@ciandt-flow/flow-ai-obs 0.5.2-beta.338 → 0.5.2-beta.346
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli.js +122 -91
- package/dist/index.js +13 -13
- package/dist/setup.js +4 -4
- package/package.json +1 -1
package/dist/cli.js
CHANGED
|
@@ -1,149 +1,179 @@
|
|
|
1
1
|
#!/usr/bin/env node
|
|
2
|
-
'use strict';var
|
|
2
|
+
'use strict';var Zn=require('https'),E=require('fs'),Q=require('os'),Et=require('path'),child_process=require('child_process'),ms=require('http'),util=require('util'),crypto=require('crypto');function _interopNamespace(e){if(e&&e.__esModule)return e;var n=Object.create(null);if(e){Object.keys(e).forEach(function(k){if(k!=='default'){var d=Object.getOwnPropertyDescriptor(e,k);Object.defineProperty(n,k,d.get?d:{enumerable:true,get:function(){return e[k]}});}})}n.default=e;return Object.freeze(n)}var Zn__namespace=/*#__PURE__*/_interopNamespace(Zn);var E__namespace=/*#__PURE__*/_interopNamespace(E);var Q__namespace=/*#__PURE__*/_interopNamespace(Q);var Et__namespace=/*#__PURE__*/_interopNamespace(Et);var ms__namespace=/*#__PURE__*/_interopNamespace(ms);var me=Object.defineProperty;var Gn=Object.getOwnPropertyDescriptor;var Wn=Object.getOwnPropertyNames;var Kn=Object.prototype.hasOwnProperty;var Nt=(t=>typeof require<"u"?require:typeof Proxy<"u"?new Proxy(t,{get:(e,r)=>(typeof require<"u"?require:e)[r]}):t)(function(t){if(typeof require<"u")return require.apply(this,arguments);throw Error('Dynamic require of "'+t+'" is not supported')});var p=(t,e)=>()=>(t&&(e=t(t=0)),e);var qn=(t,e)=>()=>(e||t((e={exports:{}}).exports,e),e.exports),$=(t,e)=>{for(var r in e)me(t,r,{get:e[r],enumerable:true});},Jn=(t,e,r,n)=>{if(e&&typeof e=="object"||typeof e=="function")for(let s of Wn(e))!Kn.call(t,s)&&s!==r&&me(t,s,{get:()=>e[s],enumerable:!(n=Gn(e,s))||n.enumerable});return t};var L=t=>Jn(me({},"__esModule",{value:true}),t);var qt=qn((Uo,Xn)=>{Xn.exports={name:"@ciandt-flow/flow-ai-obs",version:"0.5.2-beta.346",description:"Claude Code hooks for Langfuse OTLP tracing \u2014 cross-platform",main:"dist/index.js",bin:{"flow-ai-obs":"dist/cli.js","flow-ai-obs-setup":"dist/setup.js"},scripts:{build:"tsup",test:"jest",typecheck:"tsc --noEmit",lint:"eslint src bin scripts",format:'prettier --write "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"format:check":'prettier --check "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"security-scan":"trufflehog filesystem src/ --fail --no-update --exclude-paths .trufflehogignore",postinstall:`node -e "require('fs').existsSync('dist/setup.js') && require('child_process').execFileSync(process.execPath, ['dist/setup.js'], {stdio:'inherit'})"`,prepublishOnly:"npm run security-scan && npm run build","release:npm":"changeset publish",changeset:"changeset","version-packages":"changeset version","install:hooks":"node dist/cli.js install","auth:login":"node dist/cli.js auth login","auth:logout":"node dist/cli.js auth logout","auth:status":"node dist/cli.js auth status",smoke:"bash scripts/smoke-test.sh","smoke:debug":"bash scripts/smoke-test.sh --debug","smoke:send":"bash scripts/smoke-test.sh --send --allow-http --debug"},files:["dist/","README.md","LICENSE.md"],keywords:["claude-code","langfuse","observability","otlp","hooks","flow","ciandt"],author:"CI&T Flow Team",license:"SEE LICENSE IN LICENSE.md",private:false,dependencies:{},optionalDependencies:{keytar:"7.9.0"},devDependencies:{"@changesets/changelog-github":"^0.6.0","@changesets/cli":"^2.30.0","@types/jest":"^30.0.0","@types/node":"^25.8.0",jest:"^30.4.2","ts-jest":"^29.4.9",tsup:"^8.5.1","eslint-config-prettier":"^10.1.5",prettier:"^3.5.3",typescript:"^6.0.3","typescript-eslint":"^8.33.0"},engines:{node:">=18.0.0"},publishConfig:{registry:"https://registry.npmjs.org",access:"public"},repository:{type:"git",url:"git+https://github.com/CI-T-HyperX/flow-codeassistant-observability.git"}};});var ge={};$(ge,{bold:()=>V,cyan:()=>x,dim:()=>S,green:()=>N,red:()=>j,yellow:()=>y});function dt(t,e){return zn?r=>`\x1B[${t}m${r}\x1B[${e}m`:r=>r}var zn,N,j,y,x,V,S,pt=p(()=>{zn=!process.env.NO_COLOR&&process.stdout.isTTY;N=dt("32","39"),j=dt("31","39"),y=dt("33","39"),x=dt("36","39"),V=dt("1","22"),S=dt("2","22");});function nr(){return process.stdin.isTTY===true&&!process.argv.includes("--no-interactive")}var sr=p(()=>{});var ft={};$(ft,{checkForUpdate:()=>os,checkForUpdateInteractive:()=>is,isNewer:()=>Ct,primeUpdateCache:()=>as});function C(){return he||(he=qt()),he}function Ct(t,e){let r=o=>{let i=String(o).replace(/^v/,"").match(/^(\d+)\.(\d+)\.(\d+)/);return i?[+i[1],+i[2],+i[3]]:null},n=r(t),s=r(e);return !n||!s?false:s[0]!==n[0]?s[0]>n[0]:s[1]!==n[1]?s[1]>n[1]:s[2]>n[2]}function Ee(){try{let t=JSON.parse(E__namespace.default.readFileSync(ar,"utf8"));return typeof t.latestVersion!="string"||Date.now()-t.checkedAt>=es?null:t}catch{return null}}function cr(t,e,r=Date.now()){try{E__namespace.default.writeFileSync(ar,JSON.stringify({latestVersion:t,updatePriority:e??null,checkedAt:r}),{mode:384});}catch{}}function lr(t){let e=C().name,r=Zn__namespace.default.get(`https://registry.npmjs.org/${encodeURIComponent(e)}/latest`,{timeout:rs},n=>{if(n.statusCode!==200)return n.resume(),t(new Error(`HTTP ${n.statusCode}`));let s="";n.setEncoding("utf8"),n.on("data",o=>{s+=o;}),n.on("end",()=>{try{let o=JSON.parse(s);if(typeof o.version!="string")throw new Error("no version field");t(null,{version:o.version,updatePriority:typeof o.updatePriority=="string"?o.updatePriority:null});}catch(o){t(o);}});});r.on("error",t),r.on("timeout",()=>{r.destroy(new Error("timeout"));});}function we(t){let e=C().name,n=` Update available: ${C().version} \u2192 ${t}`,s=` Run: npm install -g ${e}`,o=Math.max(n.length,s.length)+2,i="\u2500".repeat(o);process.stderr.write(`
|
|
3
3
|
\u256D${i}\u256E
|
|
4
4
|
\u2502${n.padEnd(o)}\u2502
|
|
5
5
|
\u2502${s.padEnd(o)}\u2502
|
|
6
6
|
\u2570${i}\u256F
|
|
7
7
|
|
|
8
|
-
`);}function
|
|
8
|
+
`);}function Se(t){let e=C().name;process.stderr.write(`
|
|
9
9
|
[${e}] Critical update detected \u2014 auto-updating to ${t}...
|
|
10
10
|
|
|
11
|
-
`),child_process.spawn("npm",["install","-g",`${e}@${t}`],{detached:true,stdio:"ignore",windowsHide:true}).unref();}async function
|
|
11
|
+
`),child_process.spawn("npm",["install","-g",`${e}@${t}`],{detached:true,stdio:"ignore",windowsHide:true}).unref();}async function ns(t,e=1e4){let r=Nt("readline"),n=C().name,s=C().version;return process.stderr.write(`
|
|
12
12
|
Update available: ${s} \u2192 ${t}
|
|
13
13
|
Run: npm install -g ${n}@${t}
|
|
14
|
-
Install now? [y/N]: `),new Promise(o=>{let i=r.createInterface({input:process.stdin,output:void 0,terminal:false}),
|
|
15
|
-
`),o(
|
|
14
|
+
Install now? [y/N]: `),new Promise(o=>{let i=r.createInterface({input:process.stdin,output:void 0,terminal:false}),c=false;function a(m){c||(c=true,clearTimeout(l),i.close(),process.stderr.write(`
|
|
15
|
+
`),o(m));}let l=setTimeout(()=>a(false),e);i.once("line",m=>a(m.trim().toLowerCase()==="y")),i.once("close",()=>a(false));})}async function ss(t){let e=C().name;return process.stderr.write(` Installing ${e}@${t}...
|
|
16
16
|
`),new Promise(r=>{let n=child_process.spawn("npm",["install","-g",`${e}@${t}`],{stdio:"inherit"});n.on("close",s=>{s!==0?process.stderr.write(` \u2717 Update failed \u2014 continuing with current version.
|
|
17
17
|
|
|
18
18
|
`):process.stderr.write(` \u2713 Updated to ${t}. Please restart the command.
|
|
19
19
|
|
|
20
20
|
`),r();}),n.on("error",()=>{process.stderr.write(` \u2717 Update failed \u2014 continuing with current version.
|
|
21
21
|
|
|
22
|
-
`),r();});})}function
|
|
23
|
-
`;try{E.writeFileSync(Zn,e,{flag:"a"});}catch(r){process.stderr.write(`[flow-obs debug ERROR] ${r.message}
|
|
24
|
-
`);}}var Zn,D=p(()=>{T();Zn=gt.join(Jt.tmpdir(),nr);});function rs(t){if(!es.test(t))throw new Error(`Invalid tenant value: "${t}". Tenant must be lowercase alphanumeric and hyphens (1-64 chars).`)}function ns(t,e){let r=e.length>400?e.slice(0,400)+"\u2026":e;l("toAuthError",`status=${t} body=${r}`);try{let n=JSON.parse(e);if(typeof n.error=="string"&&(l("toAuthError",`api_error_code=${n.error}`+(n.message?` api_message=${n.message}`:"")),sr[n.error]))return new tt(sr[n.error])}catch{}return t===401||t===403||t===500?new tt("Invalid credentials"):t>=400&&t<500?new tt("Authentication request was rejected"):new Error("Authentication service unavailable, please try again later")}function j(t){return new Promise((e,r)=>{try{rs(t.tenant);}catch(u){return r(u)}let n=JSON.stringify({clientSecret:t.clientSecret}),s=new URL(Q.AUTH_ENGINE),o=s.protocol==="https:",i={hostname:s.hostname,port:s.port||(o?443:80),path:s.pathname+s.search,method:"POST",headers:{"Content-Type":"application/json","Content-Length":Buffer.byteLength(n),FlowTenant:t.tenant}};l("getToken",`requesting token tenant=${t.tenant} host=${i.hostname} path=${i.path}`);let c=(o?Dn__namespace.default:ts__namespace.default).request(i,u=>{let w=[];u.on("data",O=>w.push(O)),u.on("end",()=>{let O=w.join("");if((u.statusCode??0)>=400)return r(ns(u.statusCode??0,O));let m;try{m=JSON.parse(O);}catch{return r(new Error("Invalid response from auth engine"))}let k=m.expires_at??new Date(Date.now()+(m.expires_in??3600)*1e3).toISOString();e({accessToken:m.access_token??"",expiresAt:k});});});c.on("error",u=>r(new Error(`Network error: ${u.message}`))),c.write(n),c.end();})}var tt,es,sr,Nt=p(()=>{T();D();tt=class extends Error{constructor(e){super(e),this.name="AuthError";}},es=/^[a-z0-9][a-z0-9-]{0,62}[a-z0-9]$|^[a-z0-9]$/;sr={INVALID_CLIENT_SECRET:"Invalid Client Secret \u2014 check the value and try again",INVALID_CLIENT_ID:"Invalid Client ID \u2014 check the value and try again",INVALID_TENANT:"Invalid Tenant \u2014 check the value and try again",TENANT_NOT_FOUND:"Tenant not found \u2014 verify the tenant identifier"};});function Y(){if(process.env.WSL_DISTRO_NAME&&process.platform==="linux"){let t=process.env.USERPROFILE;if(!t){let r=child_process.spawnSync("cmd.exe",["/c","echo","%USERPROFILE%"],{encoding:"utf8",timeout:5e3}).stdout?.trim();r&&/^[A-Za-z]:\\/.test(r)&&(t=r);}if(t){let e=t.replace(/^([A-Za-z]):/,(r,n)=>`/mnt/${n.toLowerCase()}`).replace(/\\/g,"/");return gt__namespace.join(e,".claude","settings.json")}return gt__namespace.join(Jt__namespace.homedir(),".claude","settings.json")}if(process.platform==="win32"){let t=process.env.USERPROFILE||Jt__namespace.homedir();return gt__namespace.join(t,".claude","settings.json")}if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let e=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(e)return gt__namespace.join(e,".claude","settings.json")}return gt__namespace.join(Jt__namespace.homedir(),".claude","settings.json")}function ir(){return process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER?`Running as root via sudo is not recommended.
|
|
22
|
+
`),r();});})}function os(){try{let t=Ee();if(t){Ct(C().version,t.latestVersion)&&(t.updatePriority==="auto"?Se(t.latestVersion):we(t.latestVersion));return}setImmediate(()=>{lr((e,r)=>{e||!r||(cr(r.version,r.updatePriority),Ct(C().version,r.version)&&(r.updatePriority==="auto"?Se(r.version):we(r.version)));});});}catch{}}async function is(t={}){try{let e=Ee();if(!e||!Ct(C().version,e.latestVersion))return;if(e.updatePriority==="auto"){Se(e.latestVersion);return}if(!nr()){we(e.latestVersion);return}await ns(e.latestVersion,t.timeoutMs)&&await ss(e.latestVersion);}catch{}}function as(){try{if(Ee())return;setImmediate(()=>{lr((t,e)=>{t||!e||Ct(C().version,e.version)&&cr(e.version,e.updatePriority,0);});});}catch{}}var he,ar,es,rs,mt=p(()=>{sr();ar=Et__namespace.default.join(Q__namespace.default.tmpdir(),"flow-obs-update-cache.json"),es=1440*60*1e3,rs=3e3;});function ur(){if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let e=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(e)return {home:e,username:process.env.SUDO_USER}}return {home:Q__namespace.homedir(),username:process.env.SUDO_USER||process.env.USER||Q__namespace.userInfo().username}}function Y(){if(process.env.WSL_DISTRO_NAME&&process.platform==="linux"){let t=process.env.USERPROFILE;if(!t){let r=child_process.spawnSync("cmd.exe",["/c","echo","%USERPROFILE%"],{encoding:"utf8",timeout:5e3}).stdout?.trim();r&&/^[A-Za-z]:\\/.test(r)&&(t=r);}if(t){let e=t.replace(/^([A-Za-z]):/,(r,n)=>`/mnt/${n.toLowerCase()}`).replace(/\\/g,"/");return Et__namespace.join(e,".claude","settings.json")}return Et__namespace.join(Q__namespace.homedir(),".claude","settings.json")}if(process.platform==="win32"){let t=process.env.USERPROFILE||Q__namespace.homedir();return Et__namespace.join(t,".claude","settings.json")}if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let e=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(e)return Et__namespace.join(e,".claude","settings.json")}return Et__namespace.join(Q__namespace.homedir(),".claude","settings.json")}function dr(){return process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER?`Running as root via sudo is not recommended.
|
|
25
23
|
Configure npm to install globals without sudo:
|
|
26
24
|
npm config set prefix '~/.npm-global'
|
|
27
|
-
export PATH=~/.npm-global/bin:$PATH`:null}var
|
|
28
|
-
`,{encoding:"utf8",mode:384});try{E__namespace.chmodSync(
|
|
29
|
-
`,{encoding:"utf8",mode:384});try{E__namespace.chmodSync(e,384);}catch{}}finally{cr(r);}}var is,Rt=p(()=>{T();Nt();we();is=ft.LOCK_STALE_MS;});function Ct(){let t=Jt__namespace.default.homedir();if(process.platform==="darwin")return gt__namespace.default.join(t,"Library","Preferences",Wt,Kt);if(process.platform==="win32"){let r=process.env.APPDATA??gt__namespace.default.join(t,"AppData","Roaming");return gt__namespace.default.join(r,Wt,Kt)}let e=process.env.XDG_CONFIG_HOME??gt__namespace.default.join(t,".config");return gt__namespace.default.join(e,Wt,Kt)}function ye(){try{let t=E__namespace.default.readFileSync(Ct(),"utf8");return JSON.parse(t)}catch{return {}}}function dr(t){let e=Ct();E__namespace.default.mkdirSync(gt__namespace.default.dirname(e),{recursive:true}),E__namespace.default.writeFileSync(e,JSON.stringify(t,null,2),{encoding:"utf8",mode:384});}var Te,zt,pr=p(()=>{T();Te={credentials:"credentials","token-cache":"tokenCache"};zt=class{static isAvailable(){return true}static hasExistingData(){try{if(!E__namespace.default.existsSync(Ct()))return !1;let e=JSON.parse(E__namespace.default.readFileSync(Ct(),"utf8"));return !!(e&&e.credentials)}catch{return false}}async getSecret(e,r){let n=ye(),s=Te[r]??r,o=n[s];return o?typeof o=="string"?o:JSON.stringify(o):null}async setSecret(e,r,n){let s=ye(),o=Te[r]??r;if(r==="token-cache")try{s[o]=JSON.parse(n);}catch{s[o]=n;}else s[o]=n;dr(s);}async deleteSecret(e,r){let n=ye(),s=Te[r]??r;return s in n?(delete n[s],dr(n),true):false}getStoragePath(){return `config.json (unencrypted) \u2014 ${Ct()}`}};});var fr={};$(fr,{MacOsKeyVaultProvider:()=>ke});var _e,ke,mr=p(()=>{_e=util.promisify(child_process.execFile),ke=class{static async isAvailable(){try{return E.accessSync("/usr/bin/security",E.constants.X_OK),!0}catch{return false}}async getSecret(e,r){try{let{stdout:n}=await _e("security",["find-generic-password","-w","-a",r,"-s",e]);return n.trim()||null}catch{return null}}async setSecret(e,r,n){await _e("security",["add-generic-password","-U","-a",r,"-s",e,"-w",n]);}async deleteSecret(e,r){try{return await _e("security",["delete-generic-password","-a",r,"-s",e]),!0}catch{return false}}getStoragePath(){return "macOS Keychain"}};});var hr={};$(hr,{LinuxKeyVaultProvider:()=>Ae});var gr,Ae,wr=p(()=>{gr=util.promisify(child_process.execFile),Ae=class{static async isAvailable(){let e=["/usr/bin/secret-tool","/bin/secret-tool","/usr/local/bin/secret-tool"];for(let r of e)try{return E.accessSync(r,E.constants.X_OK),!0}catch{}return false}async getSecret(e,r){try{let{stdout:n}=await gr("secret-tool",["lookup","service",e,"account",r]);return n.trim()||null}catch{return null}}async setSecret(e,r,n){await new Promise((s,o)=>{let i=child_process.spawn("secret-tool",["store","--label",e,"service",e,"account",r]);i.on("error",o),i.on("close",a=>{a===0?s():o(new Error(`secret-tool exited with code ${a}`));}),i.stdin.write(n),i.stdin.end();});}async deleteSecret(e,r){try{return await gr("secret-tool",["clear","service",e,"account",r]),!0}catch{return false}}getStoragePath(){return "Linux Secret Service (libsecret)"}};});var Sr={};$(Sr,{WindowsKeyVaultProvider:()=>Oe});var Oe,Er=p(()=>{Oe=class{static async isAvailable(){try{return await bt("keytar").getPassword("__flow_probe__","__flow_probe__"),!0}catch{return false}}async getSecret(e,r){return bt("keytar").getPassword(e,r)}async setSecret(e,r,n){await bt("keytar").setPassword(e,r,n);}async deleteSecret(e,r){return bt("keytar").deletePassword(e,r)}getStoragePath(){return "Windows Credential Manager"}};});async function Tr(){return await Ss()??new zt}async function Ss(){switch(process.platform){case "darwin":{let{MacOsKeyVaultProvider:t}=await Promise.resolve().then(()=>(mr(),fr));return await t.isAvailable()?new t:null}case "linux":{let{LinuxKeyVaultProvider:t}=await Promise.resolve().then(()=>(wr(),hr));return await t.isAvailable()?new t:null}case "win32":{let{WindowsKeyVaultProvider:t}=await Promise.resolve().then(()=>(Er(),Sr));return await t.isAvailable()?new t:null}default:return null}}var yr=p(()=>{pr();});function wt(){return Le||(Le=Tr()),Le}async function _(){let e=await(await wt()).getSecret(ht,Ie);if(!e)return null;try{return JSON.parse(e)}catch{return null}}async function ve(t){if(!t.clientId||!t.clientSecret||!t.tenant)throw new Error("clientId, clientSecret and tenant are required");await(await wt()).setSecret(ht,Ie,JSON.stringify(t));}async function _r(){let t=await wt();await t.deleteSecret(ht,Ie),await t.deleteSecret(ht,be);}async function Ft(t){await(await wt()).setSecret(ht,be,JSON.stringify({accessToken:t.accessToken,expiresAt:t.expiresAt,lastAuthCheckAt:t.lastAuthCheckAt}));}async function St(){let e=await(await wt()).getSecret(ht,be);if(!e)return null;try{let r=JSON.parse(e);return {accessToken:r.accessToken,expiresAt:r.expiresAt,lastAuthCheckAt:r.lastAuthCheckAt}}catch{return null}}async function Zt(){let t=await St();return t?new Date(t.expiresAt)>new Date:false}async function et(){let t=await St();if(!t||!t.accessToken)return null;try{let e=t.accessToken.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return r.email??r.preferred_username??r.upn??r.sub??null}catch{return null}}async function Pe(){let t=await wt();if(typeof t.getStoragePath=="function")return t.getStoragePath();let e=process.platform;return e==="darwin"?"macOS Keychain":e==="win32"?"Windows Credential Manager":"Linux Secret Service (libsecret)"}async function kr(){let t=await _();return !!(t&&t.clientId&&t.clientSecret&&t.tenant)}var ht,Ie,be,Le,Et=p(()=>{yr();T();ht=Gt.SERVICE,Ie=Gt.ACCOUNT_CREDS,be=Gt.ACCOUNT_TOKEN,Le=null;});function Ne(){return gt__namespace.default.join(Jt__namespace.default.homedir(),".claude","flow-obs",".logged-out")}function Or(){try{let t=Ne();E__namespace.default.mkdirSync(gt__namespace.default.dirname(t),{recursive:!0}),E__namespace.default.writeFileSync(t,"",{mode:384});}catch{}}function Lr(){try{E__namespace.default.unlinkSync(Ne());}catch{}}function te(){try{return E__namespace.default.existsSync(Ne())}catch{return false}}var Ir=p(()=>{});function ys(t){return Ts.some(e=>e.test(t))}function _s(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return r.email||r.preferred_username||r.upn||r.sub||null}catch{return null}}function B(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8")),{clientId:n,clientSecret:s,tenant:o}=r;return !n||!s||!o?null:{clientId:n,clientSecret:s,tenant:o}}catch{return null}}function vr(t){let e=Buffer.from(JSON.stringify({alg:"none",typ:"JWT"})).toString("base64url"),r=Buffer.from(JSON.stringify({clientId:t.clientId,clientSecret:t.clientSecret,tenant:t.tenant})).toString("base64url");return `${e}.${r}.`}function br(t){let e;try{e=new URL(t);}catch{throw new Error(`Invalid URL: ${t}`)}let r=process.env[f.FLOW_OBS_ALLOW_HTTP]==="true";if(!r&&e.protocol!=="https:")throw new Error(`URL must use HTTPS: ${t}`);if(e.username||e.password)throw new Error(`URL must not contain embedded credentials: ${t}`);if(!r&&ys(e.hostname))throw new Error(`SSRF: private/loopback host not allowed: ${e.hostname}`);return t}async function Pr(){let t=B(process.env[f.ANTHROPIC_AUTH_TOKEN]);if(t)return {user:await et().catch(()=>null)??t.clientId,tenant:t.tenant};if(qt.KEYCHAIN_ENABLED)try{let e=await _();if(!e)return {user:"",tenant:""};let r=await et()??e.clientId??"",n=e.tenant??"";return {user:r,tenant:n}}catch{return {user:"",tenant:""}}return {user:"",tenant:""}}function ks(){return new Date().toISOString().slice(0,10)}async function As(t){let e=ks(),r=await St();if(r?.lastAuthCheckAt!==e){l("getOrRefreshToken",`daily auth check (last: ${r?.lastAuthCheckAt??"never"})`);try{let o=await j(t);try{await Ft({...o,lastAuthCheckAt:e});}catch{}return l("getOrRefreshToken",`daily check passed, expires=${o.expiresAt}`),o.accessToken}catch(o){if(o instanceof tt)throw o;l("getOrRefreshToken",`daily check network error \u2014 using cache: ${o.message}`);}}let n=r!=null&&new Date(r.expiresAt)>new Date;if(l("getOrRefreshToken",`cacheValid=${n}`),n)return l("getOrRefreshToken",`using cached token, expires=${r.expiresAt}`),r.accessToken;l("getOrRefreshToken",`token expired \u2014 refreshing via auth-engine (tenant=${t.tenant} clientId=${t.clientId})`);let s=await j(t);try{await Ft({...s,lastAuthCheckAt:e});}catch(o){l("getOrRefreshToken",`token cache save failed (non-fatal): ${o.message}`);}return l("getOrRefreshToken",`token refreshed, expires=${s.expiresAt}`),s.accessToken}function Os(t,e){let r=e&&e.accessToken?e.accessToken:"";return {endpoint:t.replace(/\/$/,"")+"/flow-langfuse-gateway/v1/traces",authHeader:`Bearer ${r}`}}function Ls(t,e,r){let n=Buffer.from(`${e}:${r}`).toString("base64");return {endpoint:t.replace(/\/$/,"")+"/api/public/otel/v1/traces",authHeader:`Basic ${n}`}}async function rt(){let t=[],e=process.env[f.ANTHROPIC_MODEL]??"",r=B(process.env[f.ANTHROPIC_AUTH_TOKEN]);l("resolveCredentials",r?"credentials resolved from ANTHROPIC_AUTH_TOKEN":"ANTHROPIC_AUTH_TOKEN absent or invalid"),r&&l("resolveCredentials",`clientId=${r.clientId}`,`tenant=${r.tenant}`),!r&&qt.KEYCHAIN_ENABLED&&(r=await _(),r&&l("resolveCredentials","credentials resolved from keychain (FEATURES.KEYCHAIN_ENABLED=true)"));let n=r?r.tenant:"",s=process.env[f.FLOW_TELEMETRY]==="true",o=process.env[f.LANGFUSE_BASE_URL],i=process.env[f.LANGFUSE_PUBLIC_KEY],a=process.env[f.LANGFUSE_SECRET_KEY];if(s&&o&&i&&a){let m="",k=n;if(r)m=await et().catch(()=>null)??r.clientId;else if(qt.KEYCHAIN_ENABLED)try{let I=await _();I&&(m=await et()??I.clientId,k=I.tenant);}catch{}let y={user:m??"",tenant:k??"",team:"",project:"",model:e};t.push({mode:"direct",...Ls(br(o),i,a),...y}),l("resolveCredentials","direct mode active",`user=${y.user}`,`tenant=${y.tenant}`);}if(!r){if(t.length===0){let m=[];return m.authError=false,m}return t}let c;try{c=await As(r);}catch(m){if(l("resolveCredentials",`token refresh failed: ${m.message}`,`(tenant=${r.tenant} clientId=${r.clientId})`),t.length>0)return t.authError=true,t;let k=[];return k.authError=true,k}let w={user:_s(c)??r.clientId,tenant:n,team:"",project:"",model:e},O=process.env[f.FLOW_TELEMETRY_GATEWAY]??x;return t.push({mode:"gateway",...Os(br(O),{accessToken:c}),...w}),t}async function Nr(){return (await rt()).length>0}var Ts,nt=p(()=>{Et();Nt();T();D();Ts=[/^localhost\.?$/i,/^127\./,/^10\./,/^172\.(1[6-9]|2\d|3[01])\./,/^192\.168\./,/^169\.254\./,/^0\.0\.0\.0$/,/^::1$/,/^\[::1\]$/,/^\[::ffff:/i,/^\[f[cd]/i,/^\[fe80:/i,/^metadata\.google\.internal\.?$/i,/^metadata\.azure\.internal\.?$/i,/(?:^|\.)localtest\.me\.?$/i,/(?:^|\.)lvh\.me\.?$/i,/(?:^|\.)vcap\.me\.?$/i];});var Ur={};$(Ur,{runLogin:()=>K,runLogout:()=>Ns,runStatus:()=>Rs});function W(t){return typeof t=="string"?t.replace(Is,""):t}function $t(t,e={}){return new Promise((r,n)=>{let{masked:s=false,defaultValue:o=""}=e;process.stdout.write(t+o);let i=o;function a(){try{process.stdin.setRawMode(!1);}catch{}}process.once("uncaughtException",a),process.once("unhandledRejection",a);let c=w=>{if(w===""){u(),n(new Error("SIGINT"));return}if(w==="\r"||w===`
|
|
30
|
-
`){u(),
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
`)),
|
|
34
|
-
`)),
|
|
35
|
-
|
|
36
|
-
`)),
|
|
37
|
-
`)),1}
|
|
38
|
-
`)),process.
