@ceon-oy/monitor-sdk 1.1.4 → 1.2.0

package/README.md

@@ -11,6 +11,7 @@ Lightweight client SDK for integrating with the Ceon Monitor service. Provides e
   - [Error Capture](#error-capture)
   - [Technology Tracking](#technology-tracking)
   - [Vulnerability Auditing](#vulnerability-auditing)
+  - [SDK-Based Health Checks](#sdk-based-health-checks)
   - [Security Events](#security-events)
 - [Framework Examples](#framework-examples)
   - [Express.js](#expressjs)
@@ -104,6 +105,8 @@ interface MonitorClientConfig {
   }[];
   auditTimeoutMs?: number;           // Timeout for npm audit command (default: 60000, max: 300000)
   registryTimeoutMs?: number;        // Timeout for npm registry requests (default: 5000, max: 30000)
+  healthCheckEnabled?: boolean;      // Enable SDK-based health check polling (default: false)
+  healthCheckFetchIntervalMs?: number; // Interval to fetch health endpoints in ms (default: 60000)
 }
 ```
 
@@ -413,6 +416,80 @@ setInterval(async () => {
 }, 24 * 60 * 60 * 1000); // Daily
 ```
 
+### SDK-Based Health Checks
+
+The SDK can poll health endpoints that are inside your private network (VPN, internal services) and report the results to Ceon Monitor. This is useful for monitoring services that are not publicly accessible.
+
+#### Enable SDK Polling
+
+```typescript
+const monitor = new MonitorClient({
+  apiKey: process.env.CEON_MONITOR_API_KEY!,
+  endpoint: 'https://monitor.example.com',
+  environment: 'production',
+
+  // Enable SDK-based health check polling
+  healthCheckEnabled: true,
+
+  // Optional: customize fetch interval (default: 60000ms)
+  healthCheckFetchIntervalMs: 60000,
+});
+```
+
+With `healthCheckEnabled: true`, the SDK will:
+1. Fetch assigned health endpoints from the server every 60 seconds (configurable)
+2. Poll each endpoint locally at its configured interval
+3. Submit results back to the server in batches
+4. Automatically handle endpoint additions/removals
+
+#### How It Works
+
+1. **Configure in Dashboard**: Create health endpoints in the Ceon Monitor dashboard and set their polling mode to "SDK"
+2. **SDK Fetches Endpoints**: The SDK periodically fetches the list of endpoints assigned for SDK polling
+3. **Local Polling**: The SDK polls each endpoint from your server (inside your VPN/private network)
+4. **Report Results**: Health check results are batched and submitted to Ceon Monitor
+
+#### Use Cases
+
+- **Internal APIs**: Monitor APIs that are only accessible within your VPN
+- **Database Health**: Check database connection health from inside your network
+- **Microservices**: Monitor internal service-to-service communication
+- **Private Infrastructure**: Any endpoint that's not publicly accessible
+
+#### Configuration Options
+
+```typescript
+interface MonitorClientConfig {
+  // ... other options
+
+  /** Enable SDK-based health check polling (default: false) */
+  healthCheckEnabled?: boolean;
+
+  /** Interval to fetch health endpoints from server in ms (default: 60000) */
+  healthCheckFetchIntervalMs?: number;
+}
+```
+
+#### Manual Health Check Methods
+
+You can also manually perform health checks:
+
+```typescript
+// Fetch endpoints assigned for SDK polling
+const endpoints = await monitor.fetchHealthEndpoints();
+
+// Submit health check results
+const results = [
+  {
+    endpointId: 'clxyz123',
+    status: 'HEALTHY',
+    statusCode: 200,
+    responseTimeMs: 150,
+  },
+];
+await monitor.submitHealthResults(results);
+```
+
 ### Security Events
 
