@ciandt-flow/flow-ai-obs 0.7.1-beta.501 → 0.7.1-beta.522

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/README.md CHANGED
@@ -47,6 +47,8 @@ That's it. Every Claude Code session with Skills or Agents now generates traces
47
47
  npm install -g @ciandt-flow/flow-ai-obs
48
48
  ```
49
49
 
50
+ > **Do not use `sudo`.** `flow-ai-obs` is not supported in a sudo context.
51
+
50
52
  The `postinstall` script runs automatically and guides you through authentication and hook registration.
51
53
 
52
54
  ### npx (no install)
package/dist/cli.js CHANGED
@@ -1,193 +1,197 @@
1
1
  #!/usr/bin/env node
2
- 'use strict';var _e=require('readline/promises'),as=require('https'),y=require('fs'),tt=require('os'),kt=require('path'),child_process=require('child_process'),ks=require('http'),util=require('util'),crypto=require('crypto');function _interopNamespace(e){if(e&&e.__esModule)return e;var n=Object.create(null);if(e){Object.keys(e).forEach(function(k){if(k!=='default'){var d=Object.getOwnPropertyDescriptor(e,k);Object.defineProperty(n,k,d.get?d:{enumerable:true,get:function(){return e[k]}});}})}n.default=e;return Object.freeze(n)}var _e__namespace=/*#__PURE__*/_interopNamespace(_e);var as__namespace=/*#__PURE__*/_interopNamespace(as);var y__namespace=/*#__PURE__*/_interopNamespace(y);var tt__namespace=/*#__PURE__*/_interopNamespace(tt);var kt__namespace=/*#__PURE__*/_interopNamespace(kt);var ks__namespace=/*#__PURE__*/_interopNamespace(ks);var Te=Object.defineProperty;var ts=Object.getOwnPropertyDescriptor;var es=Object.getOwnPropertyNames;var rs=Object.prototype.hasOwnProperty;var xt=(t=>typeof require<"u"?require:typeof Proxy<"u"?new Proxy(t,{get:(e,r)=>(typeof require<"u"?require:e)[r]}):t)(function(t){if(typeof require<"u")return require.apply(this,arguments);throw Error('Dynamic require of "'+t+'" is not supported')});var m=(t,e,r)=>()=>{if(r)throw r[0];try{return t&&(e=t(t=0)),e}catch(n){throw r=[n],n}};var ns=(t,e)=>()=>{try{return e||t((e={exports:{}}).exports,e),e.exports}catch(r){throw e=0,r}},M=(t,e)=>{for(var r in e)Te(t,r,{get:e[r],enumerable:true});},ss=(t,e,r,n)=>{if(e&&typeof e=="object"||typeof e=="function")for(let s of es(e))!rs.call(t,s)&&s!==r&&Te(t,s,{get:()=>e[s],enumerable:!(n=ts(e,s))||n.enumerable});return t};var L=t=>ss(Te({},"__esModule",{value:true}),t);var re=ns((zo,os)=>{os.exports={name:"@ciandt-flow/flow-ai-obs",version:"0.7.1-beta.501",description:"Claude Code hooks for Langfuse OTLP tracing \u2014 cross-platform",main:"dist/index.js",bin:{"flow-ai-obs":"dist/cli.js","flow-ai-obs-setup":"dist/setup.js"},scripts:{build:"tsup",test:"jest",typecheck:"tsc --noEmit",lint:"eslint src bin scripts",format:'prettier --write "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"format:check":'prettier --check "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"security-scan":"trufflehog filesystem src/ --fail --no-update --exclude-paths .trufflehogignore",postinstall:`node -e "require('fs').existsSync('dist/setup.js') && require('child_process').execFileSync(process.execPath, ['dist/setup.js'], {stdio:'inherit'})"`,prepublishOnly:"npm run security-scan && npm run build","release:npm":"changeset publish",changeset:"changeset","version-packages":"changeset version","install:hooks":"node dist/cli.js install","auth:login":"node dist/cli.js auth login","auth:logout":"node dist/cli.js auth logout","auth:status":"node dist/cli.js auth status",smoke:"bash scripts/smoke-test.sh","smoke:debug":"bash scripts/smoke-test.sh --debug","smoke:send":"bash scripts/smoke-test.sh --send --allow-http --debug"},files:["dist/","README.md","LICENSE.md"],keywords:["claude-code","langfuse","observability","otlp","hooks","flow","ciandt"],author:"CI&T Flow Team",license:"SEE LICENSE IN LICENSE.md",private:!1,dependencies:{},optionalDependencies:{keytar:"7.9.0"},devDependencies:{"@changesets/changelog-github":"^0.6.0","@changesets/cli":"^2.30.0","@types/jest":"^30.0.0","@types/node":"^25.8.0",jest:"^30.4.2","ts-jest":"^29.4.9",tsup:"^8.5.1","eslint-config-prettier":"^10.1.5",prettier:"^3.5.3",typescript:"^6.0.3","typescript-eslint":"^8.33.0"},engines:{node:">=18.0.0"},overrides:{esbuild:"^0.28.1"},publishConfig:{registry:"https://registry.npmjs.org",access:"public"},repository:{type:"git",url:"git+https://github.com/CI-T-HyperX/flow-codeassistant-observability.git"}};});var ye={};M(ye,{bold:()=>j,cyan:()=>H,dim:()=>S,green:()=>b,red:()=>B,yellow:()=>A});function ft(t,e){return is?r=>`\x1B[${t}m${r}\x1B[${e}m`:r=>r}var is,b,B,A,H,j,S,mt=m(()=>{"use strict";is=!process.env.NO_COLOR&&process.stdout.isTTY;b=ft("32","39"),B=ft("31","39"),A=ft("33","39"),H=ft("36","39"),j=ft("1","22"),S=ft("2","22");});function gt(){return process.stdout.isTTY===true&&process.stdin.isTTY===true&&!process.argv.includes("--no-interactive")}async function Ae(t,e){let r=_e__namespace.createInterface({input:process.stdin,output:process.stdout}),s=`${t} ${e===true?"(Y/n)":e===false?"(y/N)":"(y/n)"}: `;for(let o=1;o<=3;o++)try{let i=(await r.question(s)).trim().toLowerCase();if(i===""&&e!==void 0)return r.close(),e;if(i==="y"||i==="yes")return r.close(),!0;if(i==="n"||i==="no")return r.close(),!1;o<3&&process.stdout.write(` Invalid input. Please answer "y" or "n".
3
- `);}catch(i){throw r.close(),i}if(r.close(),e!==void 0)return e;throw new Error("Too many invalid attempts for yes/no prompt")}async function dr(t,e){let r=_e__namespace.createInterface({input:process.stdin,output:process.stdout});try{let n=(await r.question(`${t}: `)).trim();if(e);return n}catch(n){throw n}finally{r.close();}}var ke=m(()=>{"use strict";});var wt={};M(wt,{checkForUpdate:()=>ms,checkForUpdateInteractive:()=>gs,fetchLatestVersionAsync:()=>gr,isNewer:()=>ht,primeUpdateCache:()=>hs});function I(){return Oe||(Oe=re()),Oe}function ht(t,e){let r=o=>{let i=String(o).replace(/^v/,"").match(/^(\d+)\.(\d+)\.(\d+)/);return i?[+i[1],+i[2],+i[3]]:null},n=r(t),s=r(e);return !n||!s?false:s[0]!==n[0]?s[0]>n[0]:s[1]!==n[1]?s[1]>n[1]:s[2]>n[2]}function be(){try{let t=JSON.parse(y__namespace.default.readFileSync(mr,"utf8"));return typeof t.latestVersion!="string"||Date.now()-t.checkedAt>=us?null:t}catch{return null}}function Ie(t,e,r=Date.now()){try{y__namespace.default.writeFileSync(mr,JSON.stringify({latestVersion:t,updatePriority:e??null,checkedAt:r}),{mode:384});}catch{}}function Re(t){let e=I().name,r=as__namespace.default.get(`https://registry.npmjs.org/${encodeURIComponent(e)}/latest`,{timeout:ds},n=>{if(n.statusCode!==200)return n.resume(),t(new Error(`HTTP ${n.statusCode}`));let s="";n.setEncoding("utf8"),n.on("data",o=>{s+=o;}),n.on("end",()=>{try{let o=JSON.parse(s);if(typeof o.version!="string")throw new Error("no version field");t(null,{version:o.version,updatePriority:typeof o.updatePriority=="string"?o.updatePriority:null});}catch(o){t(o);}});});r.on("error",t),r.on("timeout",()=>{r.destroy(new Error("timeout"));});}function ve(t){let e=I().name,n=` Update available: ${I().version} \u2192 ${t}`,s=` Run: npm install -g ${e}`,o=Math.max(n.length,s.length)+2,i="\u2500".repeat(o);process.stderr.write(`
2
+ 'use strict';var Ce=require('readline/promises'),Ss=require('https'),h=require('fs'),it=require('os'),bt=require('path'),child_process=require('child_process'),$s=require('http'),util=require('util'),crypto=require('crypto');function _interopDefault(e){return e&&e.__esModule?e:{default:e}}function _interopNamespace(e){if(e&&e.__esModule)return e;var n=Object.create(null);if(e){Object.keys(e).forEach(function(k){if(k!=='default'){var d=Object.getOwnPropertyDescriptor(e,k);Object.defineProperty(n,k,d.get?d:{enumerable:true,get:function(){return e[k]}});}})}n.default=e;return Object.freeze(n)}var Ce__namespace=/*#__PURE__*/_interopNamespace(Ce);var Ss__default=/*#__PURE__*/_interopDefault(Ss);var h__namespace=/*#__PURE__*/_interopNamespace(h);var it__namespace=/*#__PURE__*/_interopNamespace(it);var bt__namespace=/*#__PURE__*/_interopNamespace(bt);var $s__default=/*#__PURE__*/_interopDefault($s);var Re=Object.defineProperty;var ps=Object.getOwnPropertyDescriptor;var fs=Object.getOwnPropertyNames;var ms=Object.prototype.hasOwnProperty;var Bt=(t=>typeof require<"u"?require:typeof Proxy<"u"?new Proxy(t,{get:(e,r)=>(typeof require<"u"?require:e)[r]}):t)(function(t){if(typeof require<"u")return require.apply(this,arguments);throw Error('Dynamic require of "'+t+'" is not supported')});var f=(t,e,r)=>()=>{if(r)throw r[0];try{return t&&(e=t(t=0)),e}catch(n){throw r=[n],n}};var gs=(t,e)=>()=>{try{return e||t((e={exports:{}}).exports,e),e.exports}catch(r){throw e=0,r}},H=(t,e)=>{for(var r in e)Re(t,r,{get:e[r],enumerable:true});},hs=(t,e,r,n)=>{if(e&&typeof e=="object"||typeof e=="function")for(let s of fs(e))!ms.call(t,s)&&s!==r&&Re(t,s,{get:()=>e[s],enumerable:!(n=ps(e,s))||n.enumerable});return t};var R=t=>hs(Re({},"__esModule",{value:true}),t);var ae=gs((ui,ws)=>{ws.exports={name:"@ciandt-flow/flow-ai-obs",version:"0.7.1-beta.522",description:"Claude Code hooks for Langfuse OTLP tracing \u2014 cross-platform",main:"dist/index.js",bin:{"flow-ai-obs":"dist/cli.js","flow-ai-obs-setup":"dist/setup.js"},scripts:{build:"tsup",test:"jest",typecheck:"tsc --noEmit",lint:"eslint src bin scripts",format:'prettier --write "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"format:check":'prettier --check "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"security-scan":"trufflehog filesystem src/ --fail --no-update --exclude-paths .trufflehogignore",postinstall:`node -e "require('fs').existsSync('dist/setup.js') && require('child_process').execFileSync(process.execPath, ['dist/setup.js'], {stdio:'inherit'})"`,prepublishOnly:"npm run security-scan && npm run build","release:npm":"changeset publish",changeset:"changeset","version-packages":"changeset version","install:hooks":"node dist/cli.js install","auth:login":"node dist/cli.js auth login","auth:logout":"node dist/cli.js auth logout","auth:status":"node dist/cli.js auth status",smoke:"bash scripts/smoke-test.sh","smoke:debug":"bash scripts/smoke-test.sh --debug","smoke:send":"bash scripts/smoke-test.sh --send --allow-http --debug"},files:["dist/","README.md","LICENSE.md"],keywords:["claude-code","langfuse","observability","otlp","hooks","flow","ciandt"],author:"CI&T Flow Team",license:"SEE LICENSE IN LICENSE.md",private:!1,dependencies:{},optionalDependencies:{keytar:"7.9.0"},devDependencies:{"@changesets/changelog-github":"^0.6.0","@changesets/cli":"^2.30.0","@types/jest":"^30.0.0","@types/node":"^25.8.0",jest:"^30.4.2","ts-jest":"^29.4.9",tsup:"^8.5.1","eslint-config-prettier":"^10.1.5",prettier:"^3.5.3",typescript:"^6.0.3","typescript-eslint":"^8.33.0"},engines:{node:">=18.0.0"},overrides:{esbuild:"^0.28.1"},publishConfig:{registry:"https://registry.npmjs.org",access:"public"},repository:{type:"git",url:"git+https://github.com/CI-T-HyperX/flow-codeassistant-observability.git"}};});var Ie={};H(Ie,{bold:()=>j,cyan:()=>L,dim:()=>g,green:()=>I,red:()=>v,yellow:()=>A});function St(t,e){return Es?r=>`\x1B[${t}m${r}\x1B[${e}m`:r=>r}var Es,I,v,A,L,j,g,st=f(()=>{"use strict";Es=!process.env.NO_COLOR&&process.stdout.isTTY;I=St("32","39"),v=St("31","39"),A=St("33","39"),L=St("36","39"),j=St("1","22"),g=St("2","22");});function Tt(){return process.stdout.isTTY===true&&process.stdin.isTTY===true&&!process.argv.includes("--no-interactive")}async function Pe(t,e){let r=Ce__namespace.createInterface({input:process.stdin,output:process.stdout}),s=`${t} ${e===true?"(Y/n)":e===false?"(y/N)":"(y/n)"}: `;for(let o=1;o<=3;o++)try{let i=(await r.question(s)).trim().toLowerCase();if(i===""&&e!==void 0)return r.close(),e;if(i==="y"||i==="yes")return r.close(),!0;if(i==="n"||i==="no")return r.close(),!1;o<3&&process.stdout.write(` Invalid input. Please answer "y" or "n".
3
+ `);}catch(i){throw r.close(),i}if(r.close(),e!==void 0)return e;throw new Error("Too many invalid attempts for yes/no prompt")}async function _r(t,e){let r=Ce__namespace.createInterface({input:process.stdin,output:process.stdout});try{let n=(await r.question(`${t}: `)).trim();if(e);return n}catch(n){throw n}finally{r.close();}}var Ne=f(()=>{"use strict";});var _t={};H(_t,{checkForUpdate:()=>vs,checkForUpdateInteractive:()=>Ls,fetchLatestVersionAsync:()=>vr,isNewer:()=>yt,primeUpdateCache:()=>bs});function C(){return Ue||(Ue=ae()),Ue}function yt(t,e){let r=o=>{let i=String(o).replace(/^v/,"").match(/^(\d+)\.(\d+)\.(\d+)/);return i?[+i[1],+i[2],+i[3]]:null},n=r(t),s=r(e);return !n||!s?false:s[0]!==n[0]?s[0]>n[0]:s[1]!==n[1]?s[1]>n[1]:s[2]>n[2]}function xe(){try{let t=JSON.parse(h__namespace.default.readFileSync(Or,"utf8"));return typeof t.latestVersion!="string"||Date.now()-t.checkedAt>=_s?null:t}catch{return null}}function De(t,e,r=Date.now()){try{h__namespace.default.writeFileSync(Or,JSON.stringify({latestVersion:t,updatePriority:e??null,checkedAt:r}),{mode:384});}catch{}}function Me(t){let e=C().name,r=Ss__default.default.get(`https://registry.npmjs.org/${encodeURIComponent(e)}/latest`,{timeout:ks},n=>{if(n.statusCode!==200)return n.resume(),t(new Error(`HTTP ${n.statusCode}`));let s="";n.setEncoding("utf8"),n.on("data",o=>{s+=o;}),n.on("end",()=>{try{let o=JSON.parse(s);if(typeof o.version!="string")throw new Error("no version field");t(null,{version:o.version,updatePriority:typeof o.updatePriority=="string"?o.updatePriority:null});}catch(o){t(o);}});});r.on("error",t),r.on("timeout",()=>{r.destroy(new Error("timeout"));});}function $e(t){let e=C().name,n=` Update available: ${C().version} \u2192 ${t}`,s=` Run: npm install -g ${e}`,o=Math.max(n.length,s.length)+2,i="\u2500".repeat(o);process.stderr.write(`
4
4
  \u256D${i}\u256E
5
5
  \u2502${n.padEnd(o)}\u2502
6
6
  \u2502${s.padEnd(o)}\u2502
7
7
  \u2570${i}\u256F
8
8
 
9
- `);}function Le(t){let e=I().name;process.stderr.write(`
9
+ `);}function Fe(t){let e=C().name;process.stderr.write(`
10
10
  [${e}] Critical update detected \u2014 auto-updating to ${t}...