|
|
39
|
-
|
|
40
|
-
`),
|
|
41
|
-
`)),
|
|
25
|
+
export PATH=~/.npm-global/bin:$PATH`:null}var Jt=p(()=>{});function gr(){if(process.platform==="win32"){let r=process.env.APPDATA||Et__namespace.join(Q__namespace.homedir(),"AppData","Roaming");return Et__namespace.join(r,pr,fr)}let t=ur(),e=process.env.XDG_CONFIG_HOME||Et__namespace.join(t.home,".config");return Et__namespace.join(e,pr,fr)}function hr(){try{let t=E__namespace.readFileSync(gr(),"utf8");return JSON.parse(t)}catch{return {}}}function ht(){return hr().baseUrl??null}function wr(t){let e=gr();E__namespace.mkdirSync(Et__namespace.dirname(e),{recursive:true});let n={...hr(),baseUrl:t};E__namespace.writeFileSync(e,JSON.stringify(n,null,2)+`
|
|
26
|
+
`,{encoding:"utf8",mode:384});try{E__namespace.chmodSync(e,384);}catch{}}var pr,fr,ye=p(()=>{Jt();pr="flow-ai-obs",fr="config.json";});function _e(){return ht()??process.env.FLOW_BASE_URL??"https://flow.ciandt.com"}function et(){let t=_e();return {AUTH_ENGINE:process.env.FLOW_AUTH_ENGINE_URL||`${t}/auth-engine-api/v2/api-key/token`,GATEWAY_TRACES:process.env.FLOW_GATEWAY_TRACES_URL||`${t}/flow-langfuse-gateway/v1/traces`,GATEWAY_HEALTH:process.env.FLOW_GATEWAY_HEALTH_URL||`${t}/flow-langfuse-gateway/v1/health`,OTEL_ENDPOINT:process.env.FLOW_OTEL_ENDPOINT_URL||`${t}/otel`}}var Xt,cs,zt,Zt,Qt,Ae,Ut,rt,f,te,wt,Sr,U,Er,D,T=p(()=>{ye();Xt=ht()??process.env.FLOW_BASE_URL??"https://flow.ciandt.com";cs=et(),zt={SERVICE:"flow-plugins-cli",ACCOUNT_CREDS:"credentials",ACCOUNT_TOKEN:"token-cache"},Zt="FLOW-nodejs",Qt="config.json",Ae={SCOPE_NAME:"flow-ai-obs",SCOPE_VERSION:"0.1.0"},Ut={ANTHROPIC_BASE_URL:process.env.FLOW_LLM_PROXY_URL??`${Xt}/flow-llm-proxy/`,ANTHROPIC_MODEL:process.env.FLOW_LLM_PROXY_MODEL??"anthropic.claude-4-6-sonnet",ANTHROPIC_SMALL_FAST_MODEL:process.env.FLOW_LLM_PROXY_SMALL_MODEL??"anthropic.claude-4-6-sonnet",CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS:"1"},rt={CLAUDE_CODE_ENABLE_TELEMETRY:"1",OTEL_EXPORTER_OTLP_ENDPOINT:cs.OTEL_ENDPOINT,OTEL_EXPORTER_OTLP_PROTOCOL:"http/json",OTEL_METRICS_EXPORTER:"otlp",OTEL_LOGS_EXPORTER:"otlp",OTEL_LOG_TOOL_DETAILS:"1",OTEL_LOG_USER_PROMPTS:"1"},f={FLOW_TELEMETRY:"FLOW_TELEMETRY",FLOW_TELEMETRY_GATEWAY:"FLOW_TELEMETRY_GATEWAY_URL",LANGFUSE_BASE_URL:"LANGFUSE_BASE_URL",LANGFUSE_PUBLIC_KEY:"LANGFUSE_PUBLIC_KEY",LANGFUSE_SECRET_KEY:"LANGFUSE_SECRET_KEY",ANTHROPIC_MODEL:"ANTHROPIC_MODEL",ANTHROPIC_AUTH_TOKEN:"ANTHROPIC_AUTH_TOKEN",FLOW_OBS_DEBUG:"FLOW_TELEMETRY_DEBUG",FLOW_OBS_ALLOW_HTTP:"FLOW_TELEMETRY_ALLOW_HTTP",BUFFER_TTL_DAYS:"FLOW_TELEMETRY_BUFFER_TTL_DAYS",BUFFER_MAX_FILES:"FLOW_TELEMETRY_BUFFER_MAX_FILES"},te={KEYCHAIN_ENABLED:false},wt={LOCK_STALE_MS:3e4,CONNECTIVITY_MAX_RETRY:3,CONNECTIVITY_RETRY_MS:2e3},Sr={UserPromptSubmit:5,PreToolUse:3,PostToolUse:10,Stop:15},U={FILE_PREFIX:"flow-obs-buffer-",DEFAULT_TTL_DAYS:4,MIN_TTL_DAYS:1,MAX_TTL_DAYS:30,DEFAULT_MAX_FILES:50,MIN_MAX_FILES:1,MAX_MAX_FILES:500,REPLAY_BATCH_SIZE:10},Er="flow-ai-obs-debug.log",D={TOOL_INPUT:2e4,TOOL_OUTPUT:2e4,TRACE_OUTPUT:2e4,USER_INSTRUCTION:1e4,TRACE_INPUT:5e4,TOOL_BRIEF:60},{API_URL:process.env.FLOW_METRICS_URL||`${Xt}/metrics-collector-api/log-event`,BOOSTER:"flow-ai-obs"};});function u(...t){if(process.env[f.FLOW_OBS_DEBUG]!=="1")return;let e=`[${new Date().toISOString()}] ${t.join(" ")}
|
|
27
|
+
`;try{E.writeFileSync(ps,e,{flag:"a"});}catch(r){process.stderr.write(`[flow-obs debug ERROR] ${r.message}
|
|
28
|
+
`);}}var ps,M=p(()=>{T();ps=Et.join(Q.tmpdir(),Er);});function hs(t){if(!gs.test(t))throw new Error(`Invalid tenant value: "${t}". Tenant must be lowercase alphanumeric and hyphens (1-64 chars).`)}function ws(t,e){let r=e.length>400?e.slice(0,400)+"\u2026":e;u("toAuthError",`status=${t} body=${r}`);try{let n=JSON.parse(e);if(typeof n.error=="string"&&(u("toAuthError",`api_error_code=${n.error}`+(n.message?` api_message=${n.message}`:"")),Tr[n.error]))return new nt(Tr[n.error])}catch{}return t===401||t===403||t===500?new nt("Invalid credentials"):t>=400&&t<500?new nt("Authentication request was rejected"):new Error("Authentication service unavailable, please try again later")}function G(t){return new Promise((e,r)=>{try{hs(t.tenant);}catch(l){return r(l)}let n=JSON.stringify({clientSecret:t.clientSecret}),s=new URL(et().AUTH_ENGINE),o=s.protocol==="https:",i={hostname:s.hostname,port:s.port||(o?443:80),path:s.pathname+s.search,method:"POST",headers:{"Content-Type":"application/json","Content-Length":Buffer.byteLength(n),FlowTenant:t.tenant}};u("getToken",`requesting token tenant=${t.tenant} host=${i.hostname} path=${i.path}`);let a=(o?Zn__namespace.default:ms__namespace.default).request(i,l=>{let m=[];l.on("data",k=>m.push(k)),l.on("end",()=>{let k=m.join("");if((l.statusCode??0)>=400)return r(ws(l.statusCode??0,k));let g;try{g=JSON.parse(k);}catch{return r(new Error("Invalid response from auth engine"))}let O=g.expires_at??new Date(Date.now()+(g.expires_in??3600)*1e3).toISOString();e({accessToken:g.access_token??"",expiresAt:O});});});a.on("error",l=>r(new Error(`Network error: ${l.message}`))),a.write(n),a.end();})}var nt,gs,Tr,Ft=p(()=>{T();M();nt=class extends Error{constructor(e){super(e),this.name="AuthError";}},gs=/^[a-z0-9][a-z0-9-]{0,62}[a-z0-9]$|^[a-z0-9]$/;Tr={INVALID_CLIENT_SECRET:"Invalid Client Secret \u2014 check the value and try again",INVALID_CLIENT_ID:"Invalid Client ID \u2014 check the value and try again",INVALID_TENANT:"Invalid Tenant \u2014 check the value and try again",TENANT_NOT_FOUND:"Tenant not found \u2014 verify the tenant identifier"};});function yr(t){try{let e=E__namespace.statSync(t);Date.now()-e.mtimeMs>Ts&&E__namespace.unlinkSync(t);}catch{}try{E__namespace.writeFileSync(t,String(process.pid),{flag:"wx"});}catch(e){throw e.code==="EEXIST"?new Error("Another install is already in progress. If this is stale, remove: "+t):e}}function _r(t){try{E__namespace.unlinkSync(t);}catch{}}function ys(t,e){let n=(Array.isArray(t)?t:[]).map(s=>{if(!Array.isArray(s?.hooks))return null;let o=s.hooks.filter(i=>!i.command?.startsWith?.("flow-ai-obs "));return o.length>0?{...s,hooks:o}:null}).filter(s=>s!=null);return [e,...n]}function Ar(){let t=Y(),e=t+".lock",r=[];E__namespace.mkdirSync(Et__namespace.dirname(t),{recursive:true}),yr(e);try{if(E__namespace.existsSync(t)){E__namespace.copyFileSync(t,t+".bkp");try{E__namespace.chmodSync(t+".bkp",384);}catch{}}let n={};try{n=JSON.parse(E__namespace.readFileSync(t,"utf8"));}catch{}let s=n.env&&typeof n.env=="object"?n.env:{};n.env={...rt,...Ut,...s},n.otelHeadersHelper="flow-ai-obs otel-headers",(!n.hooks||typeof n.hooks!="object"||Array.isArray(n.hooks))&&(n.hooks={});let o=(a,l)=>({matcher:"",hooks:[{type:"command",command:`flow-ai-obs ${a}`,timeout:l}]}),i=["UserPromptSubmit","PreToolUse","PostToolUse","Stop"],c=n.hooks;for(let a of i){let l=ys(c[a],o(a,Sr[a]));l.length>1&&r.push(a),c[a]=l;}E__namespace.writeFileSync(t,JSON.stringify(n,null,2)+`
|
|
29
|
+
`,{encoding:"utf8",mode:384});try{E__namespace.chmodSync(t,384);}catch{}}finally{_r(e);}return {settingsPath:t,preserved:r}}async function Or(t){let e;try{e=(await G(t)).accessToken;}catch{return false}return e?new Promise(r=>{Oe(`Bearer ${e}`,r,1);}):false}function Oe(t,e,r){let n=new URL(et().GATEWAY_TRACES),s=JSON.stringify({resourceSpans:[],validation_run:true}),o=n.protocol==="https:",i={hostname:n.hostname,port:n.port||(o?443:80),path:n.pathname,method:"POST",headers:{"Content-Type":"application/json",Authorization:t,"Content-Length":Buffer.byteLength(s)}},a=(o?Zn__namespace:ms__namespace).request(i,l=>{l.resume(),l.statusCode===200||l.statusCode===204?e(true):r<wt.CONNECTIVITY_MAX_RETRY?setTimeout(()=>Oe(t,e,r+1),wt.CONNECTIVITY_RETRY_MS):e(false);});a.on("error",()=>{r<wt.CONNECTIVITY_MAX_RETRY?setTimeout(()=>Oe(t,e,r+1),wt.CONNECTIVITY_RETRY_MS):e(false);}),a.write(s),a.end();}function St(t){let e=Y(),r=e+".lock";E__namespace.mkdirSync(Et__namespace.dirname(e),{recursive:true}),yr(r);try{let n={};try{n=JSON.parse(E__namespace.readFileSync(e,"utf8"));}catch{}(!n.env||typeof n.env!="object")&&(n.env={}),Object.assign(n.env,t),E__namespace.writeFileSync(e,JSON.stringify(n,null,2)+`
|
|
30
|
+
`,{encoding:"utf8",mode:384});try{E__namespace.chmodSync(e,384);}catch{}}finally{_r(r);}}var Ts,$t=p(()=>{T();Ft();Jt();Ts=wt.LOCK_STALE_MS;});function xt(){let t=Q__namespace.default.homedir();if(process.platform==="darwin")return Et__namespace.default.join(t,"Library","Preferences",Zt,Qt);if(process.platform==="win32"){let r=process.env.APPDATA??Et__namespace.default.join(t,"AppData","Roaming");return Et__namespace.default.join(r,Zt,Qt)}let e=process.env.XDG_CONFIG_HOME??Et__namespace.default.join(t,".config");return Et__namespace.default.join(e,Zt,Qt)}function ve(){try{let t=E__namespace.default.readFileSync(xt(),"utf8");return JSON.parse(t)}catch{return {}}}function kr(t){let e=xt();E__namespace.default.mkdirSync(Et__namespace.default.dirname(e),{recursive:true}),E__namespace.default.writeFileSync(e,JSON.stringify(t,null,2),{encoding:"utf8",mode:384});}var Le,ee,Lr=p(()=>{T();Le={credentials:"credentials","token-cache":"tokenCache"};ee=class{static isAvailable(){return true}static hasExistingData(){try{if(!E__namespace.default.existsSync(xt()))return !1;let e=JSON.parse(E__namespace.default.readFileSync(xt(),"utf8"));return !!(e&&e.credentials)}catch{return false}}async getSecret(e,r){let n=ve(),s=Le[r]??r,o=n[s];return o?typeof o=="string"?o:JSON.stringify(o):null}async setSecret(e,r,n){let s=ve(),o=Le[r]??r;if(r==="token-cache")try{s[o]=JSON.parse(n);}catch{s[o]=n;}else s[o]=n;kr(s);}async deleteSecret(e,r){let n=ve(),s=Le[r]??r;return s in n?(delete n[s],kr(n),true):false}getStoragePath(){return `config.json (unencrypted) \u2014 ${xt()}`}};});var vr={};$(vr,{MacOsKeyVaultProvider:()=>be});var Ie,be,Ir=p(()=>{Ie=util.promisify(child_process.execFile),be=class{static async isAvailable(){try{return E.accessSync("/usr/bin/security",E.constants.X_OK),!0}catch{return false}}async getSecret(e,r){try{let{stdout:n}=await Ie("security",["find-generic-password","-w","-a",r,"-s",e]);return n.trim()||null}catch{return null}}async setSecret(e,r,n){await Ie("security",["add-generic-password","-U","-a",r,"-s",e,"-w",n]);}async deleteSecret(e,r){try{return await Ie("security",["delete-generic-password","-a",r,"-s",e]),!0}catch{return false}}getStoragePath(){return "macOS Keychain"}};});var Rr={};$(Rr,{LinuxKeyVaultProvider:()=>Re});var br,Re,Pr=p(()=>{br=util.promisify(child_process.execFile),Re=class{static async isAvailable(){let e=["/usr/bin/secret-tool","/bin/secret-tool","/usr/local/bin/secret-tool"];for(let r of e)try{return E.accessSync(r,E.constants.X_OK),!0}catch{}return false}async getSecret(e,r){try{let{stdout:n}=await br("secret-tool",["lookup","service",e,"account",r]);return n.trim()||null}catch{return null}}async setSecret(e,r,n){await new Promise((s,o)=>{let i=child_process.spawn("secret-tool",["store","--label",e,"service",e,"account",r]);i.on("error",o),i.on("close",c=>{c===0?s():o(new Error(`secret-tool exited with code ${c}`));}),i.stdin.write(n),i.stdin.end();});}async deleteSecret(e,r){try{return await br("secret-tool",["clear","service",e,"account",r]),!0}catch{return false}}getStoragePath(){return "Linux Secret Service (libsecret)"}};});var Nr={};$(Nr,{WindowsKeyVaultProvider:()=>Pe});var Pe,Cr=p(()=>{Pe=class{static async isAvailable(){try{return await Nt("keytar").getPassword("__flow_probe__","__flow_probe__"),!0}catch{return false}}async getSecret(e,r){return Nt("keytar").getPassword(e,r)}async setSecret(e,r,n){await Nt("keytar").setPassword(e,r,n);}async deleteSecret(e,r){return Nt("keytar").deletePassword(e,r)}getStoragePath(){return "Windows Credential Manager"}};});async function Ur(){return await Ns()??new ee}async function Ns(){switch(process.platform){case "darwin":{let{MacOsKeyVaultProvider:t}=await Promise.resolve().then(()=>(Ir(),vr));return await t.isAvailable()?new t:null}case "linux":{let{LinuxKeyVaultProvider:t}=await Promise.resolve().then(()=>(Pr(),Rr));return await t.isAvailable()?new t:null}case "win32":{let{WindowsKeyVaultProvider:t}=await Promise.resolve().then(()=>(Cr(),Nr));return await t.isAvailable()?new t:null}default:return null}}var Fr=p(()=>{Lr();});function yt(){return Ne||(Ne=Ur()),Ne}async function A(){let e=await(await yt()).getSecret(Tt,Ce);if(!e)return null;try{return JSON.parse(e)}catch{return null}}async function Fe(t){if(!t.clientId||!t.clientSecret||!t.tenant)throw new Error("clientId, clientSecret and tenant are required");await(await yt()).setSecret(Tt,Ce,JSON.stringify(t));}async function $r(){let t=await yt();await t.deleteSecret(Tt,Ce),await t.deleteSecret(Tt,Ue);}async function Mt(t){await(await yt()).setSecret(Tt,Ue,JSON.stringify({accessToken:t.accessToken,expiresAt:t.expiresAt,lastAuthCheckAt:t.lastAuthCheckAt}));}async function _t(){let e=await(await yt()).getSecret(Tt,Ue);if(!e)return null;try{let r=JSON.parse(e);return {accessToken:r.accessToken,expiresAt:r.expiresAt,lastAuthCheckAt:r.lastAuthCheckAt}}catch{return null}}async function re(){let t=await _t();return t?new Date(t.expiresAt)>new Date:false}async function st(){let t=await _t();if(!t||!t.accessToken)return null;try{let e=t.accessToken.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return r.email??r.preferred_username??r.upn??r.sub??null}catch{return null}}async function $e(){let t=await yt();if(typeof t.getStoragePath=="function")return t.getStoragePath();let e=process.platform;return e==="darwin"?"macOS Keychain":e==="win32"?"Windows Credential Manager":"Linux Secret Service (libsecret)"}async function xr(){let t=await A();return !!(t&&t.clientId&&t.clientSecret&&t.tenant)}var Tt,Ce,Ue,Ne,At=p(()=>{Fr();T();Tt=zt.SERVICE,Ce=zt.ACCOUNT_CREDS,Ue=zt.ACCOUNT_TOKEN,Ne=null;});function Us(t){return Cs.some(e=>e.test(t))}function Fs(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return r.email||r.preferred_username||r.upn||r.sub||null}catch{return null}}function B(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8")),{clientId:n,clientSecret:s,tenant:o}=r;return !n||!s||!o?null:{clientId:n,clientSecret:s,tenant:o}}catch{return null}}function Dr(t){let e=Buffer.from(JSON.stringify({alg:"none",typ:"JWT"})).toString("base64url"),r=Buffer.from(JSON.stringify({clientId:t.clientId,clientSecret:t.clientSecret,tenant:t.tenant})).toString("base64url");return `${e}.${r}.`}function ne(t){let e;try{e=new URL(t);}catch{throw new Error(`Invalid URL: ${t}`)}let r=process.env[f.FLOW_OBS_ALLOW_HTTP]==="true";if(!r&&e.protocol!=="https:")throw new Error(`URL must use HTTPS: ${t}`);if(e.username||e.password)throw new Error(`URL must not contain embedded credentials: ${t}`);if(!r&&Us(e.hostname))throw new Error(`SSRF: private/loopback host not allowed: ${e.hostname}`);return t}async function Mr(){let t=B(process.env[f.ANTHROPIC_AUTH_TOKEN]);if(t)return {user:await st().catch(()=>null)??t.clientId,tenant:t.tenant};if(te.KEYCHAIN_ENABLED)try{let e=await A();if(!e)return {user:"",tenant:""};let r=await st()??e.clientId??"",n=e.tenant??"";return {user:r,tenant:n}}catch{return {user:"",tenant:""}}return {user:"",tenant:""}}function $s(){return new Date().toISOString().slice(0,10)}async function xs(t){let e=$s(),r=await _t();if(r?.lastAuthCheckAt!==e){u("getOrRefreshToken",`daily auth check (last: ${r?.lastAuthCheckAt??"never"})`);try{let o=await G(t);try{await Mt({...o,lastAuthCheckAt:e});}catch{}return u("getOrRefreshToken",`daily check passed, expires=${o.expiresAt}`),o.accessToken}catch(o){if(o instanceof nt)throw o;u("getOrRefreshToken",`daily check network error \u2014 using cache: ${o.message}`);}}let n=r!