Update version to 5.1.2 in pyproject.toml and related files; enhance BloodHound CE configuration handling with managed and legacy paths; improve command execution logging and telemetry context; refine error reporting in command execution and clock synchronization processes.

Author: Macroblond44

README.md

@@ -2,7 +2,7 @@
 
 <img width="740" height="198" alt="adscan_wordmark_horizontal_transparent_cropped" src="https://github.com/user-attachments/assets/4902f205-d9bc-453e-b2ac-8c7d7fa2f329" />
 
-[![Version](https://img.shields.io/badge/version-5.1.1--lite-blue.svg)](https://github.com/ADscanPro/adscan/releases)
+[![Version](https://img.shields.io/badge/version-5.1.2--lite-blue.svg)](https://github.com/ADscanPro/adscan/releases)
 [![downloads](https://static.pepy.tech/badge/adscan)](https://pepy.tech/projects/adscan)
 [![License: BSL 1.1](https://img.shields.io/badge/license-BSL%201.1-blue.svg)](https://github.com/ADscanPro/adscan/blob/main/LICENSE)
 [![Platform](https://img.shields.io/badge/platform-Linux-lightgrey.svg)](https://github.com/ADscanPro/adscan)

adscan.py

@@ -3950,6 +3950,8 @@ def is_venv():
     is_first_run,
     mark_first_run_complete,
     show_first_run_helper,
+    log_cli_command_context,
+    build_cli_runtime_snapshot,
 )
 
 
@@ -8750,6 +8752,17 @@ def _start_bloodhound_ce():
             except (HostHelperError, OSError) as exc:
                 telemetry.capture_exception(exc)
                 print_error("Failed to start BloodHound CE via host helper.")
+                marked_sock = mark_sensitive(sock_path, "path")
+                marked_compose = mark_sensitive(compose_path, "path")
+                print_info_debug(
+                    "[bloodhound-ce] host-helper startup failure context: "
+                    f"socket={marked_sock} socket_exists={Path(sock_path).exists()} "
+                    f"compose_path={marked_compose}"
+                )
+                print_instruction(
+                    "Inspect host-helper logs at ~/.adscan/logs/host-helper.log "
+                    "and retry `adscan start`."
+                )
                 print_exception(show_locals=False, exception=exc)
                 return False
 
@@ -9417,6 +9430,11 @@ def _questionary_select(self, title: str, options: list[str], default_idx: int =
 
             # Convert selected value back to index for compatibility with _curses_select
             if selected_value is None:
+                try:
+                    print_info_debug(f"[questionary] Cancelled: {title}")
+                    print_telemetry_only(f"[questionary][answer] {title}: [cancelled]")
+                except Exception:
+                    pass
                 return None
 
             # Log user selection for telemetry/debug
@@ -13217,6 +13235,9 @@ def _extract_raw_args(original_input: str, cmd: str) -> str:
 
                 command_name = parts[0].lower()
                 args_list = parts[1:]
+                marked_user_input = mark_sensitive(user_input.strip(), "text")
+                print_info_debug(f"[cli] Execute command: {marked_user_input}")
+                log_cli_command_context(self, command_name, args_list, source="cli")
                 arg_string = " ".join(
                     args_list
                 )  # For compatibility with do_* methods expecting a string
@@ -13627,36 +13648,53 @@ def do_info(self, _args):
         """
         from adscan_internal.rich_output import BRAND_COLORS
 
