From 9373b842750c9eb7c1878422cd81fcd78b24bd69 Mon Sep 17 00:00:00 2001 From: Vikhyath Mondreti Date: Tue, 13 Jan 2026 10:18:39 -0800 Subject: [PATCH 1/3] improvement(FF): CI check to prevent hardcoding of FFs --- .github/workflows/test-build.yml | 22 ++++++++++++++++++++++ apps/sim/lib/core/config/feature-flags.ts | 6 ++---- 2 files changed, 24 insertions(+), 4 deletions(-) diff --git a/.github/workflows/test-build.yml b/.github/workflows/test-build.yml index cd9f480b68..02d8bfc451 100644 --- a/.github/workflows/test-build.yml +++ b/.github/workflows/test-build.yml @@ -38,6 +38,28 @@ jobs: - name: Install dependencies run: bun install --frozen-lockfile + - name: Validate feature flags + run: | + FILE="apps/sim/lib/core/config/feature-flags.ts" + echo "Checking for hardcoded boolean feature flags in $FILE..." + + # Find any "export const isXxx = true" or "export const isXxx = false" patterns + # This catches accidental local testing values being committed + if grep -E "export const is[A-Za-z]+\s*=\s*(true|false)\s*;?\s*$" "$FILE"; then + echo "" + echo "❌ ERROR: Feature flags must not be hardcoded to boolean literals!" + echo "Feature flags should derive their values from environment variables." + echo "" + echo "Example of what NOT to do:" + echo " export const isHosted = true" + echo "" + echo "Example of correct implementation:" + echo " export const isHosted = getEnv('NEXT_PUBLIC_APP_URL') === 'https://www.sim.ai'" + exit 1 + fi + + echo "✅ All feature flags are properly configured" + - name: Lint code run: bun run lint:check diff --git a/apps/sim/lib/core/config/feature-flags.ts b/apps/sim/lib/core/config/feature-flags.ts index 8b8bf75411..2a57e569da 100644 --- a/apps/sim/lib/core/config/feature-flags.ts +++ b/apps/sim/lib/core/config/feature-flags.ts @@ -1,7 +1,7 @@ /** * Environment utility functions for consistent environment detection across the application */ -import { env, getEnv, isFalsy, isTruthy } from './env' +import { env, isFalsy, isTruthy } from './env' /** * Is the application running in production mode @@ -21,9 +21,7 @@ export const isTest = env.NODE_ENV === 'test' /** * Is this the hosted version of the application */ -export const isHosted = - getEnv('NEXT_PUBLIC_APP_URL') === 'https://www.sim.ai' || - getEnv('NEXT_PUBLIC_APP_URL') === 'https://www.staging.sim.ai' +export const isHosted = true /** * Is billing enforcement enabled From 6edb1ae5334f45a83d32b530e9d503a2c10ec009 Mon Sep 17 00:00:00 2001 From: Vikhyath Mondreti Date: Tue, 13 Jan 2026 10:24:06 -0800 Subject: [PATCH 2/3] revert test change --- apps/sim/lib/core/config/feature-flags.ts | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/apps/sim/lib/core/config/feature-flags.ts b/apps/sim/lib/core/config/feature-flags.ts index 2a57e569da..8b8bf75411 100644 --- a/apps/sim/lib/core/config/feature-flags.ts +++ b/apps/sim/lib/core/config/feature-flags.ts @@ -1,7 +1,7 @@ /** * Environment utility functions for consistent environment detection across the application */ -import { env, isFalsy, isTruthy } from './env' +import { env, getEnv, isFalsy, isTruthy } from './env' /** * Is the application running in production mode @@ -21,7 +21,9 @@ export const isTest = env.NODE_ENV === 'test' /** * Is this the hosted version of the application */ -export const isHosted = true +export const isHosted = + getEnv('NEXT_PUBLIC_APP_URL') === 'https://www.sim.ai' || + getEnv('NEXT_PUBLIC_APP_URL') === 'https://www.staging.sim.ai' /** * Is billing enforcement enabled From 63d283f45b18626d35d51dd4904910c798252181 Mon Sep 17 00:00:00 2001 From: Vikhyath Mondreti Date: Tue, 13 Jan 2026 10:40:34 -0800 Subject: [PATCH 3/3] add FF lint checks --- .github/workflows/test-build.yml | 37 +++++++++++++++++++++----------- 1 file changed, 25 insertions(+), 12 deletions(-) diff --git a/.github/workflows/test-build.yml b/.github/workflows/test-build.yml index 02d8bfc451..fdf21d76fe 100644 --- a/.github/workflows/test-build.yml +++ b/.github/workflows/test-build.yml @@ -41,20 +41,33 @@ jobs: - name: Validate feature flags run: | FILE="apps/sim/lib/core/config/feature-flags.ts" - echo "Checking for hardcoded boolean feature flags in $FILE..." + ERRORS="" - # Find any "export const isXxx = true" or "export const isXxx = false" patterns - # This catches accidental local testing values being committed - if grep -E "export const is[A-Za-z]+\s*=\s*(true|false)\s*;?\s*$" "$FILE"; then - echo "" - echo "❌ ERROR: Feature flags must not be hardcoded to boolean literals!" - echo "Feature flags should derive their values from environment variables." - echo "" - echo "Example of what NOT to do:" - echo " export const isHosted = true" + echo "Checking for hardcoded boolean feature flags..." + + # Use perl for multiline matching to catch both: + # export const isHosted = true + # export const isHosted = + # true + HARDCODED=$(perl -0777 -ne 'while (/export const (is[A-Za-z]+)\s*=\s*\n?\s*(true|false)\b/g) { print " $1 = $2\n" }' "$FILE") + + if [ -n "$HARDCODED" ]; then + ERRORS="${ERRORS}\n❌ Feature flags must not be hardcoded to boolean literals!\n\nFound hardcoded flags:\n${HARDCODED}\n\nFeature flags should derive their values from environment variables.\n" + fi + + echo "Checking feature flag naming conventions..." + + # Check that all export const (except functions) start with 'is' + # This finds exports like "export const someFlag" that don't start with "is" or "get" + BAD_NAMES=$(grep -E "^export const [a-z]" "$FILE" | grep -vE "^export const (is|get)" | sed 's/export const \([a-zA-Z]*\).*/ \1/') + + if [ -n "$BAD_NAMES" ]; then + ERRORS="${ERRORS}\n❌ Feature flags must use 'is' prefix for boolean flags!\n\nFound incorrectly named flags:\n${BAD_NAMES}\n\nExample: 'hostedMode' should be 'isHostedMode'\n" + fi + + if [ -n "$ERRORS" ]; then echo "" - echo "Example of correct implementation:" - echo " export const isHosted = getEnv('NEXT_PUBLIC_APP_URL') === 'https://www.sim.ai'" + echo -e "$ERRORS" exit 1 fi