=null&&new Date(r.expiresAt)>new Date;if(u("getOrRefreshToken",`cacheValid=${n}`),n)return u("getOrRefreshToken",`using cached token, expires=${r.expiresAt}`),r.accessToken;u("getOrRefreshToken",`token expired \u2014 refreshing via auth-engine (tenant=${t.tenant} clientId=${t.clientId})`);let s=await G(t);try{await Mt({...s,lastAuthCheckAt:e});}catch(o){u("getOrRefreshToken",`token cache save failed (non-fatal): ${o.message}`);}return u("getOrRefreshToken",`token refreshed, expires=${s.expiresAt}`),s.accessToken}function Ds(t,e){let r=e&&e.accessToken?e.accessToken:"";return {endpoint:t.replace(/\/$/,"")+"/flow-langfuse-gateway/v1/traces",authHeader:`Bearer ${r}`}}function Ms(t,e,r){let n=Buffer.from(`${e}:${r}`).toString("base64");return {endpoint:t.replace(/\/$/,"")+"/api/public/otel/v1/traces",authHeader:`Basic ${n}`}}async function ot(){let t=[],e=process.env[f.ANTHROPIC_MODEL]??"",r=B(process.env[f.ANTHROPIC_AUTH_TOKEN]);u("resolveCredentials",r?"credentials resolved from ANTHROPIC_AUTH_TOKEN":"ANTHROPIC_AUTH_TOKEN absent or invalid"),r&&u("resolveCredentials",`clientId=${r.clientId}`,`tenant=${r.tenant}`),!r&&te.KEYCHAIN_ENABLED&&(r=await A(),r&&u("resolveCredentials","credentials resolved from keychain (FEATURES.KEYCHAIN_ENABLED=true)"));let n=r?r.tenant:"",s=process.env[f.FLOW_TELEMETRY]==="true",o=process.env[f.LANGFUSE_BASE_URL],i=process.env[f.LANGFUSE_PUBLIC_KEY],c=process.env[f.LANGFUSE_SECRET_KEY];if(s&&o&&i&&c){let g="",O=n;if(r)g=await st().catch(()=>null)??r.clientId;else if(te.KEYCHAIN_ENABLED)try{let v=await A();v&&(g=await st()??v.clientId,O=v.tenant);}catch{}let _={user:g??"",tenant:O??"",team:"",project:"",model:e};t.push({mode:"direct",...Ms(ne(o),i,c),..._}),u("resolveCredentials","direct mode active",`user=${_.user}`,`tenant=${_.tenant}`);}if(!r){if(t.length===0){let g=[];return g.authError=false,g}return t}let a;try{a=await xs(r);}catch(g){if(u("resolveCredentials",`token refresh failed: ${g.message}`,`(tenant=${r.tenant} clientId=${r.clientId})`),t.length>0)return t.authError=true,t;let O=[];return O.authError=true,O}let m={user:Fs(a)??r.clientId,tenant:n,team:"",project:"",model:e},k=process.env[f.FLOW_TELEMETRY_GATEWAY]??_e();return t.push({mode:"gateway",...Ds(ne(k),{accessToken:a}),...m}),t}async function Br(){return (await ot()).length>0}var Cs,q=p(()=>{At();Ft();T();M();Cs=[/^localhost\.?$/i,/^127\./,/^10\./,/^172\.(1[6-9]|2\d|3[01])\./,/^192\.168\./,/^169\.254\./,/^0\.0\.0\.0$/,/^::1$/,/^\[::1\]$/,/^\[::ffff:/i,/^\[f[cd]/i,/^\[fe80:/i,/^metadata\.google\.internal\.?$/i,/^metadata\.azure\.internal\.?$/i,/(?:^|\.)localtest\.me\.?$/i,/(?:^|\.)lvh\.me\.?$/i,/(?:^|\.)vcap\.me\.?$/i];});function xe(){return Et__namespace.default.join(Q__namespace.default.homedir(),".claude","flow-obs",".logged-out")}function jr(){try{let t=xe();E__namespace.default.mkdirSync(Et__namespace.default.dirname(t),{recursive:!0}),E__namespace.default.writeFileSync(t,"",{mode:384});}catch{}}function Vr(){try{E__namespace.default.unlinkSync(xe());}catch{}}function oe(){try{return E__namespace.default.existsSync(xe())}catch{return false}}var Yr=p(()=>{});var De={};$(De,{runLogin:()=>Ot,runLogout:()=>Gs,runStatus:()=>Ws});function J(t){return typeof t=="string"?t.replace(Hs,""):t}function Bt(t,e={}){return new Promise((r,n)=>{let{masked:s=false,defaultValue:o=""}=e;process.stdout.write(t+o);let i=o;function c(){try{process.stdin.setRawMode(!1);}catch{}}process.once("uncaughtException",c),process.once("unhandledRejection",c);let a=m=>{if(m===""){l(),n(new Error("SIGINT"));return}if(m==="\r"||m===`
|
|
31
|
+
`){l(),process.stdout.write(`
|
|
32
|
+
`),r(i);return}if(m==="\x7F"){i.length>0&&(i=i.slice(0,-1),process.stdout.write("\b \b"));return}m.startsWith("\x1B")||(i+=m,process.stdout.write(s?"*".repeat(m.length):m));};function l(){process.stdin.setRawMode(false),process.stdin.removeListener("data",a),process.removeListener("uncaughtException",c),process.removeListener("unhandledRejection",c);}process.stdin.setRawMode(true),process.stdin.resume(),process.stdin.setEncoding("utf8"),process.stdin.on("data",a);})}async function Gr(t){if(!oe())try{let e=await A();(!e||e.clientId!==t.clientId||e.clientSecret!==t.clientSecret||e.tenant!==t.tenant)&&await Fe(t);}catch{}}async function Wr(t){let{accessToken:e,expiresAt:r}=await G(t);await Fe(t),await Mt({accessToken:e,expiresAt:r}),Vr();try{let n=Dr(t);St({[f.ANTHROPIC_AUTH_TOKEN]:n});}catch{}}async function js(t){try{return await Wr(t),process.stdout.write(N(` \u2713 Setup complete. Tenant: ${J(t.tenant)}
|
|
33
|
+
|
|
34
|
+
`)),0}catch(e){return process.stderr.write(j(` \u2717 Authentication failed: ${J(e.message)}
|
|
35
|
+
`)),1}}async function Vs(){try{process.stdout.write(`
|
|
36
|
+
`);let t=(await Bt(x(" ? ")+"Client ID: ")).trim(),e=(await Bt(x(" ? ")+"Client Secret: ",{masked:!0})).trim(),r=(await Bt(x(" ? ")+"Tenant: ")).trim();if(!t||!e||!r)return process.stderr.write(j(` \u2717 All fields are required
|
|
37
|
+
`)),1;try{await Wr({clientId:t,clientSecret:e,tenant:r});}catch(n){return process.stderr.write(j(` \u2717 Authentication failed: ${J(n.message)}
|
|
38
|
+
`)),1}return process.stdout.write(N(` \u2713 Setup complete. Tenant: ${J(r)}
|
|
39
|
+
`)),process.stdout.write(` Storage: ${await $e()}
|
|
40
|
+
|
|
41
|
+
`),0}catch(t){if(t.message==="SIGINT")throw t;return process.stderr.write(j(` \u2717 Unexpected error: ${t.message}
|
|
42
|
+
`)),1}}async function Ot(t={}){if(t.clientId&&t.clientSecret&&t.tenant)return js({clientId:t.clientId,clientSecret:t.clientSecret,tenant:t.tenant});let e=oe()?null:B(process.env[f.ANTHROPIC_AUTH_TOKEN]);e&&await Gr(e);let r=e||await A();if(r){process.stdout.write(`
|
|
42
43
|
`),process.stdout.write(V(` Already authenticated
|
|
43
|
-
`)),process.stdout.write(S(" Tenant: ")+
|
|
44
|
-
`),process.stdout.write(S(" Client ID: ")+
|
|
44
|
+
`)),process.stdout.write(S(" Tenant: ")+J(r.tenant)+`
|
|
45
|
+
`),process.stdout.write(S(" Client ID: ")+J(r.clientId)+`
|
|
45
46
|
`),process.stdout.write(`
|
|
46
|
-
`);let n;try{n=await
|
|
47
|
-
`),130;throw s}if(n.trim().toLowerCase()!=="y")return process.stdout.write(
|
|
47
|
+
`);let n;try{n=await Bt(x(" ? ")+"Re-authenticate? (y/N): ");}catch(s){if(s.message==="SIGINT")return process.stdout.write(`
|
|
48
|
+
`),130;throw s}if(n.trim().toLowerCase()!=="y")return process.stdout.write(N(` \u2713 Using existing credentials.
|
|
48
49
|
|
|
49
|
-
`)),0}try{return await
|
|
50
|
-
`),130;throw n}}async function
|
|
51
|
-
`),(await
|
|
50
|
+
`)),0}try{return await Vs()}catch(n){if(n.message==="SIGINT")return process.stdout.write(`
|
|
51
|
+
`),130;throw n}}async function Ys(){try{return process.stdout.write(`
|
|
52
|
+
`),(await Bt(x(" ? ")+"Are you sure? This will remove your local credentials. (y/N): ")).toLowerCase()!=="y"?(process.stdout.write(y(` \u26A0 Logout cancelled
|
|
52
53
|
`)),0):null}catch(t){if(t.message==="SIGINT")return process.stdout.write(`
|
|
53
|
-
`),130;throw t}}async function
|
|
54
|
-
`)),0;if(!t){let e=await
|
|
55
|
-
`)),0}catch{return process.stderr.write(
|
|
56
|
-
`)),1}}async function
|
|
54
|
+
`),130;throw t}}async function Gs(t=false){if(!await xr())return process.stdout.write(y(` \u26A0 You are not authenticated
|
|
55
|
+
`)),0;if(!t){let e=await Ys();if(e!==null)return e}try{return await $r(),jr(),process.stdout.write(N(` \u2713 Credentials removed successfully
|
|
56
|
+
`)),0}catch{return process.stderr.write(j(` \u2717 Error removing credentials
|
|
57
|
+
`)),1}}async function Ws(){if(oe())return process.stdout.write(y(" \u26A0 Not authenticated. Run `flow-ai-obs auth login` to set up.\n")),0;let t=B(process.env[f.ANTHROPIC_AUTH_TOKEN]);t&&await Gr(t);let e=t||await A();if(!e)return process.stdout.write(y(" \u26A0 Not authenticated. Run `flow-ai-obs auth login` to set up.\n")),0;if(!t&&!await re())return process.stdout.write(y(" \u26A0 Session expired. Run `flow-ai-obs auth login` to re-authenticate.\n")),0;let r=e.clientSecret.length>4?"****...****"+e.clientSecret.slice(-4):"****",n=t?"ANTHROPIC_AUTH_TOKEN (settings.json)":await $e();return process.stdout.write(`
|
|
57
58
|
`+V(` Authenticated
|
|
58
|
-
`)),process.stdout.write(S(" Tenant: ")+
|
|
59
|
-
`),process.stdout.write(S(" Client ID: ")+
|
|
59
|
+
`)),process.stdout.write(S(" Tenant: ")+J(e.tenant)+`
|
|
60
|
+
`),process.stdout.write(S(" Client ID: ")+J(e.clientId)+`
|
|
60
61
|
`),process.stdout.write(S(" Client Secret: ")+r+`
|
|
61
62
|
`),process.stdout.write(S(" Storage: ")+n+`
|
|
62
63
|
|
|
63
|
-
`),0}var
|
|
64
|
-
|
|
64
|
+
`),0}var Hs,Ht=p(()=>{At();Yr();Ft();q();$t();T();pt();Hs=/[\x00-\x08\x0B-\x1F\x7F]|\x1b\[[0-9;]*[a-zA-Z]/g;});var Xr={};$(Xr,{runInstall:()=>Me});function Ks(){if(process.env.WSL_DISTRO_NAME&&process.platform==="linux")return child_process.spawnSync("cmd.exe",["/c","where","claude"],{encoding:"utf8",timeout:5e3}).status===0;let t=process.platform==="win32"?"where":"which";return child_process.spawnSync(t,["claude"],{encoding:"utf8",timeout:5e3}).status===0}function qs(){try{let t=E__namespace.readFileSync(Y(),"utf8"),e=JSON.parse(t);return !!(e.env&&e.env[f.ANTHROPIC_AUTH_TOKEN])}catch{return false}}function Js(t){let e;try{e=new URL(t);}catch{throw new Error(`Invalid URL: ${t}`)}if(e.protocol!=="https:")throw new Error(`Custom URL must use HTTPS: ${t}`);let r=process.env[f.FLOW_OBS_ALLOW_HTTP];try{delete process.env[f.FLOW_OBS_ALLOW_HTTP],ne(t);}finally{r!==void 0&&(process.env[f.FLOW_OBS_ALLOW_HTTP]=r);}if(e.pathname!=="/"&&e.pathname!=="")throw new Error(`Custom URL must be a base URL with no path beyond the root.
|
|
65
|
+
Received: ${t}
|
|
66
|
+
Expected: https://tenant.example.com`);if(e.search)throw new Error(`Custom URL must not contain query parameters.
|
|
67
|
+
Received: ${t}
|
|
68
|
+
Expected: https://tenant.example.com`);if(e.hash)throw new Error(`Custom URL must not contain fragment.
|
|
69
|
+
Received: ${t}
|
|
70
|
+
Expected: https://tenant.example.com`);return t.replace(/\/$/,"")}async function Me(t={}){if(!Ks()){let a=qr[process.platform]||qr.linux;return process.stderr.write(`
|
|
71
|
+
`+j(` \u2717 Claude Code is not installed or not found in PATH.
|
|
65
72
|
|
|
66
|
-
`)
|
|
73
|
+
`)+` flow-ai-obs requires Claude Code to function.
|
|
74
|
+
Install it with:
|
|
67
75
|
|
|
68
|
-
|
|
76
|
+
`+x(` ${a}`)+`
|
|
77
|
+
|
|
78
|
+
`),1}process.env.WSL_DISTRO_NAME&&process.platform==="linux"&&process.stdout.write(y(` \u26A0 WSL detected.
|
|
79
|
+
`)+y(` Claude Code runs on Windows and can only call tools installed there.
|
|
80
|
+
`)+y(" Install flow-ai-obs on Windows too: ")+x(`npm install -g @ciandt-flow/flow-ai-obs
|
|
81
|
+
|
|
82
|
+
`));let e=null,r=null;if(t.url){let a;try{a=Js(t.url);}catch(m){return process.stderr.write(`
|
|
83
|
+
\u2717 Invalid --custom-url: ${m.message}
|
|
84
|
+
|
|
85
|
+
`),1}let l=ht();try{wr(a);}catch(m){return process.stderr.write(`
|
|
86
|
+
\u2717 Failed to persist custom URL: ${m.message}
|
|
87
|
+
|
|
88
|
+
`),1}e=a,r={OTEL_EXPORTER_OTLP_ENDPOINT:`${a}/otel`,ANTHROPIC_BASE_URL:`${a}/flow-llm-proxy/`},l&&l!==a&&process.stdout.write(y(` \u26A0 Base URL updated.
|
|
89
|
+
`)+S(` Previous: ${l}
|
|
90
|
+
`)+S(` New: ${a}
|
|
91
|
+
|
|
92
|
+
`));}if(!qs()){process.stdout.write(y(` \u26A0 No credentials found in settings.json \u2014 authentication required.
|
|
93
|
+
|
|
94
|
+
`));let{runLogin:a}=await Promise.resolve().then(()=>(Ht(),De)),l=await a();if(l!==0)return l}let n,s;try{(({settingsPath:n,preserved:s}=Ar())),r&&St(r);}catch(a){return process.stderr.write(` \u2717 Failed to write settings: ${a.message}
|
|
69
95
|
`),1}process.stdout.write(`
|
|
70
96
|
`+V(" Native OTEL configured")+` (metrics & logs)
|
|
71
|
-
`);for(let[
|
|
97
|
+
`);let o=r?{...rt,OTEL_EXPORTER_OTLP_ENDPOINT:r.OTEL_EXPORTER_OTLP_ENDPOINT}:rt;for(let[a,l]of Object.entries(o))process.stdout.write(S(` ${a.padEnd(36)}`)+l+`
|
|
72
98
|
`);process.stdout.write(`
|
|
73
99
|
`),process.stdout.write(V(" Hooks registered")+` (Langfuse trace capture)
|
|
74
100
|
`),process.stdout.write(S(" UserPromptSubmit")+` \u2192 flow-ai-obs UserPromptSubmit (timeout: 5s)
|
|
75
101
|
`),process.stdout.write(S(" PreToolUse ")+` \u2192 flow-ai-obs PreToolUse (timeout: 3s)
|
|
76
102
|
`),process.stdout.write(S(" PostToolUse ")+` \u2192 flow-ai-obs PostToolUse (timeout: 10s)
|
|
77
103
|
`),process.stdout.write(S(" Stop ")+` \u2192 flow-ai-obs Stop (timeout: 15s)
|
|
78
|
-
`),
|
|
79
|
-
`),process.stdout.write(
|
|
104
|
+
`),s.length>0&&(process.stdout.write(`
|
|
105
|
+
`),process.stdout.write(y(` \u26A0 Third-party hooks detected and preserved on: ${s.join(", ")}
|
|
80
106
|
`)),process.stdout.write(S(` flow-ai-obs was prepended \u2014 it executes first.
|
|
81
107
|
`))),process.stdout.write(`
|
|
82
|
-
`),process.stdout.write(S(" Settings: ")+
|
|
83
|
-
`),process.stdout.write(S(" Backup: ")+
|
|
108
|
+
`),process.stdout.write(S(" Settings: ")+n+`
|
|
109
|
+
`),process.stdout.write(S(" Backup: ")+n+`.bkp
|
|
84
110
|
`),process.stdout.write(S(" OTEL auth: flow-ai-obs otel-headers")+S(` (reads keychain at runtime)
|
|
85
|
-
`))
|
|
86
|
-
`),
|
|
87
|
-
`)
|
|
111
|
+
`));let i=e??ht()??process.env.FLOW_BASE_URL??"https://flow.ciandt.com";process.stdout.write(S(" Base URL: ")+i+`
|
|
112
|
+
`),process.stdout.write(`
|
|
113
|
+
`),process.stdout.write(N(` \u2713 Ready. Native OTEL + Langfuse trace capture active.
|
|
114
|
+
`)),process.stdout.write(S(" Run `flow-ai-obs setup` to also configure the Flow LLM Proxy.\n\n"));let c=dr();return c&&process.stdout.write(y(` \u26A0 ${c}
|
|
88
115
|
|
|
89
|
-
`)),0}var
|
|
116
|
+
`)),0}var qr,Be=p(()=>{$t();T();pt();Jt();ye();q();qr={darwin:`npm install -g @anthropic-ai/claude-code
|
|
117
|
+
or visit: https://claude.ai/download`,linux:"npm install -g @anthropic-ai/claude-code",win32:`npm install -g @anthropic-ai/claude-code
|
|
118
|
+
or visit: https://claude.ai/download`};});var zr={};$(zr,{runSetup:()=>Xs});async function Xs(t={}){process.stdout.write(`
|
|
90
119
|
\u2554\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2557
|
|
91
120
|
`),process.stdout.write(`\u2551 flow-ai-obs \u2014 setup \u2551
|
|
92
121
|
`),process.stdout.write(`\u255A\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u255D
|
|
93
122
|
|
|
94
|
-
`);let e=await
|
|
123
|
+
`);let e=await Ot(t);if(e!==0)return process.stderr.write(`
|
|
95
124
|
Setup aborted. Run \`flow-ai-obs auth login\` to retry.
|
|
96
125
|
|
|
97
126
|
`),e;process.stdout.write(`
|
|
98
|
-
`);let r=await
|
|
127
|
+
`);let r=await Me();if(r!==0)return r;try{St(Ut);}catch(s){process.stderr.write(` \u26A0 Could not write LLM Proxy config: ${s.message}
|
|
99
128
|
`);}process.stdout.write(V(" Flow LLM Proxy configured")+` (model provider)
|
|
100
|
-
`);for(let[s,o]of Object.entries(
|
|
129
|
+
`);for(let[s,o]of Object.entries(Ut))process.stdout.write(S(` ${s.padEnd(36)}`)+o+`
|
|
101
130
|
`);process.stdout.write(`
|
|
102
131
|
`),process.stdout.write(` Validating connectivity to Flow OTEL endpoint\u2026
|
|
103
|
-
`);let n=await
|
|
132
|
+
`);let n=await A();return n?await Or(n)?process.stdout.write(N(` \u2713 Connectivity validated \u2014 telemetry is active.
|
|
104
133
|
|
|
105
|
-
`)):process.stdout.write(
|
|
134
|
+
`)):process.stdout.write(y(` \u26A0 Could not reach the OTEL endpoint. Telemetry will activate once connectivity is restored.
|
|
106
135
|
|
|
107
|
-
`)):process.stdout.write(
|
|
136
|
+
`)):process.stdout.write(y(` \u26A0 Could not read stored credentials \u2014 skipping connectivity check.
|
|
108
137
|
|
|
109
|
-
`)),process.stdout.write(
|
|
138
|
+
`)),process.stdout.write(N(` \u2713 Setup complete!