11
11
 
12
- `),child_process.spawn("npm",["install","-g",`${e}@${t}`],{detached:true,stdio:"ignore",windowsHide:true}).unref();}async function ps(t,e=1e4){let r=xt("readline"),n=I().name,o=` Update available: ${I().version} \u2192 ${t}`,i=` Run: npm install -g ${n}`,a=" Install now? [y/N]: ",c=Math.max(o.length,i.length,a.length-2)+2,l="\u2500".repeat(c);return process.stderr.write(`
13
- \u256D${l}\u256E
12
+ `),child_process.spawn("npm",["install","-g",`${e}@${t}`],{detached:true,stdio:"ignore",windowsHide:true}).unref();}async function As(t,e=1e4){let r=Bt("readline"),n=C().name,o=` Update available: ${C().version} \u2192 ${t}`,i=` Run: npm install -g ${n}`,a=" Install now? [y/N]: ",c=Math.max(o.length,i.length,a.length-2)+2,u="\u2500".repeat(c);return process.stderr.write(`
13
+ \u256D${u}\u256E
14
14
  \u2502${o.padEnd(c)}\u2502
15
15
  \u2502${i.padEnd(c)}\u2502
16
16
  \u2502${a.padEnd(c)}\u2502
17
- \u2570${l}\u256F
18
- `),new Promise(p=>{let T=r.createInterface({input:process.stdin,output:void 0,terminal:false}),g=false;function E(_){g||(g=true,clearTimeout(O),T.close(),process.stderr.write(`
19
- `),p(_));}let O=setTimeout(()=>E(false),e);T.once("line",_=>E(_.trim().toLowerCase()==="y")),T.once("close",()=>E(false));})}async function fs(t){let e=I().name;return process.stderr.write(` Installing ${e}@${t}...
17
+ \u2570${u}\u256F
18
+ `),new Promise(p=>{let y=r.createInterface({input:process.stdin,output:void 0,terminal:false}),w=false;function T(_){w||(w=true,clearTimeout(O),y.close(),process.stderr.write(`
19
+ `),p(_));}let O=setTimeout(()=>T(false),e);y.once("line",_=>T(_.trim().toLowerCase()==="y")),y.once("close",()=>T(false));})}async function Os(t){let e=C().name;return process.stderr.write(` Installing ${e}@${t}...
20
20
  `),new Promise(r=>{let n=child_process.spawn("npm",["install","-g",`${e}@${t}`],{stdio:"inherit"});n.on("close",s=>{s!==0?process.stderr.write(` \u2717 Update failed \u2014 continuing with current version.
21
21
 
22
22
  `):process.stderr.write(` \u2713 Updated to ${t}. Please restart the command.
23
23
 
24
24
  `),r();}),n.on("error",()=>{process.stderr.write(` \u2717 Update failed \u2014 continuing with current version.
25
25
 
26
- `),r();});})}function gr(){return new Promise(t=>{Re((e,r)=>t(e||!r?null:r));})}function ms(){try{let t=be();if(t){ht(I().version,t.latestVersion)&&(t.updatePriority==="auto"?Le(t.latestVersion):ve(t.latestVersion));return}setImmediate(()=>{Re((e,r)=>{e||!r||(Ie(r.version,r.updatePriority),ht(I().version,r.version)&&(r.updatePriority==="auto"?Le(r.version):ve(r.version)));});});}catch{}}async function gs(t={}){try{let e=be();if(e){if(!ht(I().version,e.latestVersion))return}else {let n=await gr();if(!n||(Ie(n.version,n.updatePriority),!ht(I().version,n.version)))return;e={latestVersion:n.version,updatePriority:n.updatePriority,checkedAt:Date.now()};}if(e.updatePriority==="auto"){Le(e.latestVersion);return}if(!gt()){ve(e.latestVersion);return}await ps(e.latestVersion,t.timeoutMs)&&await fs(e.latestVersion);}catch{}}function hs(){try{if(be())return;setImmediate(()=>{Re((t,e)=>{t||!e||ht(I().version,e.version)&&Ie(e.version,e.updatePriority,0);});});}catch{}}var Oe,mr,us,ds,Et=m(()=>{"use strict";ke();mr=kt__namespace.default.join(tt__namespace.default.tmpdir(),"flow-obs-update-cache.json"),us=1440*60*1e3,ds=3e3;});function hr(){if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let e=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(e)return {home:e,username:process.env.SUDO_USER}}return {home:tt__namespace.homedir(),username:process.env.SUDO_USER||process.env.USER||tt__namespace.userInfo().username}}function G(){if(process.env.WSL_DISTRO_NAME&&process.platform==="linux"){let t=process.env.USERPROFILE;if(!t){let r=child_process.spawnSync("cmd.exe",["/c","echo","%USERPROFILE%"],{encoding:"utf8",timeout:5e3}).stdout?.trim();r&&/^[A-Za-z]:\\/.test(r)&&(t=r);}if(t){let e=t.replace(/^([A-Za-z]):/,(r,n)=>`/mnt/${n.toLowerCase()}`).replace(/\\/g,"/");return kt__namespace.join(e,".claude","settings.json")}return kt__namespace.join(tt__namespace.homedir(),".claude","settings.json")}if(process.platform==="win32"){let t=process.env.USERPROFILE||tt__namespace.homedir();return kt__namespace.join(t,".claude","settings.json")}if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let e=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(e)return kt__namespace.join(e,".claude","settings.json")}return kt__namespace.join(tt__namespace.homedir(),".claude","settings.json")}function wr(){return process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER?`Running as root via sudo is not recommended.
27
- Configure npm to install globals without sudo:
28
- npm config set prefix '~/.npm-global'
29
- export PATH=~/.npm-global/bin:$PATH`:null}var ne=m(()=>{"use strict";});function yr(){if(process.platform==="win32"){let r=process.env.APPDATA||kt__namespace.join(tt__namespace.homedir(),"AppData","Roaming");return kt__namespace.join(r,Er,Sr)}let t=hr(),e=process.env.XDG_CONFIG_HOME||kt__namespace.join(t.home,".config");return kt__namespace.join(e,Er,Sr)}function _r(){try{let t=y__namespace.readFileSync(yr(),"utf8");return JSON.parse(t)}catch{return {}}}function rt(){let{baseUrl:t}=_r();return typeof t!="string"||t.trim()===""?null:t.trim().replace(/\/$/,"")}function Ar(t){let e=yr();y__namespace.mkdirSync(kt__namespace.dirname(e),{recursive:true});let n={..._r(),baseUrl:t};y__namespace.writeFileSync(e,JSON.stringify(n,null,2)+`
30
- `,{encoding:"utf8",mode:384});}var Er,Sr,Ne=m(()=>{"use strict";ne();Er="flow-ai-obs",Sr="config.json";});function nt(){return rt()??process.env.FLOW_BASE_URL??ws}function st(){let t=nt();return {AUTH_ENGINE:process.env.FLOW_AUTH_ENGINE_URL||`${t}/auth-engine-api/v2/api-key/token`,GATEWAY_TRACES:process.env.FLOW_GATEWAY_TRACES_URL||`${t}/flow-langfuse-gateway/v1/traces`,GATEWAY_HEALTH:process.env.FLOW_GATEWAY_HEALTH_URL||`${t}/flow-langfuse-gateway/v1/health`,OTEL_ENDPOINT:process.env.FLOW_OTEL_ENDPOINT_URL||`${t}/otel`}}function Dt(){let t=nt();return {ANTHROPIC_BASE_URL:process.env.FLOW_LLM_PROXY_URL??`${t}/flow-llm-proxy/`,ANTHROPIC_MODEL:process.env.FLOW_LLM_PROXY_MODEL??"anthropic.claude-4-6-sonnet",ANTHROPIC_SMALL_FAST_MODEL:process.env.FLOW_LLM_PROXY_SMALL_MODEL??"anthropic.claude-4-6-sonnet",CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS:"1"}}function Ue(){let t=nt();return {API_URL:process.env.FLOW_METRICS_URL||`${t}/metrics-collector-api/log-event`,BOOSTER:"flow-ai-obs"}}var ws,Es,se,oe,ie,Ce,ot,f,ae,yt,kr,$,Or,V,k=m(()=>{"use strict";Ne();ws="https://flow.ciandt.com";Es=st(),se={SERVICE:"flow-plugins-cli",ACCOUNT_CREDS:"credentials",ACCOUNT_TOKEN:"token-cache"},oe="FLOW-nodejs",ie="config.json",Ce={SCOPE_NAME:"flow-ai-obs",SCOPE_VERSION:"0.1.0"};ot={CLAUDE_CODE_ENABLE_TELEMETRY:"1",OTEL_EXPORTER_OTLP_ENDPOINT:Es.OTEL_ENDPOINT,OTEL_EXPORTER_OTLP_PROTOCOL:"http/json",OTEL_METRICS_EXPORTER:"otlp",OTEL_LOGS_EXPORTER:"otlp",OTEL_LOG_TOOL_DETAILS:"1",OTEL_LOG_USER_PROMPTS:"1"},f={FLOW_TELEMETRY:"FLOW_TELEMETRY",FLOW_TELEMETRY_GATEWAY:"FLOW_TELEMETRY_GATEWAY_URL",LANGFUSE_BASE_URL:"LANGFUSE_BASE_URL",LANGFUSE_PUBLIC_KEY:"LANGFUSE_PUBLIC_KEY",LANGFUSE_SECRET_KEY:"LANGFUSE_SECRET_KEY",ANTHROPIC_MODEL:"ANTHROPIC_MODEL",ANTHROPIC_AUTH_TOKEN:"ANTHROPIC_AUTH_TOKEN",FLOW_OBS_DEBUG:"FLOW_TELEMETRY_DEBUG",FLOW_OBS_ALLOW_HTTP:"FLOW_TELEMETRY_ALLOW_HTTP",BUFFER_TTL_DAYS:"FLOW_TELEMETRY_BUFFER_TTL_DAYS",BUFFER_MAX_FILES:"FLOW_TELEMETRY_BUFFER_MAX_FILES"},ae={KEYCHAIN_ENABLED:!1},yt={LOCK_STALE_MS:3e4,CONNECTIVITY_MAX_RETRY:3,CONNECTIVITY_RETRY_MS:2e3},kr={UserPromptSubmit:5,PreToolUse:3,PostToolUse:10,Stop:15},$={FILE_PREFIX:"flow-obs-buffer-",DEFAULT_TTL_DAYS:4,MIN_TTL_DAYS:1,MAX_TTL_DAYS:30,DEFAULT_MAX_FILES:50,MIN_MAX_FILES:1,MAX_MAX_FILES:500,REPLAY_BATCH_SIZE:10},Or="flow-ai-obs-debug.log",V={TOOL_INPUT:2e4,TOOL_OUTPUT:2e4,TRACE_OUTPUT:2e4,USER_INSTRUCTION:1e4,TRACE_INPUT:5e4,TOOL_BRIEF:60};});function u(...t){if(process.env[f.FLOW_OBS_DEBUG]!=="1")return;let e=`[${new Date().toISOString()}] ${t.join(" ")}
31
- `;try{y.writeFileSync(_s,e,{flag:"a"});}catch(r){process.stderr.write(`[flow-obs debug ERROR] ${r.message}
32
- `);}}var _s,F=m(()=>{"use strict";k();_s=kt.join(tt.tmpdir(),Or);});function vs(t){if(!Os.test(t))throw new Error(`Invalid tenant value: "${t}". Tenant must be lowercase alphanumeric and hyphens (1-64 chars).`)}function Ls(t,e){let r=e.length>400?e.slice(0,400)+"\u2026":e;u("toAuthError",`status=${t} body=${r}`);try{let n=JSON.parse(e);if(typeof n.error=="string"&&(u("toAuthError",`api_error_code=${n.error}`+(n.message?` api_message=${n.message}`:"")),vr[n.error]))return new it(vr[n.error])}catch{}return t===401||t===403||t===500?new it("Invalid credentials"):t>=400&&t<500?new it("Authentication request was rejected"):new Error("Authentication service unavailable, please try again later")}function x(t){return new Promise((e,r)=>{try{vs(t.tenant);}catch(l){return r(l)}let n=JSON.stringify({clientSecret:t.clientSecret}),s=new URL(st().AUTH_ENGINE),o=s.protocol==="https:",i={hostname:s.hostname,port:s.port||(o?443:80),path:s.pathname+s.search,method:"POST",headers:{"Content-Type":"application/json","Content-Length":Buffer.byteLength(n),FlowTenant:t.tenant}};u("getToken",`requesting token tenant=${t.tenant} host=${i.hostname} path=${i.path}`);let c=(o?as__namespace.default:ks__namespace.default).request(i,l=>{let p=[];l.on("data",T=>p.push(T)),l.on("end",()=>{let T=p.join("");if((l.statusCode??0)>=400)return r(Ls(l.statusCode??0,T));let g;try{g=JSON.parse(T);}catch{return r(new Error("Invalid response from auth engine"))}let E=g.expires_at??new Date(Date.now()+(g.expires_in??3600)*1e3).toISOString();e({accessToken:g.access_token??"",expiresAt:E});});});c.on("error",l=>r(new Error(`Network error: ${l.message}`))),c.write(n),c.end();})}var it,Os,vr,_t=m(()=>{"use strict";k();F();it=class extends Error{constructor(e){super(e),this.name="AuthError";}},Os=/^[a-z0-9][a-z0-9-]{0,62}[a-z0-9]$|^[a-z0-9]$/;vr={INVALID_CLIENT_SECRET:"Invalid Client Secret \u2014 check the value and try again",INVALID_CLIENT_ID:"Invalid Client ID \u2014 check the value and try again",INVALID_TENANT:"Invalid Tenant \u2014 check the value and try again",TENANT_NOT_FOUND:"Tenant not found \u2014 verify the tenant identifier"};});function Lr(t){try{let e=y__namespace.statSync(t);Date.now()-e.mtimeMs>Rs&&y__namespace.unlinkSync(t);}catch{}try{y__namespace.writeFileSync(t,String(process.pid),{flag:"wx"});}catch(e){throw e.code==="EEXIST"?new Error("Another install is already in progress. If this is stale, remove: "+t):e}}function br(t){try{y__namespace.unlinkSync(t);}catch{}}function Ps(t,e){let n=(Array.isArray(t)?t:[]).map(s=>{if(!Array.isArray(s?.hooks))return null;let o=s.hooks.filter(i=>!i.command?.startsWith?.("flow-ai-obs "));return o.length>0?{...s,hooks:o}:null}).filter(s=>s!=null);return [e,...n]}function Ir(){let t=G(),e=t+".lock",r=[];y__namespace.mkdirSync(kt__namespace.dirname(t),{recursive:true}),Lr(e);try{if(y__namespace.existsSync(t)){y__namespace.copyFileSync(t,t+".bkp");try{y__namespace.chmodSync(t+".bkp",384);}catch{}}let n={};try{n=JSON.parse(y__namespace.readFileSync(t,"utf8"));}catch{}let s=n.env&&typeof n.env=="object"?n.env:{};n.env={...ot,...Dt(),...s},n.otelHeadersHelper="flow-ai-obs otel-headers",(!n.hooks||typeof n.hooks!="object"||Array.isArray(n.hooks))&&(n.hooks={});let o=(c,l)=>({matcher:"",hooks:[{type:"command",command:`flow-ai-obs ${c}`,timeout:l}]}),i=["UserPromptSubmit","PreToolUse","PostToolUse","Stop"],a=n.hooks;for(let c of i){let l=Ps(a[c],o(c,kr[c]));l.length>1&&r.push(c),a[c]=l;}y__namespace.writeFileSync(t,JSON.stringify(n,null,2)+`
33
- `,{encoding:"utf8",mode:384});try{y__namespace.chmodSync(t,384);}catch{}}finally{br(e);}return {settingsPath:t,preserved:r}}async function Rr(t){let e;try{e=(await x(t)).accessToken;}catch{return false}return e?new Promise(r=>{$e(`Bearer ${e}`,r,1);}):false}function $e(t,e,r){let n=new URL(st().GATEWAY_TRACES),s=JSON.stringify({resourceSpans:[],validation_run:true}),o=n.protocol==="https:",i={hostname:n.hostname,port:n.port||(o?443:80),path:n.pathname,method:"POST",headers:{"Content-Type":"application/json",Authorization:t,"Content-Length":Buffer.byteLength(s)}},c=(o?as__namespace:ks__namespace).request(i,l=>{l.resume(),l.statusCode===200||l.statusCode===204?e(true):r<yt.CONNECTIVITY_MAX_RETRY?setTimeout(()=>$e(t,e,r+1),yt.CONNECTIVITY_RETRY_MS):e(false);});c.on("error",()=>{r<yt.CONNECTIVITY_MAX_RETRY?setTimeout(()=>$e(t,e,r+1),yt.CONNECTIVITY_RETRY_MS):e(false);}),c.write(s),c.end();}function At(t){let e=G(),r=e+".lock";y__namespace.mkdirSync(kt__namespace.dirname(e),{recursive:true}),Lr(r);try{let n={};try{n=JSON.parse(y__namespace.readFileSync(e,"utf8"));}catch{}(!n.env||typeof n.env!="object")&&(n.env={}),Object.assign(n.env,t),y__namespace.writeFileSync(e,JSON.stringify(n,null,2)+`
34
