securenow 5.7.1 → 5.8.0

package/cli/security.js

@@ -269,20 +269,36 @@ async function trustedRemove(args, flags) {
   }
 }
 
+// ── Helpers ──
+
+async function resolveAppId(flags) {
+  const appKey = flags.app || config.getDefaultApp();
+  if (!appKey) return null;
+  const data = await api.get('/applications');
+  const apps = data.applications || [];
+  const match = apps.find(a => a.key === appKey);
+  return match ? { id: match._id, key: match.key, name: match.name } : null;
+}
+
 // ── Forensics ──
 
 async function forensicsQuery(args, flags) {
   requireAuth();
   const query = args.join(' ');
   if (!query) {
-    ui.error('Query required. Usage: securenow forensics "your natural language query"');
+    ui.error('Query required. Usage: securenow forensics "your natural language query" [--app <key>]');
     process.exit(1);
   }
 
   const s = ui.spinner('Submitting forensic query');
   try {
     const body = { query };
-    if (flags.instance) body.instanceId = flags.instance;
+    const resolved = await resolveAppId(flags);
+    if (resolved) {
+      body.applicationId = resolved.id;
+    } else if (flags.instance) {
+      body.instanceId = flags.instance;
+    }
 
     const job = await api.post('/forensics/query', body);
     const jobId = job.jobId;
@@ -387,6 +403,138 @@ async function forensicsLibrary(args, flags) {
   }
 }
 
+// ── Forensics Chat ──
+
+async function forensicsChat(args, flags) {
+  requireAuth();
+  const resolved = await resolveAppId(flags);
+  if (!resolved) {
+    ui.error('App required. Usage: securenow forensics chat --app <key>');
+    ui.info('Set a default with: securenow apps default <key>');
+    process.exit(1);
+  }
+
+  console.log('');
+  ui.heading(`Forensics Chat — ${resolved.name || resolved.key}`);
+  console.log(ui.c.dim(`  App: ${resolved.key} (${resolved.id})`));
+  console.log(ui.c.dim('  Type your question, or "exit" to quit.\n'));
+
+  let conversationId = null;
+
+  const readline = require('readline');
+  const rl = readline.createInterface({ input: process.stdin, output: process.stderr });
+
+  const askLine = () => new Promise((resolve) => {
+    rl.question(ui.c.cyan('  you > '), (answer) => resolve(answer.trim()));
+  });
+
+  try {
+    while (true) {
+      const message = await askLine();
+      if (!message || message.toLowerCase() === 'exit' || message.toLowerCase() === 'quit') {
+        console.log('');
+        ui.info('Chat ended.');
+        break;
+      }
+
+      const s = ui.spinner('Thinking');
+      try {
+        const body = { message, applicationKey: resolved.key };
+        if (conversationId) body.conversationId = conversationId;
+
+        const chatRes = await api.post('/forensics/chat', body);
+        conversationId = chatRes.conversationId;
+
+        if (chatRes.status === 'processing') {
+          let result;
+          for (let i = 0; i < 150; i++) {
+            await new Promise(r => setTimeout(r, 2000));
+            result = await api.get(`/forensics/chat/status/${conversationId}`);
+            if (result.status === 'complete' || result.status === 'failed' || result.status === 'awaiting_confirmation') break;
+            const progress = result._progress;
+            if (progress?.action) s.update(progress.action);
+          }
+
+          if (!result || result.status === 'processing') {
+            s.fail('Response timed out');
+            continue;
+          }
+
+          s.stop('Done');
+          printChatMessage(result.message);
+
+          if (result.status === 'awaiting_confirmation') {
+            const proceed = await ui.confirm('Proceed with this query?');
+            if (proceed) {
+              const cs = ui.spinner('Executing query');
+              await api.post(`/forensics/chat/confirm/${conversationId}`);
+              let confirmResult;
+              for (let i = 0; i < 90; i++) {
+                await new Promise(r => setTimeout(r, 2000));
+                confirmResult = await api.get(`/forensics/chat/status/${conversationId}`);
+                if (confirmResult.status !== 'processing') break;
+              }
+              cs.stop('Done');
+              if (confirmResult?.message) printChatMessage(confirmResult.message);
+            } else {
+              ui.info('Query skipped. Ask a different question or refine.');
+            }
+          }
+        } else if (chatRes.message) {
+          s.stop('Done');
+          printChatMessage(chatRes.message);
+        } else {
+          s.stop('Done');
+        }
+      } catch (err) {
+        s.fail('Error');
+        ui.error(err.message);
+      }
+      console.log('');
+    }
+  } finally {
+    rl.close();
+  }
+}
+
+function printChatMessage(msg) {
+  if (!msg) return;
+  console.log('');
+  if (msg.content) {
+    console.log(`  ${ui.c.green('ai >')} ${msg.content}`);
+  }
+  if (msg.sqlQuery) {
+    console.log('');
+    ui.subheading('Generated SQL');
+    console.log(`\n  ${ui.c.dim(msg.sqlQuery)}\n`);
+  }
+  if (msg.results && Array.isArray(msg.results) && msg.results.length > 0) {
+    ui.subheading(`Results (${msg.resultCount ?? msg.results.length} rows)`);
+    console.log('');
+    const headers = Object.keys(msg.results[0]);
+    const rows = msg.results.map(row => headers.map(h => String(row[h] ?? '')));
+    ui.table(headers, rows);
+  }
+  if (msg.estimation) {
+    const est = msg.estimation;
+    const rowLabel = est.timedOut
+      ? 'very large (estimation timed out)'
+      : est.estimatedRows != null
+        ? `~${Number(est.estimatedRows).toLocaleString()}`
+        : 'unknown';
+    console.log(`\n  ${ui.c.yellow('!')} Estimated rows: ${rowLabel}`);
+    if (est.suggestions?.length) {
+      console.log(ui.c.dim('  Suggestions:'));
+      for (const sug of est.suggestions) {
+        console.log(ui.c.dim(`    • ${sug}`));
+      }
+    }
+  }
+  if (msg.error && !msg.results) {
+    console.log(`\n  ${ui.c.red('Error:')} ${msg.error}`);
+  }
+}
+
 // ── IP Lookup ──
 