|
|
110
139
|
`)),process.stdout.write(S(` Settings: ${Y()}
|
|
111
140
|
|
|
112
|
-
`)),0}var
|
|
141
|
+
`)),0}var Zr=p(()=>{T();pt();Ht();Be();$t();At();});var Qr={};$(Qr,{runOtelHeaders:()=>zs});async function zs(){let t=B(process.env[f.ANTHROPIC_AUTH_TOKEN]);if(!t)try{t=await A();}catch{return process.stderr.write(`[flow-ai-obs otel-headers] Failed to read credentials
|
|
113
142
|
`),1}if(!t)return process.stderr.write(`[flow-ai-obs otel-headers] Not authenticated \u2014 run: flow-ai-obs auth login
|
|
114
|
-
`),1;let e;try{e=(await
|
|
143
|
+
`),1;let e;try{e=(await G(t)).accessToken;}catch(r){return process.stderr.write(`[flow-ai-obs otel-headers] Token fetch failed: ${r.message}
|
|
115
144
|
`),1}return e?(process.stdout.write(`{"Authorization": "Bearer ${e}"}
|
|
116
145
|
`),0):(process.stderr.write(`[flow-ai-obs otel-headers] Empty token received
|
|
117
|
-
`),1)}var
|
|
118
|
-
`);}function
|
|
119
|
-
`);}function
|
|
120
|
-
`);}function
|
|
121
|
-
`);}function
|
|
122
|
-
`);}async function
|
|
123
|
-
`),
|
|
124
|
-
`);let t=B(process.env[f.ANTHROPIC_AUTH_TOKEN]),e=t||await
|
|
125
|
-
`);}if(!t&&!await
|
|
126
|
-
`);}let r=await
|
|
127
|
-
`);let n={};try{let
|
|
128
|
-
`),process.env[f.FLOW_TELEMETRY]==="true"){
|
|
129
|
-
`),
|
|
130
|
-
`)[0].slice(0,e).trim()}function
|
|
131
|
-
`);for(let r=e.length-1;r>=0;r--)try{let n=JSON.parse(e[r]);if(n.type==="user"&&n.uuid)return n.uuid}catch{}}catch{}return null}function
|
|
132
|
-
`),r=[],n=0,s=0;for(let o=e.length-1;o>=0;o--)try{let i=JSON.parse(e[o]);if(i.type==="user")break;if(i.type==="assistant"){let
|
|
133
|
-
|
|
134
|
-
`),inputTokens:n,outputTokens:s}}catch{}return null}var
|
|
135
|
-
`)[0].match(/^\/([a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?)(?:\s.*)?$/i)?.[1]??null}function
|
|
136
|
-
`);return}let r=t.session_id||"unknown",n=t.prompt||"",s=t.cwd||"",o=
|
|
137
|
-
`,{flag:"a",encoding:"utf8",mode:384}),
|
|
138
|
-
${
|
|
139
|
-
${r}`},{re:/\b(AKIA[0-9A-Z]{16})\b/g,replace:()=>`AKIA${
|
|
140
|
-
`)),
|
|
141
|
-
`),process.stdout.write(JSON.stringify(e));}}var
|
|
142
|
-
`),process.exit(0);});});var
|
|
143
|
-
`),process.exit(0);}else if(
|
|
146
|
+
`),1)}var tn=p(()=>{At();Ft();q();T();});var rn={};$(rn,{runCheck:()=>Zs});function He(t){return !t||t.length<=8?"****":t.slice(0,4)+"****...****"+t.slice(-4)}function jt(t){process.stdout.write(` \u2713 ${t}
|
|
147
|
+
`);}function ie(t){process.stdout.write(` \u26A0 ${t}
|
|
148
|
+
`);}function ae(t){process.stdout.write(` \u2717 ${t}
|
|
149
|
+
`);}function I(t){process.stdout.write(` ${t}
|
|
150
|
+
`);}function b(){process.stdout.write(`
|
|
151
|
+
`);}async function Zs(){b(),process.stdout.write(` flow-claude-observability \u2014 configuration check
|
|
152
|
+
`),b(),process.stdout.write(` Auth
|
|
153
|
+
`);let t=B(process.env[f.ANTHROPIC_AUTH_TOKEN]),e=t||await A();if(!e){ie("Not authenticated \u2014 starting setup..."),b();let c=await Ot();if(c!==0)return c;if(t=B(process.env[f.ANTHROPIC_AUTH_TOKEN]),e=t||await A(),!e)return ae("Authentication failed"),b(),1;b(),process.stdout.write(` Auth
|
|
154
|
+
`);}if(!t&&!await re()){ie("Session expired \u2014 re-authenticating..."),b();let c=await Ot();if(c!==0)return c;b(),process.stdout.write(` Auth
|
|
155
|
+
`);}let r=await st()||e.clientId;jt("Authenticated"),I(`Tenant: ${e.tenant}`),I(`User: ${r}`),b(),process.stdout.write(` Native OTEL
|
|
156
|
+
`);let n={};try{let c=E__namespace.readFileSync(Y(),"utf8");n=JSON.parse(c).env||{};}catch{}let s=Object.keys(rt).filter(c=>!n[c]);if(s.length===0?(jt("All OTEL env vars present in settings.json"),I(`Endpoint: ${n.OTEL_EXPORTER_OTLP_ENDPOINT}`)):(ie(`${s.length} OTEL var(s) missing from settings.json \u2014 native metrics/logs disabled`),s.forEach(c=>ae(`Missing: ${c}`)),I("Run: flow-ai-obs install (restores missing vars automatically)")),b(),process.stdout.write(` Tracing
|
|
157
|
+
`),process.env[f.FLOW_TELEMETRY]==="true"){jt("FLOW_TELEMETRY=true (direct mode enabled)");let c=[f.LANGFUSE_BASE_URL,f.LANGFUSE_PUBLIC_KEY,f.LANGFUSE_SECRET_KEY].filter(a=>!process.env[a]);c.length>0&&c.forEach(a=>ie(`Missing: ${a}`));}else I("FLOW_TELEMETRY not set \u2014 direct mode inactive (gateway mode may still be active)");let i=await ot();if(!i||i.length===0)return i&&i.authError?ae("Token refresh failed \u2014 gateway mode could not activate"):(ae("No active destinations \u2014 no traces will be sent"),I("For direct mode: set FLOW_TELEMETRY=true + LANGFUSE_BASE_URL + LANGFUSE_PUBLIC_KEY + LANGFUSE_SECRET_KEY"),I("For gateway mode: run flow-claude-observability auth login")),b(),1;for(let c of i)if(c.mode==="gateway"){let a=await _t();jt("Mode: gateway"),I(`Endpoint: ${c.endpoint}`),I(`Token: ${He(a?.accessToken)}`);}else c.mode==="direct"&&(jt("Mode: direct"),I(`Endpoint: ${c.endpoint}`),I(`PK: ${He(process.env[f.LANGFUSE_PUBLIC_KEY])}`),I(`SK: ${He(process.env[f.LANGFUSE_SECRET_KEY])}`));return b(),process.stdout.write(` All checks passed \u2014 observability is active.
|
|
158
|
+
`),b(),0}var nn=p(()=>{At();q();$t();T();Ht();});function H(t,e){let r=typeof t=="object"?JSON.stringify(t):String(t??"");return r.length>e?r.slice(0,e)+" \u2026[truncated]":r}function ce(t,e=100){return String(t??"").split(`
|
|
159
|
+
`)[0].slice(0,e).trim()}function je(){return new Promise(t=>{let e="";process.stdin.setEncoding("utf8"),process.stdin.on("data",r=>{e+=r;}),process.stdin.on("end",()=>{try{t(JSON.parse(e));}catch{t({});}});})}function F(t){process.stdout.write(JSON.stringify(t));}var kt=p(()=>{});function X(){return String(BigInt(Date.now())*1000000n)}var Ve,it,Vt=p(()=>{Ve=()=>crypto.randomBytes(16).toString("hex"),it=()=>crypto.randomBytes(8).toString("hex");});function lo(t,e){let r=Et.resolve(t);if(!r.startsWith(e))throw new Error(`Path traversal detected: ${t}`);return r}function Ye(t){if(!ao.test(t))throw new Error(`Invalid session ID: ${t}`);return lo(Et.join(Q.tmpdir(),`flow-obs-${t}.json`),co)}function Lt(t){let e=Ye(t);if(!E.existsSync(e))return null;try{return JSON.parse(E.readFileSync(e,"utf8"))}catch{return null}}function vt(t,e){E.writeFileSync(Ye(t),JSON.stringify(e),{encoding:"utf8",mode:384});}function Ge(t){try{E.unlinkSync(Ye(t));}catch{}}var ao,co,Yt=p(()=>{ao=/^[0-9a-f-]{1,64}$/i,co=Et.normalize(Q.tmpdir())+Et.sep;});function ln(t){if(!t||!E.existsSync(t))return null;try{let e=E.readFileSync(t,"utf8").trimEnd().split(`
|
|
160
|
+
`);for(let r=e.length-1;r>=0;r--)try{let n=JSON.parse(e[r]);if(n.type==="user"&&n.uuid)return n.uuid}catch{}}catch{}return null}function We(t){if(!t||!E.existsSync(t))return null;try{let e=E.readFileSync(t,"utf8").trimEnd().split(`
|
|
161
|
+
`),r=[],n=0,s=0;for(let o=e.length-1;o>=0;o--)try{let i=JSON.parse(e[o]);if(i.type==="user")break;if(i.type==="assistant"){let a=(i.message?.content??[]).filter(m=>m.type==="text").map(m=>m.text??"").join("");a&&r.unshift(a);let l=i.message?.usage??{};n+=(l.input_tokens??0)+(l.cache_read_input_tokens??0)+(l.cache_creation_input_tokens??0),s+=l.output_tokens??0;}}catch{}return !r.length&&n===0?null:{text:r.join(`
|
|
162
|
+
|
|
163
|
+
`),inputTokens:n,outputTokens:s}}catch{}return null}var Ke=p(()=>{});function pn(t){return t.replace(":","/")}function le(t,e){if(!t)return null;let r=pn(t),n=[Et.join(Q.homedir(),".claude","skills",r,"SKILL.md"),Et.join(e??"",".claude","skills",r,"SKILL.md")];for(let s of n)if(E.existsSync(s))try{return E.readFileSync(s,"utf8")}catch{}return null}function fn(t){return t.split(`
|
|
164
|
+
`)[0].match(/^\/([a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?)(?:\s.*)?$/i)?.[1]??null}function mn(t){return !!t.slashSkill||t.toolCalls.some(n=>n.tool==="Skill")?t.toolCalls.some(n=>n.tool==="Skill"&&!n.synthetic||wo.has(n.tool))?"complete":"prerequisite_required":null}function ue(t,e){if(!t)return null;let r=pn(t),n=[Et.join(Q.homedir(),".claude","skills",r),Et.join(e??"",".claude","skills",r)],s=null;for(let c of n)if(E.existsSync(Et.join(c,"SKILL.md"))){s=c;break}if(!s)return null;let o=[];function i(c,a){for(let l of E.readdirSync(c,{withFileTypes:true})){if(mo.has(l.name)||ho.has(l.name)||go.has(Et.extname(l.name)))continue;let m=a?`${a}/${l.name}`:l.name;l.isDirectory()?i(Et.join(c,l.name),m):o.push(m);}}return i(s,""),o.length>0?o:null}var mo,go,ho,wo,de=p(()=>{mo=new Set([".venv","__pycache__",".git","node_modules"]),go=new Set([".pyc",".pyo"]),ho=new Set(["SKILL.md",".DS_Store",".gitignore"]);wo=new Set(["Read","Write","Edit","MultiEdit","Bash","Glob","Grep","TodoWrite","WebFetch","WebSearch","Agent","Task"]);});async function qe(t,e=false){if(e){process.stdout.write(JSON.stringify({decision:"block",reason:So})+`
|
|
165
|
+
`);return}let r=t.session_id||"unknown",n=t.prompt||"",s=t.cwd||"",o=ln(t.transcript_path)||Ve(),i=fn(n),c=i?le(i,s):null,a=i?ue(i,s):null;vt(r,{traceId:Ve(),spanId:it(),startNs:X(),sessionId:r,prompt:n,cwd:s,traceName:o,transcriptPath:t.transcript_path||"",model:process.env[f.ANTHROPIC_MODEL]||"",toolCalls:[],spans:[],pendingTool:null,slashSkill:i,skillContent:c,skillArtifacts:a}),u("UserPromptSubmit",`sid=${r}`,`traceName=${o}`,`slashSkill=${i}`),F(t);}var So,gn=p(()=>{Vt();Yt();Ke();de();kt();M();T();So=`\u26D4 Your Flow API key has expired. You no longer have access to Claude Code through the Flow platform. To restore observability and access, visit ${Xt}/settings/api-keys to generate a new API key, then run: flow-ai-obs auth login`;});async function hn(t){let e=t.session_id||"unknown",r=t.tool_name||"unknown",n=t.tool_input||{},s=Lt(e);s&&(s.pendingTool={name:r,inputStr:H(n,D.TOOL_INPUT),startNs:X()},vt(e,s)),u("PreToolUse",`sid=${e}`,`tool=${r}`,`stateFound=${!!s}`),F(t);}var wn=p(()=>{Vt();Yt();kt();M();T();});function d(t,e){return e==null||e===""?null:{key:t,value:{stringValue:String(e)}}}function at(...t){return t.filter(e=>e!==null)}function Sn(t,e){return {resourceSpans:[{resource:{attributes:t},scopeSpans:[{scope:Eo,spans:Array.isArray(e)?e:[e]}]}]}}var Eo,w,En=p(()=>{T();Eo={name:Ae.SCOPE_NAME,version:Ae.SCOPE_VERSION},w={TRACE_NAME:"langfuse.trace.name",TRACE_INPUT:"langfuse.trace.input",TRACE_OUTPUT:"langfuse.trace.output",TRACE_METADATA:"langfuse.trace.metadata",TRACE_TAGS:"langfuse.trace.tags",USER_ID:"langfuse.user.id",SESSION_ID:"langfuse.session.id",OBS_NAME:"langfuse.observation.name",OBS_INPUT:"langfuse.observation.input",OBS_OUTPUT:"langfuse.observation.output",OBS_LEVEL:"langfuse.observation.level",OBS_TYPE:"langfuse.observation.type",MODEL:"gen_ai.request.model",INPUT_TOKENS:"gen_ai.usage.input_tokens",OUTPUT_TOKENS:"gen_ai.usage.output_tokens"};});function yn(t,e,r,n,s){if(process.env[f.FLOW_OBS_DEBUG]!=="1")return;let o=JSON.stringify({ts:new Date().toISOString(),request:{method:"POST",url:t,headers:e,body:JSON.parse(r)},response:{status:n,body:s}});try{E.writeFileSync(Tn,o+`
|
|
166
|
+
`,{flag:"a",encoding:"utf8",mode:384}),u("sendTraces:dump",`request appendada em ${Tn}`);}catch(i){u("sendTraces:dump",`falha ao salvar: ${i.message}`);}}function ko(t){let e=new URL(t),r=new URL(et().GATEWAY_HEALTH);return r.hostname=e.hostname,r.port=e.port,r.protocol=e.protocol,r}function _n(t,e){return new Promise((r,n)=>{let s=t._isSSL?Zn__namespace.default:ms__namespace.default;t.headers=Object.assign({},t.headers,{Connection:"close"});let o=s.request(t,i=>{let c=[];i.on("data",a=>c.push(a)),i.on("end",()=>r({statusCode:i.statusCode??0,body:c.join("")}));});o.setTimeout(1e4,()=>{o.destroy(new Error("Request timeout"));}),o.on("error",i=>n(new Error(`Network error: ${i.message}`))),e&&o.write(e),o.end();})}async function An(t,e){let r;try{r=ko(t);}catch{return false}let n=r.protocol==="https:";try{let s={};e&&(s.Authorization=String(e).replace(/[\r\n]/g,""));let o=await _n({hostname:r.hostname,port:r.port||(n?443:80),path:r.pathname,method:"GET",headers:s,_isSSL:n},null);return u("checkHealth",`url=${r.href} status=${o.statusCode}`),o.statusCode>=200&&o.statusCode<300}catch{return false}}async function pe(t,e,r){let n=JSON.stringify(t),s=new URL(e),o=s.protocol==="https:",i=String(r).replace(/[\r\n]/g,""),c={"Content-Type":"application/json",Authorization:i,"Content-Length":Buffer.byteLength(n)};u("sendTraces:request",`POST ${e}`),u("sendTraces:request",`headers=${JSON.stringify({...c,Authorization:i.slice(0,20)+"\u2026"})}`),u("sendTraces:request",`body=${n.slice(0,500)}${n.length>500?"\u2026":""}`);try{let a=await _n({hostname:s.hostname,port:s.port||(o?443:80),path:s.pathname,method:"POST",headers:c,_isSSL:o},n);return u("sendTraces:response",`status=${a.statusCode}`),yn(e,c,n,a.statusCode,a.body),a.statusCode}catch(a){return u("sendTraces:error",a.message),yn(e,c,n,0,a.message),0}}var Tn,On=p(()=>{T();M();Tn=Et.join(Q.tmpdir(),"flow-obs-requests.ndjson");});function Lo(){let t=parseInt(process.env[f.BUFFER_TTL_DAYS]??"",10);return (Number.isFinite(t)?Math.max(U.MIN_TTL_DAYS,Math.min(U.MAX_TTL_DAYS,t)):U.DEFAULT_TTL_DAYS)*24*60*60*1e3}function vo(){let t=parseInt(process.env[f.BUFFER_MAX_FILES]??"",10);return Number.isFinite(t)?Math.max(U.MIN_MAX_FILES,Math.min(U.MAX_MAX_FILES,t)):U.DEFAULT_MAX_FILES}function Ln(t){if(/[/\\]/.test(t))throw new Error(`Invalid buffer fileId: ${t}`);return Et__namespace.default.join(Q__namespace.default.tmpdir(),`${U.FILE_PREFIX}${t}.json`)}function Xe(){let t=Q__namespace.default.tmpdir(),e;try{e=E__namespace.default.readdirSync(t);}catch{return []}return e.filter(r=>r.startsWith(U.FILE_PREFIX)&&r.endsWith(".json")).map(r=>{let n=Et__namespace.default.join(t,r),s=0;try{s=E__namespace.default.statSync(n).mtimeMs;}catch{}return {full:n,mtime:s}}).sort((r,n)=>r.mtime-n.mtime).map(r=>r.full)}function Gt(t){try{let e=vo(),r=Xe();if(r.length>=e){let o=r.slice(0,r.length-e+1);for(let i of o)try{E__namespace.default.unlinkSync(i);}catch{}}let n=`${Date.now()}-${Math.random().toString(36).slice(2,8)}`,s={fileId:n,bufferedAt:Date.now(),payload:t};return E__namespace.default.writeFileSync(Ln(n),JSON.stringify(s),{encoding:"utf8",mode:384}),u("buffer",`saved fileId=${n}`),n}catch(e){return u("buffer",`saveToBuffer failed: ${e.message}`),null}}function vn(t){let e=Xe(),r=t!=null&&t>0?t:e.length,n=[];for(let s of e){if(n.length>=r)break;try{let o=E__namespace.default.readFileSync(s,"utf8"),i=JSON.parse(o);i&&i.fileId&&i.payload&&n.push(i);}catch{u("buffer",`skipping malformed file: ${s}`);}}return n}function In(t){try{E__namespace.default.unlinkSync(Ln(t)),u("buffer",`deleted fileId=${t}`);}catch{}}function bn(){let t=Date.now()-Lo();for(let e of Xe())try{let{mtimeMs:r}=E__namespace.default.statSync(e);r<t&&(E__namespace.default.unlinkSync(e),u("buffer",`evicted stale: ${Et__namespace.default.basename(e)}`));}catch{}}var Rn=p(()=>{T();M();});async function Io(t){bn();let e=vn(U.REPLAY_BATCH_SIZE);e.length&&(u("replayBufferedTraces",`replaying ${e.length} buffered trace(s)`),await Promise.allSettled(e.map(async r=>{try{let n=await pe(r.payload,t.endpoint,t.authHeader);n>=200&&n<300?(In(r.fileId),u("replayBufferedTraces",`replayed fileId=${r.fileId} status=${n}`)):u("replayBufferedTraces",`replay failed fileId=${r.fileId} status=${n}`);}catch(n){u("replayBufferedTraces",`replay error fileId=${r.fileId}: ${n.message}`);}})));}async function Pn(t){let e=await ot();if(!e.length)return e.authError&&(u("postToLangfuse","auth refresh failed \u2014 buffering trace"),Gt(t)),0;let r=await Promise.all(e.map(async o=>{if(o.mode!=="gateway")return {creds:o,healthy:true};let i=await An(o.endpoint,o.authHeader);return {creds:o,healthy:i}})),n=r.find(o=>o.creds.mode==="gateway"&&o.healthy)?.creds??r.find(o=>o.creds.mode==="direct")?.creds;return n&&await Io(n),(await Promise.all(r.map(async({creds:o,healthy:i})=>{if(o.mode==="gateway"){if(!i)return u("postToLangfuse","gateway health check failed \u2014 buffering trace"),Gt(t),0;let a=await pe(t,o.endpoint,o.authHeader);return (a===0||a>=500)&&(u("postToLangfuse",`gateway send failed (status ${a}) \u2014 buffering trace`),Gt(t)),a}let c=await pe(t,o.endpoint,o.authHeader);return (c===0||c>=500)&&(u("postToLangfuse",`direct endpoint unavailable (status ${c}) \u2014 buffering trace`),Gt(t)),c}))).find(o=>o!==0)??0}var Nn=p(()=>{q();M();On();Rn();T();});var ze=p(()=>{En();Nn();});function bt(t){if(t==null)return "";let e=typeof t=="string"?t:JSON.stringify(t);return bo.reduce((r,{re:n,replace:s})=>r.replace(n,s),e)}var R,bo,Ze=p(()=>{R="[REDACTED]",bo=[{re:/\b(sk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`sk-${R}`},{re:/\b(pk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`pk-${R}`},{re:/\b(Bearer\s+)[A-Za-z0-9\-._~+/]+=*/gi,replace:(t,e)=>`${e}${R}`},{re:/\b(Basic\s+)[A-Za-z0-9+/]+=*/gi,replace:(t,e)=>`${e}${R}`},{re:/(-----BEGIN [A-Z ]+-----)[^-]*(-----END [A-Z ]+-----)/g,replace:(t,e,r)=>`${e}
|
|
167
|
+
${R}
|
|
168
|
+
