@ceon-oy/monitor-sdk 1.0.6 → 1.0.9

package/dist/index.d.mts

@@ -142,6 +142,7 @@ declare class MonitorClient {
     private settingsPollingTimer;
     private lastScanTime;
     private lastKnownScanRequestedAt;
+    private lastKnownTechScanRequestedAt;
     constructor(config: MonitorClientConfig);
     captureError(error: Error, context?: ErrorContext): Promise<void>;
     captureMessage(message: string, severity?: Severity, context?: ErrorContext): Promise<void>;
@@ -151,12 +152,13 @@ declare class MonitorClient {
     private stopAuditIntervalTimer;
     /**
      * Fetch project settings from the monitoring server.
-     * Returns configuration including vulnerability scan interval and scan request timestamp.
+     * Returns configuration including vulnerability scan interval and scan request timestamps.
      */
     fetchProjectSettings(): Promise<{
         name: string;
         vulnerabilityScanIntervalHours: number;
         scanRequestedAt: string | null;
+        techScanRequestedAt: string | null;
     } | null>;
     /**
      * Setup automatic vulnerability scanning based on server-configured interval.
@@ -169,7 +171,7 @@ declare class MonitorClient {
      */
     private runScanAndTrackTime;
     /**
-     * Check if the server has requested an on-demand scan.
+     * Check if the server has requested an on-demand scan (vulnerability or technology).
      */
     private checkForScanRequest;
     private enqueue;

package/dist/index.d.ts

@@ -142,6 +142,7 @@ declare class MonitorClient {
     private settingsPollingTimer;
     private lastScanTime;
     private lastKnownScanRequestedAt;
+    private lastKnownTechScanRequestedAt;
     constructor(config: MonitorClientConfig);
     captureError(error: Error, context?: ErrorContext): Promise<void>;
     captureMessage(message: string, severity?: Severity, context?: ErrorContext): Promise<void>;
@@ -151,12 +152,13 @@ declare class MonitorClient {
     private stopAuditIntervalTimer;
     /**
      * Fetch project settings from the monitoring server.
-     * Returns configuration including vulnerability scan interval and scan request timestamp.
+     * Returns configuration including vulnerability scan interval and scan request timestamps.
      */
     fetchProjectSettings(): Promise<{
         name: string;
         vulnerabilityScanIntervalHours: number;
         scanRequestedAt: string | null;
+        techScanRequestedAt: string | null;
     } | null>;
     /**
      * Setup automatic vulnerability scanning based on server-configured interval.
@@ -169,7 +171,7 @@ declare class MonitorClient {
      */
     private runScanAndTrackTime;
     /**
-     * Check if the server has requested an on-demand scan.
+     * Check if the server has requested an on-demand scan (vulnerability or technology).
      */
     private checkForScanRequest;
     private enqueue;

package/dist/index.js

@@ -46,6 +46,7 @@ var MonitorClient = class {
     this.settingsPollingTimer = null;
     this.lastScanTime = null;
     this.lastKnownScanRequestedAt = null;
+    this.lastKnownTechScanRequestedAt = null;
     if (!config.apiKey || config.apiKey.trim().length === 0) {
       throw new Error("[MonitorClient] API key is required");
     }
@@ -193,7 +194,7 @@ var MonitorClient = class {
   }
   /**
    * Fetch project settings from the monitoring server.
-   * Returns configuration including vulnerability scan interval and scan request timestamp.
+   * Returns configuration including vulnerability scan interval and scan request timestamps.
    */
   async fetchProjectSettings() {
     try {
@@ -229,6 +230,9 @@ var MonitorClient = class {
     if (settings.scanRequestedAt) {
       this.lastKnownScanRequestedAt = new Date(settings.scanRequestedAt);
     }
+    if (settings.techScanRequestedAt) {
+      this.lastKnownTechScanRequestedAt = new Date(settings.techScanRequestedAt);
+    }
     const intervalHours = settings.vulnerabilityScanIntervalHours;
     if (intervalHours <= 0) {
       console.log("[MonitorClient] Scheduled vulnerability scanning disabled by server configuration");
@@ -257,17 +261,27 @@ var MonitorClient = class {
     }
   }
   /**
-   * Check if the server has requested an on-demand scan.
