npm - @argosvix/sdk - Versions diffs - 0.4.2-alpha.1 → 0.4.3-alpha.2 - Mend

@argosvix/sdk 0.4.2-alpha.1 → 0.4.3-alpha.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (36) hide show

package/dist/budgetGate.js ADDED Viewed

@@ -0,0 +1,356 @@
+import { scanPolicyViolation } from "./policyScan.js";
+/**
+ * Runtime 予算ゲート (= ランタイム制御プレーン Phase 1 の SDK 側 enforce)。
+ *
+ * `config.budgetGate: true` で opt-in すると、wrap 済み client の LLM 呼び出し
+ * 前に backend `/v1/gate/budget` の設定 + 当月消費額をローカル評価し、
+ * 月次上限超過なら `ArgosvixBudgetExceededError` を投げて呼び出しを止める。
+ *
+ * 設計 (= R65b fix bundle 反映):
+ *   - 設定 + 消費額は TTL (= backend response の ttlSeconds、 default 60s)
+ *     キャッシュ。呼び出し毎の往復はしない。
+ *   - stale-while-revalidate: snapshot がある間は stale でも即時評価し、
+ *     refresh は background で走らせる (= hot path に fetch RTT を乗せない)。
+ *     同期 await するのは「snapshot が一度も無い初回」と「fail_closed gate が
+ *     stale」の 2 場面のみ。
+ *   - 失敗 backoff: fetch 失敗後 FAILURE_RETRY_MS は再試行しない (= backend
+ *     障害中に呼び出し毎 3 秒の blocking fetch を発生させない、R65b SB-1)。
+ *   - TTL 間の消費は recorder 経由のローカル加算で補正する。fetch 成功時は
+ *     「fetch 開始時点の補正量」だけ差し引く (= fetch 中に積まれた分を
+ *     握り潰さない、R65b M-1)。
+ *   - 時刻は monotonic clock (performance.now) 基準 (= NTP step / VM resume の
+ *     時計逆行で cache が無限 fresh になる事故の防止、R65b M-4)。
+ *   - fail_open (default) = backend 不達 / 設定未取得時は通す。
+ *   - fail_closed = backend の gate 設定が fail_closed のとき、 cache が
+ *     MAX_STALE_MULTIPLIER × TTL を超えて stale なら
+ *     ArgosvixBudgetGateUnavailableError。初回取得前の挙動は
+ *     `config.budgetGateFailClosed` (default false) で選ぶ。
+ *   - ゲートで止めた呼び出しも wrapper 経由で error record として ingest
+ *     される (= 「何件止めたか」 が dashboard / chat で見える)。
+ *
+ * 既知の limitation (= Phase 1 時点):
+ *   - SDK が wrap していない method (= Anthropic `messages.stream()`、 Python の
+ *     `generate_content_stream` 等) は観測も enforce も対象外。詳細は
+ *     types.ts の budgetGate doc comment 参照。
+ */
+const DEFAULT_GATE_ENDPOINT = "https://ingest.argosvix.com/v1/gate/config";
+const INGEST_SUFFIX = "/v1/ingest";
+const FETCH_TIMEOUT_MS = 3_000;
+const DEFAULT_TTL_MS = 60_000;
+// fetch 失敗後の最小再試行間隔 (= 障害中の hot path 保護)
+const FAILURE_RETRY_MS = 30_000;
+// cache がこの倍数 × TTL を超えて refresh できていなければ「状態不明」扱い
+const MAX_STALE_MULTIPLIER = 5;
+/**
+ * model 名の canonical form (= R72b MEDIUM 3)。 Gemini 系 SDK が保持する
+ * "models/gemini-pro" の provider prefix を除去し、 allowlist 比較を
+ * TS / Python 両 SDK で同一にする。 export = test + Python 側と並走 verify 用。
+ */
+export function canonicalizeModelName(model) {
+    return model.startsWith("models/") ? model.slice("models/".length) : model;
+}
+export class ArgosvixBudgetExceededError extends Error {
+    spentUsd;
+    limitUsd;
+    constructor(spentUsd, limitUsd) {
+        super(`[argosvix] budget gate: monthly spend $${spentUsd.toFixed(4)} reached the limit $${limitUsd.toFixed(2)}; call blocked before the provider request`);
+        this.name = "ArgosvixBudgetExceededError";
+        this.spentUsd = spentUsd;
+        this.limitUsd = limitUsd;
+    }
+}
+export class ArgosvixBudgetGateUnavailableError extends Error {
+    constructor() {
+        super("[argosvix] runtime gate: gate state is unavailable and enforce mode is fail_closed; call blocked");
+        this.name = "ArgosvixBudgetGateUnavailableError";
+    }
+}
+export class ArgosvixPolicyViolationError extends Error {
+    reason;
+    detail;
+    constructor(reason, detail) {
+        super(`[argosvix] policy gate: ${detail}; call blocked before the provider request`);
+        this.name = "ArgosvixPolicyViolationError";
+        this.reason = reason;
+        this.detail = detail;
+    }
+}
+export class RuntimeGate {
+    config;
+    snapshot = null;
+    inflight = null;
+    lastAttemptMs = null;
+    lastAttemptFailed = false;
+    warnedEndpoint = false;
+    warnedNoPolicy = false;
