securenow 5.17.1 → 5.19.0

package/NPM_README.md

@@ -211,20 +211,6 @@ npx securenow logs --app <key> --minutes 30 --level error
 npx securenow logs trace <traceId>
 ```
 
-### Security Issues
-
-```bash
-# List all issues
-npx securenow issues
-npx securenow issues --status open
-
-# Show issue details with AI analysis
-npx securenow issues show <issue-id>
-
-# Resolve an issue
-npx securenow issues resolve <issue-id>
-```
-
 ### Notifications
 
 ```bash
@@ -382,21 +368,13 @@ You can also use the `SECURENOW_TOKEN` env var for per-terminal sessions without
 
 ```bash
 # Authenticate with a token in CI (env var — no file needed)
-SECURENOW_TOKEN=$MY_SECRET npx securenow issues --json
+SECURENOW_TOKEN=$MY_SECRET npx securenow logs --json
 
 # Or use login with explicit token
 npx securenow login --token $SECURENOW_TOKEN
 
 # Use --json for machine-readable output
-npx securenow issues --json | jq '.[] | select(.severity == "critical")'
-
-# Check for critical issues in a pipeline
-ISSUES=$(npx securenow issues --json --status open)
-CRITICAL=$(echo "$ISSUES" | jq '[.[] | select(.severity == "critical")] | length')
-if [ "$CRITICAL" -gt "0" ]; then
-  echo "Found $CRITICAL critical issues!"
-  exit 1
-fi
+npx securenow logs --json --level error | jq '.logs'
 ```
 
 ### Complete Command Reference
@@ -419,10 +397,7 @@ fi
 | | `logs trace <id>` | Logs for a trace |
 | | `analytics` | Response analytics |
 | | `status` | Dashboard overview |
-| **Detect** | `issues` | List issues |
-| | `issues show <id>` | Issue details |
-| | `issues resolve <id>` | Resolve issue |
-| | `notifications` | List notifications |
+| **Detect** | `notifications` | List notifications |
 | | `notifications unread` | Unread count |
 | | `notifications read <id>` | Mark read |
 | | `notifications read-all` | Mark all read |

package/README.md

@@ -117,10 +117,9 @@ npx securenow apps create my-app
 # Set it as default so you don't need --app every time
 npx securenow config set defaultApp <key>
 
-# View traces, logs, issues
+# View traces, logs
 npx securenow traces
 npx securenow logs
-npx securenow issues
 
 # IP intelligence, forensic queries, blocklist
 npx securenow ip 1.2.3.4
@@ -295,9 +294,6 @@ Most users won't need this — just add `-r securenow/register` to your existing
 
 | Command | Description |
 |---------|-------------|
-| `securenow issues` | List security issues |
-| `securenow issues show <id>` | Show issue details and AI analysis |
-| `securenow issues resolve <id>` | Mark an issue as resolved |
 | `securenow notifications` | List notifications |
 | `securenow notifications unread` | Show unread count |
 | `securenow notifications read <id>` | Mark notification as read |

package/SKILL-CLI.md

@@ -159,15 +159,6 @@ securenow logs list --app my-app --minutes 30 --level error
 securenow logs trace <traceId>               # logs correlated to a specific trace
 ```
 
-### Issues
-
-```bash
-securenow issues [--app <key>] [--status open|resolved]
-securenow issues list --status open
-securenow issues show <id>                   # full issue details
-securenow issues resolve <id>                # mark as resolved
-```
-
 ### Notifications
 
