flowlint 0.3.2 → 0.3.4

package/dist/commands/init.js

@@ -14,7 +14,7 @@ const commander_1 = require("commander");
 const fs_1 = __importDefault(require("fs"));
 const path_1 = __importDefault(require("path"));
 const yaml_1 = __importDefault(require("yaml"));
-const flowlint_config_1 = require('../../../../packages/config/flowlint-config');
+const flowlint_config_1 = require("./packages/config/flowlint-config");
 exports.initCommand = new commander_1.Command('init')
     .description('Create a .flowlint.yml configuration file')
     .action(async () => {

package/dist/commands/scan.js

@@ -19,7 +19,7 @@ const local_file_source_1 = require("../providers/local-file-source");
 const local_config_provider_1 = require("../providers/local-config-provider");
 const console_reporter_1 = require("../reporters/console-reporter");
 const json_reporter_1 = require("../reporters/json-reporter");
-const review_1 = require('../../../../packages/review');
+const review_1 = require("./packages/review");
 exports.scanCommand = new commander_1.Command('scan')
     .description('Scan workflow files for issues')
     .argument('[path]', 'Directory to scan', '.')

package/dist/packages/config/flowlint-config.d.ts

@@ -0,0 +1,64 @@
+import type { Octokit } from 'octokit';
+export type FlowLintConfig = typeof defaultConfig;
+export declare const defaultConfig: {
+    files: {
+        include: string[];
+        ignore: string[];
+    };
+    report: {
+        annotations: boolean;
+        summary_limit: number;
+    };
+    rules: {
+        rate_limit_retry: {
+            enabled: boolean;
+            max_concurrency: number;
+            default_retry: {
+                count: number;
+                strategy: string;
+                base_ms: number;
+            };
+        };
+        error_handling: {
+            enabled: boolean;
+            forbid_continue_on_fail: boolean;
+        };
+        idempotency: {
+            enabled: boolean;
+            key_field_candidates: string[];
+        };
+        secrets: {
+            enabled: boolean;
+            denylist_regex: string[];
+        };
+        dead_ends: {
+            enabled: boolean;
+        };
+        long_running: {
+            enabled: boolean;
+            max_iterations: number;
+            timeout_ms: number;
+        };
+        unused_data: {
+            enabled: boolean;
+        };
+        unhandled_error_path: {
+            enabled: boolean;
+        };
+        alert_log_enforcement: {
+            enabled: boolean;
+        };
+        deprecated_nodes: {
+            enabled: boolean;
+        };
+        naming_convention: {
+            enabled: boolean;
+            generic_names: string[];
+        };
+        config_literals: {
+            enabled: boolean;
+            denylist_regex: string[];
+        };
+    };
+};
+export declare function loadConfig(gh: Octokit, repoFull: string, sha: string): Promise<FlowLintConfig>;