 #### Report Security Event

package/dist/index.d.mts

@@ -53,6 +53,10 @@ interface MonitorClientConfig {
     allowInsecureHttp?: boolean;
     /** Custom npm registry URL for fetching latest versions (default: https://registry.npmjs.org) */
     npmRegistryUrl?: string;
+    /** Enable SDK-based health check polling (default: false) */
+    healthCheckEnabled?: boolean;
+    /** Interval to fetch health endpoints from server in ms (default: 60000) */
+    healthCheckFetchIntervalMs?: number;
 }
 interface TechnologyItem {
     name: string;
@@ -150,6 +154,40 @@ interface MultiAuditSummary {
     }>;
     totalSummary: VulnerabilitySummary;
 }
+type HealthStatus = 'HEALTHY' | 'DEGRADED' | 'UNHEALTHY';
+interface SdkHealthEndpoint {
+    id: string;
+    name: string;
+    url: string;
+    method: 'GET' | 'POST';
+    headers?: Record<string, string>;
+    body?: Record<string, unknown>;
+    environment: string;
+    intervalMs: number;
+    timeoutMs: number;
+    expectedStatus: number;
+}
+interface SdkHealthResult {
+    endpointId: string;
+    status: HealthStatus;
+    statusCode?: number;
+    responseTimeMs?: number;
+    errorMessage?: string;
+}
+interface SdkHealthEndpointsResponse {
+    success: boolean;
+    data: {
+        endpoints: SdkHealthEndpoint[];
+        pollIntervalMs: number;
+    };
+}
+interface SdkHealthResultsResponse {
+    success: boolean;
+    data: {
+        processed: number;
+        total: number;
+    };
+}
 
 declare class MonitorClient {
     private apiKey;
@@ -182,6 +220,11 @@ declare class MonitorClient {
     private auditTimeoutMs;
     private registryTimeoutMs;
     private npmRegistryUrl;
+    private healthCheckEnabled;
+    private healthCheckFetchIntervalMs;
+    private healthCheckFetchTimer;
+    private healthCheckTimers;
+    private healthCheckResultsQueue;
     constructor(config: MonitorClientConfig);
     /**
      * Security: Validate and sanitize metadata to prevent oversized payloads
@@ -382,6 +425,45 @@ declare class MonitorClient {
      * Yarn audit outputs one JSON object per line (newline-delimited JSON)
      */
     private parseYarnAuditOutput;
+    /**
+     * Fetch health endpoints assigned to this project for SDK polling
+     */
+    fetchHealthEndpoints(): Promise<SdkHealthEndpoint[]>;
+    /**
+     * Submit health check results to the server
+     */
+    submitHealthResults(results: SdkHealthResult[]): Promise<{
+        processed: number;
+        total: number;
+    }>;
+    /**
+     * Perform a single health check on an endpoint
+     */
+    private performHealthCheck;
+    /**
+     * Setup automatic health check polling
+     */
+    private setupHealthCheckPolling;
+    /**
+     * Fetch health endpoints and schedule individual checks
+     */
+    private fetchAndScheduleHealthChecks;
+    /**
+     * Schedule individual health check for an endpoint
+     */
+    private scheduleHealthCheck;
+    /**
+     * Run a health check and queue the result
+     */
+    private runHealthCheck;
+    /**
+     * Flush queued health results to the server
+     */
+    private flushHealthResults;
+    /**
+     * Stop all health check timers
+     */
+    private stopHealthCheckTimers;
 }
 
-export { type AuditPath, type AuditResult, type AuditSummary, type BruteForceDetectionResult, type DependencySource, type ErrorContext, type ErrorPayload, MonitorClient, type MonitorClientConfig, type MultiAuditSummary, type SecurityCategory, type SecurityEventInput, type SecurityEventPayload, type SecuritySeverity, type Severity, type TechnologyItem, type TechnologyType, type VulnerabilityItem, type VulnerabilitySeverity };
+export { type AuditPath, type AuditResult, type AuditSummary, type BruteForceDetectionResult, type DependencySource, type ErrorContext, type ErrorPayload, type HealthStatus, MonitorClient, type MonitorClientConfig, type MultiAuditSummary, type SdkHealthEndpoint, type SdkHealthEndpointsResponse, type SdkHealthResult, type SdkHealthResultsResponse, type SecurityCategory, type SecurityEventInput, type SecurityEventPayload, type SecuritySeverity, type Severity, type TechnologyItem, type TechnologyType, type VulnerabilityItem, type VulnerabilitySeverity };

