https://github.com/mxlint/mxlint-cli

A set of tools to enhance Mendix app development workflows. They are mainly designed for professionals but should be usable for everybody.
https://github.com/mxlint/mxlint-cli

best-practices golang linting mendix mxlint opa policies rego security xunit

Last synced: 3 days ago
JSON representation

A set of tools to enhance Mendix app development workflows. They are mainly designed for professionals but should be usable for everybody.

• Host: GitHub
• URL: https://github.com/mxlint/mxlint-cli
• Owner: mxlint
• License: agpl-3.0
• Created: 2024-03-25T09:33:05.000Z (over 1 year ago)
• Default Branch: main
• Last Pushed: 2025-09-03T05:46:31.000Z (about 1 month ago)
• Last Synced: 2025-09-03T07:27:06.130Z (about 1 month ago)
• Topics: best-practices, golang, linting, mendix, mxlint, opa, policies, rego, security, xunit
• Language: SCSS
• Homepage: https://mxlint.com
• Size: 57.3 MB
• Stars: 26
• Watchers: 2
• Forks: 9
• Open Issues: 7
• Metadata Files:
  • Readme: README.md
  • License: LICENSE
  • Security: SECURITY.md

Awesome Lists containing this project

README

          
# MxLint CLI

A set of Command line interface tools for Mendix developers, CICD engineers and platform engineers.

> This project is in early development stage. Please use with caution. We are looking for contributors to help us improve the tools. Please create a PR with your changes. We believe in open ecosystem and open source. We are looking forward to your contributions. These can be documentation improvements, bug fixes, new features, etc.

## Mendix Studio Pro extension

The quickest way to try out MxLint is to use it as Mendix Studio pro extension. Follow the instructions at [mxlint-extension](https://github.com/mxlint/mxlint-extension)

## Basic Usage

mxlint-cli is a set of tools to help you with your Mendix projects. As such you can use it in many ways. To give you a feeling what it does. Try the following example:

### Prerequisites

- Mendix Project source

- Operating system: Linux, MacOS, Windows

- Download your platform specific binary from the [releases page](https://github.com/mxlint/mxlint-cli/releases)

- Download the policies from the [releases page](https://github.com/mxlint/mxlint-rules/releases) and extract them to a directory

### Export Mendix model to Yaml

- copy `mxlint-cli` to your project directory

- Open a terminal and navigate to your project directory; ideally use git-bash on Windows or Terminal on MacOS/Linux

- run `./mxlint-cli export-model`

You will see a new directory `modelsource` with the exported Mendix model in Yaml format

It's advisable to add the `mxlint-cli` file to your `.gitignore` file. This way you don't accidentally commit it to your repository.

### Lint Mendix Yaml files

- copy `policies` directory to your project directory

- run `./mxlint-cli lint --xunit-report=report.xml`

You will see a summary of the policy evaluations in the terminal and a report in the `report.xml` file. The report is in xUnit format. You can use it in your CI/CD pipeline.

Do you want to create your own policies? Please refer to our guide [Create new policy](./docs/create-new-policy.md)

## export-model

Mendix models are stored in a binary file with `.mpr` extension. This project exports Mendix model to a human readable format, such as Yaml. This enables developers to use traditional code analysis tools on Mendix models. Think of quality checks like linting, code formatting, etc.

![Mendix Model Exporter](./resources/model-new-entity.png)

See each Mendix document/object as a separate file in the output directory. And see the differences between versions in a version control system. Here we changed the `Documentation` of an entity and added a new `Entity` with one `Attribute`.

#### Pipeline integration

If you do not want to export the model to Yaml on your local machine, you can do it in your pipeline. Here's a high-level example:

```bash

$ ./bin/mxlint-cli-darwin-arm64 export-model -i resources/app-mpr-v1/

INFO[0000] Exporting resources/full-app-v1.mpr to modelsource

INFO[0000] Completed resources/full-app-v1.mpr

$ ./bin/mxlint-cli-darwin-arm64 lint

## policies/001_project_settings/001_0001_anonymous_disabled.rego

PASS (0.00148s) modelsource/Security$ProjectSecurity.yaml

## policies/001_project_settings/001_0002_demo_users_disabled.rego

SKIP (0.00000s) modelsource/Security$ProjectSecurity.yaml

## policies/001_project_settings/001_0003_security_checks.rego

SKIP (0.00000s) modelsource/Security$ProjectSecurity.yaml

## policies/001_project_settings/001_0004_strong_password.rego

SKIP (0.00000s) modelsource/Security$ProjectSecurity.yaml

## policies/002_domain_model/002_0001_number_of_entities.rego

PASS (0.00190s) modelsource/Administration/DomainModels$DomainModel.yaml

PASS (0.00156s) modelsource/Atlas_UI_Resources/DomainModels$DomainModel.yaml

PASS (0.00240s) modelsource/MyFirstModule/DomainModels$DomainModel.yaml

## policies/002_domain_model/002_0002_number_of_attributes.rego

PASS (0.00161s) modelsource/Administration/DomainModels$DomainModel.yaml

PASS (0.00113s) modelsource/Atlas_UI_Resources/DomainModels$DomainModel.yaml

PASS (0.00158s) modelsource/MyFirstModule/DomainModels$DomainModel.yaml

