x-fidelity 3.11.0 → 3.12.0

package/.xfi-config.json

@@ -51,10 +51,6 @@
         },
         "codeOwners": true,
         "notifyOnSuccess": false,
-        "notifyOnFailure": true,
-        "customTemplates": {
-            "success": "# Success! 🎉\n\nYour codebase passed all X-Fidelity checks.\n\n- Archetype: ${archetype}\n- Files analyzed: ${fileCount}\n- Execution time: ${executionTime} seconds\n\nGreat job keeping the code clean!",
-            "failure": "# Issues Detected ⚠️\n\nX-Fidelity found issues in your codebase:\n\n- Archetype: ${archetype}\n- Files analyzed: ${fileCount}\n- Total issues: ${totalIssues}\n  - Warnings: ${warningCount}\n  - Errors: ${errorCount}\n  - Fatalities: ${fatalityCount}\n\n## Affected Files\n${affectedFiles}\n\nPlease address these issues as soon as possible."
-        }
+        "notifyOnFailure": true
     }
 }

package/CHANGELOG.md

@@ -1,3 +1,31 @@
+# [3.12.0](https://github.com/zotoio/x-fidelity/compare/v3.11.0...v3.12.0) (2025-03-10)
+
+
+### Bug Fixes
+
+* add HTML email support with plain text fallback ([ec0f252](https://github.com/zotoio/x-fidelity/commit/ec0f2529d4f05ca570cd4b11db07ede2d4d21113))
+* correct string interpolation syntax in notification template ([092b64d](https://github.com/zotoio/x-fidelity/commit/092b64d3f614d505c7a792bd7a559e10aed3192c))
+* correct template literal syntax in notification manager ([f5720c2](https://github.com/zotoio/x-fidelity/commit/f5720c230051d8e38bbc95024a02d7298d2299f5))
+* escape nested template literals in notification template ([4feb497](https://github.com/zotoio/x-fidelity/commit/4feb497255615b93655ba7bba8729e55b56b4016))
+* **notify:** email formatting fixes ([06e80a8](https://github.com/zotoio/x-fidelity/commit/06e80a81bab30c1ab03d202d0649306fe331debd))
+* remove duplicate fileIssues declaration in notification manager ([d5678a1](https://github.com/zotoio/x-fidelity/commit/d5678a1620fae5b78ee475b95ee2248051d17c8f))
+* remove local directory paths from notification file links ([d55da96](https://github.com/zotoio/x-fidelity/commit/d55da9637477b0b14acb45d99a8a1a4b9e661c30))
+* remove trailing comma in .xfi-config.json ([41c7368](https://github.com/zotoio/x-fidelity/commit/41c7368a7e7ba8b989f3d8bf2fc0ce9e3e4d1183))
+* replace nested template literals with string concatenation ([89712cf](https://github.com/zotoio/x-fidelity/commit/89712cf77e231863e5bcb6c214fedf5b9f0d1f3f))
+* resolve TypeScript errors with yaml imports and variable declarations ([af2ea8e](https://github.com/zotoio/x-fidelity/commit/af2ea8ee80d48b9dddb1f586d61285518aee0b1c))
+* use repoPath from results metadata instead of undefined variable ([36b42fa](https://github.com/zotoio/x-fidelity/commit/36b42fae14895ba147955806efcf3cc94ec1d306))
+
+
+### Features
+
+* add failed rule names to notification template for each file ([d09d019](https://github.com/zotoio/x-fidelity/commit/d09d019bc1f9eff2f5c375185aec7f8f54fb7f96))
+* add severity levels to failed rules in notification output ([a90ffe7](https://github.com/zotoio/x-fidelity/commit/a90ffe724c440f60f1f1c59be0ec3074316c28c1))
+* add YAML results attachment to email notifications ([e2671b4](https://github.com/zotoio/x-fidelity/commit/e2671b46081168b1ac911f595a05f3301f8df780))
+* enhance notification formatting with HTML and color-coded severity ([f034a85](https://github.com/zotoio/x-fidelity/commit/f034a858c0da629d7fc134818babcbf28fa7b03e))
+* enhance notification templates with clickable links and emojis ([3afbd5d](https://github.com/zotoio/x-fidelity/commit/3afbd5db68cfbb604407e791f58c184961e7dc78))
+* support GitHub Enterprise links in notifications ([092867f](https://github.com/zotoio/x-fidelity/commit/092867fd3948e1bfcc10e8ecfc312686f37c9afa))
+* use git commands to extract GitHub repo details ([8f35471](https://github.com/zotoio/x-fidelity/commit/8f3547145a612444b9320c0b5d1b75529edfaa4a))
+
 # [3.11.0](https://github.com/zotoio/x-fidelity/compare/v3.10.0...v3.11.0) (2025-03-09)
 
 

package/dist/demoConfig/rules/newSdkFeatureNotAdoped-global-rule.json

@@ -12,10 +12,10 @@
                 "fact": "globalFileAnalysis",
                 "params": {
                     "newPatterns": [
-                        "logger\\.info\\("
+                        "const plugin: XFiPlugin = {"
                     ],
                     "legacyPatterns": [
-                        "logger\\.debug\\("
+                        "import {.*FactDefn.*} from '\\.\\./types/typeDefs';"
                     ],
                     "fileFilter": ".*\\.(ts|js)$",
                     "resultFact": "sdkUsageAnalysis"

package/dist/demoConfig/rules/noDatabases-iterative-rule.json

@@ -11,7 +11,11 @@
             {
                 "fact": "repoFileAnalysis",
                 "params": {
-                    "checkPattern": ["oracle", "mysql", "mssql", "postgres", "sqlite", "mongodb", "cassandra", "redis", "rethinkdb", "neo4j", "couchdb"],
+                    "checkPattern": [
+                        "[\\s\\'\\\"\\.](oracle)[\\s\\'\\\"\\.]",
+                        "[\\s\\'\\\"\\.](postgres)[\\s\\'\\\"\\.]", 
+                        "[\\s\\'\\\"\\.](mongodb)[\\s\\'\\\"\\.]"
+                    ],
                     "resultFact": "fileResultsDB"
                 },
                 "operator": "fileContains",

