full vsx MIT rewrite

Author: RubenHalman

README.md

@@ -6,37 +6,32 @@
 
 <p align="center"><i>Detect unsafe contexts, queries in loops, hardcoded IDs, and more to optimize Salesforce Flows</i></p>
 
+[![GitHub stars](https://img.shields.io/github/stars/Flow-Scanner/lightning-flow-scanner)](https://img.shields.io/github/stars/Flow-Scanner/lightning-flow-scanner)
+[![GitHub contributors](https://img.shields.io/github/contributors/Flow-Scanner/lightning-flow-scanner.svg)](https://gitHub.com/Flow-Scanner/lightning-flow-scanner/graphs/contributors/)
+[![License](https://img.shields.io/npm/l/lightning-flow-scanner.svg)](github.com/Flow-Scanner/lightning-flow-scanner/raw/main/LICENSE.md)
+[![core](https://img.shields.io/npm/v/@flow-scanner/lightning-flow-scanner-core?label=core)](https://www.npmjs.com/package/@flow-scanner/lightning-flow-scanner-core)
+[![cli](https://img.shields.io/npm/v/lightning-flow-scanner?label=cli)](https://www.npmjs.com/package/lightning-flow-scanner)
+[![VS Marketplace Version](https://img.shields.io/visual-studio-marketplace/v/ForceConfigControl.lightning-flow-scanner-vsx?label=VS%20Marketplace)](https://marketplace.visualstudio.com/items?itemName=ForceConfigControl.lightning-flow-scanner-vsx) 
+[![Open VSX Version](https://img.shields.io/open-vsx/v/ForceConfigControl/lightning-flow-scanner-vsx?label=Open%20VSX)](https://open-vsx.org/extension/ForceConfigControl/lightning-flow-scanner-vsx) 
+
 ---
 
 ## Table of contens
 
-- **[Distributions](#distributions)**
 - **[Default Rules](#default-rules)**
 - **[Configuration](#configuration)**
   - [Defining Severity Levels](#defining-severity-levels)
   - [Configuring Expressions](#configuring-expressions)
   - [Specifying Exceptions](#specifying-exceptions)
   - [Include Beta Rules](#include-beta-rules)
 - **[Installation](#installation)**
-  - [Salesforce CLI Plugin](#salesforce-cli-plugin)
-  - [Core Module](#core-module)
+  - [Distributions](#distributions)
   - [CICD Templates](#cicd-templates)
 - **[Quick Start](#quick-start)**
 - **[Development](#development)**
 
 ---
 
-## Distributions
-
-| Distribution                                      | Best for                                      | Install / Use                                                                                           |
-|----------------------------------------------------------------|-----------------------------------------------|---------------------------------------------------------------------------------------------------------|
-| **[Salesforce CLI Plugin](https://github.com/Flow-Scanner/lightning-flow-scanner/blob/main/packages/cli/README.md)** | Local development, scratch orgs, CI/CD        | `sf plugins install lightning-flow-scanner`                                                             |
-| **[VS Code Extension](https://github.com/Flow-Scanner/lightning-flow-scanner-vsx)** | Real-time scanning inside VS Code             | `code --install-extension ForceConfigControl.lightning-flow-scanner-vsx`                               |
-| **[Salesforce App (Managed Package)](https://github.com/Flow-Scanner/lightning-flow-scanner-app)** | Run scans directly inside a Salesforce org  | `sf package install --package 04tgK0000007M73QAE` |
-| **[Core Library](https://github.com/Flow-Scanner/lightning-flow-scanner/tree/main/packages/core)** (Node.js + Browser) | Custom tools, scripts, extensions, web apps   | `npm install -g @flow-scanner/lightning-flow-scanner-core`                                                 |
-
-**Privacy:** Zero user data collected. All processing is client-side. → See our [Security Policy](https://github.com/Flow-Scanner/lightning-flow-scanner?tab=security-ov-file).
-
 ## Default Rules
 
 <p>📌<strong>Tip:</strong> To link directly to a specific rule, use the full GitHub anchor link format. Example:</p>
@@ -260,29 +255,16 @@ New rules are introduced in Beta mode before being added to the default ruleset.
 
 ## Installation
 
-[![GitHub stars](https://img.shields.io/github/stars/Flow-Scanner/lightning-flow-scanner)](https://img.shields.io/github/stars/Flow-Scanner/lightning-flow-scanner)
-[![GitHub contributors](https://img.shields.io/github/contributors/Flow-Scanner/lightning-flow-scanner.svg)](https://gitHub.com/Flow-Scanner/lightning-flow-scanner/graphs/contributors/)
-[![License](https://img.shields.io/npm/l/lightning-flow-scanner.svg)](github.com/Flow-Scanner/lightning-flow-scanner/raw/main/LICENSE.md)
-
-### Salesforce CLI Plugin
-[![npm](https://img.shields.io/npm/v/lightning-flow-scanner?label=)](https://www.npmjs.com/package/lightning-flow-scanner)
+### Distributions
 
