chore(iast): fix iast multiprocess issues and add mcp streaming tests (#15141)

### Summary
This PR addresses a IAST stability issues in multiprocess contexts and
adds comprehensive validation for streaming request handling with MCP
(Model Context Protocol) servers

### Main Changes
- **IAST Disabled in Subprocesses:** When an active request runs in a
subprocess with open socket connections (e.g., streaming endpoints),
IAST experienced memory corruption and segmentation faults
- **Improved Code Injection Detection:** Enhanced retrieval of globals
and locals in the `eval()` function wrapper
- **MCP Server Streaming Validation:** Added comprehensive test suite
for MCP servers (Model Context Protocol) with FastAPI. Validated IAST
functionality with:
   - HTTP/SSE (Server-Sent Events) bidirectional streaming
   - In-memory MCP connections
   - Multiple concurrent streaming operations
   - Header tainting through streaming requests
   - Vulnerability detection (CMDI) during streaming

### Fixes
- **Streaming Request Safety**: Validates IAST handles streaming
responses without crashes
- **MCP Protocol Support**: Full test coverage for MCP servers (critical
for AI/LLM applications)
- **Subprocess Stability**: Prevents memory corruption in subprocess
contexts
- **Better Code Injection Detection**: Enhanced eval() wrapper for
improved vulnerability detection

Author: avara1986

.riot/requirements/1021fa1.txt

@@ -2,38 +2,52 @@
 # This file is autogenerated by pip-compile with Python 3.11
 # by the following command:
 #
-#    pip-compile --allow-unsafe --cert=None --client-cert=None --index-url=None --no-annotate --pip-args=None .riot/requirements/19fed8a.in
+#    pip-compile --allow-unsafe --no-annotate .riot/requirements/10f75ab.in
 #
 annotated-types==0.7.0
 anyio==4.11.0
-attrs==25.3.0
-certifi==2025.8.3
-charset-normalizer==3.4.3
+attrs==25.4.0
+certifi==2025.10.5
+cffi==2.0.0
+charset-normalizer==3.4.4
 click==8.3.0
-coverage[toml]==7.10.7
+coverage[toml]==7.11.0
+cryptography==46.0.3
 fastapi==0.114.2
 h11==0.16.0
 httpcore==1.0.9
 httpx==0.27.2
+httpx-sse==0.4.3
 hypothesis==6.45.0
-idna==3.10
-iniconfig==2.1.0
+idna==3.11
+iniconfig==2.3.0
 jinja2==3.1.6
+jsonschema==4.25.1
+jsonschema-specifications==2025.9.1
 markupsafe==3.0.3
+mcp==1.20.0
 mock==5.2.0
 opentracing==2.4.0
 packaging==25.0
 pluggy==1.6.0
-pydantic==2.11.9
-pydantic-core==2.33.2
+pycparser==2.23
+pydantic==2.12.4
+pydantic-core==2.41.5
+pydantic-settings==2.11.0
 pygments==2.19.2
+pyjwt[crypto]==2.10.1
 pytest==8.4.2
+pytest-asyncio==1.2.0
 pytest-cov==7.0.0
 pytest-mock==3.15.1
+python-dotenv==1.2.1
 python-multipart==0.0.20
+referencing==0.37.0
 requests==2.32.5
+rpds-py==0.28.0
 sniffio==1.3.1
 sortedcontainers==2.4.0
+sse-starlette==3.0.3
 starlette==0.38.6
 typing-extensions==4.15.0
 typing-inspection==0.4.2