package/dist/packages/config/flowlint-config.js

@@ -0,0 +1,103 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.defaultConfig = void 0;
+exports.loadConfig = loadConfig;
+const yaml_1 = __importDefault(require("yaml"));
+exports.defaultConfig = {
+    files: {
+        include: ['**/*.n8n.json', '**/workflows/*.json', '**/workflows/**/*.json', '**/*.n8n.yaml', '**/*.json'],
+        ignore: [
+            'samples/**',
+            '**/*.spec.json',
+            'node_modules/**',
+            'package*.json',
+            'tsconfig*.json',
+            '.flowlint.yml',
+            '.github/**',
+            '.husky/**',
+            '.vscode/**',
+            'infra/**',
+            '*.config.js',
+            '*.config.ts',
+            '**/*.lock',
+        ],
+    },
+    report: { annotations: true, summary_limit: 25 },
+    rules: {
+        rate_limit_retry: {
+            enabled: true,
+            max_concurrency: 5,
+            default_retry: { count: 3, strategy: 'exponential', base_ms: 500 },
+        },
+        error_handling: { enabled: true, forbid_continue_on_fail: true },
+        idempotency: { enabled: true, key_field_candidates: ['eventId', 'messageId'] },
+        secrets: { enabled: true, denylist_regex: ['(?i)api[_-]?key', 'Bearer '] },
+        dead_ends: { enabled: true },
+        long_running: { enabled: true, max_iterations: 1000, timeout_ms: 300000 },
+        unused_data: { enabled: true },
+        unhandled_error_path: { enabled: true },
+        alert_log_enforcement: { enabled: true },
+        deprecated_nodes: { enabled: true },
+        naming_convention: {
+            enabled: true,
+            generic_names: ['http request', 'set', 'if', 'merge', 'switch', 'no-op', 'start'],
+        },
+        config_literals: {
+            enabled: true,
+            denylist_regex: [
+                '(?i)\\b(dev|development)\\b',
+                '(?i)\\b(stag|staging)\\b',
+                '(?i)\\b(prod|production)\\b',
+                '(?i)\\b(test|testing)\\b',
+            ],
+        },
+    },
+};
+async function loadConfig(gh, repoFull, sha) {
+    const [owner, repo] = repoFull.split('/');
+    try {
+        const { data } = await gh.request('GET /repos/{owner}/{repo}/contents/{path}', {
+            owner,
+            repo,
+            path: '.flowlint.yml',
+            ref: sha,
+        });
+        if (!('content' in data))
+            return exports.defaultConfig;
+        const content = Buffer.from(data.content, 'base64').toString('utf8');
+        const parsed = yaml_1.default.parse(content) || {};
+        return deepMerge(exports.defaultConfig, parsed);
+    }
+    catch {
+        return exports.defaultConfig;
+    }
+}
+function deepMerge(base, override) {
+    const baseCopy = JSON.parse(JSON.stringify(base));
+    if (!override)
+        return baseCopy;
+    return mergeInto(baseCopy, override);
+}
+function mergeInto(target, source) {
+    for (const [key, value] of Object.entries(source)) {
+        if (value === undefined || value === null)
+            continue;
+        if (Array.isArray(value)) {
+            target[key] = value;
+        }
+        else if (typeof value === 'object') {
+            if (typeof target[key] !== 'object' || target[key] === null) {
+                target[key] = {};
+            }
+            mergeInto(target[key], value);
+        }
+        else {
+            target[key] = value;
+        }
+    }
+    return target;
+}
+//# sourceMappingURL=flowlint-config.js.map

package/dist/packages/config/flowlint-config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"flowlint-config.js","sourceRoot":"","sources":["../../../packages/config/flowlint-config.ts"],"names":[],"mappings":";;;;;;AAwDA,gCAgBC;AAxED,gDAAwB;AAKX,QAAA,aAAa,GAAG;IAC3B,KAAK,EAAE;QACL,OAAO,EAAE,CAAC,eAAe,EAAE,qBAAqB,EAAE,wBAAwB,EAAE,eAAe,EAAE,WAAW,CAAC;QACzG,MAAM,EAAE;YACN,YAAY;YACZ,gBAAgB;YAChB,iBAAiB;YACjB,eAAe;YACf,gBAAgB;YAChB,eAAe;YACf,YAAY;YACZ,WAAW;YACX,YAAY;YACZ,UAAU;YACV,aAAa;YACb,aAAa;YACb,WAAW;SACZ;KACF;IACD,MAAM,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,aAAa,EAAE,EAAE,EAAE;IAChD,KAAK,EAAE;QACL,gBAAgB,EAAE;YAChB,OAAO,EAAE,IAAI;YACb,eAAe,EAAE,CAAC;YAClB,aAAa,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,QAAQ,EAAE,aAAa,EAAE,OAAO,EAAE,GAAG,EAAE;SACnE;QACD,cAAc,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,uBAAuB,EAAE,IAAI,EAAE;QAChE,WAAW,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,oBAAoB,EAAE,CAAC,SAAS,EAAE,WAAW,CAAC,EAAE;QAC9E,OAAO,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,cAAc,EAAE,CAAC,iBAAiB,EAAE,SAAS,CAAC,EAAE;QAC1E,SAAS,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE;QAC5B,YAAY,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,EAAE;QACzE,WAAW,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE;QAC9B,oBAAoB,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE;QACvC,qBAAqB,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE;QACxC,gBAAgB,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE;QACnC,iBAAiB,EAAE;YACjB,OAAO,EAAE,IAAI;YACb,aAAa,EAAE,CAAC,cAAc,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,CAAC;SAClF;QACD,eAAe,EAAE;YACf,OAAO,EAAE,IAAI;YACb,cAAc,EAAE;gBACd,6BAA6B;gBAC7B,0BAA0B;gBAC1B,6BAA6B;gBAC7B,0BAA0B;aAC3B;SACF;KACF;CACF,CAAC;AAEK,KAAK,UAAU,UAAU,CAAC,EAAW,EAAE,QAAgB,EAAE,GAAW;IACzE,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC1C,IAAI,CAAC;QACH,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,EAAE,CAAC,OAAO,CAAC,2CAA2C,EAAE;YAC7E,KAAK;YACL,IAAI;YACJ,IAAI,EAAE,eAAe;YACrB,GAAG,EAAE,GAAG;SACT,CAAC,CAAC;QACH,IAAI,CAAC,CAAC,SAAS,IAAI,IAAI,CAAC;YAAE,OAAO,qBAAa,CAAC;QAC/C,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAE,IAAY,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC9E,MAAM,MAAM,GAAI,cAAI,CAAC,KAAK,CAAC,OAAO,CAA6B,IAAI,EAAE,CAAC;QACtE,OAAO,SAAS,CAAC,qBAAa,EAAE,MAAM,CAAC,CAAC;IAC1C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,qBAAa,CAAC;IACvB,CAAC;AACH,CAAC;AAED,SAAS,SAAS,CAAI,IAAO,EAAE,QAAiC;IAC9D,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;IAClD,IAAI,CAAC,QAAQ;QAAE,OAAO,QAAQ,CAAC;IAC/B,OAAO,SAAS,CAAC,QAAe,EAAE,QAAQ,CAAM,CAAC;AACnD,CAAC;AAED,SAAS,SAAS,CAAC,MAA+B,EAAE,MAA+B;IACjF,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAClD,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI;YAAE,SAAS;QACpD,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YACzB,MAAM,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;QACtB,CAAC;aAAM,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YACrC,IAAI,OAAO,MAAM,CAAC,GAAG,CAAC,KAAK,QAAQ,IAAI,MAAM,CAAC,GAAG,CAAC,KAAK,IAAI,EAAE,CAAC;gBAC5D,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;YACnB,CAAC;YACD,SAAS,CAAC,MAAM,CAAC,GAAG,CAA4B,EAAE,KAAgC,CAAC,CAAC;QACtF,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;QACtB,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/dist/packages/config/index.d.ts

