feat: comprehensive nanoflow support — CREATE, DROP, CALL, GRANT/REVOKE, SHOW ACCESS, MERMAID#10
Open
feat: comprehensive nanoflow support — CREATE, DROP, CALL, GRANT/REVOKE, SHOW ACCESS, MERMAID#10
Conversation
This was referenced Apr 24, 2026
retran
force-pushed
the
pr4-nanoflows-all
branch
5 times, most recently
from
aafbfae to
993bd47
Compare
There was a problem hiding this comment.
Pull request overview
Adds end-to-end nanoflow support to mxcli/MDL to reach parity with existing microflow functionality, spanning grammar/AST, executor behavior, SDK BSON parsing/writing, Mermaid rendering, and test/docs updates.
Changes:
- Extends MDL grammar + AST + visitors to support
CREATE/DROP NANOFLOW,CALL NANOFLOW(in flow bodies),GRANT/REVOKE EXECUTE ON NANOFLOW, andSHOW ACCESS ON NANOFLOW. - Implements executor handlers for nanoflow lifecycle + access control + Mermaid rendering, plus validation and reference-checking updates.
- Adds SDK nanoflow parsing/serialization (including
NanoflowCallAction) and roundtrip tests, plus new documentation and test plans.
Reviewed changes
Copilot reviewed 53 out of 56 changed files in this pull request and generated 7 comments.
Show a summary per file
| File | Description |
|---|---|
| sdk/mpr/writer_security_test.go | Minor formatting fix in existing security writer test. |
| sdk/mpr/writer_microflow_actions.go | Adds BSON serialization for Microflows$NanoflowCallAction. |
| sdk/mpr/writer_microflow.go | Implements nanoflow BSON serialization including flows/return type/object collection. |
| sdk/mpr/roundtrip_test.go | Adds nanoflow roundtrip tests (baseline + synthetic). |
| sdk/mpr/parser_nanoflow.go | Parses AllowedModuleRoles for nanoflows. |
| sdk/mpr/parser_microflow_actions.go | Adds parser for NanoflowCallAction. |
| sdk/mpr/parser_microflow.go | Registers Microflows$NanoflowCallAction parser. |
| sdk/microflows/microflows_actions.go | Introduces SDK types: NanoflowCallAction, NanoflowCall, mappings. |
| sdk/microflows/microflows.go | Adds AllowedModuleRoles to Nanoflow model. |
| mdl/visitor/visitor_security.go | Builds GRANT/REVOKE nanoflow access AST statements. |
| mdl/visitor/visitor_query.go | Extends SHOW ACCESS to include NANOFLOW. |
| mdl/visitor/visitor_microflow_statements.go | Allows CALL NANOFLOW in flow body statements + annotations wiring. |
| mdl/visitor/visitor_microflow_actions.go | Builds CallNanoflowStmt from parse tree. |
| mdl/visitor/visitor_microflow.go | Builds CreateNanoflowStmt from parse tree. |
| mdl/visitor/visitor_entity.go | Extends DROP to include NANOFLOW. |
| mdl/grammar/parser/mdlparser_listener.go | Generated listener interface updates for new productions. |
| mdl/grammar/parser/mdlparser_base_listener.go | Generated base listener updates for new productions. |
| mdl/grammar/MDLParser.g4 | Adds grammar for create/call nanoflow + access grant/revoke + SHOW ACCESS ON NANOFLOW. |
| mdl/executor/validate_microflow.go | Treats CallNanoflowStmt like other statements for naming/vars/error-handling. |
| mdl/executor/validate.go | Tracks nanoflow defs; validates nanoflow bodies; adds nanoflow forward-ref/ref checks. |
| mdl/executor/stmt_summary.go | Adds summaries for nanoflow grant/revoke statements. |
| mdl/executor/roundtrip_nanoflow_test.go | Integration tests (build tag) covering nanoflow commands end-to-end. |
| mdl/executor/registry_test.go | Registers new nanoflow statement types in known-statement list. |
| mdl/executor/registry.go | Routes registration via combined microflow/nanoflow handler registrar. |
| mdl/executor/register_stubs.go | Registers create/drop nanoflow and security handlers. |
| mdl/executor/nanoflow_validation.go | Adds nanoflow-specific body/return-type validation. |
| mdl/executor/executor_query.go | Wires SHOW ACCESS ON NANOFLOW execution. |
