{"id":13590953,"url":"https://github.com/red6/dmn-check","last_synced_at":"2026-01-16T20:24:31.508Z","repository":{"id":25892731,"uuid":"106817657","full_name":"red6/dmn-check","owner":"red6","description":"A tool which performs static analyses on Decision Model Notation (DMN) files to detect bugs","archived":false,"fork":false,"pushed_at":"2026-01-07T10:54:21.000Z","size":7331,"stargazers_count":41,"open_issues_count":9,"forks_count":9,"subscribers_count":5,"default_branch":"master","last_synced_at":"2026-01-14T06:19:41.327Z","etag":null,"topics":["camunda","camunda-modeler-plugin","code-quality","decision-model-notation","dmn","gradle-plugin","java","maven","maven-plugin","static-analysis"],"latest_commit_sha":null,"homepage":"https://red6.github.io/dmn-check/javadoc/","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/red6.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2017-10-13T11:46:22.000Z","updated_at":"2026-01-07T10:54:24.000Z","dependencies_parsed_at":"2024-01-05T00:22:25.283Z","dependency_job_id":"eeada9ff-a6c0-4efd-a255-39a5c8a2da2e","html_url":"https://github.com/red6/dmn-check","commit_stats":null,"previous_names":[],"tags_count":21,"template":false,"template_full_name":null,"purl":"pkg:github/red6/dmn-check","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/red6%2Fdmn-check","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/red6%2Fdmn-check/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/red6%2Fdmn-check/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/red6%2Fdmn-check/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/red6","download_url":"https://codeload.github.com/red6/dmn-check/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/red6%2Fdmn-check/sbom","scorecard":{"id":767397,"data":{"date":"2025-08-19T20:19:02Z","repo":{"name":"github.com/red6/dmn-check","commit":"5bcaa212a2409f2758d0b85ce18a1ecf2e4cdc7d"},"scorecard":{"version":"v5.2.1","commit":"ab2f6e92482462fe66246d9e32f642855a691dc1"},"score":6.9,"checks":[{"name":"Maintained","score":10,"reason":"30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#maintained"}},{"name":"Code-Review","score":-1,"reason":"Found no human activity in the last 15 changesets","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#code-review"}},{"name":"Dependency-Update-Tool","score":10,"reason":"update tool detected","details":["Info: detected update tool: Dependabot: .github/dependabot.yml:1"],"documentation":{"short":"Determines if the project uses a dependency update tool.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#dependency-update-tool"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql-analysis.yml:34","Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:35","Info: jobLevel 'contents' permission set to 'read': .github/workflows/scorecards.yml:29","Info: jobLevel 'actions' permission set to 'read': .github/workflows/scorecards.yml:30","Warn: no topLevel permission defined: .github/workflows/build.yml:1","Info: topLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:29","Info: topLevel 'contents' permission set to 'read': .github/workflows/dependency-review.yml:11","Warn: no topLevel permission defined: .github/workflows/javadoc-publish.yml:1","Warn: no topLevel permission defined: .github/workflows/jib-publish.yml:1","Warn: no topLevel permission defined: .github/workflows/publish.yml:1","Info: topLevel permissions set to 'read-all': .github/workflows/scorecards.yml:18","Warn: no topLevel permission defined: .github/workflows/update-gradle-wrapper.yml:1","Info: topLevel 'contents' permission set to 'read': .github/workflows/validate-gradle-wrapper.yml:5","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#token-permissions"}},{"name":"Pinned-Dependencies","score":10,"reason":"all dependencies are pinned","details":["Info:  25 out of  25 GitHub-owned GitHubAction dependencies pinned","Info:  23 out of  23 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#pinned-dependencies"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#security-policy"}},{"name":"Dangerous-Workflow","score":0,"reason":"dangerous workflow patterns detected","details":["Warn: untrusted code checkout '${{ github.event.pull_request.head.sha }}': .github/workflows/build.yml:30","Warn: untrusted code checkout '${{ github.event.pull_request.head.sha }}': .github/workflows/build.yml:63","Warn: untrusted code checkout '${{ github.event.pull_request.head.sha }}': .github/workflows/build.yml:93"],"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#dangerous-workflow"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#license"}},{"name":"CII-Best-Practices","score":2,"reason":"badge detected: InProgress","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#cii-best-practices"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#signed-releases"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#fuzzing"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/publish.yml:28"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#packaging"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#binary-artifacts"}},{"name":"SAST","score":10,"reason":"SAST tool detected","details":["Info: SAST configuration detected: CodeQL","Info: SAST configuration detected: Sonar","Warn: 28 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#sast"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#branch-protection"}},{"name":"Contributors","score":10,"reason":"project has 6 contributing companies or organizations","details":["Info: found contributions from: NixOS, frankfurt-haskell-user-group, otto-de, red6, red6 enterprise software, yesodweb"],"documentation":{"short":"Determines if the project has a set of contributors from multiple organizations (e.g., companies).","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#contributors"}},{"name":"CI-Tests","score":9,"reason":"14 out of 15 merged PRs checked by a CI test -- score normalized to 9","details":null,"documentation":{"short":"Determines if the project runs tests before pull requests are merged.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#ci-tests"}},{"name":"Vulnerabilities","score":9,"reason":"1 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-23T01:13:11.845Z","repository_id":25892731,"created_at":"2025-08-23T01:13:11.845Z","updated_at":"2025-08-23T01:13:11.845Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28482267,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-16T11:59:17.896Z","status":"ssl_error","status_checked_at":"2026-01-16T11:55:55.838Z","response_time":107,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["camunda","camunda-modeler-plugin","code-quality","decision-model-notation","dmn","gradle-plugin","java","maven","maven-plugin","static-analysis"],"created_at":"2024-08-01T16:00:52.135Z","updated_at":"2026-01-16T20:24:31.487Z","avatar_url":"https://github.com/red6.png","language":"Java","funding_links":[],"categories":["Java"],"sub_categories":[],"readme":"![Build Status](https://github.com/red6/dmn-check/actions/workflows/build.yml/badge.svg)\n[![Javadoc](https://img.shields.io/badge/JavaDoc-Online-green)](https://red6.github.io/dmn-check/javadoc/)\n[![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=red6_dmn-check\u0026metric=alert_status)](https://sonarcloud.io/dashboard?id=red6_dmn-check)\n[![Maven Central Version](https://img.shields.io/maven-central/v/de.redsix/dmn-check.svg)](http://search.maven.org/#search|gav|1|g:\"de.redsix\"%20AND%20a:\"dmn-check\")\n\n# dmn-check\n\nThis is a tool for the validation of [Decision Model Notation (DMN)](https://en.wikipedia.org/wiki/Decision_Model_and_Notation) files. It\nperforms various static analyses to detect inconsistencies and bugs in your decision models.\n\nYou can use `dmn-check` in six ways.\n\n* As a [Maven](https://maven.apache.org/) or [Gradle](https://gradle.org/) plugin that can be integrated into your build\n  process and continues integration to prevent bugs from slipping into your artifacts.\n* Integrated into the [Camunda Modeler](https://camunda.com/products/modeler/) via the dmn-check plugin.\n* Integrated into your custom tools by using the artifacts [dmn-check-core](https://search.maven.org/artifact/de.redsix/dmn-check-core) or\n  [dmn-check-validators](https://search.maven.org/search?q=a:dmn-check-validators).\n* As a standalone CLI tool.