${r}`},{re:/\b(AKIA[0-9A-Z]{16})\b/g,replace:()=>`AKIA${R}`},{re:/(aws_secret_access_key\s*[=:]\s*)([A-Za-z0-9/+]{40})/gi,replace:(t,e)=>`${e}${R}`},{re:/\b(ghp_[A-Za-z0-9]{36,})/g,replace:()=>`ghp_${R}`},{re:/\b(github_pat_[A-Za-z0-9_]{36,})/gi,replace:()=>`github_pat_${R}`},{re:/\b(eyJ[A-Za-z0-9_\-]+\.eyJ[A-Za-z0-9_\-]+\.[A-Za-z0-9_\-]+)/g,replace:()=>`eyJ.${R}`},{re:/\b([A-Z0-9_]*(?:SECRET|TOKEN|KEY|PASSWORD|PASSWD|PWD|CREDENTIAL|API)[A-Z0-9_]*\s*=\s*)(['"]?)([^\s'"#\n]+)\2/gi,replace:(t,e,r)=>`${e}${r}${R}${r}`},{re:/([a-z][a-z0-9+\-.]*:\/\/[^:/?#\s]*):([^@\s]+)@/gi,replace:(t,e)=>`${e}:${R}@`}];});async function Cn(t){let e=t.session_id||"unknown",r=t.tool_name||"unknown",n=t.tool_input||{},s=t.tool_response||"",o=Lt(e);if(!o){F(t);return}let i=X(),c=o.pendingTool,a=c?.name===r,l=a?c.startNs:String(BigInt(i)-200000000n),m=a?c.inputStr:H(n,D.TOOL_INPUT),k=m,g=null;if(r==="Skill"){let Pt=typeof n=="object"&&n!==null?n.skill||n.name||n.skillName||n.commandName||String(Object.values(n)[0]??""):String(n);g=Pt?String(Pt).trim():null;let ut=g?le(g,o.cwd):null;ut&&(k=ut,o.skillContent||(o.skillContent=ut),o.skillArtifacts||(o.skillArtifacts=ue(g,o.cwd))),g&&!o.slashSkill&&(o.slashSkill=g),u("PostToolUse","Skill tool detected",`skillName=${g}`,`contentFound=${!!ut}`);}let O=bt(H(s,D.TOOL_OUTPUT)),_=/\b(error|exception|failed|failure|traceback|errno)\b/i.test(O.slice(0,500)),v=_?"ERROR":"DEFAULT",Kt=it(),lt=Math.round(Number(BigInt(i)-BigInt(l))/1e6),Rt={Agent:"AGENT",Task:"AGENT"}[r]??"TOOL",fe=r==="Skill"&&g?g:ce(m,60);o.toolCalls.push({tool:r,brief:fe,error:_,durationMs:lt});let W=o.spans;W.push({traceId:o.traceId,spanId:Kt,parentSpanId:o.spanId,name:r,kind:3,startTimeUnixNano:l,endTimeUnixNano:i,attributes:at(d(w.OBS_NAME,r),d(w.OBS_TYPE,Rt),d(w.OBS_LEVEL,v),d(w.OBS_INPUT,bt(k)),d(w.OBS_OUTPUT,O),d("tool.name",r),d("tool.error",String(_)),r==="Skill"&&g?d("skill.name",g):null,r==="Skill"?d("skill.invocation","slash-command"):null),status:{code:_?2:1}}),o.pendingTool=null,vt(e,o),u("PostToolUse",`sid=${e}`,`tool=${r}`,`error=${_}`,`durationMs=${lt}`,`totalSpans=${W.length}`),F(t);}var Un=p(()=>{Vt();Yt();ze();kt();de();M();T();Ze();});function $n(t,e,r){let n=Object.keys(Fn).find(i=>(t??"").toLowerCase().includes(i));if(!n)return;let s=Fn[n],o=(e*s.input+r*s.output)/1e6;return Math.round(o*1e6)/1e6}var Fn,xn=p(()=>{Fn={"claude-opus-4-6":{input:15,output:75},"claude-opus-4-5":{input:15,output:75},"claude-sonnet-4-6":{input:3,output:15},"claude-sonnet-4-5":{input:3,output:15},"claude-haiku-4-5":{input:.8,output:4},"claude-4-6-opus":{input:15,output:75},"claude-4-6-sonnet":{input:3,output:15},"claude-4-5-opus":{input:15,output:75},"claude-4-5-sonnet":{input:3,output:15},"claude-4-5-haiku":{input:.8,output:4},"claude-3-5-sonnet-20241022":{input:3,output:15},"claude-3-5-haiku-20241022":{input:.8,output:4},"claude-3-opus-20240229":{input:15,output:75}};});async function Dn(t){let e=t.session_id||"unknown",r=t.stop_reason||"end_turn",n=Lt(e);if(!n){F(t);return}n.slashSkill&&!/^[a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?$/i.test(n.slashSkill)&&(u("Stop",`sid=${e}`,`slashSkill rejected post-disk: "${n.slashSkill}"`),n.slashSkill=null);let s=X(),o=await Mr(),i=n.toolCalls,c=n.spans;if(n.slashSkill&&!i.some(h=>h.tool==="Skill")){let h=it(),Z=n.skillContent?n.skillContent:JSON.stringify({skill:n.slashSkill});i.push({tool:"Skill",brief:n.slashSkill,error:false,durationMs:0,synthetic:true}),c.push({traceId:n.traceId,spanId:h,parentSpanId:n.spanId,name:"Skill",kind:3,startTimeUnixNano:n.startNs,endTimeUnixNano:n.startNs,attributes:at(d(w.OBS_NAME,"Skill"),d(w.OBS_TYPE,"TOOL"),d(w.OBS_LEVEL,"DEFAULT"),d(w.OBS_INPUT,Z),d(w.OBS_OUTPUT,"loaded via slash command"),d("tool.name","Skill"),d("tool.error","false"),d("skill.name",n.slashSkill),d("skill.invocation","slash-command")),status:{code:1}}),u("Stop",`slashSkill=${n.slashSkill}`,"synthetic span injected");}let a=t.transcript_path||n.transcriptPath||"",l=We(a);if(a&&(i.some(h=>h.tool==="Skill"&&!h.synthetic)||!!n.slashSkill)&&!l?.text){await new Promise(Z=>setTimeout(Z,500));let h=We(a);h?.text&&(l=h);}u("Stop",`transcriptPath=${a||"(empty)"}`,`assistantOut=${l?`text=${l.text.length}chars`:"null"}`);let k=i.length,g=i.filter(h=>h.error).length,O=bt(l?.text?H(l.text,D.TRACE_OUTPUT):k===0?"No tools used":i.map((h,Z)=>`${Z+1}. ${h.tool}${h.brief?` \u2192 ${h.brief}`:""}${h.error?" [ERROR]":""}`).join(`
|
|
169
|
+
`)),_=l?.inputTokens??0,v=l?.outputTokens??0,Kt=i.map((h,Z)=>`${Z+1}. ${h.tool}${h.brief?` \u2192 ${h.brief}`:""}${h.error?" [ERROR]":""} (${h.durationMs}ms)`),lt=!!(n.slashSkill||i.some(h=>h.tool==="Skill")),Qe=i.some(h=>h.tool==="Agent");if(!lt&&!Qe){u("Stop",`sid=${e}`,"skipping trace \u2014 no Skill or Agent calls found"),Ge(e),F(t);return}let Rt=lt?"skill":"agent",fe=Math.round(Number(BigInt(s)-BigInt(n.startNs))/1e6),tr=$n(n.model,_,v),W=mn(n);W==="prerequisite_required"&&l?.text&&(W="complete"),W==="prerequisite_required"&&(c.push({traceId:n.traceId,spanId:it(),parentSpanId:n.spanId,name:"prerequisite-check",kind:3,startTimeUnixNano:n.startNs,endTimeUnixNano:s,attributes:at(d(w.OBS_NAME,"prerequisite-check"),d(w.OBS_TYPE,"EVENT"),d(w.OBS_LEVEL,"WARNING"),d(w.OBS_OUTPUT,O),d("skill.name",n.slashSkill||void 0),d("execution_status","prerequisite_required")),status:{code:1}}),u("Stop",`sid=${e}`,"prerequisite-check span injected",`skill=${n.slashSkill}`));let Pt=(()=>{if(!(!lt||!n.prompt)){if(n.slashSkill){let h=n.prompt.replace(new RegExp(`^\\/${n.slashSkill}\\s*`,"i"),"").trim();return h?H(h,D.USER_INSTRUCTION):void 0}return H(n.prompt,D.USER_INSTRUCTION)||void 0}})(),ut=JSON.stringify({trace_type:Rt,...W!==null&&{execution_status:W},...n.slashSkill?{skill_name:n.slashSkill}:{},...n.skillArtifacts?.length&&{skill_artifacts:n.skillArtifacts},...Pt!==void 0&&{user_instruction:Pt},latency_ms:fe,..._&&{tokens_input:_},...v&&{tokens_output:v},cost_usd:tr,...n.model?{model:n.model}:{},toolCount:k,errorCount:g,stopReason:r,sessionId:n.sessionId,tools:Kt.length?Kt:void 0}),er=bt(H(n.prompt,D.TRACE_INPUT)),Hn=at(d(w.TRACE_NAME,n.traceName),d(w.TRACE_INPUT,er),d(w.TRACE_OUTPUT,O),d(w.OBS_INPUT,er),d(w.OBS_OUTPUT,O),d(w.TRACE_METADATA,ut),d(w.SESSION_ID,n.sessionId),d(w.USER_ID,o.user),d(w.OBS_TYPE,"GENERATION"),d(w.MODEL,n.model),_?d(w.INPUT_TOKENS,_):null,v?d(w.OUTPUT_TOKENS,v):null,d("claude.stop_reason",r),d("claude.tool_count",String(k)),d("claude.error_count",String(g)),d("claude.session_id",n.sessionId),d("flow.trace_type",Rt),{key:w.TRACE_TAGS,value:{arrayValue:{values:[{stringValue:Rt}]}}}),jn={traceId:n.traceId,spanId:n.spanId,name:n.traceName,kind:1,startTimeUnixNano:n.startNs,endTimeUnixNano:s,attributes:Hn,status:{code:g>0?2:1}},Vn=at(d("service.name",process.env.LANGFUSE_PROJECT_NAME||"claude-code"),d("deployment.environment",process.env.LANGFUSE_ENVIRONMENT||"default")),rr=[...c,jn];u("Stop",`sid=${e}`,`totalTools=${k}`,`errorTools=${g}`,`spans=${rr.length}`,`inputTokens=${_}`,`outputTokens=${v}`,`traceOutput="${ce(O,80)}"`);let Yn=await Pn(Sn(Vn,rr));u("Stop",`POST status=${Yn}`,`traceId=${n.traceId}`),Ge(e),F(t);}var Mn=p(()=>{Vt();Yt();ze();q();xn();Ke();kt();M();de();Ze();T();});async function Ro(){let t=process.argv[2];if(t==="UserPromptSubmit"){let r=await je(),n;try{n=await ot();}catch{process.stdout.write(JSON.stringify(r));return}n.authError?await qe(r,true):n.length>0?await qe(r):process.stdout.write(JSON.stringify(r));return}if(!await Br()){let r=[];process.stdin.on("data",n=>r.push(n)),process.stdin.on("end",()=>process.stdout.write(r.join("")));return}let e=await je();switch(t){case "PreToolUse":await hn(e);break;case "PostToolUse":await Cn(e);break;case "Stop":await Dn(e);break;default:process.stderr.write(`[flow-obs] unknown event: ${t}
|
|
170
|
+
`),process.stdout.write(JSON.stringify(e));}}var Bn=p(()=>{q();kt();gn();wn();Un();Mn();Ro().catch(t=>{process.stderr.write(`[flow-obs] fatal: ${t.message}
|
|
171
|
+
`),process.exit(0);});});var No=new Set(["UserPromptSubmit","PreToolUse","PostToolUse","Stop"]),[,,P,Wt]=process.argv;function ct(t,e){let r=t.indexOf(e);return r!==-1?t[r+1]:void 0}if(P==="--version"||P==="-v"){let{version:t}=qt();process.stdout.write(t+`
|
|
172
|
+
`),process.exit(0);}else if(P==="--help"||P==="-h"){let{bold:t,cyan:e,dim:r}=(pt(),L(ge)),{version:n}=qt();process.stdout.write(`
|
|
144
173
|
`+t(" flow-ai-obs")+r(" v"+n)+`
|
|
145
174
|
|
|
146
175
|
`),process.stdout.write(e(" init")+r(` Auth (if needed) + hooks + native OTEL
|
|
176
|
+
`)),process.stdout.write(r(` --custom-url <URL> Set a custom Flow base URL (e.g. https://tenant.example.com)
|
|
147
177
|
`)),process.stdout.write(e(" setup")+r(` Full Flow wizard: auth + hooks + OTEL + LLM proxy + connectivity
|
|
148
178
|
`)),process.stdout.write(e(" auth login")+r(` Authenticate with Flow (clientId / clientSecret / tenant)
|
|
149
179
|
`)),process.stdout.write(e(" auth logout")+r(` Remove credentials
|
|
@@ -158,16 +188,17 @@ ${r}`},{re:/\b(AKIA[0-9A-Z]{16})\b/g,replace:()=>`AKIA${P}`},{re:/(aws_secret_ac
|
|
|
158
188
|
|
|
159
189
|
`)),process.stdout.write(r(` (Hook events: UserPromptSubmit | PreToolUse | PostToolUse | Stop)
|
|
160
190
|
|
|
161
|
-
`)),process.exit(0);}else if(
|
|
162
|
-
`),await(
|
|
163
|
-
`),process.exit(1);});else if(
|
|
164
|
-
`),process.exit(1);});else if(
|
|
191
|
+
`)),process.exit(0);}else if(P==="init"||P==="install")(async()=>{P==="install"&&process.stderr.write(`Warning: "install" is deprecated, use "init" instead
|
|
192
|
+
`),await(mt(),L(ft)).checkForUpdateInteractive();let{runInstall:t}=(Be(),L(Xr)),e=process.argv.slice(3);process.exit(await t({url:ct(e,"--custom-url")}));})().catch(t=>{process.stderr.write(`Unexpected error: ${t.message}
|
|
193
|
+
`),process.exit(1);});else if(P==="setup")(async()=>{await(mt(),L(ft)).checkForUpdateInteractive();let{runSetup:t}=(Zr(),L(zr)),e=process.argv.slice(3);process.exit(await t({clientId:ct(e,"--client-id"),clientSecret:ct(e,"--client-secret"),tenant:ct(e,"--tenant")}));})().catch(t=>{process.stderr.write(`Unexpected error: ${t.message}
|
|
194
|
+
`),process.exit(1);});else if(P==="auth")(async()=>{let{runLogin:t,runLogout:e,runStatus:r}=(Ht(),L(De)),n=0;if(Wt==="login"||!Wt){await(mt(),L(ft)).checkForUpdateInteractive();let s=process.argv.slice(4);n=await t({clientId:ct(s,"--client-id"),clientSecret:ct(s,"--client-secret"),tenant:ct(s,"--tenant")});}else if(Wt==="logout"){let s=process.argv.includes("--force");n=await e(s);}else Wt==="status"?(await(mt(),L(ft)).checkForUpdateInteractive(),n=await r()):(process.stderr.write(`Unknown auth subcommand: ${Wt}
|
|
165
195
|
`),process.stderr.write(`Usage: flow-ai-obs auth [login|logout|status]
|
|
166
|
-
`),n=1);process.exit(n);})();else if(
|
|
167
|
-
`),process.exit(1);});else if(
|
|
196
|
+
`),n=1);process.exit(n);})();else if(P==="otel-headers"){let{runOtelHeaders:t}=(tn(),L(Qr));t().then(e=>process.exit(e)).catch(()=>process.exit(1));}else if(P==="check")(async()=>{await(mt(),L(ft)).checkForUpdateInteractive();let{runCheck:t}=(nn(),L(rn));process.exit(await t());})().catch(t=>{process.stderr.write(`Unexpected error: ${t.message}
|
|
197
|
+
`),process.exit(1);});else if(No.has(P))Bn();else {let{bold:t,cyan:e,dim:r}=(pt(),L(ge));process.stdout.write(`
|
|
168
198
|
`+t(" flow-ai-obs")+`
|
|
169
199
|
|
|
170
200
|
`),process.stdout.write(e(" init")+r(` Auth (if needed) + hooks + native OTEL
|
|
201
|
+
`)),process.stdout.write(r(` --custom-url <URL> Set a custom Flow base URL (e.g. https://tenant.example.com)
|
|
171
202
|
`)),process.stdout.write(e(" setup")+r(` Full Flow wizard: auth + hooks + OTEL + LLM proxy + connectivity
|
|
172
203
|
`)),process.stdout.write(e(" auth login")+r(` Authenticate with Flow (clientId / clientSecret / tenant)
|
|
173
204
|
`)),process.stdout.write(e(" auth logout")+r(` Remove credentials
|
package/dist/index.js
CHANGED
|
@@ -1,16 +1,16 @@
|
|
|
1
|
-
'use strict';var child_process=require('child_process'),util=require('util'),R=require('fs')
|
|
2
|
-
`;try{R.writeFileSync(
|
|
3
|
-
`);}}var
|
|
4
|
-
`)[0].slice(0,e).trim()}function
|
|
5
|
-
`);for(let n=e.length-1;n>=0;n--)try{let r=JSON.parse(e[n]);if(r.type==="user"&&r.uuid)return r.uuid}catch{}}catch{}return null}function
|
|
6
|
-
`),n=[],r=0,o=0;for(let s=e.length-1;s>=0;s--)try{let i=JSON.parse(e[s]);if(i.type==="user")break;if(i.type==="assistant"){let l=(i.message?.content??[]).filter(
|
|
1
|
+
'use strict';var child_process=require('child_process'),util=require('util'),R=require('fs'),$=require('path'),Z=require('os'),rn=require('https'),sn=require('http'),crypto=require('crypto');function _interopDefault(e){return e&&e.__esModule?e:{default:e}}function _interopNamespace(e){if(e&&e.__esModule)return e;var n=Object.create(null);if(e){Object.keys(e).forEach(function(k){if(k!=='default'){var d=Object.getOwnPropertyDescriptor(e,k);Object.defineProperty(n,k,d.get?d:{enumerable:true,get:function(){return e[k]}});}})}n.default=e;return Object.freeze(n)}var R__namespace=/*#__PURE__*/_interopNamespace(R);var $__namespace=/*#__PURE__*/_interopNamespace($);var Z__namespace=/*#__PURE__*/_interopNamespace(Z);var rn__default=/*#__PURE__*/_interopDefault(rn);var sn__default=/*#__PURE__*/_interopDefault(sn);var $e=Object.defineProperty;var z=(t=>typeof require<"u"?require:typeof Proxy<"u"?new Proxy(t,{get:(e,n)=>(typeof require<"u"?require:e)[n]}):t)(function(t){if(typeof require<"u")return require.apply(this,arguments);throw Error('Dynamic require of "'+t+'" is not supported')});var pt=(t,e)=>()=>(t&&(e=t(t=0)),e);var ft=(t,e)=>{for(var n in e)$e(t,n,{get:e[n],enumerable:true});};var Vt={};ft(Vt,{MacOsKeyVaultProvider:()=>ht});var Et,ht,Jt=pt(()=>{Et=util.promisify(child_process.execFile),ht=class{static async isAvailable(){try{return R.accessSync("/usr/bin/security",R.constants.X_OK),!0}catch{return false}}async getSecret(e,n){try{let{stdout:r}=await Et("security",["find-generic-password","-w","-a",n,"-s",e]);return r.trim()||null}catch{return null}}async setSecret(e,n,r){await Et("security",["add-generic-password","-U","-a",n,"-s",e,"-w",r]);}async deleteSecret(e,n){try{return await Et("security",["delete-generic-password","-a",n,"-s",e]),!0}catch{return false}}getStoragePath(){return "macOS Keychain"}};});var qt={};ft(qt,{LinuxKeyVaultProvider:()=>Tt});var Kt,Tt,Xt=pt(()=>{Kt=util.promisify(child_process.execFile),Tt=class{static async isAvailable(){let e=["/usr/bin/secret-tool","/bin/secret-tool","/usr/local/bin/secret-tool"];for(let n of e)try{return R.accessSync(n,R.constants.X_OK),!0}catch{}return false}async getSecret(e,n){try{let{stdout:r}=await Kt("secret-tool",["lookup","service",e,"account",n]);return r.trim()||null}catch{return null}}async setSecret(e,n,r){await new Promise((o,s)=>{let i=child_process.spawn("secret-tool",["store","--label",e,"service",e,"account",n]);i.on("error",s),i.on("close",u=>{u===0?o():s(new Error(`secret-tool exited with code ${u}`));}),i.stdin.write(r),i.stdin.end();});}async deleteSecret(e,n){try{return await Kt("secret-tool",["clear","service",e,"account",n]),!0}catch{return false}}getStoragePath(){return "Linux Secret Service (libsecret)"}};});var zt={};ft(zt,{WindowsKeyVaultProvider:()=>yt});var yt,Zt=pt(()=>{yt=class{static async isAvailable(){try{return await z("keytar").getPassword("__flow_probe__","__flow_probe__"),!0}catch{return false}}async getSecret(e,n){return z("keytar").getPassword(e,n)}async setSecret(e,n,r){await z("keytar").setPassword(e,n,r);}async deleteSecret(e,n){return z("keytar").deletePassword(e,n)}getStoragePath(){return "Windows Credential Manager"}};});function Mt(){if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let e=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(e)return {home:e,username:process.env.SUDO_USER}}return {home:Z__namespace.homedir(),username:process.env.SUDO_USER||process.env.USER||Z__namespace.userInfo().username}}var Ht="flow-ai-obs",Yt="config.json";function xe(){if(process.platform==="win32"){let n=process.env.APPDATA||$__namespace.join(Z__namespace.homedir(),"AppData","Roaming");return $__namespace.join(n,Ht,Yt)}let t=Mt(),e=process.env.XDG_CONFIG_HOME||$__namespace.join(t.home,".config");return $__namespace.join(e,Ht,Yt)}function Be(){try{let t=R__namespace.readFileSync(xe(),"utf8");return JSON.parse(t)}catch{return {}}}function dt(){return Be().baseUrl??null}var Q=dt()??process.env.FLOW_BASE_URL??"https://flow.ciandt.com";function mt(){return dt()??process.env.FLOW_BASE_URL??"https://flow.ciandt.com"}function W(){let t=mt();return {AUTH_ENGINE:process.env.FLOW_AUTH_ENGINE_URL||`${t}/auth-engine-api/v2/api-key/token`,GATEWAY_TRACES:process.env.FLOW_GATEWAY_TRACES_URL||`${t}/flow-langfuse-gateway/v1/traces`,GATEWAY_HEALTH:process.env.FLOW_GATEWAY_HEALTH_URL||`${t}/flow-langfuse-gateway/v1/health`,OTEL_ENDPOINT:process.env.FLOW_OTEL_ENDPOINT_URL||`${t}/otel`}}W();var tt={SERVICE:"flow-plugins-cli",ACCOUNT_TOKEN:"token-cache"},et="FLOW-nodejs",nt="config.json",gt={SCOPE_NAME:"flow-ai-obs",SCOPE_VERSION:"0.1.0"};({ANTHROPIC_BASE_URL:process.env.FLOW_LLM_PROXY_URL??`${Q}/flow-llm-proxy/`,ANTHROPIC_MODEL:process.env.FLOW_LLM_PROXY_MODEL??"anthropic.claude-4-6-sonnet",ANTHROPIC_SMALL_FAST_MODEL:process.env.FLOW_LLM_PROXY_SMALL_MODEL??"anthropic.claude-4-6-sonnet"});var g={FLOW_TELEMETRY:"FLOW_TELEMETRY",FLOW_TELEMETRY_GATEWAY:"FLOW_TELEMETRY_GATEWAY_URL",LANGFUSE_BASE_URL:"LANGFUSE_BASE_URL",LANGFUSE_PUBLIC_KEY:"LANGFUSE_PUBLIC_KEY",LANGFUSE_SECRET_KEY:"LANGFUSE_SECRET_KEY",ANTHROPIC_MODEL:"ANTHROPIC_MODEL",ANTHROPIC_AUTH_TOKEN:"ANTHROPIC_AUTH_TOKEN",FLOW_OBS_DEBUG:"FLOW_TELEMETRY_DEBUG",FLOW_OBS_ALLOW_HTTP:"FLOW_TELEMETRY_ALLOW_HTTP",BUFFER_TTL_DAYS:"FLOW_TELEMETRY_BUFFER_TTL_DAYS",BUFFER_MAX_FILES:"FLOW_TELEMETRY_BUFFER_MAX_FILES"};var A={FILE_PREFIX:"flow-obs-buffer-",DEFAULT_TTL_DAYS:4,MIN_TTL_DAYS:1,MAX_TTL_DAYS:30,DEFAULT_MAX_FILES:50,MIN_MAX_FILES:1,MAX_MAX_FILES:500,REPLAY_BATCH_SIZE:10},Wt="flow-ai-obs-debug.log",w={TOOL_INPUT:2e4,TOOL_OUTPUT:2e4,TRACE_OUTPUT:2e4,USER_INSTRUCTION:1e4,TRACE_INPUT:5e4};({API_URL:process.env.FLOW_METRICS_URL||`${Q}/metrics-collector-api/log-event`});var St={credentials:"credentials","token-cache":"tokenCache"};function j(){let t=Z__namespace.default.homedir();if(process.platform==="darwin")return $__namespace.default.join(t,"Library","Preferences",et,nt);if(process.platform==="win32"){let n=process.env.APPDATA??$__namespace.default.join(t,"AppData","Roaming");return $__namespace.default.join(n,et,nt)}let e=process.env.XDG_CONFIG_HOME??$__namespace.default.join(t,".config");return $__namespace.default.join(e,et,nt)}function _t(){try{let t=R__namespace.default.readFileSync(j(),"utf8");return JSON.parse(t)}catch{return {}}}function jt(t){let e=j();R__namespace.default.mkdirSync($__namespace.default.dirname(e),{recursive:true}),R__namespace.default.writeFileSync(e,JSON.stringify(t,null,2),{encoding:"utf8",mode:384});}var st=class{static isAvailable(){return true}static hasExistingData(){try{if(!R__namespace.default.existsSync(j()))return !1;let e=JSON.parse(R__namespace.default.readFileSync(j(),"utf8"));return !!(e&&e.credentials)}catch{return false}}async getSecret(e,n){let r=_t(),o=St[n]??n,s=r[o];return s?typeof s=="string"?s:JSON.stringify(s):null}async setSecret(e,n,r){let o=_t(),s=St[n]??n;if(n==="token-cache")try{o[s]=JSON.parse(r);}catch{o[s]=r;}else o[s]=r;jt(o);}async deleteSecret(e,n){let r=_t(),o=St[n]??n;return o in r?(delete r[o],jt(r),true):false}getStoragePath(){return `config.json (unencrypted) \u2014 ${j()}`}};async function Qt(){return await ze()??new st}async function ze(){switch(process.platform){case "darwin":{let{MacOsKeyVaultProvider:t}=await Promise.resolve().then(()=>(Jt(),Vt));return await t.isAvailable()?new t:null}case "linux":{let{LinuxKeyVaultProvider:t}=await Promise.resolve().then(()=>(Xt(),qt));return await t.isAvailable()?new t:null}case "win32":{let{WindowsKeyVaultProvider:t}=await Promise.resolve().then(()=>(Zt(),zt));return await t.isAvailable()?new t:null}default:return null}}var Ot=tt.SERVICE,te=tt.ACCOUNT_TOKEN,At=null;function wt(){return At||(At=Qt()),At}async function kt(t){await(await wt()).setSecret(Ot,te,JSON.stringify({accessToken:t.accessToken,expiresAt:t.expiresAt,lastAuthCheckAt:t.lastAuthCheckAt}));}async function It(){let e=await(await wt()).getSecret(Ot,te);if(!e)return null;try{let n=JSON.parse(e);return {accessToken:n.accessToken,expiresAt:n.expiresAt,lastAuthCheckAt:n.lastAuthCheckAt}}catch{return null}}async function J(){let t=await It();if(!t||!t.accessToken)return null;try{let e=t.accessToken.split(".");if(e.length<2)return null;let n=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return n.email??n.preferred_username??n.upn??n.sub??null}catch{return null}}var nn=$.join(Z.tmpdir(),Wt);function a(...t){if(process.env[g.FLOW_OBS_DEBUG]!=="1")return;let e=`[${new Date().toISOString()}] ${t.join(" ")}
