feat: comprehensive nanoflow support — CREATE, DROP, CALL, GRANT/REVOKE, SHOW ACCESS, MERMAID#10
Open
retran wants to merge 5 commits intopr3-type-assertion-hardeningfrom
Open
feat: comprehensive nanoflow support — CREATE, DROP, CALL, GRANT/REVOKE, SHOW ACCESS, MERMAID#10retran wants to merge 5 commits intopr3-type-assertion-hardeningfrom
retran wants to merge 5 commits intopr3-type-assertion-hardeningfrom
Conversation
This was referenced Apr 24, 2026
retran
force-pushed
the
pr4-nanoflows-all
branch
5 times, most recently
from
aafbfae to
993bd47
Compare
There was a problem hiding this comment.
Pull request overview
Adds end-to-end nanoflow support to mxcli/MDL to reach parity with existing microflow functionality, spanning grammar/AST, executor behavior, SDK BSON parsing/writing, Mermaid rendering, and test/docs updates.
Changes:
- Extends MDL grammar + AST + visitors to support
CREATE/DROP NANOFLOW,CALL NANOFLOW(in flow bodies),GRANT/REVOKE EXECUTE ON NANOFLOW, andSHOW ACCESS ON NANOFLOW. - Implements executor handlers for nanoflow lifecycle + access control + Mermaid rendering, plus validation and reference-checking updates.
- Adds SDK nanoflow parsing/serialization (including
NanoflowCallAction) and roundtrip tests, plus new documentation and test plans.
Reviewed changes
Copilot reviewed 53 out of 56 changed files in this pull request and generated 7 comments.
Show a summary per file
| File | Description |
|---|---|
| sdk/mpr/writer_security_test.go | Minor formatting fix in existing security writer test. |
| sdk/mpr/writer_microflow_actions.go | Adds BSON serialization for Microflows$NanoflowCallAction. |
| sdk/mpr/writer_microflow.go | Implements nanoflow BSON serialization including flows/return type/object collection. |
| sdk/mpr/roundtrip_test.go | Adds nanoflow roundtrip tests (baseline + synthetic). |
| sdk/mpr/parser_nanoflow.go | Parses AllowedModuleRoles for nanoflows. |
| sdk/mpr/parser_microflow_actions.go | Adds parser for NanoflowCallAction. |
| sdk/mpr/parser_microflow.go | Registers Microflows$NanoflowCallAction parser. |
| sdk/microflows/microflows_actions.go | Introduces SDK types: NanoflowCallAction, NanoflowCall, mappings. |
| sdk/microflows/microflows.go | Adds AllowedModuleRoles to Nanoflow model. |
| mdl/visitor/visitor_security.go | Builds GRANT/REVOKE nanoflow access AST statements. |
| mdl/visitor/visitor_query.go | Extends SHOW ACCESS to include NANOFLOW. |
| mdl/visitor/visitor_microflow_statements.go | Allows CALL NANOFLOW in flow body statements + annotations wiring. |
| mdl/visitor/visitor_microflow_actions.go | Builds CallNanoflowStmt from parse tree. |
| mdl/visitor/visitor_microflow.go | Builds CreateNanoflowStmt from parse tree. |
| mdl/visitor/visitor_entity.go | Extends DROP to include NANOFLOW. |
| mdl/grammar/parser/mdlparser_listener.go | Generated listener interface updates for new productions. |
| mdl/grammar/parser/mdlparser_base_listener.go | Generated base listener updates for new productions. |
| mdl/grammar/MDLParser.g4 | Adds grammar for create/call nanoflow + access grant/revoke + SHOW ACCESS ON NANOFLOW. |
| mdl/executor/validate_microflow.go | Treats CallNanoflowStmt like other statements for naming/vars/error-handling. |
| mdl/executor/validate.go | Tracks nanoflow defs; validates nanoflow bodies; adds nanoflow forward-ref/ref checks. |
| mdl/executor/stmt_summary.go | Adds summaries for nanoflow grant/revoke statements. |
| mdl/executor/roundtrip_nanoflow_test.go | Integration tests (build tag) covering nanoflow commands end-to-end. |
| mdl/executor/registry_test.go | Registers new nanoflow statement types in known-statement list. |
| mdl/executor/registry.go | Routes registration via combined microflow/nanoflow handler registrar. |
| mdl/executor/register_stubs.go | Registers create/drop nanoflow and security handlers. |
| mdl/executor/nanoflow_validation.go | Adds nanoflow-specific body/return-type validation. |
| mdl/executor/executor_query.go | Wires SHOW ACCESS ON NANOFLOW execution. |
| mdl/executor/executor.go | Adds executor caches for created/dropped nanoflows. |
| mdl/executor/exec_context.go | Tracks created nanoflows in executor session cache. |
| mdl/executor/cmd_security_write.go | Implements GRANT/REVOKE EXECUTE ON NANOFLOW. |
| mdl/executor/cmd_security.go | Implements SHOW ACCESS ON NANOFLOW. |
| mdl/executor/cmd_nanoflows_mock_test.go | Adds mock-based unit tests for nanoflow commands/validation. |
| mdl/executor/cmd_nanoflows_drop.go | Implements DROP NANOFLOW execution. |
| mdl/executor/cmd_nanoflows_create.go | Implements CREATE (OR MODIFY) NANOFLOW execution + graph building. |
| mdl/executor/cmd_microflows_format_action.go | Formats NanoflowCallAction in DESCRIBE output. |
| mdl/executor/cmd_microflows_builder_validate.go | Adds builder validation for CallNanoflowStmt outputs/error blocks. |
| mdl/executor/cmd_microflows_builder_graph.go | Adds graph builder dispatch for CallNanoflowStmt. |
| mdl/executor/cmd_microflows_builder_calls.go | Builds NanoflowCallAction from CALL NANOFLOW statements. |
| mdl/executor/cmd_microflows_builder_annotations.go | Exposes annotations for CallNanoflowStmt. |
