Adds browse/src/security-sidecar-client.ts to manage the Node L4
classifier subprocess from the compiled browse server:
- Lazy spawn on first scan; reuses the same process across requests
- Id-correlated request/response via NDJSON over stdio
- 5s default per-scan timeout; 64KB payload cap (short-circuits before
spawn so oversized requests don't waste a process)
- 3-in-10-minutes respawn cap → trips circuit breaker; subsequent
scans throw immediately so the /pty-inject-scan endpoint can surface
l4 { available: false } to the extension and degrade to WARN+confirm
- process.on('exit') sends SIGTERM to the child for clean teardown
- isSidecarAvailable() lets the endpoint probe before scan calls so
the response shape reflects degraded mode honestly
Unit tests cover the payload cap, the availability probe, and the
breaker-doesn't-crash invariant under repeated rejected calls.
C18 of the security-stack wave. C19 adds POST /pty-inject-scan; C20
routes the extension through it.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Garry Tan