muaddib-scanner 2.10.44 → 2.10.45
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/monitor/queue.js +2 -2
- package/src/sandbox/index.js +1 -1
package/package.json
CHANGED
package/src/monitor/queue.js
CHANGED
|
@@ -105,8 +105,8 @@ const { archiveSuspectTarball } = require('./tarball-archive.js');
|
|
|
105
105
|
|
|
106
106
|
// --- Constants ---
|
|
107
107
|
|
|
108
|
-
const SCAN_CONCURRENCY = Math.max(1, parseInt(process.env.MUADDIB_SCAN_CONCURRENCY, 10) ||
|
|
109
|
-
const SCAN_TIMEOUT_MS =
|
|
108
|
+
const SCAN_CONCURRENCY = Math.max(1, parseInt(process.env.MUADDIB_SCAN_CONCURRENCY, 10) || 8);
|
|
109
|
+
const SCAN_TIMEOUT_MS = 300_000; // 5 minutes per package (3 sandbox runs × 90s + static scan headroom)
|
|
110
110
|
const STATIC_SCAN_TIMEOUT_MS = 45_000; // 45s for static analysis only
|
|
111
111
|
const LARGE_PACKAGE_SIZE = 10 * 1024 * 1024; // 10MB
|
|
112
112
|
|
package/src/sandbox/index.js
CHANGED
|
@@ -20,7 +20,7 @@ const { parseGvisorLogs, cleanupGvisorLogs } = require('./gvisor-parser.js');
|
|
|
20
20
|
|
|
21
21
|
const DOCKER_IMAGE = 'muaddib-sandbox';
|
|
22
22
|
const CONTAINER_TIMEOUT = 120000; // 120 seconds
|
|
23
|
-
const SINGLE_RUN_TIMEOUT =
|
|
23
|
+
const SINGLE_RUN_TIMEOUT = 90000; // 90 seconds per run in multi-run mode (gVisor ~30% I/O overhead)
|
|
24
24
|
|
|
25
25
|
// ── Sandbox concurrency limiter ──
|
|
26
26
|
// Prevents Docker container saturation under load (16 workers × 3 runs = 48 containers).
|