@xdelivered/emberflow 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (414) hide show
  1. package/LICENSE +21 -0
  2. package/README.md +153 -0
  3. package/bin/commands.test.ts +185 -0
  4. package/bin/commands.ts +306 -0
  5. package/bin/emberflow.mjs +38 -0
  6. package/bin/init.test.ts +165 -0
  7. package/bin/init.ts +297 -0
  8. package/bin/runtime.mjs +105 -0
  9. package/bin/runtime.test.ts +167 -0
  10. package/bin/skillTargets.test.ts +108 -0
  11. package/bin/skillTargets.ts +36 -0
  12. package/bin/skillTemplates.test.ts +37 -0
  13. package/bin/tsconfig.json +23 -0
  14. package/dist/bin/commands.d.ts +24 -0
  15. package/dist/bin/commands.js +252 -0
  16. package/dist/bin/init.d.ts +17 -0
  17. package/dist/bin/init.js +241 -0
  18. package/dist/bin/runtime.d.mts +39 -0
  19. package/dist/bin/runtime.mjs +96 -0
  20. package/dist/bin/skillTargets.d.ts +13 -0
  21. package/dist/bin/skillTargets.js +22 -0
  22. package/dist/server/agents/claudeAdapter.d.ts +8 -0
  23. package/dist/server/agents/claudeAdapter.js +190 -0
  24. package/dist/server/agents/claudeParse.d.ts +2 -0
  25. package/dist/server/agents/claudeParse.js +162 -0
  26. package/dist/server/agents/codexAdapter.d.ts +13 -0
  27. package/dist/server/agents/codexAdapter.js +174 -0
  28. package/dist/server/agents/codexParse.d.ts +2 -0
  29. package/dist/server/agents/codexParse.js +74 -0
  30. package/dist/server/agents/detect.d.ts +23 -0
  31. package/dist/server/agents/detect.js +35 -0
  32. package/dist/server/agents/gitScope.d.ts +24 -0
  33. package/dist/server/agents/gitScope.js +95 -0
  34. package/dist/server/agents/modelRejectionHint.d.ts +8 -0
  35. package/dist/server/agents/modelRejectionHint.js +12 -0
  36. package/dist/server/agents/prompt.d.ts +79 -0
  37. package/dist/server/agents/prompt.js +364 -0
  38. package/dist/server/agents/runManager.d.ts +90 -0
  39. package/dist/server/agents/runManager.js +259 -0
  40. package/dist/server/agents/types.d.ts +15 -0
  41. package/dist/server/agents/types.js +1 -0
  42. package/dist/server/apiStore.d.ts +60 -0
  43. package/dist/server/apiStore.js +249 -0
  44. package/dist/server/auth/enforce.d.ts +1 -0
  45. package/dist/server/auth/enforce.js +6 -0
  46. package/dist/server/auth/types.d.ts +1 -0
  47. package/dist/server/auth/types.js +1 -0
  48. package/dist/server/auth/verifiers.d.ts +1 -0
  49. package/dist/server/auth/verifiers.js +4 -0
  50. package/dist/server/authAttach.d.ts +19 -0
  51. package/dist/server/authAttach.js +79 -0
  52. package/dist/server/cli.d.ts +7 -0
  53. package/dist/server/cli.js +804 -0
  54. package/dist/server/client.d.ts +130 -0
  55. package/dist/server/client.js +247 -0
  56. package/dist/server/environments.d.ts +103 -0
  57. package/dist/server/environments.js +486 -0
  58. package/dist/server/flowStore.d.ts +37 -0
  59. package/dist/server/flowStore.js +117 -0
  60. package/dist/server/httpOperations.d.ts +32 -0
  61. package/dist/server/httpOperations.js +62 -0
  62. package/dist/server/index.d.ts +1 -0
  63. package/dist/server/index.js +1022 -0
  64. package/dist/server/infrastructure.d.ts +51 -0
  65. package/dist/server/infrastructure.js +116 -0
  66. package/dist/server/login.d.ts +21 -0
  67. package/dist/server/login.js +44 -0
  68. package/dist/server/mcp.d.ts +1 -0
  69. package/dist/server/mcp.js +182 -0
  70. package/dist/server/migrateFlows.d.ts +8 -0
  71. package/dist/server/migrateFlows.js +25 -0
  72. package/dist/server/mockHandler.d.ts +15 -0
  73. package/dist/server/mockHandler.js +35 -0
  74. package/dist/server/nodesPayload.d.ts +14 -0
  75. package/dist/server/nodesPayload.js +14 -0
  76. package/dist/server/normalizeFlow.d.ts +21 -0
  77. package/dist/server/normalizeFlow.js +48 -0
  78. package/dist/server/openBrowser.d.ts +8 -0
  79. package/dist/server/openBrowser.js +16 -0
  80. package/dist/server/operationResult.d.ts +12 -0
  81. package/dist/server/operationResult.js +26 -0
  82. package/dist/server/pathGuard.d.ts +1 -0
  83. package/dist/server/pathGuard.js +16 -0
  84. package/dist/server/pathSafety.d.ts +20 -0
  85. package/dist/server/pathSafety.js +35 -0
  86. package/dist/server/projectConfig.d.ts +47 -0
  87. package/dist/server/projectConfig.js +61 -0
  88. package/dist/server/projectMode.d.ts +26 -0
  89. package/dist/server/projectMode.js +44 -0
  90. package/dist/server/redact.d.ts +6 -0
  91. package/dist/server/redact.js +37 -0
  92. package/dist/server/runRegistry.d.ts +84 -0
  93. package/dist/server/runRegistry.js +200 -0
  94. package/dist/server/runtime/RuntimeAdapter.d.ts +22 -0
  95. package/dist/server/runtime/RuntimeAdapter.js +1 -0
  96. package/dist/server/runtime/expressAdapter.d.ts +19 -0
  97. package/dist/server/runtime/expressAdapter.js +56 -0
  98. package/dist/server/scenarioTest.d.ts +14 -0
  99. package/dist/server/scenarioTest.js +66 -0
  100. package/dist/server/subflowRunner.d.ts +32 -0
  101. package/dist/server/subflowRunner.js +72 -0
  102. package/dist/server/testRunner.d.ts +70 -0
  103. package/dist/server/testRunner.js +151 -0
