Mt 5 (#14)

* rm env configuration attributes
* add rimraf for developers
* adds fix flows flow selection
* improves configuration flow
* remove legacy expression settings
* replaces yaml dependency with cosmiconfig
* preselect all if none exists
* docs:improves usage section

Author: RubenHalman

.github/workflows/deploy-RELEASE.yml

@@ -1,44 +1,57 @@
----
-#
-# Documentation:
-# https://help.github.com/en/articles/workflow-syntax-for-github-actions
-#
-
-#######################################
-# Start the job on all push to master #
-#######################################
-name: 'Build & Deploy - RELEASE'
+name: "Build & Release"
+
 on:
   release:
-    # Want to run the automation when a release is created
-    types: ['created']
+    types: [created]
 
-permissions: read-all
+permissions:
+  contents: read
+  id-token: write # for future OpenID CI auth to avoid PATs
 
 concurrency:
   group: ${{ github.ref_name }}-${{ github.workflow }}
   cancel-in-progress: true
 
-###############
-# Set the Job #
-###############
 jobs:
-  deploy:
+  release:
     runs-on: ubuntu-latest
-    permissions: read-all
-    environment:
-      name: release
+    environment: release
+
     steps:
-      - uses: actions/checkout@v4
-        # Setup .npmrc file to publish to npm
-      - uses: actions/[email protected]
+      - name: Checkout Repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Setup Node
+        uses: actions/setup-node@v4
         with:
           node-version: 22.x
-      - name: Setup Dependencies
+
+      - name: Install Dependencies
+        run: npm ci
+
+      # Snyk security scan (currently advisory)
+      - name: Snyk Security Scan (Advisory Mode)
+        if: env.SNYK_TOKEN != ''
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        run: |
+          npm install -g snyk
+          snyk test || echo "❗ SNYK findings detected (not failing pipeline yet)"
+
+      - name: Build Extension Artifacts
+        run: npm run vscode:prepublish
+
+      - name: Run WDIO E2E Tests
+        run: npm run test
+
+      - name: Package VSIX
+        run: |
+          npm install -g @vscode/vsce
+          vsce package
+
+      - name: Publish to VS Code Marketplace
         run: |
-          npm ci
-          npm install -g @vscode/vsce ovsx
-      - name: Compile VSIX
-        run: npm run build
-      - name: Publish VSCE Marketplace
-        run: vsce publish --pat ${{ secrets.VSCE_PAT }} -i $(ls -all | grep "lightningflowscanner" | awk '{print $9}')
+          vsce publish --pat "${{ secrets.VSCE_PAT }}" --packagePath *.vsix
+        shell: bash

.gitignore

@@ -13,6 +13,4 @@ coverage
 
 .config
 
-src/generated
-
 src/vscode.d.ts

.vscode/launch.json

@@ -14,10 +14,7 @@
       "stopOnEntry": false,
       "sourceMaps": true,
       "outFiles": ["${workspaceRoot}/out/src/**/*.js"],
-      "preLaunchTask": "npm: watch",
-      "env": {
-        "USE_NEW_CONFIG": "true"
-      },
+      "preLaunchTask": "npm: watch"
     },
     {
       "args": [
@@ -40,24 +37,7 @@
       ],
       "outFiles": [
         "${workspaceFolder}/dist/**/*.js"
-      ],
-      "env": {
-        "USE_NEW_CONFIG": "true"
-      },
-    },
-    {
-      "name": "Extension Tests",
-      "type": "extensionHost",
-      "request": "launch",
-      "runtimeExecutable": "${execPath}",
-      "args": [
-        "--disable-extensions",
-        "--extensionDevelopmentPath=${workspaceFolder}",
-        "--extensionTestsPath=${workspaceFolder}/out/test/suite/index"
-      ],
-      "outFiles": [
-        "${workspaceFolder}/out/test/**/*.js"
       ]
-    },
+    }
   ]
 }

.vscode/settings.json

@@ -11,7 +11,4 @@
   // Turn off tsc task auto detection since we have the necessary tasks as npm scripts
   "typescript.tsc.autoDetect": "off",
   "typescript.tsdk": "node_modules/typescript/lib",
-  "jest.jestCommandLine": "npm run v:test:reactive --",
-  "jest.runMode": "on-demand",
-
 }

