@ceon-oy/monitor-sdk 1.0.1 → 1.0.2

package/README.md

@@ -1,10 +1,32 @@
-# Ceon Monitor - SDK
-
-Lightweight client SDK for sending errors and messages to the Ceon Monitor service.
+# Ceon Monitor SDK
+
+Lightweight client SDK for integrating with the Ceon Monitor service. Provides error reporting, technology tracking, vulnerability auditing, and security event monitoring.
+
+## Table of Contents
+
+- [Installation](#installation)
+- [Quick Start](#quick-start)
+- [Configuration](#configuration)
+- [Features](#features)
+  - [Error Capture](#error-capture)
+  - [Technology Tracking](#technology-tracking)
+  - [Vulnerability Auditing](#vulnerability-auditing)
+  - [Security Events](#security-events)
+- [Framework Examples](#framework-examples)
+  - [Express.js](#expressjs)
+  - [Next.js](#nextjs)
+  - [React (Monolithic)](#react-monolithic)
+  - [React (Separate Server/Client)](#react-separate-serverclient)
+- [API Reference](#api-reference)
+- [Batching Behavior](#batching-behavior)
+- [Building](#building)
 
 ## Installation
 
 ```bash
+# From npm (recommended)
+npm install @ceon-oy/monitor-sdk
+
 # From GitHub
 npm install github:ceon-oy/ceon-monitor-sdk
 ```
@@ -14,7 +36,7 @@ Or add to your `package.json`:
 ```json
 {
   "dependencies": {
-    "@ceon/monitor-sdk": "github:ceon-oy/ceon-monitor-sdk"
+    "@ceon-oy/monitor-sdk": "^1.0.0"
   }
 }
 ```
@@ -26,13 +48,14 @@ Or add to your `package.json`:
 ## Quick Start
 
 ```typescript
-import { MonitorClient } from '@ceon/monitor-sdk';
+import { MonitorClient } from '@ceon-oy/monitor-sdk';
 
 // Initialize the client
 const monitor = new MonitorClient({
-  apiKey: process.env.MONITOR_API_KEY!,
+  apiKey: process.env.CEON_MONITOR_API_KEY!,
   endpoint: 'https://monitor.example.com',
   environment: process.env.NODE_ENV,
+  trackDependencies: true,  // Auto-sync package.json
 });
 
 // Capture an error
@@ -51,6 +74,9 @@ await monitor.captureMessage('User signed up', 'INFO', {
   metadata: { userId: '123', plan: 'premium' },
 });
 
+// Run vulnerability audit
+await monitor.auditDependencies();
+
 // Flush and close before shutdown
 await monitor.close();
 ```
@@ -59,131 +85,253 @@ await monitor.close();
 
 ```typescript
 interface MonitorClientConfig {
-  apiKey: string;           // Your project API key
-  endpoint: string;         // Monitor service URL
-  environment?: string;     // Environment name (default: 'production')
-  batchSize?: number;       // Errors to batch before sending (default: 10)
-  flushIntervalMs?: number; // Auto-flush interval in ms (default: 5000)
+  apiKey: string;                    // Your project API key (required)
+  endpoint: string;                  // Monitor service URL (required)
+  environment?: string;              // Environment name (default: 'production')
+  batchSize?: number;                // Errors to batch before sending (default: 10)
+  flushIntervalMs?: number;          // Auto-flush interval in ms (default: 5000)
+  trackDependencies?: boolean;       // Auto-sync package.json (default: false)
+  dependencySources?: {              // Multiple package.json sources
+    path: string;
+    environment: string;
+  }[];
+  excludePatterns?: string[];        // Glob patterns to exclude (e.g., '@types/*')
 }
 ```
 
-## API
-
-### `MonitorClient`
-
-#### `constructor(config: MonitorClientConfig)`
-
-Creates a new monitor client instance.
+### Basic Configuration
 
 ```typescript
 const monitor = new MonitorClient({
-  apiKey: 'cm_your_api_key_here',
+  apiKey: process.env.CEON_MONITOR_API_KEY!,
   endpoint: 'https://monitor.example.com',
   environment: 'production',
-  batchSize: 10,
-  flushIntervalMs: 5000,
 });
 ```
 
-#### `captureError(error: Error, context?: ErrorContext): Promise<void>`
+### Multi-Environment Dependency Tracking
 