- `,{encoding:"utf8",mode:384});try{y__namespace.chmodSync(e,384);}catch{}}finally{br(r);}}var Rs,Mt=m(()=>{"use strict";k();_t();ne();Rs=yt.LOCK_STALE_MS;});function Bt(){let t=tt__namespace.default.homedir();if(process.platform==="darwin")return kt__namespace.default.join(t,"Library","Preferences",oe,ie);if(process.platform==="win32"){let r=process.env.APPDATA??kt__namespace.default.join(t,"AppData","Roaming");return kt__namespace.default.join(r,oe,ie)}let e=process.env.XDG_CONFIG_HOME??kt__namespace.default.join(t,".config");return kt__namespace.default.join(e,oe,ie)}function De(){try{let t=y__namespace.default.readFileSync(Bt(),"utf8");return JSON.parse(t)}catch{return {}}}function Pr(t){let e=Bt();y__namespace.default.mkdirSync(kt__namespace.default.dirname(e),{recursive:true}),y__namespace.default.writeFileSync(e,JSON.stringify(t,null,2),{encoding:"utf8",mode:384});}var xe,ce,Nr=m(()=>{"use strict";k();xe={credentials:"credentials","token-cache":"tokenCache"};ce=class{static isAvailable(){return !0}static hasExistingData(){try{if(!y__namespace.default.existsSync(Bt()))return !1;let e=JSON.parse(y__namespace.default.readFileSync(Bt(),"utf8"));return !!(e&&e.credentials)}catch{return !1}}async getSecret(e,r){let n=De(),s=xe[r]??r,o=n[s];return o?typeof o=="string"?o:JSON.stringify(o):null}async setSecret(e,r,n){let s=De(),o=xe[r]??r;if(r==="token-cache")try{s[o]=JSON.parse(n);}catch{s[o]=n;}else s[o]=n;Pr(s);}async deleteSecret(e,r){let n=De(),s=xe[r]??r;return s in n?(delete n[s],Pr(n),!0):!1}getStoragePath(){return `config.json (unencrypted) \u2014 ${Bt()}`}};});var Cr={};M(Cr,{MacOsKeyVaultProvider:()=>Be});var Me,Be,Ur=m(()=>{"use strict";Me=util.promisify(child_process.execFile),Be=class{static async isAvailable(){try{return y.accessSync("/usr/bin/security",y.constants.X_OK),!0}catch{return !1}}async getSecret(e,r){try{let{stdout:n}=await Me("security",["find-generic-password","-w","-a",r,"-s",e]);return n.trim()||null}catch{return null}}async setSecret(e,r,n){await Me("security",["add-generic-password","-U","-a",r,"-s",e,"-w",n]);}async deleteSecret(e,r){try{return await Me("security",["delete-generic-password","-a",r,"-s",e]),!0}catch{return !1}}getStoragePath(){return "macOS Keychain"}};});var Fr={};M(Fr,{LinuxKeyVaultProvider:()=>He});var $r,He,xr=m(()=>{"use strict";$r=util.promisify(child_process.execFile),He=class{static async isAvailable(){let e=["/usr/bin/secret-tool","/bin/secret-tool","/usr/local/bin/secret-tool"];for(let r of e)try{return y.accessSync(r,y.constants.X_OK),!0}catch{}return !1}async getSecret(e,r){try{let{stdout:n}=await $r("secret-tool",["lookup","service",e,"account",r]);return n.trim()||null}catch{return null}}async setSecret(e,r,n){await new Promise((s,o)=>{let i=child_process.spawn("secret-tool",["store","--label",e,"service",e,"account",r]);i.on("error",o),i.on("close",a=>{a===0?s():o(new Error(`secret-tool exited with code ${a}`));}),i.stdin.write(n),i.stdin.end();});}async deleteSecret(e,r){try{return await $r("secret-tool",["clear","service",e,"account",r]),!0}catch{return !1}}getStoragePath(){return "Linux Secret Service (libsecret)"}};});var Dr={};M(Dr,{WindowsKeyVaultProvider:()=>je});var je,Mr=m(()=>{"use strict";je=class{static async isAvailable(){try{return await xt("keytar").getPassword("__flow_probe__","__flow_probe__"),!0}catch{return !1}}async getSecret(e,r){return xt("keytar").getPassword(e,r)}async setSecret(e,r,n){await xt("keytar").setPassword(e,r,n);}async deleteSecret(e,r){return xt("keytar").deletePassword(e,r)}getStoragePath(){return "Windows Credential Manager"}};});async function Br(){return await js()??new ce}async function js(){switch(process.platform){case "darwin":{let{MacOsKeyVaultProvider:t}=await Promise.resolve().then(()=>(Ur(),Cr));return await t.isAvailable()?new t:null}case "linux":{let{LinuxKeyVaultProvider:t}=await Promise.resolve().then(()=>(xr(),Fr));return await t.isAvailable()?new t:null}case "win32":{let{WindowsKeyVaultProvider:t}=await Promise.resolve().then(()=>(Mr(),Dr));return await t.isAvailable()?new t:null}default:return null}}var Hr=m(()=>{"use strict";Nr();});function vt(){return Ve||(Ve=Br()),Ve}async function v(){let e=await(await vt()).getSecret(Ot,Ye);if(!e)return null;try{return JSON.parse(e)}catch{return null}}async function Ge(t){if(!t.clientId||!t.clientSecret||!t.tenant)throw new Error("clientId, clientSecret and tenant are required");await(await vt()).setSecret(Ot,Ye,JSON.stringify(t));}async function jr(){let t=await vt();await t.deleteSecret(Ot,Ye),await t.deleteSecret(Ot,We);}async function jt(t){await(await vt()).setSecret(Ot,We,JSON.stringify({accessToken:t.accessToken,expiresAt:t.expiresAt,lastAuthCheckAt:t.lastAuthCheckAt}));}async function Lt(){let e=await(await vt()).getSecret(Ot,We);if(!e)return null;try{let r=JSON.parse(e);return {accessToken:r.accessToken,expiresAt:r.expiresAt,lastAuthCheckAt:r.lastAuthCheckAt}}catch{return null}}async function le(){let t=await Lt();return t?new Date(t.expiresAt)>new Date:false}async function at(){let t=await Lt();if(!t||!t.accessToken)return null;try{let e=t.accessToken.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return r.email??r.preferred_username??r.upn??r.sub??null}catch{return null}}async function Ke(){let t=await vt();if(typeof t.getStoragePath=="function")return t.getStoragePath();let e=process.platform;return e==="darwin"?"macOS Keychain":e==="win32"?"Windows Credential Manager":"Linux Secret Service (libsecret)"}async function Vr(){let t=await v();return !!(t&&t.clientId&&t.clientSecret&&t.tenant)}var Ot,Ye,We,Ve,bt=m(()=>{"use strict";Hr();k();Ot=se.SERVICE,Ye=se.ACCOUNT_CREDS,We=se.ACCOUNT_TOKEN,Ve=null;});function Ys(t){return Vs.some(e=>e.test(t))}function Ws(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return r.email||r.preferred_username||r.upn||r.sub||null}catch{return null}}function R(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8")),{clientId:n,clientSecret:s,tenant:o}=r;return !n||!s||!o?null:{clientId:n,clientSecret:s,tenant:o}}catch{return null}}function Yr(t){let e=Buffer.from(JSON.stringify({alg:"none",typ:"JWT"})).toString("base64url"),r=Buffer.from(JSON.stringify({clientId:t.clientId,clientSecret:t.clientSecret,tenant:t.tenant})).toString("base64url");return `${e}.${r}.`}function It(t){let e;try{e=new URL(t);}catch{throw new Error(`Invalid URL: ${t}`)}let r=process.env[f.FLOW_OBS_ALLOW_HTTP]==="true";if(!r&&e.protocol!=="https:")throw new Error(`URL must use HTTPS: ${t}`);if(e.username||e.password)throw new Error(`URL must not contain embedded credentials: ${t}`);if(!r&&Ys(e.hostname))throw new Error(`SSRF: private/loopback host not allowed: ${e.hostname}`);return t}async function Wr(){let t=R(process.env[f.ANTHROPIC_AUTH_TOKEN]);if(t)return {user:await at().catch(()=>null)??t.clientId,tenant:t.tenant};if(ae.KEYCHAIN_ENABLED)try{let e=await v();if(!e)return {user:"",tenant:""};let r=await at()??e.clientId??"",n=e.tenant??"";return {user:r,tenant:n}}catch{return {user:"",tenant:""}}return {user:"",tenant:""}}function Gs(){return new Date().toISOString().slice(0,10)}async function Ks(t){let e=Gs(),r=await Lt();if(r?.lastAuthCheckAt!==e){u("getOrRefreshToken",`daily auth check (last: ${r?.lastAuthCheckAt??"never"})`);try{let o=await x(t);try{await jt({...o,lastAuthCheckAt:e});}catch{}return u("getOrRefreshToken",`daily check passed, expires=${o.expiresAt}`),o.accessToken}catch(o){if(o instanceof it)throw o;u("getOrRefreshToken",`daily check network error \u2014 using cache: ${o.message}`);}}let n=r!=null&&new Date(r.expiresAt)>new Date;if(u("getOrRefreshToken",`cacheValid=${n}`),n)return u("getOrRefreshToken",`using cached token, expires=${r.expiresAt}`),r.accessToken;u("getOrRefreshToken",`token expired \u2014 refreshing via auth-engine (tenant=${t.tenant} clientId=${t.clientId})`);let s=await x(t);try{await jt({...s,lastAuthCheckAt:e});}catch(o){u("getOrRefreshToken",`token cache save failed (non-fatal): ${o.message}`);}return u("getOrRefreshToken",`token refreshed, expires=${s.expiresAt}`),s.accessToken}function qs(t,e){let r=e&&e.accessToken?e.accessToken:"";return {endpoint:t.replace(/\/$/,"")+"/flow-langfuse-gateway/v1/traces",authHeader:`Bearer ${r}`}}function Js(t,e,r){let n=Buffer.from(`${e}:${r}`).toString("base64");return {endpoint:t.replace(/\/$/,"")+"/api/public/otel/v1/traces",authHeader:`Basic ${n}`}}async function K(){let t=[],e=process.env[f.ANTHROPIC_MODEL]??"",r=R(process.env[f.ANTHROPIC_AUTH_TOKEN]);u("resolveCredentials",r?"credentials resolved from ANTHROPIC_AUTH_TOKEN":"ANTHROPIC_AUTH_TOKEN absent or invalid"),r&&u("resolveCredentials",`clientId=${r.clientId}`,`tenant=${r.tenant}`),!r&&ae.KEYCHAIN_ENABLED&&(r=await v(),r&&u("resolveCredentials","credentials resolved from keychain (FEATURES.KEYCHAIN_ENABLED=true)"));let n=r?r.tenant:"",s=process.env[f.FLOW_TELEMETRY]==="true",o=process.env[f.LANGFUSE_BASE_URL],i=process.env[f.LANGFUSE_PUBLIC_KEY],a=process.env[f.LANGFUSE_SECRET_KEY];if(s&&o&&i&&a){let g="",E=n;if(r)g=await at().catch(()=>null)??r.clientId;else if(ae.KEYCHAIN_ENABLED)try{let _=await v();_&&(g=await at()??_.clientId,E=_.tenant);}catch{}let O={user:g??"",tenant:E??"",team:"",project:"",model:e};t.push({mode:"direct",...Js(It(o),i,a),...O}),u("resolveCredentials","direct mode active",`user=${O.user}`,`tenant=${O.tenant}`);}if(!r){if(t.length===0){let g=[];return g.authError=false,g}return t}let c;try{c=await Ks(r);}catch(g){if(u("resolveCredentials",`token refresh failed: ${g.message}`,`(tenant=${r.tenant} clientId=${r.clientId})`),t.length>0)return t.authError=true,t;let E=[];return E.authError=true,E}let p={user:Ws(c)??r.clientId,tenant:n,team:"",project:"",model:e},T=process.env[f.FLOW_TELEMETRY_GATEWAY]??nt();return t.push({mode:"gateway",...qs(It(T),{accessToken:c}),...p}),t}async function Gr(){return (await K()).length>0}var Vs,Y=m(()=>{"use strict";bt();_t();k();F();Vs=[/^localhost\.?$/i,/^127\./,/^10\./,/^172\.(1[6-9]|2\d|3[01])\./,/^192\.168\./,/^169\.254\./,/^0\.0\.0\.0$/,/^::1$/,/^\[::1\]$/,/^\[::ffff:/i,/^\[f[cd]/i,/^\[fe80:/i,/^metadata\.google\.internal\.?$/i,/^metadata\.azure\.internal\.?$/i,/(?:^|\.)localtest\.me\.?$/i,/(?:^|\.)lvh\.me\.?$/i,/(?:^|\.)vcap\.me\.?$/i];});function qe(){return kt__namespace.default.join(tt__namespace.default.homedir(),".claude","flow-obs",".logged-out")}function qr(){try{let t=qe();y__namespace.default.mkdirSync(kt__namespace.default.dirname(t),{recursive:!0}),y__namespace.default.writeFileSync(t,"",{mode:384});}catch{}}function Jr(){try{y__namespace.default.unlinkSync(qe());}catch{}}function de(){try{return y__namespace.default.existsSync(qe())}catch{return false}}var zr=m(()=>{"use strict";});var Je={};M(Je,{runLogin:()=>Rt,runLogout:()=>eo,runStatus:()=>ro});function q(t){return typeof t=="string"?t.replace(Xs,""):t}function Vt(t,e={}){return new Promise((r,n)=>{let{masked:s=false,defaultValue:o=""}=e;process.stdout.write(t+o);let i=o;function a(){try{process.stdin.setRawMode(!1);}catch{}}process.once("uncaughtException",a),process.once("unhandledRejection",a);let c=p=>{if(p===""){l(),n(new Error("SIGINT"));return}if(p==="\r"||p===`
35
- `){l(),process.stdout.write(`
36
- `),r(i);return}if(p==="\x7F"){i.length>0&&(i=i.slice(0,-1),process.stdout.write("\b \b"));return}p.startsWith("\x1B")||(i+=p,process.stdout.write(s?"*".repeat(p.length):p));};function l(){process.stdin.setRawMode(false),process.stdin.removeListener("data",c),process.removeListener("uncaughtException",a),process.removeListener("unhandledRejection",a);}process.stdin.setRawMode(true),process.stdin.resume(),process.stdin.setEncoding("utf8"),process.stdin.on("data",c);})}async function Xr(t){if(!de())try{await v()||await Ge(t);}catch{}}async function Zr(t){let{accessToken:e,expiresAt:r}=await x(t);await Ge(t),await jt({accessToken:e,expiresAt:r}),Jr();try{let n=Yr(t);At({[f.ANTHROPIC_AUTH_TOKEN]:n});}catch{}}async function Zs(t){try{return await Zr(t),process.stdout.write(b(` \u2713 Setup complete. Tenant: ${q(t.tenant)}
37
-
38
- `)),0}catch(e){return process.stderr.write(B(` \u2717 Authentication failed: ${q(e.message)}
39
- `)),1}}async function Qs(){try{process.stdout.write(`
40
- `);let t=(await Vt(H(" ? ")+"Client ID: ")).trim(),e=(await Vt(H(" ? ")+"Client Secret: ",{masked:!0})).trim(),r=(await Vt(H(" ? ")+"Tenant: ")).trim();if(!t||!e||!r)return process.stderr.write(B(` \u2717 All fields are required
41
- `)),1;try{await Zr({clientId:t,clientSecret:e,tenant:r});}catch(n){return process.stderr.write(B(` \u2717 Authentication failed: ${q(n.message)}
42
- `)),1}return process.stdout.write(b(` \u2713 Setup complete. Tenant: ${q(r)}
43
- `)),process.stdout.write(` Storage: ${await Ke()}
44
-
45
- `),0}catch(t){if(t.message==="SIGINT")throw t;return process.stderr.write(B(` \u2717 Unexpected error: ${t.message}
46
- `)),1}}async function Rt(t={}){if(t.clientId&&t.clientSecret&&t.tenant)return Zs({clientId:t.clientId,clientSecret:t.clientSecret,tenant:t.tenant});let e=de()?null:R(process.env[f.ANTHROPIC_AUTH_TOKEN]);e&&await Xr(e);let r=e||await v();if(r){process.stdout.write(`
26
+ `),r();});})}function vr(){return new Promise(t=>{Me((e,r)=>t(e||!r?null:r));})}function vs(){try{let t=xe();if(t){yt(C().version,t.latestVersion)&&(t.updatePriority==="auto"?Fe(t.latestVersion):$e(t.latestVersion));return}setImmediate(()=>{Me((e,r)=>{e||!r||(De(r.version,r.updatePriority),yt(C().version,r.version)&&(r.updatePriority==="auto"?Fe(r.version):$e(r.version)));});});}catch{}}async function Ls(t={}){try{let e=xe();if(e){if(!yt(C().version,e.latestVersion))return}else {let n=await vr();if(!n||(De(n.version,n.updatePriority),!yt(C().version,n.version)))return;e={latestVersion:n.version,updatePriority:n.updatePriority,checkedAt:Date.now()};}if(e.updatePriority==="auto"){Fe(e.latestVersion);return}if(!Tt()){$e(e.latestVersion);return}await As(e.latestVersion,t.timeoutMs)&&await Os(e.latestVersion);}catch{}}function bs(){try{if(xe())return;setImmediate(()=>{Me((t,e)=>{t||!e||yt(C().version,e.version)&&De(e.version,e.updatePriority,0);});});}catch{}}var Ue,Or,_s,ks,kt=f(()=>{"use strict";Ne();Or=bt__namespace.default.join(it__namespace.default.tmpdir(),"flow-obs-update-cache.json"),_s=1440*60*1e3,ks=3e3;});function Lr(){return process.platform==="win32"?false:process.getuid?.()===0}function ot(){if(Lr())return process.stderr.write(`
27
+ `+v(` \u2717 flow-ai-obs is not supported in a sudo context.
