muaddib-scanner 2.11.112 → 2.11.113

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/package.json +1 -1
  2. package/{self-scan-v2.11.112.json → self-scan-v2.11.113.json} +1 -1
  3. package/src/monitor/webhook.js +32 -8
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "muaddib-scanner",
3
- "version": "2.11.112",
3
+ "version": "2.11.113",
4
4
  "description": "Supply-chain threat detection & response for npm & PyPI/Python",
5
5
  "main": "src/index.js",
6
6
  "bin": {
package/{self-scan-v2.11.112.json → self-scan-v2.11.113.json} RENAMED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "target": "node_modules",
3
- "timestamp": "2026-06-13T13:45:22.808Z",
3
+ "timestamp": "2026-06-14T08:06:18.378Z",
4
4
  "threats": [
5
5
  {
6
6
  "type": "string_mutation_obfuscation",
package/src/monitor/webhook.js CHANGED
@@ -1252,6 +1252,13 @@ function buildDailyReportEmbed(stats, dailyAlerts, ledgerRollup) {
1252
1252
  const pct = (ledger.distinctCoverage * 100).toFixed(0);
1253
1253
  const approx = ledger.exactVanished === false ? '~' : '';
1254
1254
  coverageText = `${ledger.distinctScanned}/${ledger.distinctPackages} pkgs (${approx}${pct}%)`;
1255
+ // Honest 24h coverage loss surfaced next to coverage: `vanished` = distinct names
1256
+ // dropped and never re-scanned in the window — the real miss count. The raw
1257
+ // `dropped` aggregate (which also folds in recoverable spill + retries, so it
1258
+ // OVERSTATES loss) is relegated to the Ops embed's Ledger field, not the headline.
1259
+ if (ledger.vanished > 0) {
1260
+ coverageText += ` · ${ledger.exactVanished ? '' : '≥'}${ledger.vanished} vanished`;
1261
+ }
1255
1262
  if (published > 0) coverageText += `\nRaw events: ${attempted}/${published}`;
1256
1263
  coverageText += opsSuffix;
1257
1264
  } else if (published > 0) {
@@ -1343,14 +1350,7 @@ function buildDailyReportEmbed(stats, dailyAlerts, ledgerRollup) {
1343
1350
  { name: 'vs Yesterday', value: trendsText, inline: false },
1344
1351
  { name: 'ML', value: mlText, inline: true },
1345
1352
  { name: 'LLM Detective', value: llmText, inline: true },
1346
- { name: 'Top Suspects', value: top3Text, inline: false },
1347
- ...((stats.sandboxDeferred || stats.deferredProcessed || stats.deferredExpired)
1348
- ? [{ name: 'Deferred Sandbox', value: `Enqueued: ${stats.sandboxDeferred || 0} | Processed: ${stats.deferredProcessed || 0} | Expired: ${stats.deferredExpired || 0}`, inline: false }]
1349
- : []),
1350
- { name: 'Stability', value: _stabilityFieldValue(stats), inline: false },
1351
- { name: 'Degradations', value: _degradationsFieldValue(), inline: false },
1352
- ...(ledgerField ? [ledgerField] : []),
1353
- { name: 'System', value: healthText, inline: false }
1353
+ { name: 'Top Suspects', value: top3Text, inline: false }
1354
1354
  ],
1355
1355
  footer: {
1356
1356
  // Headline-source annotation: 'ledger' = window-exact [last report → now]
@@ -1359,6 +1359,30 @@ function buildDailyReportEmbed(stats, dailyAlerts, ledgerRollup) {
1359
1359
  text: `MUAD'DIB - Daily summary | headline: ${headline ? 'ledger — completed/deduped, exact 24h window' : 'counters (in-memory fallback)'} | ${readableTime}`
1360
1360
  },
1361
1361
  timestamp: now.toISOString()
1362
+ }, {
1363
+ // --- Embed 2: Ops / system state (kept OUT of the daily headline) ---
1364
+ // Operator feedback: a daily that mixes 24h outcome with multi-day system state
1365
+ // reads as failure when it isn't. Each line here carries its own clock:
1366
+ // • Ledger → 24h window. Its `dropped` folds in recoverable spill + retries,
1367
+ // so it OVERSTATES loss — `vanished` (in the Coverage field) is the
1368
+ // honest miss count, which is why dropped sits here, not the headline.
1369
+ // • Stability → cumulative since the 08:00 reset (backlog = point-in-time depth
1370
+ // of the persistent spill file, the one snapshot in this field).
1371
+ // • Degradations / System → instantaneous snapshot (degradations have no TTL: if
1372
+ // shown, the condition is active right now, not earlier in the window).
1373
+ title: '⚙️ Ops / état système',
1374
+ color: 0x95a5a6,
1375
+ description: 'Ledger = fenêtre 24h (dropped inclut le spill récupérable — voir « vanished » pour la perte réelle) · Stability = cumulé depuis 08:00 (backlog = instantané) · Degradations/System = instantané',
1376
+ fields: [
1377
+ ...((stats.sandboxDeferred || stats.deferredProcessed || stats.deferredExpired)
1378
+ ? [{ name: 'Deferred Sandbox', value: `Enqueued: ${stats.sandboxDeferred || 0} | Processed: ${stats.deferredProcessed || 0} | Expired: ${stats.deferredExpired || 0}`, inline: false }]
1379
+ : []),
1380
+ { name: 'Stability (cumulé depuis 08:00)', value: _stabilityFieldValue(stats), inline: false },
1381
+ { name: 'Degradations (actif maintenant)', value: _degradationsFieldValue(), inline: false },
1382
+ ...(ledgerField ? [ledgerField] : []),
1383
+ { name: 'System', value: healthText, inline: false }
1384
+ ],
1385
+ timestamp: now.toISOString()
1362
1386
  }]
1363
1387
  };
1364
1388
  }