@ciandt-flow/flow-ai-obs 0.5.2-beta.328 → 0.5.2-beta.338

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/cli.js CHANGED
@@ -1,81 +1,92 @@
1
1
  #!/usr/bin/env node
2
- 'use strict';var Fn=require('https'),w=require('fs'),qt=require('os'),pt=require('path'),child_process=require('child_process'),qn=require('http'),util=require('util'),crypto=require('crypto');function _interopNamespace(e){if(e&&e.__esModule)return e;var n=Object.create(null);if(e){Object.keys(e).forEach(function(k){if(k!=='default'){var d=Object.getOwnPropertyDescriptor(e,k);Object.defineProperty(n,k,d.get?d:{enumerable:true,get:function(){return e[k]}});}})}n.default=e;return Object.freeze(n)}var Fn__namespace=/*#__PURE__*/_interopNamespace(Fn);var w__namespace=/*#__PURE__*/_interopNamespace(w);var qt__namespace=/*#__PURE__*/_interopNamespace(qt);var pt__namespace=/*#__PURE__*/_interopNamespace(pt);var qn__namespace=/*#__PURE__*/_interopNamespace(qn);var ce=Object.defineProperty;var In=Object.getOwnPropertyDescriptor;var vn=Object.getOwnPropertyNames;var Nn=Object.prototype.hasOwnProperty;var Dt=(t=>typeof require<"u"?require:typeof Proxy<"u"?new Proxy(t,{get:(e,r)=>(typeof require<"u"?require:e)[r]}):t)(function(t){if(typeof require<"u")return require.apply(this,arguments);throw Error('Dynamic require of "'+t+'" is not supported')});var p=(t,e)=>()=>(t&&(e=t(t=0)),e);var Pn=(t,e)=>()=>(e||t((e={exports:{}}).exports,e),e.exports),U=(t,e)=>{for(var r in e)ce(t,r,{get:e[r],enumerable:true});},Rn=(t,e,r,n)=>{if(e&&typeof e=="object"||typeof e=="function")for(let s of vn(e))!Nn.call(t,s)&&s!==r&&ce(t,s,{get:()=>e[s],enumerable:!(n=In(e,s))||n.enumerable});return t};var N=t=>Rn(ce({},"__esModule",{value:true}),t);var Bt=Pn((uo,Cn)=>{Cn.exports={name:"@ciandt-flow/flow-ai-obs",version:"0.5.2-beta.328",description:"Claude Code hooks for Langfuse OTLP tracing \u2014 cross-platform",main:"dist/index.js",bin:{"flow-ai-obs":"dist/cli.js","flow-ai-obs-setup":"dist/setup.js"},scripts:{build:"tsup",test:"jest",typecheck:"tsc --noEmit",lint:"eslint src bin scripts",format:'prettier --write "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"format:check":'prettier --check "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"security-scan":"trufflehog filesystem src/ --fail --no-update --exclude-paths .trufflehogignore",postinstall:`node -e "require('fs').existsSync('dist/setup.js') && require('child_process').execFileSync(process.execPath, ['dist/setup.js'], {stdio:'inherit'})"`,prepublishOnly:"npm run security-scan && npm run build","release:npm":"changeset publish",changeset:"changeset","version-packages":"changeset version","install:hooks":"node dist/cli.js install","auth:login":"node dist/cli.js auth login","auth:logout":"node dist/cli.js auth logout","auth:status":"node dist/cli.js auth status",smoke:"bash scripts/smoke-test.sh","smoke:debug":"bash scripts/smoke-test.sh --debug","smoke:send":"bash scripts/smoke-test.sh --send --allow-http --debug"},files:["dist/","README.md","LICENSE.md"],keywords:["claude-code","langfuse","observability","otlp","hooks","flow","ciandt"],author:"CI&T Flow Team",license:"SEE LICENSE IN LICENSE.md",private:false,dependencies:{},optionalDependencies:{keytar:"7.9.0"},devDependencies:{"@changesets/changelog-github":"^0.6.0","@changesets/cli":"^2.30.0","@types/jest":"^30.0.0","@types/node":"^25.8.0",jest:"^30.4.2","ts-jest":"^29.4.9",tsup:"^8.5.1","eslint-config-prettier":"^10.1.5",prettier:"^3.5.3",typescript:"^6.0.3","typescript-eslint":"^8.33.0"},engines:{node:">=18.0.0"},publishConfig:{registry:"https://registry.npmjs.org",access:"public"},repository:{type:"git",url:"git+https://github.com/CI-T-HyperX/flow-codeassistant-observability.git"}};});var le={};U(le,{bold:()=>B,cyan:()=>Z,dim:()=>E,green:()=>P,red:()=>z,yellow:()=>O});function at(t,e){return Un?r=>`\x1B[${t}m${r}\x1B[${e}m`:r=>r}var Un,P,z,O,Z,B,E,ct=p(()=>{Un=!process.env.NO_COLOR&&process.stdout.isTTY;P=at("32","39"),z=at("31","39"),O=at("33","39"),Z=at("36","39"),B=at("1","22"),E=at("2","22");});var jt={};U(jt,{checkForUpdate:()=>Hn,isNewer:()=>Ht,primeUpdateCache:()=>jn});function Q(){return ue||(ue=Bt()),ue}function Ht(t,e){let r=o=>{let i=String(o).replace(/^v/,"").match(/^(\d+)\.(\d+)\.(\d+)/);return i?[+i[1],+i[2],+i[3]]:null},n=r(t),s=r(e);return !n||!s?false:s[0]!==n[0]?s[0]>n[0]:s[1]!==n[1]?s[1]>n[1]:s[2]>n[2]}function Ke(){try{let t=JSON.parse(w__namespace.default.readFileSync(We,"utf8"));return typeof t.latestVersion!="string"||Date.now()-t.checkedAt>=Dn?null:t}catch{return null}}function qe(t,e,r=Date.now()){try{w__namespace.default.writeFileSync(We,JSON.stringify({latestVersion:t,updatePriority:e??null,checkedAt:r}),{mode:384});}catch{}}function Je(t){let e=Q().name,r=Fn__namespace.default.get(`https://registry.npmjs.org/${encodeURIComponent(e)}/latest`,{timeout:Bn},n=>{if(n.statusCode!==200)return n.resume(),t(new Error(`HTTP ${n.statusCode}`));let s="";n.setEncoding("utf8"),n.on("data",o=>{s+=o;}),n.on("end",()=>{try{let o=JSON.parse(s);if(typeof o.version!="string")throw new Error("no version field");t(null,{version:o.version,updatePriority:typeof o.updatePriority=="string"?o.updatePriority:null});}catch(o){t(o);}});});r.on("error",t),r.on("timeout",()=>{r.destroy(new Error("timeout"));});}function Ve(t){let e=Q().name,n=` Update available: ${Q().version} \u2192 ${t}`,s=` Run: npm install -g ${e}`,o=Math.max(n.length,s.length)+2,i="\u2500".repeat(o);process.stderr.write(`
2
+ 'use strict';var Dn=require('https'),E=require('fs'),Jt=require('os'),gt=require('path'),child_process=require('child_process'),ts=require('http'),util=require('util'),crypto=require('crypto');function _interopNamespace(e){if(e&&e.__esModule)return e;var n=Object.create(null);if(e){Object.keys(e).forEach(function(k){if(k!=='default'){var d=Object.getOwnPropertyDescriptor(e,k);Object.defineProperty(n,k,d.get?d:{enumerable:true,get:function(){return e[k]}});}})}n.default=e;return Object.freeze(n)}var Dn__namespace=/*#__PURE__*/_interopNamespace(Dn);var E__namespace=/*#__PURE__*/_interopNamespace(E);var Jt__namespace=/*#__PURE__*/_interopNamespace(Jt);var gt__namespace=/*#__PURE__*/_interopNamespace(gt);var ts__namespace=/*#__PURE__*/_interopNamespace(ts);var ue=Object.defineProperty;var Rn=Object.getOwnPropertyDescriptor;var Cn=Object.getOwnPropertyNames;var Un=Object.prototype.hasOwnProperty;var bt=(t=>typeof require<"u"?require:typeof Proxy<"u"?new Proxy(t,{get:(e,r)=>(typeof require<"u"?require:e)[r]}):t)(function(t){if(typeof require<"u")return require.apply(this,arguments);throw Error('Dynamic require of "'+t+'" is not supported')});var p=(t,e)=>()=>(t&&(e=t(t=0)),e);var Fn=(t,e)=>()=>(e||t((e={exports:{}}).exports,e),e.exports),$=(t,e)=>{for(var r in e)ue(t,r,{get:e[r],enumerable:true});},$n=(t,e,r,n)=>{if(e&&typeof e=="object"||typeof e=="function")for(let s of Cn(e))!Un.call(t,s)&&s!==r&&ue(t,s,{get:()=>e[s],enumerable:!(n=Rn(e,s))||n.enumerable});return t};var L=t=>$n(ue({},"__esModule",{value:true}),t);var Yt=Fn((To,xn)=>{xn.exports={name:"@ciandt-flow/flow-ai-obs",version:"0.5.2-beta.338",description:"Claude Code hooks for Langfuse OTLP tracing \u2014 cross-platform",main:"dist/index.js",bin:{"flow-ai-obs":"dist/cli.js","flow-ai-obs-setup":"dist/setup.js"},scripts:{build:"tsup",test:"jest",typecheck:"tsc --noEmit",lint:"eslint src bin scripts",format:'prettier --write "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"format:check":'prettier --check "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"security-scan":"trufflehog filesystem src/ --fail --no-update --exclude-paths .trufflehogignore",postinstall:`node -e "require('fs').existsSync('dist/setup.js') && require('child_process').execFileSync(process.execPath, ['dist/setup.js'], {stdio:'inherit'})"`,prepublishOnly:"npm run security-scan && npm run build","release:npm":"changeset publish",changeset:"changeset","version-packages":"changeset version","install:hooks":"node dist/cli.js install","auth:login":"node dist/cli.js auth login","auth:logout":"node dist/cli.js auth logout","auth:status":"node dist/cli.js auth status",smoke:"bash scripts/smoke-test.sh","smoke:debug":"bash scripts/smoke-test.sh --debug","smoke:send":"bash scripts/smoke-test.sh --send --allow-http --debug"},files:["dist/","README.md","LICENSE.md"],keywords:["claude-code","langfuse","observability","otlp","hooks","flow","ciandt"],author:"CI&T Flow Team",license:"SEE LICENSE IN LICENSE.md",private:false,dependencies:{},optionalDependencies:{keytar:"7.9.0"},devDependencies:{"@changesets/changelog-github":"^0.6.0","@changesets/cli":"^2.30.0","@types/jest":"^30.0.0","@types/node":"^25.8.0",jest:"^30.4.2","ts-jest":"^29.4.9",tsup:"^8.5.1","eslint-config-prettier":"^10.1.5",prettier:"^3.5.3",typescript:"^6.0.3","typescript-eslint":"^8.33.0"},engines:{node:">=18.0.0"},publishConfig:{registry:"https://registry.npmjs.org",access:"public"},repository:{type:"git",url:"git+https://github.com/CI-T-HyperX/flow-codeassistant-observability.git"}};});var de={};$(de,{bold:()=>V,cyan:()=>Z,dim:()=>S,green:()=>R,red:()=>z,yellow:()=>A});function ct(t,e){return Mn?r=>`\x1B[${t}m${r}\x1B[${e}m`:r=>r}var Mn,R,z,A,Z,V,S,lt=p(()=>{Mn=!process.env.NO_COLOR&&process.stdout.isTTY;R=ct("32","39"),z=ct("31","39"),A=ct("33","39"),Z=ct("36","39"),V=ct("1","22"),S=ct("2","22");});function Je(){return process.stdin.isTTY===true&&!process.argv.includes("--no-interactive")}var Xe=p(()=>{});var ut={};$(ut,{checkForUpdate:()=>Wn,checkForUpdateInteractive:()=>Kn,isNewer:()=>vt,primeUpdateCache:()=>qn});function C(){return pe||(pe=Yt()),pe}function vt(t,e){let r=o=>{let i=String(o).replace(/^v/,"").match(/^(\d+)\.(\d+)\.(\d+)/);return i?[+i[1],+i[2],+i[3]]:null},n=r(t),s=r(e);return !n||!s?false:s[0]!==n[0]?s[0]>n[0]:s[1]!==n[1]?s[1]>n[1]:s[2]>n[2]}function ge(){try{let t=JSON.parse(E__namespace.default.readFileSync(Qe,"utf8"));return typeof t.latestVersion!="string"||Date.now()-t.checkedAt>=Vn?null:t}catch{return null}}function tr(t,e,r=Date.now()){try{E__namespace.default.writeFileSync(Qe,JSON.stringify({latestVersion:t,updatePriority:e??null,checkedAt:r}),{mode:384});}catch{}}function er(t){let e=C().name,r=Dn__namespace.default.get(`https://registry.npmjs.org/${encodeURIComponent(e)}/latest`,{timeout:jn},n=>{if(n.statusCode!==200)return n.resume(),t(new Error(`HTTP ${n.statusCode}`));let s="";n.setEncoding("utf8"),n.on("data",o=>{s+=o;}),n.on("end",()=>{try{let o=JSON.parse(s);if(typeof o.version!="string")throw new Error("no version field");t(null,{version:o.version,updatePriority:typeof o.updatePriority=="string"?o.updatePriority:null});}catch(o){t(o);}});});r.on("error",t),r.on("timeout",()=>{r.destroy(new Error("timeout"));});}function fe(t){let e=C().name,n=` Update available: ${C().version} \u2192 ${t}`,s=` Run: npm install -g ${e}`,o=Math.max(n.length,s.length)+2,i="\u2500".repeat(o);process.stderr.write(`
3
3
  \u256D${i}\u256E
4
4
  \u2502${n.padEnd(o)}\u2502
5
5
  \u2502${s.padEnd(o)}\u2502
6
6
  \u2570${i}\u256F
7
7
 
8
- `);}function Ye(t){let e=Q().name;process.stderr.write(`
8
+ `);}function me(t){let e=C().name;process.stderr.write(`
9
9
  [${e}] Critical update detected \u2014 auto-updating to ${t}...
10
10
 