 async function ipLookup(args, flags) {
@@ -670,6 +818,7 @@ module.exports = {
   trustedAdd,
   trustedRemove,
   forensicsQuery,
+  forensicsChat,
   forensicsLibrary,
   ipLookup,
   ipTraces,

package/cli.js

@@ -1,4 +1,4 @@
-#!/usr/bin/env node
+#!/usr/bin/env node
 'use strict';
 
 const ui = require('./cli/ui');
@@ -151,9 +151,10 @@ const COMMANDS = {
   },
   forensics: {
     desc: 'Run forensic queries (natural language → SQL)',
-    usage: 'securenow forensics <query>',
+    usage: 'securenow forensics <query> [--app <key>]',
     sub: {
-      query: { desc: 'Run a forensic query', run: (a, f) => require('./cli/security').forensicsQuery(a, f) },
+      query: { desc: 'Run a forensic query', flags: { app: 'App key to scope query' }, run: (a, f) => require('./cli/security').forensicsQuery(a, f) },
+      chat: { desc: 'Interactive forensics chat (scoped to an app)', usage: 'securenow forensics chat --app <key>', flags: { app: 'App key to chat with' }, run: (a, f) => require('./cli/security').forensicsChat(a, f) },
       library: { desc: 'View saved queries', run: (a, f) => require('./cli/security').forensicsLibrary(a, f) },
     },
     defaultAction: (a, f) => require('./cli/security').forensicsQuery(a, f),

package/free-trial-banner.js

@@ -40,19 +40,33 @@ function _bannerClientCode() {
     strong.textContent = 'Testing Environment:';
     msg.appendChild(strong);
     msg.appendChild(document.createTextNode(
-      ' Only add test applications. For production usage, please '
+      ' Only add test applications. For production usage, '
     ));
 
     var link = document.createElement('a');
-    link.href = 'https://securenow.ai/contact';
+    link.href = 'https://app.securenow.ai/dashboard/settings/instances';
     link.target = '_blank';
     link.rel = 'noopener';
     link.style.cssText = 'color:#664D03;font-weight:600;text-decoration:underline';
-    link.textContent = 'contact our team for a demo';
+    link.textContent = 'create a new production instance';
     msg.appendChild(link);
     msg.appendChild(document.createTextNode('.'));
     d.appendChild(msg);
 