|
|
2
|
+
`;try{R.writeFileSync(nn,e,{flag:"a"});}catch(n){process.stderr.write(`[flow-obs debug ERROR] ${n.message}
|
|
3
|
+
`);}}var P=class extends Error{constructor(e){super(e),this.name="AuthError";}},on=/^[a-z0-9][a-z0-9-]{0,62}[a-z0-9]$|^[a-z0-9]$/;function an(t){if(!on.test(t))throw new Error(`Invalid tenant value: "${t}". Tenant must be lowercase alphanumeric and hyphens (1-64 chars).`)}var ee={INVALID_CLIENT_SECRET:"Invalid Client Secret \u2014 check the value and try again",INVALID_CLIENT_ID:"Invalid Client ID \u2014 check the value and try again",INVALID_TENANT:"Invalid Tenant \u2014 check the value and try again",TENANT_NOT_FOUND:"Tenant not found \u2014 verify the tenant identifier"};function cn(t,e){let n=e.length>400?e.slice(0,400)+"\u2026":e;a("toAuthError",`status=${t} body=${n}`);try{let r=JSON.parse(e);if(typeof r.error=="string"&&(a("toAuthError",`api_error_code=${r.error}`+(r.message?` api_message=${r.message}`:"")),ee[r.error]))return new P(ee[r.error])}catch{}return t===401||t===403||t===500?new P("Invalid credentials"):t>=400&&t<500?new P("Authentication request was rejected"):new Error("Authentication service unavailable, please try again later")}function Lt(t){return new Promise((e,n)=>{try{an(t.tenant);}catch(p){return n(p)}let r=JSON.stringify({clientSecret:t.clientSecret}),o=new URL(W().AUTH_ENGINE),s=o.protocol==="https:",i={hostname:o.hostname,port:o.port||(s?443:80),path:o.pathname+o.search,method:"POST",headers:{"Content-Type":"application/json","Content-Length":Buffer.byteLength(r),FlowTenant:t.tenant}};a("getToken",`requesting token tenant=${t.tenant} host=${i.hostname} path=${i.path}`);let l=(s?rn__default.default:sn__default.default).request(i,p=>{let _=[];p.on("data",h=>_.push(h)),p.on("end",()=>{let h=_.join("");if((p.statusCode??0)>=400)return n(cn(p.statusCode??0,h));let f;try{f=JSON.parse(h);}catch{return n(new Error("Invalid response from auth engine"))}let E=f.expires_at??new Date(Date.now()+(f.expires_in??3600)*1e3).toISOString();e({accessToken:f.access_token??"",expiresAt:E});});});l.on("error",p=>n(new Error(`Network error: ${p.message}`))),l.write(r),l.end();})}var ln=[/^localhost\.?$/i,/^127\./,/^10\./,/^172\.(1[6-9]|2\d|3[01])\./,/^192\.168\./,/^169\.254\./,/^0\.0\.0\.0$/,/^::1$/,/^\[::1\]$/,/^\[::ffff:/i,/^\[f[cd]/i,/^\[fe80:/i,/^metadata\.google\.internal\.?$/i,/^metadata\.azure\.internal\.?$/i,/(?:^|\.)localtest\.me\.?$/i,/(?:^|\.)lvh\.me\.?$/i,/(?:^|\.)vcap\.me\.?$/i];function un(t){return ln.some(e=>e.test(t))}function pn(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let n=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return n.email||n.preferred_username||n.upn||n.sub||null}catch{return null}}function re(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let n=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8")),{clientId:r,clientSecret:o,tenant:s}=n;return !r||!o||!s?null:{clientId:r,clientSecret:o,tenant:s}}catch{return null}}function ne(t){let e;try{e=new URL(t);}catch{throw new Error(`Invalid URL: ${t}`)}let n=process.env[g.FLOW_OBS_ALLOW_HTTP]==="true";if(!n&&e.protocol!=="https:")throw new Error(`URL must use HTTPS: ${t}`);if(e.username||e.password)throw new Error(`URL must not contain embedded credentials: ${t}`);if(!n&&un(e.hostname))throw new Error(`SSRF: private/loopback host not allowed: ${e.hostname}`);return t}async function se(){let t=re(process.env[g.ANTHROPIC_AUTH_TOKEN]);if(t)return {user:await J().catch(()=>null)??t.clientId,tenant:t.tenant};return {user:"",tenant:""}}function fn(){return new Date().toISOString().slice(0,10)}async function dn(t){let e=fn(),n=await It();if(n?.lastAuthCheckAt!==e){a("getOrRefreshToken",`daily auth check (last: ${n?.lastAuthCheckAt??"never"})`);try{let s=await Lt(t);try{await kt({...s,lastAuthCheckAt:e});}catch{}return a("getOrRefreshToken",`daily check passed, expires=${s.expiresAt}`),s.accessToken}catch(s){if(s instanceof P)throw s;a("getOrRefreshToken",`daily check network error \u2014 using cache: ${s.message}`);}}let r=n!=null&&new Date(n.expiresAt)>new Date;if(a("getOrRefreshToken",`cacheValid=${r}`),r)return a("getOrRefreshToken",`using cached token, expires=${n.expiresAt}`),n.accessToken;a("getOrRefreshToken",`token expired \u2014 refreshing via auth-engine (tenant=${t.tenant} clientId=${t.clientId})`);let o=await Lt(t);try{await kt({...o,lastAuthCheckAt:e});}catch(s){a("getOrRefreshToken",`token cache save failed (non-fatal): ${s.message}`);}return a("getOrRefreshToken",`token refreshed, expires=${o.expiresAt}`),o.accessToken}function mn(t,e){let n=e&&e.accessToken?e.accessToken:"";return {endpoint:t.replace(/\/$/,"")+"/flow-langfuse-gateway/v1/traces",authHeader:`Bearer ${n}`}}function gn(t,e,n){let r=Buffer.from(`${e}:${n}`).toString("base64");return {endpoint:t.replace(/\/$/,"")+"/api/public/otel/v1/traces",authHeader:`Basic ${r}`}}async function K(){let t=[],e=process.env[g.ANTHROPIC_MODEL]??"",n=re(process.env[g.ANTHROPIC_AUTH_TOKEN]);a("resolveCredentials",n?"credentials resolved from ANTHROPIC_AUTH_TOKEN":"ANTHROPIC_AUTH_TOKEN absent or invalid"),n&&a("resolveCredentials",`clientId=${n.clientId}`,`tenant=${n.tenant}`);let r=n?n.tenant:"",o=process.env[g.FLOW_TELEMETRY]==="true",s=process.env[g.LANGFUSE_BASE_URL],i=process.env[g.LANGFUSE_PUBLIC_KEY],u=process.env[g.LANGFUSE_SECRET_KEY];if(o&&s&&i&&u){let f="",E=r;if(n)f=await J().catch(()=>null)??n.clientId;let S={user:f??"",tenant:E??"",team:"",project:"",model:e};t.push({mode:"direct",...gn(ne(s),i,u),...S}),a("resolveCredentials","direct mode active",`user=${S.user}`,`tenant=${S.tenant}`);}if(!n){if(t.length===0){let f=[];return f.authError=false,f}return t}let l;try{l=await dn(n);}catch(f){if(a("resolveCredentials",`token refresh failed: ${f.message}`,`(tenant=${n.tenant} clientId=${n.clientId})`),t.length>0)return t.authError=true,t;let E=[];return E.authError=true,E}let _={user:pn(l)??n.clientId,tenant:r,team:"",project:"",model:e},h=process.env[g.FLOW_TELEMETRY_GATEWAY]??mt();return t.push({mode:"gateway",...mn(ne(h),{accessToken:l}),..._}),t}async function oe(){return (await K()).length>0}function k(t,e){let n=typeof t=="object"?JSON.stringify(t):String(t??"");return n.length>e?n.slice(0,e)+" \u2026[truncated]":n}function it(t,e=100){return String(t??"").split(`
|
|
4
|
+
`)[0].slice(0,e).trim()}function Rt(){return new Promise(t=>{let e="";process.stdin.setEncoding("utf8"),process.stdin.on("data",n=>{e+=n;}),process.stdin.on("end",()=>{try{t(JSON.parse(e));}catch{t({});}});})}function O(t){process.stdout.write(JSON.stringify(t));}var Nt=()=>crypto.randomBytes(16).toString("hex"),b=()=>crypto.randomBytes(8).toString("hex");function L(){return String(BigInt(Date.now())*1000000n)}var wn=/^[0-9a-f-]{1,64}$/i,kn=$.normalize(Z.tmpdir())+$.sep;function In(t,e){let n=$.resolve(t);if(!n.startsWith(e))throw new Error(`Path traversal detected: ${t}`);return n}function Pt(t){if(!wn.test(t))throw new Error(`Invalid session ID: ${t}`);return In($.join(Z.tmpdir(),`flow-obs-${t}.json`),kn)}function D(t){let e=Pt(t);if(!R.existsSync(e))return null;try{return JSON.parse(R.readFileSync(e,"utf8"))}catch{return null}}function x(t,e){R.writeFileSync(Pt(t),JSON.stringify(e),{encoding:"utf8",mode:384});}function bt(t){try{R.unlinkSync(Pt(t));}catch{}}function ue(t){if(!t||!R.existsSync(t))return null;try{let e=R.readFileSync(t,"utf8").trimEnd().split(`
|
|
5
|
+
`);for(let n=e.length-1;n>=0;n--)try{let r=JSON.parse(e[n]);if(r.type==="user"&&r.uuid)return r.uuid}catch{}}catch{}return null}function Ut(t){if(!t||!R.existsSync(t))return null;try{let e=R.readFileSync(t,"utf8").trimEnd().split(`
|
|
6
|
+
`),n=[],r=0,o=0;for(let s=e.length-1;s>=0;s--)try{let i=JSON.parse(e[s]);if(i.type==="user")break;if(i.type==="assistant"){let l=(i.message?.content??[]).filter(_=>_.type==="text").map(_=>_.text??"").join("");l&&n.unshift(l);let p=i.message?.usage??{};r+=(p.input_tokens??0)+(p.cache_read_input_tokens??0)+(p.cache_creation_input_tokens??0),o+=p.output_tokens??0;}}catch{}return !n.length&&r===0?null:{text:n.join(`
|
|
7
7
|
|
|
8
|
-
`),inputTokens:r,outputTokens:o}}catch{}return null}var
|
|
9
|
-
`)[0].match(/^\/([a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?)(?:\s.*)?$/i)?.[1]??null}var
|
|
10
|
-
`);return}let n=t.session_id||"unknown",r=t.prompt||"",o=t.cwd||"",s=
|
|
11
|
-
`,{flag:"a",encoding:"utf8",mode:384}),a("sendTraces:dump",`request appendada em ${
|
|
8
|
+
`),inputTokens:r,outputTokens:o}}catch{}return null}var Pn=new Set([".venv","__pycache__",".git","node_modules"]),bn=new Set([".pyc",".pyo"]),Un=new Set(["SKILL.md",".DS_Store",".gitignore"]);function de(t){return t.replace(":","/")}function at(t,e){if(!t)return null;let n=de(t),r=[$.join(Z.homedir(),".claude","skills",n,"SKILL.md"),$.join(e??"",".claude","skills",n,"SKILL.md")];for(let o of r)if(R.existsSync(o))try{return R.readFileSync(o,"utf8")}catch{}return null}function me(t){return t.split(`
|
|
9
|
+
`)[0].match(/^\/([a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?)(?:\s.*)?$/i)?.[1]??null}var vn=new Set(["Read","Write","Edit","MultiEdit","Bash","Glob","Grep","TodoWrite","WebFetch","WebSearch","Agent","Task"]);function ge(t){return !!t.slashSkill||t.toolCalls.some(r=>r.tool==="Skill")?t.toolCalls.some(r=>r.tool==="Skill"&&!r.synthetic||vn.has(r.tool))?"complete":"prerequisite_required":null}function ct(t,e){if(!t)return null;let n=de(t),r=[$.join(Z.homedir(),".claude","skills",n),$.join(e??"",".claude","skills",n)],o=null;for(let u of r)if(R.existsSync($.join(u,"SKILL.md"))){o=u;break}if(!o)return null;let s=[];function i(u,l){for(let p of R.readdirSync(u,{withFileTypes:true})){if(Pn.has(p.name)||Un.has(p.name)||bn.has($.extname(p.name)))continue;let _=l?`${l}/${p.name}`:p.name;p.isDirectory()?i($.join(u,p.name),_):s.push(_);}}return i(o,""),s.length>0?s:null}var Cn=`\u26D4 Your Flow API key has expired. You no longer have access to Claude Code through the Flow platform. To restore observability and access, visit ${Q}/settings/api-keys to generate a new API key, then run: flow-ai-obs auth login`;async function vt(t,e=false){if(e){process.stdout.write(JSON.stringify({decision:"block",reason:Cn})+`
|
|
10
|
+
`);return}let n=t.session_id||"unknown",r=t.prompt||"",o=t.cwd||"",s=ue(t.transcript_path)||Nt(),i=me(r),u=i?at(i,o):null,l=i?ct(i,o):null;x(n,{traceId:Nt(),spanId:b(),startNs:L(),sessionId:n,prompt:r,cwd:o,traceName:s,transcriptPath:t.transcript_path||"",model:process.env[g.ANTHROPIC_MODEL]||"",toolCalls:[],spans:[],pendingTool:null,slashSkill:i,skillContent:u,skillArtifacts:l}),a("UserPromptSubmit",`sid=${n}`,`traceName=${s}`,`slashSkill=${i}`),O(t);}async function Se(t){let e=t.session_id||"unknown",n=t.tool_name||"unknown",r=t.tool_input||{},o=D(e);o&&(o.pendingTool={name:n,inputStr:k(r,w.TOOL_INPUT),startNs:L()},x(e,o)),a("PreToolUse",`sid=${e}`,`tool=${n}`,`stateFound=${!!o}`),O(t);}var Fn={name:gt.SCOPE_NAME,version:gt.SCOPE_VERSION},m={TRACE_NAME:"langfuse.trace.name",TRACE_INPUT:"langfuse.trace.input",TRACE_OUTPUT:"langfuse.trace.output",TRACE_METADATA:"langfuse.trace.metadata",TRACE_TAGS:"langfuse.trace.tags",USER_ID:"langfuse.user.id",SESSION_ID:"langfuse.session.id",OBS_NAME:"langfuse.observation.name",OBS_INPUT:"langfuse.observation.input",OBS_OUTPUT:"langfuse.observation.output",OBS_LEVEL:"langfuse.observation.level",OBS_TYPE:"langfuse.observation.type",MODEL:"gen_ai.request.model",INPUT_TOKENS:"gen_ai.usage.input_tokens",OUTPUT_TOKENS:"gen_ai.usage.output_tokens"};function c(t,e){return e==null||e===""?null:{key:t,value:{stringValue:String(e)}}}function U(...t){return t.filter(e=>e!==null)}function _e(t,e){return {resourceSpans:[{resource:{attributes:t},scopeSpans:[{scope:Fn,spans:Array.isArray(e)?e:[e]}]}]}}var Ee=$.join(Z.tmpdir(),"flow-obs-requests.ndjson");function he(t,e,n,r,o){if(process.env[g.FLOW_OBS_DEBUG]!=="1")return;let s=JSON.stringify({ts:new Date().toISOString(),request:{method:"POST",url:t,headers:e,body:JSON.parse(n)},response:{status:r,body:o}});try{R.writeFileSync(Ee,s+`
|
|
11
|
+
`,{flag:"a",encoding:"utf8",mode:384}),a("sendTraces:dump",`request appendada em ${Ee}`);}catch(i){a("sendTraces:dump",`falha ao salvar: ${i.message}`);}}function Hn(t){let e=new URL(t),n=new URL(W().GATEWAY_HEALTH);return n.hostname=e.hostname,n.port=e.port,n.protocol=e.protocol,n}function Te(t,e){return new Promise((n,r)=>{let o=t._isSSL?rn__default.default:sn__default.default;t.headers=Object.assign({},t.headers,{Connection:"close"});let s=o.request(t,i=>{let u=[];i.on("data",l=>u.push(l)),i.on("end",()=>n({statusCode:i.statusCode??0,body:u.join("")}));});s.setTimeout(1e4,()=>{s.destroy(new Error("Request timeout"));}),s.on("error",i=>r(new Error(`Network error: ${i.message}`))),e&&s.write(e),s.end();})}async function ye(t,e){let n;try{n=Hn(t);}catch{return false}let r=n.protocol==="https:";try{let o={};e&&(o.Authorization=String(e).replace(/[\r\n]/g,""));let s=await Te({hostname:n.hostname,port:n.port||(r?443:80),path:n.pathname,method:"GET",headers:o,_isSSL:r},null);return a("checkHealth",`url=${n.href} status=${s.statusCode}`),s.statusCode>=200&&s.statusCode<300}catch{return false}}async function lt(t,e,n){let r=JSON.stringify(t),o=new URL(e),s=o.protocol==="https:",i=String(n).replace(/[\r\n]/g,""),u={"Content-Type":"application/json",Authorization:i,"Content-Length":Buffer.byteLength(r)};a("sendTraces:request",`POST ${e}`),a("sendTraces:request",`headers=${JSON.stringify({...u,Authorization:i.slice(0,20)+"\u2026"})}`),a("sendTraces:request",`body=${r.slice(0,500)}${r.length>500?"\u2026":""}`);try{let l=await Te({hostname:o.hostname,port:o.port||(s?443:80),path:o.pathname,method:"POST",headers:u,_isSSL:s},r);return a("sendTraces:response",`status=${l.statusCode}`),he(e,u,r,l.statusCode,l.body),l.statusCode}catch(l){return a("sendTraces:error",l.message),he(e,u,r,0,l.message),0}}function Yn(){let t=parseInt(process.env[g.BUFFER_TTL_DAYS]??"",10);return (Number.isFinite(t)?Math.max(A.MIN_TTL_DAYS,Math.min(A.MAX_TTL_DAYS,t)):A.DEFAULT_TTL_DAYS)*24*60*60*1e3}function Gn(){let t=parseInt(process.env[g.BUFFER_MAX_FILES]??"",10);return Number.isFinite(t)?Math.max(A.MIN_MAX_FILES,Math.min(A.MAX_MAX_FILES,t)):A.DEFAULT_MAX_FILES}function Oe(t){if(/[/\\]/.test(t))throw new Error(`Invalid buffer fileId: ${t}`);return $__namespace.default.join(Z__namespace.default.tmpdir(),`${A.FILE_PREFIX}${t}.json`)}function Ft(){let t=Z__namespace.default.tmpdir(),e;try{e=R__namespace.default.readdirSync(t);}catch{return []}return e.filter(n=>n.startsWith(A.FILE_PREFIX)&&n.endsWith(".json")).map(n=>{let r=$__namespace.default.join(t,n),o=0;try{o=R__namespace.default.statSync(r).mtimeMs;}catch{}return {full:r,mtime:o}}).sort((n,r)=>n.mtime-r.mtime).map(n=>n.full)}function q(t){try{let e=Gn(),n=Ft();if(n.length>=e){let s=n.slice(0,n.length-e+1);for(let i of s)try{R__namespace.default.unlinkSync(i);}catch{}}let r=`${Date.now()}-${Math.random().toString(36).slice(2,8)}`,o={fileId:r,bufferedAt:Date.now(),payload:t};return R__namespace.default.writeFileSync(Oe(r),JSON.stringify(o),{encoding:"utf8",mode:384}),a("buffer",`saved fileId=${r}`),r}catch(e){return a("buffer",`saveToBuffer failed: ${e.message}`),null}}function we(t){let e=Ft(),n=t,r=[];for(let o of e){if(r.length>=n)break;try{let s=R__namespace.default.readFileSync(o,"utf8"),i=JSON.parse(s);i&&i.fileId&&i.payload&&r.push(i);}catch{a("buffer",`skipping malformed file: ${o}`);}}return r}function ke(t){try{R__namespace.default.unlinkSync(Oe(t)),a("buffer",`deleted fileId=${t}`);}catch{}}function Ie(){let t=Date.now()-Yn();for(let e of Ft())try{let{mtimeMs:n}=R__namespace.default.statSync(e);n<t&&(R__namespace.default.unlinkSync(e),a("buffer",`evicted stale: ${$__namespace.default.basename(e)}`));}catch{}}async function Wn(t){Ie();let e=we(A.REPLAY_BATCH_SIZE);e.length&&(a("replayBufferedTraces",`replaying ${e.length} buffered trace(s)`),await Promise.allSettled(e.map(async n=>{try{let r=await lt(n.payload,t.endpoint,t.authHeader);r>=200&&r<300?(ke(n.fileId),a("replayBufferedTraces",`replayed fileId=${n.fileId} status=${r}`)):a("replayBufferedTraces",`replay failed fileId=${n.fileId} status=${r}`);}catch(r){a("replayBufferedTraces",`replay error fileId=${n.fileId}: ${r.message}`);}})));}async function Le(t){let e=await K();if(!e.length)return e.authError&&(a("postToLangfuse","auth refresh failed \u2014 buffering trace"),q(t)),0;let n=await Promise.all(e.map(async s=>{if(s.mode!=="gateway")return {creds:s,healthy:true};let i=await ye(s.endpoint,s.authHeader);return {creds:s,healthy:i}})),r=n.find(s=>s.creds.mode==="gateway"&&s.healthy)?.creds??n.find(s=>s.creds.mode==="direct")?.creds;return r&&await Wn(r),(await Promise.all(n.map(async({creds:s,healthy:i})=>{if(s.mode==="gateway"){if(!i)return a("postToLangfuse","gateway health check failed \u2014 buffering trace"),q(t),0;let l=await lt(t,s.endpoint,s.authHeader);return (l===0||l>=500)&&(a("postToLangfuse",`gateway send failed (status ${l}) \u2014 buffering trace`),q(t)),l}let u=await lt(t,s.endpoint,s.authHeader);return (u===0||u>=500)&&(a("postToLangfuse",`direct endpoint unavailable (status ${u}) \u2014 buffering trace`),q(t)),u}))).find(s=>s!==0)??0}var y="[REDACTED]",jn=[{re:/\b(sk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`sk-${y}`},{re:/\b(pk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`pk-${y}`},{re:/\b(Bearer\s+)[A-Za-z0-9\-._~+/]+=*/gi,replace:(t,e)=>`${e}${y}`},{re:/\b(Basic\s+)[A-Za-z0-9+/]+=*/gi,replace:(t,e)=>`${e}${y}`},{re:/(-----BEGIN [A-Z ]+-----)[^-]*(-----END [A-Z ]+-----)/g,replace:(t,e,n)=>`${e}