package/dist/index.d.ts

@@ -53,6 +53,10 @@ interface MonitorClientConfig {
     allowInsecureHttp?: boolean;
     /** Custom npm registry URL for fetching latest versions (default: https://registry.npmjs.org) */
     npmRegistryUrl?: string;
+    /** Enable SDK-based health check polling (default: false) */
+    healthCheckEnabled?: boolean;
+    /** Interval to fetch health endpoints from server in ms (default: 60000) */
+    healthCheckFetchIntervalMs?: number;
 }
 interface TechnologyItem {
     name: string;
@@ -150,6 +154,40 @@ interface MultiAuditSummary {
     }>;
     totalSummary: VulnerabilitySummary;
 }
+type HealthStatus = 'HEALTHY' | 'DEGRADED' | 'UNHEALTHY';
+interface SdkHealthEndpoint {
+    id: string;
+    name: string;
+    url: string;
+    method: 'GET' | 'POST';
+    headers?: Record<string, string>;
+    body?: Record<string, unknown>;
+    environment: string;
+    intervalMs: number;
+    timeoutMs: number;
+    expectedStatus: number;
+}
+interface SdkHealthResult {
+    endpointId: string;
+    status: HealthStatus;
+    statusCode?: number;
+    responseTimeMs?: number;
+    errorMessage?: string;
+}
+interface SdkHealthEndpointsResponse {
+    success: boolean;
+    data: {
+        endpoints: SdkHealthEndpoint[];
+        pollIntervalMs: number;
+    };
+}
+interface SdkHealthResultsResponse {
+    success: boolean;
+    data: {
+        processed: number;
+        total: number;
+    };
+}
 
 declare class MonitorClient {
     private apiKey;
@@ -182,6 +220,11 @@ declare class MonitorClient {
     private auditTimeoutMs;
     private registryTimeoutMs;
     private npmRegistryUrl;
+    private healthCheckEnabled;
+    private healthCheckFetchIntervalMs;
+    private healthCheckFetchTimer;
+    private healthCheckTimers;
+    private healthCheckResultsQueue;
     constructor(config: MonitorClientConfig);
     /**
      * Security: Validate and sanitize metadata to prevent oversized payloads
@@ -382,6 +425,45 @@ declare class MonitorClient {
      * Yarn audit outputs one JSON object per line (newline-delimited JSON)
      */
     private parseYarnAuditOutput;
+    /**
+     * Fetch health endpoints assigned to this project for SDK polling
+     */
+    fetchHealthEndpoints(): Promise<SdkHealthEndpoint[]>;
+    /**
+     * Submit health check results to the server
+     */
+    submitHealthResults(results: SdkHealthResult[]): Promise<{
+        processed: number;
+        total: number;
+    }>;
+    /**
+     * Perform a single health check on an endpoint
+     */
+    private performHealthCheck;
+    /**
+     * Setup automatic health check polling
+     */
+    private setupHealthCheckPolling;
+    /**
+     * Fetch health endpoints and schedule individual checks
+     */
+    private fetchAndScheduleHealthChecks;
+    /**
+     * Schedule individual health check for an endpoint
+     */
+    private scheduleHealthCheck;
+    /**
+     * Run a health check and queue the result
+     */
+    private runHealthCheck;
+    /**
+     * Flush queued health results to the server
+     */
+    private flushHealthResults;
+    /**
+     * Stop all health check timers
+     */
+    private stopHealthCheckTimers;
 }
 
-export { type AuditPath, type AuditResult, type AuditSummary, type BruteForceDetectionResult, type DependencySource, type ErrorContext, type ErrorPayload, MonitorClient, type MonitorClientConfig, type MultiAuditSummary, type SecurityCategory, type SecurityEventInput, type SecurityEventPayload, type SecuritySeverity, type Severity, type TechnologyItem, type TechnologyType, type VulnerabilityItem, type VulnerabilitySeverity };
+export { type AuditPath, type AuditResult, type AuditSummary, type BruteForceDetectionResult, type DependencySource, type ErrorContext, type ErrorPayload, type HealthStatus, MonitorClient, type MonitorClientConfig, type MultiAuditSummary, type SdkHealthEndpoint, type SdkHealthEndpointsResponse, type SdkHealthResult, type SdkHealthResultsResponse, type SecurityCategory, type SecurityEventInput, type SecurityEventPayload, type SecuritySeverity, type Severity, type TechnologyItem, type TechnologyType, type VulnerabilityItem, type VulnerabilitySeverity };