-Captures an error and queues it for sending.
+For projects with separate server and client folders:
 
 ```typescript
-await monitor.captureError(error, {
-  severity: 'ERROR',        // DEBUG, INFO, WARNING, ERROR, CRITICAL
-  route: '/api/users',      // API route or page path
-  method: 'POST',           // HTTP method
-  statusCode: 500,          // HTTP status code
-  userAgent: req.headers['user-agent'],
-  ip: req.ip,
-  requestId: req.id,
-  metadata: {               // Any additional data
-    userId: '123',
-    action: 'create_user',
-  },
+const monitor = new MonitorClient({
+  apiKey: process.env.CEON_MONITOR_API_KEY!,
+  endpoint: 'https://monitor.example.com',
+  environment: 'server',
+  trackDependencies: true,
+  dependencySources: [
+    { path: './package.json', environment: 'server' },
+    { path: '../client/package.json', environment: 'client' },
+  ],
+  excludePatterns: ['@types/*'],  // Filter out TypeScript type definitions
 });
 ```
 
-#### `captureMessage(message: string, severity?: Severity, context?: ErrorContext): Promise<void>`
+## Features
 
-Captures a log message.
+### Error Capture
+
+#### Capture an Error
+
+```typescript
+try {
+  // ... your code
+} catch (error) {
+  await monitor.captureError(error as Error, {
+    severity: 'ERROR',        // DEBUG, INFO, WARNING, ERROR, CRITICAL
+    route: '/api/users',      // API route or page path
+    method: 'POST',           // HTTP method
+    statusCode: 500,          // HTTP status code
+    userAgent: req.headers['user-agent'],
+    ip: req.ip,
+    requestId: req.id,
+    metadata: {               // Any additional data
+      userId: '123',
+      action: 'create_user',
+    },
+  });
+}
+```
+
+#### Capture a Message
 
 ```typescript
 await monitor.captureMessage('Payment processed', 'INFO', {
+  route: '/api/payments',
   metadata: { orderId: '456', amount: 99.99 },
 });
 ```
 
-#### `flush(): Promise<void>`
+### Technology Tracking
 
-Immediately sends all queued errors. Called automatically based on `flushIntervalMs` and `batchSize`.
+#### Automatic Tracking
+
+Enable `trackDependencies: true` to automatically sync your `package.json` dependencies:
 
 ```typescript
-await monitor.flush();
+const monitor = new MonitorClient({
+  apiKey: process.env.CEON_MONITOR_API_KEY!,
+  endpoint: 'https://monitor.example.com',
+  trackDependencies: true,
+});
 ```
 
-#### `close(): Promise<void>`
+#### Manual Reporting
+
+```typescript
+await monitor.reportTechnologies([
+  { name: 'node', version: '20.10.0', type: 'runtime' },
+  { name: 'express', version: '4.18.2', type: 'framework' },
+  { name: 'prisma', version: '5.0.0', type: 'database' },
+]);
+```
+
+### Vulnerability Auditing
 
-Flushes remaining errors and stops the client. Call this before your application shuts down.
+Run npm audit and send results to the monitoring server:
 
 ```typescript
-await monitor.close();
+// Basic audit
+const result = await monitor.auditDependencies();
+
+if (result) {
+  console.log(`Scan complete: ${result.processed} vulnerabilities found`);
+  console.log(`Critical: ${result.summary.critical}, High: ${result.summary.high}`);
+}
+
+// Audit a specific project directory
+await monitor.auditDependencies({
+  projectPath: '/path/to/project',
+  environment: 'production',
+});
+```
+
+#### Scheduled Auditing
+
+```typescript
+// Run on app startup
+monitor.auditDependencies();
+
+// Run daily via cron
+import cron from 'node-cron';
+
+cron.schedule('0 3 * * *', async () => {
+  await monitor.auditDependencies();
+});
+
+// Or using setInterval
+setInterval(async () => {
+  await monitor.auditDependencies();
+}, 24 * 60 * 60 * 1000); // Daily
 ```
 
