flaglint 0.7.0 → 0.9.0

package/CHANGELOG.md

@@ -5,15 +5,41 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [0.8.0] - 2026-06-13
+
+### Changed
+
+- **`--cost-estimate` renamed to `--effort-estimate`** (breaking) — the flag outputs
+  hours, not dollars; "effort" is more accurate. Update any scripts or CI pipelines
+  that use `--cost-estimate`.
+
+### Fixed
+
+- Homepage email-capture / Loops signup section removed.
+- Version displayed on homepage now read from `package.json` at build time — can no
+  longer drift from the published npm version.
+- `robots.txt` sitemap URL updated to `/sitemap-index.xml` (was `/sitemap.xml`, which 404'd).
+- Audit sample numbers corrected to real fixture output: 13 unique flags across 19 call
+  sites, readiness 53/100, estimate 20.8h–40h.
+
+### Infrastructure
+
+- Vitest `testTimeout`/`hookTimeout` raised to 30 s to fix flaky Windows/Node 22 CI timeouts.
+- `npm publish --provenance` re-enabled in release workflow.
+- `scripts/metrics/collect.mjs` added: fetches npm downloads + GitHub stars/forks/issues
+  and appends a JSON line to `.agent-output/metrics/history.jsonl`.
+
+---
+
 ## [0.7.0] - 2026-06-07
 
 ### Added
 
-- `flaglint audit --cost-estimate` — adds a directional migration-effort estimate to
+- `flaglint audit --effort-estimate` — adds a directional migration-effort estimate to
   audit output. Computes low/high hour ranges from automatable and manual-review call
   counts using configurable planning heuristics.
 - `flaglint audit --hourly-rate <rate>` — adds engineering cost projection
-  (`costLow`/`costHigh`) to the estimate. Requires `--cost-estimate`.
+  (`costLow`/`costHigh`) to the estimate. Requires `--effort-estimate`.
 - Migration readiness score displayed in `flaglint audit` terminal output: 0–100 ratio
   of safely automatable calls to total detected LaunchDarkly calls, with grade
   (`ready` | `moderate` | `complex` | `not-applicable`) and progress bar.

package/README.md

@@ -30,27 +30,27 @@ npx flaglint audit ./src
 ```
 
 ```
-✓ Audit complete: 13 flags — 3 high risk, 10 medium risk
+✓ Audit complete: 13 unique flags across 19 call sites — 3 high risk, 10 medium risk
 
-Migration readiness: 50/100  ·  moderate
-[█████████████░░░░░░░░░░░░] 50%
-10 safely automatable  ·  10 require manual review
+Migration readiness: 53/100  ·  moderate
+[█████████████░░░░░░░░░░░░] 53%
+10 of 19 call sites safely automatable  ·  9 require manual review
 ```
 
-Add `--cost-estimate` to include a directional planning estimate:
+Add `--effort-estimate` to include a directional planning estimate:
 
 ```bash
-npx flaglint audit ./src --cost-estimate
+npx flaglint audit ./src --effort-estimate
 ```
 
 ```
-✓ Audit complete: 13 flags — 3 high risk, 10 medium risk
+✓ Audit complete: 13 unique flags across 19 call sites — 3 high risk, 10 medium risk
 
-Migration readiness: 50/100  ·  moderate
-[█████████████░░░░░░░░░░░░] 50%
-10 safely automatable  ·  10 require manual review
+Migration readiness: 53/100  ·  moderate
+[█████████████░░░░░░░░░░░░] 53%
+10 of 19 call sites safely automatable  ·  9 require manual review
 