package/dist/demoConfig/rules/sensitiveLogging-iterative-rule.json

@@ -23,11 +23,9 @@
                     "checkPattern": [
                         "(api[_-]?key|auth[_-]?token|access[_-]?token|secret[_-]?key)",
                         "(aws[_-]?access[_-]?key[_-]?id|aws[_-]?secret[_-]?access[_-]?key)",
-                        "(password|passphrase)",
                         "(private[_-]?key|ssh[_-]?key)",
                         "(oauth[_-]?token|jwt[_-]?token)",
-                        "db[_-]?password",
-                        "(declare)"
+                        "db[_-]?password"
                     ],
                     "resultFact": "fileResults"
                 },

package/dist/index.js

@@ -123,14 +123,11 @@ function main() {
                     // Send notifications if enabled
                     if (notificationConfig.enabled) {
                         logger_1.logger.debug('Notifications are enabled, preparing to send report');
-                        // Get list of affected files (those with issues)
-                        const affectedFiles = getAffectedFiles(resultMetadata);
                         logger_1.logger.debug({
-                            affectedFilesCount: affectedFiles.length,
-                            hasRepoConfig: !!resultMetadata.XFI_RESULT.repoXFIConfig
+                            affectedFilesCount: resultMetadata.XFI_RESULT.issueDetails.length
                         }, 'Preparing notification data');
                         // Pass the repo config to the notification manager
-                        yield notificationManager.sendReport(resultMetadata, affectedFiles, resultMetadata.XFI_RESULT.repoXFIConfig);
+                        yield notificationManager.sendReport(resultMetadata);
                     }
                     // if results are found, there were issues found in the codebase
                     if (resultMetadata.XFI_RESULT.totalIssues > 0) {
@@ -171,18 +168,6 @@ function main() {
         }
     });
 }
-// Helper function to extract affected files from results
-function getAffectedFiles(resultMetadata) {
-    const affectedFiles = [];
-    if (resultMetadata.XFI_RESULT.issueDetails) {
-        for (const issue of resultMetadata.XFI_RESULT.issueDetails) {
-            if (issue.filePath && !affectedFiles.includes(issue.filePath)) {
-                affectedFiles.push(issue.filePath);
-            }
-        }
-    }
-    return affectedFiles;
-}
 var configManager_1 = require("./core/configManager");
 Object.defineProperty(exports, "repoDir", { enumerable: true, get: function () { return configManager_1.repoDir; } });
 __exportStar(require("./utils/logger"), exports);

package/dist/index.test.js

@@ -56,6 +56,7 @@ jest.mock('./utils/logger', () => ({
         warn: jest.fn(),
         error: jest.fn(),
         debug: jest.fn(),
+        trace: jest.fn()
     },
     setLogPrefix: jest.fn(),
     setLogLevel: jest.fn(),

package/dist/notifications/notificationManager.d.ts

@@ -1,4 +1,4 @@
-import { ResultMetadata, RepoXFIConfig } from '../types/typeDefs';
+import { ResultMetadata } from '../types/typeDefs';
 import { NotificationProvider, NotificationConfig } from '../types/notificationTypes';
 export declare class NotificationManager {
     private static instance;
@@ -8,12 +8,12 @@ export declare class NotificationManager {
     private constructor();
     static getInstance(config: NotificationConfig): NotificationManager;
     registerProvider(provider: NotificationProvider): void;
-    sendReport(results: ResultMetadata, affectedFiles: string[], repoXFIConfig?: RepoXFIConfig): Promise<void>;
+    sendReport(results: ResultMetadata): Promise<void>;
     private mergeNotificationConfig;
     private getRecipients;
     private loadCodeOwners;
     private getCodeOwnersForFiles;
     private matchesGlob;
-    private applyTemplate;
+    private getAffectedFiles;
     private generateReportContent;
 }

