fix(leanix-bridge): validate mapping partials and export parseLeanixMappingInput

[sraphaz]

Summary

This PR contains @likec4/leanix-bridge code and tests only, scoped for a focused review:

• parseLeanixMappingInput: validate untrusted partial LeanIX mapping (e.g. from YAML/JSON) before merge — plain object, allowed top-level keys only, string records for factSheetTypes, relationTypes, and metadataToFields.
• mergeWithDefault: uses parseLeanixMappingInput so invalid partials fail fast.
• Tests: root shape, unknown keys, non-string values in all three record fields.
• Export: parseLeanixMappingInput re-exported from the package entrypoint.

Includes changeset: .changeset/leanix-bridge-mapping-validation.md.

Companion (docs / skills / MCP copy): #2828 — no file overlap; either can merge first.

Motivation

Keeps LeanIX bridge validation and tests in a small, reviewable PR. Documentation and agent skills live in the companion PR above.

Verification

Per CONTRIBUTING, run tests with pnpm test after a clean tree.

Stale compiled *.js files under packages/*/src/ are gitignored (see .gitignore — “Compiled artifacts (do not commit)”). If they are left on disk from a previous local build, Vite/Vitest may resolve those before the .ts sources and produce misleading failures (wrong module graph, snapshot drift). pnpm clean (and removing any remaining ignored packages/*/src/**/*.js if needed) restores the layout the maintainers expect before running pnpm test.

After a clean, run pnpm generate if packages/language-server fails with missing generated/* (see AGENTS.md).

Suggested local sequence: pnpm clean → pnpm install (if needed) → pnpm generate (if needed) → pnpm test.

This PR does not change the diagram app or docs site UI; Playwright E2E viewports (pnpm test:e2e) are optional for reviewers here and are not required to validate these package-only changes.

Checklist

• I've thoroughly read the latest contribution guidelines.
• I've rebased my branch onto main before creating this PR.
• My commit messages follow conventional spec
• I've added tests to cover my changes (if applicable).
• I've verified that all new and existing tests have passed locally for mobile, tablet, and desktop screen sizes. (N/A — no UI/diagram changes; use pnpm test:e2e only if you want full Playwright coverage unrelated to this diff.)
• My change requires documentation updates.
• I've updated the documentation accordingly.

(Lines 11–12 are intentionally unchecked: this PR does not edit user-facing documentation files. Documentation and skills ship in #2828; this PR only adds the @likec4/leanix-bridge changeset.)

[changeset-bot]

🦋 Changeset detected

Latest commit: b6764d4

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 20 packages

Name	Type
@likec4/leanix-bridge	Patch
likec4	Patch
likec4-vscode	Patch
@likec4/docs-astro	Patch
@likec4/playground	Patch
@likec4/style-preset	Patch
@likec4/styles	Patch
@likec4/config	Patch
@likec4/core	Patch
@likec4/diagram	Patch
@likec4/generators	Patch
@likec4/language-server	Patch
@likec4/language-services	Patch
@likec4/layouts	Patch
@likec4/log	Patch
@likec4/mcp	Patch
@likec4/react	Patch
@likec4/tsconfig	Patch
@likec4/vite-plugin	Patch
@likec4/vscode-preview	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[coderabbitai]

📝 Walkthrough

Walkthrough

A new parseLeanixMappingInput validation function is added to the LeanIX bridge package to validate untrusted mapping configuration inputs, ensuring they contain only allowed keys and proper string values. The function is exported publicly and integrated into the existing mergeWithDefault function for automatic input validation.

Changes

Cohort / File(s)	Summary
Validation Implementation packages/leanix-bridge/src/mapping.ts, packages/leanix-bridge/src/mapping.spec.ts	Added parseLeanixMappingInput function to validate mapping inputs, rejecting non-plain objects, unknown keys, and non-string values in mapping sections. Updated mergeWithDefault to validate partial inputs via the new function. Includes comprehensive test coverage for validation behavior.
Public API Export packages/leanix-bridge/src/index.ts	Re-exported parseLeanixMappingInput as part of the package's public API surface.
Release Documentation .changeset/leanix-bridge-mapping-validation.md	Added changeset entry documenting patch version bump with note on mapping validation improvements.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Suggested reviewers

• davydkov

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately and specifically summarizes the main changes: adding validation for LeanIX mapping inputs and exporting the validation function.
Description check	✅ Passed	The description is comprehensive and addresses all key aspects: clear summary of changes, motivation, verification instructions, and explicit documentation of unchecked checklist items with rationale.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

🧹 Nitpick comments (2)

packages/leanix-bridge/src/mapping.ts (1)

45-47: Consider using TypeError for type validation errors.

