aljaz/Auditor
1
0
Fork 0
mirror of https://github.com/aljazceru/Auditor.git synced 2025-12-17 03:24:18 +01:00
Code Issues Packages Projects Releases Wiki Activity
16 Commits 1 Branch 0 Tags
main
Commit Graph

5 Commits

Author SHA1 Message Date
TheAuditorTool
2520ad8698 Critical Fix: Implement adaptive timeouts to prevent long-running analysis tools from being killed 
- Replace hardcoded 300s (5 min) timeout that was killing taint-analyze and detect-patterns
  - Add COMMAND_TIMEOUTS dictionary with appropriate timeouts per command type:
    * taint-analyze, detect-patterns: 2 hours (can take 10-60 min on large codebases)
    * lint: 15 minutes (ESLint/ruff on monorepos)
    * fce: 30 minutes (correlation analysis)
    * graph operations: 10 minutes
    * Quick operations (deps, docs, workset): 5 minutes
  - Add get_command_timeout() function to determine timeout based on command name
  - Support environment variable overrides:
    * Global: THEAUDITOR_TIMEOUT_SECONDS (default 30 min)
    * Per-command: THEAUDITOR_TIMEOUT_TAINT_ANALYZE_SECONDS, etc.
  - Update all 3 run_subprocess_with_interrupt calls to use adaptive timeouts
 2025-09-09 17:22:12 +07:00
TheAuditorTool
c7b1f54ab8 Fix: Monorepo dependency parsing and docs fetch pipeline integration 
- Add automatic detection of package.json in common monorepo patterns (backend/, frontend/, packages/*/, apps/*/,
  services/*/)
  - Fix pipeline deps.json path mismatch - deps writes to .pf/raw/deps.json but docs fetch was looking in
  .pf/deps.json
  - Add _parse_standalone_package_json() to handle subdirectory packages without workspace detection
  - Properly track workspace_package field with relative paths for all discovered package.json files

  Fixes PlantPro and similar monorepos where deps were not being detected (only finding 1 Docker dep instead of 100+
   npm deps)
 2025-09-09 16:48:11 +07:00
TheAuditorTool
c7a59e420b Fix: Critical Windows ProcessPoolExecutor hang and documentation drift 
Fixed critical Windows compatibility issues and updated outdated documentation.

  CRITICAL WINDOWS HANG FIXES:
  1. ProcessPoolExecutor → ThreadPoolExecutor
     - Fixes PowerShell/terminal hang where Ctrl+C wouldn't work
     - Prevents .pf directory lock requiring Task Manager kill
     - Root cause: Nested ProcessPool + ThreadPool on Windows creates kernel deadlock

  2. Ctrl+C Interruption Support
     - Replaced subprocess.run with Popen+poll pattern (industry standard)
     - Poll subprocess every 100ms for interruption checking
     - Added global stop_event and signal handlers for graceful shutdown
     - Root cause: subprocess.run blocks threads with no signal propagation

  DOCUMENTATION DRIFT FIX:
  - Removed hardcoded "14 phases" references (actual is 19+ commands)
  - Updated to "multiple analysis phases" throughout all docs
  - Fixed CLI help text to be version-agnostic
  - Added missing "Summary generation" step in HOWTOUSE.md

  Changes:
  - pipelines.py: ProcessPoolExecutor → ThreadPoolExecutor, added Popen+poll pattern
  - Added signal handling and run_subprocess_with_interrupt() function
  - commands/full.py: Updated docstring to remove specific phase count
  - README.md: Changed "14 distinct phases" to "multiple analysis phases"
  - HOWTOUSE.md: Updated phase references, added missing summary step
  - CLAUDE.md & ARCHITECTURE.md: Removed hardcoded phase counts

  Impact: Critical UX fixes - Windows compatibility restored, pipeline interruptible
  Testing: Ctrl+C works, no PowerShell hangs, .pf directory deletable
 2025-09-09 14:26:18 +07:00
TheAuditorTool
5ef25486a6 Pipeline order mismatch 
aud graph analyze was running to late, causing no initial analysis to be found, causing simpler output data.
 2025-09-07 23:54:48 +07:00
TheAuditorTool
ba5c287b02 Initial commit: TheAuditor v1.0.1 - AI-centric SAST and Code Intelligence Platform 2025-09-07 20:39:47 +07:00