package/dist/notifications/notificationManager.js

@@ -14,7 +14,9 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.NotificationManager = void 0;
 const logger_1 = require("../utils/logger");
+const child_process_1 = require("child_process");
 const fs_1 = __importDefault(require("fs"));
+const yaml_1 = require("yaml");
 class NotificationManager {
     constructor(config) {
         this.providers = new Map();
@@ -36,17 +38,16 @@ class NotificationManager {
         this.providers.set(provider.name, provider);
         logger_1.logger.info(`Registered notification provider: ${provider.name}`);
     }
-    sendReport(results, affectedFiles, repoXFIConfig) {
+    sendReport(results) {
         return __awaiter(this, void 0, void 0, function* () {
-            var _a, _b;
             if (!this.config.enabled) {
                 logger_1.logger.debug('Notifications are disabled');
                 return;
             }
             // Merge global config with repo-specific config
-            const notifyConfig = this.mergeNotificationConfig(repoXFIConfig);
+            const notifyConfig = this.mergeNotificationConfig(results.XFI_RESULT.repoXFIConfig);
             // Determine if we should send notification based on results
-            const hasIssues = results.XFI_RESULT.totalIssues > 0;
+            const hasIssues = results.XFI_RESULT.issueDetails.length > 0;
             if (hasIssues && !notifyConfig.notifyOnFailure) {
                 logger_1.logger.debug('Skipping notification for failure as notifyOnFailure is disabled');
                 return;
@@ -56,7 +57,7 @@ class NotificationManager {
                 return;
             }
             // Get recipients from multiple sources
-            const recipients = this.getRecipients(affectedFiles, repoXFIConfig, notifyConfig);
+            const recipients = this.getRecipients(this.getAffectedFiles(results), results.XFI_RESULT.repoXFIConfig, notifyConfig);
             if (Object.values(recipients).every(list => list.length === 0)) {
                 logger_1.logger.warn('No recipients found for notification');
                 return;
@@ -65,12 +66,7 @@ class NotificationManager {
             const subject = hasIssues
                 ? `[X-Fidelity] Issues found in your codebase (${results.XFI_RESULT.totalIssues})`
                 : '[X-Fidelity] Your codebase passed all checks';
-            // Use custom template if available
-            const templateKey = hasIssues ? 'failure' : 'success';
-            const customTemplate = (_b = (_a = repoXFIConfig === null || repoXFIConfig === void 0 ? void 0 : repoXFIConfig.notifications) === null || _a === void 0 ? void 0 : _a.customTemplates) === null || _b === void 0 ? void 0 : _b[templateKey];
-            const content = customTemplate
-                ? this.applyTemplate(customTemplate, results, affectedFiles)
-                : this.generateReportContent(results, affectedFiles);
+            const content = this.generateReportContent(results);
             // Send through all configured providers
             for (const providerName of this.config.providers) {
                 const provider = this.providers.get(providerName);
@@ -208,42 +204,141 @@ class NotificationManager {
         }
         return filePath === pattern;
     }
-    applyTemplate(template, results, affectedFiles) {
-        // Replace template variables with actual values
-        return template
-            .replace(/\${archetype}/g, results.XFI_RESULT.archetype)
-            .replace(/\${fileCount}/g, String(results.XFI_RESULT.fileCount))
-            .replace(/\${totalIssues}/g, String(results.XFI_RESULT.totalIssues))
-            .replace(/\${warningCount}/g, String(results.XFI_RESULT.warningCount))
-            .replace(/\${errorCount}/g, String(results.XFI_RESULT.errorCount))
-            .replace(/\${fatalityCount}/g, String(results.XFI_RESULT.fatalityCount))
-            .replace(/\${exemptCount}/g, String(results.XFI_RESULT.exemptCount))
-            .replace(/\${affectedFiles}/g, affectedFiles.map(file => `- ${file}`).join('\n'))
-            .replace(/\${date}/g, new Date().toISOString())
-            .replace(/\${executionTime}/g, String(results.XFI_RESULT.durationSeconds));
+    // Helper function to extract affected files from results
+    getAffectedFiles(results) {
+        const affectedFiles = [];
+        if (results.XFI_RESULT.issueDetails) {
+            for (const issue of results.XFI_RESULT.issueDetails) {
+                if (issue.filePath && !affectedFiles.includes(issue.filePath)) {
+                    affectedFiles.push(issue.filePath);
+                }
+            }
+        }
+        return affectedFiles;
     }
-    generateReportContent(results, affectedFiles) {
-        // Basic template - can be enhanced or made configurable
-        return `
-# X-Fidelity Analysis Report
+    generateReportContent(results) {
+        var _a, _b;
+        // Get GitHub details from git commands with fallbacks to env vars
+        let githubServer = '';
+        let githubRepo = '';
+        let githubBranch = '';
+        try {
+            // Get remote URL and extract server/repo
+            const remoteUrl = (_a = (0, child_process_1.execSync)('git config --get remote.origin.url', { encoding: 'utf8', cwd: results.XFI_RESULT.repoPath })) === null || _a === void 0 ? void 0 : _a.toString().trim();
+            if (remoteUrl) {
+                const match = remoteUrl.match(/^(?:https?:\/\/|git@)([^/:]+)[/:]([^/]+\/[^/.]+)(?:\.git)?$/);
+                if (match) {
+                    githubServer = process.env.GITHUB_SERVER_URL || `https://${match[1]}`;
+                    githubRepo = process.env.GITHUB_REPOSITORY || match[2];
+                }
+            }
+            // Get current branch
+            githubBranch = (_b = (0, child_process_1.execSync)('git rev-parse --abbrev-ref HEAD', { encoding: 'utf8', cwd: results.XFI_RESULT.repoPath })) === null || _b === void 0 ? void 0 : _b.toString().trim();
+        }
+        catch (error) {
+            logger_1.logger.warn('Failed to get git details, falling back to defaults', { error });
+            githubServer = process.env.GITHUB_SERVER_URL || 'https://github.com';
+            githubRepo = process.env.GITHUB_REPOSITORY || results.XFI_RESULT.repoUrl
+                .replace(/\.git$/, '')
+                .replace(/^git@([^:]+):/, 'https://$1/')
+                .replace(/^https?:\/\/[^\/]+\//, '');
+            githubBranch = process.env.GITHUB_REF_NAME || 'main';
+        }
+        const githubUrl = `${githubServer}/${githubRepo}/blob/${githubBranch}`;
+        let fileDetails = '';
+        if (results.XFI_RESULT.issueDetails.length > 0) {
+            try {
+                // Failure template
+                fileDetails = results.XFI_RESULT.issueDetails.map(issue => {
+                    logger_1.logger.debug(issue, `generating report content for issue: ${issue.filePath}`);
+                    // Remove local path prefix from file paths
+                    const relativePath = issue.filePath.replace(results.XFI_RESULT.repoPath + '/', '');
+                    const fileIssues = issue.errors;
+                    // Start with file name as bold list item with link
+                    let output = `<li><strong><a href="${githubUrl}/${relativePath}">${relativePath}</a></strong><ul>`;
+                    // Add rule failures with severity-based colors and line links
+                    const ruleDetails = fileIssues === null || fileIssues === void 0 ? void 0 : fileIssues.map(error => {
+                        var _a, _b;
+                        const ruleName = error.ruleFailure;
+                        const level = error.level;
+                        const resultDetails = error === null || error === void 0 ? void 0 : error.details;
+                        const message = resultDetails === null || resultDetails === void 0 ? void 0 : resultDetails.message;
+                        let output = `<li>
+                    <span>${ruleName}: ${level}</span><br>
+                    <span>${message}</span><ul>
+                  `;
+                        if (!Array.isArray((resultDetails === null || resultDetails === void 0 ? void 0 : resultDetails.details) || !((_a = resultDetails === null || resultDetails === void 0 ? void 0 : resultDetails.details) === null || _a === void 0 ? void 0 : _a.details[0].lineNumber))) {
+                            return '</li>' + output + '<pre>' + (0, yaml_1.stringify)(resultDetails === null || resultDetails === void 0 ? void 0 : resultDetails.details) + '</pre></li></ul></li>';
+                        }
+                        const errorDetails = (_b = resultDetails === null || resultDetails === void 0 ? void 0 : resultDetails.details) === null || _b === void 0 ? void 0 : _b.map((errorInstance) => {
+                            const lineNumber = errorInstance === null || errorInstance === void 0 ? void 0 : errorInstance.lineNumber;
+                            const lineLink = lineNumber ? `${githubUrl}/${relativePath}#L${lineNumber}` : `${githubUrl}/${relativePath}`;
+                            const color = level === 'fatality' ? '#f20707' :
+                                level === 'error' ? '#53046c' :
+                                    level === 'warning' ? '#944801' : '#1a1818';
+                            return `<li><span style="color: ${color};font-weight:bold">${ruleName}</span>${lineNumber ? ` - <a href="${lineLink}">Line ${lineNumber}</a>` : ''}</li>`;
+                        }).join('');
+                        return output + errorDetails + '</ul></li>';
+                    }).join('');
+                    logger_1.logger.debug(`fileDetails: ${output + ruleDetails}</ul></li>`);
+                    return output + ruleDetails + '</ul></li>';
+                }).join('');
+            }
+            catch (error) {
+                logger_1.logger.error(error, 'Failed to generate report content');
+                logger_1.logger.error(JSON.stringify(error));
+                logger_1.logger.error(error.message);
+                logger_1.logger.error(error.stack);
+                return '';
+            }
+            // Generate YAML attachment
+            const yamlAttachment = (0, yaml_1.stringify)(results.XFI_RESULT);
+            const yamlSection = `
+<h2>📎 Full Results (YAML)</h2>
+<pre style="background-color: #d1e3f6; padding: 16px; border-radius: 6px; overflow-x: auto;">
+${yamlAttachment}
+</pre>`;
+            const result = `<h1>🚨 Issues Detected</h1>
+
+<p>X-Fidelity found issues in your codebase:</p>
 