```

## lint

![Mendix Lint report](./resources/lint-xunit-report.png)

Lint Mendix Yaml files. This tool checks for common mistakes and enforces best practices. It uses OPA as policy engine. Therefore policies must be written in the powerful Rego language. Please refer to [Rego language reference](https://www.openpolicyagent.org/docs/latest/policy-reference/) for more information on the syntax and semantics.

### NOQA (Ignore document)

A specific document can be marked as "Skipped" if you have a line in the `documentation` field that starts with either `#noqa` or `# noqa` followed by an optional message (Case in-sensitive). This message will be included as "Skipped" reason in linting results.

## serve

Run a server that exports model and lints whenever the input MPR file changes. This is works in standalone way and via integration with the Mendix Studio Pro extension.

```

./bin/mxlint-cli-darwin-arm64 serve -i . -o modelsource -r rules -p 8084

INFO[0000] Starting server on port 8084

INFO[0000] Watching for changes in /Users/xcheng/project

INFO[0000] Output directory: modelsource

INFO[0000] Rules directory: rules

INFO[0000] Mode: basic

INFO[0000] Debounce time: 500 ms

INFO[0000] HTTP server listening on 127.0.0.1:8084

INFO[0000] Dashboard available at http://localhost:8084

INFO[0000] Initial export and lint

INFO[0000] Running export-model and lint

INFO[0000] Exporting /Users/xcheng/project/App.mpr to modelsource

INFO[0000] Found 361 documents

INFO[0000] Completed /Users/xcheng/project/App.mpr

```

The serve command provides:

- A web dashboard at http://localhost:8084

- An API endpoint at http://localhost:8084/api/results for JSON results

- Automatic re-linting when files change

- Debouncing to prevent excessive processing on rapid changes

## test-rules

Rules can be written in both `Rego` and `JavaScript` format. To speed up rule development we have implemented `test-rules` subcommand that can quickly evaluate your rule against known test scenarios. The test cases are written in `yaml` format. 

```

$ ./bin/mxlint-darwin-arm64 test-rules -r resources/rules

INFO[0000] >> resources/rules/001_0002_demo_users_disabled.js 

INFO[0000] PASS  allow

INFO[0000] PASS  no_allow

INFO[0000] >> resources/rules/001_0003_security_checks.rego 

INFO[0000] PASS  allow

INFO[0000] PASS  no_allow_1

INFO[0000] PASS  no_allow_2

```

### Features

- Export Mendix model to Yaml

- Lint Mendix Yaml files for common mistakes and enforces best practices

- Watch for changes and automatically re-lint

- Serve lint results via HTTP for integration with other tools

- Microflow transformation to more readable format (advanced mode)

- Support for both Rego and JavaScript rules

- Human readable output

## TODO

- [x] Export Mendix model to Yaml

- [x] Improve output human readability

- [x] Linting for Mendix Yaml files

- [x] Create policies for linting

- [x] Output linting results in xUnit format

- [x] Support watching for changes (watch command)

- [x] Serve lint results via HTTP (serve command)

- [x] Basic microflow transformation to more readable format

- [ ] Expand test coverage

- [ ] Support incremental changes for better performance

- [ ] Improve performance for large models

- [ ] Improve error handling

- [ ] Enhance microflow transformation with pseudo code generation

## Contribute

Create a PR with your changes. We will review and merge it.

Rego files must follow the [style guide](https://github.com/StyraInc/rego-style-guide/blob/main/style-guide.md)

Make sure to run the tests before creating a PR:

```bash

make test

```

## License

This project is an initiative of CINAQ. See [LICENSE](./LICENSE). [CINAQ](https://cinaq.com) is a registered trademark of CINAQ B.V.. Mendix is a registered trademark of Mendix B.V. All other trademarks are the property of their respective owners.