-## Usage Examples
+### Security Events
 
-### Express.js Error Handler
+#### Report Security Event
 
 ```typescript
-import { MonitorClient } from '@ceon/monitor-sdk';
-import { ErrorRequestHandler } from 'express';
+await monitor.reportSecurityEvent({
+  eventType: 'FAILED_LOGIN',
+  category: 'AUTHENTICATION',
+  severity: 'MEDIUM',
+  ip: '192.168.1.1',
+  identifier: 'user@example.com',
+  metadata: { attempts: 3 },
+});
+```
+
+#### Check for Brute Force
+
+```typescript
+const result = await monitor.checkBruteForce({
+  ip: '192.168.1.1',
+  identifier: 'user@example.com',
+  threshold: 5,
+  windowMinutes: 15,
+});
+
+if (result.blocked) {
+  // Block the request
+  throw new Error('Too many attempts. Please try again later.');
+}
+```
+
+## Framework Examples
 
+### Express.js
+
+```typescript
+import express from 'express';
+import { MonitorClient } from '@ceon-oy/monitor-sdk';
+
+const app = express();
 const monitor = new MonitorClient({
-  apiKey: process.env.MONITOR_API_KEY!,
-  endpoint: process.env.MONITOR_ENDPOINT!,
+  apiKey: process.env.CEON_MONITOR_API_KEY!,
+  endpoint: process.env.CEON_MONITOR_ENDPOINT!,
   environment: process.env.NODE_ENV,
+  trackDependencies: true,
+});
+
+// Your routes
+app.get('/api/health', (req, res) => {
+  res.json({ status: 'ok' });
 });
 
-export const errorHandler: ErrorRequestHandler = (err, req, res, next) => {
+// Error handling middleware
+app.use((err: Error, req: express.Request, res: express.Response, next: express.NextFunction) => {
   monitor.captureError(err, {
     route: req.path,
     method: req.method,
-    statusCode: res.statusCode || 500,
-    userAgent: req.headers['user-agent'],
+    statusCode: 500,
+    userAgent: req.get('user-agent'),
     ip: req.ip,
-    metadata: {
-      query: req.query,
-      body: req.body,
-    },
   });
-
   res.status(500).json({ error: 'Internal server error' });
-};
+});
 
 // Graceful shutdown
 process.on('SIGTERM', async () => {
   await monitor.close();
   process.exit(0);
 });
+
+app.listen(3001, () => console.log('Server running on port 3001'));
+```
+
+### Next.js
+
+**1. Create a monitor utility (`lib/monitor.ts`):**
+
+```typescript
+import { MonitorClient } from '@ceon-oy/monitor-sdk';
+
+let monitor: MonitorClient | null = null;
+
+export function getMonitor(): MonitorClient {
+  if (!monitor) {
+    monitor = new MonitorClient({
+      apiKey: process.env.CEON_MONITOR_API_KEY!,
+      endpoint: process.env.CEON_MONITOR_ENDPOINT || 'https://your-monitor-server.com',
+      environment: process.env.NODE_ENV || 'development',
+      trackDependencies: true,
+    });
+  }
+  return monitor;
+}
 ```
 