+    /** 直近の成功 fetch 以降にこのプロセスが record した消費の補正値。 */
+    localSpendUsd = 0;
+    constructor(config) {
+        this.config = config;
+    }
+    /** monotonic clock。wall clock の逆行 (NTP step / VM resume) に影響されない。 */
+    now() {
+        return typeof performance !== "undefined" ? performance.now() : Date.now();
+    }
+    /** opt-in + 送信可能な構成のときだけ動く。それ以外は完全 no-op。 */
+    get active() {
+        return ((this.config.budgetGate === true || this.config.policyGate === true) &&
+            this.config.disabled !== true &&
+            typeof this.config.apiKey === "string" &&
+            this.config.apiKey.length > 0);
+    }
+    /** recorder.record() から呼ばれる。TTL 窓内のローカル消費補正。 */
+    noteSpend(costUsd) {
+        if (this.config.budgetGate !== true || !this.active)
+            return;
+        if (Number.isFinite(costUsd) && costUsd > 0) {
+            this.localSpendUsd += costUsd;
+        }
+    }
+    /**
+     * LLM 呼び出し直前の enforce。超過なら throw、それ以外は素通し。
+     * backend 障害は enforce mode に従って fail-open / fail-closed。
+     */
+    async check(ctx = {}) {
+        if (!this.active)
+            return;
+        const snap = this.snapshot;
+        if (!snap) {
+            // 初回 (または未取得)。backoff 窓内なら fetch せず素通し判定へ。
+            if (this.attemptAllowed())
+                await this.refresh();
+        }
+        else if (this.isStale(snap)) {
+            if (this.attemptAllowed()) {
+                const p = this.refresh();
+                const anyFailClosed = (this.config.budgetGate === true &&
+                    snap.gate?.enforceMode === "fail_closed") ||
+                    (this.config.policyGate === true &&
+                        snap.policy?.enforceMode === "fail_closed");
+                if (anyFailClosed) {
+                    // fail_closed は stale で block し得るため同期 refresh で正確性優先
+                    await p;
+                }
+                else {
+                    // fail_open は stale-while-revalidate (= hot path に RTT を乗せない)
+                    p.catch(() => { });
+                }
+            }
+        }
+        this.evaluate(ctx);
+    }
+    evaluate(ctx) {
+        const snap = this.snapshot;
+        if (!snap) {
+            // 一度も取得できていない = server 側 enforce mode が不明。
+            // local opt-in (budgetGateFailClosed / policyGateFailClosed) でのみ
+            // fail_closed に倒す (= R72b HIGH 1: backend が fail_closed 設定でも
+            // cold start では SDK がそれを知れないため、 厳格運用は明示 opt-in)。
+            if ((this.config.budgetGateFailClosed === true ||
+                this.config.policyGateFailClosed === true) &&
+                this.lastAttemptFailed) {
+                throw new ArgosvixBudgetGateUnavailableError();
+            }
+            return;
+        }
+        const ageMs = this.now() - snap.fetchedAtMs;
+        const isUnknownStale = ageMs < 0 || ageMs > snap.ttlMs * MAX_STALE_MULTIPLIER;
+        if (this.config.budgetGate === true && snap.gate) {
+            const gate = snap.gate;
+            if (isUnknownStale && gate.enforceMode === "fail_closed") {
+                throw new ArgosvixBudgetGateUnavailableError();
+            }
+            const spent = snap.spentUsd + this.localSpendUsd;
+            if (spent >= gate.limitUsd) {
+                throw new ArgosvixBudgetExceededError(spent, gate.limitUsd);
+            }
+        }
+        if (this.config.policyGate === true && snap.policy) {
+            const policy = snap.policy;
+            if (isUnknownStale && policy.enforceMode === "fail_closed") {
+                throw new ArgosvixBudgetGateUnavailableError();
+            }
+            this.evaluatePolicy(policy, ctx);
+        }
+    }
+    /** ポリシーゲートのローカル評価 (= モデル allowlist / PII / secret)。 */
+    evaluatePolicy(policy, ctx) {
+        const model = ctx.model ??