-```bash
-sf plugins install lightning-flow-scanner
-```
-OR
-```bash
-npm install -g lightning-flow-scanner
-```
-
-### Core Module
-[![npm](https://img.shields.io/npm/v/@flow-scanner/lightning-flow-scanner-core?label=)](https://www.npmjs.com/package/@flow-scanner/lightning-flow-scanner-core)
-
-```bash
-npm install -g @flow-scanner/lightning-flow-scanner-core
-```
+| Distribution                                      | Best for                                      | Install / Use                                                                                           |
+|----------------------------------------------------------------|-----------------------------------------------|---------------------------------------------------------------------------------------------------------|
+| **[Salesforce CLI Plugin](https://github.com/Flow-Scanner/lightning-flow-scanner/blob/main/packages/cli/README.md)** | Local development, scratch orgs, CI/CD        | `sf plugins install lightning-flow-scanner`                                                             |
+| **[VS Code Extension](https://github.com/Flow-Scanner/lightning-flow-scanner/blob/main/packages/vsx/README.md)** | Real-time scanning inside VS Code             | `code --install-extension ForceConfigControl.lightning-flow-scanner-vsx`                               |
+| **[Salesforce App (Managed Package)](https://github.com/Flow-Scanner/lightning-flow-scanner-app)** | Run scans directly inside a Salesforce org  | `sf package install --package 04tgK0000007M73QAE` |
+| **[Core Library](https://github.com/Flow-Scanner/lightning-flow-scanner/tree/main/packages/core)** (Node.js + Browser) | Custom tools, scripts, extensions, web apps   | `npm install -g @flow-scanner/lightning-flow-scanner-core`                                                 |
 
----
+**Privacy:** Zero user data collected. All processing is client-side. → See our [Security Policy](https://github.com/Flow-Scanner/lightning-flow-scanner?tab=security-ov-file).
 
 ### CICD Templates
 Ready-to-use CI/CD templates and a **native GitHub Action**.  

SECURITY.md

@@ -42,3 +42,13 @@ We actively track and maintain an up-to-date inventory of all third-party depend
 | `@actions/core`               | [MIT](https://github.com/actions/toolkit/blob/main/packages/core/LICENSE)          | Toolkit for developing GitHub Actions       |
 | `@actions/github`             | [MIT](https://github.com/actions/toolkit/blob/main/packages/github/LICENSE)        | Interact with the GitHub API in Actions     |
 | `cosmiconfig`                        | [MIT](https://github.com/davidtheclark/cosmiconfig/blob/main/LICENSE) | Config file loader for JavaScript/Node |
+
+### VSX
+
+| Package                         | License                                                                              | Purpose`                                       |
+| ------------------------------- | ------------------------------------------------------------------------------------ | ---------------------------------------------- |
+| `convert-array-to-csv`        | [MIT](https://github.com/zemirco/convert-array-to-csv/blob/master/LICENSE)              | Converts JavaScript arrays into CSV format     |
+| `lightning-flow-scanner-core` | [MIT](https://github.com/Flow-Scanner/lightning-flow-scanner-core/blob/main/LICENSE.md) | Salesforce Flow scanning utilities             |
+| `tabulator-tables`            | [MIT](https://github.com/olifolkerd/tabulator/blob/master/LICENSE)                      | Interactive tables and data grids for web apps |
+| `uuid`                        | [MIT](https://github.com/uuidjs/uuid/blob/main/LICENSE.md)                              | Generates RFC-compliant UUIDs                  |
+| `cosmiconfig`                        | [MIT](https://github.com/davidtheclark/cosmiconfig/blob/main/LICENSE) | Config file loader for JavaScript/Node |

assets/media/vsx.gif

@@ -3,6 +3,7 @@
     <img src="https://raw.githubusercontent.com/Flow-Scanner/Lightning-Flow-Scanner/main/assets/media/banner.png" alt="Lightning Flow Scanner" width="41%" />
   </a>
 </p>
+<p align="center"><i>Detect unsafe contexts, queries in loops, hardcoded IDs, and more to optimize Salesforce Flows</i></p>
 
 <p align="center">
   <img src="https://raw.githubusercontent.com/Flow-Scanner/Lightning-Flow-Scanner/main/assets/media/sfdxgif.gif" alt="Flow Overview"/>
@@ -16,6 +17,8 @@
 - **[Default Rules](#default-rules)**
 - **[Configuration](#configuration)**
 - **[Installation](#installation)**
+- **[Development](#development)**
+
 ---
 
 ## Usage

packages/cli/README.md

@@ -0,0 +1,22 @@
+.vscode/**
+.vscode-test/**
+src/**
+webviews/**
+.gitignore
+vsc-extension-quickstart.md
+**/tsconfig.json
+**/.eslintrc.json
+**/*.map
+**/*.ts
+node_modules
+.wdio-vscode-service
+**.vsix
+media/demo.gif
+__mocks__/**
+coverage/**
+
+build/
+rollup.config.*
+tailwind.config.*
+.turbo/
+CNAME

packages/vsx/.github/workflows/deploy-RELEASE.yml

@@ -1,30 +1,28 @@
 <p align="center">
   <a href="https://github.com/Flow-Scanner">
-    <img src="media/bannerslim.png" style="width: 41%;" />
+    <img src="https://raw.githubusercontent.com/Flow-Scanner/Lightning-Flow-Scanner/main/assets/media/banner.png" alt="Lightning Flow Scanner" width="41%" />
   </a>
 </p>
 <p align="center"><i>Detect unsafe contexts, queries in loops, hardcoded IDs, and more to optimize Salesforce Flows</i></p>
 