\n* As a [Docker image](https://github.com/red6/dmn-check/pkgs/container/dmn-check) (e.g. in your CI pipeline).\n* Integrated in [dmnmgr](https://github.com/davidibl/dmnmgr-client).\n\nCurrently, dmn-check checks among others for the following:\n\n* Duplicate rules\n* Conflicting rules\n* Shadowed rules\n* Types of the expressions\n* Correct use of enumerations\n* Correctly connected requirement graphs\n\nIn section [validations](#validations), you find a complete list with detailed descriptions of what they do.\n\nMost properties and invariants that are validated by `dmn-check` are described informally in\nthe [DMN specification](https://www.omg.org/spec/DMN). In case you have questions about a validation, it might be worth\nskimming the specification.\n\n## Maven Plugin\n\n### Prerequisites\n\nThis plugin requires Java 21 or later and Apache Maven 3 or later. Some analyses are tailored towards the Camunda DMN implementation and\nmight not work for different DMN implementations.\n\n### Usage\n\n`dmn-check` can be used either as a normal Maven plugin inside your projects `pom.xml` or as a standalone program.\n\n#### Configuration in POM\n\nThe following example shows the basic configuration of the plugin:\n\n\t        \u003cplugin\u003e\n                \u003cgroupId\u003ede.redsix\u003c/groupId\u003e\n                \u003cartifactId\u003edmn-check-maven-plugin\u003c/artifactId\u003e\n                \u003cversion\u003e...\u003c/version\u003e\n                \u003cexecutions\u003e\n                    \u003cexecution\u003e\n                        \u003cphase\u003everify\u003c/phase\u003e\n                        \u003cgoals\u003e\n                            \u003cgoal\u003echeck-dmn\u003c/goal\u003e\n                        \u003c/goals\u003e\n                    \u003c/execution\u003e\n                \u003c/executions\u003e\n            \u003c/plugin\u003e\n\nUsing this configuration, the plugin will search all folders of the current project for files with the extension `.dmn` and apply all\navailable validators. It is possible to provide a set of search paths instead, as well as to ignore certain files and specify the validators\nthat should be executed. The following example shows how you can make use of these options by restricting the search path to the\nfolders `src/` and `model/`, as well as ignoring file `test.dmn`. The configuration further specifies that only\nthe [`ShadowedRuleValidator`](#shadowed-rules) should be executed. To specify validators, you have to use the fully qualified name.\n\n                \u003cconfiguration\u003e\n                    \u003csearchPaths\u003e\n                        \u003csearchPath\u003esrc/\u003c/searchPath\u003e\n                        \u003csearchPath\u003emodel/\u003c/searchPath\u003e\n                    \u003c/searchPaths\u003e\n                    \u003cexcludes\u003e\n                        \u003cexclude\u003etest.dmn\u003c/exclude\u003e\n                    \u003c/excludes\u003e\n                    \u003cvalidatorClasses\u003e\n                        \u003cvalidatorClass\u003ede.redsix.dmncheck.validators.ShadowedRuleValidator\u003c/validatorClass\u003e\n                    \u003c/validatorClasses\u003e\n                \u003c/configuration\u003e\n\nAdditionally, the `failOnWarning` (default is false) parameter can be set to fail a Maven execution if there are\nvalidation errors with Warning severity.\n\n                \u003cconfiguration\u003e\n                    \u003cfailOnWarning\u003etrue\u003c/failOnWarning\u003e\n                \u003c/configuration\u003e\n\n#### Standalone Usage\n\nTo use `dmn-check` without or outside a Maven project, you can invoke it in the following way\n\n        mvn de.redsix:dmn-check-maven-plugin:check-dmn\n\n## Gradle Plugin\n\n### Prerequisites\n\nThis plugin requires Java 11 or later and Gradle 6.5 or later. Some analyses are tailored towards the Camunda DMN implementation and\nmight not work for different DMN implementations.\n\n## Integrated in dmnmgr\n\nDmnmgr is _a toolkit incoperating the Camunda DMN implementation and providing tools to develop DMN-based applications in cross-functional teams.