-## Summary
-- Archetype: ${results.XFI_RESULT.archetype}
-- Total files analyzed: ${results.XFI_RESULT.fileCount}
-- Issues found: ${results.XFI_RESULT.totalIssues}
-  - Warnings: ${results.XFI_RESULT.warningCount}
-  - Errors: ${results.XFI_RESULT.errorCount}
-  - Fatalities: ${results.XFI_RESULT.fatalityCount}
-- Exemptions: ${results.XFI_RESULT.exemptCount}
+<h2>📊 Summary</h2>
+<ul>
+  <li><strong>Archetype:</strong> <code>${results.XFI_RESULT.archetype}</code></li>
+  <li><strong>Files analyzed:</strong> ${results.XFI_RESULT.fileCount}</li>
+  <li><strong>Total issues:</strong> ${results.XFI_RESULT.totalIssues}</li>
+  <li>⚠️ Warnings: ${results.XFI_RESULT.warningCount}</li>
+  <li>❌ Errors: ${results.XFI_RESULT.errorCount}</li>
+  <li>🔥 Fatalities: ${results.XFI_RESULT.fatalityCount}</li>
+</ul>
 
-## Affected Files
-${affectedFiles.map(file => `- ${file}`).join('\n')}
+<h2>📝 Issues by File</h2>
+<ul>
+${fileDetails}
+</ul>
 
-## Execution Time
-${results.XFI_RESULT.durationSeconds} seconds
+<p>Please address these issues as soon as possible.</p>
 
-For detailed information, please check the CI logs.
-`;
+${yamlSection}
+    `;
+            logger_1.logger.trace(result);
+            return result;
+        }
+        else {
+            // Success template
+            return `<h1>✅ Success!</h1>
+
+<p>Your codebase passed all X-Fidelity checks.</p>
+
+<h2>📊 Summary</h2>
+<ul>
+  <li><strong>Archetype:</strong> <code>${results.XFI_RESULT.archetype}</code></li>
+  <li><strong>Files analyzed:</strong> ${results.XFI_RESULT.fileCount}</li>
+  <li><strong>Execution time:</strong> ${results.XFI_RESULT.durationSeconds} seconds</li>
+</ul>
+
+<p>🎉 Great job keeping the code clean!</p>`;
+        }
     }
 }
 exports.NotificationManager = NotificationManager;

package/dist/notifications/providers/emailProvider.js

@@ -15,6 +15,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.EmailProvider = void 0;
 const logger_1 = require("../../utils/logger");
 const nodemailer_1 = __importDefault(require("nodemailer"));
+const yaml_1 = require("yaml");
 class EmailProvider {
     constructor(config) {
         this.name = 'email';
@@ -22,6 +23,7 @@ class EmailProvider {
     }
     send(notification) {
         return __awaiter(this, void 0, void 0, function* () {
+            var _a;
             try {
                 logger_1.logger.debug({
                     config: Object.assign(Object.assign({}, this.config), { auth: {
@@ -52,11 +54,17 @@ class EmailProvider {
                     logger_1.logger.error(verifyError, 'Failed to verify SMTP connection');
                     return false;
                 }
+                // Generate plain text version with YAML
+                const plainTextContent = `${notification.content.replace(/<[^>]*>/g, '')}
+
+--- Full Results ---
+${(0, yaml_1.stringify)((_a = notification.metadata) === null || _a === void 0 ? void 0 : _a.results.XFI_RESULT)}`;
                 const info = yield transporter.sendMail({
                     from: this.config.from,
                     to: notification.recipients.join(', '),
                     subject: notification.subject,
-                    text: notification.content,
+                    html: notification.content,
+                    text: plainTextContent,
                 });
                 logger_1.logger.info({
                     messageId: info.messageId,

