agentaudit 3.9.37 → 3.9.38

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/cli.mjs +8 -12
  2. package/package.json +1 -1
package/cli.mjs CHANGED
@@ -1446,7 +1446,9 @@ async function auditRepo(url) {
1446
1446
 
1447
1447
  // Build code chunks for multi-pass analysis.
1448
1448
  // Budget ~45k tokens (~180k chars) per chunk for code, leaving room for prompt + output.
1449
- const MAX_CHUNK_CHARS = 180_000;
1449
+ // ~15k tokens per chunk for code → fits comfortably in 32k+ context models
1450
+ // with room for system prompt (~2k tokens) + output (4k tokens)
1451
+ const MAX_CHUNK_CHARS = 60_000;
1450
1452
  const chunks = []; // array of code block strings
1451
1453
  let currentChunk = '';
1452
1454
  let currentChars = 0;
@@ -1603,7 +1605,7 @@ async function auditRepo(url) {
1603
1605
  },
1604
1606
  body: JSON.stringify({
1605
1607
  model: modelOverride || 'claude-sonnet-4-20250514',
1606
- max_tokens: 8192,
1608
+ max_tokens: 4096,
1607
1609
  system: systemPrompt,
1608
1610
  messages: [{ role: 'user', content: userMessage }],
1609
1611
  }),
@@ -1651,7 +1653,7 @@ async function auditRepo(url) {
1651
1653
  headers: { 'Content-Type': 'application/json', ...authHeaders },
1652
1654
  body: JSON.stringify({
1653
1655
  model: modelName,
1654
- max_tokens: 8192,
1656
+ max_tokens: 4096,
1655
1657
  messages: [
1656
1658
  { role: 'system', content: systemPrompt },
1657
1659
  { role: 'user', content: userMessage },
@@ -1700,15 +1702,9 @@ async function auditRepo(url) {
1700
1702
  const result = await callLLM(chunks[i], `pass ${i + 1}`);
1701
1703
 
1702
1704
  if (result.error) {
1703
- console.log(` ${c.red}failed${c.reset}`);
1704
- const errMsg = result.error;
1705
- console.log(` ${c.red}API error: ${errMsg}${c.reset}`);
1706
- if (/context.length|maximum.*tokens|too.many.tokens/i.test(errMsg)) {
1707
- console.log(` ${c.dim}This model's context window is too small even for chunked analysis.${c.reset}`);
1708
- console.log(` ${c.dim}Try: --model anthropic/claude-sonnet-4 (200k) or --model openai/gpt-4o (128k)${c.reset}`);
1709
- }
1710
- try { fs.rmSync(tmpDir, { recursive: true, force: true }); } catch {}
1711
- return null;
1705
+ console.log(` ${c.red}failed${c.reset} ${c.dim}(${result.error.slice(0, 80)})${c.reset}`);
1706
+ // Don't abort on individual pass failures — continue with remaining chunks
1707
+ continue;
1712
1708
  }
1713
1709
 
1714
1710
  if (!result.report) {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "agentaudit",
3
- "version": "3.9.37",
3
+ "version": "3.9.38",
4
4
  "description": "Security scanner for AI packages — MCP server + CLI",
5
5
  "type": "module",
6
6
  "bin": {