-### Next.js API Route
+**2. Use in API routes (`app/api/example/route.ts`):**
 
 ```typescript
-import { MonitorClient } from '@ceon/monitor-sdk';
 import { NextRequest, NextResponse } from 'next/server';
+import { getMonitor } from '@/lib/monitor';
 
-const monitor = new MonitorClient({
-  apiKey: process.env.MONITOR_API_KEY!,
-  endpoint: process.env.MONITOR_ENDPOINT!,
-  environment: process.env.NODE_ENV,
-});
+export async function POST(request: NextRequest) {
+  const monitor = getMonitor();
 
-export async function POST(req: NextRequest) {
   try {
-    const body = await req.json();
-    // ... handle request
+    const body = await request.json();
+    // Your logic here
     return NextResponse.json({ success: true });
   } catch (error) {
     await monitor.captureError(error as Error, {
@@ -191,35 +339,377 @@ export async function POST(req: NextRequest) {
       method: 'POST',
       statusCode: 500,
     });
-    return NextResponse.json({ error: 'Internal error' }, { status: 500 });
+    return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
+  }
+}
+```
+
+**3. Global error handling (`app/error.tsx`):**
+
+```typescript
+'use client';
+
+import { useEffect } from 'react';
+
+export default function Error({
+  error,
+  reset,
+}: {
+  error: Error & { digest?: string };
+  reset: () => void;
+}) {
+  useEffect(() => {
+    fetch('/api/log-error', {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({
+        message: error.message,
+        stack: error.stack,
+        digest: error.digest,
+      }),
+    });
+  }, [error]);
+
+  return (
+    <div>
+      <h2>Something went wrong!</h2>
+      <button onClick={() => reset()}>Try again</button>
+    </div>
+  );
+}
+```
+
+**4. Create error logging API route (`app/api/log-error/route.ts`):**
+
+```typescript
+import { NextRequest, NextResponse } from 'next/server';
+import { getMonitor } from '@/lib/monitor';
+
+export async function POST(request: NextRequest) {
+  const monitor = getMonitor();
+  const { message, stack, digest } = await request.json();
+
+  await monitor.captureMessage(message, 'ERROR', {
+    metadata: { stack, digest, source: 'client' },
+  });
+
+  return NextResponse.json({ logged: true });
+}
+```
+
+### React (Monolithic)
+
+For a React project with Express backend in the same folder:
+
+```
+my-app/
+├── package.json
+├── src/
+│   ├── client/          # React frontend
+│   └── server/          # Express backend
+```
+
+**Server (`src/server/index.ts`):**
+
+```typescript
+import express from 'express';
+import path from 'path';
+import { MonitorClient } from '@ceon-oy/monitor-sdk';
+
+const app = express();
+app.use(express.json());
+
+const monitor = new MonitorClient({
+  apiKey: process.env.CEON_MONITOR_API_KEY!,
+  endpoint: process.env.CEON_MONITOR_ENDPOINT!,
+  environment: process.env.NODE_ENV || 'development',
+  trackDependencies: true,
+});
+
+// Client error logging endpoint
+app.post('/api/log-client-error', async (req, res) => {
+  const { message, stack, componentStack } = req.body;
+  await monitor.captureMessage(message, 'ERROR', {
+    metadata: { stack, componentStack, source: 'client' },
+  });
+  res.json({ logged: true });
+});
+
+// Global error handler
+app.use((err: Error, req: express.Request, res: express.Response, next: express.NextFunction) => {
+  monitor.captureError(err, {
+    route: req.path,
+    method: req.method,
+    statusCode: 500,
+  });
+  res.status(500).json({ error: 'Internal server error' });
+});
+
+// Graceful shutdown
+process.on('SIGTERM', async () => {
+  await monitor.close();
+  process.exit(0);
+});
+
+app.listen(3001, () => console.log('Server running on port 3001'));
+```
+
+**React Error Boundary (`src/client/ErrorBoundary.tsx`):**
+
+```typescript
+import React, { Component, ErrorInfo, ReactNode } from 'react';
+
+interface Props {
+  children: ReactNode;
+}
+
+interface State {
+  hasError: boolean;
+}
+
+class ErrorBoundary extends Component<Props, State> {
+  constructor(props: Props) {
+    super(props);
+    this.state = { hasError: false };
+  }
+
+  static getDerivedStateFromError(): State {
+    return { hasError: true };
+  }
+
+  componentDidCatch(error: Error, errorInfo: ErrorInfo) {
+    fetch('/api/log-client-error', {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({
+        message: error.message,
+        stack: error.stack,
+        componentStack: errorInfo.componentStack,
+      }),
+    });
+  }
+
+  render() {
+    if (this.state.hasError) {
+      return <h1>Something went wrong.</h1>;
+    }
+    return this.props.children;
   }
 }
+
+export default ErrorBoundary;
+```
+
+### React (Separate Server/Client)
+
+For projects with separate server and client folders:
+
+```
+my-project/
+├── server/
+│   ├── package.json
+│   └── src/index.ts
+└── client/
+    ├── package.json
+    └── src/
 ```
 