11
- `),child_process.spawn("npm",["install","-g",`${e}@${t}`],{detached:true,stdio:"ignore",windowsHide:true}).unref();}function Hn(){try{let t=Ke();if(t){Ht(Q().version,t.latestVersion)&&(t.updatePriority==="auto"?Ye(t.latestVersion):Ve(t.latestVersion));return}setImmediate(()=>{Je((e,r)=>{e||!r||(qe(r.version,r.updatePriority),Ht(Q().version,r.version)&&(r.updatePriority==="auto"?Ye(r.version):Ve(r.version)));});});}catch{}}function jn(){try{if(Ke())return;setImmediate(()=>{Je((t,e)=>{t||!e||Ht(Q().version,e.version)&&qe(e.version,e.updatePriority,0);});});}catch{}}var ue,We,Dn,Bn,Vt=p(()=>{We=pt__namespace.default.join(qt__namespace.default.tmpdir(),"flow-obs-update-cache.json"),Dn=1440*60*1e3,Bn=3e3;});var V,tt,Yt,Gt,Wt,de,Lt,lt,f,Kt,ut,Xe,R,ze,F,T=p(()=>{V=process.env.FLOW_BASE_URL||"https://flow.ciandt.com",tt={AUTH_ENGINE:process.env.FLOW_AUTH_ENGINE_URL||`${V}/auth-engine-api/v2/api-key/token`,GATEWAY_TRACES:process.env.FLOW_GATEWAY_TRACES_URL||`${V}/flow-langfuse-gateway/v1/traces`,GATEWAY_HEALTH:process.env.FLOW_GATEWAY_HEALTH_URL||`${V}/flow-langfuse-gateway/v1/health`,OTEL_ENDPOINT:process.env.FLOW_OTEL_ENDPOINT_URL||`${V}/otel`},Yt={SERVICE:"flow-plugins-cli",ACCOUNT_CREDS:"credentials",ACCOUNT_TOKEN:"token-cache"},Gt="FLOW-nodejs",Wt="config.json",de={SCOPE_NAME:"flow-ai-obs",SCOPE_VERSION:"0.1.0"},Lt={ANTHROPIC_BASE_URL:process.env.FLOW_LLM_PROXY_URL??`${V}/flow-llm-proxy/`,ANTHROPIC_MODEL:process.env.FLOW_LLM_PROXY_MODEL??"anthropic.claude-4-6-sonnet",ANTHROPIC_SMALL_FAST_MODEL:process.env.FLOW_LLM_PROXY_SMALL_MODEL??"anthropic.claude-4-6-sonnet",CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS:"1"},lt={CLAUDE_CODE_ENABLE_TELEMETRY:"1",OTEL_EXPORTER_OTLP_ENDPOINT:tt.OTEL_ENDPOINT,OTEL_EXPORTER_OTLP_PROTOCOL:"http/json",OTEL_METRICS_EXPORTER:"otlp",OTEL_LOGS_EXPORTER:"otlp",OTEL_LOG_TOOL_DETAILS:"1",OTEL_LOG_USER_PROMPTS:"1"},f={FLOW_TELEMETRY:"FLOW_TELEMETRY",FLOW_TELEMETRY_GATEWAY:"FLOW_TELEMETRY_GATEWAY_URL",LANGFUSE_BASE_URL:"LANGFUSE_BASE_URL",LANGFUSE_PUBLIC_KEY:"LANGFUSE_PUBLIC_KEY",LANGFUSE_SECRET_KEY:"LANGFUSE_SECRET_KEY",ANTHROPIC_MODEL:"ANTHROPIC_MODEL",ANTHROPIC_AUTH_TOKEN:"ANTHROPIC_AUTH_TOKEN",FLOW_OBS_DEBUG:"FLOW_TELEMETRY_DEBUG",FLOW_OBS_ALLOW_HTTP:"FLOW_TELEMETRY_ALLOW_HTTP",BUFFER_TTL_DAYS:"FLOW_TELEMETRY_BUFFER_TTL_DAYS",BUFFER_MAX_FILES:"FLOW_TELEMETRY_BUFFER_MAX_FILES"},Kt={KEYCHAIN_ENABLED:false},ut={LOCK_STALE_MS:3e4,CONNECTIVITY_MAX_RETRY:3,CONNECTIVITY_RETRY_MS:2e3},Xe={UserPromptSubmit:5,PreToolUse:3,PostToolUse:10,Stop:15},R={FILE_PREFIX:"flow-obs-buffer-",DEFAULT_TTL_DAYS:4,MIN_TTL_DAYS:1,MAX_TTL_DAYS:30,DEFAULT_MAX_FILES:50,MIN_MAX_FILES:1,MAX_MAX_FILES:500,REPLAY_BATCH_SIZE:10},ze="flow-ai-obs-debug.log",F={TOOL_INPUT:2e4,TOOL_OUTPUT:2e4,TRACE_OUTPUT:2e4,USER_INSTRUCTION:1e4,TRACE_INPUT:5e4,TOOL_BRIEF:60},{API_URL:process.env.FLOW_METRICS_URL||`${V}/metrics-collector-api/log-event`,BOOSTER:"flow-ai-obs"};});function l(...t){if(process.env[f.FLOW_OBS_DEBUG]!=="1")return;let e=`[${new Date().toISOString()}] ${t.join(" ")}
12
- `;try{w.writeFileSync(Wn,e,{flag:"a"});}catch(r){process.stderr.write(`[flow-obs debug ERROR] ${r.message}
13
- `);}}var Wn,$=p(()=>{T();Wn=pt.join(qt.tmpdir(),ze);});function Xn(t){if(!Jn.test(t))throw new Error(`Invalid tenant value: "${t}". Tenant must be lowercase alphanumeric and hyphens (1-64 chars).`)}function zn(t,e){let r=e.length>400?e.slice(0,400)+"\u2026":e;l("toAuthError",`status=${t} body=${r}`);try{let n=JSON.parse(e);if(typeof n.error=="string"&&(l("toAuthError",`api_error_code=${n.error}`+(n.message?` api_message=${n.message}`:"")),Ze[n.error]))return new Error(Ze[n.error])}catch{}return t===401||t===403||t===500?new Error("Invalid credentials"):t>=400&&t<500?new Error("Authentication request was rejected"):new Error("Authentication service unavailable, please try again later")}function Y(t){return new Promise((e,r)=>{try{Xn(t.tenant);}catch(u){return r(u)}let n=JSON.stringify({clientSecret:t.clientSecret}),s=new URL(tt.AUTH_ENGINE),o=s.protocol==="https:",i={hostname:s.hostname,port:s.port||(o?443:80),path:s.pathname+s.search,method:"POST",headers:{"Content-Type":"application/json","Content-Length":Buffer.byteLength(n),FlowTenant:t.tenant}};l("getToken",`requesting token tenant=${t.tenant} host=${i.hostname} path=${i.path}`);let c=(o?Fn__namespace.default:qn__namespace.default).request(i,u=>{let S=[];u.on("data",A=>S.push(A)),u.on("end",()=>{let A=S.join("");if((u.statusCode??0)>=400)return r(zn(u.statusCode??0,A));let m;try{m=JSON.parse(A);}catch{return r(new Error("Invalid response from auth engine"))}let k=m.expires_at??new Date(Date.now()+(m.expires_in??3600)*1e3).toISOString();e({accessToken:m.access_token??"",expiresAt:k});});});c.on("error",u=>r(new Error(`Network error: ${u.message}`))),c.write(n),c.end();})}var Jn,Ze,bt=p(()=>{T();$();Jn=/^[a-z0-9][a-z0-9-]{0,62}[a-z0-9]$|^[a-z0-9]$/;Ze={INVALID_CLIENT_SECRET:"Invalid Client Secret \u2014 check the value and try again",INVALID_CLIENT_ID:"Invalid Client ID \u2014 check the value and try again",INVALID_TENANT:"Invalid Tenant \u2014 check the value and try again",TENANT_NOT_FOUND:"Tenant not found \u2014 verify the tenant identifier"};});function H(){if(process.env.WSL_DISTRO_NAME&&process.platform==="linux"){let t=process.env.USERPROFILE;if(!t){let r=child_process.spawnSync("cmd.exe",["/c","echo","%USERPROFILE%"],{encoding:"utf8",timeout:5e3}).stdout?.trim();r&&/^[A-Za-z]:\\/.test(r)&&(t=r);}if(t){let e=t.replace(/^([A-Za-z]):/,(r,n)=>`/mnt/${n.toLowerCase()}`).replace(/\\/g,"/");return pt__namespace.join(e,".claude","settings.json")}return pt__namespace.join(qt__namespace.homedir(),".claude","settings.json")}if(process.platform==="win32"){let t=process.env.USERPROFILE||qt__namespace.homedir();return pt__namespace.join(t,".claude","settings.json")}if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let e=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(e)return pt__namespace.join(e,".claude","settings.json")}return pt__namespace.join(qt__namespace.homedir(),".claude","settings.json")}function tr(){return process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER?`Running as root via sudo is not recommended.
11
+ `),child_process.spawn("npm",["install","-g",`${e}@${t}`],{detached:true,stdio:"ignore",windowsHide:true}).unref();}async function Yn(t,e=1e4){let r=bt("readline"),n=C().name,s=C().version;return process.stderr.write(`
12
+ Update available: ${s} \u2192 ${t}
13
+ Run: npm install -g ${n}@${t}
14
+ Install now? [y/N]: `),new Promise(o=>{let i=r.createInterface({input:process.stdin,output:void 0,terminal:false}),a=false;function c(w){a||(a=true,clearTimeout(u),i.close(),process.stderr.write(`
15
+ `),o(w));}let u=setTimeout(()=>c(false),e);i.once("line",w=>c(w.trim().toLowerCase()==="y")),i.once("close",()=>c(false));})}async function Gn(t){let e=C().name;return process.stderr.write(` Installing ${e}@${t}...
16
+ `),new Promise(r=>{let n=child_process.spawn("npm",["install","-g",`${e}@${t}`],{stdio:"inherit"});n.on("close",s=>{s!==0?process.stderr.write(` \u2717 Update failed \u2014 continuing with current version.
17
+
18
+ `):process.stderr.write(` \u2713 Updated to ${t}. Please restart the command.
19
+
20
+ `),r();}),n.on("error",()=>{process.stderr.write(` \u2717 Update failed \u2014 continuing with current version.
21
+
22
+ `),r();});})}function Wn(){try{let t=ge();if(t){vt(C().version,t.latestVersion)&&(t.updatePriority==="auto"?me(t.latestVersion):fe(t.latestVersion));return}setImmediate(()=>{er((e,r)=>{e||!r||(tr(r.version,r.updatePriority),vt(C().version,r.version)&&(r.updatePriority==="auto"?me(r.version):fe(r.version)));});});}catch{}}async function Kn(t={}){try{let e=ge();if(!e||!vt(C().version,e.latestVersion))return;if(e.updatePriority==="auto"){me(e.latestVersion);return}if(!Je()){fe(e.latestVersion);return}await Yn(e.latestVersion,t.timeoutMs)&&await Gn(e.latestVersion);}catch{}}function qn(){try{if(ge())return;setImmediate(()=>{er((t,e)=>{t||!e||vt(C().version,e.version)&&tr(e.version,e.updatePriority,0);});});}catch{}}var pe,Qe,Vn,jn,dt=p(()=>{Xe();Qe=gt__namespace.default.join(Jt__namespace.default.tmpdir(),"flow-obs-update-cache.json"),Vn=1440*60*1e3,jn=3e3;});var x,Q,Gt,Wt,Kt,he,Pt,pt,f,qt,ft,rr,U,nr,M,T=p(()=>{x=process.env.FLOW_BASE_URL||"https://flow.ciandt.com",Q={AUTH_ENGINE:process.env.FLOW_AUTH_ENGINE_URL||`${x}/auth-engine-api/v2/api-key/token`,GATEWAY_TRACES:process.env.FLOW_GATEWAY_TRACES_URL||`${x}/flow-langfuse-gateway/v1/traces`,GATEWAY_HEALTH:process.env.FLOW_GATEWAY_HEALTH_URL||`${x}/flow-langfuse-gateway/v1/health`,OTEL_ENDPOINT:process.env.FLOW_OTEL_ENDPOINT_URL||`${x}/otel`},Gt={SERVICE:"flow-plugins-cli",ACCOUNT_CREDS:"credentials",ACCOUNT_TOKEN:"token-cache"},Wt="FLOW-nodejs",Kt="config.json",he={SCOPE_NAME:"flow-ai-obs",SCOPE_VERSION:"0.1.0"},Pt={ANTHROPIC_BASE_URL:process.env.FLOW_LLM_PROXY_URL??`${x}/flow-llm-proxy/`,ANTHROPIC_MODEL:process.env.FLOW_LLM_PROXY_MODEL??"anthropic.claude-4-6-sonnet",ANTHROPIC_SMALL_FAST_MODEL:process.env.FLOW_LLM_PROXY_SMALL_MODEL??"anthropic.claude-4-6-sonnet",CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS:"1"},pt={CLAUDE_CODE_ENABLE_TELEMETRY:"1",OTEL_EXPORTER_OTLP_ENDPOINT:Q.OTEL_ENDPOINT,OTEL_EXPORTER_OTLP_PROTOCOL:"http/json",OTEL_METRICS_EXPORTER:"otlp",OTEL_LOGS_EXPORTER:"otlp",OTEL_LOG_TOOL_DETAILS:"1",OTEL_LOG_USER_PROMPTS:"1"},f={FLOW_TELEMETRY:"FLOW_TELEMETRY",FLOW_TELEMETRY_GATEWAY:"FLOW_TELEMETRY_GATEWAY_URL",LANGFUSE_BASE_URL:"LANGFUSE_BASE_URL",LANGFUSE_PUBLIC_KEY:"LANGFUSE_PUBLIC_KEY",LANGFUSE_SECRET_KEY:"LANGFUSE_SECRET_KEY",ANTHROPIC_MODEL:"ANTHROPIC_MODEL",ANTHROPIC_AUTH_TOKEN:"ANTHROPIC_AUTH_TOKEN",FLOW_OBS_DEBUG:"FLOW_TELEMETRY_DEBUG",FLOW_OBS_ALLOW_HTTP:"FLOW_TELEMETRY_ALLOW_HTTP",BUFFER_TTL_DAYS:"FLOW_TELEMETRY_BUFFER_TTL_DAYS",BUFFER_MAX_FILES:"FLOW_TELEMETRY_BUFFER_MAX_FILES"},qt={KEYCHAIN_ENABLED:false},ft={LOCK_STALE_MS:3e4,CONNECTIVITY_MAX_RETRY:3,CONNECTIVITY_RETRY_MS:2e3},rr={UserPromptSubmit:5,PreToolUse:3,PostToolUse:10,Stop:15},U={FILE_PREFIX:"flow-obs-buffer-",DEFAULT_TTL_DAYS:4,MIN_TTL_DAYS:1,MAX_TTL_DAYS:30,DEFAULT_MAX_FILES:50,MIN_MAX_FILES:1,MAX_MAX_FILES:500,REPLAY_BATCH_SIZE:10},nr="flow-ai-obs-debug.log",M={TOOL_INPUT:2e4,TOOL_OUTPUT:2e4,TRACE_OUTPUT:2e4,USER_INSTRUCTION:1e4,TRACE_INPUT:5e4,TOOL_BRIEF:60},{API_URL:process.env.FLOW_METRICS_URL||`${x}/metrics-collector-api/log-event`,BOOSTER:"flow-ai-obs"};});function l(...t){if(process.env[f.FLOW_OBS_DEBUG]!=="1")return;let e=`[${new Date().toISOString()}] ${t.join(" ")}
23
+ `;try{E.writeFileSync(Zn,e,{flag:"a"});}catch(r){process.stderr.write(`[flow-obs debug ERROR] ${r.message}
24
+ `);}}var Zn,D=p(()=>{T();Zn=gt.join(Jt.tmpdir(),nr);});function rs(t){if(!es.test(t))throw new Error(`Invalid tenant value: "${t}". Tenant must be lowercase alphanumeric and hyphens (1-64 chars).`)}function ns(t,e){let r=e.length>400?e.slice(0,400)+"\u2026":e;l("toAuthError",`status=${t} body=${r}`);try{let n=JSON.parse(e);if(typeof n.error=="string"&&(l("toAuthError",`api_error_code=${n.error}`+(n.message?` api_message=${n.message}`:"")),sr[n.error]))return new tt(sr[n.error])}catch{}return t===401||t===403||t===500?new tt("Invalid credentials"):t>=400&&t<500?new tt("Authentication request was rejected"):new Error("Authentication service unavailable, please try again later")}function j(t){return new Promise((e,r)=>{try{rs(t.tenant);}catch(u){return r(u)}let n=JSON.stringify({clientSecret:t.clientSecret}),s=new URL(Q.AUTH_ENGINE),o=s.protocol==="https:",i={hostname:s.hostname,port:s.port||(o?443:80),path:s.pathname+s.search,method:"POST",headers:{"Content-Type":"application/json","Content-Length":Buffer.byteLength(n),FlowTenant:t.tenant}};l("getToken",`requesting token tenant=${t.tenant} host=${i.hostname} path=${i.path}`);let c=(o?Dn__namespace.default:ts__namespace.default).request(i,u=>{let w=[];u.on("data",O=>w.push(O)),u.on("end",()=>{let O=w.join("");if((u.statusCode??0)>=400)return r(ns(u.statusCode??0,O));let m;try{m=JSON.parse(O);}catch{return r(new Error("Invalid response from auth engine"))}let k=m.expires_at??new Date(Date.now()+(m.expires_in??3600)*1e3).toISOString();e({accessToken:m.access_token??"",expiresAt:k});});});c.on("error",u=>r(new Error(`Network error: ${u.message}`))),c.write(n),c.end();})}var tt,es,sr,Nt=p(()=>{T();D();tt=class extends Error{constructor(e){super(e),this.name="AuthError";}},es=/^[a-z0-9][a-z0-9-]{0,62}[a-z0-9]$|^[a-z0-9]$/;sr={INVALID_CLIENT_SECRET:"Invalid Client Secret \u2014 check the value and try again",INVALID_CLIENT_ID:"Invalid Client ID \u2014 check the value and try again",INVALID_TENANT:"Invalid Tenant \u2014 check the value and try again",TENANT_NOT_FOUND:"Tenant not found \u2014 verify the tenant identifier"};});function Y(){if(process.env.WSL_DISTRO_NAME&&process.platform==="linux"){let t=process.env.USERPROFILE;if(!t){let r=child_process.spawnSync("cmd.exe",["/c","echo","%USERPROFILE%"],{encoding:"utf8",timeout:5e3}).stdout?.trim();r&&/^[A-Za-z]:\\/.test(r)&&(t=r);}if(t){let e=t.replace(/^([A-Za-z]):/,(r,n)=>`/mnt/${n.toLowerCase()}`).replace(/\\/g,"/");return gt__namespace.join(e,".claude","settings.json")}return gt__namespace.join(Jt__namespace.homedir(),".claude","settings.json")}if(process.platform==="win32"){let t=process.env.USERPROFILE||Jt__namespace.homedir();return gt__namespace.join(t,".claude","settings.json")}if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let e=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(e)return gt__namespace.join(e,".claude","settings.json")}return gt__namespace.join(Jt__namespace.homedir(),".claude","settings.json")}function ir(){return process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER?`Running as root via sudo is not recommended.
14
25
  Configure npm to install globals without sudo:
15
26
  npm config set prefix '~/.npm-global'
16
- export PATH=~/.npm-global/bin:$PATH`:null}var pe=p(()=>{});function er(t){try{let e=w__namespace.statSync(t);Date.now()-e.mtimeMs>ts&&w__namespace.unlinkSync(t);}catch{}try{w__namespace.writeFileSync(t,String(process.pid),{flag:"wx"});}catch(e){throw e.code==="EEXIST"?new Error("Another install is already in progress. If this is stale, remove: "+t):e}}function rr(t){try{w__namespace.unlinkSync(t);}catch{}}function es(t,e){let n=(Array.isArray(t)?t:[]).map(s=>{if(!Array.isArray(s?.hooks))return null;let o=s.hooks.filter(i=>!i.command?.startsWith?.("flow-ai-obs "));return o.length>0?{...s,hooks:o}:null}).filter(s=>s!=null);return [e,...n]}function nr(){let t=H(),e=t+".lock",r=[];w__namespace.mkdirSync(pt__namespace.dirname(t),{recursive:true}),er(e);try{if(w__namespace.existsSync(t)){w__namespace.copyFileSync(t,t+".bkp");try{w__namespace.chmodSync(t+".bkp",384);}catch{}}let n={};try{n=JSON.parse(w__namespace.readFileSync(t,"utf8"));}catch{}let s=n.env&&typeof n.env=="object"?n.env:{};n.env={...lt,...Lt,...s},n.otelHeadersHelper="flow-ai-obs otel-headers",(!n.hooks||typeof n.hooks!="object"||Array.isArray(n.hooks))&&(n.hooks={});let o=(c,u)=>({matcher:"",hooks:[{type:"command",command:`flow-ai-obs ${c}`,timeout:u}]}),i=["UserPromptSubmit","PreToolUse","PostToolUse","Stop"],a=n.hooks;for(let c of i){let u=es(a[c],o(c,Xe[c]));u.length>1&&r.push(c),a[c]=u;}w__namespace.writeFileSync(t,JSON.stringify(n,null,2)+`
17
- `,{encoding:"utf8",mode:384});try{w__namespace.chmodSync(t,384);}catch{}}finally{rr(e);}return {settingsPath:t,preserved:r}}async function sr(t){let e;try{e=(await Y(t)).accessToken;}catch{return false}return e?new Promise(r=>{fe(`Bearer ${e}`,r,1);}):false}function fe(t,e,r){let n=new URL(tt.GATEWAY_TRACES),s=JSON.stringify({resourceSpans:[],validation_run:true}),o=n.protocol==="https:",i={hostname:n.hostname,port:n.port||(o?443:80),path:n.pathname,method:"POST",headers:{"Content-Type":"application/json",Authorization:t,"Content-Length":Buffer.byteLength(s)}},c=(o?Fn__namespace:qn__namespace).request(i,u=>{u.resume(),u.statusCode===200||u.statusCode===204?e(true):r<ut.CONNECTIVITY_MAX_RETRY?setTimeout(()=>fe(t,e,r+1),ut.CONNECTIVITY_RETRY_MS):e(false);});c.on("error",()=>{r<ut.CONNECTIVITY_MAX_RETRY?setTimeout(()=>fe(t,e,r+1),ut.CONNECTIVITY_RETRY_MS):e(false);}),c.write(s),c.end();}function Jt(t){let e=H(),r=e+".lock";w__namespace.mkdirSync(pt__namespace.dirname(e),{recursive:true}),er(r);try{let n={};try{n=JSON.parse(w__namespace.readFileSync(e,"utf8"));}catch{}(!n.env||typeof n.env!="object")&&(n.env={}),Object.assign(n.env,t),w__namespace.writeFileSync(e,JSON.stringify(n,null,2)+`
18
- `,{encoding:"utf8",mode:384});try{w__namespace.chmodSync(e,384);}catch{}}finally{rr(r);}}var ts,It=p(()=>{T();bt();pe();ts=ut.LOCK_STALE_MS;});function vt(){let t=qt__namespace.default.homedir();if(process.platform==="darwin")return pt__namespace.default.join(t,"Library","Preferences",Gt,Wt);if(process.platform==="win32"){let r=process.env.APPDATA??pt__namespace.default.join(t,"AppData","Roaming");return pt__namespace.default.join(r,Gt,Wt)}let e=process.env.XDG_CONFIG_HOME??pt__namespace.default.join(t,".config");return pt__namespace.default.join(e,Gt,Wt)}function he(){try{let t=w__namespace.default.readFileSync(vt(),"utf8");return JSON.parse(t)}catch{return {}}}function or(t){let e=vt();w__namespace.default.mkdirSync(pt__namespace.default.dirname(e),{recursive:true}),w__namespace.default.writeFileSync(e,JSON.stringify(t,null,2),{encoding:"utf8",mode:384});}var ge,Xt,ir=p(()=>{T();ge={credentials:"credentials","token-cache":"tokenCache"};Xt=class{static isAvailable(){return true}static hasExistingData(){try{if(!w__namespace.default.existsSync(vt()))return !1;let e=JSON.parse(w__namespace.default.readFileSync(vt(),"utf8"));return !!(e&&e.credentials)}catch{return false}}async getSecret(e,r){let n=he(),s=ge[r]??r,o=n[s];return o?typeof o=="string"?o:JSON.stringify(o):null}async setSecret(e,r,n){let s=he(),o=ge[r]??r;if(r==="token-cache")try{s[o]=JSON.parse(n);}catch{s[o]=n;}else s[o]=n;or(s);}async deleteSecret(e,r){let n=he(),s=ge[r]??r;return s in n?(delete n[s],or(n),true):false}getStoragePath(){return `config.json (unencrypted) \u2014 ${vt()}`}};});var ar={};U(ar,{MacOsKeyVaultProvider:()=>Ee});var Se,Ee,cr=p(()=>{Se=util.promisify(child_process.execFile),Ee=class{static async isAvailable(){try{return w.accessSync("/usr/bin/security",w.constants.X_OK),!0}catch{return false}}async getSecret(e,r){try{let{stdout:n}=await Se("security",["find-generic-password","-w","-a",r,"-s",e]);return n.trim()||null}catch{return null}}async setSecret(e,r,n){await Se("security",["add-generic-password","-U","-a",r,"-s",e,"-w",n]);}async deleteSecret(e,r){try{return await Se("security",["delete-generic-password","-a",r,"-s",e]),!0}catch{return false}}getStoragePath(){return "macOS Keychain"}};});var ur={};U(ur,{LinuxKeyVaultProvider:()=>we});var lr,we,dr=p(()=>{lr=util.promisify(child_process.execFile),we=class{static async isAvailable(){let e=["/usr/bin/secret-tool","/bin/secret-tool","/usr/local/bin/secret-tool"];for(let r of e)try{return w.accessSync(r,w.constants.X_OK),!0}catch{}return false}async getSecret(e,r){try{let{stdout:n}=await lr("secret-tool",["lookup","service",e,"account",r]);return n.trim()||null}catch{return null}}async setSecret(e,r,n){await new Promise((s,o)=>{let i=child_process.spawn("secret-tool",["store","--label",e,"service",e,"account",r]);i.on("error",o),i.on("close",a=>{a===0?s():o(new Error(`secret-tool exited with code ${a}`));}),i.stdin.write(n),i.stdin.end();});}async deleteSecret(e,r){try{return await lr("secret-tool",["clear","service",e,"account",r]),!0}catch{return false}}getStoragePath(){return "Linux Secret Service (libsecret)"}};});var pr={};U(pr,{WindowsKeyVaultProvider:()=>Te});var Te,fr=p(()=>{Te=class{static async isAvailable(){try{return await Dt("keytar").getPassword("__flow_probe__","__flow_probe__"),!0}catch{return false}}async getSecret(e,r){return Dt("keytar").getPassword(e,r)}async setSecret(e,r,n){await Dt("keytar").setPassword(e,r,n);}async deleteSecret(e,r){return Dt("keytar").deletePassword(e,r)}getStoragePath(){return "Windows Credential Manager"}};});async function mr(){return await ps()??new Xt}async function ps(){switch(process.platform){case "darwin":{let{MacOsKeyVaultProvider:t}=await Promise.resolve().then(()=>(cr(),ar));return await t.isAvailable()?new t:null}case "linux":{let{LinuxKeyVaultProvider:t}=await Promise.resolve().then(()=>(dr(),ur));return await t.isAvailable()?new t:null}case "win32":{let{WindowsKeyVaultProvider:t}=await Promise.resolve().then(()=>(fr(),pr));return await t.isAvailable()?new t:null}default:return null}}var gr=p(()=>{ir();});function mt(){return ye||(ye=mr()),ye}async function _(){let e=await(await mt()).getSecret(ft,_e);if(!e)return null;try{return JSON.parse(e)}catch{return null}}async function Oe(t){if(!t.clientId||!t.clientSecret||!t.tenant)throw new Error("clientId, clientSecret and tenant are required");await(await mt()).setSecret(ft,_e,JSON.stringify(t));}async function hr(){let t=await mt();await t.deleteSecret(ft,_e),await t.deleteSecret(ft,ke);}async function zt(t){await(await mt()).setSecret(ft,ke,JSON.stringify({accessToken:t.accessToken,expiresAt:t.expiresAt}));}async function gt(){let e=await(await mt()).getSecret(ft,ke);if(!e)return null;try{let r=JSON.parse(e);return {accessToken:r.accessToken,expiresAt:r.expiresAt}}catch{return null}}async function ht(){let t=await gt();return t?new Date(t.expiresAt)>new Date:false}async function et(){let t=await gt();if(!t||!t.accessToken)return null;try{let e=t.accessToken.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return r.email??r.preferred_username??r.upn??r.sub??null}catch{return null}}async function Ae(){let t=await mt();if(typeof t.getStoragePath=="function")return t.getStoragePath();let e=process.platform;return e==="darwin"?"macOS Keychain":e==="win32"?"Windows Credential Manager":"Linux Secret Service (libsecret)"}async function Sr(){let t=await _();return !!(t&&t.clientId&&t.clientSecret&&t.tenant)}var ft,_e,ke,ye,St=p(()=>{gr();T();ft=Yt.SERVICE,_e=Yt.ACCOUNT_CREDS,ke=Yt.ACCOUNT_TOKEN,ye=null;});function Le(){return pt__namespace.default.join(qt__namespace.default.homedir(),".claude","flow-obs",".logged-out")}function wr(){try{let t=Le();w__namespace.default.mkdirSync(pt__namespace.default.dirname(t),{recursive:!0}),w__namespace.default.writeFileSync(t,"",{mode:384});}catch{}}function Tr(){try{w__namespace.default.unlinkSync(Le());}catch{}}function Qt(){try{return w__namespace.default.existsSync(Le())}catch{return false}}var yr=p(()=>{});function gs(t){return ms.some(e=>e.test(t))}function hs(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return r.email||r.preferred_username||r.upn||r.sub||null}catch{return null}}function x(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8")),{clientId:n,clientSecret:s,tenant:o}=r;return !n||!s||!o?null:{clientId:n,clientSecret:s,tenant:o}}catch{return null}}function kr(t){let e=Buffer.from(JSON.stringify({alg:"none",typ:"JWT"})).toString("base64url"),r=Buffer.from(JSON.stringify({clientId:t.clientId,clientSecret:t.clientSecret,tenant:t.tenant})).toString("base64url");return `${e}.${r}.`}function _r(t){let e;try{e=new URL(t);}catch{throw new Error(`Invalid URL: ${t}`)}let r=process.env[f.FLOW_OBS_ALLOW_HTTP]==="true";if(!r&&e.protocol!=="https:")throw new Error(`URL must use HTTPS: ${t}`);if(e.username||e.password)throw new Error(`URL must not contain embedded credentials: ${t}`);if(!r&&gs(e.hostname))throw new Error(`SSRF: private/loopback host not allowed: ${e.hostname}`);return t}async function Or(){let t=x(process.env[f.ANTHROPIC_AUTH_TOKEN]);if(t)return {user:await et().catch(()=>null)??t.clientId,tenant:t.tenant};if(Kt.KEYCHAIN_ENABLED)try{let e=await _();if(!e)return {user:"",tenant:""};let r=await et()??e.clientId??"",n=e.tenant??"";return {user:r,tenant:n}}catch{return {user:"",tenant:""}}return {user:"",tenant:""}}async function Ss(t){if(await ht()){let r=await gt();return l("getOrRefreshToken",`using cached token, expires=${r.expiresAt}`),r.accessToken}l("getOrRefreshToken",`token expired \u2014 refreshing via auth-engine (tenant=${t.tenant} clientId=${t.clientId})`);let e=await Y(t);try{await zt(e);}catch(r){l("getOrRefreshToken",`token cache save failed (non-fatal): ${r.message}`);}return l("getOrRefreshToken",`token refreshed, expires=${e.expiresAt}`),e.accessToken}function Es(t,e){let r=e&&e.accessToken?e.accessToken:"";return {endpoint:t.replace(/\/$/,"")+"/flow-langfuse-gateway/v1/traces",authHeader:`Bearer ${r}`}}function ws(t,e,r){let n=Buffer.from(`${e}:${r}`).toString("base64");return {endpoint:t.replace(/\/$/,"")+"/api/public/otel/v1/traces",authHeader:`Basic ${n}`}}async function rt(){let t=[],e=process.env[f.ANTHROPIC_MODEL]??"",r=x(process.env[f.ANTHROPIC_AUTH_TOKEN]);l("resolveCredentials",r?"credentials resolved from ANTHROPIC_AUTH_TOKEN":"ANTHROPIC_AUTH_TOKEN absent or invalid"),!r&&Kt.KEYCHAIN_ENABLED&&(r=await _(),r&&l("resolveCredentials","credentials resolved from keychain (FEATURES.KEYCHAIN_ENABLED=true)"));let n=r?r.tenant:"",s=process.env[f.FLOW_TELEMETRY]==="true",o=process.env[f.LANGFUSE_BASE_URL],i=process.env[f.LANGFUSE_PUBLIC_KEY],a=process.env[f.LANGFUSE_SECRET_KEY];if(s&&o&&i&&a){let m="",k=n;if(r)m=await et().catch(()=>null)??r.clientId;else if(Kt.KEYCHAIN_ENABLED)try{let L=await _();L&&(m=await et()??L.clientId,k=L.tenant);}catch{}let y={user:m??"",tenant:k??"",team:"",project:"",model:e};t.push({mode:"direct",...ws(_r(o),i,a),...y}),l("resolveCredentials","direct mode active",`user=${y.user}`,`tenant=${y.tenant}`);}if(!r){if(t.length===0){let m=[];return m.authError=false,m}return t}let c;try{c=await Ss(r);}catch(m){if(l("resolveCredentials",`token refresh failed: ${m.message}`,`(tenant=${r.tenant} clientId=${r.clientId})`),t.length>0)return t;let k=[];return k.authError=true,k}let S={user:hs(c)??r.clientId,tenant:n,team:"",project:"",model:e},A=process.env[f.FLOW_TELEMETRY_GATEWAY]??V;return t.push({mode:"gateway",...Es(_r(A),{accessToken:c}),...S}),t}async function Ar(){return (await rt()).length>0}var ms,G=p(()=>{St();bt();T();$();ms=[/^localhost\.?$/i,/^127\./,/^10\./,/^172\.(1[6-9]|2\d|3[01])\./,/^192\.168\./,/^169\.254\./,/^0\.0\.0\.0$/,/^::1$/,/^\[::1\]$/,/^\[::ffff:/i,/^\[f[cd]/i,/^\[fe80:/i,/^metadata\.google\.internal\.?$/i,/^metadata\.azure\.internal\.?$/i,/(?:^|\.)localtest\.me\.?$/i,/(?:^|\.)lvh\.me\.?$/i,/(?:^|\.)vcap\.me\.?$/i];});var Ir={};U(Ir,{runLogin:()=>K,runLogout:()=>Os,runStatus:()=>As});function W(t){return typeof t=="string"?t.replace(Ts,""):t}function Pt(t,e={}){return new Promise((r,n)=>{let{masked:s=false,defaultValue:o=""}=e;process.stdout.write(t+o);let i=o;function a(){try{process.stdin.setRawMode(!1);}catch{}}process.once("uncaughtException",a),process.once("unhandledRejection",a);let c=S=>{if(S===""){u(),n(new Error("SIGINT"));return}if(S==="\r"||S===`
27
+ export PATH=~/.npm-global/bin:$PATH`:null}var we=p(()=>{});function ar(t){try{let e=E__namespace.statSync(t);Date.now()-e.mtimeMs>is&&E__namespace.unlinkSync(t);}catch{}try{E__namespace.writeFileSync(t,String(process.pid),{flag:"wx"});}catch(e){throw e.code==="EEXIST"?new Error("Another install is already in progress. If this is stale, remove: "+t):e}}function cr(t){try{E__namespace.unlinkSync(t);}catch{}}function as(t,e){let n=(Array.isArray(t)?t:[]).map(s=>{if(!Array.isArray(s?.hooks))return null;let o=s.hooks.filter(i=>!i.command?.startsWith?.("flow-ai-obs "));return o.length>0?{...s,hooks:o}:null}).filter(s=>s!=null);return [e,...n]}function lr(){let t=Y(),e=t+".lock",r=[];E__namespace.mkdirSync(gt__namespace.dirname(t),{recursive:true}),ar(e);try{if(E__namespace.existsSync(t)){E__namespace.copyFileSync(t,t+".bkp");try{E__namespace.chmodSync(t+".bkp",384);}catch{}}let n={};try{n=JSON.parse(E__namespace.readFileSync(t,"utf8"));}catch{}let s=n.env&&typeof n.env=="object"?n.env:{};n.env={...pt,...Pt,...s},n.otelHeadersHelper="flow-ai-obs otel-headers",(!n.hooks||typeof n.hooks!="object"||Array.isArray(n.hooks))&&(n.hooks={});let o=(c,u)=>({matcher:"",hooks:[{type:"command",command:`flow-ai-obs ${c}`,timeout:u}]}),i=["UserPromptSubmit","PreToolUse","PostToolUse","Stop"],a=n.hooks;for(let c of i){let u=as(a[c],o(c,rr[c]));u.length>1&&r.push(c),a[c]=u;}E__namespace.writeFileSync(t,JSON.stringify(n,null,2)+`
28
+ `,{encoding:"utf8",mode:384});try{E__namespace.chmodSync(t,384);}catch{}}finally{cr(e);}return {settingsPath:t,preserved:r}}async function ur(t){let e;try{e=(await j(t)).accessToken;}catch{return false}return e?new Promise(r=>{Se(`Bearer ${e}`,r,1);}):false}function Se(t,e,r){let n=new URL(Q.GATEWAY_TRACES),s=JSON.stringify({resourceSpans:[],validation_run:true}),o=n.protocol==="https:",i={hostname:n.hostname,port:n.port||(o?443:80),path:n.pathname,method:"POST",headers:{"Content-Type":"application/json",Authorization:t,"Content-Length":Buffer.byteLength(s)}},c=(o?Dn__namespace:ts__namespace).request(i,u=>{u.resume(),u.statusCode===200||u.statusCode===204?e(true):r<ft.CONNECTIVITY_MAX_RETRY?setTimeout(()=>Se(t,e,r+1),ft.CONNECTIVITY_RETRY_MS):e(false);});c.on("error",()=>{r<ft.CONNECTIVITY_MAX_RETRY?setTimeout(()=>Se(t,e,r+1),ft.CONNECTIVITY_RETRY_MS):e(false);}),c.write(s),c.end();}function Xt(t){let e=Y(),r=e+".lock";E__namespace.mkdirSync(gt__namespace.dirname(e),{recursive:true}),ar(r);try{let n={};try{n=JSON.parse(E__namespace.readFileSync(e,"utf8"));}catch{}(!n.env||typeof n.env!="object")&&(n.env={}),Object.assign(n.env,t),E__namespace.writeFileSync(e,JSON.stringify(n,null,2)+`
29
+ `,{encoding:"utf8",mode:384});try{E__namespace.chmodSync(e,384);}catch{}}finally{cr(r);}}var is,Rt=p(()=>{T();Nt();we();is=ft.LOCK_STALE_MS;});function Ct(){let t=Jt__namespace.default.homedir();if(process.platform==="darwin")return gt__namespace.default.join(t,"Library","Preferences",Wt,Kt);if(process.platform==="win32"){let r=process.env.APPDATA??gt__namespace.default.join(t,"AppData","Roaming");return gt__namespace.default.join(r,Wt,Kt)}let e=process.env.XDG_CONFIG_HOME??gt__namespace.default.join(t,".config");return gt__namespace.default.join(e,Wt,Kt)}function ye(){try{let t=E__namespace.default.readFileSync(Ct(),"utf8");return JSON.parse(t)}catch{return {}}}function dr(t){let e=Ct();E__namespace.default.mkdirSync(gt__namespace.default.dirname(e),{recursive:true}),E__namespace.default.writeFileSync(e,JSON.stringify(t,null,2),{encoding:"utf8",mode:384});}var Te,zt,pr=p(()=>{T();Te={credentials:"credentials","token-cache":"tokenCache"};zt=class{static isAvailable(){return true}static hasExistingData(){try{if(!E__namespace.default.existsSync(Ct()))return !1;let e=JSON.parse(E__namespace.default.readFileSync(Ct(),"utf8"));return !!(e&&e.credentials)}catch{return false}}async getSecret(e,r){let n=ye(),s=Te[r]??r,o=n[s];return o?typeof o=="string"?o:JSON.stringify(o):null}async setSecret(e,r,n){let s=ye(),o=Te[r]??r;if(r==="token-cache")try{s[o]=JSON.parse(n);}catch{s[o]=n;}else s[o]=n;dr(s);}async deleteSecret(e,r){let n=ye(),s=Te[r]??r;return s in n?(delete n[s],dr(n),true):false}getStoragePath(){return `config.json (unencrypted) \u2014 ${Ct()}`}};});var fr={};$(fr,{MacOsKeyVaultProvider:()=>ke});var _e,ke,mr=p(()=>{_e=util.promisify(child_process.execFile),ke=class{static async isAvailable(){try{return E.accessSync("/usr/bin/security",E.constants.X_OK),!0}catch{return false}}async getSecret(e,r){try{let{stdout:n}=await _e("security",["find-generic-password","-w","-a",r,"-s",e]);return n.trim()||null}catch{return null}}async setSecret(e,r,n){await _e("security",["add-generic-password","-U","-a",r,"-s",e,"-w",n]);}async deleteSecret(e,r){try{return await _e("security",["delete-generic-password","-a",r,"-s",e]),!0}catch{return false}}getStoragePath(){return "macOS Keychain"}};});var hr={};$(hr,{LinuxKeyVaultProvider:()=>Ae});var gr,Ae,wr=p(()=>{gr=util.promisify(child_process.execFile),Ae=class{static async isAvailable(){let e=["/usr/bin/secret-tool","/bin/secret-tool","/usr/local/bin/secret-tool"];for(let r of e)try{return E.accessSync(r,E.constants.X_OK),!0}catch{}return false}async getSecret(e,r){try{let{stdout:n}=await gr("secret-tool",["lookup","service",e,"account",r]);return n.trim()||null}catch{return null}}async setSecret(e,r,n){await new Promise((s,o)=>{let i=child_process.spawn("secret-tool",["store","--label",e,"service",e,"account",r]);i.on("error",o),i.on("close",a=>{a===0?s():o(new Error(`secret-tool exited with code ${a}`));}),i.stdin.write(n),i.stdin.end();});}async deleteSecret(e,r){try{return await gr("secret-tool",["clear","service",e,"account",r]),!0}catch{return false}}getStoragePath(){return "Linux Secret Service (libsecret)"}};});var Sr={};$(Sr,{WindowsKeyVaultProvider:()=>Oe});var Oe,Er=p(()=>{Oe=class{static async isAvailable(){try{return await bt("keytar").getPassword("__flow_probe__","__flow_probe__"),!0}catch{return false}}async getSecret(e,r){return bt("keytar").getPassword(e,r)}async setSecret(e,r,n){await bt("keytar").setPassword(e,r,n);}async deleteSecret(e,r){return bt("keytar").deletePassword(e,r)}getStoragePath(){return "Windows Credential Manager"}};});async function Tr(){return await Ss()??new zt}async function Ss(){switch(process.platform){case "darwin":{let{MacOsKeyVaultProvider:t}=await Promise.resolve().then(()=>(mr(),fr));return await t.isAvailable()?new t:null}case "linux":{let{LinuxKeyVaultProvider:t}=await Promise.resolve().then(()=>(wr(),hr));return await t.isAvailable()?new t:null}case "win32":{let{WindowsKeyVaultProvider:t}=await Promise.resolve().then(()=>(Er(),Sr));return await t.isAvailable()?new t:null}default:return null}}var yr=p(()=>{pr();});function wt(){return Le||(Le=Tr()),Le}async function _(){let e=await(await wt()).getSecret(ht,Ie);if(!e)return null;try{return JSON.parse(e)}catch{return null}}async function ve(t){if(!t.clientId||!t.clientSecret||!t.tenant)throw new Error("clientId, clientSecret and tenant are required");await(await wt()).setSecret(ht,Ie,JSON.stringify(t));}async function _r(){let t=await wt();await t.deleteSecret(ht,Ie),await t.deleteSecret(ht,be);}async function Ft(t){await(await wt()).setSecret(ht,be,JSON.stringify({accessToken:t.accessToken,expiresAt:t.expiresAt,lastAuthCheckAt:t.lastAuthCheckAt}));}async function St(){let e=await(await wt()).getSecret(ht,be);if(!e)return null;try{let r=JSON.parse(e);return {accessToken:r.accessToken,expiresAt:r.expiresAt,lastAuthCheckAt:r.lastAuthCheckAt}}catch{return null}}async function Zt(){let t=await St();return t?new Date(t.expiresAt)>new Date:false}async function et(){let t=await St();if(!t||!t.accessToken)return null;try{let e=t.accessToken.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return r.email??r.preferred_username??r.upn??r.sub??null}catch{return null}}async function Pe(){let t=await wt();if(typeof t.getStoragePath=="function")return t.getStoragePath();let e=process.platform;return e==="darwin"?"macOS Keychain":e==="win32"?"Windows Credential Manager":"Linux Secret Service (libsecret)"}async function kr(){let t=await _();return !!(t&&t.clientId&&t.clientSecret&&t.tenant)}var ht,Ie,be,Le,Et=p(()=>{yr();T();ht=Gt.SERVICE,Ie=Gt.ACCOUNT_CREDS,be=Gt.ACCOUNT_TOKEN,Le=null;});function Ne(){return gt__namespace.default.join(Jt__namespace.default.homedir(),".claude","flow-obs",".logged-out")}function Or(){try{let t=Ne();E__namespace.default.mkdirSync(gt__namespace.default.dirname(t),{recursive:!0}),E__namespace.default.writeFileSync(t,"",{mode:384});}catch{}}function Lr(){try{E__namespace.default.unlinkSync(Ne());}catch{}}function te(){try{return E__namespace.default.existsSync(Ne())}catch{return false}}var Ir=p(()=>{});function ys(t){return Ts.some(e=>e.test(t))}function _s(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return r.email||r.preferred_username||r.upn||r.sub||null}catch{return null}}function B(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8")),{clientId:n,clientSecret:s,tenant:o}=r;return !n||!s||!o?null:{clientId:n,clientSecret:s,tenant:o}}catch{return null}}function vr(t){let e=Buffer.from(JSON.stringify({alg:"none",typ:"JWT"})).toString("base64url"),r=Buffer.from(JSON.stringify({clientId:t.clientId,clientSecret:t.clientSecret,tenant:t.tenant})).toString("base64url");return `${e}.${r}.`}function br(t){let e;try{e=new URL(t);}catch{throw new Error(`Invalid URL: ${t}`)}let r=process.env[f.FLOW_OBS_ALLOW_HTTP]==="true";if(!r&&e.protocol!=="https:")throw new Error(`URL must use HTTPS: ${t}`);if(e.username||e.password)throw new Error(`URL must not contain embedded credentials: ${t}`);if(!r&&ys(e.hostname))throw new Error(`SSRF: private/loopback host not allowed: ${e.hostname}`);return t}async function Pr(){let t=B(process.env[f.ANTHROPIC_AUTH_TOKEN]);if(t)return {user:await et().catch(()=>null)??t.clientId,tenant:t.tenant};if(qt.KEYCHAIN_ENABLED)try{let e=await _();if(!e)return {user:"",tenant:""};let r=await et()??e.clientId??"",n=e.tenant??"";return {user:r,tenant:n}}catch{return {user:"",tenant:""}}return {user:"",tenant:""}}function ks(){return new Date().toISOString().slice(0,10)}async function As(t){let e=ks(),r=await St();if(r?.lastAuthCheckAt!==e){l("getOrRefreshToken",`daily auth check (last: ${r?.lastAuthCheckAt??"never"})`);try{let o=await j(t);try{await Ft({...o,lastAuthCheckAt:e});}catch{}return l("getOrRefreshToken",`daily check passed, expires=${o.expiresAt}`),o.accessToken}catch(o){if(o instanceof tt)throw o;l("getOrRefreshToken",`daily check network error \u2014 using cache: ${o.message}`);}}let n=r!=null&&new Date(r.expiresAt)>new Date;if(l("getOrRefreshToken",`cacheValid=${n}`),n)return l("getOrRefreshToken",`using cached token, expires=${r.expiresAt}`),r.accessToken;l("getOrRefreshToken",`token expired \u2014 refreshing via auth-engine (tenant=${t.tenant} clientId=${t.clientId})`);let s=await j(t);try{await Ft({...s,lastAuthCheckAt:e});}catch(o){l("getOrRefreshToken",`token cache save failed (non-fatal): ${o.message}`);}return l("getOrRefreshToken",`token refreshed, expires=${s.expiresAt}`),s.accessToken}function Os(t,e){let r=e&&e.accessToken?e.accessToken:"";return {endpoint:t.replace(/\/$/,"")+"/flow-langfuse-gateway/v1/traces",authHeader:`Bearer ${r}`}}function Ls(t,e,r){let n=Buffer.from(`${e}:${r}`).toString("base64");return {endpoint:t.replace(/\/$/,"")+"/api/public/otel/v1/traces",authHeader:`Basic ${n}`}}async function rt(){let t=[],e=process.env[f.ANTHROPIC_MODEL]??"",r=B(process.env[f.ANTHROPIC_AUTH_TOKEN]);l("resolveCredentials",r?"credentials resolved from ANTHROPIC_AUTH_TOKEN":"ANTHROPIC_AUTH_TOKEN absent or invalid"),r&&l("resolveCredentials",`clientId=${r.clientId}`,`tenant=${r.tenant}`),!r&&qt.KEYCHAIN_ENABLED&&(r=await _(),r&&l("resolveCredentials","credentials resolved from keychain (FEATURES.KEYCHAIN_ENABLED=true)"));let n=r?r.tenant:"",s=process.env[f.FLOW_TELEMETRY]==="true",o=process.env[f.LANGFUSE_BASE_URL],i=process.env[f.LANGFUSE_PUBLIC_KEY],a=process.env[f.LANGFUSE_SECRET_KEY];if(s&&o&&i&&a){let m="",k=n;if(r)m=await et().catch(()=>null)??r.clientId;else if(qt.KEYCHAIN_ENABLED)try{let I=await _();I&&(m=await et()??I.clientId,k=I.tenant);}catch{}let y={user:m??"",tenant:k??"",team:"",project:"",model:e};t.push({mode:"direct",...Ls(br(o),i,a),...y}),l("resolveCredentials","direct mode active",`user=${y.user}`,`tenant=${y.tenant}`);}if(!r){if(t.length===0){let m=[];return m.authError=false,m}return t}let c;try{c=await As(r);}catch(m){if(l("resolveCredentials",`token refresh failed: ${m.message}`,`(tenant=${r.tenant} clientId=${r.clientId})`),t.length>0)return t.authError=true,t;let k=[];return k.authError=true,k}let w={user:_s(c)??r.clientId,tenant:n,team:"",project:"",model:e},O=process.env[f.FLOW_TELEMETRY_GATEWAY]??x;return t.push({mode:"gateway",...Os(br(O),{accessToken:c}),...w}),t}async function Nr(){return (await rt()).length>0}var Ts,nt=p(()=>{Et();Nt();T();D();Ts=[/^localhost\.?$/i,/^127\./,/^10\./,/^172\.(1[6-9]|2\d|3[01])\./,/^192\.168\./,/^169\.254\./,/^0\.0\.0\.0$/,/^::1$/,/^\[::1\]$/,/^\[::ffff:/i,/^\[f[cd]/i,/^\[fe80:/i,/^metadata\.google\.internal\.?$/i,/^metadata\.azure\.internal\.?$/i,/(?:^|\.)localtest\.me\.?$/i,/(?:^|\.)lvh\.me\.?$/i,/(?:^|\.)vcap\.me\.?$/i];});var Ur={};$(Ur,{runLogin:()=>K,runLogout:()=>Ns,runStatus:()=>Rs});function W(t){return typeof t=="string"?t.replace(Is,""):t}function $t(t,e={}){return new Promise((r,n)=>{let{masked:s=false,defaultValue:o=""}=e;process.stdout.write(t+o);let i=o;function a(){try{process.stdin.setRawMode(!1);}catch{}}process.once("uncaughtException",a),process.once("unhandledRejection",a);let c=w=>{if(w===""){u(),n(new Error("SIGINT"));return}if(w==="\r"||w===`
19
30
  `){u(),process.stdout.write(`
20
- `),r(i);return}if(S==="\x7F"){i.length>0&&(i=i.slice(0,-1),process.stdout.write("\b \b"));return}S.startsWith("\x1B")||(i+=S,process.stdout.write(s?"*".repeat(S.length):S));};function u(){process.stdin.setRawMode(false),process.stdin.removeListener("data",c),process.removeListener("uncaughtException",a),process.removeListener("unhandledRejection",a);}process.stdin.setRawMode(true),process.stdin.resume(),process.stdin.setEncoding("utf8"),process.stdin.on("data",c);})}async function Lr(t){if(!Qt())try{let e=await _();(!e||e.clientId!==t.clientId||e.clientSecret!==t.clientSecret||e.tenant!==t.tenant)&&await Oe(t);}catch{}}async function br(t){let{accessToken:e,expiresAt:r}=await Y(t);await Oe(t),await zt({accessToken:e,expiresAt:r}),Tr();try{let n=kr(t);Jt({[f.ANTHROPIC_AUTH_TOKEN]:n});}catch{}}async function ys(t){try{return await br(t),process.stdout.write(P(` \u2713 Setup complete. Tenant: ${W(t.tenant)}
31
+ `),r(i);return}if(w==="\x7F"){i.length>0&&(i=i.slice(0,-1),process.stdout.write("\b \b"));return}w.startsWith("\x1B")||(i+=w,process.stdout.write(s?"*".repeat(w.length):w));};function u(){process.stdin.setRawMode(false),process.stdin.removeListener("data",c),process.removeListener("uncaughtException",a),process.removeListener("unhandledRejection",a);}process.stdin.setRawMode(true),process.stdin.resume(),process.stdin.setEncoding("utf8"),process.stdin.on("data",c);})}async function Rr(t){if(!te())try{let e=await _();(!e||e.clientId!==t.clientId||e.clientSecret!==t.clientSecret||e.tenant!==t.tenant)&&await ve(t);}catch{}}async function Cr(t){let{accessToken:e,expiresAt:r}=await j(t);await ve(t),await Ft({accessToken:e,expiresAt:r}),Lr();try{let n=vr(t);Xt({[f.ANTHROPIC_AUTH_TOKEN]:n});}catch{}}async function bs(t){try{return await Cr(t),process.stdout.write(R(` \u2713 Setup complete. Tenant: ${W(t.tenant)}
21
32
 
