IMPORTANT: This is a PUBLIC repository. Read SECURITY.md first!
✅ Ensure .env files are in .gitignore
✅ Never commit API keys
✅ Use environment variables only
# Check Node.js version (need 18+)
node --version
# Check npm version (need 9+)
npm --versionIf you don't have them, install from nodejs.org
# Navigate to project
cd /Users/n0r0bhn/Documents/flowllm
# Install dependencies
npm installThis will install all dependencies for all packages in the monorepo.
# Build all packages
npm run buildThis compiles TypeScript to JavaScript. You should see output like:
@flowllm/core: Build success
@flowllm/providers: Build success
@flowllm/mcp: Build success
flowllm: Build success
# Run all tests
npm testAll tests should pass. If any fail, check the error messages.
# Navigate to examples
cd examples
# Copy the environment template
cp .env.example .env
# Edit .env and add your REAL API keys
# Use nano, vim, or any text editor
nano .envAdd your keys:
OPENAI_API_KEY=your-openai-api-key-here
ANTHROPIC_API_KEY=sk-ant-YOUR-REAL-KEY-HERE
GOOGLE_API_KEY=YOUR-GOOGLE-KEY-HERESave and exit (Ctrl+O, Enter, Ctrl+X for nano)
# Still in examples directory
npm run basicYou should see the agent respond to a query!
cd packages/core
# Run tests
npm test
# Run tests with coverage
npm test -- --coverage
# Watch mode (auto-rerun on changes)
npm run test:watchWhat to check:
- ✅ All tests pass
- ✅ Memory management works
- ✅ Tool registry functions correctly
- ✅ No TypeScript errors
cd packages/providers
# Type check
npm run typecheck
# Build
npm run buildWhat to check:
- ✅ TypeScript compiles without errors
- ✅ All provider exports work
- ✅ No import errors
cd packages/mcp
# Type check
npm run typecheck
# Build
npm run buildWhat to check:
- ✅ TypeScript compiles
- ✅ MCP SDK imports work
- ✅ No dependency errors
cd packages/flowllm
# Type check
npm run typecheck
# Build
npm run buildWhat to check:
- ✅ All re-exports work
- ✅ High-level APIs are accessible
- ✅ No circular dependencies
cd examples
# Test basic agent
npm run basic
# Test custom tools
npm run tools
# Test streaming
npm run stream
# Test conversations
npm run conversation
# Test multi-provider (needs all API keys)
npm run providers
# Test MCP integration (needs MCP server)
npm run mcpbasic-agent.ts:
🤖 Agent initialized!
📝 Response: A REST API (Representational State Transfer API)...
💰 Cost: $0.000150
🔢 Tokens: 245
⏱️ Time: 1234ms
streaming.ts:
🤖 Streaming agent initialized!
📖 Generating a story...
Once upon a time, there was a robot named Pixel...
[text streams in real-time]
✅ Streaming complete!
You can test the framework without API keys using mock providers:
// test-without-keys.ts
import { defineAgent, defineTool } from '../packages/flowllm/src';
import type { LLMProvider, Message, LLMConfig, LLMResponse, StreamChunk } from '../packages/core/src';
// Mock provider - NO API KEY NEEDED
class MockProvider implements LLMProvider {
name = 'mock';
async chat(messages: Message[], config: LLMConfig): Promise<LLMResponse> {
return {
content: 'Mock response from the agent',
role: 'assistant',
finishReason: 'stop',
usage: { promptTokens: 10, completionTokens: 20, totalTokens: 30 },
model: 'mock-model',
};
}
async *stream(messages: Message[], config: LLMConfig): AsyncIterable<StreamChunk> {
const words = ['Hello', ' from', ' mock', ' provider'];
for (const word of words) {
yield { delta: { content: word } };
await new Promise(r => setTimeout(r, 100));
}
}
countTokens(text: string): number {
return Math.ceil(text.length / 4);
}
getMaxTokens(model: string): number {
return 4096;
}
getCostPerToken(model: string) {
return { prompt: 0, completion: 0 };
}
}
// Test it!
const agent = defineAgent({
provider: new MockProvider(),
systemPrompt: 'You are a test agent.',
});
const response = await agent.execute('Test message');
console.log('✅ Mock test passed:', response.content);Run it:
npx tsx test-without-keys.ts# This should return nothing (no .env files tracked)
git status | grep ".env"
# This should show .env is ignored
git check-ignore .env examples/.env# Check if any API keys are in tracked files
git grep -i "sk-proj" # Should find nothing
git grep -i "sk-ant" # Should find nothing
git grep -i "AIza" # Should find nothing
# Check staged files before commit
git diff --staged | grep -i "api"# Create the hook
cat > .git/hooks/pre-commit << 'EOF'
#!/bin/bash
echo "🔍 Running security checks..."