@@ -0,0 +1,4 @@
+/**
+ * Config package exports
+ */
+export * from './flowlint-config';

package/dist/packages/config/index.js

@@ -0,0 +1,21 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+/**
+ * Config package exports
+ */
+__exportStar(require("./flowlint-config"), exports);
+//# sourceMappingURL=index.js.map

package/dist/packages/config/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../packages/config/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA;;GAEG;AACH,oDAAkC"}

package/dist/packages/github/client.d.ts

@@ -0,0 +1,2 @@
+import { Octokit } from 'octokit';
+export declare function getInstallationClient(installationId: number): Promise<Octokit>;

package/dist/packages/github/client.js

@@ -0,0 +1,94 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getInstallationClient = getInstallationClient;
+const octokit_1 = require("octokit");
+const plugin_paginate_rest_1 = require("@octokit/plugin-paginate-rest");
+const auth_app_1 = require("@octokit/auth-app");
+const logger_1 = require("../logger");
+const observability_1 = require("../observability");
+const appId = Number(process.env.APP_ID || 0);
+const privateKeyBase64 = process.env.APP_PRIVATE_KEY_PEM_BASE64;
+const privateKey = privateKeyBase64 ? Buffer.from(privateKeyBase64, 'base64').toString('utf8') : undefined;
+if (!privateKey) {
+    logger_1.logger.warn('APP_PRIVATE_KEY_PEM_BASE64 is not set; GitHub auth will fail at runtime.');
+}
+// Octokit v4+ already includes retry and throttling plugins by default
+const PaginatedOctokit = octokit_1.Octokit.plugin(plugin_paginate_rest_1.paginateRest);
+async function getInstallationClient(installationId) {
+    if (!privateKey) {
+        throw new Error('APP_PRIVATE_KEY_PEM_BASE64 is required to authenticate with GitHub.');
+    }
+    if (!appId) {
+        throw new Error('APP_ID is required to authenticate with GitHub.');
+    }
+    const client = new PaginatedOctokit({
+        authStrategy: auth_app_1.createAppAuth,
+        auth: {
+            appId,
+            privateKey,
+            installationId,
+        },
+        request: {
+            timeout: 30000, // 30 second timeout for all requests
+            hook: (request, options) => {
+                const startTime = Date.now();
+                const method = options.method?.toUpperCase() || 'UNKNOWN';
+                const endpoint = options.url || 'unknown';
+                return request(options)
+                    .then((response) => {
+                    // Track successful API calls
+                    const status = response.status.toString();
+                    observability_1.githubApiCallsCounter.labels(method, status, endpoint).inc();
+                    logger_1.logger.debug({
+                        method,
+                        endpoint,
+                        status,
+                        duration: Date.now() - startTime,
+                    }, 'GitHub API call succeeded');
+                    return response;
+                })
+                    .catch((error) => {
+                    // Track failed API calls
+                    const status = error.status?.toString() || 'error';
+                    observability_1.githubApiCallsCounter.labels(method, status, endpoint).inc();
+                    logger_1.logger.warn({
+                        method,
+                        endpoint,
+                        status,
+                        duration: Date.now() - startTime,
+                        error: error.message,
+                    }, 'GitHub API call failed');
+                    throw error;
+                });
+            },
+        },
+        retry: {
+            enabled: true,
+            // Retry on network errors, 5xx, and rate limit errors
+            retries: 3,