 ```bash
@@ -342,7 +333,7 @@ securenow ip traces <attacker-ip> --json
 securenow traces show <trace-id> --json
 securenow traces analyze <trace-id> --json
 # Decision: block the IP
-securenow blocklist add <attacker-ip> --reason "Automated: SQL injection from issue #<id>"
+securenow blocklist add <attacker-ip> --reason "Automated: SQL injection detected"
 ```
 
 #### Notification IP Investigation Statuses
@@ -387,7 +378,6 @@ securenow status --json
 securenow firewall status --json
 securenow blocklist stats --json
 securenow api-map stats --json
-securenow issues list --status open --json
 securenow forensics "summarize all attacks in the last 7 days"
 ```
 

package/cli/monitor.js

@@ -292,108 +292,6 @@ async function logsTrace(args, flags) {
   }
 }
 
-// ── Issues ──
-
-async function issuesList(args, flags) {
-  requireAuth();
-  const s = ui.spinner('Fetching issues');
-  try {
-    const query = {};
-    const appKey = resolveApp(flags);
-    if (appKey) query.serviceName = appKey;
-    if (flags.status) query.status = flags.status;
-
-    const data = await api.get('/issues', { query });
-    const issues = data.issues || [];
-    s.stop(`Found ${issues.length} issue${issues.length !== 1 ? 's' : ''}`);
-
-    if (flags.json) { ui.json(data); return; }
-
-    console.log('');
-    const rows = issues.map(i => [
-      ui.c.dim(ui.truncate(i._id, 12)),
-      ui.statusBadge(i.severity || i.level || 'medium'),
-      ui.statusBadge(i.status || 'open'),
-      ui.truncate(i.title || i.message || i.type || '', 50),
-      i.serviceName || '—',
-      i.count != null ? String(i.count) : '—',
-      ui.timeAgo(i.lastSeen || i.createdAt),
-    ]);
-
-    ui.table(['ID', 'Severity', 'Status', 'Title', 'App', 'Count', 'Last Seen'], rows);
-    if (data.total != null) {
-      console.log(ui.c.dim(`  Total: ${data.total}`));
-    }
-    console.log('');
-  } catch (err) {
-    s.fail('Failed to fetch issues');
-    throw err;
-  }
-}
-
-async function issuesShow(args, flags) {
-  requireAuth();
-  const id = args[0];
-  if (!id) {
-    ui.error('Issue ID required. Usage: securenow issues show <id>');
-    process.exit(1);
-  }
-
-  const s = ui.spinner('Fetching issue');
-  try {
-    const data = await api.get(`/issues/${id}`);
-    const issue = data.issue || data;
-    s.stop('Issue loaded');
-
-    if (flags.json) { ui.json(issue); return; }
-
-    console.log('');
-    ui.heading(issue.title || issue.type || `Issue ${id}`);
-    console.log('');
-    ui.keyValue([
-      ['ID', issue._id],
-      ['Status', ui.statusBadge(issue.status || 'open')],
-      ['Severity', ui.statusBadge(issue.severity || issue.level || 'medium')],
-      ['App', issue.serviceName || '—'],
-      ['Type', issue.type || '—'],
-      ['Count', issue.count != null ? String(issue.count) : '—'],
-      ['First Seen', issue.firstSeen ? new Date(issue.firstSeen).toLocaleString() : '—'],
-      ['Last Seen', issue.lastSeen ? new Date(issue.lastSeen).toLocaleString() : '—'],
-    ]);
-
-    if (issue.message || issue.description) {
-      ui.subheading('Description');
-      console.log(`\n  ${issue.message || issue.description}\n`);
-    }
-
-    if (issue.analysis) {
-      ui.subheading('AI Analysis');
-      console.log(`\n  ${issue.analysis}\n`);
-    }
-    console.log('');
-  } catch (err) {
-    s.fail('Failed to fetch issue');
-    throw err;
-  }
-}
-
-async function issuesResolve(args, flags) {
-  requireAuth();
-  const id = args[0];
-  if (!id) {
-    ui.error('Issue ID required. Usage: securenow issues resolve <id>');
-    process.exit(1);
-  }
-
-  const s = ui.spinner('Resolving issue');
-  try {
-    await api.patch(`/issues/${id}`, { status: 'resolved' });
-    s.stop('Issue resolved');
-  } catch (err) {
-    s.fail('Failed to resolve issue');
-    throw err;
-  }
-}
 
