@bryan-thompson/inspector-assessment-cli 1.22.13 → 1.22.16
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/build/assess-full.js +13 -23
- package/package.json +1 -1
package/build/assess-full.js
CHANGED
|
@@ -12,13 +12,19 @@
|
|
|
12
12
|
import * as fs from "fs";
|
|
13
13
|
import * as path from "path";
|
|
14
14
|
import * as os from "os";
|
|
15
|
+
import { EventEmitter } from "events";
|
|
16
|
+
// Increase max listeners to prevent warning during security testing
|
|
17
|
+
// Full assessment runs 234+ sequential tool calls (6 tools × 13 patterns × 3 payloads)
|
|
18
|
+
// Each call may add listeners to the underlying socket
|
|
19
|
+
EventEmitter.defaultMaxListeners = 300;
|
|
20
|
+
process.setMaxListeners(300);
|
|
15
21
|
import { Client } from "@modelcontextprotocol/sdk/client/index.js";
|
|
16
22
|
import { StdioClientTransport } from "@modelcontextprotocol/sdk/client/stdio.js";
|
|
17
23
|
import { SSEClientTransport } from "@modelcontextprotocol/sdk/client/sse.js";
|
|
18
24
|
import { StreamableHTTPClientTransport } from "@modelcontextprotocol/sdk/client/streamableHttp.js";
|
|
19
25
|
// Import from local client lib (will use package exports when published)
|
|
20
26
|
import { AssessmentOrchestrator, } from "../../client/lib/services/assessment/AssessmentOrchestrator.js";
|
|
21
|
-
import { DEFAULT_ASSESSMENT_CONFIG, ASSESSMENT_CATEGORY_METADATA, } from "../../client/lib/lib/assessmentTypes.js";
|
|
27
|
+
import { DEFAULT_ASSESSMENT_CONFIG, ASSESSMENT_CATEGORY_METADATA, getAllModulesConfig, } from "../../client/lib/lib/assessmentTypes.js";
|
|
22
28
|
import { FULL_CLAUDE_CODE_CONFIG } from "../../client/lib/services/assessment/lib/claudeCodeBridge.js";
|
|
23
29
|
import { createFormatter, } from "../../client/lib/lib/reportFormatters/index.js";
|
|
24
30
|
import { generatePolicyComplianceReport } from "../../client/lib/services/assessment/PolicyComplianceGenerator.js";
|
|
@@ -333,30 +339,14 @@ function buildConfig(options) {
|
|
|
333
339
|
enableExtendedAssessment: options.fullAssessment !== false,
|
|
334
340
|
parallelTesting: true,
|
|
335
341
|
testTimeout: 30000,
|
|
336
|
-
enableSourceCodeAnalysis:
|
|
342
|
+
enableSourceCodeAnalysis: Boolean(options.sourceCodePath),
|
|
337
343
|
};
|
|
338
344
|
if (options.fullAssessment !== false) {
|
|
339
|
-
//
|
|
340
|
-
const allModules = {
|
|
341
|
-
|
|
342
|
-
|
|
343
|
-
|
|
344
|
-
errorHandling: true,
|
|
345
|
-
usability: true,
|
|
346
|
-
mcpSpecCompliance: true,
|
|
347
|
-
aupCompliance: true,
|
|
348
|
-
toolAnnotations: true,
|
|
349
|
-
prohibitedLibraries: true,
|
|
350
|
-
manifestValidation: true,
|
|
351
|
-
portability: true,
|
|
352
|
-
externalAPIScanner: !!options.sourceCodePath,
|
|
353
|
-
temporal: !options.skipTemporal, // Enable by default with --full, skip with --skip-temporal
|
|
354
|
-
// New capability assessors - always enabled in full mode
|
|
355
|
-
resources: true,
|
|
356
|
-
prompts: true,
|
|
357
|
-
crossCapability: true,
|
|
358
|
-
authentication: true,
|
|
359
|
-
};
|
|
345
|
+
// Derive module config from ASSESSMENT_CATEGORY_METADATA (single source of truth)
|
|
346
|
+
const allModules = getAllModulesConfig({
|
|
347
|
+
sourceCodePath: Boolean(options.sourceCodePath),
|
|
348
|
+
skipTemporal: options.skipTemporal,
|
|
349
|
+
});
|
|
360
350
|
// Apply --only-modules filter (whitelist mode)
|
|
361
351
|
if (options.onlyModules?.length) {
|
|
362
352
|
for (const key of Object.keys(allModules)) {
|
package/package.json
CHANGED