28
+
29
+ `)+L(` npm install -g @ciandt-flow/flow-ai-obs
30
+ `)+`
31
+ `),1}var Ht=f(()=>{"use strict";st();});function br(){if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let e=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(e)return {home:e,username:process.env.SUDO_USER}}return {home:it__namespace.homedir(),username:process.env.SUDO_USER||process.env.USER||it__namespace.userInfo().username}}function P(){if(process.env.WSL_DISTRO_NAME&&process.platform==="linux"){let t=process.env.USERPROFILE;if(!t){let r=child_process.spawnSync("cmd.exe",["/c","echo","%USERPROFILE%"],{encoding:"utf8",timeout:5e3}).stdout?.trim();r&&/^[A-Za-z]:\\/.test(r)&&(t=r);}if(t){let e=t.replace(/^([A-Za-z]):/,(r,n)=>`/mnt/${n.toLowerCase()}`).replace(/\\/g,"/");return bt__namespace.join(e,".claude","settings.json")}return bt__namespace.join(it__namespace.homedir(),".claude","settings.json")}if(process.platform==="win32"){let t=process.env.USERPROFILE||it__namespace.homedir();return bt__namespace.join(t,".claude","settings.json")}if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let e=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(e)return bt__namespace.join(e,".claude","settings.json")}return bt__namespace.join(it__namespace.homedir(),".claude","settings.json")}var ce=f(()=>{"use strict";Ht();});function Pr(){if(process.platform==="win32"){let r=process.env.APPDATA||bt__namespace.join(it__namespace.homedir(),"AppData","Roaming");return bt__namespace.join(r,Rr,Ir)}let t=br(),e=process.env.XDG_CONFIG_HOME||bt__namespace.join(t.home,".config");return bt__namespace.join(e,Rr,Ir)}function Nr(){try{let t=h__namespace.readFileSync(Pr(),"utf8");return JSON.parse(t)}catch{return {}}}function ct(){let{baseUrl:t}=Nr();return typeof t!="string"||t.trim()===""?null:t.trim().replace(/\/$/,"")}function Ur(t){let e=Pr();h__namespace.mkdirSync(bt__namespace.dirname(e),{recursive:true});let n={...Nr(),baseUrl:t};h__namespace.writeFileSync(e,JSON.stringify(n,null,2)+`
32
+ `,{encoding:"utf8",mode:384});}var Rr,Ir,He=f(()=>{"use strict";ce();Rr="flow-ai-obs",Ir="config.json";});function ut(){return ct()??process.env.FLOW_BASE_URL??ue}function vt(){let t=ut();return {AUTH_ENGINE:process.env.FLOW_AUTH_ENGINE_URL||`${t}/auth-engine-api/v2/api-key/token`,GATEWAY_TRACES:process.env.FLOW_GATEWAY_TRACES_URL||`${t}/flow-langfuse-gateway/v1/traces`,GATEWAY_HEALTH:process.env.FLOW_GATEWAY_HEALTH_URL||`${t}/flow-langfuse-gateway/v1/health`,OTEL_ENDPOINT:process.env.FLOW_OTEL_ENDPOINT_URL||`${t}/otel`}}function jt(){let t=ut();return {ANTHROPIC_BASE_URL:process.env.FLOW_LLM_PROXY_URL??`${t}/flow-llm-proxy/`,ANTHROPIC_MODEL:process.env.FLOW_LLM_PROXY_MODEL??"anthropic.claude-4-6-sonnet",ANTHROPIC_SMALL_FAST_MODEL:process.env.FLOW_LLM_PROXY_SMALL_MODEL??"anthropic.claude-4-6-sonnet",CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS:"1"}}function Ye(){let t=ut();return {API_URL:process.env.FLOW_METRICS_URL||`${t}/metrics-collector-api/log-event`,BOOSTER:"flow-ai-obs"}}var ue,Rs,le,de,pe,je,V,m,fe,$r,Ve,D,Fr,Y,k=f(()=>{"use strict";He();ue="https://flow.ciandt.com";Rs=vt(),le={SERVICE:"flow-plugins-cli",ACCOUNT_CREDS:"credentials",ACCOUNT_TOKEN:"token-cache"},de="FLOW-nodejs",pe="config.json",je={SCOPE_NAME:"flow-ai-obs",SCOPE_VERSION:"0.1.0"};V={CLAUDE_CODE_ENABLE_TELEMETRY:"1",OTEL_EXPORTER_OTLP_ENDPOINT:Rs.OTEL_ENDPOINT,OTEL_EXPORTER_OTLP_PROTOCOL:"http/json",OTEL_METRICS_EXPORTER:"otlp",OTEL_LOGS_EXPORTER:"otlp",OTEL_LOG_TOOL_DETAILS:"1",OTEL_LOG_USER_PROMPTS:"1"},m={FLOW_TELEMETRY:"FLOW_TELEMETRY",FLOW_TELEMETRY_GATEWAY:"FLOW_TELEMETRY_GATEWAY_URL",LANGFUSE_BASE_URL:"LANGFUSE_BASE_URL",LANGFUSE_PUBLIC_KEY:"LANGFUSE_PUBLIC_KEY",LANGFUSE_SECRET_KEY:"LANGFUSE_SECRET_KEY",ANTHROPIC_MODEL:"ANTHROPIC_MODEL",ANTHROPIC_AUTH_TOKEN:"ANTHROPIC_AUTH_TOKEN",FLOW_OBS_DEBUG:"FLOW_TELEMETRY_DEBUG",FLOW_OBS_ALLOW_HTTP:"FLOW_TELEMETRY_ALLOW_HTTP",BUFFER_TTL_DAYS:"FLOW_TELEMETRY_BUFFER_TTL_DAYS",BUFFER_MAX_FILES:"FLOW_TELEMETRY_BUFFER_MAX_FILES"},fe={KEYCHAIN_ENABLED:!1},$r={LOCK_STALE_MS:3e4,CONNECTIVITY_MAX_RETRY:3,CONNECTIVITY_RETRY_MS:2e3},Ve={UserPromptSubmit:5,PreToolUse:3,PostToolUse:10,Stop:15},D={FILE_PREFIX:"flow-obs-buffer-",DEFAULT_TTL_DAYS:4,MIN_TTL_DAYS:1,MAX_TTL_DAYS:30,DEFAULT_MAX_FILES:50,MIN_MAX_FILES:1,MAX_MAX_FILES:500,REPLAY_BATCH_SIZE:10},Fr="flow-ai-obs-debug.log",Y={TOOL_INPUT:2e4,TOOL_OUTPUT:2e4,TRACE_OUTPUT:2e4,USER_INSTRUCTION:1e4,TRACE_INPUT:5e4,TOOL_BRIEF:60};});function l(...t){if(process.env[m.FLOW_OBS_DEBUG]!=="1")return;let e=`[${new Date().toISOString()}] ${t.join(" ")}
33
+ `;try{h.writeFileSync(Ns,e,{flag:"a"});}catch(r){process.stderr.write(`[flow-obs debug ERROR] ${r.message}
34
+ `);}}var Ns,M=f(()=>{"use strict";k();Ns=bt.join(it.tmpdir(),Fr);});function xs(t){if(!Fs.test(t))throw new Error(`Invalid tenant value: "${t}". Tenant must be lowercase alphanumeric and hyphens (1-64 chars).`)}function Ds(t,e){let r=e.length>400?e.slice(0,400)+"\u2026":e;l("toAuthError",`status=${t} body=${r}`);try{let n=JSON.parse(e);if(typeof n.error=="string"&&(l("toAuthError",`api_error_code=${n.error}`+(n.message?` api_message=${n.message}`:"")),xr[n.error]))return new lt(xr[n.error])}catch{}return t===401||t===403||t===500?new lt("Invalid credentials"):t>=400&&t<500?new lt("Authentication request was rejected"):new Error("Authentication service unavailable, please try again later")}function G(t){return new Promise((e,r)=>{try{xs(t.tenant);}catch(u){return r(u)}let n=JSON.stringify({clientSecret:t.clientSecret}),s=new URL(vt().AUTH_ENGINE),o=s.protocol==="https:",i={hostname:s.hostname,port:s.port||(o?443:80),path:s.pathname+s.search,method:"POST",headers:{"Content-Type":"application/json","Content-Length":Buffer.byteLength(n),FlowTenant:t.tenant}};l("getToken",`requesting token tenant=${t.tenant} host=${i.hostname} path=${i.path}`);let c=(o?Ss__default.default:$s__default.default).request(i,u=>{let p=[];u.on("data",y=>p.push(y)),u.on("end",()=>{let y=p.join("");if((u.statusCode??0)>=400)return r(Ds(u.statusCode??0,y));let w;try{w=JSON.parse(y);}catch{return r(new Error("Invalid response from auth engine"))}let T=w.expires_at??new Date(Date.now()+(w.expires_in??3600)*1e3).toISOString();e({accessToken:w.access_token??"",expiresAt:T});});});c.on("error",u=>r(new Error(`Network error: ${u.message}`))),c.write(n),c.end();})}var lt,Fs,xr,Lt=f(()=>{"use strict";k();M();lt=class extends Error{constructor(e){super(e),this.name="AuthError";}},Fs=/^[a-z0-9][a-z0-9-]{0,62}[a-z0-9]$|^[a-z0-9]$/;xr={INVALID_CLIENT_SECRET:"Invalid Client Secret \u2014 check the value and try again",INVALID_CLIENT_ID:"Invalid Client ID \u2014 check the value and try again",INVALID_TENANT:"Invalid Tenant \u2014 check the value and try again",TENANT_NOT_FOUND:"Tenant not found \u2014 verify the tenant identifier"};});function Ge(t){try{let e=h__namespace.statSync(t);Date.now()-e.mtimeMs>Ms&&h__namespace.unlinkSync(t);}catch{}try{h__namespace.writeFileSync(t,String(process.pid),{flag:"wx"});}catch(e){throw e.code==="EEXIST"?new Error("Another install is already in progress. If this is stale, remove: "+t):e}}function We(t){try{h__namespace.unlinkSync(t);}catch{}}function Dr(t,e){let n=(Array.isArray(t)?t:[]).map(s=>{if(!Array.isArray(s?.hooks))return null;let o=s.hooks.filter(i=>!i.command?.startsWith?.("flow-ai-obs "));return o.length>0?{...s,hooks:o}:null}).filter(s=>s!=null);return [e,...n]}function Mr(){let t=P(),e=t+".lock",r=[];h__namespace.mkdirSync(bt__namespace.dirname(t),{recursive:true}),Ge(e);try{if(h__namespace.existsSync(t)){h__namespace.copyFileSync(t,t+".bkp");try{h__namespace.chmodSync(t+".bkp",384);}catch{}}let n={};try{n=JSON.parse(h__namespace.readFileSync(t,"utf8"));}catch{}let s=n.env&&typeof n.env=="object"?n.env:{};n.env={...V,...jt(),...s},n.otelHeadersHelper="flow-ai-obs otel-headers",(!n.hooks||typeof n.hooks!="object"||Array.isArray(n.hooks))&&(n.hooks={});let o=(c,u)=>({matcher:"",hooks:[{type:"command",command:`flow-ai-obs ${c}`,timeout:u}]}),i=["UserPromptSubmit","PreToolUse","PostToolUse","Stop"],a=n.hooks;for(let c of i){let u=Dr(a[c],o(c,Ve[c]));u.length>1&&r.push(c),a[c]=u;}h__namespace.writeFileSync(t,JSON.stringify(n,null,2)+`
35
+ `,{encoding:"utf8",mode:384});try{h__namespace.chmodSync(t,384);}catch{}}finally{We(e);}return {settingsPath:t,preserved:r}}function q(t){let e=P(),r=e+".lock";h__namespace.mkdirSync(bt__namespace.dirname(e),{recursive:true}),Ge(r);try{let n={};try{n=JSON.parse(h__namespace.readFileSync(e,"utf8"));}catch{}(!n.env||typeof n.env!="object")&&(n.env={}),Object.assign(n.env,t),h__namespace.writeFileSync(e,JSON.stringify(n,null,2)+`
36
+ `,{encoding:"utf8",mode:384});try{h__namespace.chmodSync(e,384);}catch{}}finally{We(r);}}function Br(){let t=P(),e=t+".lock",r=[];h__namespace.mkdirSync(bt__namespace.dirname(t),{recursive:true}),Ge(e);try{if(h__namespace.existsSync(t)){h__namespace.copyFileSync(t,t+".bkp");try{h__namespace.chmodSync(t+".bkp",384);}catch{}}let n={};try{n=JSON.parse(h__namespace.readFileSync(t,"utf8"));}catch{}n.otelHeadersHelper="flow-ai-obs otel-headers",(!n.hooks||typeof n.hooks!="object"||Array.isArray(n.hooks))&&(n.hooks={});let s=(a,c)=>({matcher:"",hooks:[{type:"command",command:`flow-ai-obs ${a}`,timeout:c}]}),o=["UserPromptSubmit","PreToolUse","PostToolUse","Stop"],i=n.hooks;for(let a of o){let c=Dr(i[a],s(a,Ve[a]));c.length>1&&r.push(a),i[a]=c;}h__namespace.writeFileSync(t,JSON.stringify(n,null,2)+`
37
+ `,{encoding:"utf8",mode:384});try{h__namespace.chmodSync(t,384);}catch{}}finally{We(e);}return {settingsPath:t,preserved:r}}var Ms,Vt=f(()=>{"use strict";k();Lt();ce();Ms=$r.LOCK_STALE_MS;});function Yt(){let t=it__namespace.default.homedir();if(process.platform==="darwin")return bt__namespace.default.join(t,"Library","Preferences",de,pe);if(process.platform==="win32"){let r=process.env.APPDATA??bt__namespace.default.join(t,"AppData","Roaming");return bt__namespace.default.join(r,de,pe)}let e=process.env.XDG_CONFIG_HOME??bt__namespace.default.join(t,".config");return bt__namespace.default.join(e,de,pe)}function Je(){try{let t=h__namespace.default.readFileSync(Yt(),"utf8");return JSON.parse(t)}catch{return {}}}function Hr(t){let e=Yt();h__namespace.default.mkdirSync(bt__namespace.default.dirname(e),{recursive:true}),h__namespace.default.writeFileSync(e,JSON.stringify(t,null,2),{encoding:"utf8",mode:384});}var Ke,ge,jr=f(()=>{"use strict";k();Ke={credentials:"credentials","token-cache":"tokenCache"};ge=class{static isAvailable(){return !0}static hasExistingData(){try{if(!h__namespace.default.existsSync(Yt()))return !1;let e=JSON.parse(h__namespace.default.readFileSync(Yt(),"utf8"));return !!(e&&e.credentials)}catch{return !1}}async getSecret(e,r){let n=Je(),s=Ke[r]??r,o=n[s];return o?typeof o=="string"?o:JSON.stringify(o):null}async setSecret(e,r,n){let s=Je(),o=Ke[r]??r;if(r==="token-cache")try{s[o]=JSON.parse(n);}catch{s[o]=n;}else s[o]=n;Hr(s);}async deleteSecret(e,r){let n=Je(),s=Ke[r]??r;return s in n?