-Estimated migration effort: 22.8h – 43.9h
+Estimated migration effort: 20.8h – 40h
 Estimates are directional. See the report for assumptions.
 ```
 
@@ -58,6 +58,8 @@ For the full report see `--format html`. [Documentation](https://flaglint.dev/do
 
 No API key. No source upload. LaunchDarkly stays your provider — OpenFeature becomes the evaluation API your application calls.
 
+Migrating an existing Node.js service? Read the [complete LaunchDarkly-to-OpenFeature migration guide](https://flaglint.dev/guides/launchdarkly-to-openfeature-nodejs/).
+
 ---
 
 ## The problem FlagLint solves

package/dist/bin/flaglint.js

@@ -789,7 +789,7 @@ function formatHTML(result, options) {
     <div class="card"><div class="card-num orange">${manualCount}</div><div class="card-label">Manual Review (${manualPct}%)</div></div>
     <div class="card"><div class="card-num blue">${detailBulkCount}</div><div class="card-label">Detail/Bulk Calls</div></div>` : "";
   const title = options.title ? esc(options.title) : "FlagLint Scan Report";
-  const version = true ? "0.7.0" : "0.1.0";
+  const version = true ? "0.9.0" : "0.1.0";
   return `<!DOCTYPE html>
 <html lang="en">
 <head>
@@ -1322,7 +1322,7 @@ function formatMigrationReport(analysis) {
     unsupportedUnknownCount
   } = analysis;
   const date = (/* @__PURE__ */ new Date()).toLocaleDateString();
-  const version = true ? "0.7.0" : "0.1.0";
+  const version = true ? "0.9.0" : "0.1.0";
   const lines = [];
   lines.push("# OpenFeature Migration Inventory");
   lines.push(`Generated by FlagLint v${version} on ${date}`);
@@ -2154,9 +2154,12 @@ function buildAuditReport(scanResult, inventoryItems) {
     const { riskLevel, riskReasons } = scoreFlag(usages, items);
     const files = [...new Set(usages.map((u) => u.file))];
     const callTypes = [...new Set(usages.map((u) => u.callType))];
+    const isAutomatableTier = riskLevel === "medium" && riskReasons.length === 1 && riskReasons[0] === "safely automatable";
+    const displayTier = isAutomatableTier ? "automatable" : riskLevel;
     flags.push({
       flagKey,
       riskLevel,
+      displayTier,
       riskReasons,
       callTypes,
       fileCount: files.length,
@@ -2176,23 +2179,28 @@ function buildAuditReport(scanResult, inventoryItems) {
   const highRisk = flags.filter((f) => f.riskLevel === "high").length;
   const mediumRisk = flags.filter((f) => f.riskLevel === "medium").length;
   const lowRisk = flags.filter((f) => f.riskLevel === "low").length;
+  const automatableFlags = flags.filter((f) => f.displayTier === "automatable").length;
+  const staleSignals = scanResult.usages.filter((u) => u.stalenessSignals.length > 0).length;
+  const stalenessNote = staleSignals === 0 ? "No staleness signals detected. Heuristics checked: keyword match (flag key contains old/deprecated/legacy/temp/tmp/test/demo), path pattern (test/spec/mock files, deprecated/old/legacy directories), and minFileCount threshold. Git-history-based staleness (last evaluation date) requires git metadata and is not available in a pure static scan." : void 0;
   const summary = {
     totalFlags: flags.length,
     highRisk,
     mediumRisk,
     lowRisk,
+    automatableFlags,
     totalUsages: scanResult.totalUsages,
     dynamicKeys: scanResult.usages.filter((u) => u.isDynamic).length,
     detailEvaluations: inventoryItems.filter((i) => i.manualReviewReason === "detail-method").length,
     bulkCalls: inventoryItems.filter((i) => i.manualReviewReason === "bulk-inventory-call").length,
     wrapperUsages: scanResult.usages.filter((u) => u.callType === "variation").length,
-    staleSignals: scanResult.usages.filter((u) => u.stalenessSignals.length > 0).length,
+    staleSignals,
     safelyAutomatable: inventoryItems.filter((i) => i.safelyAutomatable).length,
     manualReview: inventoryItems.filter((i) => !i.safelyAutomatable).length,
     scannedFiles: scanResult.scannedFiles,
     scanDurationMs: scanResult.scanDurationMs,
     scannedAt: scanResult.scannedAt,