+   * Check if the server has requested an on-demand scan (vulnerability or technology).
    */
   async checkForScanRequest() {
     try {
       const settings = await this.fetchProjectSettings();
-      if (!settings || !settings.scanRequestedAt) return;
-      const scanRequestedAt = new Date(settings.scanRequestedAt);
-      if (!this.lastKnownScanRequestedAt || scanRequestedAt > this.lastKnownScanRequestedAt) {
-        console.log("[MonitorClient] On-demand scan requested by server");
-        this.lastKnownScanRequestedAt = scanRequestedAt;
-        await this.runScanAndTrackTime();
+      if (!settings) return;
+      if (settings.scanRequestedAt) {
+        const scanRequestedAt = new Date(settings.scanRequestedAt);
+        if (!this.lastKnownScanRequestedAt || scanRequestedAt > this.lastKnownScanRequestedAt) {
+          console.log("[MonitorClient] On-demand vulnerability scan requested by server");
+          this.lastKnownScanRequestedAt = scanRequestedAt;
+          await this.runScanAndTrackTime();
+        }
+      }
+      if (settings.techScanRequestedAt) {
+        const techScanRequestedAt = new Date(settings.techScanRequestedAt);
+        if (!this.lastKnownTechScanRequestedAt || techScanRequestedAt > this.lastKnownTechScanRequestedAt) {
+          console.log("[MonitorClient] On-demand technology scan requested by server");
+          this.lastKnownTechScanRequestedAt = techScanRequestedAt;
+          await this.syncDependencies();
+        }
       }
     } catch (err) {
       console.error("[MonitorClient] Failed to check for scan request:", err instanceof Error ? err.message : String(err));
@@ -286,12 +300,12 @@ var MonitorClient = class {
   /**
    * Fetch with timeout to prevent hanging requests
    */
-  async fetchWithTimeout(url, options2, timeoutMs = this.requestTimeoutMs) {
+  async fetchWithTimeout(url, options, timeoutMs = this.requestTimeoutMs) {
     const controller = new AbortController();
     const timeoutId = setTimeout(() => controller.abort(), timeoutMs);
     try {
       const response = await fetch(url, {
-        ...options2,
+        ...options,
         signal: controller.signal
       });
       return response;
@@ -374,13 +388,13 @@ var MonitorClient = class {
     try {
       const fsModule = await import("fs");
       const pathModule = await import("path");
-      const fs2 = fsModule.default || fsModule;
-      const path2 = pathModule.default || pathModule;
+      const fs = fsModule.default || fsModule;
+      const path = pathModule.default || pathModule;
       const baseDir = process.cwd();
-      const resolvedPath = path2.isAbsolute(packagePath) ? packagePath : path2.join(baseDir, packagePath);
-      const normalizedPath = path2.normalize(resolvedPath);
-      const normalizedBase = path2.normalize(baseDir);
-      if (!path2.isAbsolute(packagePath)) {
+      const resolvedPath = path.isAbsolute(packagePath) ? packagePath : path.join(baseDir, packagePath);
+      const normalizedPath = path.normalize(resolvedPath);
+      const normalizedBase = path.normalize(baseDir);
+      if (!path.isAbsolute(packagePath)) {
         if (!normalizedPath.startsWith(normalizedBase)) {
           console.warn("[MonitorClient] Path traversal attempt blocked:", packagePath);
           return [];
@@ -394,10 +408,10 @@ var MonitorClient = class {
         console.warn("[MonitorClient] Path must point to package.json");