 // ── Notifications ──
 
@@ -534,9 +432,6 @@ module.exports = {
   tracesAnalyze,
   logsList,
   logsTrace,
-  issuesList,
-  issuesShow,
-  issuesResolve,
   notificationsList,
   notificationsRead,
   notificationsReadAll,

package/cli/security.js

@@ -861,88 +861,6 @@ async function ipTraces(args, flags) {
   }
 }
 
-// ── API Map ──
-
-async function apiMapList(args, flags) {
-  requireAuth();
-  const s = ui.spinner('Fetching API map');
-  try {
-    const data = await api.get('/api-map');
-    const apiMap = data.apiMap;
-    s.stop('API map loaded');
-
-    if (flags.json) { ui.json(data); return; }
-
-    if (!apiMap) {
-      console.log('');
-      ui.info(data.message || 'No API map discovered yet. Run discovery from the dashboard.');
-      console.log('');
-      return;
-    }
-
-    console.log('');
-    if (apiMap.apps && typeof apiMap.apps === 'object') {
-      for (const [appName, appData] of Object.entries(apiMap.apps)) {
-        ui.subheading(appName);
-        console.log('');
-        const endpoints = appData.endpoints || [];
-        if (endpoints.length) {
-          const rows = endpoints.map(e => [
-            e.method || '—',
-            e.path || e.route || '—',
-            e.requestCount != null ? String(e.requestCount) : '—',
-            e.description || ui.c.dim('—'),
-          ]);
-          ui.table(['Method', 'Path', 'Requests', 'Description'], rows);
-        } else {
-          ui.info('No endpoints discovered for this app.');
-        }
-        console.log('');
-      }
-    } else {
-      ui.json(apiMap);
-    }
-  } catch (err) {
-    s.fail('Failed to fetch API map');
-    throw err;
-  }
-}
-
-async function apiMapStats(args, flags) {
-  requireAuth();
-  const s = ui.spinner('Fetching API map stats');
-  try {
-    const data = await api.get('/api-map/stats');
-    const stats = data.stats;
-    s.stop('Stats loaded');
-
-    if (flags.json) { ui.json(stats); return; }
-
-    if (!stats) {
-      console.log('');
-      ui.info('No API map stats available.');
-      console.log('');
-      return;
-    }
-
-    console.log('');
-    ui.heading('API Map Statistics');
-    console.log('');
-    ui.keyValue([
-      ['Total Apps', String(stats.totalApps ?? '—')],
-      ['Total Endpoints', String(stats.totalEndpoints ?? '—')],
-      ['Total Requests', String(stats.totalRequests ?? '—')],
-      ['Discovery Status', stats.discoveryStatus || '—'],
-      ['Last Discovered', stats.lastDiscoveredAt ? new Date(stats.lastDiscoveredAt).toLocaleString() : '—'],
-      ['Version', String(stats.version ?? '—')],
-    ]);
-    console.log('');
-  } catch (err) {
-    s.fail('Failed to fetch stats');
-    throw err;
-  }
-}
-
 // ── Instances ──
 
 async function instancesList(args, flags) {
@@ -1056,8 +974,6 @@ module.exports = {
   forensicsLibrary,
   ipLookup,
   ipTraces,
-  apiMapList,
-  apiMapStats,
   instancesList,
   instancesTest,
   analytics,