package/dist/index.js

@@ -67,8 +67,14 @@ var CONFIG_LIMITS = {
   // 60 seconds max for all dependency syncs
   AUDIT_MULTI_PATH_TIMEOUT_MS: 18e4,
   // 3 minutes max for all audit paths
-  REGISTRY_CONCURRENCY_LIMIT: 5
+  REGISTRY_CONCURRENCY_LIMIT: 5,
   // Limit parallel requests to avoid rate limiting
+  HEALTH_CHECK_FETCH_INTERVAL_MS: 6e4,
+  // 60 seconds (default)
+  HEALTH_CHECK_MIN_INTERVAL_MS: 1e4,
+  // 10 seconds (min endpoint interval)
+  HEALTH_CHECK_MAX_BATCH_SIZE: 50
+  // Max results per batch
 };
 var MonitorClient = class {
   constructor(config) {
@@ -82,6 +88,9 @@ var MonitorClient = class {
     this.lastScanTime = null;
     this.lastKnownScanRequestedAt = null;
     this.lastKnownTechScanRequestedAt = null;
+    this.healthCheckFetchTimer = null;
+    this.healthCheckTimers = /* @__PURE__ */ new Map();
+    this.healthCheckResultsQueue = [];
     if (!config.apiKey || config.apiKey.trim().length === 0) {
       throw new Error("[MonitorClient] API key is required");
     }
@@ -96,7 +105,8 @@ var MonitorClient = class {
       if (!["https:", "http:"].includes(url.protocol)) {
         throw new Error("[MonitorClient] Endpoint must use HTTP or HTTPS protocol");
       }
-      if (url.protocol === "http:" && config.environment !== "development" && config.environment !== "test") {
+      const devEnvironments = ["development", "dev", "test", "local"];
+      if (url.protocol === "http:" && !devEnvironments.includes(config.environment || "")) {
         if (!config.allowInsecureHttp) {
           throw new Error("[MonitorClient] HTTP endpoints require allowInsecureHttp: true in non-development environments");
         }
@@ -140,6 +150,8 @@ var MonitorClient = class {
     this.auditTimeoutMs = Math.min(CONFIG_LIMITS.MAX_AUDIT_TIMEOUT_MS, Math.max(1e3, config.auditTimeoutMs || CONFIG_LIMITS.AUDIT_TIMEOUT_MS));
     this.registryTimeoutMs = Math.min(CONFIG_LIMITS.MAX_REGISTRY_TIMEOUT_MS, Math.max(1e3, config.registryTimeoutMs || CONFIG_LIMITS.REGISTRY_TIMEOUT_MS));
     this.npmRegistryUrl = (config.npmRegistryUrl || "https://registry.npmjs.org").replace(/\/$/, "");
+    this.healthCheckEnabled = config.healthCheckEnabled || false;
+    this.healthCheckFetchIntervalMs = config.healthCheckFetchIntervalMs || CONFIG_LIMITS.HEALTH_CHECK_FETCH_INTERVAL_MS;
     this.startFlushTimer();
     if (this.trackDependencies) {
       this.syncDependencies().catch((err) => {
@@ -151,6 +163,11 @@ var MonitorClient = class {
         console.error("[MonitorClient] Failed to setup auto audit:", err instanceof Error ? err.message : String(err));
       });
     }
+    if (this.healthCheckEnabled) {
+      this.setupHealthCheckPolling().catch((err) => {
+        console.error("[MonitorClient] Failed to setup health check polling:", err instanceof Error ? err.message : String(err));
+      });
+    }
   }
   /**
    * Security: Validate and sanitize metadata to prevent oversized payloads
@@ -299,7 +316,9 @@ var MonitorClient = class {
     this.isClosed = true;
     this.stopFlushTimer();
     this.stopAuditIntervalTimer();
+    this.stopHealthCheckTimers();
     await this.flush();
+    await this.flushHealthResults();
   }
   stopAuditIntervalTimer() {
     if (this.auditIntervalTimer) {
@@ -1189,6 +1208,195 @@ var MonitorClient = class {
     }
     return vulnerabilities;
   }
+  /**
+   * Fetch health endpoints assigned to this project for SDK polling
+   */
+  async fetchHealthEndpoints() {
+    try {
+      const response = await this.fetchWithTimeout(`${this.endpoint}/api/v1/health/sdk/endpoints`, {
+        method: "GET",
+        headers: {
+          "Authorization": `Bearer ${this.apiKey}`,
+          "Content-Type": "application/json"
+        }
+      });
+      if (!response.ok) {
+        console.warn("[MonitorClient] Failed to fetch health endpoints:", response.status);
+        return [];
+      }
+      const result = await response.json();
+      return result.data?.endpoints || [];
+    } catch (err) {
+      console.warn("[MonitorClient] Failed to fetch health endpoints:", err instanceof Error ? err.message : String(err));
+      return [];
+    }
+  }
+  /**
+   * Submit health check results to the server
+   */
+  async submitHealthResults(results) {
+    if (results.length === 0) {
+      return { processed: 0, total: 0 };
+    }
+    try {
+      const response = await this.fetchWithTimeout(`${this.endpoint}/api/v1/health/sdk/results`, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          "Authorization": `Bearer ${this.apiKey}`
+        },
+        body: JSON.stringify({ results })
+      });
+      if (!response.ok) {
+        const errorText = await response.text().catch(() => "");
+        throw new Error(`HTTP ${response.status}${errorText ? `: ${this.sanitizeErrorResponse(errorText)}` : ""}`);
+      }
+      const result = await response.json();
+      return result.data;
+    } catch (err) {