 <p align="center">
- <img src="media/demo.gif" alt="Flow Overview"/>
+  <img src="https://raw.githubusercontent.com/Flow-Scanner/Lightning-Flow-Scanner/main/assets/media/vsx.gif" alt="Flow Overview"/>
 </p>
 
 ---
 
-## Table of contents
+## Table of contens
 
 - **[Usage](#usage)**
+- **[Default Rules](#default-rules)**
 - **[Configuration](#configuration)**
-  - [Scanner Options](#scanner-options)
-  - [Extension Settings](#extension-settings)
 - **[Installation](#installation)**
 - **[Development](#development)**
 
 ---
 
 ## Usage
 
-
 Lightning Flow Scanner VSX is plug-and-play. Open any project with flows and use our side bar or the **Command Palette** and type `flowscanner` to see the list of all available commands.
 
 * `Configure Flow Scanner` - Set up rules in `.flow-scanner.yml`
@@ -34,6 +32,14 @@ Lightning Flow Scanner VSX is plug-and-play. Open any project with flows and use
 
 **Privacy:** Zero user data collected. All processing is client-side. → See our [Security Policy](https://github.com/Flow-Scanner/lightning-flow-scanner-vsx?tab=security-ov-file).
 
+| Extension Settings           | Description                                                         | Default Value |
+| ---------------------------- | ------------------------------------------------------------------- | ------------- |
+| `flowscanner.SpecifyFiles` | Set to true to select .Flow file paths instead of a root directory. | `true`     |
+
+---
+
+## Default Rules
+
 ---
 
 ## Configuration
@@ -74,12 +80,6 @@ Using the rules section of your configurations, you can specify the list of rule
 
 Note: if you prefer JSON format, you can create a `.flow-scanner.json` file using the same format. For a more on configurations, review the [scanner documentation](https://flow-scanner.github.io/lightning-flow-scanner-core/#configuration).
 
-### Extension Settings
-
-| Extension Settings           | Description                                                         | Default Value |
-| ---------------------------- | ------------------------------------------------------------------- | ------------- |
-| `flowscanner.SpecifyFiles` | Set to true to select .Flow file paths instead of a root directory. | `true`     |
-
 ---
 
 ## Installation
@@ -100,61 +100,40 @@ code --install-extension ForceConfigControl.lightning-flow-scanner-vsx
 
 ## Development
 
-> This project optionally uses [Volta](https://volta.sh) to manage Node.js versions. Install Volta with:
+> This project optionally uses [Volta](https://volta.sh) to guarantee the exact same Node.js and tool versions for every contributor. Install Volta with:
 >
+> MacOs/Linux: 
 > ```sh
 > curl https://get.volta.sh | bash
 > ```
->
-> Volta will automatically use the Node.js version defined in `package.json`.
-
-1. **Clone the repository**
-
-```bash
-  git clone https://github.com/Flow-Scanner/lightning-flow-scanner-vsx.git
-```
-
-2. **Install dependencies**
-
-```bash
-  npm install
-```
-
-3. **Compile a new version**
-
-```bash
-  npm run build
-```
-
-4. **Auto-compile new changes**
-
-```bash
-  npm run watch
-```
+> Windows:
+> ```sh
+> winget install Volta.Volta 
+> ```
+> Volta will automatically install and lock the tool versions defined in `package.json`.
 
-5. **Run end-to-end tests**
+1. Clone the repository
 
-```bash
-  npm run test
-```
+   ```bash
+   git clone https://github.com/Flow-Scanner/lightning-flow-scanner.git
+   ```
 
-6. **Linking** **Core Module (Optional)**
+2. Install dependencies:
 
-If you’re developing or testing updates to the core module, you can link it locally:
+   ```bash
+   pnpm install
+   ```
 
-- In the core module directory, run:
-  ```bash
-  npm run link
-  ```
-- In this CLI project directory, run:
-  ```bash
-  npm link @flow-scanner/lightning-flow-scanner-core
-  ```
+3. Compile:
 
----
+   ```bash
+   pnpm run build:vsx
+   ```
 
-## VSCE to VSX
+4. Run tests:
 
-`lightning-flow-scanner-vsce` was unpublished from the Visual Studio and Open VSX Marketplaces due to a vulnerability stemming from unsafe rule loading. The issue was addressed in [core v5](https://github.com/Flow-Scanner/lightning-flow-scanner-core/releases/tag/v5.1.0). This fork, created on 22/09/2025, emphasizes security and maintainability.
+   ```bash
+   pnpm test:vsx
+   ```
 
 <p><strong>Want to help improve Lightning Flow Scanner? See our <a href="https://github.com/Flow-Scanner/lightning-flow-scanner-core?tab=contributing-ov-file">Contributing Guidelines</a></strong></p>