+    var upgradeBtn = document.createElement('a');
+    upgradeBtn.href = 'https://app.securenow.ai/dashboard/settings/instances';
+    upgradeBtn.target = '_blank';
+    upgradeBtn.rel = 'noopener';
+    upgradeBtn.textContent = '\u26a1 Upgrade';
+    upgradeBtn.style.cssText =
+      'display:inline-flex;align-items:center;gap:4px;' +
+      'background:#D97706;color:#fff;padding:4px 12px;border-radius:4px;' +
+      'font-size:12px;font-weight:600;text-decoration:none;margin-left:10px;' +
+      'white-space:nowrap;transition:background 0.15s';
+    upgradeBtn.onmouseover = function () { upgradeBtn.style.background = '#B45309'; };
+    upgradeBtn.onmouseout = function () { upgradeBtn.style.background = '#D97706'; };
+    d.appendChild(upgradeBtn);
+
     var close = document.createElement('button');
     close.textContent = '\u00d7';
     close.style.cssText =

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "securenow",
-  "version": "5.7.1",
+  "version": "5.8.0",
   "description": "OpenTelemetry instrumentation for Node.js, Next.js, and Nuxt - Send traces and logs to any OTLP-compatible backend",
   "type": "commonjs",
   "main": "register.js",

package/tracing.js

@@ -16,6 +16,7 @@
  *   OTEL_EXPORTER_OTLP_TRACES_ENDPOINT=...    # full traces URL
  *   OTEL_EXPORTER_OTLP_HEADERS="k=v,k2=v2"
  *   SECURENOW_DISABLE_INSTRUMENTATIONS="pkg1,pkg2"
+ *   SECURENOW_CAPTURE_MULTIPART=1                # capture multipart/form-data fields & file metadata (streaming, no file content buffered)
  *   OTEL_LOG_LEVEL=info|debug
  *   SECURENOW_TEST_SPAN=1
  *
@@ -103,6 +104,131 @@ function redactGraphQLQuery(query, sensitiveFields = DEFAULT_SENSITIVE_FIELDS) {
   return redacted;
 }
 