+            (ctx.payload && typeof ctx.payload === "object"
+                ? ctx.payload.model
+                : undefined);
+        if (policy.allow) {
+            if (typeof model === "string" && model.length > 0) {
+                if (!policy.allow.has(canonicalizeModelName(model))) {
+                    // model 名は payload 由来の任意文字列になり得るため、 error message には
+                    // 許可 charset のみ + 128 文字 cap で sanitize して載せる (= prompt 等の
+                    // 平文が error record に混入しない構造防御、 R66b SB-1 系)。
+                    const safeModel = model.replace(/[^A-Za-z0-9._:/-]/g, "?").slice(0, 128);
+                    throw new ArgosvixPolicyViolationError("model_not_allowed", `model "${safeModel}" is not in the configured allowlist`);
+                }
+            }
+            else if (policy.enforceMode === "fail_closed") {
+                // QA M-5: allowlist 設定済 + model 解決不能 (= ctx.model も payload.model も
+                // 取れない経路) のとき、 fail_open は従来どおり素通し (= false positive 厳禁の
+                // 既定) だが、 fail_closed なら「許可リストを照合できない呼び出しは止める」
+                // 強制意味論で block する (= 旧実装の no-block 穴を opt-in で塞ぐ)。
+                throw new ArgosvixPolicyViolationError("model_not_allowed", "request model could not be resolved to check against the allowlist (fail_closed)");
+            }
+        }
+        if ((policy.blockPii || policy.blockSecrets) && ctx.payload !== undefined) {
+            const hit = scanPolicyViolation(ctx.payload, {
+                pii: policy.blockPii,
+                secrets: policy.blockSecrets,
+            });
+            if (hit) {
+                throw new ArgosvixPolicyViolationError(hit.kind === "secret" ? "secret_detected" : "pii_detected", `request payload contains ${hit.kind === "secret" ? "a credential-like token" : "PII"} (${hit.pattern}) at ${hit.path || "payload"} ("${hit.snippet}")`);
+            }
+        }
+    }
+    isStale(snap) {
+        const age = this.now() - snap.fetchedAtMs;
+        return age < 0 || age >= snap.ttlMs;
+    }
+    /** 直近 fetch が失敗していた場合、FAILURE_RETRY_MS 経過まで再試行しない。 */
+    attemptAllowed() {
+        if (this.lastAttemptMs === null || !this.lastAttemptFailed)
+            return true;
+        return this.now() - this.lastAttemptMs >= FAILURE_RETRY_MS;
+    }
+    refresh() {
+        if (!this.inflight) {
+            this.lastAttemptMs = this.now();
+            this.inflight = this.fetchOnce().finally(() => {
+                this.inflight = null;
+            });
+        }
+        return this.inflight;
+    }
+    /**
+     * gate endpoint の決定。 ingest endpoint を override している場合は同 prefix
+     * から導出し、 導出できない形 (= /v1/ingest で終わらない custom URL) なら
+     * gate を無効化する (= 他環境向け Bearer key を production に送らない、R65b M-2)。
+     */
+    gateEndpoint() {
+        if (this.config.gateEndpoint)
+            return this.config.gateEndpoint;
+        const endpoint = this.config.endpoint;
+        if (endpoint) {
+            if (endpoint.endsWith(INGEST_SUFFIX)) {
+                return endpoint.slice(0, -INGEST_SUFFIX.length) + "/v1/gate/config";
+            }
+            if (!this.warnedEndpoint) {
+                this.warnedEndpoint = true;
+                // eslint-disable-next-line no-console
+                console.warn("[argosvix] budget gate: cannot derive gate endpoint from custom ingest endpoint; set config.gateEndpoint explicitly. Gate enforcement is disabled.");
+            }
+            return null;
+        }
+        return DEFAULT_GATE_ENDPOINT;
+    }
+    async fetchOnce() {
+        const url = this.gateEndpoint();
+        if (url === null) {
+            this.lastAttemptFailed = true;
+            return;
+        }
+        // fetch 中に noteSpend された分を reset で握り潰さないため、開始時点の
+        // 補正量を捕捉して成功時に差分減算する (R65b M-1)。
+        const localAtStart = this.localSpendUsd;
+        try {
+            const controller = new AbortController();
+            const timer = setTimeout(() => controller.abort(), FETCH_TIMEOUT_MS);
+            let res;
+            try {
+                res = await fetch(url, {
+                    method: "GET",
+                    headers: { Authorization: `Bearer ${this.config.apiKey}` },
