Skip to content

feat: add event truncation to enforce max payload size#24

Merged
naji247 merged 5 commits intomainfrom
feat/event-truncation
Feb 26, 2026
Merged

feat: add event truncation to enforce max payload size#24
naji247 merged 5 commits intomainfrom
feat/event-truncation

Conversation

@naji247
Copy link
Member

@naji247 naji247 commented Feb 26, 2026

Summary

  • Add a truncation module that enforces a 100 KB max event payload size, truncating oversized strings (>10 KB), limiting nesting depth (5 levels) and collection breadth (500 items), and detecting circular references
  • Uses progressive tightening — if the first pass doesn't fit, depth and per-string limits are iteratively reduced until the event is under 100 KB
  • Integrates into the event pipeline after sanitization, never mutates the original event, and gracefully returns the original on failure

Test plan

  • 25 unit tests covering string truncation, depth/breadth limiting, circular references, fast path, oversized events, size guarantees, error handling, and pipeline integration — all passing
  • uv run pytest tests/test_truncation.py -v
  • uv run pytest (full suite)

kashishhora
kashishhora requested changes Feb 26, 2026
View reviewed changes
Base automatically changed from feat/content-sanitization to main February 26, 2026 19:23
naji247 and others added 5 commits February 26, 2026 11:26
@naji247
feat: add content sanitization to strip binary data from event payloads
a7c5421 
MCP servers can return non-text content (images, audio, binary resources) and
tool parameters can contain embedded base64 blobs. These bloat event payloads
and aren't useful for analytics.

This adds a two-layer sanitization step to the event processing pipeline:
- Layer 1: replaces image/audio/blob/unknown content blocks in responses
- Layer 2: recursively scans parameters and structured_content for large
  base64 strings (>=10KB) and redacts them

Sanitization runs after customer redaction and before event ID generation,
using deepcopy to preserve immutability of the original event.

Also improves event queue shutdown behavior:
- Replace time.sleep with shutdown_event.wait for interruptible retry backoff
- Early return in _send_event when shutdown is detected
- Pass cancel_futures=True to executor.shutdown()
@naji247
feat: add event truncation to enforce max payload size
49fe393 
Introduce a truncation module that enforces a 100 KB maximum event
payload size. Oversized string values are truncated, nesting depth
and collection breadth are limited, and circular references are
detected. Uses progressive tightening — if the first pass doesn't
bring the event under the limit, depth and string limits are reduced
iteratively. Runs after sanitization in the event pipeline.
@kashishhora @naji247
Added test case for top-level mapping
2f4282d
@naji247
Add integration tests for truncation with real todo server MCP calls
7dc6a5e
@naji247
Add try/except around truncate_event to match sanitization error hand…
9ab53e4 
…ling
@naji247 naji247 force-pushed the feat/event-truncation branch from fe13fb5 to 9ab53e4 Compare February 26, 2026 19:28
@naji247 naji247 merged commit bb80f9e into main Feb 26, 2026
37 checks passed
@naji247 naji247 deleted the feat/event-truncation branch February 26, 2026 20:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kashishhora kashishhora kashishhora approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@naji247 @kashishhora