22
33
  `)),0}catch(e){return process.stderr.write(z(` \u2717 Authentication failed: ${W(e.message)}
23
- `)),1}}async function _s(){try{process.stdout.write(`
24
- `);let t=(await Pt(Z(" ? ")+"Client ID: ")).trim(),e=(await Pt(Z(" ? ")+"Client Secret: ",{masked:!0})).trim(),r=(await Pt(Z(" ? ")+"Tenant: ")).trim();if(!t||!e||!r)return process.stderr.write(z(` \u2717 All fields are required
25
- `)),1;try{await br({clientId:t,clientSecret:e,tenant:r});}catch(n){return process.stderr.write(z(` \u2717 Authentication failed: ${W(n.message)}
26
- `)),1}return process.stdout.write(P(` \u2713 Setup complete. Tenant: ${W(r)}
27
- `)),process.stdout.write(` Storage: ${await Ae()}
34
+ `)),1}}async function vs(){try{process.stdout.write(`
35
+ `);let t=(await $t(Z(" ? ")+"Client ID: ")).trim(),e=(await $t(Z(" ? ")+"Client Secret: ",{masked:!0})).trim(),r=(await $t(Z(" ? ")+"Tenant: ")).trim();if(!t||!e||!r)return process.stderr.write(z(` \u2717 All fields are required
36
+ `)),1;try{await Cr({clientId:t,clientSecret:e,tenant:r});}catch(n){return process.stderr.write(z(` \u2717 Authentication failed: ${W(n.message)}
37
+ `)),1}return process.stdout.write(R(` \u2713 Setup complete. Tenant: ${W(r)}
38
+ `)),process.stdout.write(` Storage: ${await Pe()}
28
39
 
29
40
  `),0}catch(t){if(t.message==="SIGINT")throw t;return process.stderr.write(z(` \u2717 Unexpected error: ${t.message}
30
- `)),1}}async function K(t={}){if(t.clientId&&t.clientSecret&&t.tenant)return ys({clientId:t.clientId,clientSecret:t.clientSecret,tenant:t.tenant});let e=Qt()?null:x(process.env[f.ANTHROPIC_AUTH_TOKEN]);e&&await Lr(e);let r=e||await _();if(r){process.stdout.write(`
31
- `),process.stdout.write(B(` Already authenticated
32
- `)),process.stdout.write(E(" Tenant: ")+W(r.tenant)+`
33
- `),process.stdout.write(E(" Client ID: ")+W(r.clientId)+`
41
+ `)),1}}async function K(t={}){if(t.clientId&&t.clientSecret&&t.tenant)return bs({clientId:t.clientId,clientSecret:t.clientSecret,tenant:t.tenant});let e=te()?null:B(process.env[f.ANTHROPIC_AUTH_TOKEN]);e&&await Rr(e);let r=e||await _();if(r){process.stdout.write(`
42
+ `),process.stdout.write(V(` Already authenticated
43
+ `)),process.stdout.write(S(" Tenant: ")+W(r.tenant)+`
44
+ `),process.stdout.write(S(" Client ID: ")+W(r.clientId)+`
34
45
  `),process.stdout.write(`
35
- `);let n;try{n=await Pt(Z(" ? ")+"Re-authenticate? (y/N): ");}catch(s){if(s.message==="SIGINT")return process.stdout.write(`
36
- `),130;throw s}if(n.trim().toLowerCase()!=="y")return process.stdout.write(P(` \u2713 Using existing credentials.
46
+ `);let n;try{n=await $t(Z(" ? ")+"Re-authenticate? (y/N): ");}catch(s){if(s.message==="SIGINT")return process.stdout.write(`
47
+ `),130;throw s}if(n.trim().toLowerCase()!=="y")return process.stdout.write(R(` \u2713 Using existing credentials.
37
48
 
38
- `)),0}try{return await _s()}catch(n){if(n.message==="SIGINT")return process.stdout.write(`
39
- `),130;throw n}}async function ks(){try{return process.stdout.write(`
40
- `),(await Pt(Z(" ? ")+"Are you sure? This will remove your local credentials. (y/N): ")).toLowerCase()!=="y"?(process.stdout.write(O(` \u26A0 Logout cancelled
49
+ `)),0}try{return await vs()}catch(n){if(n.message==="SIGINT")return process.stdout.write(`
50
+ `),130;throw n}}async function Ps(){try{return process.stdout.write(`
51
+ `),(await $t(Z(" ? ")+"Are you sure? This will remove your local credentials. (y/N): ")).toLowerCase()!=="y"?(process.stdout.write(A(` \u26A0 Logout cancelled
41
52
  `)),0):null}catch(t){if(t.message==="SIGINT")return process.stdout.write(`
42
- `),130;throw t}}async function Os(t=false){if(!await Sr())return process.stdout.write(O(` \u26A0 You are not authenticated
43
- `)),0;if(!t){let e=await ks();if(e!==null)return e}try{return await hr(),wr(),process.stdout.write(P(` \u2713 Credentials removed successfully
53
+ `),130;throw t}}async function Ns(t=false){if(!await kr())return process.stdout.write(A(` \u26A0 You are not authenticated
54
+ `)),0;if(!t){let e=await Ps();if(e!==null)return e}try{return await _r(),Or(),process.stdout.write(R(` \u2713 Credentials removed successfully
44
55
  `)),0}catch{return process.stderr.write(z(` \u2717 Error removing credentials
45
- `)),1}}async function As(){if(Qt())return process.stdout.write(O(" \u26A0 Not authenticated. Run `flow-ai-obs auth login` to set up.\n")),0;let t=x(process.env[f.ANTHROPIC_AUTH_TOKEN]);t&&await Lr(t);let e=t||await _();if(!e)return process.stdout.write(O(" \u26A0 Not authenticated. Run `flow-ai-obs auth login` to set up.\n")),0;if(!t&&!await ht())return process.stdout.write(O(" \u26A0 Session expired. Run `flow-ai-obs auth login` to re-authenticate.\n")),0;let r=e.clientSecret.length>4?"****...****"+e.clientSecret.slice(-4):"****",n=t?"ANTHROPIC_AUTH_TOKEN (settings.json)":await Ae();return process.stdout.write(`
46
- `+B(` Authenticated
47
- `)),process.stdout.write(E(" Tenant: ")+W(e.tenant)+`
48
- `),process.stdout.write(E(" Client ID: ")+W(e.clientId)+`
49
- `),process.stdout.write(E(" Client Secret: ")+r+`
50
- `),process.stdout.write(E(" Storage: ")+n+`
56
+ `)),1}}async function Rs(){if(te())return process.stdout.write(A(" \u26A0 Not authenticated. Run `flow-ai-obs auth login` to set up.\n")),0;let t=B(process.env[f.ANTHROPIC_AUTH_TOKEN]);t&&await Rr(t);let e=t||await _();if(!e)return process.stdout.write(A(" \u26A0 Not authenticated. Run `flow-ai-obs auth login` to set up.\n")),0;if(!t&&!await Zt())return process.stdout.write(A(" \u26A0 Session expired. Run `flow-ai-obs auth login` to re-authenticate.\n")),0;let r=e.clientSecret.length>4?"****...****"+e.clientSecret.slice(-4):"****",n=t?"ANTHROPIC_AUTH_TOKEN (settings.json)":await Pe();return process.stdout.write(`
57
+ `+V(` Authenticated
58
+ `)),process.stdout.write(S(" Tenant: ")+W(e.tenant)+`
59
+ `),process.stdout.write(S(" Client ID: ")+W(e.clientId)+`
60
+ `),process.stdout.write(S(" Client Secret: ")+r+`
61
+ `),process.stdout.write(S(" Storage: ")+n+`
51
62
 
52
- `),0}var Ts,Rt=p(()=>{St();yr();bt();G();It();T();ct();Ts=/[\x00-\x08\x0B-\x1F\x7F]|\x1b\[[0-9;]*[a-zA-Z]/g;});var Pr={};U(Pr,{runInstall:()=>be});function Ls(){try{let t=w__namespace.readFileSync(H(),"utf8"),e=JSON.parse(t);return !!(e.env&&e.env[f.ANTHROPIC_AUTH_TOKEN])}catch{return false}}function bs(){if(process.env.WSL_DISTRO_NAME&&process.platform==="linux")return child_process.spawnSync("cmd.exe",["/c","where","claude"],{encoding:"utf8",timeout:5e3}).status===0;let t=process.platform==="win32"?"where":"which";return child_process.spawnSync(t,["claude"],{encoding:"utf8",timeout:5e3}).status===0}async function be(t={}){if(!bs())return process.stdout.write(O(` \u26A0 Claude Code not found \u2014 settings.json cannot be configured. Install Claude Code first.
53
- `)+E(` Install Claude Code: https://flow.ciandt.com/help/help/articles/2091079-setting-up-your-machine-for-claude-code
63
+ `),0}var Is,xt=p(()=>{Et();Ir();Nt();nt();Rt();T();lt();Is=/[\x00-\x08\x0B-\x1F\x7F]|\x1b\[[0-9;]*[a-zA-Z]/g;});var xr={};$(xr,{runInit:()=>Fs,runInstall:()=>ee});function Cs(){try{let t=E__namespace.readFileSync(Y(),"utf8"),e=JSON.parse(t);return !!(e.env&&e.env[f.ANTHROPIC_AUTH_TOKEN])}catch{return false}}function Us(){if(process.env.WSL_DISTRO_NAME&&process.platform==="linux")return child_process.spawnSync("cmd.exe",["/c","where","claude"],{encoding:"utf8",timeout:5e3}).status===0;let t=process.platform==="win32"?"where":"which";return child_process.spawnSync(t,["claude"],{encoding:"utf8",timeout:5e3}).status===0}async function ee(t={}){if(!Us())return process.stdout.write(A(` \u26A0 Claude Code not found \u2014 settings.json cannot be configured. Install Claude Code first.
64
+ `)+S(` Install Claude Code: https://flow.ciandt.com/help/help/articles/2091079-setting-up-your-machine-for-claude-code
54
65
 
55
- `)),1;if(!Ls()){process.stdout.write(O(` \u26A0 No credentials found in settings.json \u2014 authentication required.
66
+ `)),1;if(!Cs()){process.stdout.write(A(` \u26A0 No credentials found in settings.json \u2014 authentication required.
56
67
 
57
- `));let s=await K();if(s!==0)return s}let e,r;try{({settingsPath:e,preserved:r}=nr());}catch(s){return process.stderr.write(` \u2717 Failed to write settings: ${s.message}
68
+ `));let s=await K();if(s!==0)return s}let e,r;try{({settingsPath:e,preserved:r}=lr());}catch(s){return process.stderr.write(` \u2717 Failed to write settings: ${s.message}
58
69
  `),1}process.stdout.write(`
59
- `+B(" Native OTEL configured")+` (metrics & logs)
60
- `);for(let[s,o]of Object.entries(lt))process.stdout.write(E(` ${s.padEnd(36)}`)+o+`
70
+ `+V(" Native OTEL configured")+` (metrics & logs)
71
+ `);for(let[s,o]of Object.entries(pt))process.stdout.write(S(` ${s.padEnd(36)}`)+o+`
61
72
  `);process.stdout.write(`
62
- `),process.stdout.write(B(" Hooks registered")+` (Langfuse trace capture)
63
- `),process.stdout.write(E(" UserPromptSubmit")+` \u2192 flow-ai-obs UserPromptSubmit (timeout: 5s)
64
- `),process.stdout.write(E(" PreToolUse ")+` \u2192 flow-ai-obs PreToolUse (timeout: 3s)
65
- `),process.stdout.write(E(" PostToolUse ")+` \u2192 flow-ai-obs PostToolUse (timeout: 10s)
66
- `),process.stdout.write(E(" Stop ")+` \u2192 flow-ai-obs Stop (timeout: 15s)
73
+ `),process.stdout.write(V(" Hooks registered")+` (Langfuse trace capture)
74
+ `),process.stdout.write(S(" UserPromptSubmit")+` \u2192 flow-ai-obs UserPromptSubmit (timeout: 5s)
75
+ `),process.stdout.write(S(" PreToolUse ")+` \u2192 flow-ai-obs PreToolUse (timeout: 3s)
76
+ `),process.stdout.write(S(" PostToolUse ")+` \u2192 flow-ai-obs PostToolUse (timeout: 10s)
77
+ `),process.stdout.write(S(" Stop ")+` \u2192 flow-ai-obs Stop (timeout: 15s)
67
78
  `),r.length>0&&(process.stdout.write(`
68
- `),process.stdout.write(O(` \u26A0 Third-party hooks detected and preserved on: ${r.join(", ")}
69
- `)),process.stdout.write(E(` flow-ai-obs was prepended \u2014 it executes first.
79
+ `),process.stdout.write(A(` \u26A0 Third-party hooks detected and preserved on: ${r.join(", ")}
80
+ `)),process.stdout.write(S(` flow-ai-obs was prepended \u2014 it executes first.
70
81
  `))),process.stdout.write(`
71
- `),process.stdout.write(E(" Settings: ")+e+`
72
- `),process.stdout.write(E(" Backup: ")+e+`.bkp
73
- `),process.stdout.write(E(" OTEL auth: flow-ai-obs otel-headers")+E(` (reads keychain at runtime)
82
+ `),process.stdout.write(S(" Settings: ")+e+`
83
+ `),process.stdout.write(S(" Backup: ")+e+`.bkp
84
+ `),process.stdout.write(S(" OTEL auth: flow-ai-obs otel-headers")+S(` (reads keychain at runtime)
74
85
  `)),process.stdout.write(`
75
- `),t.skipHint||(process.stdout.write(P(` \u2713 Ready. Native OTEL + Langfuse trace capture active.
76
- `)),process.stdout.write(E(" Run `flow-ai-obs setup` to also configure the Flow LLM Proxy.\n\n")));let n=tr();return n&&process.stdout.write(O(` \u26A0 ${n}
86
+ `),t.skipHint||(process.stdout.write(R(` \u2713 Ready. Native OTEL + Langfuse trace capture active.
87
+ `)),process.stdout.write(S(" Run `flow-ai-obs setup` to also configure the Flow LLM Proxy.\n\n")));let n=ir();return n&&process.stdout.write(A(` \u26A0 ${n}
77
88
 
78
- `)),0}var Ie=p(()=>{It();T();ct();pe();Rt();});var Rr={};U(Rr,{runSetup:()=>Is});async function Is(t={}){process.stdout.write(`
89
+ `)),0}var Fs,Re=p(()=>{Rt();T();lt();we();xt();Fs=ee;});var Mr={};$(Mr,{runSetup:()=>$s});async function $s(t={}){process.stdout.write(`
79
90
  \u2554\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2557
80
91
  `),process.stdout.write(`\u2551 flow-ai-obs \u2014 setup \u2551
81
92
  `),process.stdout.write(`\u255A\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u255D
@@ -84,79 +95,79 @@
84
95
  Setup aborted. Run \`flow-ai-obs auth login\` to retry.
85
96
 
86
97
  `),e;process.stdout.write(`
87
- `);let r=await be({skipHint:true});if(r!==0)return r;try{Jt(Lt);}catch(s){process.stderr.write(` \u26A0 Could not write LLM Proxy config: ${s.message}
88
- `);}process.stdout.write(B(" Flow LLM Proxy configured")+` (model provider)
89
- `);for(let[s,o]of Object.entries(Lt))process.stdout.write(E(` ${s.padEnd(36)}`)+o+`
98
+ `);let r=await ee({skipHint:true});if(r!==0)return r;try{Xt(Pt);}catch(s){process.stderr.write(` \u26A0 Could not write LLM Proxy config: ${s.message}
99
+ `);}process.stdout.write(V(" Flow LLM Proxy configured")+` (model provider)
100
+ `);for(let[s,o]of Object.entries(Pt))process.stdout.write(S(` ${s.padEnd(36)}`)+o+`
90
101
  `);process.stdout.write(`
91
102
  `),process.stdout.write(` Validating connectivity to Flow OTEL endpoint\u2026
92
- `);let n=await _();return n?await sr(n)?process.stdout.write(P(` \u2713 Connectivity validated \u2014 telemetry is active.
103
+ `);let n=await _();return n?await ur(n)?process.stdout.write(R(` \u2713 Connectivity validated \u2014 telemetry is active.
93
104
 
94
- `)):process.stdout.write(O(` \u26A0 Could not reach the OTEL endpoint. Telemetry will activate once connectivity is restored.
105
+ `)):process.stdout.write(A(` \u26A0 Could not reach the OTEL endpoint. Telemetry will activate once connectivity is restored.
95
106
 
96
- `)):process.stdout.write(O(` \u26A0 Could not read stored credentials \u2014 skipping connectivity check.
107
+ `)):process.stdout.write(A(` \u26A0 Could not read stored credentials \u2014 skipping connectivity check.
97
108
 
98
- `)),process.stdout.write(P(` \u2713 Setup complete!
99
- `)),process.stdout.write(E(` Settings: ${H()}
109
+ `)),process.stdout.write(R(` \u2713 Setup complete!
110
+ `)),process.stdout.write(S(` Settings: ${Y()}
100
111
 