package/cli.js

@@ -95,16 +95,6 @@ const COMMANDS = {
     },
     defaultSub: 'list',
   },
-  issues: {
-    desc: 'Manage security issues',
-    usage: 'securenow issues <subcommand> [options]',
-    sub: {
-      list: { desc: 'List issues', flags: { app: 'App key', status: 'Filter by status' }, run: (a, f) => require('./cli/monitor').issuesList(a, f) },
-      show: { desc: 'Show issue details', usage: 'securenow issues show <id>', run: (a, f) => require('./cli/monitor').issuesShow(a, f) },
-      resolve: { desc: 'Resolve an issue', usage: 'securenow issues resolve <id>', run: (a, f) => require('./cli/monitor').issuesResolve(a, f) },
-    },
-    defaultSub: 'list',
-  },
   notifications: {
     desc: 'Manage notifications',
     usage: 'securenow notifications <subcommand> [options]',
@@ -212,15 +202,6 @@ const COMMANDS = {
     },
     defaultAction: (a, f) => require('./cli/security').forensicsQuery(a, f),
   },
-  'api-map': {
-    desc: 'View API map',
-    usage: 'securenow api-map [stats]',
-    sub: {
-      list: { desc: 'List discovered API endpoints', run: (a, f) => require('./cli/security').apiMapList(a, f) },
-      stats: { desc: 'API map statistics', run: (a, f) => require('./cli/security').apiMapStats(a, f) },
-    },
-    defaultSub: 'list',
-  },
   instances: {
     desc: 'Manage ClickHouse instances',
     usage: 'securenow instances <subcommand> [options]',
@@ -362,8 +343,8 @@ function showHelp(commandName) {
     'Authentication': ['login', 'logout', 'whoami'],
     'Applications': ['apps', 'init', 'status'],
     'Observe': ['traces', 'logs', 'analytics'],
-    'Detect & Respond': ['issues', 'notifications', 'alerts', 'fp'],
-    'Investigate': ['ip', 'forensics', 'api-map'],
+    'Detect & Respond': ['notifications', 'alerts', 'fp'],
+    'Investigate': ['ip', 'forensics'],
     'Firewall': ['firewall'],
     'Remediation': ['blocklist', 'allowlist', 'trusted'],
     'Settings': ['instances', 'config', 'version'],

package/nextjs.js

@@ -367,6 +367,44 @@ function registerSecureNow(options = {}) {
       },
     });
     
+    // -------- Guard against OTLP exporter socket errors --------
+    // The OTLP HTTP exporter uses keep-alive connections that can be reset by
+    // the remote end (ECONNRESET / "socket hang up"). These transient errors
+    // sometimes escape as unhandled exceptions or rejections. We catch them
+    // here and log at debug level instead of crashing the host app.
+    const _TRANSIENT_CODES = new Set(['ECONNRESET', 'ECONNREFUSED', 'ETIMEDOUT', 'EPIPE', 'EAI_AGAIN']);
+    function _isOtlpTransientError(err) {
+      if (!err) return false;
+      if (_TRANSIENT_CODES.has(err.code)) return true;
+      if (typeof err.message === 'string' && /socket hang up|ECONNRESET/.test(err.message)) return true;
+      return false;
+    }
+    function _looksLikeOtlpStack(err) {
+      const s = err && err.stack;
+      if (!s) return false;
+      return /OTLPTraceExporter|OTLPLogExporter|otlp|exporter.*http|BatchSpanProcessor|BatchLogRecordProcessor/i.test(s)
+        || /node:_http_client|ClientRequest|TLSSocket/i.test(s);
+    }
+    const _diagDebug = (env('OTEL_LOG_LEVEL') || '').toLowerCase() === 'debug';
+    process.on('uncaughtException', (err, origin) => {
+      if (_isOtlpTransientError(err) && _looksLikeOtlpStack(err)) {
+        if (_diagDebug) {
+          console.debug('[securenow] Suppressed transient OTLP exporter error (%s): %s', origin, err.message);
+        }
+        return;
+      }
+      throw err;
+    });
+    process.on('unhandledRejection', (reason) => {
+      if (_isOtlpTransientError(reason) && _looksLikeOtlpStack(reason)) {
+        if (_diagDebug) {
+          console.debug('[securenow] Suppressed transient OTLP exporter rejection: %s', reason && reason.message);
+        }
+        return;
+      }
+      throw reason;
+    });
+
     if (isVercel) {
       // -------- Vercel Environment: Use @vercel/otel --------
       const { registerOTel } = require('@vercel/otel');