| mdl/executor/executor.go | Adds executor caches for created/dropped nanoflows. |
| mdl/executor/exec_context.go | Tracks created nanoflows in executor session cache. |
| mdl/executor/cmd_security_write.go | Implements GRANT/REVOKE EXECUTE ON NANOFLOW. |
| mdl/executor/cmd_security.go | Implements SHOW ACCESS ON NANOFLOW. |
| mdl/executor/cmd_nanoflows_mock_test.go | Adds mock-based unit tests for nanoflow commands/validation. |
| mdl/executor/cmd_nanoflows_drop.go | Implements DROP NANOFLOW execution. |
| mdl/executor/cmd_nanoflows_create.go | Implements CREATE (OR MODIFY) NANOFLOW execution + graph building. |
| mdl/executor/cmd_microflows_format_action.go | Formats NanoflowCallAction in DESCRIBE output. |
| mdl/executor/cmd_microflows_builder_validate.go | Adds builder validation for CallNanoflowStmt outputs/error blocks. |
| mdl/executor/cmd_microflows_builder_graph.go | Adds graph builder dispatch for CallNanoflowStmt. |
| mdl/executor/cmd_microflows_builder_calls.go | Builds NanoflowCallAction from CALL NANOFLOW statements. |
| mdl/executor/cmd_microflows_builder_annotations.go | Exposes annotations for CallNanoflowStmt. |
| mdl/executor/cmd_microflows_builder.go | Adds backend lookup for nanoflow return types. |
| mdl/executor/cmd_mermaid_mock_test.go | Updates Mermaid unsupported-type test now that nanoflow is supported. |
| mdl/executor/cmd_mermaid.go | Adds Mermaid rendering for nanoflows and shares entity-name building logic. |
| mdl/executor/cmd_diff_mdl.go | Adds diff rendering for CallNanoflowStmt. |
| mdl/ast/ast_security.go | Adds AST statement types for nanoflow grant/revoke access. |
| mdl/ast/ast_query.go | Adds ShowAccessOnNanoflow enum value. |
| mdl/ast/ast_microflow.go | Adds CreateNanoflowStmt, DropNanoflowStmt, CallNanoflowStmt. |
| docs/15-testing/nanoflow-test-cases.md | Adds comprehensive manual test plan (needs updates per review comments). |
| docs/11-proposals/show-describe-nanoflows.md | Marks older proposal as superseded. |
| docs/11-proposals/PROPOSAL_nanoflow_support.md | Adds consolidated proposal doc (needs updates per review comments). |
| docs/06-mdl-reference/grammar-reference.md | Documents createNanoflowStatement in grammar reference. |
| docs/05-mdl-specification/01-language-reference.md | Adds language-reference entries for nanoflow commands (needs updates per review comments). |
| docs/01-project/MDL_QUICK_REFERENCE.md | Adds quick reference entries for nanoflow commands (needs updates per review comments). |
| docs/01-project/MDL_FEATURE_MATRIX.md | Updates feature matrix to reflect nanoflow support + Mermaid. |
| .claude/skills/mendix/write-nanoflows.md | Adds “write nanoflows” skill doc (contains inaccuracies per review comments). |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
retran
force-pushed
the
pr4-nanoflows-all
branch
2 times, most recently
from
381769d to
513582a
Compare
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 53 out of 56 changed files in this pull request and generated 3 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
retran
force-pushed
the
pr4-nanoflows-all
branch
2 times, most recently
from
69fc322 to
2692d87
Compare
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 53 out of 56 changed files in this pull request and generated 3 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
retran
force-pushed
the
pr3-type-assertion-hardening
branch
from
72a49c8 to
c66c06e
Compare
retran
force-pushed
the
pr4-nanoflows-all
branch
2 times, most recently
from
8f21363 to
e36b9ae
Compare
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 53 out of 56 changed files in this pull request and generated no new comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 73 out of 76 changed files in this pull request and generated 3 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
retran
force-pushed
the
pr4-nanoflows-all
branch