.vscode/tasks.json

@@ -17,51 +17,13 @@
 				"isDefault": true
 			}
 		},
-		{
-			"type": "npm",
-			"script": "watch-tests",
-			"problemMatcher": "$tsc-watch",
-			"isBackground": true,
-			"presentation": {
-				"reveal": "never",
-				"group": "watchers"
-			},
-			"group": "build"
-		},
-		{
-			"label": "tasks: watch-tests",
-			"dependsOn": [
-				"npm: watch",
-				"npm: watch-tests"
-			],
-			"problemMatcher": []
-		},
 		{
 			"type": "npm",
 			"script": "compile",
 			"group": "build",
 			"problemMatcher": [],
 			"label": "npm: compile",
 			"detail": "npm run build"
-		},
-    { 
-      "type": "npm",
-      "script": "v:dev",
-      "isBackground": true,
-      "presentation": {
-        "reveal": "never"
-      },
-      "problemMatcher": [
-        {
-          "base": "$ts-webpack-watch",
-          "background": {
-            "activeOnStart": true,
-            "beginsPattern": "Build start",
-            "endsPattern": "Build success"
-          }
-        }
-      ],
-      "group": "build"
-    }
+		}
 	]
 }

README.md

@@ -11,23 +11,21 @@
 
 ## Usage
 
-Use our side bar or the **Command Palette** and type `Flow Scanner` to see the list of all available commands.
+Use our side bar or the **Command Palette** and type `flowscanner` to see the list of all available commands.
 
-* `Configure Rules` Allows to define rules and expressions as per defined in the [core documentation](https://github.com/Flow-Scanner/lightning-flow-scanner-core).
-* `Scan Flows` allows choosing either a directory or a selection of flows to run the analysis against.
-* `Fix Flows` will apply available fixes automatically.
-* `Open Documentation` can be used to reference the documentation.
+* `Configure Flow Scanner` - Set up rules in `.flow-scanner.yml` (see [documentation](https://github.com/Flow-Scanner/lightning-flow-scanner-core))
+* `Scan Flows` - Analyze a directory or selected flow files
+* `Fix Flows` - Automatically apply available fixes
+* `Flow Scanner Documentation` - Open the rules reference guide
 
 **Privacy:** Zero user data collected. All processing is client-side.
 → See Data Handling in our [Security Policy](https://github.com/Flow-Scanner/lightning-flow-scanner-vsx?tab=security-ov-file).
 
 ## Configuration
 
-| Key                              | Description                                                                       | Default Value                 |
-| -------------------------------- | --------------------------------------------------------------------------------- | ----------------------------- |
-| `flowscanner.SpecifyFiles`     | Specify flow file paths instead of a root directory.                              | `false`                     |
-| `flowscanner.NamingConvention` | Specify a REGEX expression to use as Flow Naming convention.                      | `[A-Za-z0-9]+_[A-Za-z0-9]+` |
-| `flowscanner.APIVersion`       | Specify an expression to validate the API version, i.e. '===50'(use at least 50). | `>50`                       |
+| Key                          | Description                                          | Default Value |
+| ---------------------------- | ---------------------------------------------------- | ------------- |
+| `flowscanner.SpecifyFiles` | Specify flow file paths instead of a root directory. | `false`     |
 
 ## Development
 
@@ -84,7 +82,7 @@ If you’re developing or testing updates to the core module, you can link it lo
 
 ## VSCE to VSX
 
-The `lightning-flow-scanner-vsce` package was unpublished from the Visual Studio and Open VSX Marketplaces due to a vulnerability in `lightning-flow-scanner-core`, stemming from unsafe rule loading. This issue was addressed in [v5 of the core library](https://github.com/Flow-Scanner/lightning-flow-scanner-core/releases/tag/v5.1.0). This fork, created on 22/09/2025, emphasizes security and maintainability.
+The `lightning-flow-scanner-vsce` package was unpublished from the Visual Studio and Open VSX Marketplaces due to a vulnerability stemming from unsafe rule loading. The issue was addressed in [v5 of the core library](https://github.com/Flow-Scanner/lightning-flow-scanner-core/releases/tag/v5.1.0). This fork, created on 22/09/2025, emphasizes security and maintainability.
 
 <p><strong>Want to help improve Lightning Flow Scanner? See our <a href="https://github.com/Flow-Scanner/lightning-flow-scanner-core?tab=contributing-ov-file">Contributing Guidelines</a></strong></p>
 <!-- force-contributors-render: 2025-10-28 22:10:01 -->

SECURITY.md

@@ -28,4 +28,4 @@ We actively track and maintain an up-to-date inventory of all third-party depend
 | `lightning-flow-scanner-core` | [MIT](https://github.com/Flow-Scanner/lightning-flow-scanner-core/blob/main/LICENSE.md) | Salesforce Flow scanning utilities             |
 | `tabulator-tables`            | [MIT](https://github.com/olifolkerd/tabulator/blob/master/LICENSE)                      | Interactive tables and data grids for web apps |
 | `uuid`                        | [MIT](https://github.com/uuidjs/uuid/blob/main/LICENSE.md)                              | Generates RFC-compliant UUIDs                  |
-| `yaml`                        | [ISC](https://github.com/eemeli/yaml/blob/main/LICENSE)                                 | YAML parser and stringifier for JavaScript     |
+| `cosmiconfig`                        | [MIT](https://github.com/davidtheclark/cosmiconfig/blob/main/LICENSE) | Config file loader for JavaScript/Node |