-    scanRoot: scanResult.scanRoot
+    scanRoot: scanResult.scanRoot,
+    ...stalenessNote !== void 0 ? { stalenessNote } : {}
   };
   const readiness = computeReadiness(scanResult.usages, inventoryItems);
   return { summary, flags, readiness };
@@ -2256,6 +2264,10 @@ function formatAuditMarkdown(report, options) {
     `| ${summary.dynamicKeys} | ${summary.detailEvaluations} | ${summary.bulkCalls} | ${summary.staleSignals} | ${summary.safelyAutomatable} | ${summary.manualReview} |`
   );
   lines.push("");
+  if (summary.stalenessNote !== void 0) {
+    lines.push(`> **Staleness:** ${summary.stalenessNote}`);
+    lines.push("");
+  }
   lines.push("## Migration Readiness");
   lines.push("");
   if (readiness.grade === "not-applicable") {
@@ -2300,16 +2312,17 @@ function formatAuditMarkdown(report, options) {
   lines.push("");
   lines.push("| Flag Key | Risk | Usages | Files | Call Types | Reasons |");
   lines.push("|----------|------|--------|-------|------------|---------|");
-  const riskLabel = {
+  const tierLabel = {
     high: "\u{1F534} High",
     medium: "\u{1F7E1} Medium",
+    automatable: "\u{1F7E2} Automatable",
     low: "\u{1F7E2} Low"
   };
   for (const flag of flags) {
     const reasons = flag.riskReasons.join(", ") || "\u2014";
     const flagKey = displayFlagKey(flag);
     lines.push(
-      `| \`${flagKey}\` | ${riskLabel[flag.riskLevel]} | ${flag.usageCount} | ${flag.fileCount} | ${flag.callTypes.join(", ")} | ${reasons} |`
+      `| \`${flagKey}\` | ${tierLabel[flag.displayTier]} | ${flag.usageCount} | ${flag.fileCount} | ${flag.callTypes.join(", ")} | ${reasons} |`
     );
   }
   lines.push("");
@@ -2329,12 +2342,14 @@ function formatAuditMarkdown(report, options) {
 }
 function formatAuditHtml(report, options) {
   const { summary, flags, readiness } = report;
-  const version = true ? "0.7.0" : "0.1.0";
+  const version = true ? "0.9.0" : "0.1.0";
   const date = new Date(summary.scannedAt).toLocaleString();
-  const riskBadge = (level) => {
-    if (level === "high")
+  const tierBadge = (tier) => {
+    if (tier === "high")
       return '<span class="badge badge-high">High</span>';
-    if (level === "medium")
+    if (tier === "automatable")
+      return '<span class="badge badge-automatable">Automatable</span>';
+    if (tier === "medium")
       return '<span class="badge badge-medium">Medium</span>';
     return '<span class="badge badge-low">Low</span>';
   };
@@ -2343,7 +2358,7 @@ function formatAuditHtml(report, options) {
     const flagKey = displayFlagKey(f);
     return `<tr>
           <td><code>${esc2(flagKey)}</code></td>
-          <td>${riskBadge(f.riskLevel)}</td>
+          <td>${tierBadge(f.displayTier)}</td>
           <td>${f.usageCount}</td>
           <td>${f.fileCount}</td>
           <td>${f.callTypes.map(esc2).join(", ")}</td>
@@ -2439,11 +2454,14 @@ function formatAuditHtml(report, options) {
     .badge-high{background:#fee2e2;color:#991b1b}
     .badge-medium{background:#fef3c7;color:#92400e}
     .badge-low{background:#dcfce7;color:#166534}
+    .badge-automatable{background:#d1fae5;color:#065f46}
     @media(prefers-color-scheme:dark){
       .badge-high{background:#7f1d1d;color:#fca5a5}
       .badge-medium{background:#78350f;color:#fcd34d}
       .badge-low{background:#14532d;color:#86efac}
+      .badge-automatable{background:#064e3b;color:#6ee7b7}
     }
+    .staleness-note{margin-top:.75rem;padding:.75rem 1rem;background:var(--surface);border:1px solid var(--border);border-radius:6px;font-size:.8125rem;color:var(--muted)}
     .estimate-block{background:var(--surface);border:1px solid var(--border);border-radius:8px;padding:1.25rem;margin-bottom:1.5rem}
     .estimate-total{font-size:1.5rem;font-weight:700;margin-bottom:.75rem}
     .estimate-cost{font-size:1rem;font-weight:600;margin:.75rem 0;color:#3b82f6}
@@ -2463,11 +2481,13 @@ function formatAuditHtml(report, options) {
   <div class="cards">
