fix(core): clean up partial .socket.facts.json.br on compression failure

Address review feedback on the facts-file brotli compression:

- If `_compress_facts_file` fails part-way through writing (e.g. the disk
  fills up mid-stream — the exact large-file scenario this targets), remove
  the partially-written `.socket.facts.json.br` before re-raising, so no
  orphaned `.br` is left in the target directory. The caller still falls back
  to uploading the plain file. Adds a regression test.
- Hoist the 1 MiB streaming chunk size to a module constant
  (`SOCKET_FACTS_BROTLI_CHUNK_SIZE`) alongside the other brotli knobs.

Author: mtorp

CHANGELOG.md

@@ -1,6 +1,6 @@
 # Changelog
 
-## 2.3.1
+## 2.3.2
 
 ### New: brotli-compressed `.socket.facts.json` upload
 
@@ -23,7 +23,8 @@ Details:
   that exact name). A custom `--reach-output-file` name is uploaded uncompressed, as before.
 - Empty baseline-scan placeholder files are not compressed.
 - Compression never blocks an upload: if it fails for any reason it falls back to uploading
-  the plain file.
+  the plain file, and a partially-written `.socket.facts.json.br` is removed rather than
+  left behind in the target directory.
 - Adds a `brotli` (CPython) / `brotlicffi` (PyPy) dependency.
 
 ## 2.3.0

pyproject.toml

@@ -6,7 +6,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "socketsecurity"
-version = "2.3.1"
+version = "2.3.2"
 requires-python = ">= 3.11"
 license = {"file" = "LICENSE"}
 dependencies = [

socketsecurity/__init__.py

@@ -1,3 +1,3 @@
 __author__ = 'socket.dev'
-__version__ = '2.3.1'
+__version__ = '2.3.2'
 USER_AGENT = f'SocketPythonCLI/{__version__}'

socketsecurity/core/__init__.py

@@ -68,6 +68,8 @@
 SOCKET_FACTS_BROTLI_QUALITY = 5
 # Largest brotli window (2**24 bytes); improves the ratio on large facts files.
 SOCKET_FACTS_BROTLI_LGWIN = 24
+# Stream the facts file in 1 MiB chunks so large files aren't held fully in memory.
+SOCKET_FACTS_BROTLI_CHUNK_SIZE = 1024 * 1024
 
 
 def _humanize_alert_type(alert_type: str) -> str:
@@ -569,7 +571,9 @@ def _compress_facts_file(source_path: str) -> str:
         The source is streamed in chunks so a large facts file (hundreds of MB) never has
         to be held in memory at once. The compressed file is written next to the source so
         that the multipart key the SDK derives keeps the same directory prefix, only with a
-        ``.br`` basename.
+        ``.br`` basename. Any existing ``.socket.facts.json.br`` sibling is overwritten, and a
+        partially-written output is removed if compression fails part-way through (e.g. the
+        disk fills up mid-stream) so no orphaned ``.br`` is left in the target directory.
 
         Args:
             source_path: Path to the plain ``.socket.facts.json`` file.
@@ -589,16 +593,25 @@ def _compress_facts_file(source_path: str) -> str:
             quality=SOCKET_FACTS_BROTLI_QUALITY,
             lgwin=SOCKET_FACTS_BROTLI_LGWIN,
         )
-        chunk_size = 1024 * 1024  # 1 MiB
-        with open(source_path, "rb") as src, open(target_path, "wb") as dst:
-            while True:
-                chunk = src.read(chunk_size)
-                if not chunk:
-                    break
-                compressed = compressor.process(chunk)
-                if compressed:
-                    dst.write(compressed)
-            dst.write(compressor.finish())
+        try:
+            with open(source_path, "rb") as src, open(target_path, "wb") as dst:
+                while True:
+                    chunk = src.read(SOCKET_FACTS_BROTLI_CHUNK_SIZE)
+                    if not chunk:
+                        break
+                    compressed = compressor.process(chunk)
+                    if compressed:
+                        dst.write(compressed)
+                dst.write(compressor.finish())
+        except BaseException:
+            # Don't leave a half-written .br behind for the caller to miss (it only tracks
+            # the path for cleanup once this returns). Remove it, then re-raise so the caller
+            # falls back to uploading the plain file.
+            try:
+                os.unlink(target_path)
+            except OSError:
+                pass
+            raise
         return target_path
 
     def _compress_facts_files_for_upload(self, files: List[str]) -> Tuple[List[str], List[str]]:

tests/core/test_facts_compression.py

@@ -7,6 +7,8 @@
 import json
 import os
 
+import pytest
+
 try:
     import brotli
 except ImportError:  # pragma: no cover - PyPy / non-CPython fallback
@@ -59,6 +61,30 @@ def test_compress_for_upload_rewrites_facts_entry(tmp_path):
     assert manifest in upload_files
 
 
+def test_compress_facts_file_removes_partial_output_on_failure(tmp_path, monkeypatch):
+    """If compression fails mid-stream, the half-written .br is removed (not orphaned)."""
+    source = _write(str(tmp_path / SOCKET_FACTS_FILENAME), b'{"a": 1}' * 1000)
+
+    class ExplodingCompressor:
+        def __init__(self, *args, **kwargs):
+            pass
+
+        def process(self, _data):
+            raise RuntimeError("disk full")
+
+        def finish(self):  # pragma: no cover - never reached
+            return b""
+
+    # Patch the module the helper imports (brotli on CPython, brotlicffi elsewhere).
+    monkeypatch.setattr(brotli, "Compressor", ExplodingCompressor)
+
+    with pytest.raises(RuntimeError, match="disk full"):
+        Core._compress_facts_file(source)
+
+    # No orphaned .br left behind in the target directory.
+    assert not (tmp_path / SOCKET_FACTS_BROTLI_FILENAME).exists()
+
+
 def test_compress_for_upload_preserves_directory_prefix(tmp_path):
     """The `.br` sibling keeps the facts file's directory so the relative key is preserved."""
     core = Core.__new__(Core)