101
- `)),0}var Cr=p(()=>{T();ct();Rt();Ie();It();St();});var Ur={};U(Ur,{runOtelHeaders:()=>vs});async function vs(){let t=x(process.env[f.ANTHROPIC_AUTH_TOKEN]);if(!t)try{t=await _();}catch{return process.stderr.write(`[flow-ai-obs otel-headers] Failed to read credentials
112
+ `)),0}var Dr=p(()=>{T();lt();xt();Re();Rt();Et();});var Br={};$(Br,{runOtelHeaders:()=>xs});async function xs(){let t=B(process.env[f.ANTHROPIC_AUTH_TOKEN]);if(!t)try{t=await _();}catch{return process.stderr.write(`[flow-ai-obs otel-headers] Failed to read credentials
102
113
  `),1}if(!t)return process.stderr.write(`[flow-ai-obs otel-headers] Not authenticated \u2014 run: flow-ai-obs auth login
103
- `),1;let e;try{e=(await Y(t)).accessToken;}catch(r){return process.stderr.write(`[flow-ai-obs otel-headers] Token fetch failed: ${r.message}
114
+ `),1;let e;try{e=(await j(t)).accessToken;}catch(r){return process.stderr.write(`[flow-ai-obs otel-headers] Token fetch failed: ${r.message}
104
115
  `),1}return e?(process.stdout.write(`{"Authorization": "Bearer ${e}"}
105
116
  `),0):(process.stderr.write(`[flow-ai-obs otel-headers] Empty token received
106
- `),1)}var Fr=p(()=>{St();bt();G();T();});var xr={};U(xr,{runCheck:()=>Ns});function ve(t){return !t||t.length<=8?"****":t.slice(0,4)+"****...****"+t.slice(-4)}function Ct(t){process.stdout.write(` \u2713 ${t}
107
- `);}function te(t){process.stdout.write(` \u26A0 ${t}
108
- `);}function ee(t){process.stdout.write(` \u2717 ${t}
117
+ `),1)}var Hr=p(()=>{Et();Nt();nt();T();});var jr={};$(jr,{runCheck:()=>Ms});function Ce(t){return !t||t.length<=8?"****":t.slice(0,4)+"****...****"+t.slice(-4)}function Mt(t){process.stdout.write(` \u2713 ${t}
118
+ `);}function re(t){process.stdout.write(` \u26A0 ${t}
119
+ `);}function ne(t){process.stdout.write(` \u2717 ${t}
109
120
  `);}function b(t){process.stdout.write(` ${t}
110
- `);}function I(){process.stdout.write(`
111
- `);}async function Ns(){I(),process.stdout.write(` flow-claude-observability \u2014 configuration check
112
- `),I(),process.stdout.write(` Auth
113
- `);let t=x(process.env[f.ANTHROPIC_AUTH_TOKEN]),e=t||await _();if(!e){te("Not authenticated \u2014 starting setup..."),I();let a=await K();if(a!==0)return a;if(t=x(process.env[f.ANTHROPIC_AUTH_TOKEN]),e=t||await _(),!e)return ee("Authentication failed"),I(),1;I(),process.stdout.write(` Auth
114
- `);}if(!t&&!await ht()){te("Session expired \u2014 re-authenticating..."),I();let a=await K();if(a!==0)return a;I(),process.stdout.write(` Auth
115
- `);}let r=await et()||e.clientId;Ct("Authenticated"),b(`Tenant: ${e.tenant}`),b(`User: ${r}`),I(),process.stdout.write(` Native OTEL
116
- `);let n={};try{let a=w__namespace.readFileSync(H(),"utf8");n=JSON.parse(a).env||{};}catch{}let s=Object.keys(lt).filter(a=>!n[a]);if(s.length===0?(Ct("All OTEL env vars present in settings.json"),b(`Endpoint: ${n.OTEL_EXPORTER_OTLP_ENDPOINT}`)):(te(`${s.length} OTEL var(s) missing from settings.json \u2014 native metrics/logs disabled`),s.forEach(a=>ee(`Missing: ${a}`)),b("Run: flow-ai-obs install (restores missing vars automatically)")),I(),process.stdout.write(` Tracing
117
- `),process.env[f.FLOW_TELEMETRY]==="true"){Ct("FLOW_TELEMETRY=true (direct mode enabled)");let a=[f.LANGFUSE_BASE_URL,f.LANGFUSE_PUBLIC_KEY,f.LANGFUSE_SECRET_KEY].filter(c=>!process.env[c]);a.length>0&&a.forEach(c=>te(`Missing: ${c}`));}else b("FLOW_TELEMETRY not set \u2014 direct mode inactive (gateway mode may still be active)");let i=await rt();if(!i||i.length===0)return i&&i.authError?ee("Token refresh failed \u2014 gateway mode could not activate"):(ee("No active destinations \u2014 no traces will be sent"),b("For direct mode: set FLOW_TELEMETRY=true + LANGFUSE_BASE_URL + LANGFUSE_PUBLIC_KEY + LANGFUSE_SECRET_KEY"),b("For gateway mode: run flow-claude-observability auth login")),I(),1;for(let a of i)if(a.mode==="gateway"){let c=await gt();Ct("Mode: gateway"),b(`Endpoint: ${a.endpoint}`),b(`Token: ${ve(c?.accessToken)}`);}else a.mode==="direct"&&(Ct("Mode: direct"),b(`Endpoint: ${a.endpoint}`),b(`PK: ${ve(process.env[f.LANGFUSE_PUBLIC_KEY])}`),b(`SK: ${ve(process.env[f.LANGFUSE_SECRET_KEY])}`));return I(),process.stdout.write(` All checks passed \u2014 observability is active.
118
- `),I(),0}var Mr=p(()=>{St();G();It();T();Rt();});function M(t,e){let r=typeof t=="object"?JSON.stringify(t):String(t??"");return r.length>e?r.slice(0,e)+" \u2026[truncated]":r}function re(t,e=100){return String(t??"").split(`
119
- `)[0].slice(0,e).trim()}function Dr(){return new Promise(t=>{let e="";process.stdin.setEncoding("utf8"),process.stdin.on("data",r=>{e+=r;}),process.stdin.on("end",()=>{try{t(JSON.parse(e));}catch{t({});}});})}function C(t){process.stdout.write(JSON.stringify(t));}var Et=p(()=>{});function q(){return String(BigInt(Date.now())*1000000n)}var Ne,nt,Ut=p(()=>{Ne=()=>crypto.randomBytes(16).toString("hex"),nt=()=>crypto.randomBytes(8).toString("hex");});function Hs(t,e){let r=pt.resolve(t);if(!r.startsWith(e))throw new Error(`Path traversal detected: ${t}`);return r}function Pe(t){if(!Ds.test(t))throw new Error(`Invalid session ID: ${t}`);return Hs(pt.join(qt.tmpdir(),`flow-obs-${t}.json`),Bs)}function wt(t){let e=Pe(t);if(!w.existsSync(e))return null;try{return JSON.parse(w.readFileSync(e,"utf8"))}catch{return null}}function Tt(t,e){w.writeFileSync(Pe(t),JSON.stringify(e),{encoding:"utf8",mode:384});}function Re(t){try{w.unlinkSync(Pe(t));}catch{}}var Ds,Bs,Ft=p(()=>{Ds=/^[0-9a-f-]{1,64}$/i,Bs=pt.normalize(qt.tmpdir())+pt.sep;});function Yr(t){if(!t||!w.existsSync(t))return null;try{let e=w.readFileSync(t,"utf8").trimEnd().split(`
120
- `);for(let r=e.length-1;r>=0;r--)try{let n=JSON.parse(e[r]);if(n.type==="user"&&n.uuid)return n.uuid}catch{}}catch{}return null}function Ce(t){if(!t||!w.existsSync(t))return null;try{let e=w.readFileSync(t,"utf8").trimEnd().split(`
121
- `),r=[],n=0,s=0;for(let o=e.length-1;o>=0;o--)try{let i=JSON.parse(e[o]);if(i.type==="user")break;if(i.type==="assistant"){let c=(i.message?.content??[]).filter(S=>S.type==="text").map(S=>S.text??"").join("");c&&r.unshift(c);let u=i.message?.usage??{};n+=(u.input_tokens??0)+(u.cache_read_input_tokens??0)+(u.cache_creation_input_tokens??0),s+=u.output_tokens??0;}}catch{}return !r.length&&n===0?null:{text:r.join(`
122
-
123
- `),inputTokens:n,outputTokens:s}}catch{}return null}var Ue=p(()=>{});function Kr(t){return t.replace(":","/")}function ne(t,e){if(!t)return null;let r=Kr(t),n=[pt.join(qt.homedir(),".claude","skills",r,"SKILL.md"),pt.join(e??"",".claude","skills",r,"SKILL.md")];for(let s of n)if(w.existsSync(s))try{return w.readFileSync(s,"utf8")}catch{}return null}function qr(t){return t.split(`
124
- `)[0].match(/^\/([a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?)(?:\s.*)?$/i)?.[1]??null}function Jr(t){return !!t.slashSkill||t.toolCalls.some(n=>n.tool==="Skill")?t.toolCalls.some(n=>n.tool==="Skill"&&!n.synthetic||qs.has(n.tool))?"complete":"prerequisite_required":null}function se(t,e){if(!t)return null;let r=Kr(t),n=[pt.join(qt.homedir(),".claude","skills",r),pt.join(e??"",".claude","skills",r)],s=null;for(let a of n)if(w.existsSync(pt.join(a,"SKILL.md"))){s=a;break}if(!s)return null;let o=[];function i(a,c){for(let u of w.readdirSync(a,{withFileTypes:true})){if(Gs.has(u.name)||Ks.has(u.name)||Ws.has(pt.extname(u.name)))continue;let S=c?`${c}/${u.name}`:u.name;u.isDirectory()?i(pt.join(a,u.name),S):o.push(S);}}return i(s,""),o.length>0?o:null}var Gs,Ws,Ks,qs,oe=p(()=>{Gs=new Set([".venv","__pycache__",".git","node_modules"]),Ws=new Set([".pyc",".pyo"]),Ks=new Set(["SKILL.md",".DS_Store",".gitignore"]);qs=new Set(["Read","Write","Edit","MultiEdit","Bash","Glob","Grep","TodoWrite","WebFetch","WebSearch","Agent","Task"]);});async function Xr(t){let e=t.session_id||"unknown",r=t.prompt||"",n=t.cwd||"";try{(await rt()).authError===!0&&(process.stderr.write(`
125
- \u26A0 flow-ai-obs: Your Flow credentials have expired.
126
- Traces will not be captured until you re-authenticate.
127
- Run: flow-ai-obs auth login
128
-
129
- `),l("UserPromptSubmit","auth expired \u2014 warning emitted to stderr"));}catch{}let s=Yr(t.transcript_path)||Ne(),o=qr(r),i=o?ne(o,n):null,a=o?se(o,n):null;Tt(e,{traceId:Ne(),spanId:nt(),startNs:q(),sessionId:e,prompt:r,cwd:n,traceName:s,transcriptPath:t.transcript_path||"",model:process.env[f.ANTHROPIC_MODEL]||"",toolCalls:[],spans:[],pendingTool:null,slashSkill:o,skillContent:i,skillArtifacts:a}),l("UserPromptSubmit",`sid=${e}`,`traceName=${s}`,`slashSkill=${o}`),C(t);}var zr=p(()=>{Ut();Ft();Ue();oe();Et();$();T();G();});async function Zr(t){let e=t.session_id||"unknown",r=t.tool_name||"unknown",n=t.tool_input||{},s=wt(e);s&&(s.pendingTool={name:r,inputStr:M(n,F.TOOL_INPUT),startNs:q()},Tt(e,s)),l("PreToolUse",`sid=${e}`,`tool=${r}`,`stateFound=${!!s}`),C(t);}var Qr=p(()=>{Ut();Ft();Et();$();T();});function d(t,e){return e==null||e===""?null:{key:t,value:{stringValue:String(e)}}}function st(...t){return t.filter(e=>e!==null)}function tn(t,e){return {resourceSpans:[{resource:{attributes:t},scopeSpans:[{scope:Js,spans:Array.isArray(e)?e:[e]}]}]}}var Js,h,en=p(()=>{T();Js={name:de.SCOPE_NAME,version:de.SCOPE_VERSION},h={TRACE_NAME:"langfuse.trace.name",TRACE_INPUT:"langfuse.trace.input",TRACE_OUTPUT:"langfuse.trace.output",TRACE_METADATA:"langfuse.trace.metadata",TRACE_TAGS:"langfuse.trace.tags",USER_ID:"langfuse.user.id",SESSION_ID:"langfuse.session.id",OBS_NAME:"langfuse.observation.name",OBS_INPUT:"langfuse.observation.input",OBS_OUTPUT:"langfuse.observation.output",OBS_LEVEL:"langfuse.observation.level",OBS_TYPE:"langfuse.observation.type",MODEL:"gen_ai.request.model",INPUT_TOKENS:"gen_ai.usage.input_tokens",OUTPUT_TOKENS:"gen_ai.usage.output_tokens"};});function nn(t,e,r,n,s){if(process.env[f.FLOW_OBS_DEBUG]!=="1")return;let o=JSON.stringify({ts:new Date().toISOString(),request:{method:"POST",url:t,headers:e,body:JSON.parse(r)},response:{status:n,body:s}});try{w.writeFileSync(rn,o+`
130
- `,{flag:"a",encoding:"utf8",mode:384}),l("sendTraces:dump",`request appendada em ${rn}`);}catch(i){l("sendTraces:dump",`falha ao salvar: ${i.message}`);}}function eo(t){let e=new URL(t),r=new URL(tt.GATEWAY_HEALTH);return r.hostname=e.hostname,r.port=e.port,r.protocol=e.protocol,r}function sn(t,e){return new Promise((r,n)=>{let s=t._isSSL?Fn__namespace.default:qn__namespace.default;t.headers=Object.assign({},t.headers,{Connection:"close"});let o=s.request(t,i=>{let a=[];i.on("data",c=>a.push(c)),i.on("end",()=>r({statusCode:i.statusCode??0,body:a.join("")}));});o.setTimeout(1e4,()=>{o.destroy(new Error("Request timeout"));}),o.on("error",i=>n(new Error(`Network error: ${i.message}`))),e&&o.write(e),o.end();})}async function on(t,e){let r;try{r=eo(t);}catch{return false}let n=r.protocol==="https:";try{let s={};e&&(s.Authorization=String(e).replace(/[\r\n]/g,""));let o=await sn({hostname:r.hostname,port:r.port||(n?443:80),path:r.pathname,method:"GET",headers:s,_isSSL:n},null);return l("checkHealth",`url=${r.href} status=${o.statusCode}`),o.statusCode>=200&&o.statusCode<300}catch{return false}}async function ie(t,e,r){let n=JSON.stringify(t),s=new URL(e),o=s.protocol==="https:",i=String(r).replace(/[\r\n]/g,""),a={"Content-Type":"application/json",Authorization:i,"Content-Length":Buffer.byteLength(n)};l("sendTraces:request",`POST ${e}`),l("sendTraces:request",`headers=${JSON.stringify({...a,Authorization:i.slice(0,20)+"\u2026"})}`),l("sendTraces:request",`body=${n.slice(0,500)}${n.length>500?"\u2026":""}`);try{let c=await sn({hostname:s.hostname,port:s.port||(o?443:80),path:s.pathname,method:"POST",headers:a,_isSSL:o},n);return l("sendTraces:response",`status=${c.statusCode}`),nn(e,a,n,c.statusCode,c.body),c.statusCode}catch(c){return l("sendTraces:error",c.message),nn(e,a,n,0,c.message),0}}var rn,an=p(()=>{T();$();rn=pt.join(qt.tmpdir(),"flow-obs-requests.ndjson");});function ro(){let t=parseInt(process.env[f.BUFFER_TTL_DAYS]??"",10);return (Number.isFinite(t)?Math.max(R.MIN_TTL_DAYS,Math.min(R.MAX_TTL_DAYS,t)):R.DEFAULT_TTL_DAYS)*24*60*60*1e3}function no(){let t=parseInt(process.env[f.BUFFER_MAX_FILES]??"",10);return Number.isFinite(t)?Math.max(R.MIN_MAX_FILES,Math.min(R.MAX_MAX_FILES,t)):R.DEFAULT_MAX_FILES}function ln(t){if(/[/\\]/.test(t))throw new Error(`Invalid buffer fileId: ${t}`);return pt__namespace.default.join(qt__namespace.default.tmpdir(),`${R.FILE_PREFIX}${t}.json`)}function $e(){let t=qt__namespace.default.tmpdir(),e;try{e=w__namespace.default.readdirSync(t);}catch{return []}return e.filter(r=>r.startsWith(R.FILE_PREFIX)&&r.endsWith(".json")).map(r=>{let n=pt__namespace.default.join(t,r),s=0;try{s=w__namespace.default.statSync(n).mtimeMs;}catch{}return {full:n,mtime:s}}).sort((r,n)=>r.mtime-n.mtime).map(r=>r.full)}function $t(t){try{let e=no(),r=$e();if(r.length>=e){let o=r.slice(0,r.length-e+1);for(let i of o)try{w__namespace.default.unlinkSync(i);}catch{}}let n=`${Date.now()}-${Math.random().toString(36).slice(2,8)}`,s={fileId:n,bufferedAt:Date.now(),payload:t};return w__namespace.default.writeFileSync(ln(n),JSON.stringify(s),{encoding:"utf8",mode:384}),l("buffer",`saved fileId=${n}`),n}catch(e){return l("buffer",`saveToBuffer failed: ${e.message}`),null}}function un(t){let e=$e(),r=t!=null&&t>0?t:e.length,n=[];for(let s of e){if(n.length>=r)break;try{let o=w__namespace.default.readFileSync(s,"utf8"),i=JSON.parse(o);i&&i.fileId&&i.payload&&n.push(i);}catch{l("buffer",`skipping malformed file: ${s}`);}}return n}function dn(t){try{w__namespace.default.unlinkSync(ln(t)),l("buffer",`deleted fileId=${t}`);}catch{}}function pn(){let t=Date.now()-ro();for(let e of $e())try{let{mtimeMs:r}=w__namespace.default.statSync(e);r<t&&(w__namespace.default.unlinkSync(e),l("buffer",`evicted stale: ${pt__namespace.default.basename(e)}`));}catch{}}var fn=p(()=>{T();$();});async function so(t){pn();let e=un(R.REPLAY_BATCH_SIZE);e.length&&(l("replayBufferedTraces",`replaying ${e.length} buffered trace(s)`),await Promise.allSettled(e.map(async r=>{try{let n=await ie(r.payload,t.endpoint,t.authHeader);n>=200&&n<300?(dn(r.fileId),l("replayBufferedTraces",`replayed fileId=${r.fileId} status=${n}`)):l("replayBufferedTraces",`replay failed fileId=${r.fileId} status=${n}`);}catch(n){l("replayBufferedTraces",`replay error fileId=${r.fileId}: ${n.message}`);}})));}async function mn(t){let e=await rt();if(!e.length)return e.authError&&(l("postToLangfuse","auth refresh failed \u2014 buffering trace"),$t(t)),0;let r=await Promise.all(e.map(async o=>{if(o.mode!=="gateway")return {creds:o,healthy:true};let i=await on(o.endpoint,o.authHeader);return {creds:o,healthy:i}})),n=r.find(o=>o.creds.mode==="gateway"&&o.healthy)?.creds??r.find(o=>o.creds.mode==="direct")?.creds;return n&&await so(n),(await Promise.all(r.map(async({creds:o,healthy:i})=>{if(o.mode==="gateway"){if(!i)return l("postToLangfuse","gateway health check failed \u2014 buffering trace"),$t(t),0;let c=await ie(t,o.endpoint,o.authHeader);return (c===0||c>=500)&&(l("postToLangfuse",`gateway send failed (status ${c}) \u2014 buffering trace`),$t(t)),c}let a=await ie(t,o.endpoint,o.authHeader);return (a===0||a>=500)&&(l("postToLangfuse",`direct endpoint unavailable (status ${a}) \u2014 buffering trace`),$t(t)),a}))).find(o=>o!==0)??0}var gn=p(()=>{G();$();an();fn();T();});var xe=p(()=>{en();gn();});function _t(t){if(t==null)return "";let e=typeof t=="string"?t:JSON.stringify(t);return oo.reduce((r,{re:n,replace:s})=>r.replace(n,s),e)}var v,oo,Me=p(()=>{v="[REDACTED]",oo=[{re:/\b(sk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`sk-${v}`},{re:/\b(pk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`pk-${v}`},{re:/\b(Bearer\s+)[A-Za-z0-9\-._~+/]+=*/gi,replace:(t,e)=>`${e}${v}`},{re:/\b(Basic\s+)[A-Za-z0-9+/]+=*/gi,replace:(t,e)=>`${e}${v}`},{re:/(-----BEGIN [A-Z ]+-----)[^-]*(-----END [A-Z ]+-----)/g,replace:(t,e,r)=>`${e}
131
- ${v}
132
- ${r}`},{re:/\b(AKIA[0-9A-Z]{16})\b/g,replace:()=>`AKIA${v}`},{re:/(aws_secret_access_key\s*[=:]\s*)([A-Za-z0-9/+]{40})/gi,replace:(t,e)=>`${e}${v}`},{re:/\b(ghp_[A-Za-z0-9]{36,})/g,replace:()=>`ghp_${v}`},{re:/\b(github_pat_[A-Za-z0-9_]{36,})/gi,replace:()=>`github_pat_${v}`},{re:/\b(eyJ[A-Za-z0-9_\-]+\.eyJ[A-Za-z0-9_\-]+\.[A-Za-z0-9_\-]+)/g,replace:()=>`eyJ.${v}`},{re:/\b([A-Z0-9_]*(?:SECRET|TOKEN|KEY|PASSWORD|PASSWD|PWD|CREDENTIAL|API)[A-Z0-9_]*\s*=\s*)(['"]?)([^\s'"#\n]+)\2/gi,replace:(t,e,r)=>`${e}${r}${v}${r}`},{re:/([a-z][a-z0-9+\-.]*:\/\/[^:/?#\s]*):([^@\s]+)@/gi,replace:(t,e)=>`${e}:${v}@`}];});async function hn(t){let e=t.session_id||"unknown",r=t.tool_name||"unknown",n=t.tool_input||{},s=t.tool_response||"",o=wt(e);if(!o){C(t);return}let i=q(),a=o.pendingTool,c=a?.name===r,u=c?a.startNs:String(BigInt(i)-200000000n),S=c?a.inputStr:M(n,F.TOOL_INPUT),A=S,m=null;if(r==="Skill"){let At=typeof n=="object"&&n!==null?n.skill||n.name||n.skillName||n.commandName||String(Object.values(n)[0]??""):String(n);m=At?String(At).trim():null;let it=m?ne(m,o.cwd):null;it&&(A=it,o.skillContent||(o.skillContent=it),o.skillArtifacts||(o.skillArtifacts=se(m,o.cwd))),m&&!o.slashSkill&&(o.slashSkill=m),l("PostToolUse","Skill tool detected",`skillName=${m}`,`contentFound=${!!it}`);}let k=_t(M(s,F.TOOL_OUTPUT)),y=/\b(error|exception|failed|failure|traceback|errno)\b/i.test(k.slice(0,500)),L=y?"ERROR":"DEFAULT",Mt=nt(),ot=Math.round(Number(BigInt(i)-BigInt(u))/1e6),Ot={Agent:"AGENT",Task:"AGENT"}[r]??"TOOL",ae=r==="Skill"&&m?m:re(S,60);o.toolCalls.push({tool:r,brief:ae,error:y,durationMs:ot});let j=o.spans;j.push({traceId:o.traceId,spanId:Mt,parentSpanId:o.spanId,name:r,kind:3,startTimeUnixNano:u,endTimeUnixNano:i,attributes:st(d(h.OBS_NAME,r),d(h.OBS_TYPE,Ot),d(h.OBS_LEVEL,L),d(h.OBS_INPUT,_t(A)),d(h.OBS_OUTPUT,k),d("tool.name",r),d("tool.error",String(y)),r==="Skill"&&m?d("skill.name",m):null,r==="Skill"?d("skill.invocation","slash-command"):null),status:{code:y?2:1}}),o.pendingTool=null,Tt(e,o),l("PostToolUse",`sid=${e}`,`tool=${r}`,`error=${y}`,`durationMs=${ot}`,`totalSpans=${j.length}`),C(t);}var Sn=p(()=>{Ut();Ft();xe();Et();oe();$();T();Me();});function wn(t,e,r){let n=Object.keys(En).find(i=>(t??"").toLowerCase().includes(i));if(!n)return;let s=En[n],o=(e*s.input+r*s.output)/1e6;return Math.round(o*1e6)/1e6}var En,Tn=p(()=>{En={"claude-opus-4-6":{input:15,output:75},"claude-opus-4-5":{input:15,output:75},"claude-sonnet-4-6":{input:3,output:15},"claude-sonnet-4-5":{input:3,output:15},"claude-haiku-4-5":{input:.8,output:4},"claude-4-6-opus":{input:15,output:75},"claude-4-6-sonnet":{input:3,output:15},"claude-4-5-opus":{input:15,output:75},"claude-4-5-sonnet":{input:3,output:15},"claude-4-5-haiku":{input:.8,output:4},"claude-3-5-sonnet-20241022":{input:3,output:15},"claude-3-5-haiku-20241022":{input:.8,output:4},"claude-3-opus-20240229":{input:15,output:75}};});async function yn(t){let e=t.session_id||"unknown",r=t.stop_reason||"end_turn",n=wt(e);if(!n){C(t);return}n.slashSkill&&!/^[a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?$/i.test(n.slashSkill)&&(l("Stop",`sid=${e}`,`slashSkill rejected post-disk: "${n.slashSkill}"`),n.slashSkill=null);let s=q(),o=await Or(),i=n.toolCalls,a=n.spans;if(n.slashSkill&&!i.some(g=>g.tool==="Skill")){let g=nt(),X=n.skillContent?n.skillContent:JSON.stringify({skill:n.slashSkill});i.push({tool:"Skill",brief:n.slashSkill,error:false,durationMs:0,synthetic:true}),a.push({traceId:n.traceId,spanId:g,parentSpanId:n.spanId,name:"Skill",kind:3,startTimeUnixNano:n.startNs,endTimeUnixNano:n.startNs,attributes:st(d(h.OBS_NAME,"Skill"),d(h.OBS_TYPE,"TOOL"),d(h.OBS_LEVEL,"DEFAULT"),d(h.OBS_INPUT,X),d(h.OBS_OUTPUT,"loaded via slash command"),d("tool.name","Skill"),d("tool.error","false"),d("skill.name",n.slashSkill),d("skill.invocation","slash-command")),status:{code:1}}),l("Stop",`slashSkill=${n.slashSkill}`,"synthetic span injected");}let c=t.transcript_path||n.transcriptPath||"",u=Ce(c);if(c&&(i.some(g=>g.tool==="Skill"&&!g.synthetic)||!!n.slashSkill)&&!u?.text){await new Promise(X=>setTimeout(X,500));let g=Ce(c);g?.text&&(u=g);}l("Stop",`transcriptPath=${c||"(empty)"}`,`assistantOut=${u?`text=${u.text.length}chars`:"null"}`);let A=i.length,m=i.filter(g=>g.error).length,k=_t(u?.text?M(u.text,F.TRACE_OUTPUT):A===0?"No tools used":i.map((g,X)=>`${X+1}. ${g.tool}${g.brief?` \u2192 ${g.brief}`:""}${g.error?" [ERROR]":""}`).join(`
133
- `)),y=u?.inputTokens??0,L=u?.outputTokens??0,Mt=i.map((g,X)=>`${X+1}. ${g.tool}${g.brief?` \u2192 ${g.brief}`:""}${g.error?" [ERROR]":""} (${g.durationMs}ms)`),ot=!!(n.slashSkill||i.some(g=>g.tool==="Skill")),De=i.some(g=>g.tool==="Agent");if(!ot&&!De){l("Stop",`sid=${e}`,"skipping trace \u2014 no Skill or Agent calls found"),Re(e),C(t);return}let Ot=ot?"skill":"agent",ae=Math.round(Number(BigInt(s)-BigInt(n.startNs))/1e6),Be=wn(n.model,y,L),j=Jr(n);j==="prerequisite_required"&&u?.text&&(j="complete"),j==="prerequisite_required"&&(a.push({traceId:n.traceId,spanId:nt(),parentSpanId:n.spanId,name:"prerequisite-check",kind:3,startTimeUnixNano:n.startNs,endTimeUnixNano:s,attributes:st(d(h.OBS_NAME,"prerequisite-check"),d(h.OBS_TYPE,"EVENT"),d(h.OBS_LEVEL,"WARNING"),d(h.OBS_OUTPUT,k),d("skill.name",n.slashSkill||void 0),d("execution_status","prerequisite_required")),status:{code:1}}),l("Stop",`sid=${e}`,"prerequisite-check span injected",`skill=${n.slashSkill}`));let At=(()=>{if(!(!ot||!n.prompt)){if(n.slashSkill){let g=n.prompt.replace(new RegExp(`^\\/${n.slashSkill}\\s*`,"i"),"").trim();return g?M(g,F.USER_INSTRUCTION):void 0}return M(n.prompt,F.USER_INSTRUCTION)||void 0}})(),it=JSON.stringify({trace_type:Ot,...j!==null&&{execution_status:j},...n.slashSkill?{skill_name:n.slashSkill}:{},...n.skillArtifacts?.length&&{skill_artifacts:n.skillArtifacts},...At!==void 0&&{user_instruction:At},latency_ms:ae,...y&&{tokens_input:y},...L&&{tokens_output:L},cost_usd:Be,...n.model?{model:n.model}:{},toolCount:A,errorCount:m,stopReason:r,sessionId:n.sessionId,tools:Mt.length?Mt:void 0}),He=_t(M(n.prompt,F.TRACE_INPUT)),On=st(d(h.TRACE_NAME,n.traceName),d(h.TRACE_INPUT,He),d(h.TRACE_OUTPUT,k),d(h.OBS_INPUT,He),d(h.OBS_OUTPUT,k),d(h.TRACE_METADATA,it),d(h.SESSION_ID,n.sessionId),d(h.USER_ID,o.user),d(h.OBS_TYPE,"GENERATION"),d(h.MODEL,n.model),y?d(h.INPUT_TOKENS,y):null,L?d(h.OUTPUT_TOKENS,L):null,d("claude.stop_reason",r),d("claude.tool_count",String(A)),d("claude.error_count",String(m)),d("claude.session_id",n.sessionId),d("flow.trace_type",Ot),{key:h.TRACE_TAGS,value:{arrayValue:{values:[{stringValue:Ot}]}}}),An={traceId:n.traceId,spanId:n.spanId,name:n.traceName,kind:1,startTimeUnixNano:n.startNs,endTimeUnixNano:s,attributes:On,status:{code:m>0?2:1}},Ln=st(d("service.name",process.env.LANGFUSE_PROJECT_NAME||"claude-code"),d("deployment.environment",process.env.LANGFUSE_ENVIRONMENT||"default")),je=[...a,An];l("Stop",`sid=${e}`,`totalTools=${A}`,`errorTools=${m}`,`spans=${je.length}`,`inputTokens=${y}`,`outputTokens=${L}`,`traceOutput="${re(k,80)}"`);let bn=await mn(tn(Ln,je));l("Stop",`POST status=${bn}`,`traceId=${n.traceId}`),Re(e),C(t);}var _n=p(()=>{Ut();Ft();xe();G();Tn();Ue();Et();$();oe();Me();T();});async function io(){let t=process.argv[2];if(!await Ar()){let r=[];process.stdin.on("data",n=>r.push(n)),process.stdin.on("end",()=>process.stdout.write(r.join("")));return}let e=await Dr();switch(t){case "UserPromptSubmit":await Xr(e);break;case "PreToolUse":await Zr(e);break;case "PostToolUse":await hn(e);break;case "Stop":await yn(e);break;default:process.stderr.write(`[flow-obs] unknown event: ${t}
134
- `),process.stdout.write(JSON.stringify(e));}}var kn=p(()=>{G();Et();zr();Qr();Sn();_n();io().catch(t=>{process.stderr.write(`[flow-obs] fatal: ${t.message}
135
- `),process.exit(0);});});var co=new Set(["UserPromptSubmit","PreToolUse","PostToolUse","Stop"]),[,,D,xt]=process.argv;function kt(t,e){let r=t.indexOf(e);return r!==-1?t[r+1]:void 0}if(D==="--version"||D==="-v"){let{version:t}=Bt();process.stdout.write(t+`
136
- `),process.exit(0);}else if(D==="--help"||D==="-h"){let{bold:t,cyan:e,dim:r}=(ct(),N(le)),{version:n}=Bt();process.stdout.write(`
121
+ `);}function v(){process.stdout.write(`
122
+ `);}async function Ms(){v(),process.stdout.write(` flow-claude-observability \u2014 configuration check
123
+ `),v(),process.stdout.write(` Auth
124
+ `);let t=B(process.env[f.ANTHROPIC_AUTH_TOKEN]),e=t||await _();if(!e){re("Not authenticated \u2014 starting setup..."),v();let a=await K();if(a!==0)return a;if(t=B(process.env[f.ANTHROPIC_AUTH_TOKEN]),e=t||await _(),!e)return ne("Authentication failed"),v(),1;v(),process.stdout.write(` Auth
125
+ `);}if(!t&&!await Zt()){re("Session expired \u2014 re-authenticating..."),v();let a=await K();if(a!==0)return a;v(),process.stdout.write(` Auth
126
+ `);}let r=await et()||e.clientId;Mt("Authenticated"),b(`Tenant: ${e.tenant}`),b(`User: ${r}`),v(),process.stdout.write(` Native OTEL
127
+ `);let n={};try{let a=E__namespace.readFileSync(Y(),"utf8");n=JSON.parse(a).env||{};}catch{}let s=Object.keys(pt).filter(a=>!n[a]);if(s.length===0?(Mt("All OTEL env vars present in settings.json"),b(`Endpoint: ${n.OTEL_EXPORTER_OTLP_ENDPOINT}`)):(re(`${s.length} OTEL var(s) missing from settings.json \u2014 native metrics/logs disabled`),s.forEach(a=>ne(`Missing: ${a}`)),b("Run: flow-ai-obs install (restores missing vars automatically)")),v(),process.stdout.write(` Tracing
128
+ `),process.env[f.FLOW_TELEMETRY]==="true"){Mt("FLOW_TELEMETRY=true (direct mode enabled)");let a=[f.LANGFUSE_BASE_URL,f.LANGFUSE_PUBLIC_KEY,f.LANGFUSE_SECRET_KEY].filter(c=>!process.env[c]);a.length>0&&a.forEach(c=>re(`Missing: ${c}`));}else b("FLOW_TELEMETRY not set \u2014 direct mode inactive (gateway mode may still be active)");let i=await rt();if(!i||i.length===0)return i&&i.authError?ne("Token refresh failed \u2014 gateway mode could not activate"):(ne("No active destinations \u2014 no traces will be sent"),b("For direct mode: set FLOW_TELEMETRY=true + LANGFUSE_BASE_URL + LANGFUSE_PUBLIC_KEY + LANGFUSE_SECRET_KEY"),b("For gateway mode: run flow-claude-observability auth login")),v(),1;for(let a of i)if(a.mode==="gateway"){let c=await St();Mt("Mode: gateway"),b(`Endpoint: ${a.endpoint}`),b(`Token: ${Ce(c?.accessToken)}`);}else a.mode==="direct"&&(Mt("Mode: direct"),b(`Endpoint: ${a.endpoint}`),b(`PK: ${Ce(process.env[f.LANGFUSE_PUBLIC_KEY])}`),b(`SK: ${Ce(process.env[f.LANGFUSE_SECRET_KEY])}`));return v(),process.stdout.write(` All checks passed \u2014 observability is active.
129
+ `),v(),0}var Yr=p(()=>{Et();nt();Rt();T();xt();});function H(t,e){let r=typeof t=="object"?JSON.stringify(t):String(t??"");return r.length>e?r.slice(0,e)+" \u2026[truncated]":r}function se(t,e=100){return String(t??"").split(`
130
+ `)[0].slice(0,e).trim()}function Ue(){return new Promise(t=>{let e="";process.stdin.setEncoding("utf8"),process.stdin.on("data",r=>{e+=r;}),process.stdin.on("end",()=>{try{t(JSON.parse(e));}catch{t({});}});})}function F(t){process.stdout.write(JSON.stringify(t));}var Tt=p(()=>{});function q(){return String(BigInt(Date.now())*1000000n)}var Fe,st,Dt=p(()=>{Fe=()=>crypto.randomBytes(16).toString("hex"),st=()=>crypto.randomBytes(8).toString("hex");});function Js(t,e){let r=gt.resolve(t);if(!r.startsWith(e))throw new Error(`Path traversal detected: ${t}`);return r}function $e(t){if(!Ks.test(t))throw new Error(`Invalid session ID: ${t}`);return Js(gt.join(Jt.tmpdir(),`flow-obs-${t}.json`),qs)}function yt(t){let e=$e(t);if(!E.existsSync(e))return null;try{return JSON.parse(E.readFileSync(e,"utf8"))}catch{return null}}function _t(t,e){E.writeFileSync($e(t),JSON.stringify(e),{encoding:"utf8",mode:384});}function xe(t){try{E.unlinkSync($e(t));}catch{}}var Ks,qs,Bt=p(()=>{Ks=/^[0-9a-f-]{1,64}$/i,qs=gt.normalize(Jt.tmpdir())+gt.sep;});function Jr(t){if(!t||!E.existsSync(t))return null;try{let e=E.readFileSync(t,"utf8").trimEnd().split(`
131
+ `);for(let r=e.length-1;r>=0;r--)try{let n=JSON.parse(e[r]);if(n.type==="user"&&n.uuid)return n.uuid}catch{}}catch{}return null}function Me(t){if(!t||!E.existsSync(t))return null;try{let e=E.readFileSync(t,"utf8").trimEnd().split(`
132
+ `),r=[],n=0,s=0;for(let o=e.length-1;o>=0;o--)try{let i=JSON.parse(e[o]);if(i.type==="user")break;if(i.type==="assistant"){let c=(i.message?.content??[]).filter(w=>w.type==="text").map(w=>w.text??"").join("");c&&r.unshift(c);let u=i.message?.usage??{};n+=(u.input_tokens??0)+(u.cache_read_input_tokens??0)+(u.cache_creation_input_tokens??0),s+=u.output_tokens??0;}}catch{}return !r.length&&n===0?null:{text:r.join(`
133
+
134
+ `),inputTokens:n,outputTokens:s}}catch{}return null}var De=p(()=>{});function Zr(t){return t.replace(":","/")}function oe(t,e){if(!t)return null;let r=Zr(t),n=[gt.join(Jt.homedir(),".claude","skills",r,"SKILL.md"),gt.join(e??"",".claude","skills",r,"SKILL.md")];for(let s of n)if(E.existsSync(s))try{return E.readFileSync(s,"utf8")}catch{}return null}function Qr(t){return t.split(`
135
+ `)[0].match(/^\/([a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?)(?:\s.*)?$/i)?.[1]??null}function tn(t){return !!t.slashSkill||t.toolCalls.some(n=>n.tool==="Skill")?t.toolCalls.some(n=>n.tool==="Skill"&&!n.synthetic||ro.has(n.tool))?"complete":"prerequisite_required":null}function ie(t,e){if(!t)return null;let r=Zr(t),n=[gt.join(Jt.homedir(),".claude","skills",r),gt.join(e??"",".claude","skills",r)],s=null;for(let a of n)if(E.existsSync(gt.join(a,"SKILL.md"))){s=a;break}if(!s)return null;let o=[];function i(a,c){for(let u of E.readdirSync(a,{withFileTypes:true})){if(Qs.has(u.name)||eo.has(u.name)||to.has(gt.extname(u.name)))continue;let w=c?`${c}/${u.name}`:u.name;u.isDirectory()?i(gt.join(a,u.name),w):o.push(w);}}return i(s,""),o.length>0?o:null}var Qs,to,eo,ro,ae=p(()=>{Qs=new Set([".venv","__pycache__",".git","node_modules"]),to=new Set([".pyc",".pyo"]),eo=new Set(["SKILL.md",".DS_Store",".gitignore"]);ro=new Set(["Read","Write","Edit","MultiEdit","Bash","Glob","Grep","TodoWrite","WebFetch","WebSearch","Agent","Task"]);});async function Be(t,e=false){if(e){process.stdout.write(JSON.stringify({decision:"block",reason:no})+`
136
+ `);return}let r=t.session_id||"unknown",n=t.prompt||"",s=t.cwd||"",o=Jr(t.transcript_path)||Fe(),i=Qr(n),a=i?oe(i,s):null,c=i?ie(i,s):null;_t(r,{traceId:Fe(),spanId:st(),startNs:q(),sessionId:r,prompt:n,cwd:s,traceName:o,transcriptPath:t.transcript_path||"",model:process.env[f.ANTHROPIC_MODEL]||"",toolCalls:[],spans:[],pendingTool:null,slashSkill:i,skillContent:a,skillArtifacts:c}),l("UserPromptSubmit",`sid=${r}`,`traceName=${o}`,`slashSkill=${i}`),F(t);}var no,en=p(()=>{Dt();Bt();De();ae();Tt();D();T();no=`\u26D4 Your Flow API key has expired. You no longer have access to Claude Code through the Flow platform. To restore observability and access, visit ${x}/settings/api-keys to generate a new API key, then run: flow-ai-obs auth login`;});async function rn(t){let e=t.session_id||"unknown",r=t.tool_name||"unknown",n=t.tool_input||{},s=yt(e);s&&(s.pendingTool={name:r,inputStr:H(n,M.TOOL_INPUT),startNs:q()},_t(e,s)),l("PreToolUse",`sid=${e}`,`tool=${r}`,`stateFound=${!!s}`),F(t);}var nn=p(()=>{Dt();Bt();Tt();D();T();});function d(t,e){return e==null||e===""?null:{key:t,value:{stringValue:String(e)}}}function ot(...t){return t.filter(e=>e!==null)}function sn(t,e){return {resourceSpans:[{resource:{attributes:t},scopeSpans:[{scope:so,spans:Array.isArray(e)?e:[e]}]}]}}var so,h,on=p(()=>{T();so={name:he.SCOPE_NAME,version:he.SCOPE_VERSION},h={TRACE_NAME:"langfuse.trace.name",TRACE_INPUT:"langfuse.trace.input",TRACE_OUTPUT:"langfuse.trace.output",TRACE_METADATA:"langfuse.trace.metadata",TRACE_TAGS:"langfuse.trace.tags",USER_ID:"langfuse.user.id",SESSION_ID:"langfuse.session.id",OBS_NAME:"langfuse.observation.name",OBS_INPUT:"langfuse.observation.input",OBS_OUTPUT:"langfuse.observation.output",OBS_LEVEL:"langfuse.observation.level",OBS_TYPE:"langfuse.observation.type",MODEL:"gen_ai.request.model",INPUT_TOKENS:"gen_ai.usage.input_tokens",OUTPUT_TOKENS:"gen_ai.usage.output_tokens"};});function cn(t,e,r,n,s){if(process.env[f.FLOW_OBS_DEBUG]!=="1")return;let o=JSON.stringify({ts:new Date().toISOString(),request:{method:"POST",url:t,headers:e,body:JSON.parse(r)},response:{status:n,body:s}});try{E.writeFileSync(an,o+`
137
+ `,{flag:"a",encoding:"utf8",mode:384}),l("sendTraces:dump",`request appendada em ${an}`);}catch(i){l("sendTraces:dump",`falha ao salvar: ${i.message}`);}}function uo(t){let e=new URL(t),r=new URL(Q.GATEWAY_HEALTH);return r.hostname=e.hostname,r.port=e.port,r.protocol=e.protocol,r}function ln(t,e){return new Promise((r,n)=>{let s=t._isSSL?Dn__namespace.default:ts__namespace.default;t.headers=Object.assign({},t.headers,{Connection:"close"});let o=s.request(t,i=>{let a=[];i.on("data",c=>a.push(c)),i.on("end",()=>r({statusCode:i.statusCode??0,body:a.join("")}));});o.setTimeout(1e4,()=>{o.destroy(new Error("Request timeout"));}),o.on("error",i=>n(new Error(`Network error: ${i.message}`))),e&&o.write(e),o.end();})}async function un(t,e){let r;try{r=uo(t);}catch{return false}let n=r.protocol==="https:";try{let s={};e&&(s.Authorization=String(e).replace(/[\r\n]/g,""));let o=await ln({hostname:r.hostname,port:r.port||(n?443:80),path:r.pathname,method:"GET",headers:s,_isSSL:n},null);return l("checkHealth",`url=${r.href} status=${o.statusCode}`),o.statusCode>=200&&o.statusCode<300}catch{return false}}async function ce(t,e,r){let n=JSON.stringify(t),s=new URL(e),o=s.protocol==="https:",i=String(r).replace(/[\r\n]/g,""),a={"Content-Type":"application/json",Authorization:i,"Content-Length":Buffer.byteLength(n)};l("sendTraces:request",`POST ${e}`),l("sendTraces:request",`headers=${JSON.stringify({...a,Authorization:i.slice(0,20)+"\u2026"})}`),l("sendTraces:request",`body=${n.slice(0,500)}${n.length>500?"\u2026":""}`);try{let c=await ln({hostname:s.hostname,port:s.port||(o?443:80),path:s.pathname,method:"POST",headers:a,_isSSL:o},n);return l("sendTraces:response",`status=${c.statusCode}`),cn(e,a,n,c.statusCode,c.body),c.statusCode}catch(c){return l("sendTraces:error",c.message),cn(e,a,n,0,c.message),0}}var an,dn=p(()=>{T();D();an=gt.join(Jt.tmpdir(),"flow-obs-requests.ndjson");});function po(){let t=parseInt(process.env[f.BUFFER_TTL_DAYS]??"",10);return (Number.isFinite(t)?Math.max(U.MIN_TTL_DAYS,Math.min(U.MAX_TTL_DAYS,t)):U.DEFAULT_TTL_DAYS)*24*60*60*1e3}function fo(){let t=parseInt(process.env[f.BUFFER_MAX_FILES]??"",10);return Number.isFinite(t)?Math.max(U.MIN_MAX_FILES,Math.min(U.MAX_MAX_FILES,t)):U.DEFAULT_MAX_FILES}function fn(t){if(/[/\\]/.test(t))throw new Error(`Invalid buffer fileId: ${t}`);return gt__namespace.default.join(Jt__namespace.default.tmpdir(),`${U.FILE_PREFIX}${t}.json`)}function Ve(){let t=Jt__namespace.default.tmpdir(),e;try{e=E__namespace.default.readdirSync(t);}catch{return []}return e.filter(r=>r.startsWith(U.FILE_PREFIX)&&r.endsWith(".json")).map(r=>{let n=gt__namespace.default.join(t,r),s=0;try{s=E__namespace.default.statSync(n).mtimeMs;}catch{}return {full:n,mtime:s}}).sort((r,n)=>r.mtime-n.mtime).map(r=>r.full)}function Ht(t){try{let e=fo(),r=Ve();if(r.length>=e){let o=r.slice(0,r.length-e+1);for(let i of o)try{E__namespace.default.unlinkSync(i);}catch{}}let n=`${Date.now()}-${Math.random().toString(36).slice(2,8)}`,s={fileId:n,bufferedAt:Date.now(),payload:t};return E__namespace.default.writeFileSync(fn(n),JSON.stringify(s),{encoding:"utf8",mode:384}),l("buffer",`saved fileId=${n}`),n}catch(e){return l("buffer",`saveToBuffer failed: ${e.message}`),null}}function mn(t){let e=Ve(),r=t!=null&&t>0?t:e.length,n=[];for(let s of e){if(n.length>=r)break;try{let o=E__namespace.default.readFileSync(s,"utf8"),i=JSON.parse(o);i&&i.fileId&&i.payload&&n.push(i);}catch{l("buffer",`skipping malformed file: ${s}`);}}return n}function gn(t){try{E__namespace.default.unlinkSync(fn(t)),l("buffer",`deleted fileId=${t}`);}catch{}}function hn(){let t=Date.now()-po();for(let e of Ve())try{let{mtimeMs:r}=E__namespace.default.statSync(e);r<t&&(E__namespace.default.unlinkSync(e),l("buffer",`evicted stale: ${gt__namespace.default.basename(e)}`));}catch{}}var wn=p(()=>{T();D();});async function mo(t){hn();let e=mn(U.REPLAY_BATCH_SIZE);e.length&&(l("replayBufferedTraces",`replaying ${e.length} buffered trace(s)`),await Promise.allSettled(e.map(async r=>{try{let n=await ce(r.payload,t.endpoint,t.authHeader);n>=200&&n<300?(gn(r.fileId),l("replayBufferedTraces",`replayed fileId=${r.fileId} status=${n}`)):l("replayBufferedTraces",`replay failed fileId=${r.fileId} status=${n}`);}catch(n){l("replayBufferedTraces",`replay error fileId=${r.fileId}: ${n.message}`);}})));}async function Sn(t){let e=await rt();if(!e.length)return e.authError&&(l("postToLangfuse","auth refresh failed \u2014 buffering trace"),Ht(t)),0;let r=await Promise.all(e.map(async o=>{if(o.mode!=="gateway")return {creds:o,healthy:true};let i=await un(o.endpoint,o.authHeader);return {creds:o,healthy:i}})),n=r.find(o=>o.creds.mode==="gateway"&&o.healthy)?.creds??r.find(o=>o.creds.mode==="direct")?.creds;return n&&await mo(n),(await Promise.all(r.map(async({creds:o,healthy:i})=>{if(o.mode==="gateway"){if(!i)return l("postToLangfuse","gateway health check failed \u2014 buffering trace"),Ht(t),0;let c=await ce(t,o.endpoint,o.authHeader);return (c===0||c>=500)&&(l("postToLangfuse",`gateway send failed (status ${c}) \u2014 buffering trace`),Ht(t)),c}let a=await ce(t,o.endpoint,o.authHeader);return (a===0||a>=500)&&(l("postToLangfuse",`direct endpoint unavailable (status ${a}) \u2014 buffering trace`),Ht(t)),a}))).find(o=>o!==0)??0}var En=p(()=>{nt();D();dn();wn();T();});var je=p(()=>{on();En();});function At(t){if(t==null)return "";let e=typeof t=="string"?t:JSON.stringify(t);return go.reduce((r,{re:n,replace:s})=>r.replace(n,s),e)}var P,go,Ye=p(()=>{P="[REDACTED]",go=[{re:/\b(sk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`sk-${P}`},{re:/\b(pk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`pk-${P}`},{re:/\b(Bearer\s+)[A-Za-z0-9\-._~+/]+=*/gi,replace:(t,e)=>`${e}${P}`},{re:/\b(Basic\s+)[A-Za-z0-9+/]+=*/gi,replace:(t,e)=>`${e}${P}`},{re:/(-----BEGIN [A-Z ]+-----)[^-]*(-----END [A-Z ]+-----)/g,replace:(t,e,r)=>`${e}
138
+ ${P}
139
+ ${r}`},{re:/\b(AKIA[0-9A-Z]{16})\b/g,replace:()=>`AKIA${P}`},{re:/(aws_secret_access_key\s*[=:]\s*)([A-Za-z0-9/+]{40})/gi,replace:(t,e)=>`${e}${P}`},{re:/\b(ghp_[A-Za-z0-9]{36,})/g,replace:()=>`ghp_${P}`},{re:/\b(github_pat_[A-Za-z0-9_]{36,})/gi,replace:()=>`github_pat_${P}`},{re:/\b(eyJ[A-Za-z0-9_\-]+\.eyJ[A-Za-z0-9_\-]+\.[A-Za-z0-9_\-]+)/g,replace:()=>`eyJ.${P}`},{re:/\b([A-Z0-9_]*(?:SECRET|TOKEN|KEY|PASSWORD|PASSWD|PWD|CREDENTIAL|API)[A-Z0-9_]*\s*=\s*)(['"]?)([^\s'"#\n]+)\2/gi,replace:(t,e,r)=>`${e}${r}${P}${r}`},{re:/([a-z][a-z0-9+\-.]*:\/\/[^:/?#\s]*):([^@\s]+)@/gi,replace:(t,e)=>`${e}:${P}@`}];});async function Tn(t){let e=t.session_id||"unknown",r=t.tool_name||"unknown",n=t.tool_input||{},s=t.tool_response||"",o=yt(e);if(!o){F(t);return}let i=q(),a=o.pendingTool,c=a?.name===r,u=c?a.startNs:String(BigInt(i)-200000000n),w=c?a.inputStr:H(n,M.TOOL_INPUT),O=w,m=null;if(r==="Skill"){let It=typeof n=="object"&&n!==null?n.skill||n.name||n.skillName||n.commandName||String(Object.values(n)[0]??""):String(n);m=It?String(It).trim():null;let at=m?oe(m,o.cwd):null;at&&(O=at,o.skillContent||(o.skillContent=at),o.skillArtifacts||(o.skillArtifacts=ie(m,o.cwd))),m&&!o.slashSkill&&(o.slashSkill=m),l("PostToolUse","Skill tool detected",`skillName=${m}`,`contentFound=${!!at}`);}let k=At(H(s,M.TOOL_OUTPUT)),y=/\b(error|exception|failed|failure|traceback|errno)\b/i.test(k.slice(0,500)),I=y?"ERROR":"DEFAULT",jt=st(),it=Math.round(Number(BigInt(i)-BigInt(u))/1e6),Lt={Agent:"AGENT",Task:"AGENT"}[r]??"TOOL",le=r==="Skill"&&m?m:se(w,60);o.toolCalls.push({tool:r,brief:le,error:y,durationMs:it});let G=o.spans;G.push({traceId:o.traceId,spanId:jt,parentSpanId:o.spanId,name:r,kind:3,startTimeUnixNano:u,endTimeUnixNano:i,attributes:ot(d(h.OBS_NAME,r),d(h.OBS_TYPE,Lt),d(h.OBS_LEVEL,I),d(h.OBS_INPUT,At(O)),d(h.OBS_OUTPUT,k),d("tool.name",r),d("tool.error",String(y)),r==="Skill"&&m?d("skill.name",m):null,r==="Skill"?d("skill.invocation","slash-command"):null),status:{code:y?2:1}}),o.pendingTool=null,_t(e,o),l("PostToolUse",`sid=${e}`,`tool=${r}`,`error=${y}`,`durationMs=${it}`,`totalSpans=${G.length}`),F(t);}var yn=p(()=>{Dt();Bt();je();Tt();ae();D();T();Ye();});function kn(t,e,r){let n=Object.keys(_n).find(i=>(t??"").toLowerCase().includes(i));if(!n)return;let s=_n[n],o=(e*s.input+r*s.output)/1e6;return Math.round(o*1e6)/1e6}var _n,An=p(()=>{_n={"claude-opus-4-6":{input:15,output:75},"claude-opus-4-5":{input:15,output:75},"claude-sonnet-4-6":{input:3,output:15},"claude-sonnet-4-5":{input:3,output:15},"claude-haiku-4-5":{input:.8,output:4},"claude-4-6-opus":{input:15,output:75},"claude-4-6-sonnet":{input:3,output:15},"claude-4-5-opus":{input:15,output:75},"claude-4-5-sonnet":{input:3,output:15},"claude-4-5-haiku":{input:.8,output:4},"claude-3-5-sonnet-20241022":{input:3,output:15},"claude-3-5-haiku-20241022":{input:.8,output:4},"claude-3-opus-20240229":{input:15,output:75}};});async function On(t){let e=t.session_id||"unknown",r=t.stop_reason||"end_turn",n=yt(e);if(!n){F(t);return}n.slashSkill&&!/^[a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?$/i.test(n.slashSkill)&&(l("Stop",`sid=${e}`,`slashSkill rejected post-disk: "${n.slashSkill}"`),n.slashSkill=null);let s=q(),o=await Pr(),i=n.toolCalls,a=n.spans;if(n.slashSkill&&!i.some(g=>g.tool==="Skill")){let g=st(),X=n.skillContent?n.skillContent:JSON.stringify({skill:n.slashSkill});i.push({tool:"Skill",brief:n.slashSkill,error:false,durationMs:0,synthetic:true}),a.push({traceId:n.traceId,spanId:g,parentSpanId:n.spanId,name:"Skill",kind:3,startTimeUnixNano:n.startNs,endTimeUnixNano:n.startNs,attributes:ot(d(h.OBS_NAME,"Skill"),d(h.OBS_TYPE,"TOOL"),d(h.OBS_LEVEL,"DEFAULT"),d(h.OBS_INPUT,X),d(h.OBS_OUTPUT,"loaded via slash command"),d("tool.name","Skill"),d("tool.error","false"),d("skill.name",n.slashSkill),d("skill.invocation","slash-command")),status:{code:1}}),l("Stop",`slashSkill=${n.slashSkill}`,"synthetic span injected");}let c=t.transcript_path||n.transcriptPath||"",u=Me(c);if(c&&(i.some(g=>g.tool==="Skill"&&!g.synthetic)||!!n.slashSkill)&&!u?.text){await new Promise(X=>setTimeout(X,500));let g=Me(c);g?.text&&(u=g);}l("Stop",`transcriptPath=${c||"(empty)"}`,`assistantOut=${u?`text=${u.text.length}chars`:"null"}`);let O=i.length,m=i.filter(g=>g.error).length,k=At(u?.text?H(u.text,M.TRACE_OUTPUT):O===0?"No tools used":i.map((g,X)=>`${X+1}. ${g.tool}${g.brief?` \u2192 ${g.brief}`:""}${g.error?" [ERROR]":""}`).join(`
140
+ `)),y=u?.inputTokens??0,I=u?.outputTokens??0,jt=i.map((g,X)=>`${X+1}. ${g.tool}${g.brief?` \u2192 ${g.brief}`:""}${g.error?" [ERROR]":""} (${g.durationMs}ms)`),it=!!(n.slashSkill||i.some(g=>g.tool==="Skill")),Ge=i.some(g=>g.tool==="Agent");if(!it&&!Ge){l("Stop",`sid=${e}`,"skipping trace \u2014 no Skill or Agent calls found"),xe(e),F(t);return}let Lt=it?"skill":"agent",le=Math.round(Number(BigInt(s)-BigInt(n.startNs))/1e6),We=kn(n.model,y,I),G=tn(n);G==="prerequisite_required"&&u?.text&&(G="complete"),G==="prerequisite_required"&&(a.push({traceId:n.traceId,spanId:st(),parentSpanId:n.spanId,name:"prerequisite-check",kind:3,startTimeUnixNano:n.startNs,endTimeUnixNano:s,attributes:ot(d(h.OBS_NAME,"prerequisite-check"),d(h.OBS_TYPE,"EVENT"),d(h.OBS_LEVEL,"WARNING"),d(h.OBS_OUTPUT,k),d("skill.name",n.slashSkill||void 0),d("execution_status","prerequisite_required")),status:{code:1}}),l("Stop",`sid=${e}`,"prerequisite-check span injected",`skill=${n.slashSkill}`));let It=(()=>{if(!(!it||!n.prompt)){if(n.slashSkill){let g=n.prompt.replace(new RegExp(`^\\/${n.slashSkill}\\s*`,"i"),"").trim();return g?H(g,M.USER_INSTRUCTION):void 0}return H(n.prompt,M.USER_INSTRUCTION)||void 0}})(),at=JSON.stringify({trace_type:Lt,...G!==null&&{execution_status:G},...n.slashSkill?{skill_name:n.slashSkill}:{},...n.skillArtifacts?.length&&{skill_artifacts:n.skillArtifacts},...It!==void 0&&{user_instruction:It},latency_ms:le,...y&&{tokens_input:y},...I&&{tokens_output:I},cost_usd:We,...n.model?{model:n.model}:{},toolCount:O,errorCount:m,stopReason:r,sessionId:n.sessionId,tools:jt.length?jt:void 0}),Ke=At(H(n.prompt,M.TRACE_INPUT)),bn=ot(d(h.TRACE_NAME,n.traceName),d(h.TRACE_INPUT,Ke),d(h.TRACE_OUTPUT,k),d(h.OBS_INPUT,Ke),d(h.OBS_OUTPUT,k),d(h.TRACE_METADATA,at),d(h.SESSION_ID,n.sessionId),d(h.USER_ID,o.user),d(h.OBS_TYPE,"GENERATION"),d(h.MODEL,n.model),y?d(h.INPUT_TOKENS,y):null,I?d(h.OUTPUT_TOKENS,I):null,d("claude.stop_reason",r),d("claude.tool_count",String(O)),d("claude.error_count",String(m)),d("claude.session_id",n.sessionId),d("flow.trace_type",Lt),{key:h.TRACE_TAGS,value:{arrayValue:{values:[{stringValue:Lt}]}}}),vn={traceId:n.traceId,spanId:n.spanId,name:n.traceName,kind:1,startTimeUnixNano:n.startNs,endTimeUnixNano:s,attributes:bn,status:{code:m>0?2:1}},Pn=ot(d("service.name",process.env.LANGFUSE_PROJECT_NAME||"claude-code"),d("deployment.environment",process.env.LANGFUSE_ENVIRONMENT||"default")),qe=[...a,vn];l("Stop",`sid=${e}`,`totalTools=${O}`,`errorTools=${m}`,`spans=${qe.length}`,`inputTokens=${y}`,`outputTokens=${I}`,`traceOutput="${se(k,80)}"`);let Nn=await Sn(sn(Pn,qe));l("Stop",`POST status=${Nn}`,`traceId=${n.traceId}`),xe(e),F(t);}var Ln=p(()=>{Dt();Bt();je();nt();An();De();Tt();D();ae();Ye();T();});async function ho(){let t=process.argv[2];if(t==="UserPromptSubmit"){let r=await Ue(),n;try{n=await rt();}catch{process.stdout.write(JSON.stringify(r));return}n.authError?await Be(r,true):n.length>0?await Be(r):process.stdout.write(JSON.stringify(r));return}if(!await Nr()){let r=[];process.stdin.on("data",n=>r.push(n)),process.stdin.on("end",()=>process.stdout.write(r.join("")));return}let e=await Ue();switch(t){case "PreToolUse":await rn(e);break;case "PostToolUse":await Tn(e);break;case "Stop":await On(e);break;default:process.stderr.write(`[flow-obs] unknown event: ${t}
141
+ `),process.stdout.write(JSON.stringify(e));}}var In=p(()=>{nt();Tt();en();nn();yn();Ln();ho().catch(t=>{process.stderr.write(`[flow-obs] fatal: ${t.message}
142
+ `),process.exit(0);});});var So=new Set(["UserPromptSubmit","PreToolUse","PostToolUse","Stop"]),[,,N,Vt]=process.argv;function Ot(t,e){let r=t.indexOf(e);return r!==-1?t[r+1]:void 0}if(N==="--version"||N==="-v"){let{version:t}=Yt();process.stdout.write(t+`
143
+ `),process.exit(0);}else if(N==="--help"||N==="-h"){let{bold:t,cyan:e,dim:r}=(lt(),L(de)),{version:n}=Yt();process.stdout.write(`
137
144
  `+t(" flow-ai-obs")+r(" v"+n)+`
138
145
 
