fix: address 6 review findings — timeout, audit, cache, stderr, filter, comments#7
Conversation
…r, comments - Add configurable timeout (30s default) to upstream tools/list calls. A hung upstream no longer blocks tool discovery from healthy ones. New config key: upstreamTimeoutMs (schema.ts). - Add 2s TTL cache on collectTools() to prevent redundant fan-out when multiple clients call tools/list simultaneously. - Serialize audit logger writes with a promise chain to prevent NDJSON line interleaving under concurrent HTTP requests. - Rate-limit upstream stderr logging to 10KB/min per upstream (configurable via stderrLogBytesPerMinute in server config). - Pre-compile micromatch glob patterns via matcher() in ToolFilter constructor instead of recompiling on every isAllowed() call. - Fix comment numbering in Shrinker.applyRules() (steps 6→8, 7→9). Closes false200#1, false200#2, false200#3, false200#4, false200#5, false200#6
|
Thanks @tcconnally, reviewed the diff locally, all 36 existing tests pass. Left a few inline notes. Happy to merge once all the fixes are in place. |
false200
left a comment
false200
left a comment
There was a problem hiding this comment.
Three small fixes requested (stderr 0=unlimited, clearTimeout after Promise.race, schema comment accuracy). Rest looks good, will merge once those are addressed. Thanks again!
| stderrBytesThisMinute = 0; | ||
| stderrMinuteStart = now; | ||
| } | ||
| if (stderrBytesThisMinute < stderrBudget) { |
There was a problem hiding this comment.
Bug: schema says stderrLogBytesPerMinute: 0 means unlimited, but when budget is 0 this condition is never true, so nothing gets logged.
So the suggested fix would be:
if (stderrBudget === 0 || stderrBytesThisMinute < stderrBudget) {
...
}
| const result = await Promise.race([ | ||
| conn.client.listTools(), | ||
| new Promise<never>((_, reject) => | ||
| setTimeout(() => reject(new Error(`upstream \"${id}\" tools/list timed out after ${timeoutMs}ms`)), timeoutMs), |
There was a problem hiding this comment.
Minor leak: if listTools() wins the race, this timer is never cleared.
Suggested pattern would be:
let timer: ReturnType;
const timeout = new Promise((_, reject) => {
timer = setTimeout(() => reject(new Error(...)), timeoutMs);
});
try {
const result = await Promise.race([conn.client.listTools(), timeout]);
clearTimeout(timer!);
...
} catch (err) {
clearTimeout(timer!);
...
}
| observability: observabilitySchema, | ||
| policy: policySchema, | ||
| logLevel: z.enum(["trace", "debug", "info", "warn", "error", "fatal", "silent"]).default("info"), | ||
| /** Timeout in ms for upstream listTools/listResources/listPrompts calls (default 30s). */ |
There was a problem hiding this comment.
Comment mentions listResources/listPrompts, but the PR only wraps listTools() in aggregator.ts. Either extend the timeout to those calls too, or narrow this comment to tools/list for now.
… schema comment accuracy
|
All three review findings addressed:
Ready for another look when you have a moment. |
| setTimeout(() => reject(new Error(`upstream \"${id}\" tools/list timed out after ${timeoutMs}ms`)), timeoutMs), | ||
| ), | ||
| ]); | ||
| let timer: ReturnType<typeof setTimeout>; |
There was a problem hiding this comment.
timer is declared inside try, so it's out of scope in catch - tsc fails with:
- TS2454: Variable 'timer' is used before being assigned (line 233)
- TS2304: Cannot find name 'timer' (line 264)
Move let timer before the try block.
Suggested fix should look like:
let timer: ReturnType<typeof setTimeout> | undefined;
try {
const timeout = new Promise<never>((_, reject) => {
timer = setTimeout(
() => reject(new Error(`upstream "${id}" tools/list timed out after ${timeoutMs}ms`)),
timeoutMs,
);
});
const result = await Promise.race([conn.client.listTools(), timeout]);
if (timer !== undefined) clearTimeout(timer);
timer = undefined;
// ... process tools
} catch (err) {
if (timer !== undefined) clearTimeout(timer);
this.log.warn({ id, err: errMsg(err) }, "upstream tools/list failed");
}| this.applyTools = apply.tools ?? true; | ||
| this.applyResources = apply.resources ?? true; | ||
| this.applyPrompts = apply.prompts ?? true; | ||
| this.allowMatcher = this.allow.length > 0 ? micromatch.matcher(this.allow) : null; |
There was a problem hiding this comment.
pnpm typecheck fails here - @types/micromatch types matcher() as taking string, not string[]:
Suggested changes:
this.allowMatcher = this.allow.length > 0 ? micromatch.matcher(this.allow) : null;
this.denyMatcher = this.deny.length > 0 ? micromatch.matcher(this.deny) : null;
to
this.allowMatcher = this.allow.length > 0 ? micromatch.matcher(this.allow as string | string[]) : null;
this.denyMatcher = this.deny.length > 0 ? micromatch.matcher(this.deny as string | string[]) : null;
|
@tcconnally Thanks for the quick turnaround, stderr fix and schema comment look good. One more thing on clearTimeout: Also Happy to merge once all the fixes are in place. |
…laration - aggregator.ts: move `let timer` before `try` so it is in scope for the catch block's clearTimeout call - Add src/types/micromatch.d.ts to resolve tsc "Could not find declaration file for module 'micromatch'" (the @types/micromatch package is a stub) Addresses review feedback on PR false200#7.
|
Fixed both remaining issues:
|
|
Thanks @tcconnally! |
2 participants
Fixes all 6 issues from a deep-dive code review.
Changes
upstreamTimeoutMsconfig key.stderrLogBytesPerMinute.micromatch.matcher()in constructor.Tests
8 files, 36 tests, all passing. No regressions. Backward-compatible — new config keys have sensible defaults.