feat(scan): unit suffixes for reachability timeout/memory limits (1.1.123, Coana 15.5.0)#1369
feat(scan): unit suffixes for reachability timeout/memory limits (1.1.123, Coana 15.5.0)#1369Martin Torp (mtorp) wants to merge 2 commits into
Conversation
….123, Coana 15.5.0) --reach-analysis-timeout and --reach-analysis-memory-limit now accept unit suffixes (s/m/h for duration, MB/GB for memory, case-insensitive). Coana owns the canonical parsing, so the CLI forwards the raw string verbatim instead of coercing to a number. A thin local validator gives fast errors before the Coana binary is spawned. Empty or zero-magnitude values are omitted when forwarding so Coana applies its own defaults, preserving the prior numeric-0 sentinel. Bare numbers keep working but are no longer documented. Bumps the bundled Coana CLI to 15.5.0, whose parser handles these units.
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes using high effort and found 1 potential issue.
Bugbot Autofix is ON. A cloud agent has been kicked off to fix the reported issue.
Comment @cursor review or bugbot run to trigger another review on this PR
Reviewed by Cursor Bugbot for commit bd1d761. Configure here.
| message: 'Reachability analysis flags require --reach to be enabled', | ||
| fail: 'add --reach flag to use --reach-* options', | ||
| }, | ||
| { |
There was a problem hiding this comment.
Timeout zero sentinel breaks scan create
Medium Severity
The scan create command incorrectly treats default-equivalent values for --reach-analysis-timeout and --reach-analysis-memory-limit as non-default. Following the type change to string, inputs like "0", "0s", "8GB", or "8192MB" are flagged as requiring --reach, even though they represent the default behavior, causing an error when --reach is not explicitly provided.
Reviewed by Cursor Bugbot for commit bd1d761. Configure here.
…-reach guard The "reachability flags require --reach" guard compared the raw flag strings to the default string, so unit-equivalent inputs were wrongly flagged as non-default and rejected without --reach: 8GB / 8192MB (= the 8192MB default) and the zero/omit timeout sentinel 0 / 0s. The latter was a regression from the number→string change (numeric 0 used to equal the numeric default). Compare by resolved magnitude instead: reachMemoryLimitToMb normalizes 8192/8192MB/8GB to 8192, and the timeout uses the omit sentinel so any zero counts as default.
Summary
Adds unit suffixes to the reachability analysis options on
socket scan create --reachandsocket scan reach:--reach-analysis-timeoutacceptss,m,h(e.g.90s,10m,1h)--reach-analysis-memory-limitacceptsMB,GB(e.g.512MB,8GB)Units are case-insensitive. Coana (
@coana-tech/cli) is the canonical parser, so the CLI now forwards the raw value through verbatim instead of coercing it to a number (both flags changed from meowtype: 'number'to'string'). A thin local validator (reachability-units.mts) rejects malformed values fast, before the Coana binary is spawned.Backward compatibility
0"use default" sentinel.Coana bump
Bumps the bundled Coana CLI to 15.5.0, whose parser understands these unit suffixes (the feature is inert on older Coana, which predates the parser). Package version bumped to 1.1.123 with a changelog entry.
Testing
pnpm run check:tsc— cleanpnpm run check:lint— cleanscan create/scan reach).Related
Part of the cross-CLI "reachability units" effort:
@coana-tech/cli15.5.0 (merged + published)