139
- `),process.stdout.write(e(" install")+r(` Auth (if needed) + hooks + native OTEL
146
+ `),process.stdout.write(e(" init")+r(` Auth (if needed) + hooks + native OTEL
140
147
  `)),process.stdout.write(e(" setup")+r(` Full Flow wizard: auth + hooks + OTEL + LLM proxy + connectivity
141
148
  `)),process.stdout.write(e(" auth login")+r(` Authenticate with Flow (clientId / clientSecret / tenant)
142
149
  `)),process.stdout.write(e(" auth logout")+r(` Remove credentials
143
150
  `)),process.stdout.write(e(" auth status")+r(` Show current auth status
144
151
  `)),process.stdout.write(e(" check")+r(` Validate full observability setup
145
152
 
146
- `)),process.stdout.write(r(` Flags: --version, -v Show version
147
- `)),process.stdout.write(r(` --help, -h Show this help
153
+ `)),process.stdout.write(r(` Flags: --version, -v Show version
154
+ `)),process.stdout.write(r(` --help, -h Show this help
155
+ `)),process.stdout.write(r(` --no-interactive Skip interactive prompts
156
+
157
+ `)),process.stdout.write(r(` Aliases: install \u2192 init (deprecated)
148
158
 
149
159
  `)),process.stdout.write(r(` (Hook events: UserPromptSubmit | PreToolUse | PostToolUse | Stop)
150
160
 
151
- `)),process.exit(0);}else if(D==="install"){(Vt(),N(jt)).checkForUpdate();let{runInstall:t}=(Ie(),N(Pr));t().then(e=>process.exit(e)).catch(e=>{process.stderr.write(`Unexpected error: ${e.message}
152
- `),process.exit(1);});}else if(D==="setup"){(Vt(),N(jt)).checkForUpdate();let{runSetup:t}=(Cr(),N(Rr)),e=process.argv.slice(3);t({clientId:kt(e,"--client-id"),clientSecret:kt(e,"--client-secret"),tenant:kt(e,"--tenant")}).then(r=>process.exit(r)).catch(r=>{process.stderr.write(`Unexpected error: ${r.message}
153
- `),process.exit(1);});}else if(D==="auth"){(Vt(),N(jt)).checkForUpdate();let{runLogin:t,runLogout:e,runStatus:r}=(Rt(),N(Ir));(async()=>{let n=0;if(xt==="login"||!xt){let s=process.argv.slice(4);n=await t({clientId:kt(s,"--client-id"),clientSecret:kt(s,"--client-secret"),tenant:kt(s,"--tenant")});}else if(xt==="logout"){let s=process.argv.includes("--force");n=await e(s);}else xt==="status"?n=await r():(process.stderr.write(`Unknown auth subcommand: ${xt}
161
+ `)),process.exit(0);}else if(N==="init"||N==="install")(async()=>{N==="install"&&process.stderr.write(`Warning: "install" is deprecated, use "init" instead
162
+ `),await(dt(),L(ut)).checkForUpdateInteractive();let{runInstall:t}=(Re(),L(xr));process.exit(await t());})().catch(t=>{process.stderr.write(`Unexpected error: ${t.message}
163
+ `),process.exit(1);});else if(N==="setup")(async()=>{await(dt(),L(ut)).checkForUpdateInteractive();let{runSetup:t}=(Dr(),L(Mr)),e=process.argv.slice(3);process.exit(await t({clientId:Ot(e,"--client-id"),clientSecret:Ot(e,"--client-secret"),tenant:Ot(e,"--tenant")}));})().catch(t=>{process.stderr.write(`Unexpected error: ${t.message}
164
+ `),process.exit(1);});else if(N==="auth")(async()=>{let{runLogin:t,runLogout:e,runStatus:r}=(xt(),L(Ur)),n=0;if(Vt==="login"||!Vt){await(dt(),L(ut)).checkForUpdateInteractive();let s=process.argv.slice(4);n=await t({clientId:Ot(s,"--client-id"),clientSecret:Ot(s,"--client-secret"),tenant:Ot(s,"--tenant")});}else if(Vt==="logout"){let s=process.argv.includes("--force");n=await e(s);}else Vt==="status"?(await(dt(),L(ut)).checkForUpdateInteractive(),n=await r()):(process.stderr.write(`Unknown auth subcommand: ${Vt}
154
165
  `),process.stderr.write(`Usage: flow-ai-obs auth [login|logout|status]
155
- `),n=1);process.exit(n);})();}else if(D==="otel-headers"){let{runOtelHeaders:t}=(Fr(),N(Ur));t().then(e=>process.exit(e)).catch(()=>process.exit(1));}else if(D==="check"){let{runCheck:t}=(Mr(),N(xr));t().then(e=>process.exit(e)).catch(e=>{process.stderr.write(`Unexpected error: ${e.message}
156
- `),process.exit(1);});}else if(co.has(D))kn();else {let{bold:t,cyan:e,dim:r}=(ct(),N(le));process.stdout.write(`
166
+ `),n=1);process.exit(n);})();else if(N==="otel-headers"){let{runOtelHeaders:t}=(Hr(),L(Br));t().then(e=>process.exit(e)).catch(()=>process.exit(1));}else if(N==="check")(async()=>{await(dt(),L(ut)).checkForUpdateInteractive();let{runCheck:t}=(Yr(),L(jr));process.exit(await t());})().catch(t=>{process.stderr.write(`Unexpected error: ${t.message}
167
+ `),process.exit(1);});else if(So.has(N))In();else {let{bold:t,cyan:e,dim:r}=(lt(),L(de));process.stdout.write(`
157
168
  `+t(" flow-ai-obs")+`
158
169
 