+        snapshot = build_cli_runtime_snapshot(shell=self)
+
         content = Text()
         content.append("Hosts: ", style=f"bold {BRAND_COLORS['info']}")
-        content.append(str(self.hosts) + "\n", style="white")
+        content.append(str(snapshot.get("hosts")) + "\n", style="white")
         content.append("Interface: ", style=f"bold {BRAND_COLORS['info']}")
-        content.append(str(self.interface) + "\n", style="white")
+        content.append(str(snapshot.get("interface")) + "\n", style="white")
         content.append("My IP: ", style=f"bold {BRAND_COLORS['info']}")
-        content.append(str(self.myip) + "\n", style="white")
+        content.append(str(snapshot.get("myip")) + "\n", style="white")
         content.append("Starting Domain: ", style=f"bold {BRAND_COLORS['info']}")
-        content.append(str(self.domain) + "\n", style="white")
+        content.append(str(snapshot.get("starting_domain")) + "\n", style="white")
+        content.append("Starting Domain Auth: ", style=f"bold {BRAND_COLORS['info']}")
+        content.append(str(snapshot.get("starting_domain_auth", "unknown")) + "\n", style="white")
         content.append("Configured Domains: ", style=f"bold {BRAND_COLORS['info']}")
-        content.append(str(self.domains) + "\n", style="white")
+        content.append(str(snapshot.get("configured_domains")) + "\n", style="white")
         content.append("Automatic Mode: ", style=f"bold {BRAND_COLORS['info']}")
-        content.append(str(self.auto) + "\n", style="white")
+        content.append(str(snapshot.get("automatic_mode")) + "\n", style="white")
         content.append("Pentest Type: ", style=f"bold {BRAND_COLORS['info']}")
         content.append(
-            str(self.type) + "\n" if self.type else "Not set\n", style="white"
+            (
+                str(snapshot.get("pentest_type")) + "\n"
+                if snapshot.get("pentest_type")
+                else "Not set\n"
+            ),
+            style="white",
         )
         content.append("Current Workspace: ", style=f"bold {BRAND_COLORS['info']}")
-        content.append(str(self.current_workspace_dir) + "\n", style="white")
-        content.append("Neo4j Server: ", style=f"bold {BRAND_COLORS['info']}")
-        content.append(str(self.neo4j_host) + "\n", style="white")
-        content.append("Neo4j Port: ", style=f"bold {BRAND_COLORS['info']}")
-        content.append(str(self.neo4j_port) + "\n", style="white")
-        content.append("Neo4j User: ", style=f"bold {BRAND_COLORS['info']}")
-        content.append(str(self.neo4j_db_user) + "\n", style="white")
-        # Neo4j password is intentionally omitted for security
+        content.append(str(snapshot.get("current_workspace")) + "\n", style="white")
+        content.append("BloodHound CE URL: ", style=f"bold {BRAND_COLORS['info']}")
+        content.append(
+            mark_sensitive(str(snapshot.get("bloodhound_ce_url")), "host") + "\n",
+            style="white",
+        )
+        content.append("BloodHound CE User: ", style=f"bold {BRAND_COLORS['info']}")
+        content.append(
+            mark_sensitive(str(snapshot.get("bloodhound_ce_user")), "user") + "\n",
+            style="white",
+        )
+        content.append("BloodHound CE Password: ", style=f"bold {BRAND_COLORS['info']}")
+        content.append(
+            mark_sensitive(str(snapshot.get("bloodhound_ce_password")), "password")
+            + "\n",
+            style="white",
+        )
         content.append("Telemetry: ", style=f"bold {BRAND_COLORS['info']}")
-        env_val = os.getenv("ADSCAN_TELEMETRY", None)
-        enabled = telemetry._is_telemetry_enabled()
-        suffix = " (session override)" if env_val is not None else " (persisted)"
+        enabled = bool(snapshot.get("telemetry_enabled"))
+        suffix = f" ({snapshot.get('telemetry_source', 'persisted')})"
         content.append(f"{'ON' if enabled else 'OFF'}{suffix}\n", style="white")
 
         content.append("\nDomain Information:\n", style="bold green")

adscan_core/telemetry.py

@@ -762,6 +762,7 @@ def _is_session_capture_enabled() -> bool:
 HOST_SESSION_CAPTURE_COMMANDS = frozenset({"install", "check", "update", "upgrade"})
 CONTAINER_SESSION_CAPTURE_COMMANDS = frozenset({"start", "ci"})
 SESSION_WORKSPACE_CONTEXT_COMMANDS = frozenset({"start", "ci"})
+_SESSION_TRACE_ID_ENV = "ADSCAN_SESSION_TRACE_ID"
 _SESSION_WORKSPACE_CONTEXT_FIELDS = frozenset(
     {"workspace_type", "lab_provider", "lab_name", "lab_slug", "lab_name_whitelisted"}
 )
@@ -817,6 +818,41 @@ def _filter_workspace_context_metadata(
     return filtered
 
 
+def _resolve_session_scope() -> str:
+    """Return session scope for telemetry correlation."""
+    if os.getenv("ADSCAN_CONTAINER_RUNTIME") == "1":
+        return "runtime"
+    return "launcher"
+
+
+def _resolve_session_trace_id() -> str | None:
+    """Return a sanitized session trace identifier from the environment."""
+    raw = str(os.getenv(_SESSION_TRACE_ID_ENV, "")).strip()
+    if not raw:
+        return None
+    sanitized = re.sub(r"[^a-zA-Z0-9._:-]+", "", raw)
+    if not sanitized:
+        return None
+    return sanitized[:128]
+
+
+def _enrich_session_metadata_context(
+    metadata: Optional[dict[str, Any]],
+) -> dict[str, Any]:
+    """Return metadata enriched with session scope and trace correlation fields."""
+    enriched: dict[str, Any] = dict(metadata or {})
+
+    if not enriched.get("session_scope"):
+        enriched["session_scope"] = _resolve_session_scope()
+
+    if not enriched.get("session_trace_id"):
+        trace_id = _resolve_session_trace_id()
+        if trace_id:
+            enriched["session_trace_id"] = trace_id
+
+    return enriched
+
+
 def build_command_session_metadata(
     *,
     command_type: Optional[str],
@@ -835,9 +871,7 @@ def build_command_session_metadata(
     Returns:
         Metadata dictionary or None when no metadata is available.
     """
-    metadata: dict[str, Any] = {}
-    if base_metadata:
-        metadata.update(base_metadata)
+    metadata: dict[str, Any] = _enrich_session_metadata_context(base_metadata)
     if command_type:
         metadata["command_type"] = str(command_type)
     if extra:
@@ -3665,10 +3699,17 @@ def _vercel_metadata_fields(metadata: Optional[dict[str, Any]]) -> dict[str, Any
     environment = metadata.get("environment")
     command_type = metadata.get("command_type")
     command_success = metadata.get("command_success")
+    session_scope = metadata.get("session_scope")
+    session_trace_id = metadata.get("session_trace_id")
     if environment:
         updates["environment"] = environment.lower()
     if command_type:
         updates["command_type"] = command_type.lower()
+    if session_scope:
+        updates["session_scope"] = str(session_scope).lower()
+    if session_trace_id:
+        updates["session_trace_id"] = str(session_trace_id)
+        updates["trace_id"] = str(session_trace_id)
     if workspace_type:
         updates["workspace_type"] = workspace_type
     if command_success is not None:
@@ -3739,6 +3780,9 @@ def _summarize_vercel_payload_context(payload: dict[str, Any]) -> str:
     field_order = (
         "environment",
         "command_type",
+        "session_scope",
+        "session_trace_id",
+        "trace_id",
         "workspace_type",
         "target_type",
         "target_name",
@@ -3930,7 +3974,7 @@ def capture_session_end(console=None, metadata: Optional[dict] = None):
         # monotonic measurement even if the system clock changed.
         effective_started_at = finished_at - timedelta(seconds=duration_seconds)
         session_id = f"{TELEMETRY_ID}_{int(finished_at.timestamp())}"
-        metadata_with_env = dict(metadata or {})
+        metadata_with_env = _enrich_session_metadata_context(metadata)
 
