automatic suppression handling and rule simplification

Author: RubenHalman

README.md

@@ -30,6 +30,8 @@
 <p>📌<strong>Tip:</strong> To link directly to a specific rule, use the full GitHub anchor link format. Example:</p>
 <p><em><a href="https://github.com/Flow-Scanner/lightning-flow-scanner-core#unsafe-running-context">https://github.com/Flow-Scanner/lightning-flow-scanner-core#unsafe-running-context</a></em></p>
 
+> Want to code a new rule? → See [How to Write a Rule](docs/write-a-new-rule.md)
+
 ### Action Calls In Loop(Beta)
 
 _[ActionCallsInLoop](https://github.com/Flow-Scanner/lightning-flow-scanner-core/tree/main/src/main/rules/ActionCallsInLoop.ts)_ - To prevent exceeding Apex governor limits, it is advisable to consolidate and bulkify your apex calls, utilizing a single action call containing a collection variable at the end of the loop.

docs/write-a-rule.md

@@ -0,0 +1,99 @@
+# How to Write a Rule
+
+## What You Need to Know Upfront
+
+Your rule only has to implement one method: **check()**.  
+Everything else (suppression handling, wildcard “\*”, conversion to RuleResult) is done for you by RuleCommon.execute().
+
+- You return every violation you find – no manual “if (!suppressions.has(name))” needed in 95% of cases.
+- The base class automatically removes violations whose element.name (or the rule name for flow-level issues) is listed in the suppressions array.
+- You only add manual suppression checks when the traversal is expensive (e.g. graph walking in MissingFaultPath, UnconnectedElement, DuplicateDMLOperation).
+
+## The Flow Model – What You Actually Work With
+
+The Flow object gives you three main collections (already parsed and typed):
+
+- flow.elements → every node, variable, constant, formula, choice, etc.  
+  Each item is a FlowNode, FlowVariable, FlowMetadata or FlowResource and always has a .name property.
+- flow.xmldata → raw JSON version of the Flow XML (useful for processMetadataValues, description, apiVersion, CanvasMode, etc.).
+- flow.start / flow.startElementReference / flow.startReference → entry point of the flow.
+
+Common filters you will use:
+
+- flow.elements?.filter(e => e.subtype === "recordLookups")
+- flow.elements?.filter(e => e.subtype === "loops")
+- flow.elements?.filter(e => e.subtype === "decisions")
+
+## The Compiler
+
+Compiler.traverseFlow(flow, startName, callback, optionalEndName) walks the flow exactly like the runtime does (iterative DFS, respects fault connectors, loop “noMoreValuesConnector”, etc.).  
+Most complex rules (fault paths, unconnected elements, DML-in-loop, etc.) use this helper.
+
+```ts
+new Compiler().traverseFlow(
+  flow, // your Flow instance
+  flow.startReference, // name of the start element (or startElementReference)
+  (element: FlowNode) => {
+    // callback executed on every reachable element
+    // your logic here – element is a FlowNode with .name, .subtype, .element, .connectors
+  },
+  optionalEndName // (optional) stop traversal when this name is reached (used for loops)
+);
+```
+
+## Example – Simple Element Rule (without manual suppressions)
+
+```ts
+import * as core from "../internals/internals";
+import { RuleCommon } from "../models/RuleCommon";
+import { IRuleDefinition } from "../interfaces/IRuleDefinition";
+
+export class HardcodedReferences extends RuleCommon implements IRuleDefinition {
+  constructor() {
+    super({
+      name: "HardcodedReferences",
+      label: "Hard-coded Record References",
+      description:
+        "Detects Get Records or other elements that use hard-coded Ids instead of variables.",
+      supportedTypes: core.FlowType.allTypes(),
+      docRefs: [],
+      isConfigurable: false,
+      autoFixable: false,
+    });
+  }
+
+  protected check(
+    flow: core.Flow,
+    _options: object | undefined,
+    _suppressions: Set<string>
+  ): core.Violation[] {
+    const violations: core.Violation[] = [];
+
+    const lookups = flow.elements?.filter((e) => e.subtype === "recordLookups") ?? [];
+
+    for (const node of lookups) {
+      const filterLogic = node.element.filterLogic;
+      const conditions = node.element.conditions ?? node.element.objectConditions;
+
+      // naive check – real rule would parse the condition properly
+      if (JSON.stringify(conditions).match(/[a-zA-Z0-9]{15}|[a-zA-Z0-9]{18}/)) {
+        violations.push(new core.Violation(node));
+      }
+    }
+
+    return violations; // suppression handled automatically by base class
+  }
+}
+```
+
+## Writing a New Rule – The Recipe
+
+1. Create a file src/main/rules/YourRuleName.ts
+2. Extend RuleCommon (or LoopRuleCommon for loop-only rules).
+3. In the constructor call super({ …RuleInfo… }) – all metadata goes here.
+4. Implement protected check(flow, options, suppressions) → Violation[]
+   - Do your analysis.
+   - Return new Violation(element) for element-level issues.
+   - Return new Violation(new FlowAttribute(value, "property", "expected")) for flow-level issues.
+   - No suppression code needed unless performance demands it.
+5. Add the rule to DefaultRuleStore.ts

jest.env-setup.js

@@ -2,8 +2,6 @@ const fs = require("fs");
 const path = require("path");
 
 module.exports = () => {
-  console.log("UMD Setup: Running, UMD_PATH:", process.env.UMD_PATH || "undefined");
-
   if (!process.env.UMD_PATH) {
     console.log("UMD Setup: No UMD_PATH—skipping (Node-only mode)");
     return;
@@ -32,10 +30,6 @@ module.exports = () => {
     const exportsParam = viteUmdMatch[2];
     const depParam = viteUmdMatch[3];
 