159
- `),process.stdout.write(e(" install")+r(` Auth (if needed) + hooks + native OTEL
170
+ `),process.stdout.write(e(" init")+r(` Auth (if needed) + hooks + native OTEL
160
171
  `)),process.stdout.write(e(" setup")+r(` Full Flow wizard: auth + hooks + OTEL + LLM proxy + connectivity
161
172
  `)),process.stdout.write(e(" auth login")+r(` Authenticate with Flow (clientId / clientSecret / tenant)
162
173
  `)),process.stdout.write(e(" auth logout")+r(` Remove credentials
package/dist/index.js CHANGED
@@ -1,20 +1,16 @@
1
- 'use strict';var child_process=require('child_process'),util=require('util'),R=require('fs'),$=require('path'),fe=require('os'),Ve=require('https'),Ge=require('http'),crypto=require('crypto');function _interopDefault(e){return e&&e.__esModule?e:{default:e}}var R__default=/*#__PURE__*/_interopDefault(R);var $__default=/*#__PURE__*/_interopDefault($);var fe__default=/*#__PURE__*/_interopDefault(fe);var Ve__default=/*#__PURE__*/_interopDefault(Ve);var Ge__default=/*#__PURE__*/_interopDefault(Ge);var Ie=Object.defineProperty;var q=(t=>typeof require<"u"?require:typeof Proxy<"u"?new Proxy(t,{get:(e,n)=>(typeof require<"u"?require:e)[n]}):t)(function(t){if(typeof require<"u")return require.apply(this,arguments);throw Error('Dynamic require of "'+t+'" is not supported')});var ct=(t,e)=>()=>(t&&(e=t(t=0)),e);var lt=(t,e)=>{for(var n in e)Ie(t,n,{get:e[n],enumerable:true});};var Ut={};lt(Ut,{MacOsKeyVaultProvider:()=>mt});var ft,mt,vt=ct(()=>{ft=util.promisify(child_process.execFile),mt=class{static async isAvailable(){try{return R.accessSync("/usr/bin/security",R.constants.X_OK),!0}catch{return false}}async getSecret(e,n){try{let{stdout:r}=await ft("security",["find-generic-password","-w","-a",n,"-s",e]);return r.trim()||null}catch{return null}}async setSecret(e,n,r){await ft("security",["add-generic-password","-U","-a",n,"-s",e,"-w",r]);}async deleteSecret(e,n){try{return await ft("security",["delete-generic-password","-a",n,"-s",e]),!0}catch{return false}}getStoragePath(){return "macOS Keychain"}};});var $t={};lt($t,{LinuxKeyVaultProvider:()=>gt});var Ct,gt,Ft=ct(()=>{Ct=util.promisify(child_process.execFile),gt=class{static async isAvailable(){let e=["/usr/bin/secret-tool","/bin/secret-tool","/usr/local/bin/secret-tool"];for(let n of e)try{return R.accessSync(n,R.constants.X_OK),!0}catch{}return false}async getSecret(e,n){try{let{stdout:r}=await Ct("secret-tool",["lookup","service",e,"account",n]);return r.trim()||null}catch{return null}}async setSecret(e,n,r){await new Promise((o,s)=>{let i=child_process.spawn("secret-tool",["store","--label",e,"service",e,"account",n]);i.on("error",s),i.on("close",u=>{u===0?o():s(new Error(`secret-tool exited with code ${u}`));}),i.stdin.write(r),i.stdin.end();});}async deleteSecret(e,n){try{return await Ct("secret-tool",["clear","service",e,"account",n]),!0}catch{return false}}getStoragePath(){return "Linux Secret Service (libsecret)"}};});var Bt={};lt(Bt,{WindowsKeyVaultProvider:()=>_t});var _t,Dt=ct(()=>{_t=class{static async isAvailable(){try{return await q("keytar").getPassword("__flow_probe__","__flow_probe__"),!0}catch{return false}}async getSecret(e,n){return q("keytar").getPassword(e,n)}async setSecret(e,n,r){await q("keytar").setPassword(e,n,r);}async deleteSecret(e,n){return q("keytar").deletePassword(e,n)}getStoragePath(){return "Windows Credential Manager"}};});var I=process.env.FLOW_BASE_URL||"https://flow.ciandt.com",Y={AUTH_ENGINE:process.env.FLOW_AUTH_ENGINE_URL||`${I}/auth-engine-api/v2/api-key/token`,GATEWAY_TRACES:process.env.FLOW_GATEWAY_TRACES_URL||`${I}/flow-langfuse-gateway/v1/traces`,GATEWAY_HEALTH:process.env.FLOW_GATEWAY_HEALTH_URL||`${I}/flow-langfuse-gateway/v1/health`,OTEL_ENDPOINT:process.env.FLOW_OTEL_ENDPOINT_URL||`${I}/otel`},X={SERVICE:"flow-plugins-cli",ACCOUNT_TOKEN:"token-cache"},z="FLOW-nodejs",Z="config.json",ut={SCOPE_NAME:"flow-ai-obs",SCOPE_VERSION:"0.1.0"};({ANTHROPIC_BASE_URL:process.env.FLOW_LLM_PROXY_URL??`${I}/flow-llm-proxy/`,ANTHROPIC_MODEL:process.env.FLOW_LLM_PROXY_MODEL??"anthropic.claude-4-6-sonnet",ANTHROPIC_SMALL_FAST_MODEL:process.env.FLOW_LLM_PROXY_SMALL_MODEL??"anthropic.claude-4-6-sonnet"});var g={FLOW_TELEMETRY:"FLOW_TELEMETRY",FLOW_TELEMETRY_GATEWAY:"FLOW_TELEMETRY_GATEWAY_URL",LANGFUSE_BASE_URL:"LANGFUSE_BASE_URL",LANGFUSE_PUBLIC_KEY:"LANGFUSE_PUBLIC_KEY",LANGFUSE_SECRET_KEY:"LANGFUSE_SECRET_KEY",ANTHROPIC_MODEL:"ANTHROPIC_MODEL",ANTHROPIC_AUTH_TOKEN:"ANTHROPIC_AUTH_TOKEN",FLOW_OBS_DEBUG:"FLOW_TELEMETRY_DEBUG",FLOW_OBS_ALLOW_HTTP:"FLOW_TELEMETRY_ALLOW_HTTP",BUFFER_TTL_DAYS:"FLOW_TELEMETRY_BUFFER_TTL_DAYS",BUFFER_MAX_FILES:"FLOW_TELEMETRY_BUFFER_MAX_FILES"};var A={FILE_PREFIX:"flow-obs-buffer-",DEFAULT_TTL_DAYS:4,MIN_TTL_DAYS:1,MAX_TTL_DAYS:30,DEFAULT_MAX_FILES:50,MIN_MAX_FILES:1,MAX_MAX_FILES:500,REPLAY_BATCH_SIZE:10},Pt="flow-ai-obs-debug.log",k={TOOL_INPUT:2e4,TOOL_OUTPUT:2e4,TRACE_OUTPUT:2e4,USER_INSTRUCTION:1e4,TRACE_INPUT:5e4};({API_URL:process.env.FLOW_METRICS_URL||`${I}/metrics-collector-api/log-event`});var pt={credentials:"credentials","token-cache":"tokenCache"};function W(){let t=fe__default.default.homedir();if(process.platform==="darwin")return $__default.default.join(t,"Library","Preferences",z,Z);if(process.platform==="win32"){let n=process.env.APPDATA??$__default.default.join(t,"AppData","Roaming");return $__default.default.join(n,z,Z)}let e=process.env.XDG_CONFIG_HOME??$__default.default.join(t,".config");return $__default.default.join(e,z,Z)}function dt(){try{let t=R__default.default.readFileSync(W(),"utf8");return JSON.parse(t)}catch{return {}}}function bt(t){let e=W();R__default.default.mkdirSync($__default.default.dirname(e),{recursive:true}),R__default.default.writeFileSync(e,JSON.stringify(t,null,2),{encoding:"utf8",mode:384});}var tt=class{static isAvailable(){return true}static hasExistingData(){try{if(!R__default.default.existsSync(W()))return !1;let e=JSON.parse(R__default.default.readFileSync(W(),"utf8"));return !!(e&&e.credentials)}catch{return false}}async getSecret(e,n){let r=dt(),o=pt[n]??n,s=r[o];return s?typeof s=="string"?s:JSON.stringify(s):null}async setSecret(e,n,r){let o=dt(),s=pt[n]??n;if(n==="token-cache")try{o[s]=JSON.parse(r);}catch{o[s]=r;}else o[s]=r;bt(o);}async deleteSecret(e,n){let r=dt(),o=pt[n]??n;return o in r?(delete r[o],bt(r),true):false}getStoragePath(){return `config.json (unencrypted) \u2014 ${W()}`}};async function Mt(){return await De()??new tt}async function De(){switch(process.platform){case "darwin":{let{MacOsKeyVaultProvider:t}=await Promise.resolve().then(()=>(vt(),Ut));return await t.isAvailable()?new t:null}case "linux":{let{LinuxKeyVaultProvider:t}=await Promise.resolve().then(()=>(Ft(),$t));return await t.isAvailable()?new t:null}case "win32":{let{WindowsKeyVaultProvider:t}=await Promise.resolve().then(()=>(Dt(),Bt));return await t.isAvailable()?new t:null}default:return null}}var Et=X.SERVICE,xt=X.ACCOUNT_TOKEN,St=null;function Tt(){return St||(St=Mt()),St}async function Ht(t){await(await Tt()).setSecret(Et,xt,JSON.stringify({accessToken:t.accessToken,expiresAt:t.expiresAt}));}async function nt(){let e=await(await Tt()).getSecret(Et,xt);if(!e)return null;try{let n=JSON.parse(e);return {accessToken:n.accessToken,expiresAt:n.expiresAt}}catch{return null}}async function Yt(){let t=await nt();return t?new Date(t.expiresAt)>new Date:false}async function G(){let t=await nt();if(!t||!t.accessToken)return null;try{let e=t.accessToken.split(".");if(e.length<2)return null;let n=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return n.email??n.preferred_username??n.upn??n.sub??null}catch{return null}}var We=$.join(fe.tmpdir(),Pt);function a(...t){if(process.env[g.FLOW_OBS_DEBUG]!=="1")return;let e=`[${new Date().toISOString()}] ${t.join(" ")}
1
+ 'use strict';var child_process=require('child_process'),util=require('util'),R=require('fs'),F=require('path'),fe=require('os'),Ve=require('https'),Ge=require('http'),crypto=require('crypto');function _interopDefault(e){return e&&e.__esModule?e:{default:e}}var R__default=/*#__PURE__*/_interopDefault(R);var F__default=/*#__PURE__*/_interopDefault(F);var fe__default=/*#__PURE__*/_interopDefault(fe);var Ve__default=/*#__PURE__*/_interopDefault(Ve);var Ge__default=/*#__PURE__*/_interopDefault(Ge);var Ie=Object.defineProperty;var X=(t=>typeof require<"u"?require:typeof Proxy<"u"?new Proxy(t,{get:(e,n)=>(typeof require<"u"?require:e)[n]}):t)(function(t){if(typeof require<"u")return require.apply(this,arguments);throw Error('Dynamic require of "'+t+'" is not supported')});var ct=(t,e)=>()=>(t&&(e=t(t=0)),e);var lt=(t,e)=>{for(var n in e)Ie(t,n,{get:e[n],enumerable:true});};var Dt={};lt(Dt,{MacOsKeyVaultProvider:()=>mt});var ft,mt,Bt=ct(()=>{ft=util.promisify(child_process.execFile),mt=class{static async isAvailable(){try{return R.accessSync("/usr/bin/security",R.constants.X_OK),!0}catch{return false}}async getSecret(e,n){try{let{stdout:r}=await ft("security",["find-generic-password","-w","-a",n,"-s",e]);return r.trim()||null}catch{return null}}async setSecret(e,n,r){await ft("security",["add-generic-password","-U","-a",n,"-s",e,"-w",r]);}async deleteSecret(e,n){try{return await ft("security",["delete-generic-password","-a",n,"-s",e]),!0}catch{return false}}getStoragePath(){return "macOS Keychain"}};});var Mt={};lt(Mt,{LinuxKeyVaultProvider:()=>gt});var xt,gt,Yt=ct(()=>{xt=util.promisify(child_process.execFile),gt=class{static async isAvailable(){let e=["/usr/bin/secret-tool","/bin/secret-tool","/usr/local/bin/secret-tool"];for(let n of e)try{return R.accessSync(n,R.constants.X_OK),!0}catch{}return false}async getSecret(e,n){try{let{stdout:r}=await xt("secret-tool",["lookup","service",e,"account",n]);return r.trim()||null}catch{return null}}async setSecret(e,n,r){await new Promise((o,s)=>{let i=child_process.spawn("secret-tool",["store","--label",e,"service",e,"account",n]);i.on("error",s),i.on("close",u=>{u===0?o():s(new Error(`secret-tool exited with code ${u}`));}),i.stdin.write(r),i.stdin.end();});}async deleteSecret(e,n){try{return await xt("secret-tool",["clear","service",e,"account",n]),!0}catch{return false}}getStoragePath(){return "Linux Secret Service (libsecret)"}};});var Ht={};lt(Ht,{WindowsKeyVaultProvider:()=>_t});var _t,Wt=ct(()=>{_t=class{static async isAvailable(){try{return await X("keytar").getPassword("__flow_probe__","__flow_probe__"),!0}catch{return false}}async getSecret(e,n){return X("keytar").getPassword(e,n)}async setSecret(e,n,r){await X("keytar").setPassword(e,n,r);}async deleteSecret(e,n){return X("keytar").deletePassword(e,n)}getStoragePath(){return "Windows Credential Manager"}};});var k=process.env.FLOW_BASE_URL||"https://flow.ciandt.com",W={AUTH_ENGINE:process.env.FLOW_AUTH_ENGINE_URL||`${k}/auth-engine-api/v2/api-key/token`,GATEWAY_TRACES:process.env.FLOW_GATEWAY_TRACES_URL||`${k}/flow-langfuse-gateway/v1/traces`,GATEWAY_HEALTH:process.env.FLOW_GATEWAY_HEALTH_URL||`${k}/flow-langfuse-gateway/v1/health`,OTEL_ENDPOINT:process.env.FLOW_OTEL_ENDPOINT_URL||`${k}/otel`},z={SERVICE:"flow-plugins-cli",ACCOUNT_TOKEN:"token-cache"},Z="FLOW-nodejs",Q="config.json",ut={SCOPE_NAME:"flow-ai-obs",SCOPE_VERSION:"0.1.0"};({ANTHROPIC_BASE_URL:process.env.FLOW_LLM_PROXY_URL??`${k}/flow-llm-proxy/`,ANTHROPIC_MODEL:process.env.FLOW_LLM_PROXY_MODEL??"anthropic.claude-4-6-sonnet",ANTHROPIC_SMALL_FAST_MODEL:process.env.FLOW_LLM_PROXY_SMALL_MODEL??"anthropic.claude-4-6-sonnet"});var g={FLOW_TELEMETRY:"FLOW_TELEMETRY",FLOW_TELEMETRY_GATEWAY:"FLOW_TELEMETRY_GATEWAY_URL",LANGFUSE_BASE_URL:"LANGFUSE_BASE_URL",LANGFUSE_PUBLIC_KEY:"LANGFUSE_PUBLIC_KEY",LANGFUSE_SECRET_KEY:"LANGFUSE_SECRET_KEY",ANTHROPIC_MODEL:"ANTHROPIC_MODEL",ANTHROPIC_AUTH_TOKEN:"ANTHROPIC_AUTH_TOKEN",FLOW_OBS_DEBUG:"FLOW_TELEMETRY_DEBUG",FLOW_OBS_ALLOW_HTTP:"FLOW_TELEMETRY_ALLOW_HTTP",BUFFER_TTL_DAYS:"FLOW_TELEMETRY_BUFFER_TTL_DAYS",BUFFER_MAX_FILES:"FLOW_TELEMETRY_BUFFER_MAX_FILES"};var A={FILE_PREFIX:"flow-obs-buffer-",DEFAULT_TTL_DAYS:4,MIN_TTL_DAYS:1,MAX_TTL_DAYS:30,DEFAULT_MAX_FILES:50,MIN_MAX_FILES:1,MAX_MAX_FILES:500,REPLAY_BATCH_SIZE:10},$t="flow-ai-obs-debug.log",w={TOOL_INPUT:2e4,TOOL_OUTPUT:2e4,TRACE_OUTPUT:2e4,USER_INSTRUCTION:1e4,TRACE_INPUT:5e4};({API_URL:process.env.FLOW_METRICS_URL||`${k}/metrics-collector-api/log-event`});var pt={credentials:"credentials","token-cache":"tokenCache"};function V(){let t=fe__default.default.homedir();if(process.platform==="darwin")return F__default.default.join(t,"Library","Preferences",Z,Q);if(process.platform==="win32"){let n=process.env.APPDATA??F__default.default.join(t,"AppData","Roaming");return F__default.default.join(n,Z,Q)}let e=process.env.XDG_CONFIG_HOME??F__default.default.join(t,".config");return F__default.default.join(e,Z,Q)}function dt(){try{let t=R__default.default.readFileSync(V(),"utf8");return JSON.parse(t)}catch{return {}}}function Ft(t){let e=V();R__default.default.mkdirSync(F__default.default.dirname(e),{recursive:true}),R__default.default.writeFileSync(e,JSON.stringify(t,null,2),{encoding:"utf8",mode:384});}var et=class{static isAvailable(){return true}static hasExistingData(){try{if(!R__default.default.existsSync(V()))return !1;let e=JSON.parse(R__default.default.readFileSync(V(),"utf8"));return !!(e&&e.credentials)}catch{return false}}async getSecret(e,n){let r=dt(),o=pt[n]??n,s=r[o];return s?typeof s=="string"?s:JSON.stringify(s):null}async setSecret(e,n,r){let o=dt(),s=pt[n]??n;if(n==="token-cache")try{o[s]=JSON.parse(r);}catch{o[s]=r;}else o[s]=r;Ft(o);}async deleteSecret(e,n){let r=dt(),o=pt[n]??n;return o in r?(delete r[o],Ft(r),true):false}getStoragePath(){return `config.json (unencrypted) \u2014 ${V()}`}};async function Vt(){return await Be()??new et}async function Be(){switch(process.platform){case "darwin":{let{MacOsKeyVaultProvider:t}=await Promise.resolve().then(()=>(Bt(),Dt));return await t.isAvailable()?new t:null}case "linux":{let{LinuxKeyVaultProvider:t}=await Promise.resolve().then(()=>(Yt(),Mt));return await t.isAvailable()?new t:null}case "win32":{let{WindowsKeyVaultProvider:t}=await Promise.resolve().then(()=>(Wt(),Ht));return await t.isAvailable()?new t:null}default:return null}}var Et=z.SERVICE,Gt=z.ACCOUNT_TOKEN,St=null;function Tt(){return St||(St=Vt()),St}async function ht(t){await(await Tt()).setSecret(Et,Gt,JSON.stringify({accessToken:t.accessToken,expiresAt:t.expiresAt,lastAuthCheckAt:t.lastAuthCheckAt}));}async function yt(){let e=await(await Tt()).getSecret(Et,Gt);if(!e)return null;try{let n=JSON.parse(e);return {accessToken:n.accessToken,expiresAt:n.expiresAt,lastAuthCheckAt:n.lastAuthCheckAt}}catch{return null}}async function K(){let t=await yt();if(!t||!t.accessToken)return null;try{let e=t.accessToken.split(".");if(e.length<2)return null;let n=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return n.email??n.preferred_username??n.upn??n.sub??null}catch{return null}}var We=F.join(fe.tmpdir(),$t);function a(...t){if(process.env[g.FLOW_OBS_DEBUG]!=="1")return;let e=`[${new Date().toISOString()}] ${t.join(" ")}
2
2
  `;try{R.writeFileSync(We,e,{flag:"a"});}catch(n){process.stderr.write(`[flow-obs debug ERROR] ${n.message}
3
- `);}}var Ke=/^[a-z0-9][a-z0-9-]{0,62}[a-z0-9]$|^[a-z0-9]$/;function je(t){if(!Ke.test(t))throw new Error(`Invalid tenant value: "${t}". Tenant must be lowercase alphanumeric and hyphens (1-64 chars).`)}var Wt={INVALID_CLIENT_SECRET:"Invalid Client Secret \u2014 check the value and try again",INVALID_CLIENT_ID:"Invalid Client ID \u2014 check the value and try again",INVALID_TENANT:"Invalid Tenant \u2014 check the value and try again",TENANT_NOT_FOUND:"Tenant not found \u2014 verify the tenant identifier"};function Je(t,e){let n=e.length>400?e.slice(0,400)+"\u2026":e;a("toAuthError",`status=${t} body=${n}`);try{let r=JSON.parse(e);if(typeof r.error=="string"&&(a("toAuthError",`api_error_code=${r.error}`+(r.message?` api_message=${r.message}`:"")),Wt[r.error]))return new Error(Wt[r.error])}catch{}return t===401||t===403||t===500?new Error("Invalid credentials"):t>=400&&t<500?new Error("Authentication request was rejected"):new Error("Authentication service unavailable, please try again later")}function Vt(t){return new Promise((e,n)=>{try{je(t.tenant);}catch(p){return n(p)}let r=JSON.stringify({clientSecret:t.clientSecret}),o=new URL(Y.AUTH_ENGINE),s=o.protocol==="https:",i={hostname:o.hostname,port:o.port||(s?443:80),path:o.pathname+o.search,method:"POST",headers:{"Content-Type":"application/json","Content-Length":Buffer.byteLength(r),FlowTenant:t.tenant}};a("getToken",`requesting token tenant=${t.tenant} host=${i.hostname} path=${i.path}`);let l=(s?Ve__default.default:Ge__default.default).request(i,p=>{let S=[];p.on("data",T=>S.push(T)),p.on("end",()=>{let T=S.join("");if((p.statusCode??0)>=400)return n(Je(p.statusCode??0,T));let d;try{d=JSON.parse(T);}catch{return n(new Error("Invalid response from auth engine"))}let E=d.expires_at??new Date(Date.now()+(d.expires_in??3600)*1e3).toISOString();e({accessToken:d.access_token??"",expiresAt:E});});});l.on("error",p=>n(new Error(`Network error: ${p.message}`))),l.write(r),l.end();})}var qe=[/^localhost\.?$/i,/^127\./,/^10\./,/^172\.(1[6-9]|2\d|3[01])\./,/^192\.168\./,/^169\.254\./,/^0\.0\.0\.0$/,/^::1$/,/^\[::1\]$/,/^\[::ffff:/i,/^\[f[cd]/i,/^\[fe80:/i,/^metadata\.google\.internal\.?$/i,/^metadata\.azure\.internal\.?$/i,/(?:^|\.)localtest\.me\.?$/i,/(?:^|\.)lvh\.me\.?$/i,/(?:^|\.)vcap\.me\.?$/i];function Xe(t){return qe.some(e=>e.test(t))}function ze(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let n=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return n.email||n.preferred_username||n.upn||n.sub||null}catch{return null}}function Kt(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let n=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8")),{clientId:r,clientSecret:o,tenant:s}=n;return !r||!o||!s?null:{clientId:r,clientSecret:o,tenant:s}}catch{return null}}function Gt(t){let e;try{e=new URL(t);}catch{throw new Error(`Invalid URL: ${t}`)}let n=process.env[g.FLOW_OBS_ALLOW_HTTP]==="true";if(!n&&e.protocol!=="https:")throw new Error(`URL must use HTTPS: ${t}`);if(e.username||e.password)throw new Error(`URL must not contain embedded credentials: ${t}`);if(!n&&Xe(e.hostname))throw new Error(`SSRF: private/loopback host not allowed: ${e.hostname}`);return t}async function jt(){let t=Kt(process.env[g.ANTHROPIC_AUTH_TOKEN]);if(t)return {user:await G().catch(()=>null)??t.clientId,tenant:t.tenant};return {user:"",tenant:""}}async function Ze(t){if(await Yt()){let n=await nt();return a("getOrRefreshToken",`using cached token, expires=${n.expiresAt}`),n.accessToken}a("getOrRefreshToken",`token expired \u2014 refreshing via auth-engine (tenant=${t.tenant} clientId=${t.clientId})`);let e=await Vt(t);try{await Ht(e);}catch(n){a("getOrRefreshToken",`token cache save failed (non-fatal): ${n.message}`);}return a("getOrRefreshToken",`token refreshed, expires=${e.expiresAt}`),e.accessToken}function Qe(t,e){let n=e&&e.accessToken?e.accessToken:"";return {endpoint:t.replace(/\/$/,"")+"/flow-langfuse-gateway/v1/traces",authHeader:`Bearer ${n}`}}function tn(t,e,n){let r=Buffer.from(`${e}:${n}`).toString("base64");return {endpoint:t.replace(/\/$/,"")+"/api/public/otel/v1/traces",authHeader:`Basic ${r}`}}async function K(){let t=[],e=process.env[g.ANTHROPIC_MODEL]??"",n=Kt(process.env[g.ANTHROPIC_AUTH_TOKEN]);a("resolveCredentials",n?"credentials resolved from ANTHROPIC_AUTH_TOKEN":"ANTHROPIC_AUTH_TOKEN absent or invalid");let r=n?n.tenant:"",o=process.env[g.FLOW_TELEMETRY]==="true",s=process.env[g.LANGFUSE_BASE_URL],i=process.env[g.LANGFUSE_PUBLIC_KEY],u=process.env[g.LANGFUSE_SECRET_KEY];if(o&&s&&i&&u){let d="",E=r;if(n)d=await G().catch(()=>null)??n.clientId;let _={user:d??"",tenant:E??"",team:"",project:"",model:e};t.push({mode:"direct",...tn(Gt(s),i,u),..._}),a("resolveCredentials","direct mode active",`user=${_.user}`,`tenant=${_.tenant}`);}if(!n){if(t.length===0){let d=[];return d.authError=false,d}return t}let l;try{l=await Ze(n);}catch(d){if(a("resolveCredentials",`token refresh failed: ${d.message}`,`(tenant=${n.tenant} clientId=${n.clientId})`),t.length>0)return t;let E=[];return E.authError=true,E}let S={user:ze(l)??n.clientId,tenant:r,team:"",project:"",model:e},T=process.env[g.FLOW_TELEMETRY_GATEWAY]??I;return t.push({mode:"gateway",...Qe(Gt(T),{accessToken:l}),...S}),t}async function Jt(){return (await K()).length>0}function w(t,e){let n=typeof t=="object"?JSON.stringify(t):String(t??"");return n.length>e?n.slice(0,e)+" \u2026[truncated]":n}function rt(t,e=100){return String(t??"").split(`
4
- `)[0].slice(0,e).trim()}function qt(){return new Promise(t=>{let e="";process.stdin.setEncoding("utf8"),process.stdin.on("data",n=>{e+=n;}),process.stdin.on("end",()=>{try{t(JSON.parse(e));}catch{t({});}});})}function O(t){process.stdout.write(JSON.stringify(t));}var ht=()=>crypto.randomBytes(16).toString("hex"),b=()=>crypto.randomBytes(8).toString("hex");function N(){return String(BigInt(Date.now())*1000000n)}var un=/^[0-9a-f-]{1,64}$/i,pn=$.normalize(fe.tmpdir())+$.sep;function dn(t,e){let n=$.resolve(t);if(!n.startsWith(e))throw new Error(`Path traversal detected: ${t}`);return n}function yt(t){if(!un.test(t))throw new Error(`Invalid session ID: ${t}`);return dn($.join(fe.tmpdir(),`flow-obs-${t}.json`),pn)}function F(t){let e=yt(t);if(!R.existsSync(e))return null;try{return JSON.parse(R.readFileSync(e,"utf8"))}catch{return null}}function B(t,e){R.writeFileSync(yt(t),JSON.stringify(e),{encoding:"utf8",mode:384});}function At(t){try{R.unlinkSync(yt(t));}catch{}}function te(t){if(!t||!R.existsSync(t))return null;try{let e=R.readFileSync(t,"utf8").trimEnd().split(`
5
- `);for(let n=e.length-1;n>=0;n--)try{let r=JSON.parse(e[n]);if(r.type==="user"&&r.uuid)return r.uuid}catch{}}catch{}return null}function Ot(t){if(!t||!R.existsSync(t))return null;try{let e=R.readFileSync(t,"utf8").trimEnd().split(`
3
+ `);}}var b=class extends Error{constructor(e){super(e),this.name="AuthError";}},Ke=/^[a-z0-9][a-z0-9-]{0,62}[a-z0-9]$|^[a-z0-9]$/;function Je(t){if(!Ke.test(t))throw new Error(`Invalid tenant value: "${t}". Tenant must be lowercase alphanumeric and hyphens (1-64 chars).`)}var Kt={INVALID_CLIENT_SECRET:"Invalid Client Secret \u2014 check the value and try again",INVALID_CLIENT_ID:"Invalid Client ID \u2014 check the value and try again",INVALID_TENANT:"Invalid Tenant \u2014 check the value and try again",TENANT_NOT_FOUND:"Tenant not found \u2014 verify the tenant identifier"};function je(t,e){let n=e.length>400?e.slice(0,400)+"\u2026":e;a("toAuthError",`status=${t} body=${n}`);try{let r=JSON.parse(e);if(typeof r.error=="string"&&(a("toAuthError",`api_error_code=${r.error}`+(r.message?` api_message=${r.message}`:"")),Kt[r.error]))return new b(Kt[r.error])}catch{}return t===401||t===403||t===500?new b("Invalid credentials"):t>=400&&t<500?new b("Authentication request was rejected"):new Error("Authentication service unavailable, please try again later")}function At(t){return new Promise((e,n)=>{try{Je(t.tenant);}catch(p){return n(p)}let r=JSON.stringify({clientSecret:t.clientSecret}),o=new URL(W.AUTH_ENGINE),s=o.protocol==="https:",i={hostname:o.hostname,port:o.port||(s?443:80),path:o.pathname+o.search,method:"POST",headers:{"Content-Type":"application/json","Content-Length":Buffer.byteLength(r),FlowTenant:t.tenant}};a("getToken",`requesting token tenant=${t.tenant} host=${i.hostname} path=${i.path}`);let l=(s?Ve__default.default:Ge__default.default).request(i,p=>{let S=[];p.on("data",T=>S.push(T)),p.on("end",()=>{let T=S.join("");if((p.statusCode??0)>=400)return n(je(p.statusCode??0,T));let d;try{d=JSON.parse(T);}catch{return n(new Error("Invalid response from auth engine"))}let E=d.expires_at??new Date(Date.now()+(d.expires_in??3600)*1e3).toISOString();e({accessToken:d.access_token??"",expiresAt:E});});});l.on("error",p=>n(new Error(`Network error: ${p.message}`))),l.write(r),l.end();})}var qe=[/^localhost\.?$/i,/^127\./,/^10\./,/^172\.(1[6-9]|2\d|3[01])\./,/^192\.168\./,/^169\.254\./,/^0\.0\.0\.0$/,/^::1$/,/^\[::1\]$/,/^\[::ffff:/i,/^\[f[cd]/i,/^\[fe80:/i,/^metadata\.google\.internal\.?$/i,/^metadata\.azure\.internal\.?$/i,/(?:^|\.)localtest\.me\.?$/i,/(?:^|\.)lvh\.me\.?$/i,/(?:^|\.)vcap\.me\.?$/i];function Xe(t){return qe.some(e=>e.test(t))}function ze(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let n=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return n.email||n.preferred_username||n.upn||n.sub||null}catch{return null}}function jt(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let n=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8")),{clientId:r,clientSecret:o,tenant:s}=n;return !r||!o||!s?null:{clientId:r,clientSecret:o,tenant:s}}catch{return null}}function Jt(t){let e;try{e=new URL(t);}catch{throw new Error(`Invalid URL: ${t}`)}let n=process.env[g.FLOW_OBS_ALLOW_HTTP]==="true";if(!n&&e.protocol!=="https:")throw new Error(`URL must use HTTPS: ${t}`);if(e.username||e.password)throw new Error(`URL must not contain embedded credentials: ${t}`);if(!n&&Xe(e.hostname))throw new Error(`SSRF: private/loopback host not allowed: ${e.hostname}`);return t}async function qt(){let t=jt(process.env[g.ANTHROPIC_AUTH_TOKEN]);if(t)return {user:await K().catch(()=>null)??t.clientId,tenant:t.tenant};return {user:"",tenant:""}}function Ze(){return new Date().toISOString().slice(0,10)}async function Qe(t){let e=Ze(),n=await yt();if(n?.lastAuthCheckAt!==e){a("getOrRefreshToken",`daily auth check (last: ${n?.lastAuthCheckAt??"never"})`);try{let s=await At(t);try{await ht({...s,lastAuthCheckAt:e});}catch{}return a("getOrRefreshToken",`daily check passed, expires=${s.expiresAt}`),s.accessToken}catch(s){if(s instanceof b)throw s;a("getOrRefreshToken",`daily check network error \u2014 using cache: ${s.message}`);}}let r=n!=null&&new Date(n.expiresAt)>new Date;if(a("getOrRefreshToken",`cacheValid=${r}`),r)return a("getOrRefreshToken",`using cached token, expires=${n.expiresAt}`),n.accessToken;a("getOrRefreshToken",`token expired \u2014 refreshing via auth-engine (tenant=${t.tenant} clientId=${t.clientId})`);let o=await At(t);try{await ht({...o,lastAuthCheckAt:e});}catch(s){a("getOrRefreshToken",`token cache save failed (non-fatal): ${s.message}`);}return a("getOrRefreshToken",`token refreshed, expires=${o.expiresAt}`),o.accessToken}function tn(t,e){let n=e&&e.accessToken?e.accessToken:"";return {endpoint:t.replace(/\/$/,"")+"/flow-langfuse-gateway/v1/traces",authHeader:`Bearer ${n}`}}function en(t,e,n){let r=Buffer.from(`${e}:${n}`).toString("base64");return {endpoint:t.replace(/\/$/,"")+"/api/public/otel/v1/traces",authHeader:`Basic ${r}`}}async function J(){let t=[],e=process.env[g.ANTHROPIC_MODEL]??"",n=jt(process.env[g.ANTHROPIC_AUTH_TOKEN]);a("resolveCredentials",n?"credentials resolved from ANTHROPIC_AUTH_TOKEN":"ANTHROPIC_AUTH_TOKEN absent or invalid"),n&&a("resolveCredentials",`clientId=${n.clientId}`,`tenant=${n.tenant}`);let r=n?n.tenant:"",o=process.env[g.FLOW_TELEMETRY]==="true",s=process.env[g.LANGFUSE_BASE_URL],i=process.env[g.LANGFUSE_PUBLIC_KEY],u=process.env[g.LANGFUSE_SECRET_KEY];if(o&&s&&i&&u){let d="",E=r;if(n)d=await K().catch(()=>null)??n.clientId;let _={user:d??"",tenant:E??"",team:"",project:"",model:e};t.push({mode:"direct",...en(Jt(s),i,u),..._}),a("resolveCredentials","direct mode active",`user=${_.user}`,`tenant=${_.tenant}`);}if(!n){if(t.length===0){let d=[];return d.authError=false,d}return t}let l;try{l=await Qe(n);}catch(d){if(a("resolveCredentials",`token refresh failed: ${d.message}`,`(tenant=${n.tenant} clientId=${n.clientId})`),t.length>0)return t.authError=true,t;let E=[];return E.authError=true,E}let S={user:ze(l)??n.clientId,tenant:r,team:"",project:"",model:e},T=process.env[g.FLOW_TELEMETRY_GATEWAY]??k;return t.push({mode:"gateway",...tn(Jt(T),{accessToken:l}),...S}),t}async function Xt(){return (await J()).length>0}function L(t,e){let n=typeof t=="object"?JSON.stringify(t):String(t??"");return n.length>e?n.slice(0,e)+" \u2026[truncated]":n}function rt(t,e=100){return String(t??"").split(`
4
+ `)[0].slice(0,e).trim()}function Ot(){return new Promise(t=>{let e="";process.stdin.setEncoding("utf8"),process.stdin.on("data",n=>{e+=n;}),process.stdin.on("end",()=>{try{t(JSON.parse(e));}catch{t({});}});})}function O(t){process.stdout.write(JSON.stringify(t));}var kt=()=>crypto.randomBytes(16).toString("hex"),v=()=>crypto.randomBytes(8).toString("hex");function N(){return String(BigInt(Date.now())*1000000n)}var pn=/^[0-9a-f-]{1,64}$/i,dn=F.normalize(fe.tmpdir())+F.sep;function fn(t,e){let n=F.resolve(t);if(!n.startsWith(e))throw new Error(`Path traversal detected: ${t}`);return n}function wt(t){if(!pn.test(t))throw new Error(`Invalid session ID: ${t}`);return fn(F.join(fe.tmpdir(),`flow-obs-${t}.json`),dn)}function D(t){let e=wt(t);if(!R.existsSync(e))return null;try{return JSON.parse(R.readFileSync(e,"utf8"))}catch{return null}}function B(t,e){R.writeFileSync(wt(t),JSON.stringify(e),{encoding:"utf8",mode:384});}function Lt(t){try{R.unlinkSync(wt(t));}catch{}}function ee(t){if(!t||!R.existsSync(t))return null;try{let e=R.readFileSync(t,"utf8").trimEnd().split(`
5
+ `);for(let n=e.length-1;n>=0;n--)try{let r=JSON.parse(e[n]);if(r.type==="user"&&r.uuid)return r.uuid}catch{}}catch{}return null}function It(t){if(!t||!R.existsSync(t))return null;try{let e=R.readFileSync(t,"utf8").trimEnd().split(`
6
6
  `),n=[],r=0,o=0;for(let s=e.length-1;s>=0;s--)try{let i=JSON.parse(e[s]);if(i.type==="user")break;if(i.type==="assistant"){let l=(i.message?.content??[]).filter(S=>S.type==="text").map(S=>S.text??"").join("");l&&n.unshift(l);let p=i.message?.usage??{};r+=(p.input_tokens??0)+(p.cache_read_input_tokens??0)+(p.cache_creation_input_tokens??0),o+=p.output_tokens??0;}}catch{}return !n.length&&r===0?null:{text:n.join(`
7
7
 