package/dist/types/notificationTypes.d.ts

@@ -13,7 +13,6 @@ export interface NotificationConfig {
     providers: string[];
     codeOwnersPath?: string;
     codeOwnersEnabled?: boolean;
-    reportTemplate?: string;
     notifyOnSuccess?: boolean;
     notifyOnFailure?: boolean;
 }

package/dist/types/typeDefs.d.ts

@@ -256,10 +256,6 @@ export interface RepoXFIConfig {
         codeOwners?: boolean;
         notifyOnSuccess?: boolean;
         notifyOnFailure?: boolean;
-        customTemplates?: {
-            success?: string;
-            failure?: string;
-        };
     };
     [key: string]: any;
 }

package/dist/xfidelity

@@ -123,14 +123,11 @@ function main() {
                     // Send notifications if enabled
                     if (notificationConfig.enabled) {
                         logger_1.logger.debug('Notifications are enabled, preparing to send report');
-                        // Get list of affected files (those with issues)
-                        const affectedFiles = getAffectedFiles(resultMetadata);
                         logger_1.logger.debug({
-                            affectedFilesCount: affectedFiles.length,
-                            hasRepoConfig: !!resultMetadata.XFI_RESULT.repoXFIConfig
+                            affectedFilesCount: resultMetadata.XFI_RESULT.issueDetails.length
                         }, 'Preparing notification data');
                         // Pass the repo config to the notification manager
-                        yield notificationManager.sendReport(resultMetadata, affectedFiles, resultMetadata.XFI_RESULT.repoXFIConfig);
+                        yield notificationManager.sendReport(resultMetadata);
                     }
                     // if results are found, there were issues found in the codebase
                     if (resultMetadata.XFI_RESULT.totalIssues > 0) {
@@ -171,18 +168,6 @@ function main() {
         }
     });
 }
-// Helper function to extract affected files from results
-function getAffectedFiles(resultMetadata) {
-    const affectedFiles = [];
-    if (resultMetadata.XFI_RESULT.issueDetails) {
-        for (const issue of resultMetadata.XFI_RESULT.issueDetails) {
-            if (issue.filePath && !affectedFiles.includes(issue.filePath)) {
-                affectedFiles.push(issue.filePath);
-            }
-        }
-    }
-    return affectedFiles;
-}
 var configManager_1 = require("./core/configManager");
 Object.defineProperty(exports, "repoDir", { enumerable: true, get: function () { return configManager_1.repoDir; } });
 __exportStar(require("./utils/logger"), exports);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "x-fidelity",
-  "version": "3.11.0",
+  "version": "3.12.0",
   "description": "cli for opinionated framework adherence checks",
   "main": "dist/index",
   "types": "dist/index.d.ts",
@@ -101,6 +101,7 @@
     "prettyjson": "^1.2.5",
     "sanitize-filename": "^1.6.3",
     "semver": "^7.7.1",
+    "yaml": "^2.7.0",
     "yarn": "^1.22.22"
   },
   "peerDependencies": {

package/src/demoConfig/rules/newSdkFeatureNotAdoped-global-rule.json

@@ -12,10 +12,10 @@
                 "fact": "globalFileAnalysis",
                 "params": {
                     "newPatterns": [
-                        "logger\\.info\\("
+                        "const plugin: XFiPlugin = {"
                     ],
                     "legacyPatterns": [
-                        "logger\\.debug\\("
+                        "import {.*FactDefn.*} from '\\.\\./types/typeDefs';"
                     ],
                     "fileFilter": ".*\\.(ts|js)$",
                     "resultFact": "sdkUsageAnalysis"

package/src/demoConfig/rules/noDatabases-iterative-rule.json

@@ -11,7 +11,11 @@
             {
                 "fact": "repoFileAnalysis",
                 "params": {
-                    "checkPattern": ["oracle", "mysql", "mssql", "postgres", "sqlite", "mongodb", "cassandra", "redis", "rethinkdb", "neo4j", "couchdb"],
+                    "checkPattern": [
+                        "[\\s\\'\\\"\\.](oracle)[\\s\\'\\\"\\.]",
+                        "[\\s\\'\\\"\\.](postgres)[\\s\\'\\\"\\.]", 
+                        "[\\s\\'\\\"\\.](mongodb)[\\s\\'\\\"\\.]"
+                    ],
                     "resultFact": "fileResultsDB"
                 },
                 "operator": "fileContains",

package/src/demoConfig/rules/sensitiveLogging-iterative-rule.json

@@ -23,11 +23,9 @@
                     "checkPattern": [
                         "(api[_-]?key|auth[_-]?token|access[_-]?token|secret[_-]?key)",
                         "(aws[_-]?access[_-]?key[_-]?id|aws[_-]?secret[_-]?access[_-]?key)",
-                        "(password|passphrase)",
                         "(private[_-]?key|ssh[_-]?key)",
                         "(oauth[_-]?token|jwt[_-]?token)",
-                        "db[_-]?password",
-                        "(declare)"
+                        "db[_-]?password"
                     ],
                     "resultFact": "fileResults"
                 },

package/src/index.test.ts

@@ -13,6 +13,7 @@ jest.mock('./utils/logger', () => ({
     warn: jest.fn(),
     error: jest.fn(),
     debug: jest.fn(),
+    trace: jest.fn()
   },
   setLogPrefix: jest.fn(),
   setLogLevel: jest.fn(),

package/src/index.ts

@@ -81,18 +81,13 @@ export async function main() {
                 // Send notifications if enabled
                 if (notificationConfig.enabled) {
                     logger.debug('Notifications are enabled, preparing to send report');
-                    // Get list of affected files (those with issues)
-                    const affectedFiles = getAffectedFiles(resultMetadata);
                     logger.debug({
-                        affectedFilesCount: affectedFiles.length,
-                        hasRepoConfig: !!resultMetadata.XFI_RESULT.repoXFIConfig
+                        affectedFilesCount: resultMetadata.XFI_RESULT.issueDetails.length
                     }, 'Preparing notification data');
                     
