const tokens = [objectKeyToken];
+            $.MANY4(() => {
+              tokens.push($.CONSUME1(DotToken));
+              tokens.push($.CONSUME2(Identifier));
+            });
+            return tokens.map((t) => t.image).join(".");
+          },
+        },
+        {
+          // dynamic key using $variable or $variable.property
+          ALT: () => {
+            objectKeyToken = $.CONSUME(ShortFormVariable);
+            const tokens = [objectKeyToken];
+            $.MANY5(() => {
+              tokens.push($.CONSUME2(DotToken));
+              tokens.push($.CONSUME3(Identifier));
+            });
+            return tokens.map((t) => t.image).join(".");
+          },
+        },
       ]);
 
       const subSchemaKey = valueMatchRequirements(keyValue, objectKeys);
       if (!subSchemaKey) {
         $.addInvalidValueError(
           objectKeyToken,
-          `The key '${keyValue}' is not valid in this context`
+          `The key '${keyValue}' is not valid in this context`,
         );
       } else if (disabledToken && !canBeDisabledAttribute(subSchemaKey)) {
         $.addInvalidValueError(
           disabledToken,
-          `The key '${keyValue}' cannot be disabled`
+          `The key '${keyValue}' cannot be disabled`,
         );
       }
 
       if (keyNames.includes(keyValue) && !isMultiAttribute(subSchemaKey)) {
         $.addInvalidValueError(
           objectKeyToken,
-          `Duplicate key '${keyValue}' found`
+          `Duplicate key '${keyValue}' found`,
         );
       } else {
         keyNames.push(keyValue);
@@ -133,25 +158,25 @@ export function schemaParseObjectFn($) {
 
     if (missingKeys.length) {
       const missingKeyNames = missingKeys.filter(
-        (k) => !isOptionalAttribute(k)
+        (k) => !isOptionalAttribute(k),
       );
       if (missingKeyNames.length > 1) {
         $.addMissingError(
           lastToken || token,
           `{} is missing the following required entries: ${missingKeyNames.join(
-            ", "
-          )}`
+            ", ",
+          )}`,
         );
       } else if (missingKeyNames.length === 1) {
         if (isSchemaGenericType(missingKeyNames[0])) {
           $.addMissingError(
             lastToken || token,
-            `{} requires a least one entry`
+            `{} requires a least one entry`,
           );
         } else {
           $.addMissingError(
             lastToken || token,
-            `{} is missing required key '${missingKeyNames[0]}'`
+            `{} is missing required key '${missingKeyNames[0]}'`,
           );
         }
       }

package/parser/functions/varFn.spec.js

@@ -76,6 +76,20 @@ describe("varFn", () => {
     expect(parser.errors).to.be.empty;
   });
 
+  it("varFn allows range expressions", () => {
+    const parser = parse(`var $numbers {
+      value = (1..100)
+    }`);
+    expect(parser.errors).to.be.empty;
+  });
+
+  it("varFn allows range expressions with variables", () => {
+    const parser = parse(`var $numbers {
+      value = ($var.start..$end_var)
+    }`);
+    expect(parser.errors).to.be.empty;
+  });
+
   it("varFn accepts a system env variable", () => {
     const parser = parse(`var $user {
       value = $env.$remote_ip
@@ -128,6 +142,14 @@ describe("varFn", () => {
     expect(parser.errors).to.be.empty;
   });
 
+  it("var.update should allow $input reference in its filters", () => {
+    const parser = parse(`var.update $object_for_update {
+      value = $object_for_update
+        |merge_recursive:{$input.key:$input.value}
+    }`);
+    expect(parser.errors).to.be.empty;
+  });
+
   it("should allow accessing a property from an object defined in place", () => {
     let parser = parse(`var $config {
       value = {
@@ -253,6 +275,13 @@ describe("varFn", () => {
       expect(parser.errors).to.not.be.empty;
     });
 