from
2cb4ef0 to
b89c720
Compare
retran
force-pushed
the
pr3-type-assertion-hardening
branch
from
c66c06e to
42ffd35
Compare
retran
force-pushed
the
pr4-nanoflows-all
branch
from
b89c720 to
6d1aaec
Compare
retran
force-pushed
the
pr3-type-assertion-hardening
branch
from
42ffd35 to
acb3107
Compare
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 73 out of 76 changed files in this pull request and generated 3 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 73 out of 76 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 73 out of 76 changed files in this pull request and generated no new comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
retran
force-pushed
the
pr4-nanoflows-all
branch
2 times, most recently
from
5b17c36 to
2a0f486
Compare
retran
force-pushed
the
pr3-type-assertion-hardening
branch
from
acb3107 to
62b5a16
Compare
retran
force-pushed
the
pr4-nanoflows-all
branch
from
2a0f486 to
3ff3064
Compare
- SHOW ACCESS ON NANOFLOW — query nanoflow security grants - DESCRIBE MERMAID for nanoflows via CLI --format mermaid - Nanoflow diff support — unified diff output for modified nanoflows - JavaScript action BSON parsing (read path) - NanoflowCallAction formatter for DESCRIBE output - Hard-code nanoflow $Type to "Microflows$Nanoflow" - Preserve AllowedModuleRoles through drop/recreate cycles - Validate module existence, numeric return types, empty names - Normalize empty-then branches in DESCRIBE for readable if/else - Expression spacing fix (not() parenthesization)
- Document intentional behaviors in nanoflow test plan - Add nanoflow references to ARCHITECTURE, CLAUDE, CHANGELOG - Update MDL_FEATURE_MATRIX, MDL_QUICK_REFERENCE, language reference - Add nanoflow examples to agentic skills (security, pages, validation) - Add nanoflow MDL examples to doctype-tests
- Propagate describeNanoflow errors in diff command - Match create-or-modify pattern in diff output - Add nanoflow-specific fields (@excluded, folder, comment) to MDL output - Guard empty-then swap edge case in if/else normalization - Handle missing JS action references gracefully in formatter - Harden negation expression rendering
…e fix Full pipeline for `call javascript action` syntax: - Grammar rule, AST node, visitor, builder, validator, BSON serializer - JavaScript actions allowed in nanoflows (client-side), disallowed check skips them correctly - Separate JS action reference validation from Java action validation Association retrieve roundtrip fix: - Preserve AssociationRetrieveSource on roundtrip instead of converting to DatabaseRetrieveSource with XPath for reverse traversals
retran
force-pushed
the
pr4-nanoflows-all
branch
from
3ff3064 to
74e5ea1
Compare
…ixes
- Add Nanoflow Mapping section to BSON mapping documentation
- Add create_nanoflow Go example with 4 nanoflow patterns
- Update CHANGELOG with JS action syntax and association retrieve entries
- Add nanoflow datasource option to create-page skill
- Update SDK_EQUIVALENCE nanoflow feature list
- Exhaustive nanoflow denylist test (21 disallowed + JS action allowed)
- Document denylist ordering dependency in error handling
- Fix isNumericLiteral: reject trailing dot ("5." → false)
retran
force-pushed
the
pr4-nanoflows-all
branch
from
74e5ea1 to
8b23f02
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Why
Nanoflows are a core Mendix document type for mobile and offline-first apps. Until this PR, mxcli had read-only nanoflow support (SHOW, DESCRIBE) but could not create, modify, or manage nanoflows — blocking agentic workflows that need to scaffold, refactor, or secure nanoflow logic.
This gap was visible in the feature matrix: nanoflows lagged far behind microflows in every dimension. This PR brings nanoflows to full feature parity with microflows across grammar, executor, SDK, validation, visualization, and security management.