(delete n[s],Hr(n),!0):!1}getStoragePath(){return `config.json (unencrypted) \u2014 ${Yt()}`}};});var Vr={};H(Vr,{MacOsKeyVaultProvider:()=>ze});var qe,ze,Yr=f(()=>{"use strict";qe=util.promisify(child_process.execFile),ze=class{static async isAvailable(){try{return h.accessSync("/usr/bin/security",h.constants.X_OK),!0}catch{return !1}}async getSecret(e,r){try{let{stdout:n}=await qe("security",["find-generic-password","-w","-a",r,"-s",e]);return n.trim()||null}catch{return null}}async setSecret(e,r,n){await qe("security",["add-generic-password","-U","-a",r,"-s",e,"-w",n]);}async deleteSecret(e,r){try{return await qe("security",["delete-generic-password","-a",r,"-s",e]),!0}catch{return !1}}getStoragePath(){return "macOS Keychain"}};});var Wr={};H(Wr,{LinuxKeyVaultProvider:()=>Xe});var Gr,Xe,Kr=f(()=>{"use strict";Gr=util.promisify(child_process.execFile),Xe=class{static async isAvailable(){let e=["/usr/bin/secret-tool","/bin/secret-tool","/usr/local/bin/secret-tool"];for(let r of e)try{return h.accessSync(r,h.constants.X_OK),!0}catch{}return !1}async getSecret(e,r){try{let{stdout:n}=await Gr("secret-tool",["lookup","service",e,"account",r]);return n.trim()||null}catch{return null}}async setSecret(e,r,n){await new Promise((s,o)=>{let i=child_process.spawn("secret-tool",["store","--label",e,"service",e,"account",r]);i.on("error",o),i.on("close",a=>{a===0?s():o(new Error(`secret-tool exited with code ${a}`));}),i.stdin.write(n),i.stdin.end();});}async deleteSecret(e,r){try{return await Gr("secret-tool",["clear","service",e,"account",r]),!0}catch{return !1}}getStoragePath(){return "Linux Secret Service (libsecret)"}};});var Jr={};H(Jr,{WindowsKeyVaultProvider:()=>Ze});var Ze,qr=f(()=>{"use strict";Ze=class{static async isAvailable(){try{return await Bt("keytar").getPassword("__flow_probe__","__flow_probe__"),!0}catch{return !1}}async getSecret(e,r){return Bt("keytar").getPassword(e,r)}async setSecret(e,r,n){await Bt("keytar").setPassword(e,r,n);}async deleteSecret(e,r){return Bt("keytar").deletePassword(e,r)}getStoragePath(){return "Windows Credential Manager"}};});async function zr(){return await zs()??new ge}async function zs(){switch(process.platform){case "darwin":{let{MacOsKeyVaultProvider:t}=await Promise.resolve().then(()=>(Yr(),Vr));return await t.isAvailable()?new t:null}case "linux":{let{LinuxKeyVaultProvider:t}=await Promise.resolve().then(()=>(Kr(),Wr));return await t.isAvailable()?new t:null}case "win32":{let{WindowsKeyVaultProvider:t}=await Promise.resolve().then(()=>(qr(),Jr));return await t.isAvailable()?new t:null}default:return null}}var Xr=f(()=>{"use strict";jr();});function It(){return Qe||(Qe=zr()),Qe}async function b(){let e=await(await It()).getSecret(Rt,tr);if(!e)return null;try{return JSON.parse(e)}catch{return null}}async function rr(t){if(!t.clientId||!t.clientSecret||!t.tenant)throw new Error("clientId, clientSecret and tenant are required");await(await It()).setSecret(Rt,tr,JSON.stringify(t));}async function Zr(){let t=await It();await t.deleteSecret(Rt,tr),await t.deleteSecret(Rt,er);}async function Wt(t){await(await It()).setSecret(Rt,er,JSON.stringify({accessToken:t.accessToken,expiresAt:t.expiresAt,lastAuthCheckAt:t.lastAuthCheckAt}));}async function Ct(){let e=await(await It()).getSecret(Rt,er);if(!e)return null;try{let r=JSON.parse(e);return {accessToken:r.accessToken,expiresAt:r.expiresAt,lastAuthCheckAt:r.lastAuthCheckAt}}catch{return null}}async function he(){let t=await Ct();return t?new Date(t.expiresAt)>new Date:false}async function dt(){let t=await Ct();if(!t||!t.accessToken)return null;try{let e=t.accessToken.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return r.email??r.preferred_username??r.upn??r.sub??null}catch{return null}}async function nr(){let t=await It();if(typeof t.getStoragePath=="function")return t.getStoragePath();let e=process.platform;return e==="darwin"?"macOS Keychain":e==="win32"?"Windows Credential Manager":"Linux Secret Service (libsecret)"}async function Qr(){let t=await b();return !!(t&&t.clientId&&t.clientSecret&&t.tenant)}var Rt,tr,er,Qe,Kt=f(()=>{"use strict";Xr();k();Rt=le.SERVICE,tr=le.ACCOUNT_CREDS,er=le.ACCOUNT_TOKEN,Qe=null;});function Zs(t){return Xs.some(e=>e.test(t))}function Qs(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return r.email||r.preferred_username||r.upn||r.sub||null}catch{return null}}function N(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8")),{clientId:n,clientSecret:s,tenant:o}=r;return !n||!s||!o?null:{clientId:n,clientSecret:s,tenant:o}}catch{return null}}function tn(t){let e=Buffer.from(JSON.stringify({alg:"none",typ:"JWT"})).toString("base64url"),r=Buffer.from(JSON.stringify({clientId:t.clientId,clientSecret:t.clientSecret,tenant:t.tenant})).toString("base64url");return `${e}.${r}.`}function Pt(t){let e;try{e=new URL(t);}catch{throw new Error(`Invalid URL: ${t}`)}let r=process.env[m.FLOW_OBS_ALLOW_HTTP]==="true";if(!r&&e.protocol!=="https:")throw new Error(`URL must use HTTPS: ${t}`);if(e.username||e.password)throw new Error(`URL must not contain embedded credentials: ${t}`);if(!r&&Zs(e.hostname))throw new Error(`SSRF: private/loopback host not allowed: ${e.hostname}`);return t}async function en(){let t=N(process.env[m.ANTHROPIC_AUTH_TOKEN]);if(t)return {user:await dt().catch(()=>null)??t.clientId,tenant:t.tenant};if(fe.KEYCHAIN_ENABLED)try{let e=await b();if(!e)return {user:"",tenant:""};let r=await dt()??e.clientId??"",n=e.tenant??"";return {user:r,tenant:n}}catch{return {user:"",tenant:""}}return {user:"",tenant:""}}function to(){return new Date().toISOString().slice(0,10)}async function eo(t){let e=to(),r=await Ct();if(r?.lastAuthCheckAt!==e){l("getOrRefreshToken",`daily auth check (last: ${r?.lastAuthCheckAt??"never"})`);try{let o=await G(t);try{await Wt({...o,lastAuthCheckAt:e});}catch{}return l("getOrRefreshToken",`daily check passed, expires=${o.expiresAt}`),o.accessToken}catch(o){if(o instanceof lt)throw o;l("getOrRefreshToken",`daily check network error \u2014 using cache: ${o.message}`);}}let n=r!=null&&new Date(r.expiresAt)>new Date;if(l("getOrRefreshToken",`cacheValid=${n}`),n)return l("getOrRefreshToken",`using cached token, expires=${r.expiresAt}`),r.accessToken;l("getOrRefreshToken",`token expired \u2014 refreshing via auth-engine (tenant=${t.tenant} clientId=${t.clientId})`);let s=await G(t);try{await Wt({...s,lastAuthCheckAt:e});}catch(o){l("getOrRefreshToken",`token cache save failed (non-fatal): ${o.message}`);}return l("getOrRefreshToken",`token refreshed, expires=${s.expiresAt}`),s.accessToken}function ro(t,e){let r=e&&e.accessToken?e.accessToken:"";return {endpoint:t.replace(/\/$/,"")+"/flow-langfuse-gateway/v1/traces",authHeader:`Bearer ${r}`}}function no(t,e,r){let n=Buffer.from(`${e}:${r}`).toString("base64");return {endpoint:t.replace(/\/$/,"")+"/api/public/otel/v1/traces",authHeader:`Basic ${n}`}}async function J(){let t=[],e=process.env[m.ANTHROPIC_MODEL]??"",r=N(process.env[m.ANTHROPIC_AUTH_TOKEN]);l("resolveCredentials",r?"credentials resolved from ANTHROPIC_AUTH_TOKEN":"ANTHROPIC_AUTH_TOKEN absent or invalid"),r&&l("resolveCredentials",`clientId=${r.clientId}`,`tenant=${r.tenant}`),!r&&fe.KEYCHAIN_ENABLED&&(r=await b(),r&&l("resolveCredentials","credentials resolved from keychain (FEATURES.KEYCHAIN_ENABLED=true)"));let n=r?r.tenant:"",s=process.env[m.FLOW_TELEMETRY]==="true",o=process.env[m.LANGFUSE_BASE_URL],i=process.env[m.LANGFUSE_PUBLIC_KEY],a=process.env[m.LANGFUSE_SECRET_KEY];if(s&&o&&i&&a){let w="",T=n;if(r)w=await dt().catch(()=>null)??r.clientId;else if(fe.KEYCHAIN_ENABLED)try{let _=await b();_&&(w=await dt()??_.clientId,T=_.tenant);}catch{}let O={user:w??"",tenant:T??"",team:"",project:"",model:e};t.push({mode:"direct",...no(Pt(o),i,a),...O}),l("resolveCredentials","direct mode active",`user=${O.user}`,`tenant=${O.tenant}`);}if(!r){if(t.length===0){let w=[];return w.authError=false,w}return t}let c;try{c=await eo(r);}catch(w){if(l("resolveCredentials",`token refresh failed: ${w.message}`,`(tenant=${r.tenant} clientId=${r.clientId})`),t.length>0)return t.authError=true,t;let T=[];return T.authError=true,T}let p={user:Qs(c)??r.clientId,tenant:n,team:"",project:"",model:e},y=process.env[m.FLOW_TELEMETRY_GATEWAY]??ut();return t.push({mode:"gateway",...ro(Pt(y),{accessToken:c}),...p}),t}async function rn(){return (await J()).length>0}var Xs,W=f(()=>{"use strict";Kt();Lt();k();M();Xs=[/^localhost\.?$/i,/^127\./,/^10\./,/^172\.(1[6-9]|2\d|3[01])\./,/^192\.168\./,/^169\.254\./,/^0\.0\.0\.0$/,/^::1$/,/^\[::1\]$/,/^\[::ffff:/i,/^\[f[cd]/i,/^\[fe80:/i,/^metadata\.google\.internal\.?$/i,/^metadata\.azure\.internal\.?$/i,/(?:^|\.)localtest\.me\.?$/i,/(?:^|\.)lvh\.me\.?$/i,/(?:^|\.)vcap\.me\.?$/i];});function we(){if(process.env.WSL_DISTRO_NAME&&process.platform==="linux")return child_process.spawnSync("cmd.exe",["/c","where","claude"],{encoding:"utf8",timeout:5e3}).status===0;let t=process.platform==="win32"?"where":"which";return child_process.spawnSync(t,["claude"],{encoding:"utf8",timeout:5e3}).status===0}function or(){try{if(process.env.WSL_DISTRO_NAME&&process.platform==="linux"){let e=child_process.spawnSync("cmd.exe",["/c","claude","--version"],{encoding:"utf8",timeout:5e3});return e.status===0?e.stdout.trim():null}let t=child_process.spawnSync("claude",["--version"],{encoding:"utf8",timeout:5e3});return t.status===0?t.stdout.trim():null}catch{return null}}function nn(){if(child_process.spawnSync("node",["--version"],{encoding:"utf8",timeout:5e3}).status!==0)return {success:false,error:"no_nodejs",message:`Node.js is not installed. Install Node.js 18+ and try again:
38
+ ${{darwin:`brew install node
39
+ or download from: https://nodejs.org`,win32:`winget install OpenJS.NodeJS
40
+ or download from: https://nodejs.org`,linux:"See package manager instructions at: https://nodejs.org/en/download/package-manager"}[process.platform]??"Download from: https://nodejs.org"}`};let e=child_process.spawnSync("npm",["install","-g",sr],{encoding:"utf8",stdio:["inherit","inherit","pipe"],timeout:12e4});if(e.status===0)return {success:true};let r=String(e.stderr??""),n=e.error,s=n instanceof Error?n.message:r;return s.includes("EACCES")||s.includes("permission denied")||s.includes("EPERM")||r.includes("EACCES")||r.includes("EPERM")?{success:false,error:"permission_denied",message:process.platform==="win32"?`Run this terminal as Administrator and try again:
41
+ npm install -g ${sr}`:`Try with elevated permissions:
42
+ sudo npm install -g ${sr}`}:{success:false,error:"unknown",message:s||"npm install failed"}}var sr,ir=f(()=>{"use strict";sr="@anthropic-ai/claude-code";});function ar(){return bt__namespace.default.join(it__namespace.default.homedir(),".claude","flow-obs",".logged-out")}function on(){try{let t=ar();h__namespace.default.mkdirSync(bt__namespace.default.dirname(t),{recursive:!0}),h__namespace.default.writeFileSync(t,"",{mode:384});}catch{}}function an(){try{h__namespace.default.unlinkSync(ar());}catch{}}function Se(){try{return h__namespace.default.existsSync(ar())}catch{return false}}var cn=f(()=>{"use strict";});var cr={};H(cr,{promptRaw:()=>z,runLogin:()=>pt,runLogout:()=>uo,runStatus:()=>lo});function X(t){return typeof t=="string"?t.replace(oo,""):t}function z(t,e={}){return new Promise((r,n)=>{if(typeof process.stdin.setRawMode!="function"){n(new Error("NOT_A_TTY"));return}let{masked:s=false,defaultValue:o=""}=e;process.stdout.write(t+o);let i=o;function a(){try{process.stdin.setRawMode(!1);}catch{}}process.once("uncaughtException",a),process.once("unhandledRejection",a);let c=p=>{if(p===""){u(),n(new Error("SIGINT"));return}if(p==="\r"||p===`
43
+ `){u(),process.stdout.write(`
44
+ `),r(i);return}if(p==="\x7F"){i.length>0&&(i=i.slice(0,-1),process.stdout.write("\b \b"));return}p.startsWith("\x1B")||(i+=p,process.stdout.write(s?"*".repeat(p.length):p));};function u(){process.stdin.setRawMode(false),process.stdin.removeListener("data",c),process.removeListener("uncaughtException",a),process.removeListener("unhandledRejection",a);}process.stdin.setRawMode(true),process.stdin.resume(),process.stdin.setEncoding("utf8"),process.stdin.on("data",c);})}async function un(t){if(!Se())try{await b()||await rr(t);}catch{}}async function ln(t){let{accessToken:e,expiresAt:r}=await G(t);await rr(t),await Wt({accessToken:e,expiresAt:r}),an();try{let n=tn(t);q({[m.ANTHROPIC_AUTH_TOKEN]:n});}catch{}}async function io(t){try{return await ln(t),process.stdout.write(I(` \u2713 Setup complete. Tenant: ${X(t.tenant)}
45
+
46
+ `)),0}catch(e){return process.stderr.write(v(` \u2717 Authentication failed: ${X(e.message)}
47
+ `)),1}}async function ao(){try{process.stdout.write(`
48
+ `);let t=(await z(L(" ? ")+"Client ID: ")).trim(),e=(await z(L(" ? ")+"Client Secret: ",{masked:!0})).trim(),r=(await z(L(" ? ")+"Tenant: ")).trim();if(!t||!e||!r)return process.stderr.write(v(` \u2717 All fields are required
49
+ `)),1;try{await ln({clientId:t,clientSecret:e,tenant:r});}catch(n){return process.stderr.write(v(` \u2717 Authentication failed: ${X(n.message)}
50
+ `)),1}return process.stdout.write(I(` \u2713 Setup complete. Tenant: ${X(r)}
51
+ `)),process.stdout.write(` Storage: ${await nr()}
52
+
53
+ `),0}catch(t){if(t.message==="SIGINT"||t.message==="NOT_A_TTY")throw t;return process.stderr.write(v(` \u2717 Unexpected error: ${t.message}
54
+ `)),1}}async function pt(t={}){let e=ot();if(e)return e;if(t.clientId&&t.clientSecret&&t.tenant)return io({clientId:t.clientId,clientSecret:t.clientSecret,tenant:t.tenant});let r=Se()?null:N(process.env[m.ANTHROPIC_AUTH_TOKEN]);r&&await un(r);let n=r||await b();if(n){process.stdout.write(`
47
55
  `),process.stdout.write(j(` Already authenticated
48
- `)),process.stdout.write(S(" Tenant: ")+q(r.tenant)+`
49
- `),process.stdout.write(S(" Client ID: ")+q(r.clientId)+`
56
+ `)),process.stdout.write(g(" Tenant: ")+X(n.tenant)+`
57
+ `),process.stdout.write(g(" Client ID: ")+X(n.clientId)+`
50
58
  `),process.stdout.write(`
51
- `);let n;try{n=await Vt(H(" ? ")+"Re-authenticate? (y/N): ");}catch(s){if(s.message==="SIGINT")return process.stdout.write(`
52
- `),130;throw s}if(n.trim().toLowerCase()!=="y")return process.stdout.write(b(` \u2713 Using existing credentials.