+    it("accepts a backtick expression as value", () => {
+      const parser = parse(`var $current_time {
+        value = \`12316546543321321.3213521654654\`
+      }`);
+      expect(parser.errors).to.be.empty;
+    });
+
     // All blacklisted names should be rejected in long form via var.update
     const allBlacklisted = [
       "auth",

package/parser/functions/workflowExpectFn.js

@@ -7,7 +7,21 @@ import { DotToken } from "../../lexer/tokens.js";
 export function workflowExpectFn($) {
   return () => {
     $.sectionStack.push("workflowExpect");
-    $.CONSUME(ExpectToken); // "expect"
+    const expectToken = $.CONSUME(ExpectToken); // "expect"
+
+    // Validate that expect statements are only used in allowed contexts
+    const validContexts = ["workflowTestDeclaration", "testClause"];
+    const isInValidContext = validContexts.some((context) =>
+      $.sectionStack.includes(context)
+    );
+
+    if (!isInValidContext) {
+      $.addInvalidValueError(
+        expectToken,
+        "expect statements can only be used within workflow_test or test contexts"
+      );
+    }
+
     $.CONSUME(DotToken); // "."
     $.OR([
       { ALT: () => $.SUBRULE($.workflowExpectWithArgumentsFn) }, // "expect.to_equal, expect.to_start_with, etc."

package/parser/generic/expressionFn.js

@@ -3,6 +3,7 @@ import {
   AndTestToken,
   ColonToken,
   Divide,
+  DoubleDotToken,
   GreaterThan,
   GreaterThanOrEq,
   IsEqual,
@@ -234,14 +235,14 @@ export function expressionFn($) {
     if (hasFilters && hasTests) {
       $.addInvalidValueError(
         token,
-        "An expression should be wrapped in parentheses when combining filters and tests"
+        "An expression should be wrapped in parentheses when combining filters and tests",
       );
     }
 
     if (options.allowQueryExpression && has_ternary) {
       $.addInvalidValueError(
         testToken,
-        "Ternary expressions are not allowed in a where clause"
+        "Ternary expressions are not allowed in a where clause",
       );
     }
   };
@@ -263,6 +264,7 @@ export function expressionTestFn($) {
       { ALT: () => $.CONSUME(Multiply) }, // "*"
       { ALT: () => $.CONSUME(Divide) }, // "/"
       { ALT: () => $.CONSUME(Modulus) }, // "%"
+      { ALT: () => $.CONSUME(DoubleDotToken) }, // ".."
       { ALT: () => $.CONSUME(NullishCoalescingToken) }, // "??"
       { ALT: () => $.CONSUME(AndTestToken) }, // "&&"
       { ALT: () => $.CONSUME(OrTestToken) }, // "||"
@@ -371,15 +373,12 @@ export function simpleExpressionFn($) {
 
       // Group 2: Complex literals (distinct tokens)
       {
-        GATE: () => options.allowExpression,
         ALT: () => $.CONSUME(MultiLineStringToken),
       },
       {
-        GATE: () => options.allowExpression,
         ALT: () => $.CONSUME(MultiLineExpressionToken),
       },
       {
-        GATE: () => options.allowExpression,
         ALT: () => $.CONSUME(ExpressionLiteral),
       },
 

package/parser/generic/functionAttrReq.js

@@ -24,6 +24,7 @@ export function functionAttrReq($) {
    * @param {string[]} options.allowQueryExpression special attriutes that will allow query expressions
    **/
   return (parent, required, optional, options = {}) => {
+    $.sectionStack.push("functionAttrReq");
     // setup basic defaults
     required = required || [];
     optional = optional || [];

package/parser/middleware_parser.js

@@ -1,3 +1,4 @@
+import { CommentToken } from "../lexer/comment.js";
 import { EqualToken, LCurly, RCurly } from "../lexer/control.js";
 import { StringLiteral } from "../lexer/literal.js";
 import {
@@ -34,9 +35,7 @@ export function middlewareDeclaration($) {
     $.MANY(() => {
       $.AT_LEAST_ONE(() => $.CONSUME(NewlineToken)); // at least one new line
       $.OR2([
-        {
-          ALT: () => $.SUBRULE($.commentBlockFn),
-        },
+        { ALT: () => $.CONSUME(CommentToken) },
         {
           GATE: () => !hasDescription,
           ALT: () => {

package/parser/middleware_parser.spec.js

@@ -60,6 +60,33 @@ describe("middleware_parser", () => {
     expect(parser.errors).to.not.be.empty;
   });
 