# Check for API keys
if git diff --cached --name-only | xargs grep -h "sk-[Pp]roj-\|sk-[Aa]nt-\|AIza" 2>/dev/null; then
echo "❌ ERROR: Found API key in staged files!"
exit 1
fi
# Check for .env files
if git diff --cached --name-only | grep "^\.env$" 2>/dev/null; then
echo "❌ ERROR: .env file is staged!"
exit 1
fi
echo "✅ Security checks passed"
exit 0
EOF
# Make it executable
chmod +x .git/hooks/pre-commit
echo "✅ Pre-commit hook installed!"Solution:
# Install Node.js and npm from nodejs.org
# Or use a version manager like nvm:
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh | bash
nvm install 18
nvm use 18Solution:
# Clean and reinstall
rm -rf node_modules package-lock.json
npm install
npm run buildSolution:
# Check TypeScript version
npm list typescript
# Rebuild everything
npm run clean
npm run buildSolution:
# Make sure .env exists
ls -la examples/.env
# Check .env content (safely)
grep "OPENAI_API_KEY" examples/.env | head -c 30
# Restart your terminal to reload environmentSolution:
# Run with verbose output
npm test -- --reporter=verbose
# Run specific test file
npm test -- memory.test.ts
# Clear cache
npm test -- --clearCache# 1. Create a feature branch
git checkout -b feature/my-feature
# 2. Make your changes
# Edit files...
# 3. Run tests
npm test
# 4. Build
npm run build
# 5. Test examples
cd examples && npm run basic
# 6. Check for errors
npm run typecheck
npm run lint
# 7. Commit (pre-commit hook will run)
git add .
git commit -m "feat: add my feature"
# 8. Push
git push origin feature/my-featureCRITICAL CHECKLIST:
# 1. Run all tests
npm test
# 2. Build everything
npm run build
# 3. Check for secrets (IMPORTANT!)
git grep -i "sk-proj"
git grep -i "sk-ant"
git grep -i "AIza"
# 4. Verify .env is ignored
git status | grep ".env"
# 5. Review all changes
git diff origin/main
# 6. Double-check staged files
git diff --staged
# Only push if ALL checks pass!
git push origin mainUse this before committing:
- All packages build successfully (
npm run build) - All tests pass (
npm test) - TypeScript has no errors (
npm run typecheck) - Examples work with real API keys
- No
.envfiles in git status - No API keys in code (
git grep -i "sk-") - Pre-commit hook is installed
- .gitignore includes
.env* - Documentation is updated
- CHANGELOG.md is updated (if needed)
// performance-test.ts
import { defineAgent, openai } from 'flowllm';
const agent = defineAgent({
provider: openai('gpt-4o-mini'), // Use cheaper model
});
const start = Date.now();
const response = await agent.execute('Say hello');
const duration = Date.now() - start;
console.log(`Response time: ${duration}ms`);
console.log(`Tokens: ${response.usage.totalTokens}`);
console.log(`Cost: $${response.cost.totalCost.toFixed(6)}`);// load-test.ts
import { defineAgent, openai } from 'flowllm';
const agent = defineAgent({
provider: openai('gpt-4o-mini'),
});
const promises = Array.from({ length: 10 }, (_, i) =>
agent.execute(`Test message ${i}`)
);
const start = Date.now();
const results = await Promise.all(promises);
const duration = Date.now() - start;
console.log(`10 requests completed in ${duration}ms`);
console.log(`Average: ${duration / 10}ms per request`);Once local testing is complete:
- ✅ Read SECURITY.md thoroughly
- ✅ Set up pre-commit hooks
- ✅ Test all examples locally
- ✅ Verify no secrets in git
- ✅ Create a
.github/workflowsfor CI/CD - ✅ Push to GitHub
- ✅ Set up GitHub Secrets for CI/CD
- Documentation: docs/README.md
- Security: SECURITY.md
- Contributing: CONTRIBUTING.md
- Quick Reference: QUICK_REFERENCE.md
Happy Testing! Remember: Security First! 🔒