\nIt ships with a `dmn-check` integration and visualizes the warnings and errors in the graphical representation of the DMN model. you need to install the [dmnmgr-client](https://github.com/davidibl/dmnmgr-client) and [dmnmgr-server](https://github.com/davidibl/dmnmgr-server) to use it.\n\n## As a Docker container\n\nA Docker image containing `dmn-check` is available from the GitHub Container Registry, and you can pull the latest version by executing\n\n    docker pull ghcr.io/red6/dmn-check:latest\n\nIf you want to use `docker run` to execute `dmn-check` you have to mount the directory containing the DMN files into\nthe container and set the search path appropriately, e.g.\n\n    docker run -v ~/dmn-files:/dmn-files ghcr.io/red6/dmn-check:latest --searchPath=/dmn-files\n\nIf you want to use the Docker image in a Gitlab pipeline, you have to overwrite the entrypoint and call `dmn-check` directly.\nIn the following example of a Gitlab Pipeline, we specify the project classpath as well to make the enum validation possible.\n\n    variables:\n    MAVEN_OPTS: \"-Dmaven.repo.local=.m2/repository\"\n    \n    default:\n      artifacts:\n        paths:\n          - ./cp.txt\n          - .m2/repository\n    \n    stages:\n      - analysis\n    \n    image:\n    name: ghcr.io/red6/dmn-check:latest\n    entrypoint: [ \"\" ]\n    \n    create-classpath-for-dmn-check:\n      image: adoptopenjdk/maven-openjdk11\n      stage: analysis\n      script: mvn dependency:build-classpath --settings .m2/settings.xml --batch-mode -Dmdep.outputFile=cp.txt\n    \n    dmn-check:\n      stage: analysis\n      needs:\n        - create-classpath-for-dmn-check\n      script: |\n        /opt/java/openjdk/bin/java -cp /app/resources:/app/classes:/app/libs/* de.redsix.dmncheck.cli.Main --projectClasspath=$(\u003c cp.txt)\n\n\n## Validations\n\nThe following subsections describe the available validations in detail. The DMN decision tables used in this section are derived from an\nexample on [camunda.org](https://camunda.org/).\n\n### Duplicate Rules\n\nConsider the following DMN decision table with hit policy `UNIQUE`:\n\n|     | Season ᴵᴺᴾᵁᵀ  | How many guests ᴵᴺᴾᵁᵀ | Dish ᴼᵁᵀᴾᵁᵀ |\n| --- | ------------- | --------------------- | ----------- |\n|  1  | \"Fall\"        | \u003c= 8                  | \"Spareribs\" |\n|  2  | \"Winter\"      | \u003c= 8                  | \"Roastbeef\" |\n|  3  | \"Spring\"      | [5..8]                | \"Steak\"     |\n|  4  | \"Winter\"      | \u003c= 8                  | \"Roastbeef\" |\n\nIt is pretty clear that rule number two is a duplicate of rule number four. This is not allowed by the `UNIQUE` hit policy\nand thus an error.\n\n**Definition**: A rule is a duplicate of another rule if and only if all inputs and outputs of those rules are identical.\n\n`dmn-check` will report duplicate rules for all decision tables except for those with hit policy `COLLECT`.\n\n### Conflicting Rules\n\nConflicting rules are somewhat similar to duplicate rules. Consider the following example with hit policy `UNIQUE`:\n\n|     | Season ᴵᴺᴾᵁᵀ  | How many guests ᴵᴺᴾᵁᵀ | Dish ᴼᵁᵀᴾᵁᵀ |\n| --- | ------------- | --------------------- | ----------- |\n|  1  | \"Fall\"        | \u003c= 8                  | \"Spareribs\" |\n|  2  | \"Winter\"      | \u003c= 8                  | \"Roastbeef\" |\n|  3  | \"Spring\"      | [5..8]                | \"Steak\"     |\n|  4  | \"Winter\"      | \u003c= 8                  | \"Stew\"      |\n\nWe look again at rules two and four. This time, all their inputs are identical, but they differ in the output. This is arguably worse than a\nduplicate rule, since it may produce different results depending on the evaluation order of the decision table. Assuming that the runtime\ndoes not detect those inconsistencies.\n\n**Definition**: Rule `r` is in conflict with rule `s` if and only if all inputs of rules `r` and `s` are identical and if they differ\nin at lease one output.\n\n`dmn-check` will report duplicate rules for all decision tables, except for those with hit policy `COLLECT` and `RULE_ORDER`.