     <div class="card"><div class="card-num">${summary.totalFlags}</div><div class="card-label">Total Flags</div></div>
     <div class="card"><div class="card-num red">${summary.highRisk}</div><div class="card-label">High Risk</div></div>
-    <div class="card"><div class="card-num amber">${summary.mediumRisk}</div><div class="card-label">Medium Risk</div></div>
+    ${summary.automatableFlags > 0 ? `<div class="card"><div class="card-num green">${summary.automatableFlags}</div><div class="card-label">Automatable</div></div>` : ""}
+    ${summary.mediumRisk - summary.automatableFlags > 0 ? `<div class="card"><div class="card-num amber">${summary.mediumRisk - summary.automatableFlags}</div><div class="card-label">Medium Risk</div></div>` : ""}
     ${summary.lowRisk > 0 ? `<div class="card"><div class="card-num green">${summary.lowRisk}</div><div class="card-label">Low Risk</div></div>` : ""}
     <div class="card"><div class="card-num purple">${summary.safelyAutomatable}</div><div class="card-label">Safely Automatable</div></div>
     <div class="card"><div class="card-num orange">${summary.manualReview}</div><div class="card-label">Manual Review</div></div>
   </div>
+  ${summary.stalenessNote !== void 0 ? `<div class="staleness-note"><strong>Staleness:</strong> ${esc2(summary.stalenessNote)}</div>` : ""}
 
   <h2>Migration Readiness</h2>
   <div class="readiness-block">
@@ -2593,15 +2613,15 @@ function computeEstimate(readiness, overrides, hourlyRate) {
 // src/commands/audit.ts
 var VALID_AUDIT_FORMATS = ["json", "markdown", "html"];
 function registerAuditCommand(program2) {
-  program2.command("audit").description("Generate a flag debt audit report").argument("[dir]", "directory to audit", process.cwd()).option("-f, --format <format>", "output format: json | markdown | html", "markdown").option("-o, --output <file>", "write report to file").option("-c, --config <path>", "path to .flaglintrc config file").option("--exclude-tests", "exclude test files (*.test.*, *.spec.*, __tests__/, tests/)").option("--cost-estimate", "include a migration effort estimate in the report. The default assumptions are configurable planning heuristics, not observed industry benchmarks.").option("--hourly-rate <rate>", "hourly rate for cost projection (requires --cost-estimate)").addHelpText(
+  program2.command("audit").description("Generate a flag debt audit report").argument("[dir]", "directory to audit", process.cwd()).option("-f, --format <format>", "output format: json | markdown | html", "markdown").option("-o, --output <file>", "write report to file").option("-c, --config <path>", "path to .flaglintrc config file").option("--exclude-tests", "exclude test files (*.test.*, *.spec.*, __tests__/, tests/)").option("--effort-estimate", "include a migration effort estimate in the report. The default assumptions are configurable planning heuristics, not observed industry benchmarks.").option("--hourly-rate <rate>", "hourly rate for cost projection (requires --effort-estimate)").addHelpText(
     "after",
     `
 Examples:
   $ flaglint audit                    generate flag debt audit report
   $ flaglint audit --format html     shareable HTML report
   $ flaglint audit --output audit.md save to file
-  $ flaglint audit --cost-estimate   include migration effort estimate
-  $ flaglint audit --cost-estimate --hourly-rate 125   include cost projection`
+  $ flaglint audit --effort-estimate   include migration effort estimate
+  $ flaglint audit --effort-estimate --hourly-rate 125   include cost projection`
   ).action(
     async (dir, options) => {
       if (!VALID_AUDIT_FORMATS.includes(options.format)) {
@@ -2615,9 +2635,9 @@ Examples:
       }
       let hourlyRate;
       if (options.hourlyRate !== void 0) {
-        if (!options.costEstimate) {
+        if (!options.effortEstimate) {
           process.stderr.write(
-            chalk4.yellow("warn: --hourly-rate has no effect without --cost-estimate\n")
+            chalk4.yellow("warn: --hourly-rate has no effect without --effort-estimate\n")