+            doNotRetry: [400, 401, 403, 404, 422], // Don't retry client errors
+        },
+        throttle: {
+            onRateLimit: (retryAfter, options, octokit) => {
+                logger_1.logger.warn({
+                    method: options.method,
+                    url: options.url,
+                    retryAfter,
+                }, 'GitHub rate limit hit, retrying');
+                // Retry once after rate limit
+                return retryAfter < 60;
+            },
+            onSecondaryRateLimit: (retryAfter, options, octokit) => {
+                logger_1.logger.warn({
+                    method: options.method,
+                    url: options.url,
+                    retryAfter,
+                }, 'GitHub secondary rate limit hit');
+                // Don't retry on secondary rate limits (abuse detection)
+                return false;
+            },
+        },
+    });
+    return client;
+}
+//# sourceMappingURL=client.js.map

package/dist/packages/github/client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../../../packages/github/client.ts"],"names":[],"mappings":";;AAiBA,sDAsFC;AAvGD,qCAAkC;AAClC,wEAA6D;AAC7D,gDAAkD;AAClD,sCAAmC;AACnC,oDAAyD;AAEzD,MAAM,KAAK,GAAG,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC;AAC9C,MAAM,gBAAgB,GAAG,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC;AAChE,MAAM,UAAU,GAAG,gBAAgB,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;AAE3G,IAAI,CAAC,UAAU,EAAE,CAAC;IAChB,eAAM,CAAC,IAAI,CAAC,0EAA0E,CAAC,CAAC;AAC1F,CAAC;AAED,uEAAuE;AACvE,MAAM,gBAAgB,GAAG,iBAAO,CAAC,MAAM,CAAC,mCAAY,CAAC,CAAC;AAE/C,KAAK,UAAU,qBAAqB,CAAC,cAAsB;IAChE,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,MAAM,IAAI,KAAK,CAAC,qEAAqE,CAAC,CAAC;IACzF,CAAC;IAED,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrE,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,gBAAgB,CAAC;QAClC,YAAY,EAAE,wBAAa;QAC3B,IAAI,EAAE;YACJ,KAAK;YACL,UAAU;YACV,cAAc;SACf;QACD,OAAO,EAAE;YACP,OAAO,EAAE,KAAK,EAAE,qCAAqC;YACrD,IAAI,EAAE,CAAC,OAAY,EAAE,OAAY,EAAE,EAAE;gBACnC,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;gBAC7B,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,WAAW,EAAE,IAAI,SAAS,CAAC;gBAC1D,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,IAAI,SAAS,CAAC;gBAE1C,OAAO,OAAO,CAAC,OAAO,CAAC;qBACpB,IAAI,CAAC,CAAC,QAAa,EAAE,EAAE;oBACtB,6BAA6B;oBAC7B,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;oBAC1C,qCAAqB,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC,GAAG,EAAE,CAAC;oBAC7D,eAAM,CAAC,KAAK,CAAC;wBACX,MAAM;wBACN,QAAQ;wBACR,MAAM;wBACN,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;qBACjC,EAAE,2BAA2B,CAAC,CAAC;oBAChC,OAAO,QAAQ,CAAC;gBAClB,CAAC,CAAC;qBACD,KAAK,CAAC,CAAC,KAAU,EAAE,EAAE;oBACpB,yBAAyB;oBACzB,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,EAAE,QAAQ,EAAE,IAAI,OAAO,CAAC;oBACnD,qCAAqB,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC,GAAG,EAAE,CAAC;oBAC7D,eAAM,CAAC,IAAI,CAAC;wBACV,MAAM;wBACN,QAAQ;wBACR,MAAM;wBACN,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;wBAChC,KAAK,EAAE,KAAK,CAAC,OAAO;qBACrB,EAAE,wBAAwB,CAAC,CAAC;oBAC7B,MAAM,KAAK,CAAC;gBACd,CAAC,CAAC,CAAC;YACP,CAAC;SACF;QACD,KAAK,EAAE;YACL,OAAO,EAAE,IAAI;YACb,sDAAsD;YACtD,OAAO,EAAE,CAAC;YACV,UAAU,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,EAAE,4BAA4B;SACpE;QACD,QAAQ,EAAE;YACR,WAAW,EAAE,CAAC,UAAkB,EAAE,OAAY,EAAE,OAAgB,EAAE,EAAE;gBAClE,eAAM,CAAC,IAAI,CACT;oBACE,MAAM,EAAE,OAAO,CAAC,MAAM;oBACtB,GAAG,EAAE,OAAO,CAAC,GAAG;oBAChB,UAAU;iBACX,EACD,iCAAiC,CAClC,CAAC;gBACF,8BAA8B;gBAC9B,OAAO,UAAU,GAAG,EAAE,CAAC;YACzB,CAAC;YACD,oBAAoB,EAAE,CAAC,UAAkB,EAAE,OAAY,EAAE,OAAgB,EAAE,EAAE;gBAC3E,eAAM,CAAC,IAAI,CACT;oBACE,MAAM,EAAE,OAAO,CAAC,MAAM;oBACtB,GAAG,EAAE,OAAO,CAAC,GAAG;oBAChB,UAAU;iBACX,EACD,iCAAiC,CAClC,CAAC;gBACF,yDAAyD;gBACzD,OAAO,KAAK,CAAC;YACf,CAAC;SACF;KACF,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/dist/packages/logger/index.d.ts