+                    signal: controller.signal,
+                });
+            }
+            finally {
+                clearTimeout(timer);
+            }
+            if (!res.ok) {
+                // body を消費して connection 再利用を阻害しない (R65b L-1)
+                await res.arrayBuffer().catch(() => { });
+                this.lastAttemptFailed = true;
+                return; // 旧 snapshot keep、mode に応じて evaluate() 側で判断
+            }
+            const raw = (await res.json());
+            // /v1/gate/config 形 { budget: {...}, policy: {...}, ttlSeconds } を
+            // 第一に、 旧 /v1/gate/budget 形 { gates, spentUsdThisMonth, ttlSeconds }
+            // (= gateEndpoint override で budget endpoint を指す構成) も受理する。
+            const isObj = (v) => !!v && typeof v === "object" && !Array.isArray(v);
+            const root = isObj(raw) ? raw : {};
+            const budgetPart = isObj(root["budget"]) ? root["budget"] : root;
+            const policyPart = isObj(root["policy"]) ? root["policy"] : null;
+            if (this.config.policyGate === true &&
+                !("policy" in root) &&
+                !this.warnedNoPolicy) {
+                // 旧 /v1/gate/budget shape に gateEndpoint を向けた構成では policy が
+                // 取得できず silent no-op になるため 1 回だけ告知 (= R66b LOW 3)。
+                this.warnedNoPolicy = true;
+                // eslint-disable-next-line no-console
+                console.warn("[argosvix] policy gate: gate endpoint response has no policy section; point gateEndpoint at /v1/gate/config to enable policy enforcement.");
+            }
+            const gates = Array.isArray(budgetPart["gates"])
+                ? budgetPart["gates"]
+                : [];
+            const accountGate = gates.find((g) => isObj(g) &&
+                (g["projectId"] === null || g["projectId"] === undefined) &&
+                g["enabled"] === true &&
+                typeof g["monthlyLimitUsd"] === "number" &&
+                Number.isFinite(g["monthlyLimitUsd"])) ?? null;
+            let policy = null;
+            if (policyPart && policyPart["enabled"] === true) {
+                const allowRaw = policyPart["modelAllowlist"];
+                // R72b MEDIUM 3 fix: allowlist 側も candidate 側も canonical form
+                // (= 先頭 "models/" を除去) で比較する。 Gemini legacy SDK は model 名を
+                // "models/gemini-pro" 形式で保持する実装があり (= Python の model_name)、
+                // TS (= 入力値そのまま) と片側だけ block される drift があった。
+                const allow = Array.isArray(allowRaw)
+                    ? new Set(allowRaw
+                        .filter((m) => typeof m === "string")
+                        .map(canonicalizeModelName))
+                    : null;
+                policy = {
+                    allow: allow && allow.size > 0 ? allow : null,
+                    blockPii: policyPart["blockPii"] === true,
+                    blockSecrets: policyPart["blockSecrets"] === true,
+                    enforceMode: policyPart["enforceMode"] === "fail_closed" ? "fail_closed" : "fail_open",
+                };
+            }
+            const ttlSeconds = root["ttlSeconds"] ?? budgetPart["ttlSeconds"];
+            const spentRaw = budgetPart["spentUsdThisMonth"];
+            this.snapshot = {
+                fetchedAtMs: this.now(),
+                ttlMs: typeof ttlSeconds === "number" &&
+                    Number.isFinite(ttlSeconds) &&
+                    ttlSeconds > 0
+                    ? ttlSeconds * 1000
+                    : DEFAULT_TTL_MS,
+                gate: accountGate
+                    ? {
+                        limitUsd: accountGate["monthlyLimitUsd"],
+                        enforceMode: accountGate["enforceMode"] === "fail_closed"
+                            ? "fail_closed"
+                            : "fail_open",
+                    }
+                    : null,
+                spentUsd: typeof spentRaw === "number" && Number.isFinite(spentRaw) ? spentRaw : 0,
+                policy,
+            };
+            this.localSpendUsd = Math.max(0, this.localSpendUsd - localAtStart);
+            this.lastAttemptFailed = false;