  104. package/dist/src/config.d.ts +3 -0
  105. package/dist/src/config.js +2 -0
  106. package/dist/src/engine/authVerify.d.ts +33 -0
  107. package/dist/src/engine/authVerify.js +63 -0
  108. package/dist/src/engine/diagnostics.d.ts +62 -0
  109. package/dist/src/engine/diagnostics.js +148 -0
  110. package/dist/src/engine/executor.d.ts +151 -0
  111. package/dist/src/engine/executor.js +684 -0
  112. package/dist/src/engine/httpError.d.ts +7 -0
  113. package/dist/src/engine/httpError.js +14 -0
  114. package/dist/src/engine/index.d.ts +11 -0
  115. package/dist/src/engine/index.js +11 -0
  116. package/dist/src/engine/output.d.ts +11 -0
  117. package/dist/src/engine/output.js +20 -0
  118. package/dist/src/engine/publish.d.ts +30 -0
  119. package/dist/src/engine/publish.js +95 -0
  120. package/dist/src/engine/registry.d.ts +34 -0
  121. package/dist/src/engine/registry.js +67 -0
  122. package/dist/src/engine/scenarios.d.ts +12 -0
  123. package/dist/src/engine/scenarios.js +19 -0
  124. package/dist/src/engine/schemaCheck.d.ts +4 -0
  125. package/dist/src/engine/schemaCheck.js +34 -0
  126. package/dist/src/engine/trace.d.ts +12 -0
  127. package/dist/src/engine/trace.js +12 -0
  128. package/dist/src/engine/types.d.ts +308 -0
  129. package/dist/src/engine/types.js +1 -0
  130. package/dist/src/engine/validation.d.ts +26 -0
  131. package/dist/src/engine/validation.js +318 -0
  132. package/dist/src/flows/anomaly-flows.d.ts +23 -0
  133. package/dist/src/flows/anomaly-flows.js +151 -0
  134. package/dist/src/flows/city-sweep-flow.d.ts +10 -0
  135. package/dist/src/flows/city-sweep-flow.js +127 -0
  136. package/dist/src/flows/login-flow.d.ts +13 -0
  137. package/dist/src/flows/login-flow.js +145 -0
  138. package/dist/src/flows/pradar-flows.d.ts +5 -0
  139. package/dist/src/flows/pradar-flows.js +375 -0
  140. package/dist/src/flows/weather-flow.d.ts +12 -0
  141. package/dist/src/flows/weather-flow.js +150 -0
  142. package/dist/src/lib/pathParams.d.ts +3 -0
  143. package/dist/src/lib/pathParams.js +6 -0
  144. package/dist/src/nodes/anomaly.d.ts +2 -0
  145. package/dist/src/nodes/anomaly.js +556 -0
  146. package/dist/src/nodes/flow-control.d.ts +7 -0
  147. package/dist/src/nodes/flow-control.js +270 -0
  148. package/dist/src/nodes/index.d.ts +3 -0
  149. package/dist/src/nodes/index.js +20 -0
  150. package/dist/src/nodes/login.d.ts +7 -0
  151. package/dist/src/nodes/login.js +158 -0
  152. package/dist/src/nodes/loops.d.ts +11 -0
  153. package/dist/src/nodes/loops.js +60 -0
  154. package/dist/src/nodes/pradar/index.d.ts +7 -0
  155. package/dist/src/nodes/pradar/index.js +9 -0
  156. package/dist/src/nodes/pradar/logic.d.ts +189 -0
  157. package/dist/src/nodes/pradar/logic.js +370 -0
  158. package/dist/src/nodes/pradar/nodes.d.ts +42 -0
  159. package/dist/src/nodes/pradar/nodes.js +801 -0
  160. package/dist/src/nodes/requireAuth.d.ts +20 -0
  161. package/dist/src/nodes/requireAuth.js +48 -0
  162. package/dist/src/nodes/response.d.ts +8 -0
  163. package/dist/src/nodes/response.js +33 -0
  164. package/dist/src/nodes/weather.d.ts +33 -0
  165. package/dist/src/nodes/weather.js +260 -0
  166. package/package.json +92 -0
  167. package/server/agentRoute.test.ts +157 -0
  168. package/server/agents/__fixtures__/fake-claude-writer.mjs +23 -0
  169. package/server/agents/__fixtures__/fake-claude.mjs +55 -0
  170. package/server/agents/__fixtures__/fake-codex-writer.mjs +27 -0
  171. package/server/agents/__fixtures__/fake-codex.mjs +52 -0
  172. package/server/agents/__fixtures__/fake-version-empty.mjs +3 -0
  173. package/server/agents/__fixtures__/fake-version-fail.mjs +4 -0
  174. package/server/agents/__fixtures__/fake-version-garbage.mjs +4 -0
  175. package/server/agents/__fixtures__/fake-version-good.mjs +4 -0
  176. package/server/agents/__fixtures__/fake-version-hang.mjs +3 -0
  177. package/server/agents/claudeAdapter.test.ts +127 -0
  178. package/server/agents/claudeAdapter.ts +212 -0
  179. package/server/agents/claudeParse.ts +193 -0
  180. package/server/agents/codexAdapter.test.ts +125 -0
  181. package/server/agents/codexAdapter.ts +198 -0
  182. package/server/agents/codexParse.test.ts +58 -0
  183. package/server/agents/codexParse.ts +126 -0
  184. package/server/agents/detect.test.ts +65 -0
  185. package/server/agents/detect.ts +43 -0
  186. package/server/agents/gitScope.test.ts +129 -0
  187. package/server/agents/gitScope.ts +110 -0
  188. package/server/agents/modelRejectionHint.test.ts +30 -0
  189. package/server/agents/modelRejectionHint.ts +14 -0
  190. package/server/agents/prompt.test.ts +613 -0
  191. package/server/agents/prompt.ts +527 -0
  192. package/server/agents/runManager.test.ts +251 -0
  193. package/server/agents/runManager.ts +286 -0
  194. package/server/agents/types.ts +17 -0
  195. package/server/apiMount.test.ts +591 -0
  196. package/server/apiStore.test.ts +324 -0
  197. package/server/apiStore.ts +241 -0
  198. package/server/auth/enforce.test.ts +61 -0
  199. package/server/auth/enforce.ts +6 -0
  200. package/server/auth/types.ts +5 -0