@@ -0,0 +1,11 @@
+import pino from 'pino';
+export declare const logger: pino.Logger<never, boolean>;
+/**
+ * Create a child logger with additional context.
+ * Use this to add correlation IDs, request IDs, or other contextual metadata.
+ */
+export declare function createChildLogger(context: Record<string, unknown>): pino.Logger<never, boolean>;
+/**
+ * Create a logger with correlation ID for tracking requests across API → Queue → Worker.
+ */
+export declare function createCorrelatedLogger(correlationId: string, additionalContext?: Record<string, unknown>): pino.Logger<never, boolean>;

package/dist/packages/logger/index.js

@@ -0,0 +1,40 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.logger = void 0;
+exports.createChildLogger = createChildLogger;
+exports.createCorrelatedLogger = createCorrelatedLogger;
+const pino_1 = __importDefault(require("pino"));
+// Create base logger with environment-aware configuration
+exports.logger = (0, pino_1.default)({
+    level: process.env.LOG_LEVEL || 'info',
+    transport: process.env.NODE_ENV === 'development'
+        ? {
+            target: 'pino-pretty',
+            options: {
+                colorize: true,
+                translateTime: 'HH:MM:ss',
+                ignore: 'pid,hostname',
+            },
+        }
+        : undefined,
+});
+/**
+ * Create a child logger with additional context.
+ * Use this to add correlation IDs, request IDs, or other contextual metadata.
+ */
+function createChildLogger(context) {
+    return exports.logger.child(context);
+}
+/**
+ * Create a logger with correlation ID for tracking requests across API → Queue → Worker.
+ */
+function createCorrelatedLogger(correlationId, additionalContext) {
+    return exports.logger.child({
+        correlationId,
+        ...additionalContext,
+    });
+}
+//# sourceMappingURL=index.js.map