+// -------- Multipart streaming parser --------
+// Streams through the request without buffering file content.
+// Only part headers and text-field values are kept in memory,
+// so memory stays bounded (~few KB) regardless of upload size.
+
+function extractBoundary(contentType) {
+  const match = contentType.match(/boundary=(?:"([^"]+)"|([^\s;]+))/i);
+  return match ? (match[1] || match[2]) : null;
+}
+
+function collectMultipartMeta(request, contentType, sensitiveFields, maxTextFieldSize, onComplete) {
+  const boundary = extractBoundary(contentType);
+  if (!boundary) { onComplete({ error: 'BOUNDARY_NOT_FOUND' }); return; }
+
+  const result = { fields: {}, files: [] };
+  let totalSize = 0;
+  let buf = Buffer.alloc(0);
+
+  const MAX_PARTS = 100;
+  let partCount = 0;
+
+  const FIRST_DELIM = Buffer.from('--' + boundary);
+  const DELIM       = Buffer.from('\r\n--' + boundary);
+  const HDR_END     = Buffer.from('\r\n\r\n');
+
+  let initialized = false;
+  let inHeaders = true;
+  let isFile = false;
+  let fldName = '';
+  let fName = '';
+  let pCT = '';
+  let bodyBytes = 0;
+  let textVal = '';
+
+  function flushPart() {
+    if (!fldName) return;
+    if (isFile) {
+      result.files.push({ field: fldName, filename: fName, contentType: pCT || 'unknown', size: bodyBytes });
+    } else {
+      const lower = fldName.toLowerCase();
+      const redact = sensitiveFields.some(f => lower.includes(f.toLowerCase()));
+      result.fields[fldName] = redact ? '[REDACTED]' : textVal.substring(0, maxTextFieldSize);
+    }
+    fldName = ''; bodyBytes = 0; textVal = ''; partCount++;
+  }
+
+  function drain() {
+    if (!initialized) {
+      const i = buf.indexOf(FIRST_DELIM);
+      if (i === -1) {
+        if (buf.length > FIRST_DELIM.length + 4) buf = buf.slice(buf.length - FIRST_DELIM.length - 4);
+        return;
+      }
+      buf = buf.slice(i + FIRST_DELIM.length);
+      initialized = true;
+      inHeaders = true;
+    }
+
+    let guard = 200;
+    while (buf.length > 0 && guard-- > 0 && partCount < MAX_PARTS) {
+      if (inHeaders) {
+        if (buf.length >= 2 && buf[0] === 0x2D && buf[1] === 0x2D) { buf = Buffer.alloc(0); return; }
+        if (buf.length >= 2 && buf[0] === 0x0D && buf[1] === 0x0A) { buf = buf.slice(2); continue; }
+
+        const hi = buf.indexOf(HDR_END);
+        if (hi === -1) return;
+
+        const hdr = buf.slice(0, hi).toString('latin1');
+        buf = buf.slice(hi + 4);
+
+        const nm = hdr.match(/name="([^"]+)"/);
+        const fn = hdr.match(/filename="([^"]*)"/);
+        const ct = hdr.match(/Content-Type:\s*(.+)/i);
+        fldName = nm ? nm[1] : '';
+        fName   = fn ? fn[1] : '';
+        pCT     = ct ? ct[1].trim() : '';
+        isFile  = !!fn;
+        bodyBytes = 0;
+        textVal = '';
+        inHeaders = false;
+      }
+
+      const di = buf.indexOf(DELIM);
+      if (di === -1) {
+        const safe = Math.max(0, buf.length - DELIM.length - 2);
+        if (safe > 0) {
+          bodyBytes += safe;
+          if (!isFile && textVal.length < maxTextFieldSize) {
+            textVal += buf.slice(0, safe).toString('utf8').substring(0, maxTextFieldSize - textVal.length);
+          }
+          buf = buf.slice(safe);
+        }
+        return;
+      }
+
+      bodyBytes += di;
+      if (!isFile && textVal.length < maxTextFieldSize) {
+        textVal += buf.slice(0, di).toString('utf8').substring(0, maxTextFieldSize - textVal.length);
+      }
+      flushPart();
+      buf = buf.slice(di + DELIM.length);
+      inHeaders = true;
+    }
+  }
+
+  request.on('data', (chunk) => {
+    totalSize += chunk.length;
+    buf = Buffer.concat([buf, chunk]);
+    drain();
+  });
+
+  request.on('end', () => {
+    try {
+      if (!inHeaders && fldName) {
+        bodyBytes += buf.length;
+        if (!isFile) textVal += buf.toString('utf8').substring(0, maxTextFieldSize - textVal.length);
+        flushPart();
+      }
+      onComplete({ parsed: result, totalSize });
+    } catch (e) {
+      onComplete({ error: 'PARSE_ERROR' });
+    }
+  });
+}
+
 // -------- ESM detection --------
 // register.js auto-registers the hook via module.register() on Node >=20.6.
 // This warning only fires if BOTH --import AND module.register() were skipped
@@ -194,6 +320,8 @@ const maxBodySize = parseInt(env('SECURENOW_MAX_BODY_SIZE') || '10240'); // 10KB
 const customSensitiveFields = (env('SECURENOW_SENSITIVE_FIELDS') || '').split(',').map(s => s.trim()).filter(Boolean);
 const allSensitiveFields = [...DEFAULT_SENSITIVE_FIELDS, ...customSensitiveFields];
 