  201. package/server/auth/verifiers.test.ts +37 -0
  202. package/server/auth/verifiers.ts +9 -0
  203. package/server/authAttach.test.ts +175 -0
  204. package/server/authAttach.ts +99 -0
  205. package/server/cli.ts +847 -0
  206. package/server/cliAuth.test.ts +229 -0
  207. package/server/cliCreate.test.ts +131 -0
  208. package/server/cliDoctor.test.ts +326 -0
  209. package/server/cliTest.test.ts +735 -0
  210. package/server/client.ts +314 -0
  211. package/server/demoProject.test.ts +29 -0
  212. package/server/diagnosticsRoute.test.ts +169 -0
  213. package/server/environments.test.ts +620 -0
  214. package/server/environments.ts +603 -0
  215. package/server/environmentsRoute.test.ts +385 -0
  216. package/server/errorWorkflow.test.ts +205 -0
  217. package/server/flowStore.test.ts +84 -0
  218. package/server/flowStore.ts +125 -0
  219. package/server/httpOperations.test.ts +377 -0
  220. package/server/httpOperations.ts +96 -0
  221. package/server/index.ts +1111 -0
  222. package/server/infrastructure.test.ts +154 -0
  223. package/server/infrastructure.ts +161 -0
  224. package/server/infrastructureRoute.test.ts +105 -0
  225. package/server/login.test.ts +153 -0
  226. package/server/login.ts +67 -0
  227. package/server/mcp.ts +278 -0
  228. package/server/migrateFlows.test.ts +55 -0
  229. package/server/migrateFlows.ts +23 -0
  230. package/server/mockHandler.test.ts +138 -0
  231. package/server/mockHandler.ts +52 -0
  232. package/server/mockRun.test.ts +367 -0
  233. package/server/mockServe.test.ts +467 -0
  234. package/server/nodesPayload.test.ts +29 -0
  235. package/server/nodesPayload.ts +26 -0
  236. package/server/normalizeFlow.test.ts +80 -0
  237. package/server/normalizeFlow.ts +59 -0
  238. package/server/openBrowser.test.ts +20 -0
  239. package/server/openBrowser.ts +22 -0
  240. package/server/operationResult.test.ts +67 -0
  241. package/server/operationResult.ts +27 -0
  242. package/server/pathGuard.test.ts +19 -0
  243. package/server/pathGuard.ts +12 -0
  244. package/server/pathSafety.test.ts +38 -0
  245. package/server/pathSafety.ts +33 -0
  246. package/server/projectConfig.test.ts +67 -0
  247. package/server/projectConfig.ts +101 -0
  248. package/server/projectMode.test.ts +106 -0
  249. package/server/projectMode.ts +59 -0
  250. package/server/redact.test.ts +88 -0
  251. package/server/redact.ts +35 -0
  252. package/server/redactEgress.test.ts +281 -0
  253. package/server/runRegistry.ts +270 -0
  254. package/server/runsAuth.test.ts +119 -0
  255. package/server/runtime/RuntimeAdapter.ts +24 -0
  256. package/server/runtime/expressAdapter.test.ts +38 -0
  257. package/server/runtime/expressAdapter.ts +70 -0
  258. package/server/scenarioTest.test.ts +148 -0
  259. package/server/scenarioTest.ts +88 -0
  260. package/server/setupStatus.test.ts +127 -0
  261. package/server/subflowRunner.ts +104 -0
  262. package/server/testRunner.ts +216 -0
  263. package/server/tsconfig.json +20 -0
  264. package/server/workflowTestRoute.test.ts +297 -0
  265. package/src/App.tsx +233 -0
  266. package/src/components/AgentConsole.tsx +461 -0
  267. package/src/components/BranchRulesEditor.tsx +156 -0
  268. package/src/components/CreateModal.tsx +275 -0
  269. package/src/components/Dock.tsx +487 -0
  270. package/src/components/EnvironmentDialog.tsx +569 -0
  271. package/src/components/EnvironmentPicker.tsx +357 -0
  272. package/src/components/EnvironmentsDialog.tsx +144 -0
  273. package/src/components/ExecutionPager.tsx +67 -0
  274. package/src/components/InfraPanel.test.tsx +103 -0
  275. package/src/components/InfraPanel.tsx +171 -0
  276. package/src/components/Inspector.tsx +1182 -0
  277. package/src/components/Json.tsx +50 -0
  278. package/src/components/JsonModal.tsx +52 -0
  279. package/src/components/LogMessage.tsx +61 -0
  280. package/src/components/NodeRunModal.tsx +213 -0
  281. package/src/components/RunLogPanel.tsx +397 -0
  282. package/src/components/RunbookView.tsx +1085 -0
  283. package/src/components/Scenarios.tsx +476 -0
  284. package/src/components/SettingsDialog.tsx +229 -0
  285. package/src/components/Sidebar.tsx +436 -0
  286. package/src/components/StatusBar.tsx +302 -0
  287. package/src/components/Toolbar.tsx +663 -0
  288. package/src/components/WelcomeDialog.test.tsx +107 -0
  289. package/src/components/WelcomeDialog.tsx +412 -0
  290. package/src/components/agentMarkdown.test.tsx +91 -0
  291. package/src/components/agentMarkdown.tsx +158 -0
  292. package/src/components/ui/badge.tsx +31 -0
  293. package/src/components/ui/button.tsx +46 -0
  294. package/src/components/ui/combobox.tsx +114 -0
  295. package/src/components/ui/command.tsx +82 -0
  296. package/src/components/ui/dialog.tsx +73 -0
  297. package/src/components/ui/input.tsx +20 -0
  298. package/src/components/ui/popover.tsx +32 -0
  299. package/src/components/ui/resizable.tsx +44 -0
  300. package/src/components/ui/tabs.tsx +36 -0
  301. package/src/config.ts +4 -0
  302. package/src/engine/authVerify.ts +81 -0