         # Prefer an explicit environment passed by the caller (e.g., host launcher
         # passing its environment into the container). This prevents dev/ci runs
@@ -3975,6 +4019,8 @@ def capture_session_end(console=None, metadata: Optional[dict] = None):
         print_info_debug(
             "[DEBUG] capture_session_end metadata summary: "
             f"command_type={metadata_with_env.get('command_type')!r}, "
+            f"session_scope={metadata_with_env.get('session_scope')!r}, "
+            f"session_trace_id={metadata_with_env.get('session_trace_id')!r}, "
             f"workspace_type={metadata_with_env.get('workspace_type')!r}, "
             f"lab_provider={metadata_with_env.get('lab_provider')!r}, "
             f"lab_name={metadata_with_env.get('lab_name')!r}, "
@@ -4066,6 +4112,16 @@ def capture_session_end(console=None, metadata: Optional[dict] = None):
                 "session_id": session_id,
                 "environment": session_env,
             }
+            command_type = metadata_with_env.get("command_type")
+            if command_type:
+                properties["command_type"] = str(command_type).lower()
+            session_scope = metadata_with_env.get("session_scope")
+            if session_scope:
+                properties["session_scope"] = str(session_scope).lower()
+            session_trace_id = metadata_with_env.get("session_trace_id")
+            if session_trace_id:
+                properties["session_trace_id"] = str(session_trace_id)
+                properties["trace_id"] = str(session_trace_id)
             if session_url:
                 properties["session_url"] = session_url
                 # Keep legacy key for backward compatibility

adscan_core/version_context.py

@@ -17,7 +17,7 @@
 
 from adscan_core.path_utils import get_adscan_home, get_effective_user_home
 
-VERSION = "5.1.1"
+VERSION = "5.1.2"
 _LAUNCHER_VERSION_ENV = "ADSCAN_LAUNCHER_VERSION"
 _RUNTIME_IMAGE_ENV = "ADSCAN_RUNTIME_IMAGE"
 

adscan_internal/cli/check.py

@@ -1383,15 +1383,27 @@ def check_docker_compose(
             deps.print_instruction("Run: adscan install --only bloodhound")
             all_ok = False
 
-    # Check BloodHound CE configuration
-    bloodhound_config = deps.expand_effective_user_path(
+    # Check BloodHound CE configuration (managed path first, legacy fallback)
+    managed_compose_path = deps.expand_effective_user_path(
+        "~/.adscan/bloodhound/bloodhound-ce/docker-compose.yml"
+    )
+    legacy_compose_path = deps.expand_effective_user_path(
         "~/.config/bloodhound/docker-compose.yml"
     )
-    if deps.path_exists(bloodhound_config):
-        deps.print_success(f"BloodHound CE configuration found: {bloodhound_config}")
+    if deps.path_exists(managed_compose_path):
+        deps.print_success(
+            f"BloodHound CE managed configuration found: {managed_compose_path}"
+        )
+    elif deps.path_exists(legacy_compose_path):
+        deps.print_warning(
+            f"BloodHound CE legacy configuration found: {legacy_compose_path}"
+        )
+        deps.print_info(
+            "ADscan now uses the managed isolated BloodHound CE stack under ~/.adscan."
+        )
     else:
         deps.print_warning(
-            f"BloodHound CE configuration not found at {bloodhound_config}"
+            "BloodHound CE configuration not found in managed or legacy locations"
         )
         deps.print_info("This will be created automatically when needed.")