59
+ `);let s;try{s=await z(L(" ? ")+"Re-authenticate? (y/N): ");}catch(o){if(o.message==="SIGINT")return process.stdout.write(`
60
+ `),130;if(o.message==="NOT_A_TTY")return process.stdout.write(I(` \u2713 Using existing credentials.
53
61
 
54
- `)),0}try{return await Qs()}catch(n){if(n.message==="SIGINT")return process.stdout.write(`
55
- `),130;throw n}}async function to(){try{return process.stdout.write(`
56
- `),(await Vt(H(" ? ")+"Are you sure? This will remove your local credentials. (y/N): ")).toLowerCase()!=="y"?(process.stdout.write(A(` \u26A0 Logout cancelled
62
+ `)),0;throw o}if(s.trim().toLowerCase()!=="y")return process.stdout.write(I(` \u2713 Using existing credentials.
63
+
64
+ `)),0}try{return await ao()}catch(s){if(s.message==="SIGINT")return process.stdout.write(`
65
+ `),130;if(s.message==="NOT_A_TTY")return process.stderr.write(v(` \u2717 No credentials found and no TTY available for interactive login.
66
+ `)+" Pass --client-id, --client-secret and --tenant, or run `flow-ai-obs auth login` in a terminal.\n\n"),1;throw s}}async function co(){try{return process.stdout.write(`
67
+ `),(await z(L(" ? ")+"Are you sure? This will remove your local credentials. (y/N): ")).toLowerCase()!=="y"?(process.stdout.write(A(` \u26A0 Logout cancelled
57
68
  `)),0):null}catch(t){if(t.message==="SIGINT")return process.stdout.write(`
58
- `),130;throw t}}async function eo(t=false){if(!await Vr())return process.stdout.write(A(` \u26A0 You are not authenticated
59
- `)),0;if(!t){let e=await to();if(e!==null)return e}try{return await jr(),qr(),process.stdout.write(b(` \u2713 Credentials removed successfully
60
- `)),0}catch{return process.stderr.write(B(` \u2717 Error removing credentials
61
- `)),1}}async function ro(){if(de())return process.stdout.write(A(" \u26A0 Not authenticated. Run `flow-ai-obs auth login` to set up.\n")),0;let t=R(process.env[f.ANTHROPIC_AUTH_TOKEN]);t&&await Xr(t);let e=t||await v();if(!e)return process.stdout.write(A(" \u26A0 Not authenticated. Run `flow-ai-obs auth login` to set up.\n")),0;if(!t&&!await le())return process.stdout.write(A(" \u26A0 Session expired. Run `flow-ai-obs auth login` to re-authenticate.\n")),0;let r=e.clientSecret.length>4?"****...****"+e.clientSecret.slice(-4):"****",n=t?"ANTHROPIC_AUTH_TOKEN (settings.json)":await Ke();return process.stdout.write(`
69
+ `),130;throw t}}async function uo(t=false){let e=ot();if(e)return e;if(!await Qr())return process.stdout.write(A(` \u26A0 You are not authenticated
70
+ `)),0;if(!t){let r=await co();if(r!==null)return r}try{return await Zr(),on(),process.stdout.write(I(` \u2713 Credentials removed successfully
71
+ `)),0}catch{return process.stderr.write(v(` \u2717 Error removing credentials
72
+ `)),1}}async function lo(){if(Se())return process.stdout.write(A(" \u26A0 Not authenticated. Run `flow-ai-obs auth login` to set up.\n")),0;let t=N(process.env[m.ANTHROPIC_AUTH_TOKEN]);t&&await un(t);let e=t||await b();if(!e)return process.stdout.write(A(" \u26A0 Not authenticated. Run `flow-ai-obs auth login` to set up.\n")),0;if(!t&&!await he())return process.stdout.write(A(" \u26A0 Session expired. Run `flow-ai-obs auth login` to re-authenticate.\n")),0;let r=e.clientSecret.length>4?"****...****"+e.clientSecret.slice(-4):"****",n=t?"ANTHROPIC_AUTH_TOKEN (settings.json)":await nr();return process.stdout.write(`
62
73
  `+j(` Authenticated
63
- `)),process.stdout.write(S(" Tenant: ")+q(e.tenant)+`
64
- `),process.stdout.write(S(" Client ID: ")+q(e.clientId)+`
65
- `),process.stdout.write(S(" Client Secret: ")+r+`
66
- `),process.stdout.write(S(" Storage: ")+n+`
74
+ `)),process.stdout.write(g(" Tenant: ")+X(e.tenant)+`
75
+ `),process.stdout.write(g(" Client ID: ")+X(e.clientId)+`
76
+ `),process.stdout.write(g(" Client Secret: ")+r+`
77
+ `),process.stdout.write(g(" Storage: ")+n+`
67
78
 
68
- `),0}var Xs,Yt=m(()=>{"use strict";bt();zr();_t();Y();Mt();k();mt();Xs=/[\x00-\x08\x0B-\x1F\x7F]|\x1b\[[0-9;]*[a-zA-Z]/g;});var sn={};M(sn,{runInit:()=>ze});function no(){if(process.env.WSL_DISTRO_NAME&&process.platform==="linux")return child_process.spawnSync("cmd.exe",["/c","where","claude"],{encoding:"utf8",timeout:5e3}).status===0;let t=process.platform==="win32"?"where":"which";return child_process.spawnSync(t,["claude"],{encoding:"utf8",timeout:5e3}).status===0}function so(){try{let t=y__namespace.readFileSync(G(),"utf8"),e=JSON.parse(t);return !!(e.env&&e.env[f.ANTHROPIC_AUTH_TOKEN])}catch{return false}}function nn(t){let e;try{e=new URL(t);}catch{throw new Error(`Invalid URL: ${t}`)}if(e.protocol!=="https:")throw new Error(`Custom URL must use HTTPS: ${t}`);let r=process.env[f.FLOW_OBS_ALLOW_HTTP];try{delete process.env[f.FLOW_OBS_ALLOW_HTTP],It(t);}finally{r!==void 0&&(process.env[f.FLOW_OBS_ALLOW_HTTP]=r);}if(e.pathname!=="/"&&e.pathname!=="")throw new Error(`Custom URL must be a base URL with no path beyond the root.
79
+ `),0}var oo,Jt=f(()=>{"use strict";Kt();cn();Lt();W();Vt();k();st();Ht();oo=/[\x00-\x08\x0B-\x1F\x7F]|\x1b\[[0-9;]*[a-zA-Z]/g;});var mn={};H(mn,{runInit:()=>fo});function po(){try{let t=h__namespace.readFileSync(P(),"utf8"),e=JSON.parse(t);return !!(e.env&&e.env[m.ANTHROPIC_AUTH_TOKEN])}catch{return false}}function fn(t){let e;try{e=new URL(t);}catch{throw new Error(`Invalid URL: ${t}`)}if(e.protocol!=="https:")throw new Error(`Custom URL must use HTTPS: ${t}`);let r=process.env[m.FLOW_OBS_ALLOW_HTTP];try{delete process.env[m.FLOW_OBS_ALLOW_HTTP],Pt(t);}finally{r!==void 0&&(process.env[m.FLOW_OBS_ALLOW_HTTP]=r);}if(e.pathname!=="/"&&e.pathname!=="")throw new Error(`Custom URL must be a base URL with no path beyond the root.
69
80
  Received: ${t}
70
81
  Expected: https://tenant.example.com`);if(e.search)throw new Error(`Custom URL must not contain query parameters.
71
82
  Received: ${t}
72
83
  Expected: https://tenant.example.com`);if(e.hash)throw new Error(`Custom URL must not contain fragment.
73
84
  Received: ${t}
74
- Expected: https://tenant.example.com`);return t.replace(/\/$/,"")}async function en(){for(let t=1;t<=3;t++)try{let e=await dr(" Enter your Flow base URL (e.g., https://tenant.ciandt.com)");return nn(e)}catch(e){if(process.stderr.write(A(` \u2717 ${e.message}
85
+ Expected: https://tenant.example.com`);return t.replace(/\/$/,"")}async function dn(){for(let t=1;t<=3;t++)try{let e=await _r(" Enter your Flow base URL (e.g., https://tenant.ciandt.com)");return fn(e)}catch(e){if(process.stderr.write(A(` \u2717 ${e.message}
75
86
 
76
- `)),t===3)throw process.stderr.write(B(` Too many invalid attempts.
87
+ `)),t===3)throw process.stderr.write(v(` Too many invalid attempts.
77
88
 
78
- `)),new Error("Too many invalid URL attempts")}throw new Error("Too many invalid URL attempts")}async function ze(t={}){let e=t.url;if(!no()){let l=tn[process.platform]||tn.linux;return process.stderr.write(`
79
- `+B(` \u2717 Claude Code is not installed or not found in PATH.
89
+ `)),new Error("Too many invalid URL attempts")}throw new Error("Too many invalid URL attempts")}async function fo(t={}){let e=ot();if(e)return e;let r=t.url;if(!we())return process.stderr.write(`
90
+ `+v(` \u2717 Claude Code is not installed or not found in PATH.
80
91
 
81
92
  `)+` flow-ai-obs requires Claude Code to function.
82
93
  Install it with:
83
94
 
84
- `+H(` ${l}`)+`
95
+ `+L(" npm install -g @anthropic-ai/claude-code")+`
85
96
 
86
- `),1}if(process.env.WSL_DISTRO_NAME&&process.platform==="linux"&&process.stdout.write(A(` \u26A0 WSL detected. If Claude Code is installed on Windows, install flow-ai-obs
87
- `)+A(" on Windows too: ")+H(`npm install -g @ciandt-flow/flow-ai-obs
97
+ `),1;if(process.env.WSL_DISTRO_NAME&&process.platform==="linux"&&process.stdout.write(A(` \u26A0 WSL detected. If Claude Code is installed on Windows, install flow-ai-obs
98
+ `)+A(" on Windows too: ")+L(`npm install -g @ciandt-flow/flow-ai-obs
88
99
  `)+A(` Running Claude (Windows) + flow-ai-obs (WSL) is not a supported configuration.
89
100
 
90
- `)),!e&&!t.noInteractive&&gt()){let l=rt();try{l?(process.stdout.write(`
91
- Current base URL: ${j(l)}
92
- `),await Ae(" Keep this URL?",!0)||(e=await en())):(process.stdout.write(`
93
- `),await Ae(" Does your organization use a custom Flow URL?",!1)&&(e=await en()));}catch{return 1}process.stdout.write(`
94
- `);}if(!e&&!t.noInteractive&&!gt()){let l=rt(),p=process.env.FLOW_BASE_URL,T=l??p??"https://flow.ciandt.com",g=!!(l??p);process.stdout.write(A(` \u26A0 Non-interactive environment detected.
95
- `)+S(` Using URL: ${T}
96
- `)+(g?"":S(` Run with --custom-url to configure a custom domain.
101
+ `)),!r&&!t.noInteractive&&Tt()){let u=ct();try{u?(process.stdout.write(`
102
+ Current base URL: ${j(u)}
103
+ `),await Pe(" Keep this URL?",!0)||(r=await dn())):(process.stdout.write(`
104
+ `),await Pe(" Does your organization use a custom Flow URL?",!1)&&(r=await dn()));}catch{return 1}process.stdout.write(`
105
+ `);}if(!r&&!t.noInteractive&&!Tt()){let u=ct(),p=process.env.FLOW_BASE_URL,y=u??p??ue,w=!!(u??p);process.stdout.write(A(` \u26A0 Non-interactive environment detected.
106
+ `)+g(` Using URL: ${y}
107
+ `)+(w?"":g(` Run with --custom-url to configure a custom domain.
97
108
  `))+`
98
- `);}let r=null,n=null;if(e){let l;try{l=nn(e);}catch(T){return process.stderr.write(`
99
- \u2717 Invalid --custom-url: ${T.message}
109
+ `);}let n=null,s=null;if(r){let u;try{u=fn(r);}catch(y){return process.stderr.write(`
110
+ \u2717 Invalid --custom-url: ${y.message}
100
111
 
101
- `),1}let p=rt();try{Ar(l);}catch(T){return process.stderr.write(`
102
- \u2717 Failed to persist custom URL: ${T.message}
112
+ `),1}let p=ct();try{Ur(u);}catch(y){return process.stderr.write(`
113
+ \u2717 Failed to persist custom URL: ${y.message}
103
114
 
104
- `),1}r=l,n={OTEL_EXPORTER_OTLP_ENDPOINT:`${l}/otel`,ANTHROPIC_BASE_URL:`${l}/flow-llm-proxy/`},p&&p!==l?process.stdout.write(A(` \u26A0 Base URL updated.
105
- `)+S(` Previous: ${p}
106
- `)+S(` New: ${l}
115
+ `),1}n=u,s={OTEL_EXPORTER_OTLP_ENDPOINT:`${u}/otel`,ANTHROPIC_BASE_URL:`${u}/flow-llm-proxy/`},p&&p!==u?process.stdout.write(A(` \u26A0 Base URL updated.
116
+ `)+g(` Previous: ${p}
117
+ `)+g(` New: ${u}
107
118
 
108
- `)):process.stdout.write(b(` \u2713 Base URL configured: ${l}
119
+ `)):process.stdout.write(I(` \u2713 Base URL configured: ${u}
109
120
 
110
- `));}if(!so())if(t.noInteractive||!gt())process.stdout.write(A(" \u26A0 No credentials found in settings.json \u2014 run `flow-ai-obs auth login` to authenticate.\n\n"));else {process.stdout.write(A(` \u26A0 No credentials found in settings.json \u2014 authentication required.
121
+ `));}if(!po())if(t.noInteractive||!Tt())process.stdout.write(A(" \u26A0 No credentials found in settings.json \u2014 run `flow-ai-obs auth login` to authenticate.\n\n"));else {process.stdout.write(A(` \u26A0 No credentials found in settings.json \u2014 authentication required.
111
122
 
112
- `));let{runLogin:l}=await Promise.resolve().then(()=>(Yt(),Je)),p=await l();if(p!==0)return p}let s,o;try{(({settingsPath:s,preserved:o}=Ir())),n&&At(n);}catch(l){return process.stderr.write(` \u2717 Failed to write settings: ${l.message}
123
+ `));let{runLogin:u}=await Promise.resolve().then(()=>(Jt(),cr)),p=await u();if(p!==0)return p}let o,i;try{(({settingsPath:o,preserved:i}=Mr())),s&&q(s);}catch(u){return process.stderr.write(` \u2717 Failed to write settings: ${u.message}
113
124
  `),1}process.stdout.write(`
114
125
  `+j(" Native OTEL configured")+` (metrics & logs)
115
- `);let i=n?{...ot,OTEL_EXPORTER_OTLP_ENDPOINT:n.OTEL_EXPORTER_OTLP_ENDPOINT}:ot;for(let[l,p]of Object.entries(i))process.stdout.write(S(` ${l.padEnd(36)}`)+p+`
126
+ `);let a=s?{...V,OTEL_EXPORTER_OTLP_ENDPOINT:s.OTEL_EXPORTER_OTLP_ENDPOINT}:V;for(let[u,p]of Object.entries(a))process.stdout.write(g(` ${u.padEnd(36)}`)+p+`
116
127
  `);process.stdout.write(`
117
128
  `),process.stdout.write(j(" Hooks registered")+` (Langfuse trace capture)
118
- `),process.stdout.write(S(" UserPromptSubmit")+` \u2192 flow-ai-obs UserPromptSubmit (timeout: 5s)
119
- `),process.stdout.write(S(" PreToolUse ")+` \u2192 flow-ai-obs PreToolUse (timeout: 3s)
120
- `),process.stdout.write(S(" PostToolUse ")+` \u2192 flow-ai-obs PostToolUse (timeout: 10s)
121
- `),process.stdout.write(S(" Stop ")+` \u2192 flow-ai-obs Stop (timeout: 15s)
122
- `),o.length>0&&(process.stdout.write(`
123
- `),process.stdout.write(A(` \u26A0 Third-party hooks detected and preserved on: ${o.join(", ")}
124
- `)),process.stdout.write(S(` flow-ai-obs was prepended \u2014 it executes first.
129
+ `),process.stdout.write(g(" UserPromptSubmit")+` \u2192 flow-ai-obs UserPromptSubmit (timeout: 5s)
130
+ `),process.stdout.write(g(" PreToolUse ")+` \u2192 flow-ai-obs PreToolUse (timeout: 3s)
131
+ `),process.stdout.write(g(" PostToolUse ")+` \u2192 flow-ai-obs PostToolUse (timeout: 10s)
132
+ `),process.stdout.write(g(" Stop ")+` \u2192 flow-ai-obs Stop (timeout: 15s)
133
+ `),i.length>0&&(process.stdout.write(`
134
+ `),process.stdout.write(A(` \u26A0 Third-party hooks detected and preserved on: ${i.join(", ")}
135
+ `)),process.stdout.write(g(` flow-ai-obs was prepended \u2014 it executes first.
