add go sidecar build

[mchenani]

No description provided.

[macroscopeapp]

🟡 Medium

src/process-manager.ts:264 Custom SIGINT/SIGTERM handlers suppress Node.js default termination. Consider calling process.exit() after the cleanup to ensure the process actually terminates.

Suggested change

	process.on("exit", cleanup);
	process.on("SIGINT", cleanup);
	process.on("SIGTERM", cleanup);
	process.on("exit", cleanup);
	process.on("SIGINT", () => {
	cleanup();
	process.exit(130);
	});
	process.on("SIGTERM", () => {
	cleanup();
	process.exit(143);
	});

🚀 Want me to fix this? Reply ex: "fix it for me".

🤖 Prompt for AI

In file npm/gateway/src/process-manager.ts around lines 264-266:

Custom `SIGINT`/`SIGTERM` handlers suppress Node.js default termination. Consider calling `process.exit()` after the cleanup to ensure the process actually terminates.

[macroscopeapp]

🟡 Medium

src/process-manager.ts:204 Suggestion: make stop() idempotent (track shutdown state) so repeated calls don’t add timers/listeners, and cancel any pending auto‑restart timer to prevent a restart after stopping.

🚀 Want me to fix this? Reply ex: "fix it for me".

🤖 Prompt for AI

In file npm/gateway/src/process-manager.ts around line 204:

Suggestion: make `stop()` idempotent (track shutdown state) so repeated calls don’t add timers/listeners, and cancel any pending auto‑restart timer to prevent a restart after stopping.

[macroscopeapp]

🟡 Medium

src/process-manager.ts:172 Calling socket.close() in the error handler throws ERR_SERVER_NOT_RUNNING since the server never started. Consider removing that call.

Suggested change

	socket.once("error", () => {
	socket.close();
	// Port is in use (gateway is listening) — this is what we want
	resolve(true);
	});
	socket.once("error", () => {
	// Port is in use (gateway is listening) — this is what we want
	resolve(true);
	});

🚀 Want me to fix this? Reply ex: "fix it for me".

🤖 Prompt for AI

In file npm/gateway/src/process-manager.ts around lines 172-176:

Calling `socket.close()` in the error handler throws `ERR_SERVER_NOT_RUNNING` since the server never started. Consider removing that call.

[macroscopeapp]

🔴 Critical

npm/sync-versions.sh:31 Command injection vulnerability: VERSION is interpolated directly into JavaScript strings without escaping. A malicious version like 1.0.0'; exec('cmd'); ' would execute arbitrary code. Consider passing VERSION via an environment variable and reading it with process.env.VERSION instead of string interpolation.

🚀 Want me to fix this? Reply ex: "fix it for me".

🤖 Prompt for AI

In file npm/sync-versions.sh around line 31:

Command injection vulnerability: `VERSION` is interpolated directly into JavaScript strings without escaping. A malicious version like `1.0.0'; exec('cmd'); '` would execute arbitrary code. Consider passing `VERSION` via an environment variable and reading it with `process.env.VERSION` instead of string interpolation.

[macroscopeapp]

🟠 High

src/process-manager.ts:30 Missing error event handler on spawned child process. If the binary fails to spawn (permissions, invalid path), Node.js crashes. Consider adding child.on('error', ...) and rejecting earlyExitPromise from it.

-  const earlyExitPromise = new Promise<never>((_, reject) => {
-    child.on("exit", (code, signal) => {
+  const earlyExitPromise = new Promise<never>((_, reject) => {
+    child.on("error", (err) => {
+      reject(new Error(`Gateway failed to spawn: ${err.message}`));
+    });
+    child.on("exit", (code, signal) => {

🚀 Want me to fix this? Reply ex: "fix it for me".

🤖 Prompt for AI

In file npm/gateway/src/process-manager.ts around lines 30-31:

Missing `error` event handler on spawned child process. If the binary fails to spawn (permissions, invalid path), Node.js crashes. Consider adding `child.on('error', ...)` and rejecting `earlyExitPromise` from it.

[macroscopeapp]

🟢 Low

src/process-manager.ts:109 Stream data events can split lines across chunks, causing JSON.parse to fail on partial JSON. Consider buffering incomplete lines between chunks and only processing complete lines (those ending with a newline).

🚀 Want me to fix this? Reply ex: "fix it for me".

🤖 Prompt for AI

In file npm/gateway/src/process-manager.ts around line 109:

Stream `data` events can split lines across chunks, causing `JSON.parse` to fail on partial JSON. Consider buffering incomplete lines between chunks and only processing complete lines (those ending with a newline).

[mkysel]

does it need the API? Thats a lot of computation for nothing

[mchenani]

for now just testing, will clean it up later.

[mkysel]

there is no dev branch

[mkysel]

@mchenani this particular implementation of the gateway does not support any extensions or JWT token auth. Does that meet your requirements?

[mchenani]

@mchenani this particular implementation of the gateway does not support any extensions or JWT token auth. Does that meet your requirements?

Thanks for the review, tbh I'm not sure if I'm aware of the requirements there, will discuss them with @cameronvoell to make sure I have the full picture how we want to tackle that.