npm - agentaudit - Versions diffs - 3.9.45 → 3.9.46 - Mend

agentaudit 3.9.45 → 3.9.46

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/cli.mjs +23 -2
package/package.json +1 -1

package/cli.mjs CHANGED Viewed

@@ -75,6 +75,7 @@ let jsonMode = false;
 let quietMode = false;
 let modelOverride = null; // --model flag or AGENTAUDIT_MODEL env or config
 let globalModelOverride = null; // same, but set early for resolveProvider
+let llmTimeoutMs = null; // --timeout flag (seconds → ms)
 // ── ANSI Colors (respects NO_COLOR and --no-color) ───────
@@ -1679,7 +1680,7 @@ async function auditRepo(url) {
             system: systemPrompt,
             messages: [{ role: 'user', content: userMessage }],
           }),
-          signal: AbortSignal.timeout(180_000),
+          signal: AbortSignal.timeout(llmTimeoutMs || 180_000),
         });
         const data = await res.json();
         if (data.error) {
@@ -1729,7 +1730,7 @@ async function auditRepo(url) {
               { role: 'user', content: userMessage },
             ],
           }),
-          signal: AbortSignal.timeout(resolvedProvider.id === 'ollama' ? 300_000 : 180_000),
+          signal: AbortSignal.timeout(llmTimeoutMs || (resolvedProvider.id === 'ollama' ? 300_000 : 180_000)),
         });
         const data = await res.json();
         if (data.error) {
@@ -1916,6 +1917,12 @@ async function auditRepo(url) {
       console.log(` ${c.red}failed${c.reset}`);
       const errMsg = result.error;
       console.log(`  ${c.red}API error: ${errMsg}${c.reset}`);
+      if (/abort|timeout/i.test(errMsg)) {
+        const currentTimeout = llmTimeoutMs ? (llmTimeoutMs / 1000) : 180;
+        console.log(`  ${c.dim}The model took longer than ${currentTimeout}s to respond.${c.reset}`);
+        console.log(`  ${c.dim}Try increasing the timeout: --timeout 300 (or --timeout 600 for reasoning models)${c.reset}`);
+        console.log(`  ${c.dim}You can also set AGENTAUDIT_TIMEOUT=300 as environment variable.${c.reset}`);
+      }
       if (/context.length|maximum.*tokens|too.many.tokens/i.test(errMsg)) {
         console.log(`  ${c.dim}This model's context window is too small for this repository.${c.reset}`);
         console.log(`  ${c.dim}Try a model with a larger context: --model anthropic/claude-sonnet-4 (200k) or --model openai/gpt-4o (128k)${c.reset}`);
@@ -2210,6 +2217,18 @@ async function main() {
     || null;
   globalModelOverride = modelOverride;
+  // --timeout flag: --timeout=<seconds> or --timeout <seconds>
+  const timeoutFlagIdx = rawArgs.findIndex(a => a === '--timeout');
+  const timeoutFlagEq = rawArgs.find(a => a.startsWith('--timeout='));
+  const timeoutVal = timeoutFlagEq?.split('=')[1]
+    || (timeoutFlagIdx >= 0 ? rawArgs[timeoutFlagIdx + 1] : null)
+    || process.env.AGENTAUDIT_TIMEOUT
+    || null;
+  if (timeoutVal) {
+    const secs = parseInt(timeoutVal, 10);
+    if (secs > 0) llmTimeoutMs = secs * 1000;
+  }
   // Strip global flags from args
   const globalFlags = new Set(['--json', '--quiet', '-q', '--no-color']);
   let args = rawArgs.filter(a => !globalFlags.has(a));
@@ -2217,6 +2236,8 @@ async function main() {
   args = args.filter((a, i, arr) => {
     if (a.startsWith('--model=')) return false;
     if (a === '--model') { arr[i + 1] = '__skip__'; return false; }
+    if (a.startsWith('--timeout=')) return false;
+    if (a === '--timeout') { arr[i + 1] = '__skip__'; return false; }
     if (a === '__skip__') return false;
     return true;
   });

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "agentaudit",
-  "version": "3.9.45",
+  "version": "3.9.46",
   "description": "Security scanner for AI packages — MCP server + CLI",
   "type": "module",
   "bin": {