  303. package/src/engine/diagnostics.test.ts +437 -0
  304. package/src/engine/diagnostics.ts +211 -0
  305. package/src/engine/executor.test.ts +1339 -0
  306. package/src/engine/executor.ts +840 -0
  307. package/src/engine/httpError.test.ts +12 -0
  308. package/src/engine/httpError.ts +16 -0
  309. package/src/engine/index.ts +11 -0
  310. package/src/engine/output.ts +21 -0
  311. package/src/engine/publish.test.ts +176 -0
  312. package/src/engine/publish.ts +127 -0
  313. package/src/engine/registry.test.ts +64 -0
  314. package/src/engine/registry.ts +80 -0
  315. package/src/engine/scenarios.test.ts +55 -0
  316. package/src/engine/scenarios.ts +29 -0
  317. package/src/engine/schemaCheck.test.ts +21 -0
  318. package/src/engine/schemaCheck.ts +35 -0
  319. package/src/engine/trace.test.ts +19 -0
  320. package/src/engine/trace.ts +23 -0
  321. package/src/engine/types.test.ts +22 -0
  322. package/src/engine/types.ts +316 -0
  323. package/src/engine/validation.test.ts +314 -0
  324. package/src/engine/validation.ts +354 -0
  325. package/src/flows/anomaly-flows.test.ts +81 -0
  326. package/src/flows/anomaly-flows.ts +202 -0
  327. package/src/flows/city-sweep-flow.ts +131 -0
  328. package/src/flows/flows.test.ts +30 -0
  329. package/src/flows/login-flow.ts +150 -0
  330. package/src/flows/pradar-flows.test.ts +204 -0
  331. package/src/flows/pradar-flows.ts +419 -0
  332. package/src/flows/weather-flow.ts +154 -0
  333. package/src/globals.css +147 -0
  334. package/src/lib/pathParams.test.ts +24 -0
  335. package/src/lib/pathParams.ts +6 -0
  336. package/src/lib/registerLens.test.ts +79 -0
  337. package/src/lib/registerLens.ts +59 -0
  338. package/src/lib/runbookModel.test.ts +61 -0
  339. package/src/lib/runbookModel.ts +290 -0
  340. package/src/lib/runbookProjection.test.ts +417 -0
  341. package/src/lib/runbookProjection.ts +254 -0
  342. package/src/lib/useTailAnchor.ts +53 -0
  343. package/src/lib/utils.ts +7 -0
  344. package/src/main.tsx +13 -0
  345. package/src/nodes/anomaly.test.ts +98 -0
  346. package/src/nodes/anomaly.ts +637 -0
  347. package/src/nodes/effects-scan.test.ts +44 -0
  348. package/src/nodes/flow-control.test.ts +280 -0
  349. package/src/nodes/flow-control.ts +305 -0
  350. package/src/nodes/index.ts +22 -0
  351. package/src/nodes/login.test.ts +81 -0
  352. package/src/nodes/login.ts +186 -0
  353. package/src/nodes/loops.ts +69 -0
  354. package/src/nodes/pradar/index.ts +11 -0
  355. package/src/nodes/pradar/logic.test.ts +288 -0
  356. package/src/nodes/pradar/logic.ts +582 -0
  357. package/src/nodes/pradar/nodes.test.ts +146 -0
  358. package/src/nodes/pradar/nodes.ts +955 -0
  359. package/src/nodes/requireAuth.test.ts +75 -0
  360. package/src/nodes/requireAuth.ts +55 -0
  361. package/src/nodes/response.test.ts +33 -0
  362. package/src/nodes/response.ts +39 -0
  363. package/src/nodes/traceDetail.test.ts +39 -0
  364. package/src/nodes/weather.test.ts +65 -0
  365. package/src/nodes/weather.ts +306 -0
  366. package/src/store/agentClient.test.ts +103 -0
  367. package/src/store/agentClient.ts +131 -0
  368. package/src/store/apiTree.test.ts +17 -0
  369. package/src/store/apiTree.ts +73 -0
  370. package/src/store/builderStore.test.ts +1234 -0
  371. package/src/store/builderStore.ts +1879 -0
  372. package/src/store/infraClient.ts +63 -0
  373. package/src/store/nodeMeta.test.ts +24 -0
  374. package/src/store/nodeMeta.ts +21 -0
  375. package/src/store/persistence.test.ts +15 -0
  376. package/src/store/persistence.ts +54 -0
  377. package/src/store/serverRunner.ts +381 -0
  378. package/src/store/setupClient.ts +57 -0
  379. package/studio-dist/assets/ibm-plex-mono-cyrillic-400-normal-BSMlKf0J.woff2 +0 -0
  380. package/studio-dist/assets/ibm-plex-mono-cyrillic-400-normal-CEL4l2ZJ.woff +0 -0
  381. package/studio-dist/assets/ibm-plex-mono-cyrillic-500-normal-Ael50iVv.woff +0 -0
  382. package/studio-dist/assets/ibm-plex-mono-cyrillic-500-normal-Bq9vWWag.woff2 +0 -0
  383. package/studio-dist/assets/ibm-plex-mono-cyrillic-ext-400-normal-DMdlQ8Kv.woff +0 -0
  384. package/studio-dist/assets/ibm-plex-mono-cyrillic-ext-400-normal-xuaO2J-f.woff2 +0 -0
  385. package/studio-dist/assets/ibm-plex-mono-cyrillic-ext-500-normal-BIfNGwUT.woff +0 -0
  386. package/studio-dist/assets/ibm-plex-mono-cyrillic-ext-500-normal-BqneJy0T.woff2 +0 -0
  387. package/studio-dist/assets/ibm-plex-mono-latin-400-normal-CvHOgSBP.woff +0 -0
  388. package/studio-dist/assets/ibm-plex-mono-latin-400-normal-DMJ8VG8y.woff2 +0 -0
  389. package/studio-dist/assets/ibm-plex-mono-latin-500-normal-CB9ihrfo.woff +0 -0
  390. package/studio-dist/assets/ibm-plex-mono-latin-500-normal-DSY6xOcd.woff2 +0 -0
  391. package/studio-dist/assets/ibm-plex-mono-latin-ext-400-normal-BmRBH3aV.woff2 +0 -0
  392. package/studio-dist/assets/ibm-plex-mono-latin-ext-400-normal-D3D2R8hC.woff +0 -0
  393. package/studio-dist/assets/ibm-plex-mono-latin-ext-500-normal-CAhNIIs5.woff2 +0 -0
  394. package/studio-dist/assets/ibm-plex-mono-latin-ext-500-normal-CZ70TYgx.woff +0 -0