         return [];
       }
-      if (!fs2.existsSync(normalizedPath)) {
+      if (!fs.existsSync(normalizedPath)) {
         return [];
       }
-      const packageJson = JSON.parse(fs2.readFileSync(normalizedPath, "utf-8"));
+      const packageJson = JSON.parse(fs.readFileSync(normalizedPath, "utf-8"));
       const technologies = [];
       const deps = {
         ...packageJson.dependencies,
@@ -431,7 +445,7 @@ var MonitorClient = class {
   async sendTechnologies(technologies) {
     await this.sendTechnologiesWithEnvironment(technologies, this.environment);
   }
-  async sendTechnologiesWithEnvironment(technologies, environment2) {
+  async sendTechnologiesWithEnvironment(technologies, environment) {
     const response = await this.fetchWithTimeout(`${this.endpoint}/api/v1/technologies/sync`, {
       method: "POST",
       headers: {
@@ -439,7 +453,7 @@ var MonitorClient = class {
         Authorization: `Bearer ${this.apiKey}`
       },
       body: JSON.stringify({
-        environment: environment2,
+        environment,
         technologies
       })
     });
@@ -476,74 +490,74 @@ var MonitorClient = class {
   /**
    * Capture a login failure event (convenience method)
    */
-  async captureLoginFailure(options2) {
+  async captureLoginFailure(options) {
     return this.captureSecurityEvent({
-      eventType: `login_failed_${options2.authMethod || "other"}`,
+      eventType: `login_failed_${options.authMethod || "other"}`,
       category: "AUTHENTICATION",
       severity: "MEDIUM",
-      ip: options2.ip,
-      identifier: options2.identifier,
-      endpoint: options2.endpoint,
-      userAgent: options2.userAgent,
-      metadata: { reason: options2.reason, authMethod: options2.authMethod }
+      ip: options.ip,
+      identifier: options.identifier,
+      endpoint: options.endpoint,
+      userAgent: options.userAgent,
+      metadata: { reason: options.reason, authMethod: options.authMethod }
     });
   }
   /**
    * Capture a successful login event
    */
-  async captureLoginSuccess(options2) {
+  async captureLoginSuccess(options) {
     await this.captureSecurityEvent({
-      eventType: `login_success_${options2.authMethod || "other"}`,
+      eventType: `login_success_${options.authMethod || "other"}`,
       category: "AUTHENTICATION",
       severity: "LOW",
-      ip: options2.ip,
-      identifier: options2.identifier,
-      endpoint: options2.endpoint,
-      userAgent: options2.userAgent,
-      metadata: { authMethod: options2.authMethod }
+      ip: options.ip,
+      identifier: options.identifier,
+      endpoint: options.endpoint,
+      userAgent: options.userAgent,
+      metadata: { authMethod: options.authMethod }
     });
   }
   /**
    * Capture a rate limit event
    */
-  async captureRateLimit(options2) {
+  async captureRateLimit(options) {
     await this.captureSecurityEvent({
       eventType: "rate_limit_exceeded",
       category: "RATE_LIMIT",
       severity: "MEDIUM",
-      ip: options2.ip,
-      identifier: options2.identifier,
-      endpoint: options2.endpoint,
-      userAgent: options2.userAgent,
-      metadata: { limit: options2.limit, window: options2.window }
+      ip: options.ip,
+      identifier: options.identifier,
+      endpoint: options.endpoint,
+      userAgent: options.userAgent,
+      metadata: { limit: options.limit, window: options.window }
     });
   }
   /**