Proposal: docs/11-proposals/PROPOSAL_nanoflow_support.md
Test plan: docs/15-testing/nanoflow-test-cases.md (18 sections, 123 test cases)
What Changed
New MDL commands
CREATE [OR MODIFY] NANOFLOWDROP NANOFLOWCALL NANOFLOWCALL JAVASCRIPT ACTIONGRANT EXECUTE ON NANOFLOWREVOKE EXECUTE ON NANOFLOWSHOW ACCESS ON NANOFLOWMOVE NANOFLOWRENAME NANOFLOWDIFF(nanoflow support).mprversionsCLI enhancements
describe nanoflow --format mermaid— generates Mermaid flowchart diagrams for nanoflows (same--formatflag already supported for microflows and domain models)Validation
Type-switch validation rejects 21 actions that Mendix does not allow in nanoflows (e.g., database commit, Java actions, import/export). Entity resolver errors propagate upfront — no silent failures on invalid parameter or return types.
Bug fixes and improvements
call javascript action Module.ActionName(params)— grammar rule, parser, AST node, visitor, builder, validation, serializer. JS actions roundtrip correctly through describe → drop → create cycle.retrieve $X from $Y/Module.Associationsyntax preserved on roundtrip. Previously, the builder converted association retrieves to database retrieves with XPath constraints on reverse traversals.serializeNanoflow()was incomplete — missing ReturnType, ObjectCollection, and Flows. Created nanoflows lost their body when written to.mpr.NanoflowCallActionBSON field corrected fromResultVariableNametoOutputVariableName.$prefix.NanoflowCallActionerror handling type resolved correctly.not()expression spacing preserved on roundtrip.NanoflowCallAction.AllowedModuleRolespreserved through drop/recreate cycle.Agentic skill
New Claude Code skill at
.claude/skills/mendix/write-nanoflows.md— guides AI agents through nanoflow creation with MDL syntax, parameter types, body actions, security management, and validation rules.Shared helpers
buildEntityNamesextracted to eliminate duplication between microflow and nanoflow Mermaid rendering.serializeNanoflow()fully rewritten to serialize body, flows, return type, and parameters.Testing
Automated tests (all pass with
make build && make test && make lint-go):roundtrip_nanoflow_test.go) — CREATE, DROP, CALL, GRANT/REVOKE, SHOW, MOVE, RENAME, MERMAID, validation, error pathscmd_nanoflows_mock_test.go) — not-connected guards, duplicate handling, idempotent grant/revoke, all 21 disallowed actions, nested body validationroundtrip_test.go) — parse→serialize→parse cycle with activities, flows, and rolesManual testing: 18-section test plan (123 test cases) executed against 3 App Gallery demo projects (223 nanoflows total). All tests pass except 2 inconclusive (no test data for page integration scenarios).
Known limitations
find($x,'y')→find($x, 'y'))Documentation updated
MDL_FEATURE_MATRIX.md— nanoflow row reflects implemented stateMDL_QUICK_REFERENCE.md— added CREATE, MOVE, GRANT/REVOKE, SHOW ACCESS nanoflow syntax01-language-reference.md— added CREATE/DROP/GRANT/REVOKE nanoflow sectionsgrammar-reference.md— addedcreateNanoflowStatement,dropNanoflowStatement,callJavaScriptActionStatementPROPOSAL_nanoflow_support.md— rewritten from proposal to feature descriptionnanoflow-test-cases.md— comprehensive QA test plan (18 sections, 123 test cases)10-bson-mapping.md— added Nanoflow Mapping section with type differences, allowed actions, JS action field mappingexamples/create_nanoflow/— new Go example with 4 nanoflow patternsCHANGELOG.md— unreleased entries for all nanoflow featuresSDK_EQUIVALENCE.md— updated nanoflow CRUD feature listStats
79 files changed, +18,227 / −10,284 lines, 8 commits
Grammar → AST → Visitor → Executor → SDK → Tests → Docs — full pipeline coverage.