8
- `),inputTokens:r,outputTokens:o}}catch{}return null}var _n=new Set([".venv","__pycache__",".git","node_modules"]),Sn=new Set([".pyc",".pyo"]),En=new Set(["SKILL.md",".DS_Store",".gitignore"]);function re(t){return t.replace(":","/")}function st(t,e){if(!t)return null;let n=re(t),r=[$.join(fe.homedir(),".claude","skills",n,"SKILL.md"),$.join(e??"",".claude","skills",n,"SKILL.md")];for(let o of r)if(R.existsSync(o))try{return R.readFileSync(o,"utf8")}catch{}return null}function se(t){return t.split(`
9
- `)[0].match(/^\/([a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?)(?:\s.*)?$/i)?.[1]??null}var Tn=new Set(["Read","Write","Edit","MultiEdit","Bash","Glob","Grep","TodoWrite","WebFetch","WebSearch","Agent","Task"]);function oe(t){return !!t.slashSkill||t.toolCalls.some(r=>r.tool==="Skill")?t.toolCalls.some(r=>r.tool==="Skill"&&!r.synthetic||Tn.has(r.tool))?"complete":"prerequisite_required":null}function ot(t,e){if(!t)return null;let n=re(t),r=[$.join(fe.homedir(),".claude","skills",n),$.join(e??"",".claude","skills",n)],o=null;for(let u of r)if(R.existsSync($.join(u,"SKILL.md"))){o=u;break}if(!o)return null;let s=[];function i(u,l){for(let p of R.readdirSync(u,{withFileTypes:true})){if(_n.has(p.name)||En.has(p.name)||Sn.has($.extname(p.name)))continue;let S=l?`${l}/${p.name}`:p.name;p.isDirectory()?i($.join(u,p.name),S):s.push(S);}}return i(o,""),s.length>0?s:null}async function ie(t){let e=t.session_id||"unknown",n=t.prompt||"",r=t.cwd||"";try{(await K()).authError===!0&&(process.stderr.write(`
10
- \u26A0 flow-ai-obs: Your Flow credentials have expired.
11
- Traces will not be captured until you re-authenticate.
12
- Run: flow-ai-obs auth login
13
-
14
- `),a("UserPromptSubmit","auth expired \u2014 warning emitted to stderr"));}catch{}let o=te(t.transcript_path)||ht(),s=se(n),i=s?st(s,r):null,u=s?ot(s,r):null;B(e,{traceId:ht(),spanId:b(),startNs:N(),sessionId:e,prompt:n,cwd:r,traceName:o,transcriptPath:t.transcript_path||"",model:process.env[g.ANTHROPIC_MODEL]||"",toolCalls:[],spans:[],pendingTool:null,slashSkill:s,skillContent:i,skillArtifacts:u}),a("UserPromptSubmit",`sid=${e}`,`traceName=${o}`,`slashSkill=${s}`),O(t);}async function ae(t){let e=t.session_id||"unknown",n=t.tool_name||"unknown",r=t.tool_input||{},o=F(e);o&&(o.pendingTool={name:n,inputStr:w(r,k.TOOL_INPUT),startNs:N()},B(e,o)),a("PreToolUse",`sid=${e}`,`tool=${n}`,`stateFound=${!!o}`),O(t);}var hn={name:ut.SCOPE_NAME,version:ut.SCOPE_VERSION},m={TRACE_NAME:"langfuse.trace.name",TRACE_INPUT:"langfuse.trace.input",TRACE_OUTPUT:"langfuse.trace.output",TRACE_METADATA:"langfuse.trace.metadata",TRACE_TAGS:"langfuse.trace.tags",USER_ID:"langfuse.user.id",SESSION_ID:"langfuse.session.id",OBS_NAME:"langfuse.observation.name",OBS_INPUT:"langfuse.observation.input",OBS_OUTPUT:"langfuse.observation.output",OBS_LEVEL:"langfuse.observation.level",OBS_TYPE:"langfuse.observation.type",MODEL:"gen_ai.request.model",INPUT_TOKENS:"gen_ai.usage.input_tokens",OUTPUT_TOKENS:"gen_ai.usage.output_tokens"};function c(t,e){return e==null||e===""?null:{key:t,value:{stringValue:String(e)}}}function U(...t){return t.filter(e=>e!==null)}function ce(t,e){return {resourceSpans:[{resource:{attributes:t},scopeSpans:[{scope:hn,spans:Array.isArray(e)?e:[e]}]}]}}var le=$.join(fe.tmpdir(),"flow-obs-requests.ndjson");function ue(t,e,n,r,o){if(process.env[g.FLOW_OBS_DEBUG]!=="1")return;let s=JSON.stringify({ts:new Date().toISOString(),request:{method:"POST",url:t,headers:e,body:JSON.parse(n)},response:{status:r,body:o}});try{R.writeFileSync(le,s+`
15
- `,{flag:"a",encoding:"utf8",mode:384}),a("sendTraces:dump",`request appendada em ${le}`);}catch(i){a("sendTraces:dump",`falha ao salvar: ${i.message}`);}}function Ln(t){let e=new URL(t),n=new URL(Y.GATEWAY_HEALTH);return n.hostname=e.hostname,n.port=e.port,n.protocol=e.protocol,n}function pe(t,e){return new Promise((n,r)=>{let o=t._isSSL?Ve__default.default:Ge__default.default;t.headers=Object.assign({},t.headers,{Connection:"close"});let s=o.request(t,i=>{let u=[];i.on("data",l=>u.push(l)),i.on("end",()=>n({statusCode:i.statusCode??0,body:u.join("")}));});s.setTimeout(1e4,()=>{s.destroy(new Error("Request timeout"));}),s.on("error",i=>r(new Error(`Network error: ${i.message}`))),e&&s.write(e),s.end();})}async function de(t,e){let n;try{n=Ln(t);}catch{return false}let r=n.protocol==="https:";try{let o={};e&&(o.Authorization=String(e).replace(/[\r\n]/g,""));let s=await pe({hostname:n.hostname,port:n.port||(r?443:80),path:n.pathname,method:"GET",headers:o,_isSSL:r},null);return a("checkHealth",`url=${n.href} status=${s.statusCode}`),s.statusCode>=200&&s.statusCode<300}catch{return false}}async function it(t,e,n){let r=JSON.stringify(t),o=new URL(e),s=o.protocol==="https:",i=String(n).replace(/[\r\n]/g,""),u={"Content-Type":"application/json",Authorization:i,"Content-Length":Buffer.byteLength(r)};a("sendTraces:request",`POST ${e}`),a("sendTraces:request",`headers=${JSON.stringify({...u,Authorization:i.slice(0,20)+"\u2026"})}`),a("sendTraces:request",`body=${r.slice(0,500)}${r.length>500?"\u2026":""}`);try{let l=await pe({hostname:o.hostname,port:o.port||(s?443:80),path:o.pathname,method:"POST",headers:u,_isSSL:s},r);return a("sendTraces:response",`status=${l.statusCode}`),ue(e,u,r,l.statusCode,l.body),l.statusCode}catch(l){return a("sendTraces:error",l.message),ue(e,u,r,0,l.message),0}}function In(){let t=parseInt(process.env[g.BUFFER_TTL_DAYS]??"",10);return (Number.isFinite(t)?Math.max(A.MIN_TTL_DAYS,Math.min(A.MAX_TTL_DAYS,t)):A.DEFAULT_TTL_DAYS)*24*60*60*1e3}function Nn(){let t=parseInt(process.env[g.BUFFER_MAX_FILES]??"",10);return Number.isFinite(t)?Math.max(A.MIN_MAX_FILES,Math.min(A.MAX_MAX_FILES,t)):A.DEFAULT_MAX_FILES}function me(t){if(/[/\\]/.test(t))throw new Error(`Invalid buffer fileId: ${t}`);return $__default.default.join(fe__default.default.tmpdir(),`${A.FILE_PREFIX}${t}.json`)}function wt(){let t=fe__default.default.tmpdir(),e;try{e=R__default.default.readdirSync(t);}catch{return []}return e.filter(n=>n.startsWith(A.FILE_PREFIX)&&n.endsWith(".json")).map(n=>{let r=$__default.default.join(t,n),o=0;try{o=R__default.default.statSync(r).mtimeMs;}catch{}return {full:r,mtime:o}}).sort((n,r)=>n.mtime-r.mtime).map(n=>n.full)}function j(t){try{let e=Nn(),n=wt();if(n.length>=e){let s=n.slice(0,n.length-e+1);for(let i of s)try{R__default.default.unlinkSync(i);}catch{}}let r=`${Date.now()}-${Math.random().toString(36).slice(2,8)}`,o={fileId:r,bufferedAt:Date.now(),payload:t};return R__default.default.writeFileSync(me(r),JSON.stringify(o),{encoding:"utf8",mode:384}),a("buffer",`saved fileId=${r}`),r}catch(e){return a("buffer",`saveToBuffer failed: ${e.message}`),null}}function ge(t){let e=wt(),n=t,r=[];for(let o of e){if(r.length>=n)break;try{let s=R__default.default.readFileSync(o,"utf8"),i=JSON.parse(s);i&&i.fileId&&i.payload&&r.push(i);}catch{a("buffer",`skipping malformed file: ${o}`);}}return r}function _e(t){try{R__default.default.unlinkSync(me(t)),a("buffer",`deleted fileId=${t}`);}catch{}}function Se(){let t=Date.now()-In();for(let e of wt())try{let{mtimeMs:n}=R__default.default.statSync(e);n<t&&(R__default.default.unlinkSync(e),a("buffer",`evicted stale: ${$__default.default.basename(e)}`));}catch{}}async function Rn(t){Se();let e=ge(A.REPLAY_BATCH_SIZE);e.length&&(a("replayBufferedTraces",`replaying ${e.length} buffered trace(s)`),await Promise.allSettled(e.map(async n=>{try{let r=await it(n.payload,t.endpoint,t.authHeader);r>=200&&r<300?(_e(n.fileId),a("replayBufferedTraces",`replayed fileId=${n.fileId} status=${r}`)):a("replayBufferedTraces",`replay failed fileId=${n.fileId} status=${r}`);}catch(r){a("replayBufferedTraces",`replay error fileId=${n.fileId}: ${r.message}`);}})));}async function Ee(t){let e=await K();if(!e.length)return e.authError&&(a("postToLangfuse","auth refresh failed \u2014 buffering trace"),j(t)),0;let n=await Promise.all(e.map(async s=>{if(s.mode!=="gateway")return {creds:s,healthy:true};let i=await de(s.endpoint,s.authHeader);return {creds:s,healthy:i}})),r=n.find(s=>s.creds.mode==="gateway"&&s.healthy)?.creds??n.find(s=>s.creds.mode==="direct")?.creds;return r&&await Rn(r),(await Promise.all(n.map(async({creds:s,healthy:i})=>{if(s.mode==="gateway"){if(!i)return a("postToLangfuse","gateway health check failed \u2014 buffering trace"),j(t),0;let l=await it(t,s.endpoint,s.authHeader);return (l===0||l>=500)&&(a("postToLangfuse",`gateway send failed (status ${l}) \u2014 buffering trace`),j(t)),l}let u=await it(t,s.endpoint,s.authHeader);return (u===0||u>=500)&&(a("postToLangfuse",`direct endpoint unavailable (status ${u}) \u2014 buffering trace`),j(t)),u}))).find(s=>s!==0)??0}var y="[REDACTED]",Pn=[{re:/\b(sk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`sk-${y}`},{re:/\b(pk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`pk-${y}`},{re:/\b(Bearer\s+)[A-Za-z0-9\-._~+/]+=*/gi,replace:(t,e)=>`${e}${y}`},{re:/\b(Basic\s+)[A-Za-z0-9+/]+=*/gi,replace:(t,e)=>`${e}${y}`},{re:/(-----BEGIN [A-Z ]+-----)[^-]*(-----END [A-Z ]+-----)/g,replace:(t,e,n)=>`${e}
8
+ `),inputTokens:r,outputTokens:o}}catch{}return null}var Sn=new Set([".venv","__pycache__",".git","node_modules"]),En=new Set([".pyc",".pyo"]),Tn=new Set(["SKILL.md",".DS_Store",".gitignore"]);function se(t){return t.replace(":","/")}function st(t,e){if(!t)return null;let n=se(t),r=[F.join(fe.homedir(),".claude","skills",n,"SKILL.md"),F.join(e??"",".claude","skills",n,"SKILL.md")];for(let o of r)if(R.existsSync(o))try{return R.readFileSync(o,"utf8")}catch{}return null}function oe(t){return t.split(`
9
+ `)[0].match(/^\/([a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?)(?:\s.*)?$/i)?.[1]??null}var hn=new Set(["Read","Write","Edit","MultiEdit","Bash","Glob","Grep","TodoWrite","WebFetch","WebSearch","Agent","Task"]);function ie(t){return !!t.slashSkill||t.toolCalls.some(r=>r.tool==="Skill")?t.toolCalls.some(r=>r.tool==="Skill"&&!r.synthetic||hn.has(r.tool))?"complete":"prerequisite_required":null}function ot(t,e){if(!t)return null;let n=se(t),r=[F.join(fe.homedir(),".claude","skills",n),F.join(e??"",".claude","skills",n)],o=null;for(let u of r)if(R.existsSync(F.join(u,"SKILL.md"))){o=u;break}if(!o)return null;let s=[];function i(u,l){for(let p of R.readdirSync(u,{withFileTypes:true})){if(Sn.has(p.name)||Tn.has(p.name)||En.has(F.extname(p.name)))continue;let S=l?`${l}/${p.name}`:p.name;p.isDirectory()?i(F.join(u,p.name),S):s.push(S);}}return i(o,""),s.length>0?s:null}var yn=`\u26D4 Your Flow API key has expired. You no longer have access to Claude Code through the Flow platform. To restore observability and access, visit ${k}/settings/api-keys to generate a new API key, then run: flow-ai-obs auth login`;async function Nt(t,e=false){if(e){process.stdout.write(JSON.stringify({decision:"block",reason:yn})+`
10
+ `);return}let n=t.session_id||"unknown",r=t.prompt||"",o=t.cwd||"",s=ee(t.transcript_path)||kt(),i=oe(r),u=i?st(i,o):null,l=i?ot(i,o):null;B(n,{traceId:kt(),spanId:v(),startNs:N(),sessionId:n,prompt:r,cwd:o,traceName:s,transcriptPath:t.transcript_path||"",model:process.env[g.ANTHROPIC_MODEL]||"",toolCalls:[],spans:[],pendingTool:null,slashSkill:i,skillContent:u,skillArtifacts:l}),a("UserPromptSubmit",`sid=${n}`,`traceName=${s}`,`slashSkill=${i}`),O(t);}async function ae(t){let e=t.session_id||"unknown",n=t.tool_name||"unknown",r=t.tool_input||{},o=D(e);o&&(o.pendingTool={name:n,inputStr:L(r,w.TOOL_INPUT),startNs:N()},B(e,o)),a("PreToolUse",`sid=${e}`,`tool=${n}`,`stateFound=${!!o}`),O(t);}var An={name:ut.SCOPE_NAME,version:ut.SCOPE_VERSION},m={TRACE_NAME:"langfuse.trace.name",TRACE_INPUT:"langfuse.trace.input",TRACE_OUTPUT:"langfuse.trace.output",TRACE_METADATA:"langfuse.trace.metadata",TRACE_TAGS:"langfuse.trace.tags",USER_ID:"langfuse.user.id",SESSION_ID:"langfuse.session.id",OBS_NAME:"langfuse.observation.name",OBS_INPUT:"langfuse.observation.input",OBS_OUTPUT:"langfuse.observation.output",OBS_LEVEL:"langfuse.observation.level",OBS_TYPE:"langfuse.observation.type",MODEL:"gen_ai.request.model",INPUT_TOKENS:"gen_ai.usage.input_tokens",OUTPUT_TOKENS:"gen_ai.usage.output_tokens"};function c(t,e){return e==null||e===""?null:{key:t,value:{stringValue:String(e)}}}function U(...t){return t.filter(e=>e!==null)}function ce(t,e){return {resourceSpans:[{resource:{attributes:t},scopeSpans:[{scope:An,spans:Array.isArray(e)?e:[e]}]}]}}var le=F.join(fe.tmpdir(),"flow-obs-requests.ndjson");function ue(t,e,n,r,o){if(process.env[g.FLOW_OBS_DEBUG]!=="1")return;let s=JSON.stringify({ts:new Date().toISOString(),request:{method:"POST",url:t,headers:e,body:JSON.parse(n)},response:{status:r,body:o}});try{R.writeFileSync(le,s+`
11
+ `,{flag:"a",encoding:"utf8",mode:384}),a("sendTraces:dump",`request appendada em ${le}`);}catch(i){a("sendTraces:dump",`falha ao salvar: ${i.message}`);}}function Nn(t){let e=new URL(t),n=new URL(W.GATEWAY_HEALTH);return n.hostname=e.hostname,n.port=e.port,n.protocol=e.protocol,n}function pe(t,e){return new Promise((n,r)=>{let o=t._isSSL?Ve__default.default:Ge__default.default;t.headers=Object.assign({},t.headers,{Connection:"close"});let s=o.request(t,i=>{let u=[];i.on("data",l=>u.push(l)),i.on("end",()=>n({statusCode:i.statusCode??0,body:u.join("")}));});s.setTimeout(1e4,()=>{s.destroy(new Error("Request timeout"));}),s.on("error",i=>r(new Error(`Network error: ${i.message}`))),e&&s.write(e),s.end();})}async function de(t,e){let n;try{n=Nn(t);}catch{return false}let r=n.protocol==="https:";try{let o={};e&&(o.Authorization=String(e).replace(/[\r\n]/g,""));let s=await pe({hostname:n.hostname,port:n.port||(r?443:80),path:n.pathname,method:"GET",headers:o,_isSSL:r},null);return a("checkHealth",`url=${n.href} status=${s.statusCode}`),s.statusCode>=200&&s.statusCode<300}catch{return false}}async function it(t,e,n){let r=JSON.stringify(t),o=new URL(e),s=o.protocol==="https:",i=String(n).replace(/[\r\n]/g,""),u={"Content-Type":"application/json",Authorization:i,"Content-Length":Buffer.byteLength(r)};a("sendTraces:request",`POST ${e}`),a("sendTraces:request",`headers=${JSON.stringify({...u,Authorization:i.slice(0,20)+"\u2026"})}`),a("sendTraces:request",`body=${r.slice(0,500)}${r.length>500?"\u2026":""}`);try{let l=await pe({hostname:o.hostname,port:o.port||(s?443:80),path:o.pathname,method:"POST",headers:u,_isSSL:s},r);return a("sendTraces:response",`status=${l.statusCode}`),ue(e,u,r,l.statusCode,l.body),l.statusCode}catch(l){return a("sendTraces:error",l.message),ue(e,u,r,0,l.message),0}}function Rn(){let t=parseInt(process.env[g.BUFFER_TTL_DAYS]??"",10);return (Number.isFinite(t)?Math.max(A.MIN_TTL_DAYS,Math.min(A.MAX_TTL_DAYS,t)):A.DEFAULT_TTL_DAYS)*24*60*60*1e3}function Pn(){let t=parseInt(process.env[g.BUFFER_MAX_FILES]??"",10);return Number.isFinite(t)?Math.max(A.MIN_MAX_FILES,Math.min(A.MAX_MAX_FILES,t)):A.DEFAULT_MAX_FILES}function me(t){if(/[/\\]/.test(t))throw new Error(`Invalid buffer fileId: ${t}`);return F__default.default.join(fe__default.default.tmpdir(),`${A.FILE_PREFIX}${t}.json`)}function Pt(){let t=fe__default.default.tmpdir(),e;try{e=R__default.default.readdirSync(t);}catch{return []}return e.filter(n=>n.startsWith(A.FILE_PREFIX)&&n.endsWith(".json")).map(n=>{let r=F__default.default.join(t,n),o=0;try{o=R__default.default.statSync(r).mtimeMs;}catch{}return {full:r,mtime:o}}).sort((n,r)=>n.mtime-r.mtime).map(n=>n.full)}function j(t){try{let e=Pn(),n=Pt();if(n.length>=e){let s=n.slice(0,n.length-e+1);for(let i of s)try{R__default.default.unlinkSync(i);}catch{}}let r=`${Date.now()}-${Math.random().toString(36).slice(2,8)}`,o={fileId:r,bufferedAt:Date.now(),payload:t};return R__default.default.writeFileSync(me(r),JSON.stringify(o),{encoding:"utf8",mode:384}),a("buffer",`saved fileId=${r}`),r}catch(e){return a("buffer",`saveToBuffer failed: ${e.message}`),null}}function ge(t){let e=Pt(),n=t,r=[];for(let o of e){if(r.length>=n)break;try{let s=R__default.default.readFileSync(o,"utf8"),i=JSON.parse(s);i&&i.fileId&&i.payload&&r.push(i);}catch{a("buffer",`skipping malformed file: ${o}`);}}return r}function _e(t){try{R__default.default.unlinkSync(me(t)),a("buffer",`deleted fileId=${t}`);}catch{}}function Se(){let t=Date.now()-Rn();for(let e of Pt())try{let{mtimeMs:n}=R__default.default.statSync(e);n<t&&(R__default.default.unlinkSync(e),a("buffer",`evicted stale: ${F__default.default.basename(e)}`));}catch{}}async function bn(t){Se();let e=ge(A.REPLAY_BATCH_SIZE);e.length&&(a("replayBufferedTraces",`replaying ${e.length} buffered trace(s)`),await Promise.allSettled(e.map(async n=>{try{let r=await it(n.payload,t.endpoint,t.authHeader);r>=200&&r<300?(_e(n.fileId),a("replayBufferedTraces",`replayed fileId=${n.fileId} status=${r}`)):a("replayBufferedTraces",`replay failed fileId=${n.fileId} status=${r}`);}catch(r){a("replayBufferedTraces",`replay error fileId=${n.fileId}: ${r.message}`);}})));}async function Ee(t){let e=await J();if(!e.length)return e.authError&&(a("postToLangfuse","auth refresh failed \u2014 buffering trace"),j(t)),0;let n=await Promise.all(e.map(async s=>{if(s.mode!=="gateway")return {creds:s,healthy:true};let i=await de(s.endpoint,s.authHeader);return {creds:s,healthy:i}})),r=n.find(s=>s.creds.mode==="gateway"&&s.healthy)?.creds??n.find(s=>s.creds.mode==="direct")?.creds;return r&&await bn(r),(await Promise.all(n.map(async({creds:s,healthy:i})=>{if(s.mode==="gateway"){if(!i)return a("postToLangfuse","gateway health check failed \u2014 buffering trace"),j(t),0;let l=await it(t,s.endpoint,s.authHeader);return (l===0||l>=500)&&(a("postToLangfuse",`gateway send failed (status ${l}) \u2014 buffering trace`),j(t)),l}let u=await it(t,s.endpoint,s.authHeader);return (u===0||u>=500)&&(a("postToLangfuse",`direct endpoint unavailable (status ${u}) \u2014 buffering trace`),j(t)),u}))).find(s=>s!==0)??0}var y="[REDACTED]",vn=[{re:/\b(sk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`sk-${y}`},{re:/\b(pk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`pk-${y}`},{re:/\b(Bearer\s+)[A-Za-z0-9\-._~+/]+=*/gi,replace:(t,e)=>`${e}${y}`},{re:/\b(Basic\s+)[A-Za-z0-9+/]+=*/gi,replace:(t,e)=>`${e}${y}`},{re:/(-----BEGIN [A-Z ]+-----)[^-]*(-----END [A-Z ]+-----)/g,replace:(t,e,n)=>`${e}
16
12
  ${y}
17
- ${n}`},{re:/\b(AKIA[0-9A-Z]{16})\b/g,replace:()=>`AKIA${y}`},{re:/(aws_secret_access_key\s*[=:]\s*)([A-Za-z0-9/+]{40})/gi,replace:(t,e)=>`${e}${y}`},{re:/\b(ghp_[A-Za-z0-9]{36,})/g,replace:()=>`ghp_${y}`},{re:/\b(github_pat_[A-Za-z0-9_]{36,})/gi,replace:()=>`github_pat_${y}`},{re:/\b(eyJ[A-Za-z0-9_\-]+\.eyJ[A-Za-z0-9_\-]+\.[A-Za-z0-9_\-]+)/g,replace:()=>`eyJ.${y}`},{re:/\b([A-Z0-9_]*(?:SECRET|TOKEN|KEY|PASSWORD|PASSWD|PWD|CREDENTIAL|API)[A-Z0-9_]*\s*=\s*)(['"]?)([^\s'"#\n]+)\2/gi,replace:(t,e,n)=>`${e}${n}${y}${n}`},{re:/([a-z][a-z0-9+\-.]*:\/\/[^:/?#\s]*):([^@\s]+)@/gi,replace:(t,e)=>`${e}:${y}@`}];function M(t){if(t==null)return "";let e=typeof t=="string"?t:JSON.stringify(t);return Pn.reduce((n,{re:r,replace:o})=>n.replace(r,o),e)}async function Te(t){let e=t.session_id||"unknown",n=t.tool_name||"unknown",r=t.tool_input||{},o=t.tool_response||"",s=F(e);if(!s){O(t);return}let i=N(),u=s.pendingTool,l=u?.name===n,p=l?u.startNs:String(BigInt(i)-200000000n),S=l?u.inputStr:w(r,k.TOOL_INPUT),T=S,d=null;if(n==="Skill"){let H=typeof r=="object"&&r!==null?r.skill||r.name||r.skillName||r.commandName||String(Object.values(r)[0]??""):String(r);d=H?String(H).trim():null;let C=d?st(d,s.cwd):null;C&&(T=C,s.skillContent||(s.skillContent=C),s.skillArtifacts||(s.skillArtifacts=ot(d,s.cwd))),d&&!s.slashSkill&&(s.slashSkill=d),a("PostToolUse","Skill tool detected",`skillName=${d}`,`contentFound=${!!C}`);}let E=M(w(o,k.TOOL_OUTPUT)),_=/\b(error|exception|failed|failure|traceback|errno)\b/i.test(E.slice(0,500)),h=_?"ERROR":"DEFAULT",J=b(),v=Math.round(Number(BigInt(i)-BigInt(p))/1e6),x={Agent:"AGENT",Task:"AGENT"}[n]??"TOOL",at=n==="Skill"&&d?d:rt(S,60);s.toolCalls.push({tool:n,brief:at,error:_,durationMs:v});let L=s.spans;L.push({traceId:s.traceId,spanId:J,parentSpanId:s.spanId,name:n,kind:3,startTimeUnixNano:p,endTimeUnixNano:i,attributes:U(c(m.OBS_NAME,n),c(m.OBS_TYPE,x),c(m.OBS_LEVEL,h),c(m.OBS_INPUT,M(T)),c(m.OBS_OUTPUT,E),c("tool.name",n),c("tool.error",String(_)),n==="Skill"&&d?c("skill.name",d):null,n==="Skill"?c("skill.invocation","slash-command"):null),status:{code:_?2:1}}),s.pendingTool=null,B(e,s),a("PostToolUse",`sid=${e}`,`tool=${n}`,`error=${_}`,`durationMs=${v}`,`totalSpans=${L.length}`),O(t);}var he={"claude-opus-4-6":{input:15,output:75},"claude-opus-4-5":{input:15,output:75},"claude-sonnet-4-6":{input:3,output:15},"claude-sonnet-4-5":{input:3,output:15},"claude-haiku-4-5":{input:.8,output:4},"claude-4-6-opus":{input:15,output:75},"claude-4-6-sonnet":{input:3,output:15},"claude-4-5-opus":{input:15,output:75},"claude-4-5-sonnet":{input:3,output:15},"claude-4-5-haiku":{input:.8,output:4},"claude-3-5-sonnet-20241022":{input:3,output:15},"claude-3-5-haiku-20241022":{input:.8,output:4},"claude-3-opus-20240229":{input:15,output:75}};function ye(t,e,n){let r=Object.keys(he).find(i=>(t??"").toLowerCase().includes(i));if(!r)return;let o=he[r],s=(e*o.input+n*o.output)/1e6;return Math.round(s*1e6)/1e6}async function Ae(t){let e=t.session_id||"unknown",n=t.stop_reason||"end_turn",r=F(e);if(!r){O(t);return}r.slashSkill&&!/^[a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?$/i.test(r.slashSkill)&&(a("Stop",`sid=${e}`,`slashSkill rejected post-disk: "${r.slashSkill}"`),r.slashSkill=null);let o=N(),s=await jt(),i=r.toolCalls,u=r.spans;if(r.slashSkill&&!i.some(f=>f.tool==="Skill")){let f=b(),P=r.skillContent?r.skillContent:JSON.stringify({skill:r.slashSkill});i.push({tool:"Skill",brief:r.slashSkill,error:false,durationMs:0,synthetic:true}),u.push({traceId:r.traceId,spanId:f,parentSpanId:r.spanId,name:"Skill",kind:3,startTimeUnixNano:r.startNs,endTimeUnixNano:r.startNs,attributes:U(c(m.OBS_NAME,"Skill"),c(m.OBS_TYPE,"TOOL"),c(m.OBS_LEVEL,"DEFAULT"),c(m.OBS_INPUT,P),c(m.OBS_OUTPUT,"loaded via slash command"),c("tool.name","Skill"),c("tool.error","false"),c("skill.name",r.slashSkill),c("skill.invocation","slash-command")),status:{code:1}}),a("Stop",`slashSkill=${r.slashSkill}`,"synthetic span injected");}let l=t.transcript_path||r.transcriptPath||"",p=Ot(l);if(l&&(i.some(f=>f.tool==="Skill"&&!f.synthetic)||!!r.slashSkill)&&!p?.text){await new Promise(P=>setTimeout(P,500));let f=Ot(l);f?.text&&(p=f);}a("Stop",`transcriptPath=${l||"(empty)"}`,`assistantOut=${p?`text=${p.text.length}chars`:"null"}`);let T=i.length,d=i.filter(f=>f.error).length,E=M(p?.text?w(p.text,k.TRACE_OUTPUT):T===0?"No tools used":i.map((f,P)=>`${P+1}. ${f.tool}${f.brief?` \u2192 ${f.brief}`:""}${f.error?" [ERROR]":""}`).join(`
18
- `)),_=p?.inputTokens??0,h=p?.outputTokens??0,J=i.map((f,P)=>`${P+1}. ${f.tool}${f.brief?` \u2192 ${f.brief}`:""}${f.error?" [ERROR]":""} (${f.durationMs}ms)`),v=!!(r.slashSkill||i.some(f=>f.tool==="Skill")),Lt=i.some(f=>f.tool==="Agent");if(!v&&!Lt){a("Stop",`sid=${e}`,"skipping trace \u2014 no Skill or Agent calls found"),At(e),O(t);return}let x=v?"skill":"agent",at=Math.round(Number(BigInt(o)-BigInt(r.startNs))/1e6),It=ye(r.model,_,h),L=oe(r);L==="prerequisite_required"&&p?.text&&(L="complete"),L==="prerequisite_required"&&(u.push({traceId:r.traceId,spanId:b(),parentSpanId:r.spanId,name:"prerequisite-check",kind:3,startTimeUnixNano:r.startNs,endTimeUnixNano:o,attributes:U(c(m.OBS_NAME,"prerequisite-check"),c(m.OBS_TYPE,"EVENT"),c(m.OBS_LEVEL,"WARNING"),c(m.OBS_OUTPUT,E),c("skill.name",r.slashSkill||void 0),c("execution_status","prerequisite_required")),status:{code:1}}),a("Stop",`sid=${e}`,"prerequisite-check span injected",`skill=${r.slashSkill}`));let H=(()=>{if(!(!v||!r.prompt)){if(r.slashSkill){let f=r.prompt.replace(new RegExp(`^\\/${r.slashSkill}\\s*`,"i"),"").trim();return f?w(f,k.USER_INSTRUCTION):void 0}return w(r.prompt,k.USER_INSTRUCTION)||void 0}})(),C=JSON.stringify({trace_type:x,...L!==null&&{execution_status:L},...r.slashSkill?{skill_name:r.slashSkill}:{},...r.skillArtifacts?.length&&{skill_artifacts:r.skillArtifacts},...H!==void 0&&{user_instruction:H},latency_ms:at,..._&&{tokens_input:_},...h&&{tokens_output:h},cost_usd:It,...r.model?{model:r.model}:{},toolCount:T,errorCount:d,stopReason:n,sessionId:r.sessionId,tools:J.length?J:void 0}),Nt=M(w(r.prompt,k.TRACE_INPUT)),Oe=U(c(m.TRACE_NAME,r.traceName),c(m.TRACE_INPUT,Nt),c(m.TRACE_OUTPUT,E),c(m.OBS_INPUT,Nt),c(m.OBS_OUTPUT,E),c(m.TRACE_METADATA,C),c(m.SESSION_ID,r.sessionId),c(m.USER_ID,s.user),c(m.OBS_TYPE,"GENERATION"),c(m.MODEL,r.model),_?c(m.INPUT_TOKENS,_):null,h?c(m.OUTPUT_TOKENS,h):null,c("claude.stop_reason",n),c("claude.tool_count",String(T)),c("claude.error_count",String(d)),c("claude.session_id",r.sessionId),c("flow.trace_type",x),{key:m.TRACE_TAGS,value:{arrayValue:{values:[{stringValue:x}]}}}),ke={traceId:r.traceId,spanId:r.spanId,name:r.traceName,kind:1,startTimeUnixNano:r.startNs,endTimeUnixNano:o,attributes:Oe,status:{code:d>0?2:1}},we=U(c("service.name",process.env.LANGFUSE_PROJECT_NAME||"claude-code"),c("deployment.environment",process.env.LANGFUSE_ENVIRONMENT||"default")),Rt=[...u,ke];a("Stop",`sid=${e}`,`totalTools=${T}`,`errorTools=${d}`,`spans=${Rt.length}`,`inputTokens=${_}`,`outputTokens=${h}`,`traceOutput="${rt(E,80)}"`);let Le=await Ee(ce(we,Rt));a("Stop",`POST status=${Le}`,`traceId=${r.traceId}`),At(e),O(t);}async function bn(){let t=process.argv[2];if(!await Jt()){let n=[];process.stdin.on("data",r=>n.push(r)),process.stdin.on("end",()=>process.stdout.write(n.join("")));return}let e=await qt();switch(t){case "UserPromptSubmit":await ie(e);break;case "PreToolUse":await ae(e);break;case "PostToolUse":await Te(e);break;case "Stop":await Ae(e);break;default:process.stderr.write(`[flow-obs] unknown event: ${t}
19
- `),process.stdout.write(JSON.stringify(e));}}bn().catch(t=>{process.stderr.write(`[flow-obs] fatal: ${t.message}
13
+ ${n}`},{re:/\b(AKIA[0-9A-Z]{16})\b/g,replace:()=>`AKIA${y}`},{re:/(aws_secret_access_key\s*[=:]\s*)([A-Za-z0-9/+]{40})/gi,replace:(t,e)=>`${e}${y}`},{re:/\b(ghp_[A-Za-z0-9]{36,})/g,replace:()=>`ghp_${y}`},{re:/\b(github_pat_[A-Za-z0-9_]{36,})/gi,replace:()=>`github_pat_${y}`},{re:/\b(eyJ[A-Za-z0-9_\-]+\.eyJ[A-Za-z0-9_\-]+\.[A-Za-z0-9_\-]+)/g,replace:()=>`eyJ.${y}`},{re:/\b([A-Z0-9_]*(?:SECRET|TOKEN|KEY|PASSWORD|PASSWD|PWD|CREDENTIAL|API)[A-Z0-9_]*\s*=\s*)(['"]?)([^\s'"#\n]+)\2/gi,replace:(t,e,n)=>`${e}${n}${y}${n}`},{re:/([a-z][a-z0-9+\-.]*:\/\/[^:/?#\s]*):([^@\s]+)@/gi,replace:(t,e)=>`${e}:${y}@`}];function M(t){if(t==null)return "";let e=typeof t=="string"?t:JSON.stringify(t);return vn.reduce((n,{re:r,replace:o})=>n.replace(r,o),e)}async function Te(t){let e=t.session_id||"unknown",n=t.tool_name||"unknown",r=t.tool_input||{},o=t.tool_response||"",s=D(e);if(!s){O(t);return}let i=N(),u=s.pendingTool,l=u?.name===n,p=l?u.startNs:String(BigInt(i)-200000000n),S=l?u.inputStr:L(r,w.TOOL_INPUT),T=S,d=null;if(n==="Skill"){let H=typeof r=="object"&&r!==null?r.skill||r.name||r.skillName||r.commandName||String(Object.values(r)[0]??""):String(r);d=H?String(H).trim():null;let $=d?st(d,s.cwd):null;$&&(T=$,s.skillContent||(s.skillContent=$),s.skillArtifacts||(s.skillArtifacts=ot(d,s.cwd))),d&&!s.slashSkill&&(s.slashSkill=d),a("PostToolUse","Skill tool detected",`skillName=${d}`,`contentFound=${!!$}`);}let E=M(L(o,w.TOOL_OUTPUT)),_=/\b(error|exception|failed|failure|traceback|errno)\b/i.test(E.slice(0,500)),h=_?"ERROR":"DEFAULT",q=v(),C=Math.round(Number(BigInt(i)-BigInt(p))/1e6),Y={Agent:"AGENT",Task:"AGENT"}[n]??"TOOL",at=n==="Skill"&&d?d:rt(S,60);s.toolCalls.push({tool:n,brief:at,error:_,durationMs:C});let I=s.spans;I.push({traceId:s.traceId,spanId:q,parentSpanId:s.spanId,name:n,kind:3,startTimeUnixNano:p,endTimeUnixNano:i,attributes:U(c(m.OBS_NAME,n),c(m.OBS_TYPE,Y),c(m.OBS_LEVEL,h),c(m.OBS_INPUT,M(T)),c(m.OBS_OUTPUT,E),c("tool.name",n),c("tool.error",String(_)),n==="Skill"&&d?c("skill.name",d):null,n==="Skill"?c("skill.invocation","slash-command"):null),status:{code:_?2:1}}),s.pendingTool=null,B(e,s),a("PostToolUse",`sid=${e}`,`tool=${n}`,`error=${_}`,`durationMs=${C}`,`totalSpans=${I.length}`),O(t);}var he={"claude-opus-4-6":{input:15,output:75},"claude-opus-4-5":{input:15,output:75},"claude-sonnet-4-6":{input:3,output:15},"claude-sonnet-4-5":{input:3,output:15},"claude-haiku-4-5":{input:.8,output:4},"claude-4-6-opus":{input:15,output:75},"claude-4-6-sonnet":{input:3,output:15},"claude-4-5-opus":{input:15,output:75},"claude-4-5-sonnet":{input:3,output:15},"claude-4-5-haiku":{input:.8,output:4},"claude-3-5-sonnet-20241022":{input:3,output:15},"claude-3-5-haiku-20241022":{input:.8,output:4},"claude-3-opus-20240229":{input:15,output:75}};function ye(t,e,n){let r=Object.keys(he).find(i=>(t??"").toLowerCase().includes(i));if(!r)return;let o=he[r],s=(e*o.input+n*o.output)/1e6;return Math.round(s*1e6)/1e6}async function Ae(t){let e=t.session_id||"unknown",n=t.stop_reason||"end_turn",r=D(e);if(!r){O(t);return}r.slashSkill&&!/^[a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?$/i.test(r.slashSkill)&&(a("Stop",`sid=${e}`,`slashSkill rejected post-disk: "${r.slashSkill}"`),r.slashSkill=null);let o=N(),s=await qt(),i=r.toolCalls,u=r.spans;if(r.slashSkill&&!i.some(f=>f.tool==="Skill")){let f=v(),P=r.skillContent?r.skillContent:JSON.stringify({skill:r.slashSkill});i.push({tool:"Skill",brief:r.slashSkill,error:false,durationMs:0,synthetic:true}),u.push({traceId:r.traceId,spanId:f,parentSpanId:r.spanId,name:"Skill",kind:3,startTimeUnixNano:r.startNs,endTimeUnixNano:r.startNs,attributes:U(c(m.OBS_NAME,"Skill"),c(m.OBS_TYPE,"TOOL"),c(m.OBS_LEVEL,"DEFAULT"),c(m.OBS_INPUT,P),c(m.OBS_OUTPUT,"loaded via slash command"),c("tool.name","Skill"),c("tool.error","false"),c("skill.name",r.slashSkill),c("skill.invocation","slash-command")),status:{code:1}}),a("Stop",`slashSkill=${r.slashSkill}`,"synthetic span injected");}let l=t.transcript_path||r.transcriptPath||"",p=It(l);if(l&&(i.some(f=>f.tool==="Skill"&&!f.synthetic)||!!r.slashSkill)&&!p?.text){await new Promise(P=>setTimeout(P,500));let f=It(l);f?.text&&(p=f);}a("Stop",`transcriptPath=${l||"(empty)"}`,`assistantOut=${p?`text=${p.text.length}chars`:"null"}`);let T=i.length,d=i.filter(f=>f.error).length,E=M(p?.text?L(p.text,w.TRACE_OUTPUT):T===0?"No tools used":i.map((f,P)=>`${P+1}. ${f.tool}${f.brief?` \u2192 ${f.brief}`:""}${f.error?" [ERROR]":""}`).join(`
14