+  it("middleware should accept a test", () => {
+    const parser = xanoscriptParser(`middleware foo {
+        input {
+        }
+  
+        stack {
+        }
+  
+        response = null
+        response_strategy = "replace"
+        exception_policy = "rethrow"
+
+        // test cases
+        test "testset " {
+          input = {
+            adoption_application_id: ""
+            user_id                : ""
+            completed_only         : ""
+            scheduled_only         : ""
+            page                   : ""
+            per_page               : ""
+          }
+        }
+      }`);
+    expect(parser.errors).to.be.empty;
+  });
+
   describe("ResponseStrategy", () => {
     it("should parse middleware with response_strategy = 'merge'", () => {
       const parser = xanoscriptParser(`middleware test_merge {
@@ -109,7 +136,7 @@ describe("middleware_parser", () => {
       expect(parser.errors).to.not.be.empty;
       expect(parser.errors[0].message).to.include('Invalid value "invalid"');
       expect(parser.errors[0].message).to.include(
-        'Must be one of: "merge", "replace"'
+        'Must be one of: "merge", "replace"',
       );
     });
   });
@@ -179,7 +206,7 @@ describe("middleware_parser", () => {
       expect(parser.errors).to.not.be.empty;
       expect(parser.errors[0].message).to.include('Invalid value "invalid"');
       expect(parser.errors[0].message).to.include(
-        'Must be one of: "silent", "rethrow", "critical"'
+        'Must be one of: "silent", "rethrow", "critical"',
       );
     });
   });

package/parser/query_parser.spec.js

@@ -151,4 +151,25 @@ describe("query_parser", () => {
 }`);
     expect(parser.errors).to.be.empty;
   });
+
+  it("should not allow api.call within a group in a query stack", () => {
+    const parser = xanoscriptParser(`query foo verb=GET {
+      input {
+      }
+
+      stack {
+        group {
+          stack {
+            api.call bar verb=POST {
+              api_group = "internal"
+              input = { x: 1 }
+            } as $result
+          }
+        }
+      }
+
+      response = null
+    }`);
+    expect(parser.errors).to.not.be.empty;
+  });
 });

package/parser/workflow_test_parser.js

@@ -46,7 +46,7 @@ export function workflowTestDeclaration($) {
             hasStack = true;
             $.SUBRULE($.stackClause, {
               ARGS: [
-                { allowExpectStatements: true, allowCallStatements: true },
+                { allowCallStatements: true },
               ],
             });
           },

package/parser/workflow_test_parser.spec.js

@@ -68,4 +68,59 @@ describe("workflow_test_parser", () => {
     }`);
     expect(parser.errors).to.be.empty;
   });
+
+  it("should parse a workflow test with api.call within a group", () => {
+    const parser = xanoscriptParser(`workflow_test foo {
+      stack {
+        group {
+          stack {
+            api.call "endpoint/{id}" verb=PATCH {
+              api_group = "external"
+              input = {
+                data: {action: "update"}
+                id: 123
+              }
+            } as $result
+          }
+        }
+      }
+    }`);
+    expect(parser.errors).to.be.empty;
+  });
+
+  it("should parse a workflow test with expect.to_equal within a group", () => {
+    const parser = xanoscriptParser(`workflow_test foo {
+      stack {
+        var $a {
+          value = 42
+        }
+
+        group {
+          stack {
+            function.call "add" {
+              input = {a: 20, b: 22}
+            } as $sum
+
+            expect.to_equal ($a) {
+              value = 42
+            }
+          }
+        }
+
+        group {
+          stack {
+            function.call "add" {
+              input = {a: 20, b: 22}
+            } as $sum
+             
+            expect.to_equal ($a) {
+              value = 42
+            }
+          }
+        }
+      }
+    }`);
+    console.log(parser.errors);
+    expect(parser.errors).to.be.empty;
+  });
 });