                     // Pass the repo config to the notification manager
                     await notificationManager.sendReport(
-                        resultMetadata, 
-                        affectedFiles,
-                        resultMetadata.XFI_RESULT.repoXFIConfig
+                        resultMetadata
                     );
                 }
 
@@ -135,21 +130,6 @@ export async function main() {
     }
 }
 
-// Helper function to extract affected files from results
-function getAffectedFiles(resultMetadata: ResultMetadata): string[] {
-    const affectedFiles: string[] = [];
-    
-    if (resultMetadata.XFI_RESULT.issueDetails) {
-        for (const issue of resultMetadata.XFI_RESULT.issueDetails) {
-            if (issue.filePath && !affectedFiles.includes(issue.filePath)) {
-                affectedFiles.push(issue.filePath);
-            }
-        }
-    }
-    
-    return affectedFiles;
-}
-
 export { repoDir } from './core/configManager';
 export * from './utils/logger';
 export * from './types';

package/src/notifications/notificationManager.ts

@@ -1,8 +1,9 @@
 import { logger } from '../utils/logger';
+import { execSync } from 'child_process';
 import { ResultMetadata, RepoXFIConfig } from '../types/typeDefs';
 import { Notification, NotificationProvider, NotificationConfig, CodeOwner } from '../types/notificationTypes';
 import fs from 'fs';
-import path from 'path';
+import { stringify as yamlStringify } from 'yaml';
 
 export class NotificationManager {
   private static instance: NotificationManager;
@@ -33,17 +34,17 @@ export class NotificationManager {
     logger.info(`Registered notification provider: ${provider.name}`);
   }
 
-  public async sendReport(results: ResultMetadata, affectedFiles: string[], repoXFIConfig?: RepoXFIConfig): Promise<void> {
+  public async sendReport(results: ResultMetadata): Promise<void> {
     if (!this.config.enabled) {
       logger.debug('Notifications are disabled');
       return;
     }
 
     // Merge global config with repo-specific config
-    const notifyConfig = this.mergeNotificationConfig(repoXFIConfig);
+    const notifyConfig = this.mergeNotificationConfig(results.XFI_RESULT.repoXFIConfig);
 
     // Determine if we should send notification based on results
-    const hasIssues = results.XFI_RESULT.totalIssues > 0;
+    const hasIssues = results.XFI_RESULT.issueDetails.length > 0;
     if (hasIssues && !notifyConfig.notifyOnFailure) {
       logger.debug('Skipping notification for failure as notifyOnFailure is disabled');
       return;
@@ -54,24 +55,18 @@ export class NotificationManager {
     }
 
     // Get recipients from multiple sources
-    const recipients = this.getRecipients(affectedFiles, repoXFIConfig, notifyConfig);
+    const recipients = this.getRecipients(this.getAffectedFiles(results), results.XFI_RESULT.repoXFIConfig, notifyConfig);
     if (Object.values(recipients).every(list => list.length === 0)) {
       logger.warn('No recipients found for notification');
       return;
     }
 
     // Generate report content
-    const subject = hasIssues 
+    const subject = hasIssues
       ? `[X-Fidelity] Issues found in your codebase (${results.XFI_RESULT.totalIssues})`
       : '[X-Fidelity] Your codebase passed all checks';
-    
-    // Use custom template if available
-    const templateKey = hasIssues ? 'failure' : 'success';
-    const customTemplate = repoXFIConfig?.notifications?.customTemplates?.[templateKey];
-    
-    const content = customTemplate 
-      ? this.applyTemplate(customTemplate, results, affectedFiles)
-      : this.generateReportContent(results, affectedFiles);
+
+    const content = this.generateReportContent(results);
 
     // Send through all configured providers
     for (const providerName of this.config.providers) {
@@ -89,9 +84,9 @@ export class NotificationManager {
             recipients: providerRecipients,
             subject,
             content,
-            metadata: { 
+            metadata: {
               results,
-              ciRunUrl: process.env.CI_RUN_URL || process.env.GITHUB_SERVER_URL && process.env.GITHUB_REPOSITORY && process.env.GITHUB_RUN_ID 
+              ciRunUrl: process.env.CI_RUN_URL || process.env.GITHUB_SERVER_URL && process.env.GITHUB_REPOSITORY && process.env.GITHUB_RUN_ID
                 ? `${process.env.GITHUB_SERVER_URL}/${process.env.GITHUB_REPOSITORY}/actions/runs/${process.env.GITHUB_RUN_ID}`
                 : undefined
             }
@@ -115,22 +110,22 @@ export class NotificationManager {
 
     return {
       ...this.config,
-      notifyOnSuccess: repoXFIConfig.notifications.notifyOnSuccess !== undefined 
-        ? repoXFIConfig.notifications.notifyOnSuccess 
+      notifyOnSuccess: repoXFIConfig.notifications.notifyOnSuccess !== undefined
+        ? repoXFIConfig.notifications.notifyOnSuccess
         : this.config.notifyOnSuccess,
-      notifyOnFailure: repoXFIConfig.notifications.notifyOnFailure !== undefined 
-        ? repoXFIConfig.notifications.notifyOnFailure 
+      notifyOnFailure: repoXFIConfig.notifications.notifyOnFailure !== undefined
+        ? repoXFIConfig.notifications.notifyOnFailure
         : this.config.notifyOnFailure,
       // Use codeOwners setting from repo config if specified
-      codeOwnersEnabled: repoXFIConfig.notifications.codeOwners !== undefined 
-        ? repoXFIConfig.notifications.codeOwners 
+      codeOwnersEnabled: repoXFIConfig.notifications.codeOwners !== undefined
+        ? repoXFIConfig.notifications.codeOwners
         : this.config.codeOwnersEnabled
     };
   }
 