+      console.error("[MonitorClient] Failed to submit health results:", err instanceof Error ? err.message : String(err));
+      throw err;
+    }
+  }
+  /**
+   * Perform a single health check on an endpoint
+   */
+  async performHealthCheck(endpoint) {
+    const startTime = Date.now();
+    try {
+      const requestOptions = {
+        method: endpoint.method,
+        headers: endpoint.headers || {}
+      };
+      if (endpoint.method === "POST" && endpoint.body) {
+        requestOptions.body = JSON.stringify(endpoint.body);
+        requestOptions.headers = {
+          ...requestOptions.headers,
+          "Content-Type": "application/json"
+        };
+      }
+      const response = await this.fetchWithTimeout(
+        endpoint.url,
+        requestOptions,
+        endpoint.timeoutMs
+      );
+      const responseTimeMs = Date.now() - startTime;
+      const statusCode = response.status;
+      let status;
+      if (statusCode === endpoint.expectedStatus) {
+        const slowThreshold = endpoint.timeoutMs * 0.8;
+        if (responseTimeMs > slowThreshold) {
+          status = "DEGRADED";
+        } else {
+          status = "HEALTHY";
+        }
+      } else {
+        status = "UNHEALTHY";
+      }
+      return {
+        endpointId: endpoint.id,
+        status,
+        statusCode,
+        responseTimeMs
+      };
+    } catch (err) {
+      const responseTimeMs = Date.now() - startTime;
+      const errorMessage = err instanceof Error ? err.message : String(err);
+      return {
+        endpointId: endpoint.id,
+        status: "UNHEALTHY",
+        responseTimeMs,
+        errorMessage: this.sanitizeErrorResponse(errorMessage)
+      };
+    }
+  }
+  /**
+   * Setup automatic health check polling
+   */
+  async setupHealthCheckPolling() {
+    console.log("[MonitorClient] Setting up health check polling...");
+    await this.fetchAndScheduleHealthChecks();
+    this.healthCheckFetchTimer = setInterval(() => {
+      this.fetchAndScheduleHealthChecks().catch((err) => {
+        console.error("[MonitorClient] Failed to fetch and schedule health checks:", err);
+      });
+    }, this.healthCheckFetchIntervalMs);
+  }
+  /**
+   * Fetch health endpoints and schedule individual checks
+   */
+  async fetchAndScheduleHealthChecks() {
+    try {
+      const endpoints = await this.fetchHealthEndpoints();
+      if (endpoints.length === 0) {
+        console.log("[MonitorClient] No health endpoints assigned for SDK polling");
+        this.stopHealthCheckTimers();
+        return;
+      }
+      console.log(`[MonitorClient] Fetched ${endpoints.length} health endpoints for polling`);
+      this.stopHealthCheckTimers();
+      for (const endpoint of endpoints) {
+        this.scheduleHealthCheck(endpoint);
+      }
+    } catch (err) {
+      console.error("[MonitorClient] Failed to fetch health endpoints:", err);
+    }
+  }
+  /**
+   * Schedule individual health check for an endpoint
+   */
+  scheduleHealthCheck(endpoint) {
+    const intervalMs = Math.max(CONFIG_LIMITS.HEALTH_CHECK_MIN_INTERVAL_MS, endpoint.intervalMs);
+    this.runHealthCheck(endpoint).catch((err) => {
+      console.error(`[MonitorClient] Health check failed for ${endpoint.name}:`, err);
+    });
+    const timer = setInterval(() => {
+      this.runHealthCheck(endpoint).catch((err) => {
+        console.error(`[MonitorClient] Health check failed for ${endpoint.name}:`, err);
+      });
+    }, intervalMs);
+    this.healthCheckTimers.set(endpoint.id, timer);
+  }
+  /**
+   * Run a health check and queue the result
+   */
+  async runHealthCheck(endpoint) {
+    const result = await this.performHealthCheck(endpoint);
+    this.healthCheckResultsQueue.push(result);
+    if (this.healthCheckResultsQueue.length >= CONFIG_LIMITS.HEALTH_CHECK_MAX_BATCH_SIZE) {
+      await this.flushHealthResults();
+    }
+  }
+  /**
+   * Flush queued health results to the server
+   */
+  async flushHealthResults() {
+    if (this.healthCheckResultsQueue.length === 0) return;
+    const results = [...this.healthCheckResultsQueue];
+    this.healthCheckResultsQueue = [];
+    try {
+      const response = await this.submitHealthResults(results);
+      console.log(`[MonitorClient] Submitted ${response.processed}/${response.total} health check results`);
+    } catch (err) {
+      console.error("[MonitorClient] Failed to flush health results:", err);
+      if (this.healthCheckResultsQueue.length + results.length <= CONFIG_LIMITS.HEALTH_CHECK_MAX_BATCH_SIZE) {
+        this.healthCheckResultsQueue.unshift(...results);
+      }
+    }
+  }
+  /**
+   * Stop all health check timers
+   */
+  stopHealthCheckTimers() {
+    if (this.healthCheckFetchTimer) {
+      clearInterval(this.healthCheckFetchTimer);
+      this.healthCheckFetchTimer = null;
+    }
+    for (const [endpointId, timer] of this.healthCheckTimers.entries()) {
+      clearInterval(timer);
+      this.healthCheckTimers.delete(endpointId);
+    }
+  }
 };
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {

package/dist/index.mjs

@@ -31,8 +31,14 @@ var CONFIG_LIMITS = {
   // 60 seconds max for all dependency syncs
   AUDIT_MULTI_PATH_TIMEOUT_MS: 18e4,
   // 3 minutes max for all audit paths
-  REGISTRY_CONCURRENCY_LIMIT: 5
+  REGISTRY_CONCURRENCY_LIMIT: 5,
   // Limit parallel requests to avoid rate limiting
+  HEALTH_CHECK_FETCH_INTERVAL_MS: 6e4,
+  // 60 seconds (default)
+  HEALTH_CHECK_MIN_INTERVAL_MS: 1e4,
+  // 10 seconds (min endpoint interval)
+  HEALTH_CHECK_MAX_BATCH_SIZE: 50
+  // Max results per batch
 };
 var MonitorClient = class {
   constructor(config) {
@@ -46,6 +52,9 @@ var MonitorClient = class {
     this.lastScanTime = null;
     this.lastKnownScanRequestedAt = null;
     this.lastKnownTechScanRequestedAt = null;
+    this.healthCheckFetchTimer = null;
+    this.healthCheckTimers = /* @__PURE__ */ new Map();
+    this.healthCheckResultsQueue = [];
     if (!config.apiKey || config.apiKey.trim().length === 0) {
       throw new Error("[MonitorClient] API key is required");
     }
@@ -60,7 +69,8 @@ var MonitorClient = class {
       if (!["https:", "http:"].includes(url.protocol)) {
         throw new Error("[MonitorClient] Endpoint must use HTTP or HTTPS protocol");
       }
-      if (url.protocol === "http:" && config.environment !== "development" && config.environment !== "test") {
+      const devEnvironments = ["development", "dev", "test", "local"];
+      if (url.protocol === "http:" && !devEnvironments.includes(config.environment || "")) {
         if (!config.allowInsecureHttp) {
           throw new Error("[MonitorClient] HTTP endpoints require allowInsecureHttp: true in non-development environments");
         }
@@ -104,6 +114,8 @@ var MonitorClient = class {
     this.auditTimeoutMs = Math.min(CONFIG_LIMITS.MAX_AUDIT_TIMEOUT_MS, Math.max(1e3, config.auditTimeoutMs || CONFIG_LIMITS.AUDIT_TIMEOUT_MS));
     this.registryTimeoutMs = Math.min(CONFIG_LIMITS.MAX_REGISTRY_TIMEOUT_MS, Math.max(1e3, config.registryTimeoutMs || CONFIG_LIMITS.REGISTRY_TIMEOUT_MS));
     this.npmRegistryUrl = (config.npmRegistryUrl || "https://registry.npmjs.org").replace(/\/$/, "");
+    this.healthCheckEnabled = config.healthCheckEnabled || false;
+    this.healthCheckFetchIntervalMs = config.healthCheckFetchIntervalMs || CONFIG_LIMITS.HEALTH_CHECK_FETCH_INTERVAL_MS;
     this.startFlushTimer();
     if (this.trackDependencies) {
       this.syncDependencies().catch((err) => {
@@ -115,6 +127,11 @@ var MonitorClient = class {
         console.error("[MonitorClient] Failed to setup auto audit:", err instanceof Error ? err.message : String(err));
       });
     }
+    if (this.healthCheckEnabled) {
+      this.setupHealthCheckPolling().catch((err) => {
+        console.error("[MonitorClient] Failed to setup health check polling:", err instanceof Error ? err.message : String(err));
+      });
+    }
   }
   /**
    * Security: Validate and sanitize metadata to prevent oversized payloads
@@ -263,7 +280,9 @@ var MonitorClient = class {
     this.isClosed = true;
     this.stopFlushTimer();
     this.stopAuditIntervalTimer();
+    this.stopHealthCheckTimers();
     await this.flush();
+    await this.flushHealthResults();
   }
   stopAuditIntervalTimer() {
     if (this.auditIntervalTimer) {
@@ -1153,6 +1172,195 @@ var MonitorClient = class {
     }
     return vulnerabilities;
   }
+  /**
+   * Fetch health endpoints assigned to this project for SDK polling
