fix(scan): finalize tier1 reachability scan from socket scan reach#1331
Open
Benjamin Barslev Nielsen (barslev) wants to merge 1 commit into
Open
fix(scan): finalize tier1 reachability scan from socket scan reach#1331Benjamin Barslev Nielsen (barslev) wants to merge 1 commit into
socket scan reach#1331Benjamin Barslev Nielsen (barslev) wants to merge 1 commit into
Conversation
`socket scan reach` invokes Coana which registers a tier1 reachability scan row on the backend. Until now socket-cli never followed up with a finalize call from this flow because there was no full-scan id to bind to, so every standalone reachability run left the row at an intermediate post-Coana state indistinguishable from a stuck run. Now that the backend's `tier1-reachability-scan/finalize` endpoint accepts a null `report_run_id` for flows that have no full scan, call it from `handle-scan-reach.mts` once Coana has emitted the tier1 reachability scan id. The standalone reachability row reaches its DONE terminal state, and "stuck at the intermediate state" becomes an unambiguous signal of a real problem rather than a normal `scan reach` outcome. Broaden the `finalizeTier1Scan` wrapper signature so the second argument is `string | null`. Best-effort: a finalize failure logs a warning but does not block the user-visible reachability output.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
socket scan reach(standalone reachability analysis) spawns Coana, which registers a tier1 reachability scan row via the Socket backend. Until now socket-cli never followed that up with a finalize call from this flow — there was no full-scan id to bind to, so the row stayed at an intermediate post-Coana state forever and looked identical to a stuckscan create --reach.With the tier1 reachability finalize endpoint now accepting a null
report_run_id,socket scan reachcan drive the row to its DONE terminal state directly. The intermediate post-Coana state becomes an unambiguous "something went wrong" signal again.Changes
src/commands/scan/finalize-tier1-scan.mts— broaden the second argument fromstringtostring | null(mirrors the finalize endpoint's relaxed schema). No-op for existing call sites that pass a real scan id.src/commands/scan/handle-scan-reach.mts— afterperformReachabilityAnalysisreturns successfully and yields atier1ReachabilityScanId, POST/tier1-reachability-scan/finalizewithreport_run_id: null. Failure logs a warn and falls through to the normal output (this is metadata-only; never block the user-visible result on it).src/commands/scan/handle-scan-reach.test.mts— mock the new dependency and add two focused tests: one verifyingfinalizeTier1Scan('tier1-id', null)is invoked when Coana emits a scan id, one verifying it is NOT called when Coana emitsundefined.Test plan
pnpm check:tsccleanpnpm test:unit src/commands/scan/handle-scan-reach.test.mts— 6/6 (4 existing + 2 new)pnpm test:unit src/commands/scan/— 177/177Note
Medium Risk
Replaces core build/lint/CI and packaging entrypoints, which can break releases or developer workflows if any config mismatch slips through. No direct product logic changes are evident, but the surface area touched (Rollup, ESLint, GitHub Actions, bins) is broad.
Overview
Reworks the project’s build + distribution pipeline by adding new Babel/Rollup configs (including dist bundling that copies/rewires
external/deps) and switching runtime entrypoints to newbin/*.jswrappers that execute the builtdistoutputs.Overhauls developer tooling and CI: replaces legacy ESLint setup with a flat
eslint.config.js, adds Biome/Oxlint configs, new.env.*profiles, Husky hooks (lint-staged + commit PII guard), and new GitHub Actions workflows for lint/typecheck/test/e2e and npm publish with provenance.Repo hygiene/docs updates: expands
.gitignore/.editorconfig, removes oldcli.js+lib/command implementation, drops Dependabot config, and refreshesREADME.md/CHANGELOG.mdplus a new Claude skill for bumping@coana-tech/cli.Reviewed by Cursor Bugbot for commit 129adae. Configure here.