  395. package/studio-dist/assets/ibm-plex-mono-vietnamese-400-normal-BulugwFq.woff2 +0 -0
  396. package/studio-dist/assets/ibm-plex-mono-vietnamese-400-normal-DDuiU_S-.woff +0 -0
  397. package/studio-dist/assets/ibm-plex-mono-vietnamese-500-normal-C8zxqsMH.woff +0 -0
  398. package/studio-dist/assets/ibm-plex-mono-vietnamese-500-normal-DZ4AoWbu.woff2 +0 -0
  399. package/studio-dist/assets/index-DNJwW-hM.css +1 -0
  400. package/studio-dist/assets/index-O26dKRjW.js +65 -0
  401. package/studio-dist/assets/inter-cyrillic-ext-wght-normal-BOeWTOD4.woff2 +0 -0
  402. package/studio-dist/assets/inter-cyrillic-wght-normal-DqGufNeO.woff2 +0 -0
  403. package/studio-dist/assets/inter-greek-ext-wght-normal-DlzME5K_.woff2 +0 -0
  404. package/studio-dist/assets/inter-greek-wght-normal-CkhJZR-_.woff2 +0 -0
  405. package/studio-dist/assets/inter-latin-ext-wght-normal-DO1Apj_S.woff2 +0 -0
  406. package/studio-dist/assets/inter-latin-wght-normal-Dx4kXJAl.woff2 +0 -0
  407. package/studio-dist/assets/inter-vietnamese-wght-normal-CBcvBZtf.woff2 +0 -0
  408. package/studio-dist/favicon.svg +1 -0
  409. package/studio-dist/icons.svg +24 -0
  410. package/studio-dist/index.html +14 -0
  411. package/templates/skills/emberflow-basics/SKILL.md +316 -0
  412. package/templates/skills/emberflow-model-process/SKILL.md +209 -0
  413. package/templates/skills/emberflow-new-workflow/SKILL.md +211 -0
  414. package/templates/skills/emberflow-review-workflow/SKILL.md +148 -0
@@ -0,0 +1,211 @@
1
+ ---
2
+ name: emberflow-new-workflow
3
+ description: Use when creating a BRAND-NEW Emberflow API operation from scratch (greenfield) — the user describes a goal or endpoint they want and no existing code models it yet. Guides choosing method + path, wiring Input → logic → Response, choosing built-in vs custom nodes, and covering branches with scenarios. For porting an EXISTING system, use emberflow-model-process instead.
4
+ metadata:
5
+ version: 2.5.0
6
+ ---
7
+
8
+ # Building a new Emberflow operation (greenfield)
9
+
10
+ Read **emberflow-basics** first for file layout and node mechanics. This skill
11
+ is the recipe for authoring an HTTP operation that doesn't exist yet.
12
+
13
+ ## 0. Intake — interview the user before you build
14
+
15
+ An operation touches four things only the user can decide: environments,
16
+ secrets, mocks, and scenarios. Interview them BEFORE designing — one question
17
+ at a time, short questions, never a wall of them. Skip any question whose
18
+ answer is already obvious from the project (an existing
19
+ `emberflow.environments.json`, existing ops on the same API). Do not invent
20
+ answers to fill gaps.
21
+
22
+ Check `emberflow/infrastructure.json` FIRST: if the scout has mapped this
23
+ project's databases, APIs and providers, reuse those systems and their secret
24
+ NAMES rather than re-interviewing the user about infrastructure they already
25
+ have.
26
+
27
+ 1. **Environments — but only when the project doesn't already answer it.**
28
+ Environments are PROJECT-level (`emberflow.environments.json` is shared by
29
+ every API and operation), not per-operation. Read it first. If it exists
30
+ and covers what this operation needs, say so in one line and move on —
31
+ do NOT re-interview the user about environments for every new operation.
32
+ Ask only when: the file doesn't exist yet ("Which environments should this
33
+ run against — local, dev, staging, prod? Which is the default? Which are
34
+ production-like?"), or this operation introduces a genuine delta (needs a
35
+ var/env no existing environment carries). Production-like environments get
36
+ `protected: true` (runs there default to safe mode; mutations dry-run).
37
+ Scaffolding goes through the `setup-environments` path; environment auth
38
+ through `set-environment-auth` — never a hand-edit.
39
+ 2. **Secrets — same scoping.** Existing keys that already cover this
40
+ operation need no questions. Ask only about NEW secret keys this operation
41
+ introduces: "this needs <an API key for X> — what should the key be
42
+ called, and does the value differ per environment?" You only ever name
43
+ `secretRef` keys; the user enters actual values in the studio's Manage
44
+ Environment dialog — never in chat, never in a file you write, never in a
45
+ CLI argument. Both `emberflow.secrets.json` and
46
+ `emberflow.environments.json` are gitignored; say so if the user asks
47
+ where values live.
48
+ 3. **Mocks.** "For mock mode, what should the canned data look like — do you
49
+ have a captured response or a representative row I should mirror?" Every
50
+ infra node (traceKind db/http/llm) needs a mock; realistic shapes make
51
+ mock runs trustworthy. If the user has nothing, propose representative
52
+ values and ask them to confirm the shape.
53
+ 4. **Scenarios.** "Which cases matter to you — the happy path plus what
54
+ failures/edge cases?" Every branch gets a scenario regardless; this
55
+ question is about which EXTRA cases the user cares to see named and
56
+ asserted (a specific customer shape, a known outage pattern).