.riot/requirements/19fed8a.txt renamed to .riot/requirements/10f75ab.txt

@@ -2,12 +2,13 @@
 # This file is autogenerated by pip-compile with Python 3.9
 # by the following command:
 #
-#    pip-compile --allow-unsafe --no-annotate .riot/requirements/1828fcc.in
+#    pip-compile --allow-unsafe --no-annotate .riot/requirements/1235f1e.in
 #
 anyio==3.7.1
-attrs==25.3.0
-certifi==2025.8.3
-charset-normalizer==3.4.3
+attrs==25.4.0
+backports-asyncio-runner==1.2.0
+certifi==2025.10.5
+charset-normalizer==3.4.4
 click==8.1.8
 coverage[toml]==7.10.7
 exceptiongroup==1.3.0
@@ -16,7 +17,7 @@ h11==0.16.0
 httpcore==1.0.9
 httpx==0.27.2
 hypothesis==6.45.0
-idna==3.10
+idna==3.11
 iniconfig==2.1.0
 jinja2==3.1.6
 markupsafe==3.0.3
@@ -27,14 +28,15 @@ pluggy==1.6.0
 pydantic==1.10.24
 pygments==2.19.2
 pytest==8.4.2
+pytest-asyncio==1.2.0
 pytest-cov==7.0.0
 pytest-mock==3.15.1
 python-multipart==0.0.20
 requests==2.32.5
 sniffio==1.3.1
 sortedcontainers==2.4.0
 starlette==0.20.4
-tomli==2.2.1
+tomli==2.3.0
 typing-extensions==4.15.0
 urllib3==2.5.0
 uvicorn==0.33.0

.riot/requirements/1828fcc.txt renamed to .riot/requirements/1235f1e.txt

@@ -0,0 +1,56 @@
+#
+# This file is autogenerated by pip-compile with Python 3.13
+# by the following command:
+#
+#    pip-compile --allow-unsafe --no-annotate .riot/requirements/1489f78.in
+#
+annotated-doc==0.0.3
+annotated-types==0.7.0
+anyio==4.11.0
+attrs==25.4.0
+certifi==2025.10.5
+cffi==2.0.0
+charset-normalizer==3.4.4
+click==8.3.0
+coverage[toml]==7.11.0
+cryptography==46.0.3
+fastapi==0.121.0
+h11==0.16.0
+httpcore==1.0.9
+httpx==0.27.2
+httpx-sse==0.4.3
+hypothesis==6.45.0
+idna==3.11
+iniconfig==2.3.0
+jinja2==3.1.6
+jsonschema==4.25.1
+jsonschema-specifications==2025.9.1
+markupsafe==3.0.3
+mcp==1.20.0
+mock==5.2.0
+opentracing==2.4.0
+packaging==25.0
+pluggy==1.6.0
+pycparser==2.23
+pydantic==2.12.4
+pydantic-core==2.41.5
+pydantic-settings==2.11.0
+pygments==2.19.2
+pyjwt[crypto]==2.10.1
+pytest==8.4.2
+pytest-asyncio==1.2.0
+pytest-cov==7.0.0
+pytest-mock==3.15.1
+python-dotenv==1.2.1
+python-multipart==0.0.20
+referencing==0.37.0
+requests==2.32.5
+rpds-py==0.28.0
+sniffio==1.3.1
+sortedcontainers==2.4.0
+sse-starlette==3.0.3
+starlette==0.49.3
+typing-extensions==4.15.0
+typing-inspection==0.4.2
+urllib3==2.5.0
+uvicorn==0.33.0

.riot/requirements/1489f78.txt

@@ -2,12 +2,12 @@
 # This file is autogenerated by pip-compile with Python 3.8
 # by the following command:
 #
-#    pip-compile --allow-unsafe --no-annotate .riot/requirements/2c0f966.in
+#    pip-compile --allow-unsafe --no-annotate .riot/requirements/18474a9.in
 #
 anyio==3.7.1
 attrs==25.3.0
-certifi==2025.8.3
-charset-normalizer==3.4.3
+certifi==2025.10.5
+charset-normalizer==3.4.4
 click==8.1.8
 coverage[toml]==7.6.1
 exceptiongroup==1.3.0
@@ -16,7 +16,7 @@ h11==0.16.0
 httpcore==1.0.9
 httpx==0.27.2
 hypothesis==6.45.0
-idna==3.10
+idna==3.11
 iniconfig==2.1.0
 jinja2==3.1.6
 markupsafe==2.1.5
@@ -26,14 +26,15 @@ packaging==25.0
 pluggy==1.5.0
 pydantic==1.10.24
 pytest==8.3.5
+pytest-asyncio==0.24.0
 pytest-cov==5.0.0
 pytest-mock==3.14.1
 python-multipart==0.0.20
 requests==2.32.4
 sniffio==1.3.1
 sortedcontainers==2.4.0
 starlette==0.20.4
-tomli==2.2.1
+tomli==2.3.0
 typing-extensions==4.13.2
 urllib3==2.2.3
 uvicorn==0.33.0