+        }
+        catch {
+            // network / timeout / JSON 不正 = 旧 snapshot keep。fail_open なら素通し、
+            // fail_closed は evaluate() の stale 判定で止まる。
+            this.lastAttemptFailed = true;
+        }
+    }
+}
+// Phase 1 で公開した名前の互換 alias (= budget 専用だった頃の命名)。
+export { RuntimeGate as BudgetGate };
+//# sourceMappingURL=budgetGate.js.map

package/dist/budgetGate.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"budgetGate.js","sourceRoot":"","sources":["../src/budgetGate.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AAEtD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiCG;AAEH,MAAM,qBAAqB,GAAG,4CAA4C,CAAC;AAC3E,MAAM,aAAa,GAAG,YAAY,CAAC;AAEnC,MAAM,gBAAgB,GAAG,KAAK,CAAC;AAC/B,MAAM,cAAc,GAAG,MAAM,CAAC;AAC9B,yCAAyC;AACzC,MAAM,gBAAgB,GAAG,MAAM,CAAC;AAChC,kDAAkD;AAClD,MAAM,oBAAoB,GAAG,CAAC,CAAC;AAE/B;;;;GAIG;AACH,MAAM,UAAU,qBAAqB,CAAC,KAAa;IACjD,OAAO,KAAK,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;AAC7E,CAAC;AAED,MAAM,OAAO,2BAA4B,SAAQ,KAAK;IAC3C,QAAQ,CAAS;IACjB,QAAQ,CAAS;IAC1B,YAAY,QAAgB,EAAE,QAAgB;QAC5C,KAAK,CACH,0CAA0C,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,uBAAuB,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,4CAA4C,CACpJ,CAAC;QACF,IAAI,CAAC,IAAI,GAAG,6BAA6B,CAAC;QAC1C,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;IAC3B,CAAC;CACF;AAED,MAAM,OAAO,kCAAmC,SAAQ,KAAK;IAC3D;QACE,KAAK,CACH,kGAAkG,CACnG,CAAC;QACF,IAAI,CAAC,IAAI,GAAG,oCAAoC,CAAC;IACnD,CAAC;CACF;AAOD,MAAM,OAAO,4BAA6B,SAAQ,KAAK;IAC5C,MAAM,CAAwB;IAC9B,MAAM,CAAS;IACxB,YAAY,MAA6B,EAAE,MAAc;QACvD,KAAK,CAAC,2BAA2B,MAAM,4CAA4C,CAAC,CAAC;QACrF,IAAI,CAAC,IAAI,GAAG,8BAA8B,CAAC;QAC3C,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;CACF;AA2BD,MAAM,OAAO,WAAW;IACL,MAAM,CAAiB;IAChC,QAAQ,GAAwB,IAAI,CAAC;IACrC,QAAQ,GAAyB,IAAI,CAAC;IACtC,aAAa,GAAkB,IAAI,CAAC;IACpC,iBAAiB,GAAG,KAAK,CAAC;IAC1B,cAAc,GAAG,KAAK,CAAC;IACvB,cAAc,GAAG,KAAK,CAAC;IAC/B,8CAA8C;IACtC,aAAa,GAAG,CAAC,CAAC;IAE1B,YAAY,MAAsB;QAChC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED,qEAAqE;IAC7D,GAAG;QACT,OAAO,OAAO,WAAW,KAAK,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;IAC7E,CAAC;IAED,6CAA6C;IAC7C,IAAY,MAAM;QAChB,OAAO,CACL,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,KAAK,IAAI,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU,KAAK,IAAI,CAAC;YACpE,IAAI,CAAC,MAAM,CAAC,QAAQ,KAAK,IAAI;YAC7B,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,KAAK,QAAQ;YACtC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAC9B,CAAC;IACJ,CAAC;IAED,gDAAgD;IAChD,SAAS,CAAC,OAAe;QACvB,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU,KAAK,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM;YAAE,OAAO;QAC5D,IAAI,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,OAAO,GAAG,CAAC,EAAE,CAAC;YAC5C,IAAI,CAAC,aAAa,IAAI,OAAO,CAAC;QAChC,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,KAAK,CAAC,MAAwB,EAAE;QACpC,IAAI,CAAC,IAAI,CAAC,MAAM;YAAE,OAAO;QAEzB,MAAM,IAAI,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC3B,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,2CAA2C;YAC3C,IAAI,IAAI,CAAC,cAAc,EAAE;gBAAE,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;QAClD,CAAC;aAAM,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;YAC9B,IAAI,IAAI,CAAC,cAAc,EAAE,EAAE,CAAC;gBAC1B,MAAM,CAAC,GAAG,IAAI,CAAC,OAAO,EAAE,CAAC;gBACzB,MAAM,aAAa,GACjB,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,KAAK,IAAI;oBAC9B,IAAI,CAAC,IAAI,EAAE,WAAW,KAAK,aAAa,CAAC;oBAC3C,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,KAAK,IAAI;wBAC9B,IAAI,CAAC,MAAM,EAAE,WAAW,KAAK,aAAa,CAAC,CAAC;gBAChD,IAAI,aAAa,EAAE,CAAC;oBAClB,qDAAqD;oBACrD,MAAM,CAAC,CAAC;gBACV,CAAC;qBAAM,CAAC;oBACN,8DAA8D;oBAC9D,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;gBACpB,CAAC;YACH,CAAC;QACH,CAAC;QACD,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IACrB,CAAC;IAEO,QAAQ,CAAC,GAAqB;QACpC,MAAM,IAAI,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC3B,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,2CAA2C;YAC3C,iEAAiE;YACjE,6DAA6D;YAC7D,iDAAiD;YACjD,IACE,CAAC,IAAI,CAAC,MAAM,CAAC,oBAAoB,KAAK,IAAI;gBACxC,IAAI,CAAC,MAAM,CAAC,oBAAoB,KAAK,IAAI,CAAC;gBAC5C,IAAI,CAAC,iBAAiB,EACtB,CAAC;gBACD,MAAM,IAAI,kCAAkC,EAAE,CAAC;YACjD,CAAC;YACD,OAAO;QACT