-    console.log("UMD Setup: Vite UMD pattern matched!");
-    console.log("UMD Setup: Factory body length:", factoryBody.length);
-    console.log("UMD Setup: Exports param:", exportsParam, "Dependency param:", depParam);
-
     try {
       // Create the factory function with proper parameters
       const factoryFn = depParam
@@ -53,9 +47,6 @@ module.exports = () => {
       // Assign to global
       global.lightningflowscanner = exports;
 
-      console.log("UMD Setup: Factory invoked successfully");
-      console.log("UMD Setup: Exported keys:", Object.keys(exports).slice(0, 10));
-
       if (Object.keys(exports).length === 0) {
         console.error("UMD Setup: WARNING - exports object is empty!");
       }
@@ -65,7 +56,6 @@ module.exports = () => {
     }
   } else {
     // Fallback: Try direct execution approach
-    console.log("UMD Setup: Trying direct execution approach...");
 
     try {
       // Create a mock global/window context
@@ -108,12 +98,4 @@ module.exports = () => {
       console.error("Stack:", e.stack.slice(0, 400));
     }
   }
-
-  // Final verification
-  if (global.lightningflowscanner && Object.keys(global.lightningflowscanner).length > 0) {
-    console.log("✓ UMD Setup: SUCCESS - lightningflowscanner loaded on global");
-    console.log("  Available exports:", Object.keys(global.lightningflowscanner).join(", "));
-  } else {
-    console.error("✗ UMD Setup: FAILED - lightningflowscanner not properly loaded");
-  }
 };

package-lock.json

@@ -1,7 +1,7 @@
 {
   "name": "@flow-scanner/lightning-flow-scanner-core",
   "description": "A lightweight engine for Flow metadata in Node.js, and browser environments. Assess and enhance Salesforce Flow automations for best practices, security, governor limits, and performance issues.",
-  "version": "6.4.3",
+  "version": "6.5.0",
   "main": "index.js",
   "types": "index.d.ts",
   "engines": {

package.json

@@ -1,5 +1,6 @@
 import type { IRuleDefinition } from "./main/interfaces/IRuleDefinition";
 import type { IRulesConfig } from "./main/interfaces/IRulesConfig";
+import type { FlatViolation } from "./main/models/FlatViolation";
 
 import { Compiler } from "./main/libs/Compiler";
 import { exportDetails } from "./main/libs/exportAsDetails";
@@ -41,4 +42,4 @@ export {
   scan,
   ScanResult,
 };
-export type { IRuleDefinition, IRulesConfig };
+export type { FlatViolation, IRuleDefinition, IRulesConfig };

src/index.ts

@@ -2,6 +2,7 @@ import type { IRuleDefinition } from "../interfaces/IRuleDefinition";
 import type { IRulesConfig } from "../interfaces/IRulesConfig";
 
 import { Compiler } from "../libs/Compiler";
+import { FlatViolation } from "../models/FlatViolation";
 import { Flow } from "../models/Flow";
 import { FlowAttribute } from "../models/FlowAttribute";
 import { FlowElement } from "../models/FlowElement";
@@ -17,6 +18,7 @@ import { Violation } from "../models/Violation";
 
 // Used to prevent circular dependencies in Common JS
 export {
+  FlatViolation,
   FlowAttribute,
   FlowElement,
   FlowNode,

src/main/internals/internals.ts

@@ -13,7 +13,7 @@ export async function parse(selectedUris: string[]): Promise<ParsedFlow[]> {
     ignoreAttributes: false,
     // @ts-expect-error type issue
     ignoreNameSpace: false,
-    parseTagValue: false,  // ADD THIS: Keeps tag/text values as strings (no auto boolean/number conversion)
+    parseTagValue: false,
     textNodeName: "#text"
   });
 

src/main/libs/ParseFlows.ts

@@ -1,13 +1,7 @@
+import { FlatViolation } from "../models/FlatViolation";
 import { ScanResult } from "../models/ScanResult";
 import { Violation } from "../models/Violation";
 
-export interface FlatViolation extends Omit<Violation, 'details'> {
-  flowFile: string;
-  flowName: string;
-  ruleName: string;
-  severity: string;
-}
-
 export function exportDetails(results: ScanResult[], includeDetails = false): FlatViolation[] {
   return results.flatMap(result => {
     const flow = result.flow;

src/main/libs/exportAsDetails.ts

@@ -0,0 +1,8 @@
+import { Violation } from "./Violation";
+
+export interface FlatViolation extends Omit<Violation, 'details'> {
+  flowFile: string;
+  flowName: string;
+  ruleName: string;
+  severity: string;
+}