    * Capture an authorization failure (user tried to access unauthorized resource)
    */
-  async captureAuthorizationFailure(options2) {
+  async captureAuthorizationFailure(options) {
     await this.captureSecurityEvent({
       eventType: "authorization_denied",
       category: "AUTHORIZATION",
       severity: "MEDIUM",
-      ip: options2.ip,
-      identifier: options2.identifier,
-      endpoint: options2.endpoint,
-      userAgent: options2.userAgent,
-      metadata: { resource: options2.resource, action: options2.action }
+      ip: options.ip,
+      identifier: options.identifier,
+      endpoint: options.endpoint,
+      userAgent: options.userAgent,
+      metadata: { resource: options.resource, action: options.action }
     });
   }
   /**
    * Check if an IP or identifier has triggered brute force detection
    */
-  async checkBruteForce(options2) {
+  async checkBruteForce(options) {
     const response = await this.fetchWithTimeout(`${this.endpoint}/api/v1/security/detect/brute-force`, {
       method: "POST",
       headers: {
         "Content-Type": "application/json",
         Authorization: `Bearer ${this.apiKey}`
       },
-      body: JSON.stringify(options2)
+      body: JSON.stringify(options)
     });
     if (!response.ok) {
       const errorText = await response.text().catch(() => "");
@@ -569,10 +583,12 @@ var MonitorClient = class {
     let path;
     let fs;
     try {
-      const _require = eval("require");
-      execSync = _require("child_process").execSync;
-      path = _require("path");
-      fs = _require("fs");
+      const childProcess = await import("child_process");
+      const pathModule = await import("path");
+      const fsModule = await import("fs");
+      execSync = childProcess.execSync;
+      path = pathModule;
+      fs = fsModule;
     } catch {
       console.warn("[MonitorClient] auditDependencies requires Node.js (not available in bundled/browser environments)");
       return null;

package/dist/index.mjs

@@ -10,6 +10,7 @@ var MonitorClient = class {
     this.settingsPollingTimer = null;
     this.lastScanTime = null;
     this.lastKnownScanRequestedAt = null;
+    this.lastKnownTechScanRequestedAt = null;
     if (!config.apiKey || config.apiKey.trim().length === 0) {
       throw new Error("[MonitorClient] API key is required");
     }
@@ -157,7 +158,7 @@ var MonitorClient = class {
   }
   /**
    * Fetch project settings from the monitoring server.
-   * Returns configuration including vulnerability scan interval and scan request timestamp.
+   * Returns configuration including vulnerability scan interval and scan request timestamps.
    */
   async fetchProjectSettings() {
     try {
@@ -193,6 +194,9 @@ var MonitorClient = class {
     if (settings.scanRequestedAt) {
       this.lastKnownScanRequestedAt = new Date(settings.scanRequestedAt);
     }
+    if (settings.techScanRequestedAt) {
+      this.lastKnownTechScanRequestedAt = new Date(settings.techScanRequestedAt);
+    }
     const intervalHours = settings.vulnerabilityScanIntervalHours;
     if (intervalHours <= 0) {
       console.log("[MonitorClient] Scheduled vulnerability scanning disabled by server configuration");
@@ -221,17 +225,27 @@ var MonitorClient = class {
     }
   }
   /**
-   * Check if the server has requested an on-demand scan.
+   * Check if the server has requested an on-demand scan (vulnerability or technology).