,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,WAAW,CAAC;QAC5C,MAAM,cAAc,GAAG,KAAK,GAAG,CAAC,IAAI,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG,oBAAoB,CAAC;QAE9E,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU,KAAK,IAAI,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;YACjD,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC;YACvB,IAAI,cAAc,IAAI,IAAI,CAAC,WAAW,KAAK,aAAa,EAAE,CAAC;gBACzD,MAAM,IAAI,kCAAkC,EAAE,CAAC;YACjD,CAAC;YACD,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,aAAa,CAAC;YACjD,IAAI,KAAK,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAC3B,MAAM,IAAI,2BAA2B,CAAC,KAAK,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC9D,CAAC;QACH,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU,KAAK,IAAI,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YACnD,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;YAC3B,IAAI,cAAc,IAAI,MAAM,CAAC,WAAW,KAAK,aAAa,EAAE,CAAC;gBAC3D,MAAM,IAAI,kCAAkC,EAAE,CAAC;YACjD,CAAC;YACD,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;QACnC,CAAC;IACH,CAAC;IAED,uDAAuD;IAC/C,cAAc,CAAC,MAAsB,EAAE,GAAqB;QAClE,MAAM,KAAK,GACT,GAAG,CAAC,KAAK;YACT,CAAC,GAAG,CAAC,OAAO,IAAI,OAAO,GAAG,CAAC,OAAO,KAAK,QAAQ;gBAC7C,CAAC,CAAE,GAAG,CAAC,OAA+B,CAAC,KAAK;gBAC5C,CAAC,CAAC,SAAS,CAAC,CAAC;QACjB,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;YACjB,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAClD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;oBACpD,qDAAqD;oBACrD,2DAA2D;oBAC3D,6CAA6C;oBAC7C,MAAM,SAAS,GAAG,KAAK,CAAC,OAAO,CAAC,oBAAoB,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;oBACzE,MAAM,IAAI,4BAA4B,CACpC,mBAAmB,EACnB,UAAU,SAAS,sCAAsC,CAC1D,CAAC;gBACJ,CAAC;YACH,CAAC;iBAAM,IAAI,MAAM,CAAC,WAAW,KAAK,aAAa,EAAE,CAAC;gBAChD,oEAAoE;gBACpE,yDAAyD;gBACzD,+CAA+C;gBAC/C,mDAAmD;gBACnD,MAAM,IAAI,4BAA4B,CACpC,mBAAmB,EACnB,kFAAkF,CACnF,CAAC;YACJ,CAAC;QACH,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,YAAY,CAAC,IAAI,GAAG,CAAC,OAAO,KAAK,SAAS,EAAE,CAAC;YAC1E,MAAM,GAAG,GAAG,mBAAmB,CAAC,GAAG,CAAC,OAAO,EAAE;gBAC3C,GAAG,EAAE,MAAM,CAAC,QAAQ;gBACpB,OAAO,EAAE,MAAM,CAAC,YAAY;aAC7B,CAAC,CAAC;YACH,IAAI,GAAG,EAAE,CAAC;gBACR,MAAM,IAAI,4BAA4B,CACpC,GAAG,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,cAAc,EAC1D,4BAA4B,GAAG,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,yBAAyB,CAAC,CAAC,CAAC,KAAK,KAAK,GAAG,CAAC,OAAO,QAAQ,GAAG,CAAC,IAAI,IAAI,SAAS,MAAM,GAAG,CAAC,OAAO,IAAI,CACxJ,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAEO,OAAO,CAAC,IAAkB;QAChC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,WAAW,CAAC;QAC1C,OAAO,GAAG,GAAG,CAAC,IAAI,GAAG,IAAI,IAAI,CAAC,KAAK,CAAC;IACtC,CAAC;IAED,sDAAsD;IAC9C,cAAc;QACpB,IAAI,IAAI,CAAC,aAAa,KAAK,IAAI,IAAI,CAAC,IAAI,CAAC,iBAAiB;YAAE,OAAO,IAAI,CAAC;QACxE,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,aAAa,IAAI,gBAAgB,CAAC;IAC7D,CAAC;IAEO,OAAO;QACb,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACnB,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YAChC,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE;gBAC5C,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;YACvB,CAAC,CAAC,CAAC;QACL,CAAC;QACD,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;IAED;;;;OAIG;IACK,YAAY;QAClB,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY;YAAE,OAAO,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC;QAC9D,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;QACtC,IAAI,QAAQ,EAAE,CAAC;YACb,IAAI,QAAQ,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;gBACrC,OAAO,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,aAAa,CAAC,MAAM,CAAC,GAAG,iBAAiB,CAAC;YACtE,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;gBACzB,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;gBAC3B,sCAAsC;gBACtC,OAAO,CAAC,IAAI,CACV,oJAAoJ,CACrJ,CAAC;YACJ,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,qBAAqB,CAAC;IAC/B,CAAC;IAEO,KAAK,CAAC,SAAS;QACrB,MAAM,GAAG,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;QAChC,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;YACjB,IAAI,CAAC,iBAAiB,GAAG,IAAI,CAAC;YAC9B,OAAO;QACT,CAAC;QACD,iDAAiD;QACjD,iCAAiC;QACjC,MAAM,YAAY,GAAG,IAAI,CAAC,aAAa,CAAC;QACxC,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;YACzC,