|
|
12
12
|
${y}
|
|
13
|
-
${n}`},{re:/\b(AKIA[0-9A-Z]{16})\b/g,replace:()=>`AKIA${y}`},{re:/(aws_secret_access_key\s*[=:]\s*)([A-Za-z0-9/+]{40})/gi,replace:(t,e)=>`${e}${y}`},{re:/\b(ghp_[A-Za-z0-9]{36,})/g,replace:()=>`ghp_${y}`},{re:/\b(github_pat_[A-Za-z0-9_]{36,})/gi,replace:()=>`github_pat_${y}`},{re:/\b(eyJ[A-Za-z0-9_\-]+\.eyJ[A-Za-z0-9_\-]+\.[A-Za-z0-9_\-]+)/g,replace:()=>`eyJ.${y}`},{re:/\b([A-Z0-9_]*(?:SECRET|TOKEN|KEY|PASSWORD|PASSWD|PWD|CREDENTIAL|API)[A-Z0-9_]*\s*=\s*)(['"]?)([^\s'"#\n]+)\2/gi,replace:(t,e,n)=>`${e}${n}${y}${n}`},{re:/([a-z][a-z0-9+\-.]*:\/\/[^:/?#\s]*):([^@\s]+)@/gi,replace:(t,e)=>`${e}:${y}@`}];function M(t){if(t==null)return "";let e=typeof t=="string"?t:JSON.stringify(t);return
|
|
14
|
-
`)),
|
|
15
|
-
`),process.stdout.write(JSON.stringify(e));}}
|
|
13
|
+
${n}`},{re:/\b(AKIA[0-9A-Z]{16})\b/g,replace:()=>`AKIA${y}`},{re:/(aws_secret_access_key\s*[=:]\s*)([A-Za-z0-9/+]{40})/gi,replace:(t,e)=>`${e}${y}`},{re:/\b(ghp_[A-Za-z0-9]{36,})/g,replace:()=>`ghp_${y}`},{re:/\b(github_pat_[A-Za-z0-9_]{36,})/gi,replace:()=>`github_pat_${y}`},{re:/\b(eyJ[A-Za-z0-9_\-]+\.eyJ[A-Za-z0-9_\-]+\.[A-Za-z0-9_\-]+)/g,replace:()=>`eyJ.${y}`},{re:/\b([A-Z0-9_]*(?:SECRET|TOKEN|KEY|PASSWORD|PASSWD|PWD|CREDENTIAL|API)[A-Z0-9_]*\s*=\s*)(['"]?)([^\s'"#\n]+)\2/gi,replace:(t,e,n)=>`${e}${n}${y}${n}`},{re:/([a-z][a-z0-9+\-.]*:\/\/[^:/?#\s]*):([^@\s]+)@/gi,replace:(t,e)=>`${e}:${y}@`}];function M(t){if(t==null)return "";let e=typeof t=="string"?t:JSON.stringify(t);return jn.reduce((n,{re:r,replace:o})=>n.replace(r,o),e)}async function Re(t){let e=t.session_id||"unknown",n=t.tool_name||"unknown",r=t.tool_input||{},o=t.tool_response||"",s=D(e);if(!s){O(t);return}let i=L(),u=s.pendingTool,l=u?.name===n,p=l?u.startNs:String(BigInt(i)-200000000n),_=l?u.inputStr:k(r,w.TOOL_INPUT),h=_,f=null;if(n==="Skill"){let Y=typeof r=="object"&&r!==null?r.skill||r.name||r.skillName||r.commandName||String(Object.values(r)[0]??""):String(r);f=Y?String(Y).trim():null;let C=f?at(f,s.cwd):null;C&&(h=C,s.skillContent||(s.skillContent=C),s.skillArtifacts||(s.skillArtifacts=ct(f,s.cwd))),f&&!s.slashSkill&&(s.slashSkill=f),a("PostToolUse","Skill tool detected",`skillName=${f}`,`contentFound=${!!C}`);}let E=M(k(o,w.TOOL_OUTPUT)),S=/\b(error|exception|failed|failure|traceback|errno)\b/i.test(E.slice(0,500)),T=S?"ERROR":"DEFAULT",X=b(),v=Math.round(Number(BigInt(i)-BigInt(p))/1e6),H={Agent:"AGENT",Task:"AGENT"}[n]??"TOOL",ut=n==="Skill"&&f?f:it(_,60);s.toolCalls.push({tool:n,brief:ut,error:S,durationMs:v});let I=s.spans;I.push({traceId:s.traceId,spanId:X,parentSpanId:s.spanId,name:n,kind:3,startTimeUnixNano:p,endTimeUnixNano:i,attributes:U(c(m.OBS_NAME,n),c(m.OBS_TYPE,H),c(m.OBS_LEVEL,T),c(m.OBS_INPUT,M(h)),c(m.OBS_OUTPUT,E),c("tool.name",n),c("tool.error",String(S)),n==="Skill"&&f?c("skill.name",f):null,n==="Skill"?c("skill.invocation","slash-command"):null),status:{code:S?2:1}}),s.pendingTool=null,x(e,s),a("PostToolUse",`sid=${e}`,`tool=${n}`,`error=${S}`,`durationMs=${v}`,`totalSpans=${I.length}`),O(t);}var Ne={"claude-opus-4-6":{input:15,output:75},"claude-opus-4-5":{input:15,output:75},"claude-sonnet-4-6":{input:3,output:15},"claude-sonnet-4-5":{input:3,output:15},"claude-haiku-4-5":{input:.8,output:4},"claude-4-6-opus":{input:15,output:75},"claude-4-6-sonnet":{input:3,output:15},"claude-4-5-opus":{input:15,output:75},"claude-4-5-sonnet":{input:3,output:15},"claude-4-5-haiku":{input:.8,output:4},"claude-3-5-sonnet-20241022":{input:3,output:15},"claude-3-5-haiku-20241022":{input:.8,output:4},"claude-3-opus-20240229":{input:15,output:75}};function Pe(t,e,n){let r=Object.keys(Ne).find(i=>(t??"").toLowerCase().includes(i));if(!r)return;let o=Ne[r],s=(e*o.input+n*o.output)/1e6;return Math.round(s*1e6)/1e6}async function be(t){let e=t.session_id||"unknown",n=t.stop_reason||"end_turn",r=D(e);if(!r){O(t);return}r.slashSkill&&!/^[a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?$/i.test(r.slashSkill)&&(a("Stop",`sid=${e}`,`slashSkill rejected post-disk: "${r.slashSkill}"`),r.slashSkill=null);let o=L(),s=await se(),i=r.toolCalls,u=r.spans;if(r.slashSkill&&!i.some(d=>d.tool==="Skill")){let d=b(),N=r.skillContent?r.skillContent:JSON.stringify({skill:r.slashSkill});i.push({tool:"Skill",brief:r.slashSkill,error:false,durationMs:0,synthetic:true}),u.push({traceId:r.traceId,spanId:d,parentSpanId:r.spanId,name:"Skill",kind:3,startTimeUnixNano:r.startNs,endTimeUnixNano:r.startNs,attributes:U(c(m.OBS_NAME,"Skill"),c(m.OBS_TYPE,"TOOL"),c(m.OBS_LEVEL,"DEFAULT"),c(m.OBS_INPUT,N),c(m.OBS_OUTPUT,"loaded via slash command"),c("tool.name","Skill"),c("tool.error","false"),c("skill.name",r.slashSkill),c("skill.invocation","slash-command")),status:{code:1}}),a("Stop",`slashSkill=${r.slashSkill}`,"synthetic span injected");}let l=t.transcript_path||r.transcriptPath||"",p=Ut(l);if(l&&(i.some(d=>d.tool==="Skill"&&!d.synthetic)||!!r.slashSkill)&&!p?.text){await new Promise(N=>setTimeout(N,500));let d=Ut(l);d?.text&&(p=d);}a("Stop",`transcriptPath=${l||"(empty)"}`,`assistantOut=${p?`text=${p.text.length}chars`:"null"}`);let h=i.length,f=i.filter(d=>d.error).length,E=M(p?.text?k(p.text,w.TRACE_OUTPUT):h===0?"No tools used":i.map((d,N)=>`${N+1}. ${d.tool}${d.brief?` \u2192 ${d.brief}`:""}${d.error?" [ERROR]":""}`).join(`
|
|
14
|
+
`)),S=p?.inputTokens??0,T=p?.outputTokens??0,X=i.map((d,N)=>`${N+1}. ${d.tool}${d.brief?` \u2192 ${d.brief}`:""}${d.error?" [ERROR]":""} (${d.durationMs}ms)`),v=!!(r.slashSkill||i.some(d=>d.tool==="Skill")),$t=i.some(d=>d.tool==="Agent");if(!v&&!$t){a("Stop",`sid=${e}`,"skipping trace \u2014 no Skill or Agent calls found"),bt(e),O(t);return}let H=v?"skill":"agent",ut=Math.round(Number(BigInt(o)-BigInt(r.startNs))/1e6),Dt=Pe(r.model,S,T),I=ge(r);I==="prerequisite_required"&&p?.text&&(I="complete"),I==="prerequisite_required"&&(u.push({traceId:r.traceId,spanId:b(),parentSpanId:r.spanId,name:"prerequisite-check",kind:3,startTimeUnixNano:r.startNs,endTimeUnixNano:o,attributes:U(c(m.OBS_NAME,"prerequisite-check"),c(m.OBS_TYPE,"EVENT"),c(m.OBS_LEVEL,"WARNING"),c(m.OBS_OUTPUT,E),c("skill.name",r.slashSkill||void 0),c("execution_status","prerequisite_required")),status:{code:1}}),a("Stop",`sid=${e}`,"prerequisite-check span injected",`skill=${r.slashSkill}`));let Y=(()=>{if(!(!v||!r.prompt)){if(r.slashSkill){let d=r.prompt.replace(new RegExp(`^\\/${r.slashSkill}\\s*`,"i"),"").trim();return d?k(d,w.USER_INSTRUCTION):void 0}return k(r.prompt,w.USER_INSTRUCTION)||void 0}})(),C=JSON.stringify({trace_type:H,...I!==null&&{execution_status:I},...r.slashSkill?{skill_name:r.slashSkill}:{},...r.skillArtifacts?.length&&{skill_artifacts:r.skillArtifacts},...Y!==void 0&&{user_instruction:Y},latency_ms:ut,...S&&{tokens_input:S},...T&&{tokens_output:T},cost_usd:Dt,...r.model?{model:r.model}:{},toolCount:h,errorCount:f,stopReason:n,sessionId:r.sessionId,tools:X.length?X:void 0}),xt=M(k(r.prompt,w.TRACE_INPUT)),Ue=U(c(m.TRACE_NAME,r.traceName),c(m.TRACE_INPUT,xt),c(m.TRACE_OUTPUT,E),c(m.OBS_INPUT,xt),c(m.OBS_OUTPUT,E),c(m.TRACE_METADATA,C),c(m.SESSION_ID,r.sessionId),c(m.USER_ID,s.user),c(m.OBS_TYPE,"GENERATION"),c(m.MODEL,r.model),S?c(m.INPUT_TOKENS,S):null,T?c(m.OUTPUT_TOKENS,T):null,c("claude.stop_reason",n),c("claude.tool_count",String(h)),c("claude.error_count",String(f)),c("claude.session_id",r.sessionId),c("flow.trace_type",H),{key:m.TRACE_TAGS,value:{arrayValue:{values:[{stringValue:H}]}}}),ve={traceId:r.traceId,spanId:r.spanId,name:r.traceName,kind:1,startTimeUnixNano:r.startNs,endTimeUnixNano:o,attributes:Ue,status:{code:f>0?2:1}},Ce=U(c("service.name",process.env.LANGFUSE_PROJECT_NAME||"claude-code"),c("deployment.environment",process.env.LANGFUSE_ENVIRONMENT||"default")),Bt=[...u,ve];a("Stop",`sid=${e}`,`totalTools=${h}`,`errorTools=${f}`,`spans=${Bt.length}`,`inputTokens=${S}`,`outputTokens=${T}`,`traceOutput="${it(E,80)}"`);let Fe=await Le(_e(Ce,Bt));a("Stop",`POST status=${Fe}`,`traceId=${r.traceId}`),bt(e),O(t);}async function Vn(){let t=process.argv[2];if(t==="UserPromptSubmit"){let n=await Rt(),r;try{r=await K();}catch{process.stdout.write(JSON.stringify(n));return}r.authError?await vt(n,true):r.length>0?await vt(n):process.stdout.write(JSON.stringify(n));return}if(!await oe()){let n=[];process.stdin.on("data",r=>n.push(r)),process.stdin.on("end",()=>process.stdout.write(n.join("")));return}let e=await Rt();switch(t){case "PreToolUse":await Se(e);break;case "PostToolUse":await Re(e);break;case "Stop":await be(e);break;default:process.stderr.write(`[flow-obs] unknown event: ${t}
|
|
15
|
+
`),process.stdout.write(JSON.stringify(e));}}Vn().catch(t=>{process.stderr.write(`[flow-obs] fatal: ${t.message}
|
|
16
16
|
`),process.exit(0);});
|
package/dist/setup.js
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
#!/usr/bin/env node
|
|
2
|
-
'use strict';var child_process=require('child_process'),util=require('util'),i=require('fs'),u=require('path'),w=require('os'),be=require('https');function _interopDefault(e){return e&&e.__esModule?e:{default:e}}function _interopNamespace(e){if(e&&e.__esModule)return e;var n=Object.create(null);if(e){Object.keys(e).forEach(function(k){if(k!=='default'){var d=Object.getOwnPropertyDescriptor(e,k);Object.defineProperty(n,k,d.get?d:{enumerable:true,get:function(){return e[k]}});}})}n.default=e;return Object.freeze(n)}var i__namespace=/*#__PURE__*/_interopNamespace(i);var u__namespace=/*#__PURE__*/_interopNamespace(u);var w__namespace=/*#__PURE__*/_interopNamespace(w);var be__default=/*#__PURE__*/_interopDefault(be);var ue=Object.defineProperty;var E=(e=>typeof require<"u"?require:typeof Proxy<"u"?new Proxy(e,{get:(t,n)=>(typeof require<"u"?require:t)[n]}):e)(function(e){if(typeof require<"u")return require.apply(this,arguments);throw Error('Dynamic require of "'+e+'" is not supported')});var A=(e,t)=>()=>(e&&(t=e(e=0)),t);var pe=(e,t)=>()=>(t||e((t={exports:{}}).exports,t),t.exports),O=(e,t)=>{for(var n in t)ue(e,n,{get:t[n],enumerable:true});};var W={};O(W,{MacOsKeyVaultProvider:()=>I});var P,I,G=A(()=>{P=util.promisify(child_process.execFile),I=class{static async isAvailable(){try{return i.accessSync("/usr/bin/security",i.constants.X_OK),!0}catch{return false}}async getSecret(t,n){try{let{stdout:r}=await P("security",["find-generic-password","-w","-a",n,"-s",t]);return r.trim()||null}catch{return null}}async setSecret(t,n,r){await P("security",["add-generic-password","-U","-a",n,"-s",t,"-w",r]);}async deleteSecret(t,n){try{return await P("security",["delete-generic-password","-a",n,"-s",t]),!0}catch{return false}}getStoragePath(){return "macOS Keychain"}};});var B={};O(B,{LinuxKeyVaultProvider:()=>k});var j,k,K=A(()=>{j=util.promisify(child_process.execFile),k=class{static async isAvailable(){let t=["/usr/bin/secret-tool","/bin/secret-tool","/usr/local/bin/secret-tool"];for(let n of t)try{return i.accessSync(n,i.constants.X_OK),!0}catch{}return false}async getSecret(t,n){try{let{stdout:r}=await j("secret-tool",["lookup","service",t,"account",n]);return r.trim()||null}catch{return null}}async setSecret(t,n,r){await new Promise((s,o)=>{let a=child_process.spawn("secret-tool",["store","--label",t,"service",t,"account",n]);a.on("error",o),a.on("close",d=>{d===0?s():o(new Error(`secret-tool exited with code ${d}`));}),a.stdin.write(r),a.stdin.end();});}async deleteSecret(t,n){try{return await j("secret-tool",["clear","service",t,"account",n]),!0}catch{return false}}getStoragePath(){return "Linux Secret Service (libsecret)"}};});var J={};O(J,{WindowsKeyVaultProvider:()=>C});var C,X=A(()=>{C=class{static async isAvailable(){try{return await E("keytar").getPassword("__flow_probe__","__flow_probe__"),!0}catch{return false}}async getSecret(t,n){return E("keytar").getPassword(t,n)}async setSecret(t,n,r){await E("keytar").setPassword(t,n,r);}async deleteSecret(t,n){return E("keytar").deletePassword(t,n)}getStoragePath(){return "Windows Credential Manager"}};});var se=pe(($t,Ne)=>{Ne.exports={name:"@ciandt-flow/flow-ai-obs",version:"0.5.2-beta.338",description:"Claude Code hooks for Langfuse OTLP tracing \u2014 cross-platform",main:"dist/index.js",bin:{"flow-ai-obs":"dist/cli.js","flow-ai-obs-setup":"dist/setup.js"},scripts:{build:"tsup",test:"jest",typecheck:"tsc --noEmit",lint:"eslint src bin scripts",format:'prettier --write "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"format:check":'prettier --check "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"security-scan":"trufflehog filesystem src/ --fail --no-update --exclude-paths .trufflehogignore",postinstall:`node -e "require('fs').existsSync('dist/setup.js') && require('child_process').execFileSync(process.execPath, ['dist/setup.js'], {stdio:'inherit'})"`,prepublishOnly:"npm run security-scan && npm run build","release:npm":"changeset publish",changeset:"changeset","version-packages":"changeset version","install:hooks":"node dist/cli.js install","auth:login":"node dist/cli.js auth login","auth:logout":"node dist/cli.js auth logout","auth:status":"node dist/cli.js auth status",smoke:"bash scripts/smoke-test.sh","smoke:debug":"bash scripts/smoke-test.sh --debug","smoke:send":"bash scripts/smoke-test.sh --send --allow-http --debug"},files:["dist/","README.md","LICENSE.md"],keywords:["claude-code","langfuse","observability","otlp","hooks","flow","ciandt"],author:"CI&T Flow Team",license:"SEE LICENSE IN LICENSE.md",private:false,dependencies:{},optionalDependencies:{keytar:"7.9.0"},devDependencies:{"@changesets/changelog-github":"^0.6.0","@changesets/cli":"^2.30.0","@types/jest":"^30.0.0","@types/node":"^25.8.0",jest:"^30.4.2","ts-jest":"^29.4.9",tsup:"^8.5.1","eslint-config-prettier":"^10.1.5",prettier:"^3.5.3",typescript:"^6.0.3","typescript-eslint":"^8.33.0"},engines:{node:">=18.0.0"},publishConfig:{registry:"https://registry.npmjs.org",access:"public"},repository:{type:"git",url:"git+https://github.com/CI-T-HyperX/flow-codeassistant-observability.git"}};});var l=process.env.FLOW_BASE_URL||"https://flow.ciandt.com",v={AUTH_ENGINE:process.env.FLOW_AUTH_ENGINE_URL||`${l}/auth-engine-api/v2/api-key/token`,GATEWAY_TRACES:process.env.FLOW_GATEWAY_TRACES_URL||`${l}/flow-langfuse-gateway/v1/traces`,GATEWAY_HEALTH:process.env.FLOW_GATEWAY_HEALTH_URL||`${l}/flow-langfuse-gateway/v1/health`,OTEL_ENDPOINT:process.env.FLOW_OTEL_ENDPOINT_URL||`${l}/otel`},T={SERVICE:"flow-plugins-cli",ACCOUNT_CREDS:"credentials"},_="FLOW-nodejs",y="config.json";var D={ANTHROPIC_BASE_URL:process.env.FLOW_LLM_PROXY_URL??`${l}/flow-llm-proxy/`,ANTHROPIC_MODEL:process.env.FLOW_LLM_PROXY_MODEL??"anthropic.claude-4-6-sonnet",ANTHROPIC_SMALL_FAST_MODEL:process.env.FLOW_LLM_PROXY_SMALL_MODEL??"anthropic.claude-4-6-sonnet",CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS:"1"},M={CLAUDE_CODE_ENABLE_TELEMETRY:"1",OTEL_EXPORTER_OTLP_ENDPOINT:v.OTEL_ENDPOINT,OTEL_EXPORTER_OTLP_PROTOCOL:"http/json",OTEL_METRICS_EXPORTER:"otlp",OTEL_LOGS_EXPORTER:"otlp",OTEL_LOG_TOOL_DETAILS:"1",OTEL_LOG_USER_PROMPTS:"1"},f={FLOW_TELEMETRY:"FLOW_TELEMETRY",FLOW_TELEMETRY_GATEWAY:"FLOW_TELEMETRY_GATEWAY_URL",LANGFUSE_BASE_URL:"LANGFUSE_BASE_URL",LANGFUSE_PUBLIC_KEY:"LANGFUSE_PUBLIC_KEY",LANGFUSE_SECRET_KEY:"LANGFUSE_SECRET_KEY",ANTHROPIC_MODEL:"ANTHROPIC_MODEL",ANTHROPIC_AUTH_TOKEN:"ANTHROPIC_AUTH_TOKEN",FLOW_OBS_DEBUG:"FLOW_TELEMETRY_DEBUG",FLOW_OBS_ALLOW_HTTP:"FLOW_TELEMETRY_ALLOW_HTTP",BUFFER_TTL_DAYS:"FLOW_TELEMETRY_BUFFER_TTL_DAYS",BUFFER_MAX_FILES:"FLOW_TELEMETRY_BUFFER_MAX_FILES"};var H={LOCK_STALE_MS:3e4},x={UserPromptSubmit:5,PreToolUse:3,PostToolUse:10,Stop:15};var V="flow-ai-obs-debug.log";({API_URL:process.env.FLOW_METRICS_URL||`${l}/metrics-collector-api/log-event`});var L={credentials:"credentials","token-cache":"tokenCache"};function m(){let e=w__namespace.default.homedir();if(process.platform==="darwin")return u__namespace.default.join(e,"Library","Preferences",_,y);if(process.platform==="win32"){let n=process.env.APPDATA??u__namespace.default.join(e,"AppData","Roaming");return u__namespace.default.join(n,_,y)}let t=process.env.XDG_CONFIG_HOME??u__namespace.default.join(e,".config");return u__namespace.default.join(t,_,y)}function R(){try{let e=i__namespace.default.readFileSync(m(),"utf8");return JSON.parse(e)}catch{return {}}}function Y(e){let t=m();i__namespace.default.mkdirSync(u__namespace.default.dirname(t),{recursive:true}),i__namespace.default.writeFileSync(t,JSON.stringify(e,null,2),{encoding:"utf8",mode:384});}var S=class{static isAvailable(){return true}static hasExistingData(){try{if(!i__namespace.default.existsSync(m()))return !1;let t=JSON.parse(i__namespace.default.readFileSync(m(),"utf8"));return !!(t&&t.credentials)}catch{return false}}async getSecret(t,n){let r=R(),s=L[n]??n,o=r[s];return o?typeof o=="string"?o:JSON.stringify(o):null}async setSecret(t,n,r){let s=R(),o=L[n]??n;if(n==="token-cache")try{s[o]=JSON.parse(r);}catch{s[o]=r;}else s[o]=r;Y(s);}async deleteSecret(t,n){let r=R(),s=L[n]??n;return s in r?