-### Integration with Existing Logger
+**Server (`server/src/index.ts`):**
 
 ```typescript
-import { MonitorClient } from '@ceon/monitor-sdk';
+import express from 'express';
+import cors from 'cors';
+import { MonitorClient } from '@ceon-oy/monitor-sdk';
+
+const app = express();
+app.use(cors());
+app.use(express.json());
 
+// Multi-environment dependency tracking
 const monitor = new MonitorClient({
-  apiKey: process.env.MONITOR_API_KEY!,
-  endpoint: process.env.MONITOR_ENDPOINT!,
+  apiKey: process.env.CEON_MONITOR_API_KEY!,
+  endpoint: process.env.CEON_MONITOR_ENDPOINT!,
+  environment: process.env.NODE_ENV || 'development',
+  trackDependencies: true,
+  dependencySources: [
+    { path: './package.json', environment: 'server' },
+    { path: '../client/package.json', environment: 'client' },
+  ],
+  excludePatterns: ['@types/*'],
+});
+
+// Endpoint for client-side error logging
+app.post('/api/log-error', async (req, res) => {
+  const { message, stack, componentStack, url, userAgent } = req.body;
+
+  await monitor.captureMessage(message, 'ERROR', {
+    route: url,
+    metadata: { stack, componentStack, userAgent, source: 'client' },
+  });
+
+  res.json({ logged: true });
+});
+
+// Global error handler
+app.use((err: Error, req: express.Request, res: express.Response, next: express.NextFunction) => {
+  monitor.captureError(err, {
+    route: req.path,
+    method: req.method,
+    statusCode: 500,
+    userAgent: req.get('user-agent'),
+    ip: req.ip,
+  });
+  res.status(500).json({ error: 'Internal server error' });
 });
 
-// Wrap your existing logger
-export function logError(message: string, error?: Error, context?: object) {
-  // Your existing logging
-  console.error(message, error);
+// Graceful shutdown
+process.on('SIGTERM', async () => {
+  await monitor.close();
+  process.exit(0);
+});
+
+app.listen(3001, () => console.log('Server running on port 3001'));
+```
+
+**React Error Boundary (`client/src/components/ErrorBoundary.tsx`):**
 
-  // Also send to monitor
-  if (error) {
-    monitor.captureError(error, { metadata: context });
-  } else {
-    monitor.captureMessage(message, 'ERROR', { metadata: context });
+```typescript
+import React, { Component, ErrorInfo, ReactNode } from 'react';
+
+interface Props {
+  children: ReactNode;
+}
+
+interface State {
+  hasError: boolean;
+  error: Error | null;
+}
+
+class ErrorBoundary extends Component<Props, State> {
+  constructor(props: Props) {
+    super(props);
+    this.state = { hasError: false, error: null };
+  }
+
+  static getDerivedStateFromError(error: Error): State {
+    return { hasError: true, error };
+  }
+
+  componentDidCatch(error: Error, errorInfo: ErrorInfo) {
+    fetch(`${process.env.REACT_APP_API_URL}/api/log-error`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({
+        message: error.message,
+        stack: error.stack,
+        componentStack: errorInfo.componentStack,
+        url: window.location.href,
+        userAgent: navigator.userAgent,
+      }),
+    }).catch(console.error);
+  }
+
+  render() {
+    if (this.state.hasError) {
+      return (
+        <div>
+          <h1>Something went wrong</h1>
+          <button onClick={() => window.location.reload()}>Reload Page</button>
+        </div>
+      );
+    }
+    return this.props.children;
   }
 }
+
+export default ErrorBoundary;
+```
+
+**Global error handlers (`client/src/index.tsx`):**
+
+```typescript
+import React from 'react';
+import ReactDOM from 'react-dom/client';
+import App from './App';
+import ErrorBoundary from './components/ErrorBoundary';
+
+// Global error handlers
+window.onerror = (message, source, lineno, colno, error) => {
+  fetch(`${process.env.REACT_APP_API_URL}/api/log-error`, {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify({
+      message: String(message),
+      stack: error?.stack,
+      url: window.location.href,
+      userAgent: navigator.userAgent,
+    }),
+  }).catch(console.error);
+};
+
+window.onunhandledrejection = (event) => {
+  fetch(`${process.env.REACT_APP_API_URL}/api/log-error`, {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify({
+      message: event.reason?.message || 'Unhandled Promise Rejection',
+      stack: event.reason?.stack,
+      url: window.location.href,
+      userAgent: navigator.userAgent,
+    }),
+  }).catch(console.error);
+};
+
+const root = ReactDOM.createRoot(document.getElementById('root')!);
+root.render(
+  <React.StrictMode>
+    <ErrorBoundary>
+      <App />
+    </ErrorBoundary>
+  </React.StrictMode>
+);
 ```
 
+## API Reference
+
+### `MonitorClient`
+
+#### `constructor(config: MonitorClientConfig)`
+
+Creates a new monitor client instance.
+
+#### `captureError(error: Error, context?: ErrorContext): Promise<void>`
+
+Captures an error and queues it for sending.
+
+#### `captureMessage(message: string, severity?: Severity, context?: ErrorContext): Promise<void>`
+
+Captures a log message with optional severity level.
+
+#### `reportTechnologies(technologies: Technology[]): Promise<void>`
+
+Reports technology stack information.
+
+#### `reportSecurityEvent(event: SecurityEvent): Promise<void>`
+
+Reports a security event.
+
+#### `checkBruteForce(params: BruteForceParams): Promise<BruteForceResult>`
+
+Checks for brute force attacks.
+
+#### `auditDependencies(options?: AuditOptions): Promise<AuditResult | null>`
+
+Runs npm audit and sends results to the server.
+
+#### `flush(): Promise<void>`
+
+Immediately sends all queued errors.
+
+#### `close(): Promise<void>`
+
+Flushes remaining errors and stops the client.
+
 ## Batching Behavior
 