package/dist/packages/logger/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../packages/logger/index.ts"],"names":[],"mappings":";;;;;;AAsBA,8CAEC;AAKD,wDAKC;AAlCD,gDAAwB;AAExB,0DAA0D;AAC7C,QAAA,MAAM,GAAG,IAAA,cAAI,EAAC;IACzB,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,MAAM;IACtC,SAAS,EACP,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,aAAa;QACpC,CAAC,CAAC;YACE,MAAM,EAAE,aAAa;YACrB,OAAO,EAAE;gBACP,QAAQ,EAAE,IAAI;gBACd,aAAa,EAAE,UAAU;gBACzB,MAAM,EAAE,cAAc;aACvB;SACF;QACH,CAAC,CAAC,SAAS;CAChB,CAAC,CAAC;AAEH;;;GAGG;AACH,SAAgB,iBAAiB,CAAC,OAAgC;IAChE,OAAO,cAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;AAC/B,CAAC;AAED;;GAEG;AACH,SAAgB,sBAAsB,CAAC,aAAqB,EAAE,iBAA2C;IACvG,OAAO,cAAM,CAAC,KAAK,CAAC;QAClB,aAAa;QACb,GAAG,iBAAiB;KACrB,CAAC,CAAC;AACL,CAAC"}

package/dist/packages/observability/collectors.d.ts

@@ -0,0 +1,40 @@
+/**
+ * Metric Collectors for FlowLint
+ *
+ * This module implements periodic metric collectors that query external systems
+ * (e.g., BullMQ queue) and update gauge metrics.
+ *
+ * @module packages/observability/collectors
+ */
+import { Queue } from 'bullmq';
+/**
+ * Queue Metrics Collector
+ *
+ * Periodically queries BullMQ queue for depth by state and updates Prometheus gauges.
+ * Runs every 10 seconds to provide near-real-time queue visibility.
+ *
+ * @param queue - BullMQ queue instance
+ * @returns Interval timer (for cleanup)
+ *
+ * @example
+ *   import { Queue } from 'bullmq';
+ *   import { startQueueMetricsCollector } from './packages/observability/collectors';
+ *
+ *   const queue = new Queue('pr-review', { connection: redis });
+ *   const collectorInterval = startQueueMetricsCollector(queue);
+ *
+ *   // Later, to stop collector:
+ *   clearInterval(collectorInterval);
+ */
+export declare function startQueueMetricsCollector(queue: Queue<any>): NodeJS.Timeout;
+/**
+ * Stop queue metrics collector
+ *
+ * Clears the interval timer to stop metric collection.
+ *
+ * @param interval - Interval timer from startQueueMetricsCollector
+ *
+ * @example
+ *   stopQueueMetricsCollector(collectorInterval);
+ */
+export declare function stopQueueMetricsCollector(interval: NodeJS.Timeout): void;

package/dist/packages/observability/collectors.js

@@ -0,0 +1,75 @@
+"use strict";
+/**
+ * Metric Collectors for FlowLint
+ *
+ * This module implements periodic metric collectors that query external systems
+ * (e.g., BullMQ queue) and update gauge metrics.
+ *
+ * @module packages/observability/collectors
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.startQueueMetricsCollector = startQueueMetricsCollector;
+exports.stopQueueMetricsCollector = stopQueueMetricsCollector;
+const metrics_1 = require("./metrics");
+const logger_1 = require("../logger");
+const logger = (0, logger_1.createChildLogger)({ component: 'observability:collectors' });
+/**
+ * Queue Metrics Collector
+ *
+ * Periodically queries BullMQ queue for depth by state and updates Prometheus gauges.
+ * Runs every 10 seconds to provide near-real-time queue visibility.
+ *
+ * @param queue - BullMQ queue instance
+ * @returns Interval timer (for cleanup)
+ *
+ * @example
+ *   import { Queue } from 'bullmq';
+ *   import { startQueueMetricsCollector } from './packages/observability/collectors';
+ *
+ *   const queue = new Queue('pr-review', { connection: redis });
+ *   const collectorInterval = startQueueMetricsCollector(queue);
+ *
+ *   // Later, to stop collector:
+ *   clearInterval(collectorInterval);
+ */
+function startQueueMetricsCollector(queue) {
+    logger.info('Starting queue metrics collector (10s interval)');
+    const updateQueueMetrics = async () => {
+        try {
+            // Get job counts from BullMQ queue
+            // getJobCounts() returns: { waiting, active, completed, failed, delayed, paused }
+            const counts = await queue.getJobCounts();
+            // Update gauges for each state
+            metrics_1.queueDepthGauge.set({ state: 'waiting' }, counts.waiting || 0);
+            metrics_1.queueDepthGauge.set({ state: 'active' }, counts.active || 0);
+            metrics_1.queueDepthGauge.set({ state: 'failed' }, counts.failed || 0);
+            metrics_1.queueDepthGauge.set({ state: 'delayed' }, counts.delayed || 0);
+            metrics_1.queueDepthGauge.set({ state: 'paused' }, counts.paused || 0);
+            logger.debug({ counts }, 'Queue metrics updated');
+        }
+        catch (error) {
+            // Don't crash if queue is temporarily unavailable
+            logger.warn({ error }, 'Failed to update queue metrics');
+        }
+    };
+    // Initial update (don't wait 10 seconds for first metrics)
+    updateQueueMetrics();
+    // Update every 10 seconds
+    const interval = setInterval(updateQueueMetrics, 10000);
+    return interval;
+}
+/**
+ * Stop queue metrics collector
+ *
+ * Clears the interval timer to stop metric collection.
+ *
+ * @param interval - Interval timer from startQueueMetricsCollector
+ *
+ * @example
+ *   stopQueueMetricsCollector(collectorInterval);
+ */
+function stopQueueMetricsCollector(interval) {
+    logger.info('Stopping queue metrics collector');
+    clearInterval(interval);
+}
+//# sourceMappingURL=collectors.js.map