| mdl/executor/cmd_microflows_builder.go | Adds backend lookup for nanoflow return types. |
| mdl/executor/cmd_mermaid_mock_test.go | Updates Mermaid unsupported-type test now that nanoflow is supported. |
| mdl/executor/cmd_mermaid.go | Adds Mermaid rendering for nanoflows and shares entity-name building logic. |
| mdl/executor/cmd_diff_mdl.go | Adds diff rendering for CallNanoflowStmt. |
| mdl/ast/ast_security.go | Adds AST statement types for nanoflow grant/revoke access. |
| mdl/ast/ast_query.go | Adds ShowAccessOnNanoflow enum value. |
| mdl/ast/ast_microflow.go | Adds CreateNanoflowStmt, DropNanoflowStmt, CallNanoflowStmt. |
| docs/15-testing/nanoflow-test-cases.md | Adds comprehensive manual test plan (needs updates per review comments). |
| docs/11-proposals/show-describe-nanoflows.md | Marks older proposal as superseded. |
| docs/11-proposals/PROPOSAL_nanoflow_support.md | Adds consolidated proposal doc (needs updates per review comments). |
| docs/06-mdl-reference/grammar-reference.md | Documents createNanoflowStatement in grammar reference. |
| docs/05-mdl-specification/01-language-reference.md | Adds language-reference entries for nanoflow commands (needs updates per review comments). |
| docs/01-project/MDL_QUICK_REFERENCE.md | Adds quick reference entries for nanoflow commands (needs updates per review comments). |
| docs/01-project/MDL_FEATURE_MATRIX.md | Updates feature matrix to reflect nanoflow support + Mermaid. |
| .claude/skills/mendix/write-nanoflows.md | Adds “write nanoflows” skill doc (contains inaccuracies per review comments). |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
retran
force-pushed
the
pr4-nanoflows-all
branch
2 times, most recently
from
381769d to
513582a
Compare
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 53 out of 56 changed files in this pull request and generated 3 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
retran
force-pushed
the
pr4-nanoflows-all
branch
2 times, most recently
from
69fc322 to
2692d87
Compare
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 53 out of 56 changed files in this pull request and generated 3 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
retran
force-pushed
the
pr3-type-assertion-hardening
branch
from
72a49c8 to
c66c06e
Compare
…plan, docs and proposal update
retran
force-pushed
the
pr4-nanoflows-all
branch
from
2692d87 to
f2663d7
Compare
…drop, fix PR ref in superseded proposal
retran
force-pushed
the
pr4-nanoflows-all
branch
from
8f21363 to
e36b9ae
Compare
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 53 out of 56 changed files in this pull request and generated no new comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Why
Nanoflows are a core Mendix document type used heavily in mobile and offline-first apps. Until this PR, mxcli had read-only support (SHOW/DESCRIBE) but no ability to create, modify, or manage nanoflows programmatically. This blocked agentic workflows that need to scaffold or refactor nanoflow logic — a gap visible in the feature matrix where nanoflows lagged far behind microflows.
This PR closes that gap by bringing nanoflows to full feature parity with microflows across all mxcli layers: grammar, executor, SDK, validation, visualization, and security management.
Summary
52 files changed across grammar, AST, visitor, executor, SDK, and docs.
New commands:
CREATE [OR MODIFY] NANOFLOW— with body, parameters, return type, folder placementDROP NANOFLOWCALL NANOFLOW(inside flow bodies — valid in both microflows and nanoflows)GRANT/REVOKE EXECUTE ON NANOFLOWSHOW ACCESS ON NANOFLOWDESCRIBE MERMAID NANOFLOWKey implementation details:
NanoflowCallActionwith correctOutputVariableNameBSON field (differs fromMicroflowCallAction.ResultVariableNameper Mendix metamodel)buildEntityNameshelper eliminating duplication in Mermaid renderingserializeNanoflow()rewrite — now serializes body, flows, return type, parameters (was incomplete)Bug fixes included:
serializeNanoflow()was missing ReturnType, ObjectCollection, and Flows — created nanoflows lost their body when written to.mprNanoflowCallActionBSON field name corrected fromResultVariableNametoOutputVariableName(verified against metamodel)NanoflowCallAction(was showing generic "Action" label)Tests:
roundtrip_nanoflow_test.go) — CREATE, DROP, CALL, GRANT/REVOKE, SHOW, MOVE, RENAME, MERMAID, validation, error pathscmd_nanoflows_mock_test.go) — not-connected guards, duplicate handling, idempotent grant/revoke, validation of all disallowed actions, nested body validationroundtrip_test.go) — parse→serialize→parse cycle for nanoflows with activities, flows, and rolesDocs updated:
MDL_FEATURE_MATRIX.md— nanoflow row updated to reflect implemented stateMDL_QUICK_REFERENCE.md— added CREATE, MOVE, GRANT/REVOKE, SHOW ACCESS01-language-reference.md— added CREATE/DROP/GRANT/REVOKE nanoflow sectionsgrammar-reference.md— addedcreateNanoflowStatementPROPOSAL_nanoflow_support.md— rewritten as feature descriptiondocs/15-testing/nanoflow-test-cases.md(19 sections, 100+ cases)All tests pass (
make build && make test && make lint-go).