[v1.103.0]
- Git clone and remote-update operations now enforce wall-clock timeouts (20 min and 10 min defaults respectively) so a single unresponsive remote cannot park a clone worker indefinitely. Configurable via
KF_GIT_CLONE_TIMEOUT_SECSandKF_GIT_UPDATE_TIMEOUT_SECS. - Deadline enforcement is now propagated through repository object indexing, commit-graph traversal, tree traversal, and blob metadata assembly, replacing the previous 100 ms polling loop with cooperative cancellation at each phase boundary.
- Bounded concurrent in-flight repo scans with a permit pool sized at
2× repo_concurrency. Without this cap, a large multi-repo scan could queue thousands of closures into rayon's unbounded work queue and exhaust memory before any scan completed. Pass-vto enable a saturation-tracker thread that logs queue depth, active scan count, and permit availability every ~15 s. - Resilient tar archive extraction: truncated or malformed archives now yield whatever entries completed successfully instead of failing the whole archive. If no entry completed, the archive falls back to a raw-bytes scan rather than being silently skipped.
- Archive decompression failures (broken zip, asar, etc.) now fall back to scanning the file's raw bytes instead of skipping the file entirely.
- Raised the single-stream decompression cap from 512 MB to 4 GB.
- Demoted expected truncation and path-filter log events from
warntodebugacross tar, zip, and asar extractors to reduce noise in normal operation. - Context verifier now stitches split assignments — where the variable name appears on one line and the value on the next — into a single candidate, so secrets assigned across two lines are no longer missed.
- Expanded string literal coverage in the context verifier: Rust raw strings (
r#"..."#,br#"..."#), Python/Ruby triple-quoted strings ("""...""",'''...'''), C# interpolated-verbatim strings ($@"...",@$"..."), and language-prefix variants (b"...",f"...",rb"...", etc.) are all now recognized and correctly stripped. - Go backtick strings are now parsed as verbatim string literals in the context verifier.
- Hex and underscore-separated numeric literals (
0xFF,1_000_000) are now matched in assignment patterns.