   private getRecipients(
-    affectedFiles: string[], 
-    repoXFIConfig?: RepoXFIConfig, 
+    affectedFiles: string[],
+    repoXFIConfig?: RepoXFIConfig,
     notifyConfig?: NotificationConfig
   ): Record<string, string[]> {
     const result: Record<string, string[]> = {
@@ -179,11 +174,11 @@ export class NotificationManager {
     try {
       const codeOwnersContent = fs.readFileSync(this.config.codeOwnersPath, 'utf8');
       const lines = codeOwnersContent.split('\n');
-      
+
       for (const line of lines) {
         // Skip comments and empty lines
         if (line.trim().startsWith('#') || line.trim() === '') continue;
-        
+
         const parts = line.trim().split(/\s+/);
         if (parts.length >= 2) {
           const path = parts[0];
@@ -191,11 +186,11 @@ export class NotificationManager {
             // Remove @ from GitHub usernames if present
             return owner.startsWith('@') ? owner.substring(1) : owner;
           });
-          
+
           this.codeOwners.push({ path, owners });
         }
       }
-      
+
       logger.info(`Loaded ${this.codeOwners.length} code owner entries`);
     } catch (error) {
       logger.error(error, `Failed to load CODEOWNERS file from ${this.config.codeOwnersPath}`);
@@ -204,7 +199,7 @@ export class NotificationManager {
 
   private getCodeOwnersForFiles(files: string[]): string[] {
     const owners = new Set<string>();
-    
+
     for (const file of files) {
       for (const codeOwner of this.codeOwners) {
         // Simple glob matching (can be enhanced with proper glob matching)
@@ -213,7 +208,7 @@ export class NotificationManager {
         }
       }
     }
-    
+
     return Array.from(owners);
   }
 
@@ -231,42 +226,156 @@ export class NotificationManager {
     return filePath === pattern;
   }
 
-  private applyTemplate(template: string, results: ResultMetadata, affectedFiles: string[]): string {
-    // Replace template variables with actual values
-    return template
-      .replace(/\${archetype}/g, results.XFI_RESULT.archetype)
-      .replace(/\${fileCount}/g, String(results.XFI_RESULT.fileCount))
-      .replace(/\${totalIssues}/g, String(results.XFI_RESULT.totalIssues))
-      .replace(/\${warningCount}/g, String(results.XFI_RESULT.warningCount))
-      .replace(/\${errorCount}/g, String(results.XFI_RESULT.errorCount))
-      .replace(/\${fatalityCount}/g, String(results.XFI_RESULT.fatalityCount))
-      .replace(/\${exemptCount}/g, String(results.XFI_RESULT.exemptCount))
-      .replace(/\${affectedFiles}/g, affectedFiles.map(file => `- ${file}`).join('\n'))
-      .replace(/\${date}/g, new Date().toISOString())
-      .replace(/\${executionTime}/g, String(results.XFI_RESULT.durationSeconds));
+  // Helper function to extract affected files from results
+  private getAffectedFiles(results: ResultMetadata): string[] {
+    const affectedFiles: string[] = [];
+
+    if (results.XFI_RESULT.issueDetails) {
+      for (const issue of results.XFI_RESULT.issueDetails) {
+        if (issue.filePath && !affectedFiles.includes(issue.filePath)) {
+          affectedFiles.push(issue.filePath);
+        }
+      }
+    }
+
+    return affectedFiles;
   }
 
-  private generateReportContent(results: ResultMetadata, affectedFiles: string[]): string {
-    // Basic template - can be enhanced or made configurable
-    return `
-# X-Fidelity Analysis Report
+  private generateReportContent(results: ResultMetadata): string {
+    // Get GitHub details from git commands with fallbacks to env vars
+    let githubServer = '';
+    let githubRepo = '';
+    let githubBranch = '';
+
+    try {
+      // Get remote URL and extract server/repo
+      const remoteUrl = execSync('git config --get remote.origin.url', { encoding: 'utf8', cwd: results.XFI_RESULT.repoPath })?.toString().trim();
+      if (remoteUrl) {
+        const match = remoteUrl.match(/^(?:https?:\/\/|git@)([^/:]+)[/:]([^/]+\/[^/.]+)(?:\.git)?$/);
+        if (match) {
+          githubServer = process.env.GITHUB_SERVER_URL || `https://${match[1]}`;
+          githubRepo = process.env.GITHUB_REPOSITORY || match[2];
+        }
+      }
+
+      // Get current branch
+      githubBranch = execSync('git rev-parse --abbrev-ref HEAD', { encoding: 'utf8', cwd: results.XFI_RESULT.repoPath })?.toString().trim();
+    } catch (error) {
+      logger.warn('Failed to get git details, falling back to defaults', { error });
+      githubServer = process.env.GITHUB_SERVER_URL || 'https://github.com';
+      githubRepo = process.env.GITHUB_REPOSITORY || results.XFI_RESULT.repoUrl
+        .replace(/\.git$/, '')
+        .replace(/^git@([^:]+):/, 'https://$1/')
+        .replace(/^https?:\/\/[^\/]+\//, '');
+      githubBranch = process.env.GITHUB_REF_NAME || 'main';
+    }
+
+    const githubUrl = `${githubServer}/${githubRepo}/blob/${githubBranch}`;
+
+    let fileDetails = '';
+
+    if (results.XFI_RESULT.issueDetails.length > 0) {
 
-## Summary
-- Archetype: ${results.XFI_RESULT.archetype}
-- Total files analyzed: ${results.XFI_RESULT.fileCount}
-- Issues found: ${results.XFI_RESULT.totalIssues}
-  - Warnings: ${results.XFI_RESULT.warningCount}
-  - Errors: ${results.XFI_RESULT.errorCount}
-  - Fatalities: ${results.XFI_RESULT.fatalityCount}
-- Exemptions: ${results.XFI_RESULT.exemptCount}
+      try {
+        // Failure template
+        fileDetails = results.XFI_RESULT.issueDetails.map(issue => {
+          logger.debug(issue, `generating report content for issue: ${issue.filePath}`);
+          // Remove local path prefix from file paths
+          const relativePath = issue.filePath.replace(results.XFI_RESULT.repoPath + '/', '');
+          const fileIssues = issue.errors;
 