57
+
58
+ Summarize what you heard in two or three sentences and confirm before
59
+ building. The answers drive steps 2, 7, and 8 below.
60
+
61
+ ## 1. State the goal as one sentence
62
+
63
+ "On `<METHOD path>`, given `<request>`, produce `<response>`, deciding `<the key
64
+ branch>` along the way." Write it down. Everything below serves this sentence. If
65
+ you can't write it, you don't understand the operation yet — ask.
66
+
67
+ ## 2. Choose the endpoint and its home
68
+
69
+ - **Method + path.** Pick the HTTP `method` and `path` that fit the goal (e.g.
70
+ `POST /charges`, `GET /users/:id`). The user described the goal, not the
71
+ mechanics — you decide these.
72
+ - **Where it lives.** Create `emberflow/apis/<api>/<folder…>/<name>.json` with a
73
+ clear kebab-case `<name>`. **Set the in-file `id` equal to the file's path
74
+ relative to the apis dir** — `emberflow/apis/billing/charge.json` → `id:
75
+ "billing/charge"`. A mismatched id makes the op unreachable.
76
+ - Add the `http` trigger `{ "method": …, "path": … }`. (Omit `http` only if you
77
+ are building an internal sub-flow, not an endpoint.)
78
+
79
+ ## 3. Decompose into steps, then nodes
80
+
81
+ List the steps the endpoint takes, in order. Each becomes a node:
82
+
83
+ - **Entry is always `Input`** — it receives `{ params, query, body, headers }`.
84
+ Read a request part with a dotted `sourceField` (`body.amount`, `query.id`,
85
+ `params.userId`).
86
+ - **Terminus is always `Response`** for an HTTP op — its `{ status, body }`
87
+ becomes the wire response (omit `status` → 200). (Use `Result` only for an
88
+ internal, non-HTTP flow.)
89
+ - **Control flow uses built-ins:** `Conditional`/`Route` (a decision),
90
+ `ForEach`/`Collect` (repeat over a list), `Subflow` (delegate to another
91
+ operation). Don't build custom nodes for branching.
92
+ - **Project logic is a custom node** you register in `emberflow.config.mjs`'s
93
+ `registerNodes`. One node = one cohesive operation (fetch X, score Y, send Z).
94
+ Put real side effects behind `effects: 'mutation'`, and set `traceKind`
95
+ (`'db'|'http'|'llm'`) on every node that touches infrastructure — mock mode
96
+ uses it to know what to intercept. An unmarked infra node silently executes
97
+ for real during mock runs.
98
+ - **Implementations are real.** A custom node's implementation calls the actual
99
+ dependency (the real query, the real HTTP call, the real SDK) — never canned
100
+ data pretending to be an implementation. Canned data belongs in the scenario
101
+ `mocks` maps, not in node code. Every operation is designed for BOTH worlds
102
+ from the start: real implementations so it serves live, plus mocks so it runs
103
+ in mock mode — one without the other is half an operation.
104
+ - **Commit means commit.** A mutation node's commit path performs the real side
105
+ effect — a "[SIMULATED]"-success commit path is forbidden (mock mode and
106
+ dry-run already cover every design-time need). Can't make the real call
107
+ because a secret isn't set? THROW, naming the exact secretRef the user must
108
+ fill in. The operation isn't operational until at least one mutation has been
109
+ exercised with `commit: true` against a real environment — or your final
110
+ report explicitly marks it "operational-pending" with the exact secret list.
111
+
112
+ **Reuse a node when one fits; otherwise author a new one.** Inventing nodes is
113
+ normal and encouraged — when no registered node does what the goal needs (call
114
+ an external API, a custom transform, a domain rule), add it in `registerNodes`
115
+ (above) and reference it. The one rule: **register a node's implementation
116
+ before you reference its `type`.** The runner rejects an operation referencing
117
+ an unregistered type, so a made-up type with no implementation fails — but a
118
+ type you register in the same change is exactly how you extend the palette.
119
+ Don't under-build to avoid authoring: build the operation out with the nodes the
120
+ goal genuinely needs.
121
+
122
+ Name nodes for what they *do* ("Score Lead", "Fetch Orders"), not their type.
123
+
124
+ ## 4. Design the data flow before wiring
125
+
126
+ For each node write its inputs and output shape. Draw the arrows: which node's
127
+ output feeds which node's input. This is your `inputMap` + `edges` plan. Two rules:
128
+
129
+ - Every input a node needs must come from exactly one upstream `sourceField`
130
+ (or the node's `config`/`defaults`).
131
+ - **Echo identity through outputs.** If a node produces a result later nodes must
132
+ attribute (an id, a category, a token), pass it through in its output — don't
133
+ make downstream nodes re-derive it. This keeps runs debuggable.
134
+
135
+ ## 5. Model decisions explicitly
136
+
137
+ A branch is a `Conditional` (ordered rules, first match wins) or `Route` (switch
138
+ on a field). The branch node emits `$branch`; each outgoing edge sets
139
+ `sourceHandle` to a branch name and only fires when that branch is taken. Give
140
+ every branch a destination — including a `fallback`, and often a distinct
141
+ `Response` (e.g. a 200 path and a 400/404 path). A node on an untaken branch is
142
+ skipped, not run.
143
+
144
+ ## 6. Build incrementally, running as you go
145
+
146
+ Keep `npx emberflow dev` up. Add `Input → one node → Response`, run it, confirm
147
+ the response, then extend. Don't wire ten nodes then run once. Use the studio's
148
+ Run and Step buttons; click a node in the run console to see its exact
149
+ input/output. Run both: plain Run and scenarios. The plain Run button sends no
150
+ request, using only Input `defaults`, so every required Input field needs a
151
+ sensible default unless you intentionally want plain Run to fail and report it.
152
+
153
+ ## 7. Cover every path with a scenario
154
+
155
+ For each path through the operation, add a scenario to
156
+ `<operation>.scenarios.json` whose `input` (the request shape `{ params?, query?,
157
+ body?, headers? }`) drives that path — name it for the path ("new-customer",
158
+ "over-limit", "missing-body"). An operation isn't done until every branch and
159
+ every distinct status code has a green scenario. If a step depends on
160
+ time/randomness, make it a node input and pin it in the scenario.