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,gBAAgB,CAAC,CAAC;YACrE,IAAI,GAAa,CAAC;YAClB,IAAI,CAAC;gBACH,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;oBACrB,MAAM,EAAE,KAAK;oBACb,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE;oBAC1D,MAAM,EAAE,UAAU,CAAC,MAAM;iBAC1B,CAAC,CAAC;YACL,CAAC;oBAAS,CAAC;gBACT,YAAY,CAAC,KAAK,CAAC,CAAC;YACtB,CAAC;YACD,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;gBACZ,6CAA6C;gBAC7C,MAAM,GAAG,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;gBACxC,IAAI,CAAC,iBAAiB,GAAG,IAAI,CAAC;gBAC9B,OAAO,CAAC,4CAA4C;YACtD,CAAC;YAED,MAAM,GAAG,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAmC,CAAC;YACjE,mEAAmE;YACnE,oEAAoE;YACpE,2DAA2D;YAC3D,MAAM,KAAK,GAAG,CAAC,CAAU,EAAgC,EAAE,CACzD,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;YACpD,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;YACnC,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAE,IAAI,CAAC,QAAQ,CAA6B,CAAC,CAAC,CAAC,IAAI,CAAC;YAC9F,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAE,IAAI,CAAC,QAAQ,CAA6B,CAAC,CAAC,CAAC,IAAI,CAAC;YAC9F,IACE,IAAI,CAAC,MAAM,CAAC,UAAU,KAAK,IAAI;gBAC/B,CAAC,CAAC,QAAQ,IAAI,IAAI,CAAC;gBACnB,CAAC,IAAI,CAAC,cAAc,EACpB,CAAC;gBACD,2DAA2D;gBAC3D,mDAAmD;gBACnD,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;gBAC3B,sCAAsC;gBACtC,OAAO,CAAC,IAAI,CACV,2IAA2I,CAC5I,CAAC;YACJ,CAAC;YAED,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;gBAC9C,CAAC,CAAE,UAAU,CAAC,OAAO,CAAoC;gBACzD,CAAC,CAAC,EAAE,CAAC;YACP,MAAM,WAAW,GACf,KAAK,CAAC,IAAI,CACR,CAAC,CAAC,EAAE,EAAE,CACJ,KAAK,CAAC,CAAC,CAAC;gBACR,CAAC,CAAC,CAAC,WAAW,CAAC,KAAK,IAAI,IAAI,CAAC,CAAC,WAAW,CAAC,KAAK,SAAS,CAAC;gBACzD,CAAC,CAAC,SAAS,CAAC,KAAK,IAAI;gBACrB,OAAO,CAAC,CAAC,iBAAiB,CAAC,KAAK,QAAQ;gBACxC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CACxC,IAAI,IAAI,CAAC;YAEZ,IAAI,MAAM,GAA0B,IAAI,CAAC;YACzC,IAAI,UAAU,IAAI,UAAU,CAAC,SAAS,CAAC,KAAK,IAAI,EAAE,CAAC;gBACjD,MAAM,QAAQ,GAAG,UAAU,CAAC,gBAAgB,CAAC,CAAC;gBAC9C,8DAA8D;gBAC9D,2DAA2D;gBAC3D,4DAA4D;gBAC5D,6CAA6C;gBAC7C,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC;oBACnC,CAAC,CAAC,IAAI,GAAG,CACL,QAAQ;yBACL,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC;yBACjD,GAAG,CAAC,qBAAqB,CAAC,CAC9B;oBACH,CAAC,CAAC,IAAI,CAAC;gBACT,MAAM,GAAG;oBACP,KAAK,EAAE,KAAK,IAAI,KAAK,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI;oBAC7C,QAAQ,EAAE,UAAU,CAAC,UAAU,CAAC,KAAK,IAAI;oBACzC,YAAY,EAAE,UAAU,CAAC,cAAc,CAAC,KAAK,IAAI;oBACjD,WAAW,EACT,UAAU,CAAC,aAAa,CAAC,KAAK,aAAa,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,WAAW;iBAC5E,CAAC;YACJ,CAAC;YAED,MAAM,UAAU,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,UAAU,CAAC,YAAY,CAAC,CAAC;YAClE,MAAM,QAAQ,GAAG,UAAU,CAAC,mBAAmB,CAAC,CAAC;YACjD,IAAI,CAAC,QAAQ,GAAG;gBACd,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE;gBACvB,KAAK,EACH,OAAO,UAAU,KAAK,QAAQ;oBAC9B,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC;oBAC3B,UAAU,GAAG,CAAC;oBACZ,CAAC,CAAC,UAAU,GAAG,IAAI;oBACnB,CAAC,CAAC,cAAc;gBACpB,IAAI,EAAE,WAAW;oBACf,CAAC,CAAC;wBACE,QAAQ,EAAE,WAAW,CAAC,iBAAiB,CAAW;wBAClD,WAAW,EACT,WAAW,CAAC,aAAa,CAAC,KAAK,aAAa;4BAC1C,CAAC,CAAC,aAAa;4BACf,CAAC,CAAC,WAAW;qBAClB;oBACH,CAAC,CAAC,IAAI;gBACR,QAAQ,EACN,OAAO,QAAQ,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;gBAC1E,MAAM;aACP,CAAC;YACF,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,aAAa,GAAG,YAAY,CAAC,CAAC;YACpE,IAAI,CAAC,iBAAiB,GAAG,KAAK,CAAC;QACjC,CAAC;QAAC,MAAM,CAAC;YACP,iEAAiE;YACjE,2CAA2C;YAC3C,IAAI,CAAC,iBAAiB,GAAG,IAAI,CAAC;QAChC,CAAC;IACH,CAAC;CACF;AAED,iDAAiD;AACjD,OAAO,EAAE,WAAW,IAAI,UAAU,EAAE,CAAC"}

package/dist/client.js CHANGED Viewed

@@ -375,6 +375,7 @@ function wrapOpenAIChat(client, recorder, config) {
         const id = generateId();
         const isStream = requestArgs.stream === true;
         try {
+            await recorder.budgetGate.check({ model: requestArgs.model, payload: requestArgs });
             const response = await originalCreate(...args);
             if (isStream) {
                 return wrapOpenAIStream(response, recorder, requestArgs, start, id, config);
@@ -515,9 +516,33 @@ function wrapOpenAIResponses(client, recorder, config) {
             // Note: responses API streaming support is deferred to a later phase.