+   */
+  async fetchHealthEndpoints() {
+    try {
+      const response = await this.fetchWithTimeout(`${this.endpoint}/api/v1/health/sdk/endpoints`, {
+        method: "GET",
+        headers: {
+          "Authorization": `Bearer ${this.apiKey}`,
+          "Content-Type": "application/json"
+        }
+      });
+      if (!response.ok) {
+        console.warn("[MonitorClient] Failed to fetch health endpoints:", response.status);
+        return [];
+      }
+      const result = await response.json();
+      return result.data?.endpoints || [];
+    } catch (err) {
+      console.warn("[MonitorClient] Failed to fetch health endpoints:", err instanceof Error ? err.message : String(err));
+      return [];
+    }
+  }
+  /**
+   * Submit health check results to the server
+   */
+  async submitHealthResults(results) {
+    if (results.length === 0) {
+      return { processed: 0, total: 0 };
+    }
+    try {
+      const response = await this.fetchWithTimeout(`${this.endpoint}/api/v1/health/sdk/results`, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          "Authorization": `Bearer ${this.apiKey}`
+        },
+        body: JSON.stringify({ results })
+      });
+      if (!response.ok) {
+        const errorText = await response.text().catch(() => "");
+        throw new Error(`HTTP ${response.status}${errorText ? `: ${this.sanitizeErrorResponse(errorText)}` : ""}`);
+      }
+      const result = await response.json();
+      return result.data;
+    } catch (err) {
+      console.error("[MonitorClient] Failed to submit health results:", err instanceof Error ? err.message : String(err));
+      throw err;
+    }
+  }
+  /**
+   * Perform a single health check on an endpoint
+   */
+  async performHealthCheck(endpoint) {
+    const startTime = Date.now();
+    try {
+      const requestOptions = {
+        method: endpoint.method,
+        headers: endpoint.headers || {}
+      };
+      if (endpoint.method === "POST" && endpoint.body) {
+        requestOptions.body = JSON.stringify(endpoint.body);
+        requestOptions.headers = {
+          ...requestOptions.headers,
+          "Content-Type": "application/json"
+        };
+      }
+      const response = await this.fetchWithTimeout(
+        endpoint.url,
+        requestOptions,
+        endpoint.timeoutMs
+      );
+      const responseTimeMs = Date.now() - startTime;
+      const statusCode = response.status;
+      let status;
+      if (statusCode === endpoint.expectedStatus) {
+        const slowThreshold = endpoint.timeoutMs * 0.8;
+        if (responseTimeMs > slowThreshold) {
+          status = "DEGRADED";
+        } else {
+          status = "HEALTHY";
+        }
+      } else {
+        status = "UNHEALTHY";
+      }
+      return {
+        endpointId: endpoint.id,
+        status,
+        statusCode,
+        responseTimeMs
+      };
+    } catch (err) {
+      const responseTimeMs = Date.now() - startTime;
+      const errorMessage = err instanceof Error ? err.message : String(err);
+      return {
+        endpointId: endpoint.id,
+        status: "UNHEALTHY",
+        responseTimeMs,
+        errorMessage: this.sanitizeErrorResponse(errorMessage)
+      };
+    }
+  }
+  /**
+   * Setup automatic health check polling
+   */
+  async setupHealthCheckPolling() {
+    console.log("[MonitorClient] Setting up health check polling...");
+    await this.fetchAndScheduleHealthChecks();
