The CLI was broken on Windows due to usage of the Unix-only resource module, and multiple API clients were using hardcoded, inconsistent User-Agent strings. This caused:

• Complete failure to run on Windows systems (ImportError on resource module)
• Inaccurate telemetry and API request tracking
• Difficulty debugging version-specific issues
• Inconsistent identification across different API endpoints

Root Cause

1. Windows Compatibility: The resource_utils.py module unconditionally imported the resource module, which is only available on Unix-like systems (Linux, macOS). This caused an ImportError on Windows, preventing the CLI from running.

2. User-Agent Inconsistency: User-Agent strings were hardcoded in multiple locations (GitLab, GitHub, and CLI clients) rather than being derived from the package version defined in socketsecurity/__init__.py. Each client independently defined its User-Agent, leading to version drift and inconsistency.

Fix

Windows Compatibility Fix:

• Added platform detection to conditionally import the resource module only on Unix systems
• Wrapped all resource module usage in availability checks
• Modified get_file_descriptor_limit() to return (None, None) on Windows
• Updated check_file_count_against_ulimit() to gracefully handle Windows by returning can_check: False and safe_to_process: True
• The CLI now runs successfully on Windows while maintaining full functionality on Unix systems

User-Agent Centralization:

• Added a centralized USER_AGENT constant to socketsecurity/__init__.py that uses the actual package version: f'SocketPythonCLI/{__version__}'
• Updated all API clients to import and use the centralized USER_AGENT:
  • socketsecurity/core/cli_client.py
  • socketsecurity/core/scm/client.py (GitHub and GitLab clients)
  • socketsecurity/core/scm/github.py
  • socketsecurity/core/scm/gitlab.py
• Updated unit tests to reference the centralized constant

Additional Improvements:

• Fixed minor GitLab client bugs discovered during refactoring:
  • Fixed return type in fallback headers method (None → {})
  • Added 'pipeline' to supported pipeline sources
• Pinned GitHub Actions to commit SHAs for improved security and reproducibility
• Bumped version to 2.2.12

Public Changelog

• Fixed Windows compatibility issue where CLI would crash on import due to Unix-only resource module
• Fixed User-Agent header to correctly report the CLI version in all API requests