@runsec/mcp 1.0.85 → 1.0.87

package/dist/index.js

@@ -6129,7 +6129,8 @@ function buildHubComplianceBlock(result) {
 // src/telemetryClient.ts
 var HUB_UPLOAD_TIMEOUT_MS = 12e4;
 var HUB_UPLOAD_MAX_RETRIES = 4;
-var HUB_HTTPS_AGENT = new import_node_https.default.Agent({ keepAlive: true, maxSockets: 4, timeout: HUB_UPLOAD_TIMEOUT_MS });
+var HUB_WRITE_CHUNK_BYTES = 16 * 1024;
+var HUB_HTTPS_AGENT = new import_node_https.default.Agent({ keepAlive: false, maxSockets: 2, timeout: HUB_UPLOAD_TIMEOUT_MS });
 function sleepMs(ms) {
   return new Promise((resolve) => setTimeout(resolve, ms));
 }
@@ -6206,13 +6207,51 @@ function slimFindingForHubUpload(finding) {
     file_path: finding.file_path,
     line: finding.line,
     detector_name: finding.detector_name,
-    description: finding.description?.slice(0, 240),
-    match_text: finding.match_text?.slice(0, 120),
+    description: finding.description?.slice(0, 160),
     confidence_score: finding.confidence_score,
     suppressed: finding.suppressed,
     suppression_reason: finding.suppression_reason
   };
 }
+function buildSuppressedSummaryForHub(findings) {
+  const byReason = {};
+  const locations = [];
+  for (const f of findings) {
+    const reason = String(f.suppression_reason ?? "cognitive_suppressed");
+    byReason[reason] = (byReason[reason] ?? 0) + 1;
+    locations.push({
+      file_path: f.file_path,
+      line: f.line ?? 0,
+      rule_id: f.rule_id,
+      detector_name: f.detector_name,
+      suppression_reason: reason,
+      severity: f.severity
+    });
+  }
+  return { total: findings.length, by_reason: byReason, locations };
+}
+function slimEngineSummaryForHub(engineSummary) {
+  if (!engineSummary) return void 0;
+  const pick = (row) => row ? {
+    engine: row.engine,
+    status: row.status,
+    finding_count: row.finding_count,
+    duration_ms: row.duration_ms
+  } : void 0;
+  return {
+    concurrent_duration_ms: engineSummary.concurrent_duration_ms,
+    semgrep: pick(engineSummary.semgrep),
+    trufflehog: pick(engineSummary.trufflehog),
+    syft: pick(engineSummary.syft)
+  };
+}
+function slimReportMetricsForHub(reportMetrics) {
+  const { findings_suppressed: _fs, raw_engines: _raw, engine_summary, ...rest } = reportMetrics;
+  return {
+    ...rest,
+    engine_summary: slimEngineSummaryForHub(engine_summary)
+  };
+}
 function slimRunsecJsonForHubUpload(result, reportMetrics, workspacePath, verdict, metrics, compliance, complianceASVS) {
   return {
     source: "runsec_mcp",
@@ -6222,14 +6261,15 @@ function slimRunsecJsonForHubUpload(result, reportMetrics, workspacePath, verdic
     metrics,
     compliance,
     complianceASVS,
-    report_metrics: reportMetrics,
+    report_metrics: slimReportMetricsForHub(reportMetrics),
     findings: result.findings.map(slimFindingForHubUpload),
-    findings_suppressed: result.findings_suppressed.map(slimFindingForHubUpload),
+    findings_suppressed_summary: buildSuppressedSummaryForHub(result.findings_suppressed),
+    findings_suppressed_count: result.findings_suppressed.length,
     duration_ms: result.duration_ms,
     findings_count: result.findings_count,
     cognitive_suppressed_count: result.cognitive_suppressed_count,
     engines: result.engines,
-    engine_summary: result.engine_summary,
+    engine_summary: slimEngineSummaryForHub(result.engine_summary),
     cognitive: result.cognitive,
     verdict_detail: result.verdict
   };
@@ -6250,9 +6290,11 @@ function postHubUploadNodeHttp(url, apiKey, payload) {
       reject(err);
       return;
     }
+    const bodyBuffer = Buffer.from(body, "utf8");
     const headers = {
       ...hubAuthHeaders(apiKey),
-      "Content-Length": String(Buffer.byteLength(body))
+      "Content-Length": String(bodyBuffer.length),
+      Connection: "close"
     };
     const lib = parsed.protocol === "https:" ? import_node_https.default : import_node_http.default;
     const port = parsed.port !== "" ? Number(parsed.port) : parsed.protocol === "https:" ? 443 : 80;
@@ -6287,27 +6329,33 @@ function postHubUploadNodeHttp(url, apiKey, payload) {
       req.destroy();
       reject(Object.assign(new Error("Hub upload request timeout"), { code: "ETIMEDOUT" }));
     });
-    req.write(body);
+    for (let offset = 0; offset < bodyBuffer.length; offset += HUB_WRITE_CHUNK_BYTES) {
+      req.write(bodyBuffer.subarray(offset, offset + HUB_WRITE_CHUNK_BYTES));
+    }
     req.end();
   });
 }
-function preferNodeHttpUpload() {
-  if (process.env.VITEST === "true" || process.env.RUNSEC_HUB_USE_FETCH === "1") return false;
-  if (process.env.RUNSEC_HUB_USE_NODE_HTTP === "1") return true;
-  if (process.platform === "win32") return true;
-  return false;
+async function postHubUploadFetch(url, apiKey, payload) {
+  return await fetch(url, {
+    method: "POST",
+    headers: hubAuthHeaders(apiKey),
+    body: JSON.stringify(payload),
+    signal: AbortSignal.timeout(HUB_UPLOAD_TIMEOUT_MS)
+  });
 }
 async function postHubUploadOnce(url, apiKey, payload) {
-  if (preferNodeHttpUpload()) {
-    return postHubUploadNodeHttp(url, apiKey, payload);
+  const useNodeFirst = process.env.RUNSEC_HUB_USE_NODE_HTTP === "1";
+  if (useNodeFirst) {
+    try {
+      return await postHubUploadNodeHttp(url, apiKey, payload);
+    } catch (nodeError) {
+      console.error("[runsec] node:http(s) upload failed \u2014 retrying with fetch()");
+      dumpHubNetworkError(nodeError, url);
+      return postHubUploadFetch(url, apiKey, payload);
+    }
   }
   try {
-    return await fetch(url, {
-      method: "POST",
-      headers: hubAuthHeaders(apiKey),
-      body: JSON.stringify(payload),
-      signal: AbortSignal.timeout(HUB_UPLOAD_TIMEOUT_MS)
-    });
+    return await postHubUploadFetch(url, apiKey, payload);
   } catch (fetchError) {
     console.error("[runsec] fetch() failed \u2014 retrying Hub upload via node:http(s)");
     dumpHubNetworkError(fetchError, url);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@runsec/mcp",
-  "version": "1.0.85",
+  "version": "1.0.87",
   "main": "dist/index.js",
   "files": [
     "package.json",