+ `)),_=p?.inputTokens??0,h=p?.outputTokens??0,q=i.map((f,P)=>`${P+1}. ${f.tool}${f.brief?` \u2192 ${f.brief}`:""}${f.error?" [ERROR]":""} (${f.durationMs}ms)`),C=!!(r.slashSkill||i.some(f=>f.tool==="Skill")),bt=i.some(f=>f.tool==="Agent");if(!C&&!bt){a("Stop",`sid=${e}`,"skipping trace \u2014 no Skill or Agent calls found"),Lt(e),O(t);return}let Y=C?"skill":"agent",at=Math.round(Number(BigInt(o)-BigInt(r.startNs))/1e6),vt=ye(r.model,_,h),I=ie(r);I==="prerequisite_required"&&p?.text&&(I="complete"),I==="prerequisite_required"&&(u.push({traceId:r.traceId,spanId:v(),parentSpanId:r.spanId,name:"prerequisite-check",kind:3,startTimeUnixNano:r.startNs,endTimeUnixNano:o,attributes:U(c(m.OBS_NAME,"prerequisite-check"),c(m.OBS_TYPE,"EVENT"),c(m.OBS_LEVEL,"WARNING"),c(m.OBS_OUTPUT,E),c("skill.name",r.slashSkill||void 0),c("execution_status","prerequisite_required")),status:{code:1}}),a("Stop",`sid=${e}`,"prerequisite-check span injected",`skill=${r.slashSkill}`));let H=(()=>{if(!(!C||!r.prompt)){if(r.slashSkill){let f=r.prompt.replace(new RegExp(`^\\/${r.slashSkill}\\s*`,"i"),"").trim();return f?L(f,w.USER_INSTRUCTION):void 0}return L(r.prompt,w.USER_INSTRUCTION)||void 0}})(),$=JSON.stringify({trace_type:Y,...I!==null&&{execution_status:I},...r.slashSkill?{skill_name:r.slashSkill}:{},...r.skillArtifacts?.length&&{skill_artifacts:r.skillArtifacts},...H!==void 0&&{user_instruction:H},latency_ms:at,..._&&{tokens_input:_},...h&&{tokens_output:h},cost_usd:vt,...r.model?{model:r.model}:{},toolCount:T,errorCount:d,stopReason:n,sessionId:r.sessionId,tools:q.length?q:void 0}),Ut=M(L(r.prompt,w.TRACE_INPUT)),Oe=U(c(m.TRACE_NAME,r.traceName),c(m.TRACE_INPUT,Ut),c(m.TRACE_OUTPUT,E),c(m.OBS_INPUT,Ut),c(m.OBS_OUTPUT,E),c(m.TRACE_METADATA,$),c(m.SESSION_ID,r.sessionId),c(m.USER_ID,s.user),c(m.OBS_TYPE,"GENERATION"),c(m.MODEL,r.model),_?c(m.INPUT_TOKENS,_):null,h?c(m.OUTPUT_TOKENS,h):null,c("claude.stop_reason",n),c("claude.tool_count",String(T)),c("claude.error_count",String(d)),c("claude.session_id",r.sessionId),c("flow.trace_type",Y),{key:m.TRACE_TAGS,value:{arrayValue:{values:[{stringValue:Y}]}}}),ke={traceId:r.traceId,spanId:r.spanId,name:r.traceName,kind:1,startTimeUnixNano:r.startNs,endTimeUnixNano:o,attributes:Oe,status:{code:d>0?2:1}},we=U(c("service.name",process.env.LANGFUSE_PROJECT_NAME||"claude-code"),c("deployment.environment",process.env.LANGFUSE_ENVIRONMENT||"default")),Ct=[...u,ke];a("Stop",`sid=${e}`,`totalTools=${T}`,`errorTools=${d}`,`spans=${Ct.length}`,`inputTokens=${_}`,`outputTokens=${h}`,`traceOutput="${rt(E,80)}"`);let Le=await Ee(ce(we,Ct));a("Stop",`POST status=${Le}`,`traceId=${r.traceId}`),Lt(e),O(t);}async function Un(){let t=process.argv[2];if(t==="UserPromptSubmit"){let n=await Ot(),r;try{r=await J();}catch{process.stdout.write(JSON.stringify(n));return}r.authError?await Nt(n,true):r.length>0?await Nt(n):process.stdout.write(JSON.stringify(n));return}if(!await Xt()){let n=[];process.stdin.on("data",r=>n.push(r)),process.stdin.on("end",()=>process.stdout.write(n.join("")));return}let e=await Ot();switch(t){case "PreToolUse":await ae(e);break;case "PostToolUse":await Te(e);break;case "Stop":await Ae(e);break;default:process.stderr.write(`[flow-obs] unknown event: ${t}
15
+ `),process.stdout.write(JSON.stringify(e));}}Un().catch(t=>{process.stderr.write(`[flow-obs] fatal: ${t.message}
20
16
  `),process.exit(0);});
package/dist/setup.js CHANGED
@@ -1,7 +1,7 @@
1
1
  #!/usr/bin/env node
2
- 'use strict';var child_process=require('child_process'),util=require('util'),i=require('fs'),u=require('path'),w=require('os'),be=require('https');function _interopDefault(e){return e&&e.__esModule?e:{default:e}}function _interopNamespace(e){if(e&&e.__esModule)return e;var n=Object.create(null);if(e){Object.keys(e).forEach(function(k){if(k!=='default'){var d=Object.getOwnPropertyDescriptor(e,k);Object.defineProperty(n,k,d.get?d:{enumerable:true,get:function(){return e[k]}});}})}n.default=e;return Object.freeze(n)}var i__namespace=/*#__PURE__*/_interopNamespace(i);var u__namespace=/*#__PURE__*/_interopNamespace(u);var w__namespace=/*#__PURE__*/_interopNamespace(w);var be__default=/*#__PURE__*/_interopDefault(be);var ue=Object.defineProperty;var _=(e=>typeof require<"u"?require:typeof Proxy<"u"?new Proxy(e,{get:(t,n)=>(typeof require<"u"?require:t)[n]}):e)(function(e){if(typeof require<"u")return require.apply(this,arguments);throw Error('Dynamic require of "'+e+'" is not supported')});var A=(e,t)=>()=>(e&&(t=e(e=0)),t);var pe=(e,t)=>()=>(t||e((t={exports:{}}).exports,t),t.exports),O=(e,t)=>{for(var n in t)ue(e,n,{get:t[n],enumerable:true});};var W={};O(W,{MacOsKeyVaultProvider:()=>I});var P,I,G=A(()=>{P=util.promisify(child_process.execFile),I=class{static async isAvailable(){try{return i.accessSync("/usr/bin/security",i.constants.X_OK),!0}catch{return false}}async getSecret(t,n){try{let{stdout:r}=await P("security",["find-generic-password","-w","-a",n,"-s",t]);return r.trim()||null}catch{return null}}async setSecret(t,n,r){await P("security",["add-generic-password","-U","-a",n,"-s",t,"-w",r]);}async deleteSecret(t,n){try{return await P("security",["delete-generic-password","-a",n,"-s",t]),!0}catch{return false}}getStoragePath(){return "macOS Keychain"}};});var B={};O(B,{LinuxKeyVaultProvider:()=>N});var j,N,K=A(()=>{j=util.promisify(child_process.execFile),N=class{static async isAvailable(){let t=["/usr/bin/secret-tool","/bin/secret-tool","/usr/local/bin/secret-tool"];for(let n of t)try{return i.accessSync(n,i.constants.X_OK),!0}catch{}return false}async getSecret(t,n){try{let{stdout:r}=await j("secret-tool",["lookup","service",t,"account",n]);return r.trim()||null}catch{return null}}async setSecret(t,n,r){await new Promise((o,s)=>{let a=child_process.spawn("secret-tool",["store","--label",t,"service",t,"account",n]);a.on("error",s),a.on("close",d=>{d===0?o():s(new Error(`secret-tool exited with code ${d}`));}),a.stdin.write(r),a.stdin.end();});}async deleteSecret(t,n){try{return await j("secret-tool",["clear","service",t,"account",n]),!0}catch{return false}}getStoragePath(){return "Linux Secret Service (libsecret)"}};});var J={};O(J,{WindowsKeyVaultProvider:()=>C});var C,X=A(()=>{C=class{static async isAvailable(){try{return await _("keytar").getPassword("__flow_probe__","__flow_probe__"),!0}catch{return false}}async getSecret(t,n){return _("keytar").getPassword(t,n)}async setSecret(t,n,r){await _("keytar").setPassword(t,n,r);}async deleteSecret(t,n){return _("keytar").deletePassword(t,n)}getStoragePath(){return "Windows Credential Manager"}};});var oe=pe((Ut,ke)=>{ke.exports={name:"@ciandt-flow/flow-ai-obs",version:"0.5.2-beta.328",description:"Claude Code hooks for Langfuse OTLP tracing \u2014 cross-platform",main:"dist/index.js",bin:{"flow-ai-obs":"dist/cli.js","flow-ai-obs-setup":"dist/setup.js"},scripts:{build:"tsup",test:"jest",typecheck:"tsc --noEmit",lint:"eslint src bin scripts",format:'prettier --write "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"format:check":'prettier --check "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"security-scan":"trufflehog filesystem src/ --fail --no-update --exclude-paths .trufflehogignore",postinstall:`node -e "require('fs').existsSync('dist/setup.js') && require('child_process').execFileSync(process.execPath, ['dist/setup.js'], {stdio:'inherit'})"`,prepublishOnly:"npm run security-scan && npm run build","release:npm":"changeset publish",changeset:"changeset","version-packages":"changeset version","install:hooks":"node dist/cli.js install","auth:login":"node dist/cli.js auth login","auth:logout":"node dist/cli.js auth logout","auth:status":"node dist/cli.js auth status",smoke:"bash scripts/smoke-test.sh","smoke:debug":"bash scripts/smoke-test.sh --debug","smoke:send":"bash scripts/smoke-test.sh --send --allow-http --debug"},files:["dist/","README.md","LICENSE.md"],keywords:["claude-code","langfuse","observability","otlp","hooks","flow","ciandt"],author:"CI&T Flow Team",license:"SEE LICENSE IN LICENSE.md",private:false,dependencies:{},optionalDependencies:{keytar:"7.9.0"},devDependencies:{"@changesets/changelog-github":"^0.6.0","@changesets/cli":"^2.30.0","@types/jest":"^30.0.0","@types/node":"^25.8.0",jest:"^30.4.2","ts-jest":"^29.4.9",tsup:"^8.5.1","eslint-config-prettier":"^10.1.5",prettier:"^3.5.3",typescript:"^6.0.3","typescript-eslint":"^8.33.0"},engines:{node:">=18.0.0"},publishConfig:{registry:"https://registry.npmjs.org",access:"public"},repository:{type:"git",url:"git+https://github.com/CI-T-HyperX/flow-codeassistant-observability.git"}};});var l=process.env.FLOW_BASE_URL||"https://flow.ciandt.com",L={AUTH_ENGINE:process.env.FLOW_AUTH_ENGINE_URL||`${l}/auth-engine-api/v2/api-key/token`,GATEWAY_TRACES:process.env.FLOW_GATEWAY_TRACES_URL||`${l}/flow-langfuse-gateway/v1/traces`,GATEWAY_HEALTH:process.env.FLOW_GATEWAY_HEALTH_URL||`${l}/flow-langfuse-gateway/v1/health`,OTEL_ENDPOINT:process.env.FLOW_OTEL_ENDPOINT_URL||`${l}/otel`},h={SERVICE:"flow-plugins-cli",ACCOUNT_CREDS:"credentials"},T="FLOW-nodejs",y="config.json";var H={ANTHROPIC_BASE_URL:process.env.FLOW_LLM_PROXY_URL??`${l}/flow-llm-proxy/`,ANTHROPIC_MODEL:process.env.FLOW_LLM_PROXY_MODEL??"anthropic.claude-4-6-sonnet",ANTHROPIC_SMALL_FAST_MODEL:process.env.FLOW_LLM_PROXY_SMALL_MODEL??"anthropic.claude-4-6-sonnet",CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS:"1"},$={CLAUDE_CODE_ENABLE_TELEMETRY:"1",OTEL_EXPORTER_OTLP_ENDPOINT:L.OTEL_ENDPOINT,OTEL_EXPORTER_OTLP_PROTOCOL:"http/json",OTEL_METRICS_EXPORTER:"otlp",OTEL_LOGS_EXPORTER:"otlp",OTEL_LOG_TOOL_DETAILS:"1",OTEL_LOG_USER_PROMPTS:"1"},f={FLOW_TELEMETRY:"FLOW_TELEMETRY",FLOW_TELEMETRY_GATEWAY:"FLOW_TELEMETRY_GATEWAY_URL",LANGFUSE_BASE_URL:"LANGFUSE_BASE_URL",LANGFUSE_PUBLIC_KEY:"LANGFUSE_PUBLIC_KEY",LANGFUSE_SECRET_KEY:"LANGFUSE_SECRET_KEY",ANTHROPIC_MODEL:"ANTHROPIC_MODEL",ANTHROPIC_AUTH_TOKEN:"ANTHROPIC_AUTH_TOKEN",FLOW_OBS_DEBUG:"FLOW_TELEMETRY_DEBUG",FLOW_OBS_ALLOW_HTTP:"FLOW_TELEMETRY_ALLOW_HTTP",BUFFER_TTL_DAYS:"FLOW_TELEMETRY_BUFFER_TTL_DAYS",BUFFER_MAX_FILES:"FLOW_TELEMETRY_BUFFER_MAX_FILES"};var M={LOCK_STALE_MS:3e4},x={UserPromptSubmit:5,PreToolUse:3,PostToolUse:10,Stop:15};var V="flow-ai-obs-debug.log";({API_URL:process.env.FLOW_METRICS_URL||`${l}/metrics-collector-api/log-event`});var v={credentials:"credentials","token-cache":"tokenCache"};function m(){let e=w__namespace.default.homedir();if(process.platform==="darwin")return u__namespace.default.join(e,"Library","Preferences",T,y);if(process.platform==="win32"){let n=process.env.APPDATA??u__namespace.default.join(e,"AppData","Roaming");return u__namespace.default.join(n,T,y)}let t=process.env.XDG_CONFIG_HOME??u__namespace.default.join(e,".config");return u__namespace.default.join(t,T,y)}function R(){try{let e=i__namespace.default.readFileSync(m(),"utf8");return JSON.parse(e)}catch{return {}}}function Y(e){let t=m();i__namespace.default.mkdirSync(u__namespace.default.dirname(t),{recursive:true}),i__namespace.default.writeFileSync(t,JSON.stringify(e,null,2),{encoding:"utf8",mode:384});}var S=class{static isAvailable(){return true}static hasExistingData(){try{if(!i__namespace.default.existsSync(m()))return !1;let t=JSON.parse(i__namespace.default.readFileSync(m(),"utf8"));return !!(t&&t.credentials)}catch{return false}}async getSecret(t,n){let r=R(),o=v[n]??n,s=r[o];return s?typeof s=="string"?s:JSON.stringify(s):null}async setSecret(t,n,r){let o=R(),s=v[n]??n;if(n==="token-cache")try{o[s]=JSON.parse(r);}catch{o[s]=r;}else o[s]=r;Y(o);}async deleteSecret(t,n){let r=R(),o=v[n]??n;return o in r?(delete r[o],Y(r),true):false}getStoragePath(){return `config.json (unencrypted) \u2014 ${m()}`}};async function q(){return await we()??new S}async function we(){switch(process.platform){case "darwin":{let{MacOsKeyVaultProvider:e}=await Promise.resolve().then(()=>(G(),W));return await e.isAvailable()?new e:null}case "linux":{let{LinuxKeyVaultProvider:e}=await Promise.resolve().then(()=>(K(),B));return await e.isAvailable()?new e:null}case "win32":{let{WindowsKeyVaultProvider:e}=await Promise.resolve().then(()=>(X(),J));return await e.isAvailable()?new e:null}default:return null}}var Ae=h.SERVICE,Oe=h.ACCOUNT_CREDS,k=null;function Le(){return k||(k=q()),k}async function b(){let t=await(await Le()).getSecret(Ae,Oe);if(!t)return null;try{return JSON.parse(t)}catch{return null}}u.join(w.tmpdir(),V);function F(){if(process.env.WSL_DISTRO_NAME&&process.platform==="linux"){let e=process.env.USERPROFILE;if(!e){let n=child_process.spawnSync("cmd.exe",["/c","echo","%USERPROFILE%"],{encoding:"utf8",timeout:5e3}).stdout?.trim();n&&/^[A-Za-z]:\\/.test(n)&&(e=n);}if(e){let t=e.replace(/^([A-Za-z]):/,(n,r)=>`/mnt/${r.toLowerCase()}`).replace(/\\/g,"/");return u__namespace.join(t,".claude","settings.json")}return u__namespace.join(w__namespace.homedir(),".claude","settings.json")}if(process.platform==="win32"){let e=process.env.USERPROFILE||w__namespace.homedir();return u__namespace.join(e,".claude","settings.json")}if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let t=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(t)return u__namespace.join(t,".claude","settings.json")}return u__namespace.join(w__namespace.homedir(),".claude","settings.json")}var Ne=M.LOCK_STALE_MS;function Z(e){try{let t=i__namespace.statSync(e);Date.now()-t.mtimeMs>Ne&&i__namespace.unlinkSync(e);}catch{}try{i__namespace.writeFileSync(e,String(process.pid),{flag:"wx"});}catch(t){throw t.code==="EEXIST"?new Error("Another install is already in progress. If this is stale, remove: "+e):t}}function Q(e){try{i__namespace.unlinkSync(e);}catch{}}function Ce(e,t){let r=(Array.isArray(e)?e:[]).map(o=>{if(!Array.isArray(o?.hooks))return null;let s=o.hooks.filter(a=>!a.command?.startsWith?.("flow-ai-obs "));return s.length>0?{...o,hooks:s}:null}).filter(o=>o!=null);return [t,...r]}function ee(){let e=F(),t=e+".lock",n=[];i__namespace.mkdirSync(u__namespace.dirname(e),{recursive:true}),Z(t);try{if(i__namespace.existsSync(e)){i__namespace.copyFileSync(e,e+".bkp");try{i__namespace.chmodSync(e+".bkp",384);}catch{}}let r={};try{r=JSON.parse(i__namespace.readFileSync(e,"utf8"));}catch{}let o=r.env&&typeof r.env=="object"?r.env:{};r.env={...$,...H,...o},r.otelHeadersHelper="flow-ai-obs otel-headers",(!r.hooks||typeof r.hooks!="object"||Array.isArray(r.hooks))&&(r.hooks={});let s=(c,E)=>({matcher:"",hooks:[{type:"command",command:`flow-ai-obs ${c}`,timeout:E}]}),a=["UserPromptSubmit","PreToolUse","PostToolUse","Stop"],d=r.hooks;for(let c of a){let E=Ce(d[c],s(c,x[c]));E.length>1&&n.push(c),d[c]=E;}i__namespace.writeFileSync(e,JSON.stringify(r,null,2)+`
3
- `,{encoding:"utf8",mode:384});try{i__namespace.chmodSync(e,384);}catch{}}finally{Q(t);}return {settingsPath:e,preserved:n}}function te(e){let t=F(),n=t+".lock";i__namespace.mkdirSync(u__namespace.dirname(t),{recursive:true}),Z(n);try{let r={};try{r=JSON.parse(i__namespace.readFileSync(t,"utf8"));}catch{}(!r.env||typeof r.env!="object")&&(r.env={}),Object.assign(r.env,e),i__namespace.writeFileSync(t,JSON.stringify(r,null,2)+`
4
- `,{encoding:"utf8",mode:384});try{i__namespace.chmodSync(t,384);}catch{}}finally{Q(n);}}function re(e){if(!e)return null;try{let t=e.split(".");if(t.length<2)return null;let n=JSON.parse(Buffer.from(t[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8")),{clientId:r,clientSecret:o,tenant:s}=n;return !r||!o||!s?null:{clientId:r,clientSecret:o,tenant:s}}catch{return null}}function ne(e){let t=Buffer.from(JSON.stringify({alg:"none",typ:"JWT"})).toString("base64url"),n=Buffer.from(JSON.stringify({clientId:e.clientId,clientSecret:e.clientSecret,tenant:e.tenant})).toString("base64url");return `${t}.${n}.`}var D;function ie(){return D||(D=oe()),D}var ae=u__namespace.default.join(w__namespace.default.tmpdir(),"flow-obs-update-cache.json"),De=1440*60*1e3,He=3e3;function $e(e,t){let n=s=>{let a=String(s).replace(/^v/,"").match(/^(\d+)\.(\d+)\.(\d+)/);return a?[+a[1],+a[2],+a[3]]:null},r=n(e),o=n(t);return !r||!o?false:o[0]!==r[0]?o[0]>r[0]:o[1]!==r[1]?o[1]>r[1]:o[2]>r[2]}function Me(){try{let e=JSON.parse(i__namespace.default.readFileSync(ae,"utf8"));return typeof e.latestVersion!="string"||Date.now()-e.checkedAt>=De?null:e}catch{return null}}function xe(e,t,n=Date.now()){try{i__namespace.default.writeFileSync(ae,JSON.stringify({latestVersion:e,updatePriority:t??null,checkedAt:n}),{mode:384});}catch{}}function Ve(e){let t=ie().name,n=be__default.default.get(`https://registry.npmjs.org/${encodeURIComponent(t)}/latest`,{timeout:He},r=>{if(r.statusCode!==200)return r.resume(),e(new Error(`HTTP ${r.statusCode}`));let o="";r.setEncoding("utf8"),r.on("data",s=>{o+=s;}),r.on("end",()=>{try{let s=JSON.parse(o);if(typeof s.version!="string")throw new Error("no version field");e(null,{version:s.version,updatePriority:typeof s.updatePriority=="string"?s.updatePriority:null});}catch(s){e(s);}});});n.on("error",e),n.on("timeout",()=>{n.destroy(new Error("timeout"));});}function ce(){try{if(Me())return;setImmediate(()=>{Ve((e,t)=>{e||!t||$e(ie().version,t.version)&&xe(t.version,t.updatePriority,0);});});}catch{}}var Ye=u__namespace.default.resolve(__dirname,".."),We=process.env.INIT_CWD?u__namespace.default.resolve(process.env.INIT_CWD):null;We===Ye&&process.exit(0);async function Ge(){try{ee();}catch{}let e=await b();if(!e){process.stderr.write(`
2
+ 'use strict';var child_process=require('child_process'),util=require('util'),i=require('fs'),u=require('path'),w=require('os'),be=require('https');function _interopDefault(e){return e&&e.__esModule?e:{default:e}}function _interopNamespace(e){if(e&&e.__esModule)return e;var n=Object.create(null);if(e){Object.keys(e).forEach(function(k){if(k!=='default'){var d=Object.getOwnPropertyDescriptor(e,k);Object.defineProperty(n,k,d.get?d:{enumerable:true,get:function(){return e[k]}});}})}n.default=e;return Object.freeze(n)}var i__namespace=/*#__PURE__*/_interopNamespace(i);var u__namespace=/*#__PURE__*/_interopNamespace(u);var w__namespace=/*#__PURE__*/_interopNamespace(w);var be__default=/*#__PURE__*/_interopDefault(be);var ue=Object.defineProperty;var E=(e=>typeof require<"u"?require:typeof Proxy<"u"?new Proxy(e,{get:(t,n)=>(typeof require<"u"?require:t)[n]}):e)(function(e){if(typeof require<"u")return require.apply(this,arguments);throw Error('Dynamic require of "'+e+'" is not supported')});var A=(e,t)=>()=>(e&&(t=e(e=0)),t);var pe=(e,t)=>()=>(t||e((t={exports:{}}).exports,t),t.exports),O=(e,t)=>{for(var n in t)ue(e,n,{get:t[n],enumerable:true});};var W={};O(W,{MacOsKeyVaultProvider:()=>I});var P,I,G=A(()=>{P=util.promisify(child_process.execFile),I=class{static async isAvailable(){try{return i.accessSync("/usr/bin/security",i.constants.X_OK),!0}catch{return false}}async getSecret(t,n){try{let{stdout:r}=await P("security",["find-generic-password","-w","-a",n,"-s",t]);return r.trim()||null}catch{return null}}async setSecret(t,n,r){await P("security",["add-generic-password","-U","-a",n,"-s",t,"-w",r]);}async deleteSecret(t,n){try{return await P("security",["delete-generic-password","-a",n,"-s",t]),!0}catch{return false}}getStoragePath(){return "macOS Keychain"}};});var B={};O(B,{LinuxKeyVaultProvider:()=>k});var j,k,K=A(()=>{j=util.promisify(child_process.execFile),k=class{static async isAvailable(){let t=["/usr/bin/secret-tool","/bin/secret-tool","/usr/local/bin/secret-tool"];for(let n of t)try{return i.accessSync(n,i.constants.X_OK),!0}catch{}return false}async getSecret(t,n){try{let{stdout:r}=await j("secret-tool",["lookup","service",t,"account",n]);return r.trim()||null}catch{return null}}async setSecret(t,n,r){await new Promise((s,o)=>{let a=child_process.spawn("secret-tool",["store","--label",t,"service",t,"account",n]);a.on("error",o),a.on("close",d=>{d===0?s():o(new Error(`secret-tool exited with code ${d}`));}),a.stdin.write(r),a.stdin.end();});}async deleteSecret(t,n){try{return await j("secret-tool",["clear","service",t,"account",n]),!0}catch{return false}}getStoragePath(){return "Linux Secret Service (libsecret)"}};});var J={};O(J,{WindowsKeyVaultProvider:()=>C});var C,X=A(()=>{C=class{static async isAvailable(){try{return await E("keytar").getPassword("__flow_probe__","__flow_probe__"),!0}catch{return false}}async getSecret(t,n){return E("keytar").getPassword(t,n)}async setSecret(t,n,r){await E("keytar").setPassword(t,n,r);}async deleteSecret(t,n){return E("keytar").deletePassword(t,n)}getStoragePath(){return "Windows Credential Manager"}};});var se=pe(($t,Ne)=>{Ne.exports={name:"@ciandt-flow/flow-ai-obs",version:"0.5.2-beta.338",description:"Claude Code hooks for Langfuse OTLP tracing \u2014 cross-platform",main:"dist/index.js",bin:{"flow-ai-obs":"dist/cli.js","flow-ai-obs-setup":"dist/setup.js"},scripts:{build:"tsup",test:"jest",typecheck:"tsc --noEmit",lint:"eslint src bin scripts",format:'prettier --write "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"format:check":'prettier --check "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"security-scan":"trufflehog filesystem src/ --fail --no-update --exclude-paths .trufflehogignore",postinstall:`node -e "require('fs').existsSync('dist/setup.js') && require('child_process').execFileSync(process.execPath, ['dist/setup.js'], {stdio:'inherit'})"`,prepublishOnly:"npm run security-scan && npm run build","release:npm":"changeset publish",changeset:"changeset","version-packages":"changeset version","install:hooks":"node dist/cli.js install","auth:login":"node dist/cli.js auth login","auth:logout":"node dist/cli.js auth logout","auth:status":"node dist/cli.js auth status",smoke:"bash scripts/smoke-test.sh","smoke:debug":"bash scripts/smoke-test.sh --debug","smoke:send":"bash scripts/smoke-test.sh --send --allow-http --debug"},files:["dist/","README.md","LICENSE.md"],keywords:["claude-code","langfuse","observability","otlp","hooks","flow","ciandt"],author:"CI&T Flow Team",license:"SEE LICENSE IN LICENSE.md",private:false,dependencies:{},optionalDependencies:{keytar:"7.9.0"},devDependencies:{"@changesets/changelog-github":"^0.6.0","@changesets/cli":"^2.30.0","@types/jest":"^30.0.0","@types/node":"^25.8.0",jest:"^30.4.2","ts-jest":"^29.4.9",tsup:"^8.5.1","eslint-config-prettier":"^10.1.5",prettier:"^3.5.3",typescript:"^6.0.3","typescript-eslint":"^8.33.0"},engines:{node:">=18.0.0"},publishConfig:{registry:"https://registry.npmjs.org",access:"public"},repository:{type:"git",url:"git+https://github.com/CI-T-HyperX/flow-codeassistant-observability.git"}};});var l=process.env.FLOW_BASE_URL||"https://flow.ciandt.com",v={AUTH_ENGINE:process.env.FLOW_AUTH_ENGINE_URL||`${l}/auth-engine-api/v2/api-key/token`,GATEWAY_TRACES:process.env.FLOW_GATEWAY_TRACES_URL||`${l}/flow-langfuse-gateway/v1/traces`,GATEWAY_HEALTH:process.env.FLOW_GATEWAY_HEALTH_URL||`${l}/flow-langfuse-gateway/v1/health`,OTEL_ENDPOINT:process.env.FLOW_OTEL_ENDPOINT_URL||`${l}/otel`},T={SERVICE:"flow-plugins-cli",ACCOUNT_CREDS:"credentials"},_="FLOW-nodejs",y="config.json";var D={ANTHROPIC_BASE_URL:process.env.FLOW_LLM_PROXY_URL??`${l}/flow-llm-proxy/`,ANTHROPIC_MODEL:process.env.FLOW_LLM_PROXY_MODEL??"anthropic.claude-4-6-sonnet",ANTHROPIC_SMALL_FAST_MODEL:process.env.FLOW_LLM_PROXY_SMALL_MODEL??"anthropic.claude-4-6-sonnet",CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS:"1"},M={CLAUDE_CODE_ENABLE_TELEMETRY:"1",OTEL_EXPORTER_OTLP_ENDPOINT:v.OTEL_ENDPOINT,OTEL_EXPORTER_OTLP_PROTOCOL:"http/json",OTEL_METRICS_EXPORTER:"otlp",OTEL_LOGS_EXPORTER:"otlp",OTEL_LOG_TOOL_DETAILS:"1",OTEL_LOG_USER_PROMPTS:"1"},f={FLOW_TELEMETRY:"FLOW_TELEMETRY",FLOW_TELEMETRY_GATEWAY:"FLOW_TELEMETRY_GATEWAY_URL",LANGFUSE_BASE_URL:"LANGFUSE_BASE_URL",LANGFUSE_PUBLIC_KEY:"LANGFUSE_PUBLIC_KEY",LANGFUSE_SECRET_KEY:"LANGFUSE_SECRET_KEY",ANTHROPIC_MODEL:"ANTHROPIC_MODEL",ANTHROPIC_AUTH_TOKEN:"ANTHROPIC_AUTH_TOKEN",FLOW_OBS_DEBUG:"FLOW_TELEMETRY_DEBUG",FLOW_OBS_ALLOW_HTTP:"FLOW_TELEMETRY_ALLOW_HTTP",BUFFER_TTL_DAYS:"FLOW_TELEMETRY_BUFFER_TTL_DAYS",BUFFER_MAX_FILES:"FLOW_TELEMETRY_BUFFER_MAX_FILES"};var H={LOCK_STALE_MS:3e4},x={UserPromptSubmit:5,PreToolUse:3,PostToolUse:10,Stop:15};var V="flow-ai-obs-debug.log";({API_URL:process.env.FLOW_METRICS_URL||`${l}/metrics-collector-api/log-event`});var L={credentials:"credentials","token-cache":"tokenCache"};function m(){let e=w__namespace.default.homedir();if(process.platform==="darwin")return u__namespace.default.join(e,"Library","Preferences",_,y);if(process.platform==="win32"){let n=process.env.APPDATA??u__namespace.default.join(e,"AppData","Roaming");return u__namespace.default.join(n,_,y)}let t=process.env.XDG_CONFIG_HOME??u__namespace.default.join(e,".config");return u__namespace.default.join(t,_,y)}function R(){try{let e=i__namespace.default.readFileSync(m(),"utf8");return JSON.parse(e)}catch{return {}}}function Y(e){let t=m();i__namespace.default.mkdirSync(u__namespace.default.dirname(t),{recursive:true}),i__namespace.default.writeFileSync(t,JSON.stringify(e,null,2),{encoding:"utf8",mode:384});}var S=class{static isAvailable(){return true}static hasExistingData(){try{if(!i__namespace.default.existsSync(m()))return !1;let t=JSON.parse(i__namespace.default.readFileSync(m(),"utf8"));return !!(t&&t.credentials)}catch{return false}}async getSecret(t,n){let r=R(),s=L[n]??n,o=r[s];return o?typeof o=="string"?o:JSON.stringify(o):null}async setSecret(t,n,r){let s=R(),o=L[n]??n;if(n==="token-cache")try{s[o]=JSON.parse(r);}catch{s[o]=r;}else s[o]=r;Y(s);}async deleteSecret(t,n){let r=R(),s=L[n]??n;return s in r?(delete r[s],Y(r),true):false}getStoragePath(){return `config.json (unencrypted) \u2014 ${m()}`}};async function q(){return await we()??new S}async function we(){switch(process.platform){case "darwin":{let{MacOsKeyVaultProvider:e}=await Promise.resolve().then(()=>(G(),W));return await e.isAvailable()?new e:null}case "linux":{let{LinuxKeyVaultProvider:e}=await Promise.resolve().then(()=>(K(),B));return await e.isAvailable()?new e:null}case "win32":{let{WindowsKeyVaultProvider:e}=await Promise.resolve().then(()=>(X(),J));return await e.isAvailable()?new e:null}default:return null}}var Ae=T.SERVICE,Oe=T.ACCOUNT_CREDS,N=null;function ve(){return N||(N=q()),N}async function b(){let t=await(await ve()).getSecret(Ae,Oe);if(!t)return null;try{return JSON.parse(t)}catch{return null}}u.join(w.tmpdir(),V);function U(){if(process.env.WSL_DISTRO_NAME&&process.platform==="linux"){let e=process.env.USERPROFILE;if(!e){let n=child_process.spawnSync("cmd.exe",["/c","echo","%USERPROFILE%"],{encoding:"utf8",timeout:5e3}).stdout?.trim();n&&/^[A-Za-z]:\\/.test(n)&&(e=n);}if(e){let t=e.replace(/^([A-Za-z]):/,(n,r)=>`/mnt/${r.toLowerCase()}`).replace(/\\/g,"/");return u__namespace.join(t,".claude","settings.json")}return u__namespace.join(w__namespace.homedir(),".claude","settings.json")}if(process.platform==="win32"){let e=process.env.USERPROFILE||w__namespace.homedir();return u__namespace.join(e,".claude","settings.json")}if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let t=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(t)return u__namespace.join(t,".claude","settings.json")}return u__namespace.join(w__namespace.homedir(),".claude","settings.json")}var ke=H.LOCK_STALE_MS;function Z(e){try{let t=i__namespace.statSync(e);Date.now()-t.mtimeMs>ke&&i__namespace.unlinkSync(e);}catch{}try{i__namespace.writeFileSync(e,String(process.pid),{flag:"wx"});}catch(t){throw t.code==="EEXIST"?new Error("Another install is already in progress. If this is stale, remove: "+e):t}}function Q(e){try{i__namespace.unlinkSync(e);}catch{}}function Ce(e,t){let r=(Array.isArray(e)?e:[]).map(s=>{if(!Array.isArray(s?.hooks))return null;let o=s.hooks.filter(a=>!a.command?.startsWith?.("flow-ai-obs "));return o.length>0?{...s,hooks:o}:null}).filter(s=>s!=null);return [t,...r]}function ee(){let e=U(),t=e+".lock",n=[];i__namespace.mkdirSync(u__namespace.dirname(e),{recursive:true}),Z(t);try{if(i__namespace.existsSync(e)){i__namespace.copyFileSync(e,e+".bkp");try{i__namespace.chmodSync(e+".bkp",384);}catch{}}let r={};try{r=JSON.parse(i__namespace.readFileSync(e,"utf8"));}catch{}let s=r.env&&typeof r.env=="object"?r.env:{};r.env={...M,...D,...s},r.otelHeadersHelper="flow-ai-obs otel-headers",(!r.hooks||typeof r.hooks!="object"||Array.isArray(r.hooks))&&(r.hooks={});let o=(c,h)=>({matcher:"",hooks:[{type:"command",command:`flow-ai-obs ${c}`,timeout:h}]}),a=["UserPromptSubmit","PreToolUse","PostToolUse","Stop"],d=r.hooks;for(let c of a){let h=Ce(d[c],o(c,x[c]));h.length>1&&n.push(c),d[c]=h;}i__namespace.writeFileSync(e,JSON.stringify(r,null,2)+`
3
+ `,{encoding:"utf8",mode:384});try{i__namespace.chmodSync(e,384);}catch{}}finally{Q(t);}return {settingsPath:e,preserved:n}}function te(e){let t=U(),n=t+".lock";i__namespace.mkdirSync(u__namespace.dirname(t),{recursive:true}),Z(n);try{let r={};try{r=JSON.parse(i__namespace.readFileSync(t,"utf8"));}catch{}(!r.env||typeof r.env!="object")&&(r.env={}),Object.assign(r.env,e),i__namespace.writeFileSync(t,JSON.stringify(r,null,2)+`
4
+ `,{encoding:"utf8",mode:384});try{i__namespace.chmodSync(t,384);}catch{}}finally{Q(n);}}function re(e){if(!e)return null;try{let t=e.split(".");if(t.length<2)return null;let n=JSON.parse(Buffer.from(t[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8")),{clientId:r,clientSecret:s,tenant:o}=n;return !r||!s||!o?null:{clientId:r,clientSecret:s,tenant:o}}catch{return null}}function ne(e){let t=Buffer.from(JSON.stringify({alg:"none",typ:"JWT"})).toString("base64url"),n=Buffer.from(JSON.stringify({clientId:e.clientId,clientSecret:e.clientSecret,tenant:e.tenant})).toString("base64url");return `${t}.${n}.`}var $;function ie(){return $||($=se()),$}var ae=u__namespace.default.join(w__namespace.default.tmpdir(),"flow-obs-update-cache.json"),$e=1440*60*1e3,De=3e3;function Me(e,t){let n=o=>{let a=String(o).replace(/^v/,"").match(/^(\d+)\.(\d+)\.(\d+)/);return a?[+a[1],+a[2],+a[3]]:null},r=n(e),s=n(t);return !r||!s?false:s[0]!==r[0]?s[0]>r[0]:s[1]!==r[1]?s[1]>r[1]:s[2]>r[2]}function He(){try{let e=JSON.parse(i__namespace.default.readFileSync(ae,"utf8"));return typeof e.latestVersion!="string"||Date.now()-e.checkedAt>=$e?null:e}catch{return null}}function xe(e,t,n=Date.now()){try{i__namespace.default.writeFileSync(ae,JSON.stringify({latestVersion:e,updatePriority:t??null,checkedAt:n}),{mode:384});}catch{}}function Ve(e){let t=ie().name,n=be__default.default.get(`https://registry.npmjs.org/${encodeURIComponent(t)}/latest`,{timeout:De},r=>{if(r.statusCode!==200)return r.resume(),e(new Error(`HTTP ${r.statusCode}`));let s="";r.setEncoding("utf8"),r.on("data",o=>{s+=o;}),r.on("end",()=>{try{let o=JSON.parse(s);if(typeof o.version!="string")throw new Error("no version field");e(null,{version:o.version,updatePriority:typeof o.updatePriority=="string"?o.updatePriority:null});}catch(o){e(o);}});});n.on("error",e),n.on("timeout",()=>{n.destroy(new Error("timeout"));});}function ce(){try{if(He())return;setImmediate(()=>{Ve((e,t)=>{e||!t||Me(ie().version,t.version)&&xe(t.version,t.updatePriority,0);});});}catch{}}var Ye=u__namespace.default.resolve(__dirname,".."),We=process.env.INIT_CWD?u__namespace.default.resolve(process.env.INIT_CWD):null;We===Ye&&process.exit(0);async function Ge(){try{ee();}catch{}let e=await b();if(!e){process.stderr.write(`
5
5
  [flow-ai-obs] No credentials found.
6
6
  Run \`flow-ai-obs auth login\` to authenticate and enable telemetry.
7
7
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@ciandt-flow/flow-ai-obs",
3
- "version": "0.5.2-beta.328",
3
+ "version": "0.5.2-beta.338",
4
4
  "description": "Claude Code hooks for Langfuse OTLP tracing — cross-platform",
5
5
  "main": "dist/index.js",
6
6
  "bin": {