    */
   async checkForScanRequest() {
     try {
       const settings = await this.fetchProjectSettings();
-      if (!settings || !settings.scanRequestedAt) return;
-      const scanRequestedAt = new Date(settings.scanRequestedAt);
-      if (!this.lastKnownScanRequestedAt || scanRequestedAt > this.lastKnownScanRequestedAt) {
-        console.log("[MonitorClient] On-demand scan requested by server");
-        this.lastKnownScanRequestedAt = scanRequestedAt;
-        await this.runScanAndTrackTime();
+      if (!settings) return;
+      if (settings.scanRequestedAt) {
+        const scanRequestedAt = new Date(settings.scanRequestedAt);
+        if (!this.lastKnownScanRequestedAt || scanRequestedAt > this.lastKnownScanRequestedAt) {
+          console.log("[MonitorClient] On-demand vulnerability scan requested by server");
+          this.lastKnownScanRequestedAt = scanRequestedAt;
+          await this.runScanAndTrackTime();
+        }
+      }
+      if (settings.techScanRequestedAt) {
+        const techScanRequestedAt = new Date(settings.techScanRequestedAt);
+        if (!this.lastKnownTechScanRequestedAt || techScanRequestedAt > this.lastKnownTechScanRequestedAt) {
+          console.log("[MonitorClient] On-demand technology scan requested by server");
+          this.lastKnownTechScanRequestedAt = techScanRequestedAt;
+          await this.syncDependencies();
+        }
       }
     } catch (err) {
       console.error("[MonitorClient] Failed to check for scan request:", err instanceof Error ? err.message : String(err));
@@ -250,12 +264,12 @@ var MonitorClient = class {
   /**
    * Fetch with timeout to prevent hanging requests
    */
-  async fetchWithTimeout(url, options2, timeoutMs = this.requestTimeoutMs) {
+  async fetchWithTimeout(url, options, timeoutMs = this.requestTimeoutMs) {
     const controller = new AbortController();
     const timeoutId = setTimeout(() => controller.abort(), timeoutMs);
     try {
       const response = await fetch(url, {
-        ...options2,
+        ...options,
         signal: controller.signal
       });
       return response;
@@ -338,13 +352,13 @@ var MonitorClient = class {
     try {
       const fsModule = await import("fs");
       const pathModule = await import("path");
-      const fs2 = fsModule.default || fsModule;
-      const path2 = pathModule.default || pathModule;
+      const fs = fsModule.default || fsModule;
+      const path = pathModule.default || pathModule;
       const baseDir = process.cwd();
-      const resolvedPath = path2.isAbsolute(packagePath) ? packagePath : path2.join(baseDir, packagePath);
-      const normalizedPath = path2.normalize(resolvedPath);
-      const normalizedBase = path2.normalize(baseDir);
-      if (!path2.isAbsolute(packagePath)) {
+      const resolvedPath = path.isAbsolute(packagePath) ? packagePath : path.join(baseDir, packagePath);
+      const normalizedPath = path.normalize(resolvedPath);
+      const normalizedBase = path.normalize(baseDir);
+      if (!path.isAbsolute(packagePath)) {
         if (!normalizedPath.startsWith(normalizedBase)) {
           console.warn("[MonitorClient] Path traversal attempt blocked:", packagePath);
           return [];
@@ -358,10 +372,10 @@ var MonitorClient = class {
         console.warn("[MonitorClient] Path must point to package.json");
         return [];
       }
-      if (!fs2.existsSync(normalizedPath)) {
+      if (!fs.existsSync(normalizedPath)) {
         return [];
       }
-      const packageJson = JSON.parse(fs2.readFileSync(normalizedPath, "utf-8"));
+      const packageJson = JSON.parse(fs.readFileSync(normalizedPath, "utf-8"));
       const technologies = [];
       const deps = {
         ...packageJson.dependencies,
@@ -395,7 +409,7 @@ var MonitorClient = class {
   async sendTechnologies(technologies) {
     await this.sendTechnologiesWithEnvironment(technologies, this.environment);
   }
-  async sendTechnologiesWithEnvironment(technologies, environment2) {
+  async sendTechnologiesWithEnvironment(technologies, environment) {
     const response = await this.fetchWithTimeout(`${this.endpoint}/api/v1/technologies/sync`, {
       method: "POST",
       headers: {
@@ -403,7 +417,7 @@ var MonitorClient = class {
         Authorization: `Bearer ${this.apiKey}`
       },
       body: JSON.stringify({
-        environment: environment2,
+        environment,
         technologies
       })
     });
@@ -440,74 +454,74 @@ var MonitorClient = class {
   /**