.riot/requirements/1554154.txt

@@ -2,38 +2,52 @@
 # This file is autogenerated by pip-compile with Python 3.13
 # by the following command:
 #
-#    pip-compile --allow-unsafe --cert=None --client-cert=None --index-url=None --no-annotate --pip-args=None .riot/requirements/1a0cd9b.in
+#    pip-compile --allow-unsafe --no-annotate .riot/requirements/196a8f0.in
 #
 annotated-types==0.7.0
 anyio==4.11.0
-attrs==25.3.0
-certifi==2025.8.3
-charset-normalizer==3.4.3
+attrs==25.4.0
+certifi==2025.10.5
+cffi==2.0.0
+charset-normalizer==3.4.4
 click==8.3.0
-coverage[toml]==7.10.7
+coverage[toml]==7.11.0
+cryptography==46.0.3
 fastapi==0.114.2
 h11==0.16.0
 httpcore==1.0.9
 httpx==0.27.2
+httpx-sse==0.4.3
 hypothesis==6.45.0
-idna==3.10
-iniconfig==2.1.0
+idna==3.11
+iniconfig==2.3.0
 jinja2==3.1.6
+jsonschema==4.25.1
+jsonschema-specifications==2025.9.1
 markupsafe==3.0.3
+mcp==1.20.0
 mock==5.2.0
 opentracing==2.4.0
 packaging==25.0
 pluggy==1.6.0
-pydantic==2.11.9
-pydantic-core==2.33.2
+pycparser==2.23
+pydantic==2.12.4
+pydantic-core==2.41.5
+pydantic-settings==2.11.0
 pygments==2.19.2
+pyjwt[crypto]==2.10.1
 pytest==8.4.2
+pytest-asyncio==1.2.0
 pytest-cov==7.0.0
 pytest-mock==3.15.1
+python-dotenv==1.2.1
 python-multipart==0.0.20
+referencing==0.37.0
 requests==2.32.5
+rpds-py==0.28.0
 sniffio==1.3.1
 sortedcontainers==2.4.0
+sse-starlette==3.0.3
 starlette==0.38.6
 typing-extensions==4.15.0
 typing-inspection==0.4.2

.riot/requirements/2c0f966.txt renamed to .riot/requirements/18474a9.txt

@@ -2,21 +2,21 @@
 # This file is autogenerated by pip-compile with Python 3.11
 # by the following command:
 #
-#    pip-compile --allow-unsafe --cert=None --client-cert=None --index-url=None --no-annotate --pip-args=None .riot/requirements/a0d16bc.in
+#    pip-compile --allow-unsafe --no-annotate .riot/requirements/197fd3a.in
 #
 anyio==4.11.0
-attrs==25.3.0
-certifi==2025.8.3
-charset-normalizer==3.4.3
+attrs==25.4.0
+certifi==2025.10.5
+charset-normalizer==3.4.4
 click==8.3.0
-coverage[toml]==7.10.7
+coverage[toml]==7.11.0
 fastapi==0.94.1
 h11==0.16.0
 httpcore==1.0.9
 httpx==0.27.2
 hypothesis==6.45.0
-idna==3.10
-iniconfig==2.1.0
+idna==3.11
+iniconfig==2.3.0
 jinja2==3.1.6
 markupsafe==3.0.3
 mock==5.2.0
@@ -26,6 +26,7 @@ pluggy==1.6.0
 pydantic==1.10.24
 pygments==2.19.2
 pytest==8.4.2
+pytest-asyncio==1.2.0
 pytest-cov==7.0.0
 pytest-mock==3.15.1
 python-multipart==0.0.20