\n\n### Shadowed Rules\n\nSome rules prevent others from even being considered. Have a look at the following example with hit policy `FIRST`:\n\n|     | Season ᴵᴺᴾᵁᵀ  | How many guests ᴵᴺᴾᵁᵀ | Dish ᴼᵁᵀᴾᵁᵀ |\n| --- | ------------- | --------------------- | ------------|\n|  1  | \"Fall\"        | \u003c= 8                  | \"Spareribs\" |\n|  2  | \"Winter\"      | \u003c= 8                  | \"Roastbeef\" |\n|  3  | –             | –                     | \"Stew\"      |\n|  4  | \"Spring\"      | [5..8]                | \"Steak\"     |\n\nThis example contains no duplicate rules and no conflicting rules. However, all inputs of rule three are empty (represented with a dash in\nthis example). As empty inputs match everything and since we assume hit policy `FIRST` rule four will never match as rule three matches for\nall possible inputs. Therefore, stew is served to the guests of 5 to 8 in Spring. Assuming that each rule serves a purpose, shadowed rules are\nalways an error as they will never be matched.\n\n**Definition**: Rule `r` shadows rule `s` if and only if the inputs of rule `r` matches at least for all values for which the inputs of\nrule `s` match.\n\n`dmn-check` will report duplicate rules for all decision tables except for those with hit policy `COLLECT` and `RULE_ORDER`.\n\n### Types of Expressions\n\nDMN offers a rich expression language called [Friendly Enough Expression Language](https://docs.camunda.io/docs/components/modeler/feel/what-is-feel/) (FEEL) that can be used to describe the conditions for the input entries. However, as with most\nexpression languages, not all syntactically possible expressions are valid (have semantic). `dmn-check` integrates a type checker for the\nFEEL expression language that ensures that a decision table contains only well-typed expressions.\n\nAn example of an ill-typed expression is `[1..true]` which would describe the range between `1` and `true` which is (at lease in FEEL) not a\nvalid expression. In contrast, `[1..9]` is well-typed and describes the numbers from 1 to 9. \n\n| FEEL-Expression  |  Type   |\n| ---------------- | -----   |\n| true             | boolean |\n| [1..3]           | integer |\n| [1..\"string\"]    | ✘       |\n| 1, 2, true       | ✘       |\n| \u003e 5              | integer |\n| \u003e true           | ✘       |\n\nOf course the type declaration is validated as well.\n\n### Correct use of Enumerations\n\nDecision-making often involves a fixed set of values (e.g., a list of supported currencies), and therefore those values are used in DMN\ndecision tables. Those values are often implemented in the form of Java enums. `dmn-check` also to specify the fully qualified class name of an\nenum in the type declaration of the input- / output-column and checks the values in the DMN decision table against the enum implementation.\n\nBy default `dmn-check` uses the project dependencies to resolve the enums. As this is not possible in the Maven \nstandalone mode, you can specify the classpath that is used to resolve the enums\n\n    mvn de.redsix:dmn-check-maven-plugin:check-dmn -Dclasspath=foo.jar,bar.jar\n\n### Correctly Connected Requirement Graphs\n\nThe DMN standard also provides a way to connect decision tables with each other and to model inputs and knowledge sources. The resulting\ngraphs are called [Decision Requirement Graphs (DRG)](https://docs.camunda.org/manual/latest/reference/dmn/drg/).\n\n`dmn-check` verifies that a Decision Requirement Graph\n- is [connected](https://en.wikipedia.org/wiki/Connectivity_(graph_theory)) \n- is [acyclic and directed](https://en.wikipedia.org/wiki/Directed_acyclic_graph)  \n- ensures compatibility of in- and outputs\n- has only one leaf node (i.e., exactly one node determines the output)\n- has no (self-) loops\n\nIn the following example, decision table `Dish` has `Season` and `How many guests` as inputs, but instead of the input `Season` there is an\ninput `Lunar phase` connected to the decision table.\n\n```mermaid\n  graph TD;\n      x(Lunar phase)--\u003eDish;\n      y(How many guests)--\u003eDish;\n      Dish--\u003eBeverages;\n      z(Guests with children)--\u003eBeverages;\n```\n\n### Correct use of Aggregations\n\nThe DMN standard allows the aggregation of values for hit policy collect. For example, you can compute the sum of all\nmatching rows in a decision table. You could use this feature to calculate a credit score.