125
136
  `))),process.stdout.write(`
126
- `),process.stdout.write(S(" Settings: ")+s+`
127
- `),process.stdout.write(S(" Backup: ")+s+`.bkp
128
- `),process.stdout.write(S(" OTEL auth: flow-ai-obs otel-headers")+S(` (reads keychain at runtime)
129
- `));let a=r??rt()??process.env.FLOW_BASE_URL??"https://flow.ciandt.com";process.stdout.write(S(" Base URL: ")+a+`
137
+ `),process.stdout.write(g(" Settings: ")+o+`
138
+ `),process.stdout.write(g(" Backup: ")+o+`.bkp
139
+ `),process.stdout.write(g(" OTEL auth: flow-ai-obs otel-headers")+g(` (reads keychain at runtime)
140
+ `));let c=n??ct()??process.env.FLOW_BASE_URL??ue;return process.stdout.write(g(" Base URL: ")+c+`
130
141
  `),process.stdout.write(`
131
- `),process.stdout.write(b(` \u2713 Ready. Native OTEL + Langfuse trace capture active.
132
- `)),process.stdout.write(S(" Run `flow-ai-obs setup` to also configure the Flow LLM Proxy.\n\n"));let c=wr();return c&&process.stdout.write(A(` \u26A0 ${c}
133
-
134
- `)),0}var tn,Xe=m(()=>{"use strict";Mt();k();mt();ne();Ne();Y();ke();tn={darwin:`npm install -g @anthropic-ai/claude-code
135
- or visit: https://claude.ai/download`,linux:"npm install -g @anthropic-ai/claude-code",win32:`npm install -g @anthropic-ai/claude-code
136
- or visit: https://claude.ai/download`};});var on={};M(on,{runSetup:()=>oo});async function oo(t={}){process.stdout.write(`
142
+ `),t.skipHint||(process.stdout.write(I(` \u2713 Ready. Native OTEL + Langfuse trace capture active.
143
+ `)),process.stdout.write(g(" Run `flow-ai-obs setup` to configure a full environment from scratch.\n\n"))),0}var gn=f(()=>{"use strict";Vt();k();st();ce();Ht();He();W();ir();Ne();});var En={};H(En,{runSetup:()=>So});function mo(){try{return JSON.parse(h__namespace.readFileSync(P(),"utf8"))}catch{return {}}}function go(t){return !!(t.env??{}).ANTHROPIC_BASE_URL}function ho(t){let e=t.env??{};return Object.keys(V).every(r=>!!e[r])}function wo(t){let e=t.hooks??{};return ["UserPromptSubmit","PreToolUse","PostToolUse","Stop"].every(n=>{let s=e[n];return Array.isArray(s)?s.some(o=>{let i=o;return Array.isArray(i?.hooks)&&i.hooks.some(a=>a?.command?.startsWith("flow-ai-obs "))}):false})}async function Eo(t){return (await z(t)).trim().toLowerCase()==="y"}function Te(t,e,r){process.stdout.write(`
144
+ ${j(`[${t}/${e}]`)} ${r}
145
+ `);}function Z(t){process.stdout.write(I(` \u2713 ${t}
146
+ `));}function hn(t){process.stdout.write(A(` \u26A0 ${t}
147
+ `));}function qt(t){process.stderr.write(v(` \u2717 ${t}
148
+ `));}function ft(t){process.stdout.write(g(` ${t}
149
+ `));}async function So(t={}){let e=ot();if(e)return e;let r=4;process.stdout.write(`
137
150
  \u2554\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2557
138
151
  `),process.stdout.write(`\u2551 flow-ai-obs \u2014 setup \u2551
139
152
  `),process.stdout.write(`\u255A\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u255D
140
-
141
- `);let e=await Rt(t);if(e!==0)return process.stderr.write(`
142
- Setup aborted. Run \`flow-ai-obs auth login\` to retry.
143
-
144
- `),e;process.stdout.write(`
145
- `);let r=await ze({noInteractive:true});if(r!==0)return r;try{At(Dt());}catch(s){process.stderr.write(` \u26A0 Could not write LLM Proxy config: ${s.message}
146
- `);}process.stdout.write(j(" Flow LLM Proxy configured")+` (model provider)
147
- `);for(let[s,o]of Object.entries(Dt()))process.stdout.write(S(` ${s.padEnd(36)}`)+o+`
148
- `);process.stdout.write(`
149
- `),process.stdout.write(` Validating connectivity to Flow OTEL endpoint\u2026
150
- `);let n=await v();return n?await Rr(n)?process.stdout.write(b(` \u2713 Connectivity validated \u2014 telemetry is active.
151
-
152
- `)):process.stdout.write(A(` \u26A0 Could not reach the OTEL endpoint. Telemetry will activate once connectivity is restored.
153
-
154
- `)):process.stdout.write(A(` \u26A0 Could not read stored credentials \u2014 skipping connectivity check.
155
-
156
- `)),process.stdout.write(b(` \u2713 Setup complete!
157
- `)),process.stdout.write(S(` Settings: ${G()}
158
-
159
- `)),0}var an=m(()=>{"use strict";k();mt();Yt();Xe();Mt();bt();});var cn={};M(cn,{runOtelHeaders:()=>io});async function io(){let t=R(process.env[f.ANTHROPIC_AUTH_TOKEN]);if(!t)try{t=await v();}catch{return process.stderr.write(`[flow-ai-obs otel-headers] Failed to read credentials
153
+ `),process.stdout.write(`
154
+ This will configure your development environment:
155
+ `),process.stdout.write(g(` [1/4] Claude Code Install @anthropic-ai/claude-code (if needed)
156
+ `)),process.stdout.write(g(` [2/4] Proxy Configure Flow LLM routing
157
+ `)),process.stdout.write(g(` [3/4] AI Usage Enable native OTEL telemetry
158
+ `)),process.stdout.write(g(` [4/4] Langfuse Register trace capture hooks
159
+ `)),process.stdout.write(`
160
+ `);let n=mo();if(Te(1,r,"Checking Claude Code..."),we()){let s=or();Z(s?`Already installed (${s}) \u2014 skipping.`:"Already installed \u2014 skipping.");}else {ft("Not found. Installing via npm...");let s=nn();if(!s.success)return qt(s.message??"Failed to install Claude Code."),process.stderr.write(v(` Setup aborted at step 1. Resolve the error above and try again.
161
+ `)),1;let o=or();Z(o?`Claude Code ${o} installed.`:"Claude Code installed.");}if(Te(2,r,"Configuring proxy..."),go(n)){let s=n.env.ANTHROPIC_BASE_URL;hn(`Proxy already configured (${s})`);let o=t.nonInteractive||!process.stdin.isTTY,i=false;if(!o)try{i=await Eo(L(" ? ")+"Replace existing proxy configuration? [y/N]: ");}catch(a){if(a.message==="SIGINT")return process.stdout.write(`
162
+ `),130;throw a}if(!i)ft("Keeping existing proxy configuration.");else {let a=await pt(t);if(a!==0)return a;try{q(jt()),Z("Proxy reconfigured.");}catch(c){return qt(`Could not write proxy config: ${c.message}`),1}}}else {let s=await pt(t);if(s!==0)return s;try{q(jt()),Z("Proxy configured."),ft(`Settings: ${P()}`);}catch(o){return qt(`Could not write proxy config: ${o.message}`),1}}if(Te(3,r,"Configuring AI Usage..."),ho(n))Z("Already configured \u2014 skipping.");else try{q(V),Z("AI Usage configured."),ft(`Settings: ${P()}`);}catch(s){return qt(`Could not write AI Usage config: ${s.message}`),1}if(Te(4,r,"Configuring Langfuse..."),wo(n))Z("Already configured \u2014 skipping.");else {let s,o;try{({settingsPath:s,preserved:o}=Br());}catch(i){return qt(`Could not write hooks: ${i.message}`),1}Z("Hooks registered (UserPromptSubmit, PreToolUse, PostToolUse, Stop)"),o.length>0&&(hn(`Third-party hooks preserved on: ${o.join(", ")}`),ft("flow-ai-obs was prepended \u2014 it executes first.")),ft(`Settings: ${s}`),ft(`Backup: ${s}.bkp`);}return process.stdout.write(`
163
+ `+I(" \u2713 Setup complete. Run `claude` to start.\n\n")),0}var Sn=f(()=>{"use strict";k();st();Ht();Jt();Vt();ir();});var Tn={};H(Tn,{runOtelHeaders:()=>To});async function To(){let t=N(process.env[m.ANTHROPIC_AUTH_TOKEN]);if(!t)try{t=await b();}catch{return process.stderr.write(`[flow-ai-obs otel-headers] Failed to read credentials
160
164
  `),1}if(!t)return process.stderr.write(`[flow-ai-obs otel-headers] Not authenticated \u2014 run: flow-ai-obs auth login
161
- `),1;let e;try{e=(await x(t)).accessToken;}catch(r){return process.stderr.write(`[flow-ai-obs otel-headers] Token fetch failed: ${r.message}
165
+ `),1;let e;try{e=(await G(t)).accessToken;}catch(r){return process.stderr.write(`[flow-ai-obs otel-headers] Token fetch failed: ${r.message}
162
166
  `),1}return e?(process.stdout.write(`{"Authorization": "Bearer ${e}"}
163
167
  `),0):(process.stderr.write(`[flow-ai-obs otel-headers] Empty token received
164
- `),1)}var ln=m(()=>{"use strict";bt();_t();Y();k();});var dn={};M(dn,{runCheck:()=>ao});function Ze(t){return !t||t.length<=8?"****":t.slice(0,4)+"****...****"+t.slice(-4)}function Wt(t){process.stdout.write(` \u2713 ${t}
165
- `);}function pe(t){process.stdout.write(` \u26A0 ${t}
166
- `);}function fe(t){process.stdout.write(` \u2717 ${t}
167
- `);}function P(t){process.stdout.write(` ${t}
168
- `);}function N(){process.stdout.write(`
169
- `);}async function ao(){N(),process.stdout.write(` flow-claude-observability \u2014 configuration check
170
- `),N(),process.stdout.write(` Auth
171
- `);let t=R(process.env[f.ANTHROPIC_AUTH_TOKEN]),e=t||await v();if(!e){pe("Not authenticated \u2014 starting setup..."),N();let a=await Rt();if(a!==0)return a;if(t=R(process.env[f.ANTHROPIC_AUTH_TOKEN]),e=t||await v(),!e)return fe("Authentication failed"),N(),1;N(),process.stdout.write(` Auth
172
- `);}if(!t&&!await le()){pe("Session expired \u2014 re-authenticating..."),N();let a=await Rt();if(a!==0)return a;N(),process.stdout.write(` Auth
173
- `);}let r=await at()||e.clientId;Wt("Authenticated"),P(`Tenant: ${e.tenant}`),P(`User: ${r}`),N(),process.stdout.write(` Native OTEL
174
- `);let n={};try{let a=y__namespace.readFileSync(G(),"utf8");n=JSON.parse(a).env||{};}catch{}let s=Object.keys(ot).filter(a=>!n[a]);if(s.length===0?(Wt("All OTEL env vars present in settings.json"),P(`Endpoint: ${n.OTEL_EXPORTER_OTLP_ENDPOINT}`)):(pe(`${s.length} OTEL var(s) missing from settings.json \u2014 native metrics/logs disabled`),s.forEach(a=>fe(`Missing: ${a}`)),P("Run: flow-ai-obs init (restores missing vars automatically)")),N(),process.stdout.write(` Tracing
175
- `),process.env[f.FLOW_TELEMETRY]==="true"){Wt("FLOW_TELEMETRY=true (direct mode enabled)");let a=[f.LANGFUSE_BASE_URL,f.LANGFUSE_PUBLIC_KEY,f.LANGFUSE_SECRET_KEY].filter(c=>!process.env[c]);a.length>0&&a.forEach(c=>pe(`Missing: ${c}`));}else P("FLOW_TELEMETRY not set \u2014 direct mode inactive (gateway mode may still be active)");let i=await K();if(!i||i.length===0)return i&&i.authError?fe("Token refresh failed \u2014 gateway mode could not activate"):(fe("No active destinations \u2014 no traces will be sent"),P("For direct mode: set FLOW_TELEMETRY=true + LANGFUSE_BASE_URL + LANGFUSE_PUBLIC_KEY + LANGFUSE_SECRET_KEY"),P("For gateway mode: run flow-claude-observability auth login")),N(),1;for(let a of i)if(a.mode==="gateway"){let c=await Lt();Wt("Mode: gateway"),P(`Endpoint: ${a.endpoint}`),P(`Token: ${Ze(c?.accessToken)}`);}else a.mode==="direct"&&(Wt("Mode: direct"),P(`Endpoint: ${a.endpoint}`),P(`PK: ${Ze(process.env[f.LANGFUSE_PUBLIC_KEY])}`),P(`SK: ${Ze(process.env[f.LANGFUSE_SECRET_KEY])}`));return N(),process.stdout.write(` All checks passed \u2014 observability is active.