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "securenow",
-  "version": "5.17.1",
+  "version": "5.19.0",
   "description": "OpenTelemetry instrumentation for Node.js, Next.js, and Nuxt - Send traces and logs to any OTLP-compatible backend",
   "type": "commonjs",
   "main": "register.js",

package/tracing.js

@@ -258,12 +258,12 @@ function collectMultipartMeta(request, contentType, sensitiveFields, maxTextFiel
 })();
 
 // -------- diagnostics --------
+const diagLevel = (env('OTEL_LOG_LEVEL') || '').toLowerCase();
 (() => {
-  const L = (env('OTEL_LOG_LEVEL') || '').toLowerCase();
-  const level = L === 'debug' ? DiagLogLevel.DEBUG :
-                L === 'info'  ? DiagLogLevel.INFO  :
-                L === 'warn'  ? DiagLogLevel.WARN  :
-                L === 'error' ? DiagLogLevel.ERROR : DiagLogLevel.NONE;
+  const level = diagLevel === 'debug' ? DiagLogLevel.DEBUG :
+                diagLevel === 'info'  ? DiagLogLevel.INFO  :
+                diagLevel === 'warn'  ? DiagLogLevel.WARN  :
+                diagLevel === 'error' ? DiagLogLevel.ERROR : DiagLogLevel.NONE;
   diag.setLogger(new DiagConsoleLogger(), level);
   console.log('[securenow] preload loaded pid=%d', process.pid);
 })();
@@ -506,6 +506,48 @@ if (loggingEnabled) {
   console.__securenow_patched = true;
 }
 
+// -------- Guard against OTLP exporter socket errors --------
+// The OTLP HTTP exporter uses keep-alive connections that can be reset by the
+// remote end (ECONNRESET / "socket hang up"). These transient errors sometimes
+// escape as unhandled exceptions or rejections because the underlying HTTP
+// request's error path isn't fully covered by the OTel library. We install
+// targeted process-level handlers to catch them and log at debug level instead
+// of crashing the host app.
+const _TRANSIENT_CODES = new Set(['ECONNRESET', 'ECONNREFUSED', 'ETIMEDOUT', 'EPIPE', 'EAI_AGAIN']);
+function _isOtlpTransientError(err) {
+  if (!err) return false;
+  if (_TRANSIENT_CODES.has(err.code)) return true;
+  if (typeof err.message === 'string' && /socket hang up|ECONNRESET/.test(err.message)) return true;
+  return false;
+}
+function _looksLikeOtlpStack(err) {
+  const s = err && err.stack;
+  if (!s) return false;
+  return /OTLPTraceExporter|OTLPLogExporter|otlp|exporter.*http|BatchSpanProcessor|BatchLogRecordProcessor/i.test(s)
+    || /node:_http_client|ClientRequest|TLSSocket/i.test(s);
+}
+
+process.on('uncaughtException', (err, origin) => {
+  if (_isOtlpTransientError(err) && _looksLikeOtlpStack(err)) {
+    if (diagLevel === 'debug') {
+      console.debug('[securenow] Suppressed transient OTLP exporter error (%s): %s', origin, err.message);
+    }
+    return; // swallow — do not crash
+  }
+  // Not ours — re-throw so the default handler (or the app's own handler) fires
+  throw err;
+});
+process.on('unhandledRejection', (reason) => {
+  if (_isOtlpTransientError(reason) && _looksLikeOtlpStack(reason)) {
+    if (diagLevel === 'debug') {
+      console.debug('[securenow] Suppressed transient OTLP exporter rejection: %s', reason && reason.message);
+    }
+    return; // swallow
+  }
+  // Not ours — re-throw as unhandled so Node's default behaviour applies
+  throw reason;
+});
+
 // -------- SDK --------
 const traceExporter = new OTLPTraceExporter({ url: tracesUrl, headers });
 const sdk = new NodeSDK({