\n\nWe ensure that those aggregations are only applied to columns with a numeric type. In addition, we validate that\naggregations are only used when hit policy collect is used.\n\n### Missing Ids and Names\n\nUsually you do not have to care much about ids and names of DMN elements. However, during upgrades and refactoring, it\nmight happen that an id or a name is lost. Those errors usually stay unnoticed for a long time. Depending on the scenario, \nmissing ids or names might break your decision model or make error analysis tricky.\n\n`dmn-check` validates that the following DMN elements always have an id and a name:\n- Decision\n- Definition\n- InputData\n- ItemDefinition\n- KnowledgeSource\n\n### Allowed Values from `ItemDefinition`s \n\n`ItemDefinition`s are DMNs way to express enumeration. In the definition of an `ItemDefinition` you declare which\nvalues are allowed. Currently, we only validate if the expressions from an `ItemDefintion` is well-typed.\n\n## Related work\n\nWhen we started to work on `dmn-check` we were not are of analysis tools for DMN files that suited our needs and worked in our Camunda flavored\nenvironment. Since then DMN became more popular, and other tools started to provide some analysis capabilities as well. If you want to know how\n`dmn-check` compares to other tools, you can read a comparision in [GCD](#GCD).\n\n### A Tool for the Analysis of DMN Decision Tables\n\nÜlari Laurson and Fabrizio Maria Maggi extended the `dmn-js` editing toolkit of Camunda with analysis capabilities and published it\nat [github.com/ulaurson/dmn-js](https://github.com/ulaurson/dmn-js). The tool is able to detect syntax and type errors and to identify\noverlapping and missing rules. It also is able to simplify decision tables by merging rules. In the demo paper [LM16](#LM16) they describe\nthe tool. Further details about the analyses performed by the tool are published in [CDL+16](#CDL+16).\n\n## References\n\n\u003cb id=\"CDL+16\"\u003eCDL+16\u003c/b\u003e Calvanese, D., Dumas, M., Laurson, Ü., Maggi, F.M., Montali, M., Teinemaa, I.: Semantics and analysis of DMN\ndecision tables. In Proceedings of the 14th International Conference on Business Process Management (BPM) 2016\n\n\u003cb id=\"LM16\"\u003eLM16\u003c/b\u003e Laurson, Ü. and Maggi, F.M., 2016, September. A Tool for the Analysis of DMN Decision Tables. In BPM (Demos) (pp.\n56-60).\n\n\u003cb id=\"BW-a\"\u003eBW-a\u003c/b\u003e Batoulis, K. and Weske, M., A Tool for Checking Soundness of Decision-Aware Business Processes.\n\n\u003cb id=\"BW-b\"\u003eBW-b\u003c/b\u003e Batoulis, K. and Weske, M., Disambiguation of DMN Decision Tables.\n\n\u003cb id=\"FMTV18\"\u003eFMTV18\u003c/b\u003e Figl, K., Mendling, J., Tokdemir, G. and Vanthienen, J., 2018. What we know and what we do not know about DMN.\nEnterprise Modelling and Information Systems Architectures, 13, pp.2-1.\n\n\u003cb id=\"Silver16\"\u003eSilver16\u003c/b\u003e Silver, B., 2016. Decision Table Analysis in DMN.\n\n\u003cb id=\"HDSV17\"\u003eHDSV17\u003c/b\u003e Hasic, F., De Smedt, J. and Vanthienen, J., 2017. Towards assessing the theoretical complexity of the decision\nmodel and notation (dmn). Enterprise, Business-Process and Information Systems Modeling. Springer International Publishing.\n\n\u003cb id=\"GCD\"\u003eGCD\u003c/b\u003e Grohé, C., Corea, C. and Delfmann P, 2021. [DMN 1.0 Verification Capabilities: An Analysis of Current Tool Support](https://www.researchgate.net/publication/353906682_DMN_10_Verification_Capabilities_An_Analysis_of_Current_Tool_Support). Business Process Management Forum, BPM Forum 2021, Rome, Italy.\n\n\u003cb id=\"VPVCG\"\u003e\u003c/b\u003e Valencia-Parra, A., Parody, L., Varela-Vaca, A., Caballero, I., and Gómez-López M., 2020. DMN4DQ: When data quality meets DMN. Journal 'Decision Support Systems'.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fred6%2Fdmn-check","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fred6%2Fdmn-check","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fred6%2Fdmn-check/lists"}