    * Capture a login failure event (convenience method)
    */
-  async captureLoginFailure(options2) {
+  async captureLoginFailure(options) {
     return this.captureSecurityEvent({
-      eventType: `login_failed_${options2.authMethod || "other"}`,
+      eventType: `login_failed_${options.authMethod || "other"}`,
       category: "AUTHENTICATION",
       severity: "MEDIUM",
-      ip: options2.ip,
-      identifier: options2.identifier,
-      endpoint: options2.endpoint,
-      userAgent: options2.userAgent,
-      metadata: { reason: options2.reason, authMethod: options2.authMethod }
+      ip: options.ip,
+      identifier: options.identifier,
+      endpoint: options.endpoint,
+      userAgent: options.userAgent,
+      metadata: { reason: options.reason, authMethod: options.authMethod }
     });
   }
   /**
    * Capture a successful login event
    */
-  async captureLoginSuccess(options2) {
+  async captureLoginSuccess(options) {
     await this.captureSecurityEvent({
-      eventType: `login_success_${options2.authMethod || "other"}`,
+      eventType: `login_success_${options.authMethod || "other"}`,
       category: "AUTHENTICATION",
       severity: "LOW",
-      ip: options2.ip,
-      identifier: options2.identifier,
-      endpoint: options2.endpoint,
-      userAgent: options2.userAgent,
-      metadata: { authMethod: options2.authMethod }
+      ip: options.ip,
+      identifier: options.identifier,
+      endpoint: options.endpoint,
+      userAgent: options.userAgent,
+      metadata: { authMethod: options.authMethod }
     });
   }
   /**
    * Capture a rate limit event
    */
-  async captureRateLimit(options2) {
+  async captureRateLimit(options) {
     await this.captureSecurityEvent({
       eventType: "rate_limit_exceeded",
       category: "RATE_LIMIT",
       severity: "MEDIUM",
-      ip: options2.ip,
-      identifier: options2.identifier,
-      endpoint: options2.endpoint,
-      userAgent: options2.userAgent,
-      metadata: { limit: options2.limit, window: options2.window }
+      ip: options.ip,
+      identifier: options.identifier,
+      endpoint: options.endpoint,
+      userAgent: options.userAgent,
+      metadata: { limit: options.limit, window: options.window }
     });
   }
   /**
    * Capture an authorization failure (user tried to access unauthorized resource)
    */
-  async captureAuthorizationFailure(options2) {
+  async captureAuthorizationFailure(options) {
     await this.captureSecurityEvent({
       eventType: "authorization_denied",
       category: "AUTHORIZATION",
       severity: "MEDIUM",
-      ip: options2.ip,
-      identifier: options2.identifier,
-      endpoint: options2.endpoint,
-      userAgent: options2.userAgent,
-      metadata: { resource: options2.resource, action: options2.action }
+      ip: options.ip,
+      identifier: options.identifier,
+      endpoint: options.endpoint,
+      userAgent: options.userAgent,
+      metadata: { resource: options.resource, action: options.action }
     });
   }
   /**
    * Check if an IP or identifier has triggered brute force detection
    */
-  async checkBruteForce(options2) {
+  async checkBruteForce(options) {
     const response = await this.fetchWithTimeout(`${this.endpoint}/api/v1/security/detect/brute-force`, {
       method: "POST",
       headers: {
         "Content-Type": "application/json",
         Authorization: `Bearer ${this.apiKey}`
       },
-      body: JSON.stringify(options2)
+      body: JSON.stringify(options)
     });
     if (!response.ok) {
       const errorText = await response.text().catch(() => "");
@@ -533,10 +547,12 @@ var MonitorClient = class {
     let path;
     let fs;
     try {
-      const _require = eval("require");
-      execSync = _require("child_process").execSync;
-      path = _require("path");
-      fs = _require("fs");
+      const childProcess = await import("child_process");
+      const pathModule = await import("path");
+      const fsModule = await import("fs");
+      execSync = childProcess.execSync;
+      path = pathModule;
+      fs = fsModule;
     } catch {
       console.warn("[MonitorClient] auditDependencies requires Node.js (not available in bundled/browser environments)");
       return null;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ceon-oy/monitor-sdk",
-  "version": "1.0.6",
+  "version": "1.0.9",
   "description": "Client SDK for Ceon Monitor - Error tracking, health monitoring, security events, and vulnerability scanning",
   "author": "Ceon",
   "license": "MIT",