             // eslint-disable-next-line no-console
             console.warn("[argosvix] responses.create with stream:true is not yet observed");
+            // gate block も error record として観測する (= R65b H-3、 非 stream 経路の
+            // catch と同じ narrative)。
+            try {
+                await recorder.budgetGate.check({ model: requestArgs.model, payload: requestArgs });
+            }
+            catch (err) {
+                recorder.record({
+                    id,
+                    provider: "openai",
+                    model: requestArgs.model || "unknown",
+                    promptTokens: 0,
+                    completionTokens: 0,
+                    totalTokens: 0,
+                    costUsd: 0,
+                    latencyMs: Date.now() - start,
+                    timestamp: new Date().toISOString(),
+                    tags: { ...(config.tags ?? {}) },
+                    ...buildTraceMeta(config),
+                    error: err instanceof Error ? err.message : String(err),
+                    requestMeta: buildResponsesRequestMeta(requestArgs),
+                });
+                throw err;
+            }
             return originalCreate(...args);
         }
         try {
+            await recorder.budgetGate.check({ model: requestArgs.model, payload: requestArgs });
             const response = (await originalCreate(...args));
             const latencyMs = Date.now() - start;
             const model = response.model || requestArgs.model || "unknown";
@@ -598,6 +623,7 @@ function wrapAnthropic(client, recorder, config) {
         const id = generateId();
         const isStream = requestArgs.stream === true;
         try {
+            await recorder.budgetGate.check({ model: requestArgs.model, payload: requestArgs });
             const response = await originalCreate(...args);
             if (isStream) {
                 return wrapAnthropicStream(response, recorder, requestArgs, start, id, config);
@@ -731,6 +757,7 @@ function wrapMistral(client, recorder, config) {
         const requestArgs = args[0] || {};
         const id = generateId();
         try {
+            await recorder.budgetGate.check({ model: requestArgs.model, payload: requestArgs });
             const response = (await originalComplete(...args));
             const latencyMs = Date.now() - start;
             const model = response.model || requestArgs.model || "unknown";
@@ -780,6 +807,7 @@ function wrapMistral(client, recorder, config) {
             const requestArgs = args[0] || {};
             const id = generateId();
             try {
+                await recorder.budgetGate.check({ model: requestArgs.model, payload: requestArgs });
                 const stream = (await originalStream(...args));
                 return wrapMistralStream(stream, recorder, requestArgs, start, id, config);
             }
@@ -897,6 +925,7 @@ function wrapGeminiLegacyModel(model, modelName, recorder, config) {
         const id = generateId();
         const requestArgs = args[0];
         try {
+            await recorder.budgetGate.check({ model: modelName, payload: requestArgs });
             const result = (await originalGenerate(...args));
             const usage = result.response?.usageMetadata;
             const promptTokens = usage?.promptTokenCount ?? 0;
@@ -945,6 +974,7 @@ function wrapGeminiLegacyModel(model, modelName, recorder, config) {
             const id = generateId();
             const requestArgs = args[0];
             try {
+                await recorder.budgetGate.check({ model: modelName, payload: requestArgs });
                 const result = (await originalStream(...args));
                 if (!result.stream)
                     return result;
@@ -1033,6 +1063,7 @@ function wrapGeminiNew(client, recorder, config) {
         const requestArgs = args[0] || {};
         const modelName = requestArgs.model || "unknown";
         try {
+            await recorder.budgetGate.check({ model: modelName, payload: requestArgs });
             const result = (await originalGenerate(...args));
             const usage = result.usageMetadata;
             const promptTokens = usage?.promptTokenCount ?? 0;
@@ -1082,6 +1113,7 @@ function wrapGeminiNew(client, recorder, config) {
             const requestArgs = args[0] || {};
             const modelName = requestArgs.model || "unknown";
             try {
+                await recorder.budgetGate.check({ model: modelName, payload: requestArgs });
                 const stream = (await originalStream(...args));
                 // C-2 + H-3 fix: AsyncGenerator wrap with finally-record + error tied to consumption
                 return (async function* () {
@@ -1181,10 +1213,32 @@ function buildGeminiNewRequestMeta(requestArgs) {
     return meta;
 }
 /**
- * Lightweight ID generator (not strictly ULID-compatible). Will be swapped for
- * the `ulid` library in a later release.
+ * Time-ordered record ID generator.
+ *
+ * audit round2 M26 fix = 旧実装は `Date.now()` prefix + `Math.random().toString(36).slice(2,10)`
+ * suffix で、 (1) 非暗号乱数 (2) 値次第で suffix が 8 文字未満になり実効エントロピーが
+ * 41bit を大きく下回る、 という二重の弱さがあった。 backend は
+ * `INSERT ... ON CONFLICT(account_id, id) DO NOTHING` で衝突を無音 skip するため、
+ * 衝突した本物の call が課金・quota・観測から消える。 暗号乱数 (crypto.getRandomValues /
+ * randomUUID) で 128bit 級の衝突耐性に引き上げる。 先頭に時刻 prefix を残して時系列順も保つ。
  */
 function generateId() {
-    return `${Date.now().toString(36)}${Math.random().toString(36).slice(2, 10)}`;
+    const timePrefix = Date.now().toString(36);
+    // globalThis.crypto は Workers / Node 18+ / 近代ブラウザで利用可能。 SDK tsconfig は DOM lib を
+    // 含めないため Crypto 型に依存せず構造的に access する。
+    const c = globalThis.crypto;
+    if (c?.randomUUID) {
+        return `${timePrefix}-${c.randomUUID()}`;
+    }
+    if (c?.getRandomValues) {
+        const bytes = new Uint8Array(16);
+        c.getRandomValues(bytes);
+        let hex = "";
+        for (const b of bytes)
+            hex += b.toString(16).padStart(2, "0");
+        return `${timePrefix}-${hex}`;
+    }
+    // crypto 不在 runtime の最終 fallback (= 旧来挙動より広い乱数 2 連結で衝突確率を下げる)。
+    return `${timePrefix}-${Math.random().toString(36).slice(2)}${Math.random().toString(36).slice(2)}`;
 }
 //# sourceMappingURL=client.js.map