Per JavaScript conventions and the static analysis hint, type check errors should throw TypeError rather than Error for better semantic clarity.

♻️ Proposed fix

   if (typeof input !== 'object' || Array.isArray(input)) {
-    throw new Error('LeanIX mapping must be a plain object (not an array or primitive)')
+    throw new TypeError('LeanIX mapping must be a plain object (not an array or primitive)')
   }

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@packages/leanix-bridge/src/mapping.ts` around lines 45 - 47, The type-check
that currently throws new Error('LeanIX mapping must be a plain object (not an
array or primitive)') should throw a TypeError instead; update the throw in the
input validation branch (the if block checking typeof input !== 'object' ||
Array.isArray(input')) to throw new TypeError with the same message so type
validation errors use the correct Error subclass (locate this in the mapping.ts
validation logic where input is checked).

packages/leanix-bridge/src/mapping.spec.ts (1)

11-47: Good test coverage for the new validation function.

The tests appropriately cover null/undefined passthrough, empty object acceptance, root type validation, unknown key rejection, and non-string value validation for all three record fields.

Consider adding a positive test case for a fully valid config to complement the rejection tests:

💡 Optional: Add valid full config test

     it('accepts empty object', () => {
       expect(parseLeanixMappingInput({})).toEqual({})
     })
+
+    it('accepts valid full config', () => {
+      const validConfig = {
+        factSheetTypes: { system: 'Application' },
+        relationTypes: { default: 'depends on' },
+        metadataToFields: { title: 'name' },
+      }
+      expect(parseLeanixMappingInput(validConfig)).toEqual(validConfig)
+    })

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@packages/leanix-bridge/src/mapping.spec.ts` around lines 11 - 47, Add a
positive unit test that asserts parseLeanixMappingInput returns the expected
normalized object for a fully valid config: create a test in the
describe('parseLeanixMappingInput') block that calls parseLeanixMappingInput
with an object containing valid string-valued factSheetTypes, relationTypes, and
metadataToFields entries and expects the parsed result to equal the same (or
normalized) object; reference the parseLeanixMappingInput symbol and place the
test alongside the existing "accepts empty object" and rejection tests to ensure
a successful round-trip for valid input.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@packages/leanix-bridge/src/mapping.spec.ts`:
- Around line 11-47: Add a positive unit test that asserts
parseLeanixMappingInput returns the expected normalized object for a fully valid
config: create a test in the describe('parseLeanixMappingInput') block that
calls parseLeanixMappingInput with an object containing valid string-valued
factSheetTypes, relationTypes, and metadataToFields entries and expects the
parsed result to equal the same (or normalized) object; reference the
parseLeanixMappingInput symbol and place the test alongside the existing
"accepts empty object" and rejection tests to ensure a successful round-trip for
valid input.

In `@packages/leanix-bridge/src/mapping.ts`:
- Around line 45-47: The type-check that currently throws new Error('LeanIX
mapping must be a plain object (not an array or primitive)') should throw a
TypeError instead; update the throw in the input validation branch (the if block
checking typeof input !== 'object' || Array.isArray(input')) to throw new
TypeError with the same message so type validation errors use the correct Error
subclass (locate this in the mapping.ts validation logic where input is
checked).

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 59a33607-a970-4016-a89a-c6799b87107c

📥 Commits

Reviewing files that changed from the base of the PR and between 0a4af22 and b6764d4.

📒 Files selected for processing (4)

• .changeset/leanix-bridge-mapping-validation.md
• packages/leanix-bridge/src/index.ts
• packages/leanix-bridge/src/mapping.spec.ts
• packages/leanix-bridge/src/mapping.ts