 The SDK batches errors to reduce network overhead:
@@ -231,9 +721,9 @@ The SDK batches errors to reduce network overhead:
    - `flush()` is called manually
    - `close()` is called
 
-For serverless/edge environments where the process may terminate quickly, consider:
-- Setting `batchSize: 1` to send immediately
-- Calling `await monitor.flush()` at the end of each request
+For serverless/edge environments where the process may terminate quickly:
+- Set `batchSize: 1` to send immediately
+- Call `await monitor.flush()` at the end of each request
 
 ## Building
 
@@ -258,4 +748,24 @@ interface ErrorContext {
   requestId?: string;
   metadata?: Record<string, unknown>;
 }
+
+interface Technology {
+  name: string;
+  version: string;
+  type: 'runtime' | 'framework' | 'library' | 'database' | 'tool' | 'other';
+  environment?: string;
+}
+
+interface SecurityEvent {
+  eventType: string;
+  category: 'AUTHENTICATION' | 'AUTHORIZATION' | 'RATE_LIMIT' | 'SUSPICIOUS_ACTIVITY' | 'DATA_ACCESS';
+  severity: 'LOW' | 'MEDIUM' | 'HIGH' | 'CRITICAL';
+  ip?: string;
+  identifier?: string;
+  metadata?: Record<string, unknown>;
+}
 ```
+
+## License
+
+MIT

package/dist/index.js

@@ -458,16 +458,24 @@ var MonitorClient = class {
    * @returns Audit summary with vulnerability counts
    */
   async auditDependencies(options = {}) {
-    if (typeof require === "undefined") {
-      console.warn("[MonitorClient] auditDependencies only works in Node.js environment");
+    if (typeof window !== "undefined" || typeof document !== "undefined") {
+      console.warn("[MonitorClient] auditDependencies only works in Node.js server environment");
+      return null;
+    }
+    let execSync;
+    let path;
+    let fs;
+    try {
+      execSync = require("child_process").execSync;
+      path = require("path");
+      fs = require("fs");
+    } catch {
+      console.warn("[MonitorClient] auditDependencies requires Node.js (not available in bundled/browser environments)");
       return null;
     }
     const startTime = Date.now();
     const environment = options.environment || this.environment;
     try {
-      const { execSync } = require("child_process");
-      const path = require("path");
-      const fs = require("fs");
       let projectPath = options.projectPath || process.cwd();
       if (projectPath.includes("\0") || /[;&|`$(){}[\]<>]/.test(projectPath)) {
         console.error("[MonitorClient] Invalid projectPath: contains forbidden characters");

package/dist/index.mjs

@@ -429,16 +429,24 @@ var MonitorClient = class {
    * @returns Audit summary with vulnerability counts
    */
   async auditDependencies(options = {}) {
-    if (typeof __require === "undefined") {
-      console.warn("[MonitorClient] auditDependencies only works in Node.js environment");
+    if (typeof window !== "undefined" || typeof document !== "undefined") {
+      console.warn("[MonitorClient] auditDependencies only works in Node.js server environment");
+      return null;
+    }
+    let execSync;
+    let path;
+    let fs;
+    try {
+      execSync = __require("child_process").execSync;
+      path = __require("path");
+      fs = __require("fs");
+    } catch {
+      console.warn("[MonitorClient] auditDependencies requires Node.js (not available in bundled/browser environments)");
       return null;
     }
     const startTime = Date.now();
     const environment = options.environment || this.environment;
     try {
-      const { execSync } = __require("child_process");
-      const path = __require("path");
-      const fs = __require("fs");
       let projectPath = options.projectPath || process.cwd();
       if (projectPath.includes("\0") || /[;&|`$(){}[\]<>]/.test(projectPath)) {
         console.error("[MonitorClient] Invalid projectPath: contains forbidden characters");

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ceon-oy/monitor-sdk",
-  "version": "1.0.1",
+  "version": "1.0.2",
   "description": "Client SDK for Ceon Monitor - Error tracking, health monitoring, security events, and vulnerability scanning",
   "author": "Ceon",
   "license": "MIT",