package/dist/packages/observability/collectors.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"collectors.js","sourceRoot":"","sources":["../../../packages/observability/collectors.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;AA2BH,gEA8BC;AAYD,8DAGC;AArED,uCAA4C;AAC5C,sCAA8C;AAE9C,MAAM,MAAM,GAAG,IAAA,0BAAiB,EAAC,EAAE,SAAS,EAAE,0BAA0B,EAAE,CAAC,CAAC;AAE5E;;;;;;;;;;;;;;;;;;GAkBG;AACH,SAAgB,0BAA0B,CAAC,KAAiB;IAC1D,MAAM,CAAC,IAAI,CAAC,iDAAiD,CAAC,CAAC;IAE/D,MAAM,kBAAkB,GAAG,KAAK,IAAI,EAAE;QACpC,IAAI,CAAC;YACH,mCAAmC;YACnC,kFAAkF;YAClF,MAAM,MAAM,GAAG,MAAO,KAAa,CAAC,YAAY,EAAE,CAAC;YAEnD,+BAA+B;YAC/B,yBAAe,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,EAAE,MAAM,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC;YAC/D,yBAAe,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,QAAQ,EAAE,EAAE,MAAM,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC;YAC7D,yBAAe,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,QAAQ,EAAE,EAAE,MAAM,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC;YAC7D,yBAAe,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,EAAE,MAAM,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC;YAC/D,yBAAe,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,QAAQ,EAAE,EAAE,MAAM,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC;YAE7D,MAAM,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,EAAE,uBAAuB,CAAC,CAAC;QACpD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,kDAAkD;YAClD,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,gCAAgC,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC,CAAC;IAEF,2DAA2D;IAC3D,kBAAkB,EAAE,CAAC;IAErB,0BAA0B;IAC1B,MAAM,QAAQ,GAAG,WAAW,CAAC,kBAAkB,EAAE,KAAK,CAAC,CAAC;IAExD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;;;;;;;GASG;AACH,SAAgB,yBAAyB,CAAC,QAAwB;IAChE,MAAM,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;IAChD,aAAa,CAAC,QAAQ,CAAC,CAAC;AAC1B,CAAC"}

package/dist/packages/observability/index.d.ts

@@ -0,0 +1,10 @@
+/**
+ * FlowLint Observability Package
+ *
+ * Provides Prometheus metrics collection and exposure for FlowLint.
+ *
+ * @module packages/observability
+ */
+export { register, webhookCounter, jobsQueuedCounter, jobsCompletedCounter, jobDurationHistogram, queueDepthGauge, githubApiCallsCounter, findingsGeneratedCounter, redisOpsCounter, httpRequestDuration, getMetrics, getContentType, clearMetrics, getMetric } from './metrics';
+export { metricsMiddleware, metricsErrorHandler } from './middleware';
+export { startQueueMetricsCollector, stopQueueMetricsCollector } from './collectors';