           );
         } else {
           const parsed = Number(options.hourlyRate);
@@ -2710,11 +2730,11 @@ Examples:
 `
           )
         );
-        if (format === "json" && options.costEstimate) {
+        if (format === "json" && options.effortEstimate) {
           const emptyReport = buildAuditReport(scanResult, []);
           process.stdout.write(formatAuditJson(emptyReport, { estimate: null }) + "\n");
           process.stderr.write(chalk4.dim("Migration estimate: N/A\n"));
-        } else if (options.costEstimate) {
+        } else if (options.effortEstimate) {
           process.stderr.write(chalk4.dim("Migration estimate: N/A\n"));
         }
         process.exit(0);
@@ -2723,7 +2743,7 @@ Examples:
         scanResult,
         scanResult.migrationInventory ?? []
       );
-      const renderOptions = options.costEstimate ? { estimate: computeEstimate(auditReport.readiness, void 0, hourlyRate) } : void 0;
+      const renderOptions = options.effortEstimate ? { estimate: computeEstimate(auditReport.readiness, void 0, hourlyRate) } : void 0;
       let output;
       if (format === "json") {
         output = formatAuditJson(auditReport, renderOptions);
@@ -2762,7 +2782,7 @@ Examples:
       process.stderr.write("\n");
       if (readiness.grade === "not-applicable") {
         process.stderr.write(chalk4.dim("Migration readiness: N/A \u2014 no direct LaunchDarkly calls detected.\n"));
-        if (options.costEstimate) {
+        if (options.effortEstimate) {
           process.stderr.write(chalk4.dim("Migration estimate: N/A\n"));
         }
       } else {
@@ -2777,7 +2797,7 @@ Examples:
 `
           )
         );
-        if (options.costEstimate && renderOptions?.estimate) {
+        if (options.effortEstimate && renderOptions?.estimate) {
           const est = renderOptions.estimate;
           process.stderr.write("\n");
           process.stderr.write(
@@ -2800,7 +2820,7 @@ Examples:
 // src/cli.ts
 function createCLI() {
   const program2 = new Command();
-  program2.name("flaglint").description("Scan LaunchDarkly Node.js SDK usage, generate safe OpenFeature migration diffs, and enforce the vendor boundary in CI.").version("0.7.0", "-v, --version", "output the current version").addHelpText(
+  program2.name("flaglint").description("Find every direct LaunchDarkly SDK call, detect flag debt, and generate safe OpenFeature migration plans. Static analysis \u2014 no API key required.").version("0.9.0", "-v, --version", "output the current version").addHelpText(
     "after",
     `
 Examples:

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "flaglint",
-  "version": "0.7.0",
-  "description": "Scan LaunchDarkly Node.js SDK usage, generate safe OpenFeature migration diffs, and enforce the vendor boundary in CI.",
+  "version": "0.9.0",
+  "description": "Find every direct LaunchDarkly SDK call, detect flag debt, and generate safe OpenFeature migration plans. Static analysis — no API key required.",
   "type": "module",
   "bin": {
     "flaglint": "dist/bin/flaglint.js"
@@ -16,11 +16,20 @@
     "node": ">=20"
   },
   "keywords": [
-    "feature-flags",
     "launchdarkly",
     "openfeature",
-    "cli",
+    "feature-flags",
+    "feature-flag-migration",
+    "launchdarkly-migration",
+    "openfeature-migration",
     "flag-debt",
+    "static-analysis",
+    "codemod",
+    "cli",
+    "typescript",
+    "nodejs",
+    "cncf",
+    "migration-tool",
     "developer-tools"
   ],
   "author": "flaglint",
@@ -51,6 +60,8 @@
     "preview:docs": "ASTRO_TELEMETRY_DISABLED=1 astro preview --port 4321",
     "test:package": "tsx scripts/test-package.ts",
     "test:smoke": "playwright test",
+    "metrics": "node scripts/metrics/collect.mjs",
+    "metrics:report": "node scripts/metrics/weekly-report.mjs",
     "new-branch": "tsx scripts/new-branch.ts",
     "release:patch": "tsx scripts/release.ts patch",
     "release:minor": "tsx scripts/release.ts minor",