+    this.healthCheckFetchTimer = setInterval(() => {
+      this.fetchAndScheduleHealthChecks().catch((err) => {
+        console.error("[MonitorClient] Failed to fetch and schedule health checks:", err);
+      });
+    }, this.healthCheckFetchIntervalMs);
+  }
+  /**
+   * Fetch health endpoints and schedule individual checks
+   */
+  async fetchAndScheduleHealthChecks() {
+    try {
+      const endpoints = await this.fetchHealthEndpoints();
+      if (endpoints.length === 0) {
+        console.log("[MonitorClient] No health endpoints assigned for SDK polling");
+        this.stopHealthCheckTimers();
+        return;
+      }
+      console.log(`[MonitorClient] Fetched ${endpoints.length} health endpoints for polling`);
+      this.stopHealthCheckTimers();
+      for (const endpoint of endpoints) {
+        this.scheduleHealthCheck(endpoint);
+      }
+    } catch (err) {
+      console.error("[MonitorClient] Failed to fetch health endpoints:", err);
+    }
+  }
+  /**
+   * Schedule individual health check for an endpoint
+   */
+  scheduleHealthCheck(endpoint) {
+    const intervalMs = Math.max(CONFIG_LIMITS.HEALTH_CHECK_MIN_INTERVAL_MS, endpoint.intervalMs);
+    this.runHealthCheck(endpoint).catch((err) => {
+      console.error(`[MonitorClient] Health check failed for ${endpoint.name}:`, err);
+    });
+    const timer = setInterval(() => {
+      this.runHealthCheck(endpoint).catch((err) => {
+        console.error(`[MonitorClient] Health check failed for ${endpoint.name}:`, err);
+      });
+    }, intervalMs);
+    this.healthCheckTimers.set(endpoint.id, timer);
+  }
+  /**
+   * Run a health check and queue the result
+   */
+  async runHealthCheck(endpoint) {
+    const result = await this.performHealthCheck(endpoint);
+    this.healthCheckResultsQueue.push(result);
+    if (this.healthCheckResultsQueue.length >= CONFIG_LIMITS.HEALTH_CHECK_MAX_BATCH_SIZE) {
+      await this.flushHealthResults();
+    }
+  }
+  /**
+   * Flush queued health results to the server
+   */
+  async flushHealthResults() {
+    if (this.healthCheckResultsQueue.length === 0) return;
+    const results = [...this.healthCheckResultsQueue];
+    this.healthCheckResultsQueue = [];
+    try {
+      const response = await this.submitHealthResults(results);
+      console.log(`[MonitorClient] Submitted ${response.processed}/${response.total} health check results`);
+    } catch (err) {
+      console.error("[MonitorClient] Failed to flush health results:", err);
+      if (this.healthCheckResultsQueue.length + results.length <= CONFIG_LIMITS.HEALTH_CHECK_MAX_BATCH_SIZE) {
+        this.healthCheckResultsQueue.unshift(...results);
+      }
+    }
+  }
+  /**
+   * Stop all health check timers
+   */
+  stopHealthCheckTimers() {
+    if (this.healthCheckFetchTimer) {
+      clearInterval(this.healthCheckFetchTimer);
+      this.healthCheckFetchTimer = null;
+    }
+    for (const [endpointId, timer] of this.healthCheckTimers.entries()) {
+      clearInterval(timer);
+      this.healthCheckTimers.delete(endpointId);
+    }
+  }
 };
 export {
   MonitorClient

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ceon-oy/monitor-sdk",
-  "version": "1.1.4",
+  "version": "1.2.0",
   "description": "Client SDK for Ceon Monitor - Error tracking, health monitoring, security events, and vulnerability scanning",
   "author": "Ceon",
   "license": "MIT",