package/dist/packages/observability/index.js

@@ -0,0 +1,35 @@
+"use strict";
+/**
+ * FlowLint Observability Package
+ *
+ * Provides Prometheus metrics collection and exposure for FlowLint.
+ *
+ * @module packages/observability
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.stopQueueMetricsCollector = exports.startQueueMetricsCollector = exports.metricsErrorHandler = exports.metricsMiddleware = exports.getMetric = exports.clearMetrics = exports.getContentType = exports.getMetrics = exports.httpRequestDuration = exports.redisOpsCounter = exports.findingsGeneratedCounter = exports.githubApiCallsCounter = exports.queueDepthGauge = exports.jobDurationHistogram = exports.jobsCompletedCounter = exports.jobsQueuedCounter = exports.webhookCounter = exports.register = void 0;
+// Export all metrics
+var metrics_1 = require("./metrics");
+Object.defineProperty(exports, "register", { enumerable: true, get: function () { return metrics_1.register; } });
+Object.defineProperty(exports, "webhookCounter", { enumerable: true, get: function () { return metrics_1.webhookCounter; } });
+Object.defineProperty(exports, "jobsQueuedCounter", { enumerable: true, get: function () { return metrics_1.jobsQueuedCounter; } });
+Object.defineProperty(exports, "jobsCompletedCounter", { enumerable: true, get: function () { return metrics_1.jobsCompletedCounter; } });
+Object.defineProperty(exports, "jobDurationHistogram", { enumerable: true, get: function () { return metrics_1.jobDurationHistogram; } });
+Object.defineProperty(exports, "queueDepthGauge", { enumerable: true, get: function () { return metrics_1.queueDepthGauge; } });
+Object.defineProperty(exports, "githubApiCallsCounter", { enumerable: true, get: function () { return metrics_1.githubApiCallsCounter; } });
+Object.defineProperty(exports, "findingsGeneratedCounter", { enumerable: true, get: function () { return metrics_1.findingsGeneratedCounter; } });
+Object.defineProperty(exports, "redisOpsCounter", { enumerable: true, get: function () { return metrics_1.redisOpsCounter; } });
+Object.defineProperty(exports, "httpRequestDuration", { enumerable: true, get: function () { return metrics_1.httpRequestDuration; } });
+Object.defineProperty(exports, "getMetrics", { enumerable: true, get: function () { return metrics_1.getMetrics; } });
+Object.defineProperty(exports, "getContentType", { enumerable: true, get: function () { return metrics_1.getContentType; } });
+Object.defineProperty(exports, "clearMetrics", { enumerable: true, get: function () { return metrics_1.clearMetrics; } });
+Object.defineProperty(exports, "getMetric", { enumerable: true, get: function () { return metrics_1.getMetric; } });
+// Export middleware
+var middleware_1 = require("./middleware");
+Object.defineProperty(exports, "metricsMiddleware", { enumerable: true, get: function () { return middleware_1.metricsMiddleware; } });
+Object.defineProperty(exports, "metricsErrorHandler", { enumerable: true, get: function () { return middleware_1.metricsErrorHandler; } });
+// Export collectors
+var collectors_1 = require("./collectors");
+Object.defineProperty(exports, "startQueueMetricsCollector", { enumerable: true, get: function () { return collectors_1.startQueueMetricsCollector; } });
+Object.defineProperty(exports, "stopQueueMetricsCollector", { enumerable: true, get: function () { return collectors_1.stopQueueMetricsCollector; } });
+//# sourceMappingURL=index.js.map

package/dist/packages/observability/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../packages/observability/index.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;;AAEH,qBAAqB;AACrB,qCAemB;AAdjB,mGAAA,QAAQ,OAAA;AACR,yGAAA,cAAc,OAAA;AACd,4GAAA,iBAAiB,OAAA;AACjB,+GAAA,oBAAoB,OAAA;AACpB,+GAAA,oBAAoB,OAAA;AACpB,0GAAA,eAAe,OAAA;AACf,gHAAA,qBAAqB,OAAA;AACrB,mHAAA,wBAAwB,OAAA;AACxB,0GAAA,eAAe,OAAA;AACf,8GAAA,mBAAmB,OAAA;AACnB,qGAAA,UAAU,OAAA;AACV,yGAAA,cAAc,OAAA;AACd,uGAAA,YAAY,OAAA;AACZ,oGAAA,SAAS,OAAA;AAGX,oBAAoB;AACpB,2CAAsE;AAA7D,+GAAA,iBAAiB,OAAA;AAAE,iHAAA,mBAAmB,OAAA;AAE/C,oBAAoB;AACpB,2CAAqF;AAA5E,wHAAA,0BAA0B,OAAA;AAAE,uHAAA,yBAAyB,OAAA"}