-## Affected Files
-${affectedFiles.map(file => `- ${file}`).join('\n')}
+          // Start with file name as bold list item with link
+          let output = `<li><strong><a href="${githubUrl}/${relativePath}">${relativePath}</a></strong><ul>`;
 
-## Execution Time
-${results.XFI_RESULT.durationSeconds} seconds
+          // Add rule failures with severity-based colors and line links
+          const ruleDetails = fileIssues?.map(error => {
+            const ruleName = error.ruleFailure;
+            const level = error.level;
+            const resultDetails = error?.details;
+            const message = resultDetails?.message;
 
-For detailed information, please check the CI logs.
-`;
+            let output = `<li>
+                    <span>${ruleName}: ${level}</span><br>
+                    <span>${message}</span><ul>
+                  `;
+
+            if (!Array.isArray(resultDetails?.details || !resultDetails?.details?.details[0].lineNumber)) {
+              return '</li>' + output + '<pre>' + yamlStringify(resultDetails?.details) + '</pre></li></ul></li>';
+            }
+
+            const errorDetails = resultDetails?.details?.map((errorInstance: any) => {
+              const lineNumber = errorInstance?.lineNumber;
+              const lineLink = lineNumber ? `${githubUrl}/${relativePath}#L${lineNumber}` : `${githubUrl}/${relativePath}`;
+              const color = level === 'fatality' ? '#f20707' :
+                level === 'error' ? '#53046c' :
+                  level === 'warning' ? '#944801' : '#1a1818';
+
+              return `<li><span style="color: ${color};font-weight:bold">${ruleName}</span>${lineNumber ? ` - <a href="${lineLink}">Line ${lineNumber}</a>` : ''}</li>`;
+            }).join('');
+
+            return output + errorDetails + '</ul></li>';
+          }).join('');
+
+          logger.debug(`fileDetails: ${output + ruleDetails}</ul></li>`);
+          return output + ruleDetails + '</ul></li>';
+        }).join('');
+
+      } catch (error: any) {
+        logger.error(error, 'Failed to generate report content');
+        logger.error(JSON.stringify(error))
+        logger.error(error.message)
+        logger.error(error.stack)
+        return '';
+      }
+
+
+      // Generate YAML attachment
+      const yamlAttachment = yamlStringify(results.XFI_RESULT);
+      const yamlSection = `
+<h2>📎 Full Results (YAML)</h2>
+<pre style="background-color: #d1e3f6; padding: 16px; border-radius: 6px; overflow-x: auto;">
+${yamlAttachment}
+</pre>`;
+
+      const result = `<h1>🚨 Issues Detected</h1>
+
+<p>X-Fidelity found issues in your codebase:</p>
+
+<h2>📊 Summary</h2>
+<ul>
+  <li><strong>Archetype:</strong> <code>${results.XFI_RESULT.archetype}</code></li>
+  <li><strong>Files analyzed:</strong> ${results.XFI_RESULT.fileCount}</li>
+  <li><strong>Total issues:</strong> ${results.XFI_RESULT.totalIssues}</li>
+  <li>⚠️ Warnings: ${results.XFI_RESULT.warningCount}</li>
+  <li>❌ Errors: ${results.XFI_RESULT.errorCount}</li>
+  <li>🔥 Fatalities: ${results.XFI_RESULT.fatalityCount}</li>
+</ul>
+
+<h2>📝 Issues by File</h2>
+<ul>
+${fileDetails}
+</ul>
+
+<p>Please address these issues as soon as possible.</p>
+
+${yamlSection}
+    `
+    logger.trace(result)
+    return result
+    } else {
+      // Success template
+      return `<h1>✅ Success!</h1>
+
+<p>Your codebase passed all X-Fidelity checks.</p>
+
+<h2>📊 Summary</h2>
+<ul>
+  <li><strong>Archetype:</strong> <code>${results.XFI_RESULT.archetype}</code></li>
+  <li><strong>Files analyzed:</strong> ${results.XFI_RESULT.fileCount}</li>
+  <li><strong>Execution time:</strong> ${results.XFI_RESULT.durationSeconds} seconds</li>
+</ul>
+
+<p>🎉 Great job keeping the code clean!</p>`;
+    }
   }
 }

package/src/notifications/providers/emailProvider.ts

@@ -1,6 +1,7 @@
 import { NotificationProvider, Notification } from '../../types/notificationTypes';
 import { logger } from '../../utils/logger';
 import nodemailer from 'nodemailer';
+import { stringify as yamlStringify } from 'yaml';
 
 export interface EmailProviderConfig {
   host: string;
@@ -57,11 +58,18 @@ export class EmailProvider implements NotificationProvider {
         return false;
       }
 
+      // Generate plain text version with YAML
+      const plainTextContent = `${notification.content.replace(/<[^>]*>/g, '')}
+
+--- Full Results ---
+${yamlStringify(notification.metadata?.results.XFI_RESULT)}`;
+
       const info = await transporter.sendMail({
         from: this.config.from,
         to: notification.recipients.join(', '),
         subject: notification.subject,
-        text: notification.content,
+        html: notification.content,
+        text: plainTextContent,
       });
 
       logger.info({

package/src/types/notificationTypes.ts

@@ -15,7 +15,6 @@ export interface NotificationConfig {
   providers: string[];
   codeOwnersPath?: string;
   codeOwnersEnabled?: boolean;
-  reportTemplate?: string;
   notifyOnSuccess?: boolean;
   notifyOnFailure?: boolean;
 }

package/src/types/typeDefs.ts

@@ -289,10 +289,6 @@ export interface RepoXFIConfig {
     codeOwners?: boolean;
     notifyOnSuccess?: boolean;
     notifyOnFailure?: boolean;
-    customTemplates?: {
-      success?: string;
-      failure?: string;
-    };
   };
   [key: string]: any;  // Allow for additional properties
 }