(delete r[s],Y(r),true):false}getStoragePath(){return `config.json (unencrypted) \u2014 ${m()}`}};async function q(){return await we()??new S}async function we(){switch(process.platform){case "darwin":{let{MacOsKeyVaultProvider:e}=await Promise.resolve().then(()=>(G(),W));return await e.isAvailable()?new e:null}case "linux":{let{LinuxKeyVaultProvider:e}=await Promise.resolve().then(()=>(K(),B));return await e.isAvailable()?new e:null}case "win32":{let{WindowsKeyVaultProvider:e}=await Promise.resolve().then(()=>(X(),J));return await e.isAvailable()?new e:null}default:return null}}var Ae=T.SERVICE,Oe=T.ACCOUNT_CREDS,N=null;function ve(){return N||(N=q()),N}async function b(){let t=await(await ve()).getSecret(Ae,Oe);if(!t)return null;try{return JSON.parse(t)}catch{return null}}u.join(w.tmpdir(),V);function U(){if(process.env.WSL_DISTRO_NAME&&process.platform==="linux"){let e=process.env.USERPROFILE;if(!e){let n=child_process.spawnSync("cmd.exe",["/c","echo","%USERPROFILE%"],{encoding:"utf8",timeout:5e3}).stdout?.trim();n&&/^[A-Za-z]:\\/.test(n)&&(e=n);}if(e){let t=e.replace(/^([A-Za-z]):/,(n,r)=>`/mnt/${r.toLowerCase()}`).replace(/\\/g,"/");return u__namespace.join(t,".claude","settings.json")}return u__namespace.join(w__namespace.homedir(),".claude","settings.json")}if(process.platform==="win32"){let e=process.env.USERPROFILE||w__namespace.homedir();return u__namespace.join(e,".claude","settings.json")}if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let t=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(t)return u__namespace.join(t,".claude","settings.json")}return u__namespace.join(w__namespace.homedir(),".claude","settings.json")}var ke=H.LOCK_STALE_MS;function Z(e){try{let t=i__namespace.statSync(e);Date.now()-t.mtimeMs>ke&&i__namespace.unlinkSync(e);}catch{}try{i__namespace.writeFileSync(e,String(process.pid),{flag:"wx"});}catch(t){throw t.code==="EEXIST"?new Error("Another install is already in progress. If this is stale, remove: "+e):t}}function Q(e){try{i__namespace.unlinkSync(e);}catch{}}function Ce(e,t){let r=(Array.isArray(e)?e:[]).map(s=>{if(!Array.isArray(s?.hooks))return null;let o=s.hooks.filter(a=>!a.command?.startsWith?.("flow-ai-obs "));return o.length>0?{...s,hooks:o}:null}).filter(s=>s!=null);return [t,...r]}function ee(){let e=U(),t=e+".lock",n=[];i__namespace.mkdirSync(u__namespace.dirname(e),{recursive:true}),Z(t);try{if(i__namespace.existsSync(e)){i__namespace.copyFileSync(e,e+".bkp");try{i__namespace.chmodSync(e+".bkp",384);}catch{}}let r={};try{r=JSON.parse(i__namespace.readFileSync(e,"utf8"));}catch{}let s=r.env&&typeof r.env=="object"?r.env:{};r.env={...M,...D,...s},r.otelHeadersHelper="flow-ai-obs otel-headers",(!r.hooks||typeof r.hooks!="object"||Array.isArray(r.hooks))&&(r.hooks={});let o=(c,h)=>({matcher:"",hooks:[{type:"command",command:`flow-ai-obs ${c}`,timeout:h}]}),a=["UserPromptSubmit","PreToolUse","PostToolUse","Stop"],d=r.hooks;for(let c of a){let h=Ce(d[c],o(c,x[c]));h.length>1&&n.push(c),d[c]=h;}i__namespace.writeFileSync(e,JSON.stringify(r,null,2)+`
|
|
3
|
-
`,{encoding:"utf8",mode:384});try{i__namespace.chmodSync(e,384);}catch{}}finally{
|
|
4
|
-
`,{encoding:"utf8",mode:384});try{i__namespace.chmodSync(t,384);}catch{}}finally{
|
|
2
|
+
'use strict';var child_process=require('child_process'),util=require('util'),i=require('fs'),d=require('path'),l=require('os'),Ge=require('https');function _interopDefault(e){return e&&e.__esModule?e:{default:e}}function _interopNamespace(e){if(e&&e.__esModule)return e;var n=Object.create(null);if(e){Object.keys(e).forEach(function(k){if(k!=='default'){var d=Object.getOwnPropertyDescriptor(e,k);Object.defineProperty(n,k,d.get?d:{enumerable:true,get:function(){return e[k]}});}})}n.default=e;return Object.freeze(n)}var i__namespace=/*#__PURE__*/_interopNamespace(i);var d__namespace=/*#__PURE__*/_interopNamespace(d);var l__namespace=/*#__PURE__*/_interopNamespace(l);var Ge__default=/*#__PURE__*/_interopDefault(Ge);var _e=Object.defineProperty;var T=(e=>typeof require<"u"?require:typeof Proxy<"u"?new Proxy(e,{get:(t,r)=>(typeof require<"u"?require:t)[r]}):e)(function(e){if(typeof require<"u")return require.apply(this,arguments);throw Error('Dynamic require of "'+e+'" is not supported')});var O=(e,t)=>()=>(e&&(t=e(e=0)),t);var Te=(e,t)=>()=>(t||e((t={exports:{}}).exports,t),t.exports),v=(e,t)=>{for(var r in t)_e(e,r,{get:t[r],enumerable:true});};var Z={};v(Z,{MacOsKeyVaultProvider:()=>U});var N,U,Q=O(()=>{N=util.promisify(child_process.execFile),U=class{static async isAvailable(){try{return i.accessSync("/usr/bin/security",i.constants.X_OK),!0}catch{return false}}async getSecret(t,r){try{let{stdout:n}=await N("security",["find-generic-password","-w","-a",r,"-s",t]);return n.trim()||null}catch{return null}}async setSecret(t,r,n){await N("security",["add-generic-password","-U","-a",r,"-s",t,"-w",n]);}async deleteSecret(t,r){try{return await N("security",["delete-generic-password","-a",r,"-s",t]),!0}catch{return false}}getStoragePath(){return "macOS Keychain"}};});var te={};v(te,{LinuxKeyVaultProvider:()=>b});var ee,b,re=O(()=>{ee=util.promisify(child_process.execFile),b=class{static async isAvailable(){let t=["/usr/bin/secret-tool","/bin/secret-tool","/usr/local/bin/secret-tool"];for(let r of t)try{return i.accessSync(r,i.constants.X_OK),!0}catch{}return false}async getSecret(t,r){try{let{stdout:n}=await ee("secret-tool",["lookup","service",t,"account",r]);return n.trim()||null}catch{return null}}async setSecret(t,r,n){await new Promise((s,o)=>{let a=child_process.spawn("secret-tool",["store","--label",t,"service",t,"account",r]);a.on("error",o),a.on("close",f=>{f===0?s():o(new Error(`secret-tool exited with code ${f}`));}),a.stdin.write(n),a.stdin.end();});}async deleteSecret(t,r){try{return await ee("secret-tool",["clear","service",t,"account",r]),!0}catch{return false}}getStoragePath(){return "Linux Secret Service (libsecret)"}};});var ne={};v(ne,{WindowsKeyVaultProvider:()=>F});var F,se=O(()=>{F=class{static async isAvailable(){try{return await T("keytar").getPassword("__flow_probe__","__flow_probe__"),!0}catch{return false}}async getSecret(t,r){return T("keytar").getPassword(t,r)}async setSecret(t,r,n){await T("keytar").setPassword(t,r,n);}async deleteSecret(t,r){return T("keytar").deletePassword(t,r)}getStoragePath(){return "Windows Credential Manager"}};});var de=Te((qt,je)=>{je.exports={name:"@ciandt-flow/flow-ai-obs",version:"0.5.2-beta.346",description:"Claude Code hooks for Langfuse OTLP tracing \u2014 cross-platform",main:"dist/index.js",bin:{"flow-ai-obs":"dist/cli.js","flow-ai-obs-setup":"dist/setup.js"},scripts:{build:"tsup",test:"jest",typecheck:"tsc --noEmit",lint:"eslint src bin scripts",format:'prettier --write "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"format:check":'prettier --check "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"security-scan":"trufflehog filesystem src/ --fail --no-update --exclude-paths .trufflehogignore",postinstall:`node -e "require('fs').existsSync('dist/setup.js') && require('child_process').execFileSync(process.execPath, ['dist/setup.js'], {stdio:'inherit'})"`,prepublishOnly:"npm run security-scan && npm run build","release:npm":"changeset publish",changeset:"changeset","version-packages":"changeset version","install:hooks":"node dist/cli.js install","auth:login":"node dist/cli.js auth login","auth:logout":"node dist/cli.js auth logout","auth:status":"node dist/cli.js auth status",smoke:"bash scripts/smoke-test.sh","smoke:debug":"bash scripts/smoke-test.sh --debug","smoke:send":"bash scripts/smoke-test.sh --send --allow-http --debug"},files:["dist/","README.md","LICENSE.md"],keywords:["claude-code","langfuse","observability","otlp","hooks","flow","ciandt"],author:"CI&T Flow Team",license:"SEE LICENSE IN LICENSE.md",private:false,dependencies:{},optionalDependencies:{keytar:"7.9.0"},devDependencies:{"@changesets/changelog-github":"^0.6.0","@changesets/cli":"^2.30.0","@types/jest":"^30.0.0","@types/node":"^25.8.0",jest:"^30.4.2","ts-jest":"^29.4.9",tsup:"^8.5.1","eslint-config-prettier":"^10.1.5",prettier:"^3.5.3",typescript:"^6.0.3","typescript-eslint":"^8.33.0"},engines:{node:">=18.0.0"},publishConfig:{registry:"https://registry.npmjs.org",access:"public"},repository:{type:"git",url:"git+https://github.com/CI-T-HyperX/flow-codeassistant-observability.git"}};});function x(){if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let t=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(t)return {home:t,username:process.env.SUDO_USER}}return {home:l__namespace.homedir(),username:process.env.SUDO_USER||process.env.USER||l__namespace.userInfo().username}}function R(){if(process.env.WSL_DISTRO_NAME&&process.platform==="linux"){let e=process.env.USERPROFILE;if(!e){let r=child_process.spawnSync("cmd.exe",["/c","echo","%USERPROFILE%"],{encoding:"utf8",timeout:5e3}).stdout?.trim();r&&/^[A-Za-z]:\\/.test(r)&&(e=r);}if(e){let t=e.replace(/^([A-Za-z]):/,(r,n)=>`/mnt/${n.toLowerCase()}`).replace(/\\/g,"/");return d__namespace.join(t,".claude","settings.json")}return d__namespace.join(l__namespace.homedir(),".claude","settings.json")}if(process.platform==="win32"){let e=process.env.USERPROFILE||l__namespace.homedir();return d__namespace.join(e,".claude","settings.json")}if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let t=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(t)return d__namespace.join(t,".claude","settings.json")}return d__namespace.join(l__namespace.homedir(),".claude","settings.json")}var V="flow-ai-obs",Y="config.json";function ye(){if(process.platform==="win32"){let r=process.env.APPDATA||d__namespace.join(l__namespace.homedir(),"AppData","Roaming");return d__namespace.join(r,V,Y)}let e=x(),t=process.env.XDG_CONFIG_HOME||d__namespace.join(e.home,".config");return d__namespace.join(t,V,Y)}function Se(){try{let e=i__namespace.readFileSync(ye(),"utf8");return JSON.parse(e)}catch{return {}}}function I(){return Se().baseUrl??null}var G=I()??process.env.FLOW_BASE_URL??"https://flow.ciandt.com";function B(){return I()??process.env.FLOW_BASE_URL??"https://flow.ciandt.com"}function P(){let e=B();return {AUTH_ENGINE:process.env.FLOW_AUTH_ENGINE_URL||`${e}/auth-engine-api/v2/api-key/token`,GATEWAY_TRACES:process.env.FLOW_GATEWAY_TRACES_URL||`${e}/flow-langfuse-gateway/v1/traces`,GATEWAY_HEALTH:process.env.FLOW_GATEWAY_HEALTH_URL||`${e}/flow-langfuse-gateway/v1/health`,OTEL_ENDPOINT:process.env.FLOW_OTEL_ENDPOINT_URL||`${e}/otel`}}var we=P(),y={SERVICE:"flow-plugins-cli",ACCOUNT_CREDS:"credentials"},S="FLOW-nodejs",w="config.json";var W={ANTHROPIC_BASE_URL:process.env.FLOW_LLM_PROXY_URL??`${G}/flow-llm-proxy/`,ANTHROPIC_MODEL:process.env.FLOW_LLM_PROXY_MODEL??"anthropic.claude-4-6-sonnet",ANTHROPIC_SMALL_FAST_MODEL:process.env.FLOW_LLM_PROXY_SMALL_MODEL??"anthropic.claude-4-6-sonnet",CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS:"1"},K={CLAUDE_CODE_ENABLE_TELEMETRY:"1",OTEL_EXPORTER_OTLP_ENDPOINT:we.OTEL_ENDPOINT,OTEL_EXPORTER_OTLP_PROTOCOL:"http/json",OTEL_METRICS_EXPORTER:"otlp",OTEL_LOGS_EXPORTER:"otlp",OTEL_LOG_TOOL_DETAILS:"1",OTEL_LOG_USER_PROMPTS:"1"},g={FLOW_TELEMETRY:"FLOW_TELEMETRY",FLOW_TELEMETRY_GATEWAY:"FLOW_TELEMETRY_GATEWAY_URL",LANGFUSE_BASE_URL:"LANGFUSE_BASE_URL",LANGFUSE_PUBLIC_KEY:"LANGFUSE_PUBLIC_KEY",LANGFUSE_SECRET_KEY:"LANGFUSE_SECRET_KEY",ANTHROPIC_MODEL:"ANTHROPIC_MODEL",ANTHROPIC_AUTH_TOKEN:"ANTHROPIC_AUTH_TOKEN",FLOW_OBS_DEBUG:"FLOW_TELEMETRY_DEBUG",FLOW_OBS_ALLOW_HTTP:"FLOW_TELEMETRY_ALLOW_HTTP",BUFFER_TTL_DAYS:"FLOW_TELEMETRY_BUFFER_TTL_DAYS",BUFFER_MAX_FILES:"FLOW_TELEMETRY_BUFFER_MAX_FILES"};var J={LOCK_STALE_MS:3e4},X={UserPromptSubmit:5,PreToolUse:3,PostToolUse:10,Stop:15};var q="flow-ai-obs-debug.log";({API_URL:process.env.FLOW_METRICS_URL||`${G}/metrics-collector-api/log-event`});var C={credentials:"credentials","token-cache":"tokenCache"};function h(){let e=l__namespace.default.homedir();if(process.platform==="darwin")return d__namespace.default.join(e,"Library","Preferences",S,w);if(process.platform==="win32"){let r=process.env.APPDATA??d__namespace.default.join(e,"AppData","Roaming");return d__namespace.default.join(r,S,w)}let t=process.env.XDG_CONFIG_HOME??d__namespace.default.join(e,".config");return d__namespace.default.join(t,S,w)}function k(){try{let e=i__namespace.default.readFileSync(h(),"utf8");return JSON.parse(e)}catch{return {}}}function z(e){let t=h();i__namespace.default.mkdirSync(d__namespace.default.dirname(t),{recursive:true}),i__namespace.default.writeFileSync(t,JSON.stringify(e,null,2),{encoding:"utf8",mode:384});}var A=class{static isAvailable(){return true}static hasExistingData(){try{if(!i__namespace.default.existsSync(h()))return !1;let t=JSON.parse(i__namespace.default.readFileSync(h(),"utf8"));return !!(t&&t.credentials)}catch{return false}}async getSecret(t,r){let n=k(),s=C[r]??r,o=n[s];return o?typeof o=="string"?o:JSON.stringify(o):null}async setSecret(t,r,n){let s=k(),o=C[r]??r;if(r==="token-cache")try{s[o]=JSON.parse(n);}catch{s[o]=n;}else s[o]=n;z(s);}async deleteSecret(t,r){let n=k(),s=C[r]??r;return s in n?(delete n[s],z(n),true):false}getStoragePath(){return `config.json (unencrypted) \u2014 ${h()}`}};async function oe(){return await Ue()??new A}async function Ue(){switch(process.platform){case "darwin":{let{MacOsKeyVaultProvider:e}=await Promise.resolve().then(()=>(Q(),Z));return await e.isAvailable()?new e:null}case "linux":{let{LinuxKeyVaultProvider:e}=await Promise.resolve().then(()=>(re(),te));return await e.isAvailable()?new e:null}case "win32":{let{WindowsKeyVaultProvider:e}=await Promise.resolve().then(()=>(se(),ne));return await e.isAvailable()?new e:null}default:return null}}var be=y.SERVICE,Fe=y.ACCOUNT_CREDS,D=null;function De(){return D||(D=oe()),D}async function $(){let t=await(await De()).getSecret(be,Fe);if(!t)return null;try{return JSON.parse(t)}catch{return null}}d.join(l.tmpdir(),q);var Ve=J.LOCK_STALE_MS;function ie(e){try{let t=i__namespace.statSync(e);Date.now()-t.mtimeMs>Ve&&i__namespace.unlinkSync(e);}catch{}try{i__namespace.writeFileSync(e,String(process.pid),{flag:"wx"});}catch(t){throw t.code==="EEXIST"?new Error("Another install is already in progress. If this is stale, remove: "+e):t}}function ae(e){try{i__namespace.unlinkSync(e);}catch{}}function Ye(e,t){let n=(Array.isArray(e)?e:[]).map(s=>{if(!Array.isArray(s?.hooks))return null;let o=s.hooks.filter(a=>!a.command?.startsWith?.("flow-ai-obs "));return o.length>0?{...s,hooks:o}:null}).filter(s=>s!=null);return [t,...n]}function ce(){let e=R(),t=e+".lock",r=[];i__namespace.mkdirSync(d__namespace.dirname(e),{recursive:true}),ie(t);try{if(i__namespace.existsSync(e)){i__namespace.copyFileSync(e,e+".bkp");try{i__namespace.chmodSync(e+".bkp",384);}catch{}}let n={};try{n=JSON.parse(i__namespace.readFileSync(e,"utf8"));}catch{}let s=n.env&&typeof n.env=="object"?n.env:{};n.env={...K,...W,...s},n.otelHeadersHelper="flow-ai-obs otel-headers",(!n.hooks||typeof n.hooks!="object"||Array.isArray(n.hooks))&&(n.hooks={});let o=(c,_)=>({matcher:"",hooks:[{type:"command",command:`flow-ai-obs ${c}`,timeout:_}]}),a=["UserPromptSubmit","PreToolUse","PostToolUse","Stop"],f=n.hooks;for(let c of a){let _=Ye(f[c],o(c,X[c]));_.length>1&&r.push(c),f[c]=_;}i__namespace.writeFileSync(e,JSON.stringify(n,null,2)+`
|
|
3
|
+
`,{encoding:"utf8",mode:384});try{i__namespace.chmodSync(e,384);}catch{}}finally{ae(t);}return {settingsPath:e,preserved:r}}function le(e){let t=R(),r=t+".lock";i__namespace.mkdirSync(d__namespace.dirname(t),{recursive:true}),ie(r);try{let n={};try{n=JSON.parse(i__namespace.readFileSync(t,"utf8"));}catch{}(!n.env||typeof n.env!="object")&&(n.env={}),Object.assign(n.env,e),i__namespace.writeFileSync(t,JSON.stringify(n,null,2)+`
|
|
4
|
+
`,{encoding:"utf8",mode:384});try{i__namespace.chmodSync(t,384);}catch{}}finally{ae(r);}}function ue(e){if(!e)return null;try{let t=e.split(".");if(t.length<2)return null;let r=JSON.parse(Buffer.from(t[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8")),{clientId:n,clientSecret:s,tenant:o}=r;return !n||!s||!o?null:{clientId:n,clientSecret:s,tenant:o}}catch{return null}}function pe(e){let t=Buffer.from(JSON.stringify({alg:"none",typ:"JWT"})).toString("base64url"),r=Buffer.from(JSON.stringify({clientId:e.clientId,clientSecret:e.clientSecret,tenant:e.tenant})).toString("base64url");return `${t}.${r}.`}var M;function me(){return M||(M=de()),M}var ge=d__namespace.default.join(l__namespace.default.tmpdir(),"flow-obs-update-cache.json"),Ke=1440*60*1e3,Je=3e3;function Xe(e,t){let r=o=>{let a=String(o).replace(/^v/,"").match(/^(\d+)\.(\d+)\.(\d+)/);return a?[+a[1],+a[2],+a[3]]:null},n=r(e),s=r(t);return !n||!s?false:s[0]!==n[0]?s[0]>n[0]:s[1]!==n[1]?s[1]>n[1]:s[2]>n[2]}function qe(){try{let e=JSON.parse(i__namespace.default.readFileSync(ge,"utf8"));return typeof e.latestVersion!="string"||Date.now()-e.checkedAt>=Ke?null:e}catch{return null}}function ze(e,t,r=Date.now()){try{i__namespace.default.writeFileSync(ge,JSON.stringify({latestVersion:e,updatePriority:t??null,checkedAt:r}),{mode:384});}catch{}}function Ze(e){let t=me().name,r=Ge__default.default.get(`https://registry.npmjs.org/${encodeURIComponent(t)}/latest`,{timeout:Je},n=>{if(n.statusCode!==200)return n.resume(),e(new Error(`HTTP ${n.statusCode}`));let s="";n.setEncoding("utf8"),n.on("data",o=>{s+=o;}),n.on("end",()=>{try{let o=JSON.parse(s);if(typeof o.version!="string")throw new Error("no version field");e(null,{version:o.version,updatePriority:typeof o.updatePriority=="string"?o.updatePriority:null});}catch(o){e(o);}});});r.on("error",e),r.on("timeout",()=>{r.destroy(new Error("timeout"));});}function he(){try{if(qe())return;setImmediate(()=>{Ze((e,t)=>{e||!t||Xe(me().version,t.version)&&ze(t.version,t.updatePriority,0);});});}catch{}}var Qe=d__namespace.default.resolve(__dirname,".."),et=process.env.INIT_CWD?d__namespace.default.resolve(process.env.INIT_CWD):null;et===Qe&&process.exit(0);async function tt(){try{ce();}catch{}let e=await $();if(!e){process.stderr.write(`
|
|
5
5
|
[flow-ai-obs] No credentials found.
|
|
6
6
|
Run \`flow-ai-obs auth login\` to authenticate and enable telemetry.
|
|
7
7
|
|
|
8
|
-
`);return}let t=
|
|
8
|
+
`);return}let t=ue(process.env[g.ANTHROPIC_AUTH_TOKEN]);if(!t||t.clientId!==e.clientId||t.clientSecret!==e.clientSecret||t.tenant!==e.tenant)try{let n=pe(e);le({[g.ANTHROPIC_AUTH_TOKEN]:n});}catch{}}tt().catch(()=>{}).finally(()=>he());
|