+const captureMultipart = String(env('SECURENOW_CAPTURE_MULTIPART')) === '1' || String(env('SECURENOW_CAPTURE_MULTIPART')).toLowerCase() === 'true';
+
 // -------- Trusted proxy IP resolution --------
 // Only trust X-Forwarded-For / X-Real-IP when the direct connection comes from
 // a known proxy (loopback, private RFC-1918/RFC-4193, or an explicit allowlist).
@@ -325,10 +453,38 @@ const httpInstrumentation = new HttpInstrumentation({
             }
           });
         } else if (contentType.includes('multipart/form-data')) {
-          // Multipart is NOT captured
-          span.setAttribute('http.request.body', '[MULTIPART - NOT CAPTURED]');
-          span.setAttribute('http.request.body.type', 'multipart');
-          span.setAttribute('http.request.body.note', 'File uploads not captured by design');
+          if (captureMultipart) {
+            collectMultipartMeta(request, contentType, allSensitiveFields, 1000, ({ error, parsed, totalSize }) => {
+              try {
+                if (error === 'BOUNDARY_NOT_FOUND') {
+                  span.setAttribute('http.request.body', '[MULTIPART - BOUNDARY NOT FOUND]');
+                  span.setAttribute('http.request.body.type', 'multipart');
+                  return;
+                }
+                if (error) {
+                  span.setAttribute('http.request.body', '[MULTIPART - PARSE ERROR]');
+                  span.setAttribute('http.request.body.type', 'multipart');
+                  span.setAttribute('http.request.body.parse_error', true);
+                  return;
+                }
+                span.setAttributes({
+                  'http.request.body': JSON.stringify(parsed).substring(0, maxBodySize),
+                  'http.request.body.type': 'multipart',
+                  'http.request.body.size': totalSize,
+                  'http.request.body.fields_count': Object.keys(parsed.fields).length,
+                  'http.request.body.files_count': parsed.files.length,
+                });
+              } catch (e) {
+                span.setAttribute('http.request.body', '[MULTIPART - PARSE ERROR]');
+                span.setAttribute('http.request.body.type', 'multipart');
+                span.setAttribute('http.request.body.parse_error', true);
+              }
+            });
+          } else {
+            span.setAttribute('http.request.body', '[MULTIPART - NOT CAPTURED]');
+            span.setAttribute('http.request.body.type', 'multipart');
+            span.setAttribute('http.request.body.note', 'Set SECURENOW_CAPTURE_MULTIPART=1 to enable');
+          }
         }
       }
     } catch (error) {
@@ -416,6 +572,9 @@ const sdk = new NodeSDK({
     if (captureBody) {
       console.log('[securenow] 📝 Request body capture: ENABLED (max: %d bytes, redacting %d sensitive fields)', maxBodySize, allSensitiveFields.length);
     }
+    if (captureMultipart) {
+      console.log('[securenow] 📎 Multipart body capture: ENABLED (streaming — file content not buffered)');
+    }
     if (String(env('SECURENOW_TEST_SPAN')) === '1') {
       const api = require('@opentelemetry/api');
       const tracer = api.trace.getTracer('securenow-smoke');

package/web-vite.mjs

@@ -173,19 +173,33 @@ function injectFreeTrialBanner(): void {
     strong.textContent = 'Testing Environment:';
     msg.appendChild(strong);
     msg.appendChild(document.createTextNode(
-      ' Only add test applications. For production usage, please '
+      ' Only add test applications. For production usage, '
     ));
 
     const link = document.createElement('a');
-    link.href = 'https://securenow.ai/contact';
+    link.href = 'https://app.securenow.ai/dashboard/settings/instances';
     link.target = '_blank';
     link.rel = 'noopener';
     link.style.cssText = 'color:#664D03;font-weight:600;text-decoration:underline';
-    link.textContent = 'contact our team for a demo';
+    link.textContent = 'create a new production instance';
     msg.appendChild(link);
     msg.appendChild(document.createTextNode('.'));
     d.appendChild(msg);
 
+    const upgradeBtn = document.createElement('a');
+    upgradeBtn.href = 'https://app.securenow.ai/dashboard/settings/instances';
+    upgradeBtn.target = '_blank';
+    upgradeBtn.rel = 'noopener';
+    upgradeBtn.textContent = '\u26a1 Upgrade';
+    upgradeBtn.style.cssText =
+      'display:inline-flex;align-items:center;gap:4px;' +
+      'background:#D97706;color:#fff;padding:4px 12px;border-radius:4px;' +
+      'font-size:12px;font-weight:600;text-decoration:none;margin-left:10px;' +
+      'white-space:nowrap;transition:background 0.15s';
+    upgradeBtn.onmouseover = () => { upgradeBtn.style.background = '#B45309'; };
+    upgradeBtn.onmouseout = () => { upgradeBtn.style.background = '#D97706'; };
+    d.appendChild(upgradeBtn);
+
     const close = document.createElement('button');
     close.textContent = '\u00d7';
     close.style.cssText =