161
+
162
+ **Author mocks alongside the scenarios.** If the operation has any `traceKind`
163
+ infra node (db/http/llm), write the sidecar's `mocks` maps in the same change:
164
+ a top-level `"mocks": { "<nodeId>": <output> }` covering every infra node (plain
165
+ Run uses this), plus per-scenario `mocks` where a branch needs different canned
166
+ data. Each mock value is the node's OUTPUT verbatim — read the node
167
+ implementation to match its shape. An infra node with no mock fails the mock
168
+ run loudly, and `doctor` reports it as `missing-node-mock`. The bar: the
169
+ operation is green in BOTH modes — every scenario passes in mock mode, and the
170
+ real path works against a real environment. Never put secret values in mocks.
171
+
172
+ ## 8. Set the auth intent
173
+
174
+ Decide whether the endpoint is public or protected. Protected → put an `auth`
175
+ policy in the nearest `_meta.json` (inherited) or in the op's `http.auth`; public
176
+ under a protected folder → set `http.auth: "none"`. Don't leave a
177
+ should-be-protected endpoint silently public.
178
+
179
+ ## 9. Finish
180
+
181
+ - Auto-layout the operation (studio control) so it reads left-to-right, no overlaps.
182
+ - Confirm validation is clean (no orphan nodes, every inputMap has an edge).
183
+ - Run plain Run/default input once and fix any `Missing required input field(s)`
184
+ error before relying on scenario results.
185
+ - Confirm the `id` equals the file's path under apis, and the op ends in `Response`.
186
+ - Run `npx emberflow doctor <opId>` — resolve every finding, including
187
+ `missing-node-mock` on infra nodes.
188
+ - Run the scenarios in mock mode AND (when an environment exists) the real path
189
+ — both must be green.
190
+ - Run **emberflow-review-workflow** on it before calling it done.
191
+
192
+ ## Anti-patterns
193
+
194
+ - Referencing a node `type` you never registered — the op is rejected. Author the node in `registerNodes` in the same change (or reuse an existing one); don't reference a type with no implementation.
195
+ - Ending an HTTP op in `Result` instead of `Response` — no wire response.
196
+ - `id` that doesn't match the file path under apis — the op is unreachable.
197
+ - Custom nodes for branching/looping — use `Conditional`/`Route`/`ForEach`.
198
+ - Giant do-everything nodes — split by responsibility so runs are legible.
199
+ - inputMap without a matching edge — invisible wiring + wrong ordering.
200
+ - One scenario for a multi-branch operation — you've only tested one path.
201
+ - Scenario-only verification — misses required Input fields that have no defaults.
202
+ - Side effects with no `effects: 'mutation'` — safe mode can't protect the run.
203
+ - Canned data inside a node implementation instead of a real call — that's a mock
204
+ wearing an implementation's clothes; the op can never go live. Real logic in the
205
+ node, canned outputs in the sidecar `mocks`.
206
+ - A commit path that logs "[SIMULATED] …" and returns success — fake success on
207
+ an operational API. Commit does the real thing or throws naming the missing
208
+ secretRef; `doctor` reports these as `simulated-commit`.
209
+ - Infra node without `traceKind` — it silently runs for real in mock mode.
210
+ - Scenarios without `mocks` for an op that has infra nodes — mock runs fail loudly
211
+ and the design-first loop is broken.
@@ -0,0 +1,148 @@
1
+ ---
2
+ name: emberflow-review-workflow
3
+ description: Use to code-review an Emberflow API operation before it ships — after authoring or modeling one, or when asked to check/audit/review an existing operation. A rubric covering HTTP trigger + auth, wiring integrity, branch coverage, effects/safe-mode correctness, determinism, and readability. Reports findings by severity; does not rubber-stamp.
4
+ metadata:
5
+ version: 2.2.0
6
+ ---
7
+
8
+ # Reviewing an Emberflow operation
9
+
10
+ Read **emberflow-basics** for the mechanics. Review the operation JSON, its
11
+ scenario sidecar, any `_meta.json` in its path, and any custom nodes it uses.
12
+ Report findings by severity (Critical / Important / Minor) with the node id or
13
+ file:line. Do not approve an operation with an open Critical or Important
14
+ finding. Verify, don't assume — run the scenarios.
15
+
16
+ ## 0. HTTP trigger, id, and auth (for operations with `http`)
17
+
18
+ - **`id` matches the file path.** The in-file `id` MUST equal the file's path
19
+ relative to the apis dir (`emberflow/apis/billing/charge.json` → `"billing/charge"`).
20
+ A mismatch makes the op unreachable — Critical.
21
+ - **`http` is sane.** `{ method, path }` — method is a real HTTP verb; path is
22
+ well-formed and doesn't collide with another operation's method+path. Params in
23
+ the path (`/users/:id`) are actually read from `input.params`.
24
+ - **Terminus is `Response`, not `Result`.** An HTTP operation must end in a
25
+ `Response` node emitting `{ status, body }` (status omitted → 200). An HTTP op
26
+ ending in `Result` produces no wire response — Critical. Each branch that
27
+ returns to the client reaches a `Response` with the right status.
28
+ - **Auth is intentional.** Resolve the effective policy: nearest ancestor
29
+ `_meta.json` `auth`, then the op's `http.auth` override (`'none'` = public,
30
+ policy object = that policy, `'inherit'`/absent = inherited). A should-be-
31
+ protected endpoint that resolves to public (no `_meta.json`, no `http.auth`) is
32
+ Critical; an unintended `http.auth: "none"` under a protected folder is
33
+ Critical. A corrupt `_meta.json` fails closed by design — flag it to fix, but
34
+ it is not a fail-open hole.
35
+
36
+ ## 1. Wiring integrity
37
+
38
+ - **Validation clean?** Run the flow through the runner (open it in the studio or
39
+ `emberflow run`). Unknown node types, missing edges/handles, orphan regions =
40
+ Critical.
41
+ - **Every `inputMap` has a matching edge.** An inputMap `{sourceNodeId: A}` on
42
+ node B with no `A→B` edge is a bug: it renders as a floating node and the
43
+ topological order can't see the dependency (wrong execution order, or a race).
44
+ This is the single most common defect. Flag each occurrence.
45
+ - **No orphan nodes.** Every node is reachable from `Input` and (unless it's a
46
+ terminal `Response`/`Result`) feeds something.
47
+ - **Branch handles exist.** Every edge with a `sourceHandle` names a real branch
48
+ the source node emits; every branch a `Conditional`/`Route` can emit has a
49
+ destination (including the fallback).
50
+
51
+ ## 2. Branch coverage
52
+
53
+ - **One scenario per path.** Count the distinct paths through the flow; count the
54
+ scenarios. A multi-branch flow with one scenario has only ever tested one path
55
+ — Important. Each branch needs a scenario whose input drives it, named for the
56
+ case.
57
+ - **Scenarios carry `expect`.** A branch-covering scenario with no `expect` (or
58
+ `expect: {}`) is silently skipped by `emberflow test` — it doesn't fail, it's
59
+ just not asserted. Flag it as Important: each branch's scenario should assert
60
+ at least `status` and `executedNodes` so the branch is actually proven, not
61
+ just exercised.
62
+ - Run every scenario. A scenario that errors or reaches the wrong branch is a
63
+ Critical finding.
64
+
65
+ ## 3. Plain Run / default input check
66
+
67
+ - Run the flow once with the studio's plain **Run** path (or
68
+ `npx emberflow run <id> --input '{}'`). This uses only the Input node's
69
+ `config.defaults`.
70
+ - If a required Input field is missing from defaults and plain Run fails with
71
+ `Missing required input field(s)`, that is Important unless the flow explicitly
72
+ documents that plain Run is unsupported.
73
+ - Scenario success does not cover this. Scenarios can supply required fields that
74
+ the plain Run button does not.
75
+
76
+ ## 4. Effects and safe mode
77
+
78
+ - **Every side-effecting node is `effects: 'mutation'`.** DB writes, external
79
+ POSTs that create/change state, emails, queue sends. A mutation node that isn't
80
+ marked can't be dry-run under safe mode — Important.
81
+ - Mutation nodes should compute a graceful dry-run output (never crash) and only
82
+ perform the real effect under an explicit opt-in / when safe mode is off.
83
+ - Reads that look like writes (SELECT-only queries) are fine as `read` (default).
84
+
85
+ ## 4b. Mock coverage and dual-mode
86
+
87
+ An operation must be runnable in BOTH worlds: real implementations for live
88
+ serving, mocks for mock mode. Check both halves.
89
+
90
+ - **`traceKind` is honest.** Every node whose implementation reads a database,
91
+ calls an external service, or invokes a model carries `traceKind`
92
+ (`'db'|'http'|'llm'`). An unmarked infra node silently executes for real
93
+ during mock runs — Critical (mock mode's no-real-touch guarantee is broken).
94
+ - **Every infra node has a mock.** The sidecar's top-level `mocks` map covers
95
+ every `traceKind` node (plain Run needs it); scenarios that drive a branch
96
+ needing different canned data carry per-scenario `mocks`. `doctor` reports
97
+ gaps as `missing-node-mock` — Important.
98
+ - **Mock values match the node's output shape.** A mock is the node's OUTPUT
99
+ verbatim; a mock whose shape drifts from the implementation's return value
100
+ makes mock runs lie — Important. No secret values in mocks — Critical.
101
+ - **Implementations are real.** A custom node that returns canned data instead
102
+ of calling its actual dependency is a mock posing as an implementation — the
103
+ op can never serve live. Critical for an op meant to go real.
104
+ - **Commit paths commit.** A mutation node whose commit branch logs
105
+ "[SIMULATED]" (or otherwise returns success without performing the real side
106
+ effect) is fake success on an operational API — Critical. The valid states
107
+ are mock (canned), dry-run (`wouldSend`/`wouldWrite`), and real commit;
108
+ missing credentials at commit time must THROW naming the secretRef, never
109
+ succeed quietly. `doctor` reports these as `simulated-commit`.
110
+ - **Both modes verified.** Run the scenarios in mock mode; if an environment
111
+ exists, run the real path too. Green in only one world is an unproven
112
+ operation — Important.
113
+
114
+ ## 5. Determinism
115
+
116
+ - **No hidden clock/random/live-data inside nodes** for anything a scenario needs
117
+ to reproduce. Time, randomness, and fetched snapshots should be node **inputs**
118
+ so scenarios can pin them. A node calling `Date.now()` internally makes its
119
+ scenarios non-reproducible — Important for a flow meant to be tested.
120
+
121
+ ## 6. Attribution and legibility
122
+
123
+ - **Outputs echo identity.** If a node's result must be attributed downstream (an
124
+ id, category, token), it's carried in the node's output — not re-derived later.
125
+ Lossy outputs make runs hard to debug — Minor→Important depending on impact.
126
+ - **Names say what nodes do**, not their type. `Result` nodes are labelled for
127
+ what they show.
128
+ - **Layout reads left-to-right, no overlaps** (auto-layout in the studio). Minor,
129
+ but a jumbled graph hides wiring bugs.
130
+
131
+ ## 7. Fidelity (for modeled processes)
132
+
133
+ If the flow models existing code (see emberflow-model-process): spot-check the
134
+ ported constants/thresholds/branch-order against the source. A silently "cleaned
135
+ up" constant or dropped branch is a Critical fidelity break. Documented
136
+ `PORT NOTE:` divergences are fine; undocumented ones are findings.
137
+
138
+ ## Output format
139
+
140
+ ```
141
+ CRITICAL <node/file>: <the defect>. <why it breaks>. <the fix>.
142
+ IMPORTANT <node/file>: ...
143
+ MINOR <node/file>: ...
144
+ ```
145
+
146
+ If nothing survives verification, say so plainly — but only after actually
147
+ running the scenarios and reading the wiring. A clean bill without a run is not a
148
+ review.