176
- `),N(),0}var pn=m(()=>{"use strict";bt();Y();Mt();k();Yt();});function W(t,e){let r=typeof t=="object"?JSON.stringify(t):String(t??"");return r.length>e?r.slice(0,e)+" \u2026[truncated]":r}function me(t,e=100){return String(t??"").split(`
177
- `)[0].slice(0,e).trim()}function Qe(){return new Promise(t=>{let e="";process.stdin.setEncoding("utf8"),process.stdin.on("data",r=>{e+=r;}),process.stdin.on("end",()=>{try{t(JSON.parse(e));}catch{t({});}});})}function D(t){process.stdout.write(JSON.stringify(t));}var Pt=m(()=>{"use strict";});function J(){return String(BigInt(Date.now())*1000000n)}var tr,ct,Gt=m(()=>{"use strict";tr=()=>crypto.randomBytes(16).toString("hex"),ct=()=>crypto.randomBytes(8).toString("hex");});function So(t,e){let r=kt.resolve(t);if(!r.startsWith(e))throw new Error(`Path traversal detected: ${t}`);return r}function er(t){if(!wo.test(t))throw new Error(`Invalid session ID: ${t}`);return So(kt.join(tt.tmpdir(),`flow-obs-${t}.json`),Eo)}function Nt(t){let e=er(t);if(!y.existsSync(e))return null;try{return JSON.parse(y.readFileSync(e,"utf8"))}catch{return null}}function Ct(t,e){y.writeFileSync(er(t),JSON.stringify(e),{encoding:"utf8",mode:384});}function rr(t){try{y.unlinkSync(er(t));}catch{}}var wo,Eo,Kt=m(()=>{"use strict";wo=/^[0-9a-f-]{1,64}$/i,Eo=kt.normalize(tt.tmpdir())+kt.sep;});function wn(t){if(!t||!y.existsSync(t))return null;try{let e=y.readFileSync(t,"utf8").trimEnd().split(`
178
- `);for(let r=e.length-1;r>=0;r--)try{let n=JSON.parse(e[r]);if(n.type==="user"&&n.uuid)return n.uuid}catch{}}catch{}return null}function nr(t){if(!t||!y.existsSync(t))return null;try{let e=y.readFileSync(t,"utf8").trimEnd().split(`
179
- `),r=[],n=0,s=0;for(let o=e.length-1;o>=0;o--)try{let i=JSON.parse(e[o]);if(i.type==="user")break;if(i.type==="assistant"){let c=(i.message?.content??[]).filter(p=>p.type==="text").map(p=>p.text??"").join("");c&&r.unshift(c);let l=i.message?.usage??{};n+=(l.input_tokens??0)+(l.cache_read_input_tokens??0)+(l.cache_creation_input_tokens??0),s+=l.output_tokens??0;}}catch{}return !r.length&&n===0?null:{text:r.join(`
180
-
181
- `),inputTokens:n,outputTokens:s}}catch{}return null}var sr=m(()=>{"use strict";});function Tn(t){return t.replace(":","/")}function ge(t,e){if(!t)return null;let r=Tn(t),n=[kt.join(tt.homedir(),".claude","skills",r,"SKILL.md"),kt.join(e??"",".claude","skills",r,"SKILL.md")];for(let s of n)if(y.existsSync(s))try{return y.readFileSync(s,"utf8")}catch{}return null}function yn(t){return t.split(`
182
- `)[0].match(/^\/([a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?)(?:\s.*)?$/i)?.[1]??null}function _n(t){return !!t.slashSkill||t.toolCalls.some(n=>n.tool==="Skill")?t.toolCalls.some(n=>n.tool==="Skill"&&!n.synthetic||vo.has(n.tool))?"complete":"prerequisite_required":null}function he(t,e){if(!t)return null;let r=Tn(t),n=[kt.join(tt.homedir(),".claude","skills",r),kt.join(e??"",".claude","skills",r)],s=null;for(let a of n)if(y.existsSync(kt.join(a,"SKILL.md"))){s=a;break}if(!s)return null;let o=[];function i(a,c){for(let l of y.readdirSync(a,{withFileTypes:true})){if(Ao.has(l.name)||Oo.has(l.name)||ko.has(kt.extname(l.name)))continue;let p=c?`${c}/${l.name}`:l.name;l.isDirectory()?i(kt.join(a,l.name),p):o.push(p);}}return i(s,""),o.length>0?o:null}var Ao,ko,Oo,vo,we=m(()=>{"use strict";Ao=new Set([".venv","__pycache__",".git","node_modules"]),ko=new Set([".pyc",".pyo"]),Oo=new Set(["SKILL.md",".DS_Store",".gitignore"]);vo=new Set(["Read","Write","Edit","MultiEdit","Bash","Glob","Grep","TodoWrite","WebFetch","WebSearch","Agent","Task"]);});function Io(t){try{let e=t.split(".")[1].replace(/-/g,"+").replace(/_/g,"/");return JSON.parse(Buffer.from(e,"base64").toString())}catch{return null}}function Ro(t,e,r,n){return new Promise(s=>{let o=new URL(t),i=o.protocol==="https:",a=(i?as__namespace.default:ks__namespace.default).request({hostname:o.hostname,port:o.port||(i?443:80),path:o.pathname+o.search,method:"POST",headers:{"Content-Type":"application/json","Content-Length":Buffer.byteLength(e),Authorization:`Bearer ${String(r).replace(/[\r\n]/g,"")}`,FlowTenant:String(n).replace(/[\r\n]/g,"")}},c=>{c.resume(),s(c.statusCode??0);});a.on("error",()=>s(0)),a.setTimeout(5e3,()=>{a.destroy(),s(0);}),a.write(e),a.end();})}async function lt(t,e={}){try{let r=R(process.env[f.ANTHROPIC_AUTH_TOKEN]);if(!r)return;let n,s=new Promise((T,g)=>{n=setTimeout(()=>g(new Error("getToken timeout")),4e3),n.unref();}),{accessToken:o}=await Promise.race([x(r),s]);clearTimeout(n);let i=Io(o);if(!i)return;let a=i.tenant||r.tenant,c=JSON.stringify({action:t,booster:Ue().BOOSTER,metadata:e,success:!0,tenant:a,timestamp:new Date().toISOString(),os:process.platform,user:{email:i.email||"",id:i.sub||"",name:i.name||i.email||""}}),l=It(Ue().API_URL),p=await Ro(l,c,o,a);u("metrics.logEvent",`action=${t} status=${p}`);}catch(r){u("metrics.logEvent",`silenced error: ${r.message}`);}}var Ee=m(()=>{"use strict";k();_t();Y();F();});async function or(t,e=false){if(e){process.stdout.write(JSON.stringify({decision:"block",reason:Po})+`
183
- `);return}let n=!!(await K()).authError,s=t.session_id||"unknown",o=t.prompt||"",i=t.cwd||"",a=wn(t.transcript_path)||tr(),c=yn(o),l=c?ge(c,i):null,p=c?he(c,i):null;Ct(s,{traceId:tr(),spanId:ct(),startNs:J(),sessionId:s,prompt:o,cwd:i,traceName:a,transcriptPath:t.transcript_path||"",model:process.env[f.ANTHROPIC_MODEL]||"",toolCalls:[],spans:[],pendingTool:null,slashSkill:c,skillContent:l,skillArtifacts:p}),lt("SESSION_STARTED",{traceType:c?"skill":"prompt",slashSkill:c,clientIdExpired:n}),u("UserPromptSubmit",`sid=${s}`,`traceName=${a}`,`slashSkill=${c}`),D(t);}var Po,An=m(()=>{"use strict";Gt();Kt();sr();we();Pt();F();k();Y();Ee();Po=`\u26D4 Your Flow API key has expired. You no longer have access to Claude Code through the Flow platform. To restore observability and access, visit ${nt()}/settings/api-keys to generate a new API key, then run: flow-ai-obs auth login`;});async function kn(t){let e=t.session_id||"unknown",r=t.tool_name||"unknown",n=t.tool_input||{},s=Nt(e);s&&(s.pendingTool={name:r,inputStr:W(n,V.TOOL_INPUT),startNs:J()},Ct(e,s)),u("PreToolUse",`sid=${e}`,`tool=${r}`,`stateFound=${!!s}`),D(t);}var On=m(()=>{"use strict";Gt();Kt();Pt();F();k();});function d(t,e){return e==null||e===""?null:{key:t,value:{stringValue:String(e)}}}function ut(...t){return t.filter(e=>e!==null)}function vn(t,e){return {resourceSpans:[{resource:{attributes:t},scopeSpans:[{scope:No,spans:Array.isArray(e)?e:[e]}]}]}}var No,w,Ln=m(()=>{"use strict";k();No={name:Ce.SCOPE_NAME,version:Ce.SCOPE_VERSION},w={TRACE_NAME:"langfuse.trace.name",TRACE_INPUT:"langfuse.trace.input",TRACE_OUTPUT:"langfuse.trace.output",TRACE_METADATA:"langfuse.trace.metadata",TRACE_TAGS:"langfuse.trace.tags",USER_ID:"langfuse.user.id",SESSION_ID:"langfuse.session.id",OBS_NAME:"langfuse.observation.name",OBS_INPUT:"langfuse.observation.input",OBS_OUTPUT:"langfuse.observation.output",OBS_LEVEL:"langfuse.observation.level",OBS_TYPE:"langfuse.observation.type",MODEL:"gen_ai.request.model",INPUT_TOKENS:"gen_ai.usage.input_tokens",OUTPUT_TOKENS:"gen_ai.usage.output_tokens"};});function In(t,e,r,n,s){if(process.env[f.FLOW_OBS_DEBUG]!=="1")return;let o=JSON.stringify({ts:new Date().toISOString(),request:{method:"POST",url:t,headers:e,body:JSON.parse(r)},response:{status:n,body:s}});try{y.writeFileSync(bn,o+`
184
- `,{flag:"a",encoding:"utf8",mode:384}),u("sendTraces:dump",`request appendada em ${bn}`);}catch(i){u("sendTraces:dump",`falha ao salvar: ${i.message}`);}}function Do(t){let e=new URL(t),r=new URL(st().GATEWAY_HEALTH);return r.hostname=e.hostname,r.port=e.port,r.protocol=e.protocol,r}function Rn(t,e){return new Promise((r,n)=>{let s=t._isSSL?as__namespace.default:ks__namespace.default;t.headers=Object.assign({},t.headers,{Connection:"close"});let o=s.request(t,i=>{let a=[];i.on("data",c=>a.push(c)),i.on("end",()=>r({statusCode:i.statusCode??0,body:a.join("")}));});o.setTimeout(1e4,()=>{o.destroy(new Error("Request timeout"));}),o.on("error",i=>n(new Error(`Network error: ${i.message}`))),e&&o.write(e),o.end();})}async function Pn(t,e){let r;try{r=Do(t);}catch{return false}let n=r.protocol==="https:";try{let s={};e&&(s.Authorization=String(e).replace(/[\r\n]/g,""));let o=await Rn({hostname:r.hostname,port:r.port||(n?443:80),path:r.pathname,method:"GET",headers:s,_isSSL:n},null);return u("checkHealth",`url=${r.href} status=${o.statusCode}`),o.statusCode>=200&&o.statusCode<300}catch{return false}}async function Se(t,e,r){let n=JSON.stringify(t),s=new URL(e),o=s.protocol==="https:",i=String(r).replace(/[\r\n]/g,""),a={"Content-Type":"application/json",Authorization:i,"Content-Length":Buffer.byteLength(n)};u("sendTraces:request",`POST ${e}`),u("sendTraces:request",`headers=${JSON.stringify({...a,Authorization:i.slice(0,20)+"\u2026"})}`),u("sendTraces:request",`body=${n.slice(0,500)}${n.length>500?"\u2026":""}`);try{let c=await Rn({hostname:s.hostname,port:s.port||(o?443:80),path:s.pathname,method:"POST",headers:a,_isSSL:o},n);return u("sendTraces:response",`status=${c.statusCode}`),In(e,a,n,c.statusCode,c.body),c.statusCode}catch(c){return u("sendTraces:error",c.message),In(e,a,n,0,c.message),0}}var bn,Nn=m(()=>{"use strict";k();F();bn=kt.join(tt.tmpdir(),"flow-obs-requests.ndjson");});function Mo(){let t=parseInt(process.env[f.BUFFER_TTL_DAYS]??"",10);return (Number.isFinite(t)?Math.max($.MIN_TTL_DAYS,Math.min($.MAX_TTL_DAYS,t)):$.DEFAULT_TTL_DAYS)*24*60*60*1e3}function Bo(){let t=parseInt(process.env[f.BUFFER_MAX_FILES]??"",10);return Number.isFinite(t)?Math.max($.MIN_MAX_FILES,Math.min($.MAX_MAX_FILES,t)):$.DEFAULT_MAX_FILES}function Un(t){if(/[/\\]/.test(t))throw new Error(`Invalid buffer fileId: ${t}`);return kt__namespace.default.join(tt__namespace.default.tmpdir(),`${$.FILE_PREFIX}${t}.json`)}function ar(){let t=tt__namespace.default.tmpdir(),e;try{e=y__namespace.default.readdirSync(t);}catch{return []}return e.filter(r=>r.startsWith($.FILE_PREFIX)&&r.endsWith(".json")).map(r=>{let n=kt__namespace.default.join(t,r),s=0;try{s=y__namespace.default.statSync(n).mtimeMs;}catch{}return {full:n,mtime:s}}).sort((r,n)=>r.mtime-n.mtime).map(r=>r.full)}function qt(t){try{let e=Bo(),r=ar();if(r.length>=e){let o=r.slice(0,r.length-e+1);for(let i of o)try{y__namespace.default.unlinkSync(i);}catch{}}let n=`${Date.now()}-${Math.random().toString(36).slice(2,8)}`,s={fileId:n,bufferedAt:Date.now(),payload:t};return y__namespace.default.writeFileSync(Un(n),JSON.stringify(s),{encoding:"utf8",mode:384}),u("buffer",`saved fileId=${n}`),n}catch(e){return u("buffer",`saveToBuffer failed: ${e.message}`),null}}function $n(t){let e=ar(),r=t!=null&&t>0?t:e.length,n=[];for(let s of e){if(n.length>=r)break;try{let o=y__namespace.default.readFileSync(s,"utf8"),i=JSON.parse(o);i&&i.fileId&&i.payload&&n.push(i);}catch{u("buffer",`skipping malformed file: ${s}`);}}return n}function Fn(t){try{y__namespace.default.unlinkSync(Un(t)),u("buffer",`deleted fileId=${t}`);}catch{}}function xn(){let t=Date.now()-Mo();for(let e of ar())try{let{mtimeMs:r}=y__namespace.default.statSync(e);r<t&&(y__namespace.default.unlinkSync(e),u("buffer",`evicted stale: ${kt__namespace.default.basename(e)}`));}catch{}}var Dn=m(()=>{"use strict";k();F();});async function Ho(t){xn();let e=$n($.REPLAY_BATCH_SIZE);e.length&&(u("replayBufferedTraces",`replaying ${e.length} buffered trace(s)`),await Promise.allSettled(e.map(async r=>{try{let n=await Se(r.payload,t.endpoint,t.authHeader);n>=200&&n<300?(Fn(r.fileId),u("replayBufferedTraces",`replayed fileId=${r.fileId} status=${n}`)):u("replayBufferedTraces",`replay failed fileId=${r.fileId} status=${n}`);}catch(n){u("replayBufferedTraces",`replay error fileId=${r.fileId}: ${n.message}`);}})));}async function Mn(t){let e=await K();if(!e.length)return e.authError&&(u("postToLangfuse","auth refresh failed \u2014 buffering trace"),qt(t)),0;let r=await Promise.all(e.map(async o=>{if(o.mode!=="gateway")return {creds:o,healthy:true};let i=await Pn(o.endpoint,o.authHeader);return {creds:o,healthy:i}})),n=r.find(o=>o.creds.mode==="gateway"&&o.healthy)?.creds??r.find(o=>o.creds.mode==="direct")?.creds;return n&&await Ho(n),(await Promise.all(r.map(async({creds:o,healthy:i})=>{if(o.mode==="gateway"){if(!i)return u("postToLangfuse","gateway health check failed \u2014 buffering trace"),qt(t),0;let c=await Se(t,o.endpoint,o.authHeader);return (c===0||c>=500)&&(u("postToLangfuse",`gateway send failed (status ${c}) \u2014 buffering trace`),qt(t)),c}let a=await Se(t,o.endpoint,o.authHeader);return (a===0||a>=500)&&(u("postToLangfuse",`direct endpoint unavailable (status ${a}) \u2014 buffering trace`),qt(t)),a}))).find(o=>o!==0)??0}var Bn=m(()=>{"use strict";Y();F();Nn();Dn();k();});var cr=m(()=>{"use strict";Ln();Bn();});function X(t){if(t==null)return "";let e=typeof t=="string"?t:JSON.stringify(t);return Wo.reduce((r,{re:n,replace:s})=>r.replace(n,s),e)}var C,jo,Vo,Yo,Hn,Wo,lr=m(()=>{"use strict";C="[REDACTED]",jo="[REDACTED-EMAIL]",Vo="[REDACTED-CPF]",Yo="[REDACTED-CNPJ]",Hn="[REDACTED-PHONE]",Wo=[{re:/\b(sk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`sk-${C}`},{re:/\b(pk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`pk-${C}`},{re:/\b(Bearer\s+)[A-Za-z0-9\-._~+/]+=*/gi,replace:(t,e)=>`${e}${C}`},{re:/\b(Basic\s+)[A-Za-z0-9+/]+=*/gi,replace:(t,e)=>`${e}${C}`},{re:/(-----BEGIN [A-Z ]+-----)[^-]*(-----END [A-Z ]+-----)/g,replace:(t,e,r)=>`${e}
185
- ${C}
186
- ${r}`},{re:/\b(AKIA[0-9A-Z]{16})\b/g,replace:()=>`AKIA${C}`},{re:/(aws_secret_access_key\s*[=:]\s*)([A-Za-z0-9/+]{40})/gi,replace:(t,e)=>`${e}${C}`},{re:/\b(ghp_[A-Za-z0-9]{36,})/g,replace:()=>`ghp_${C}`},{re:/\b(github_pat_[A-Za-z0-9_]{36,})/gi,replace:()=>`github_pat_${C}`},{re:/\b(eyJ[A-Za-z0-9_\-]+\.eyJ[A-Za-z0-9_\-]+\.[A-Za-z0-9_\-]+)/g,replace:()=>`eyJ.${C}`},{re:/\b([A-Z0-9_]*(?:SECRET|TOKEN|KEY|PASSWORD|PASSWD|PWD|CREDENTIAL|API)[A-Z0-9_]*\s*=\s*)(['"]?)([^\s'"#\n]+)\2/gi,replace:(t,e,r)=>`${e}${r}${C}${r}`},{re:/([a-z][a-z0-9+\-.]*:\/\/[^:/?#\s]*):([^@\s]+)@/gi,replace:(t,e)=>`${e}:${C}@`},{re:/[a-zA-Z0-9._%+\-]+@[a-zA-Z0-9.\-]+\.[a-zA-Z]{2,}/g,replace:()=>jo},{re:/\b\d{3}\.\d{3}\.\d{3}-\d{2}\b/g,replace:()=>Vo},{re:/\b\d{2}\.\d{3}\.\d{3}\/\d{4}-\d{2}\b/g,replace:()=>Yo},{re:/\(\d{2}\)\s?\d{4,5}[-\s]?\d{4}/g,replace:()=>Hn},{re:/\+55[\s-]?\d{2}[\s-]?\d{4,5}[-\s]?\d{4}/g,replace:()=>Hn}];});async function jn(t){let e=t.session_id||"unknown",r=t.tool_name||"unknown",n=t.tool_input||{},s=t.tool_response,o=s!==null&&typeof s=="object"?s.output??JSON.stringify(s):s??"",i=Nt(e);if(!i){D(t);return}let a=J(),c=i.pendingTool,l=c?.name===r,p=l?c.startNs:String(BigInt(a)-200000000n),T=l?c.inputStr:W(n,V.TOOL_INPUT),g=T,E=null;if(r==="Skill"){let ee=typeof n=="object"&&n!==null?n.skill||n.name||n.skillName||n.commandName||String(Object.values(n)[0]??""):String(n);E=ee?String(ee).trim():null;let Z=E?ge(E,i.cwd):null;Z&&(g=Z,i.skillContent||(i.skillContent=Z),i.skillArtifacts||(i.skillArtifacts=he(E,i.cwd))),E&&!i.slashSkill&&(i.slashSkill=E),u("PostToolUse","Skill tool detected",`skillName=${E}`,`contentFound=${!!Z}`);}let O=X(W(o,V.TOOL_OUTPUT)),_=/\b(error|exception|failed|failure|traceback|errno)\b/i.test(O.slice(0,500)),zt=_?"ERROR":"DEFAULT",$t=ct(),Xt=Math.round(Number(BigInt(a)-BigInt(p))/1e6),Qt={Agent:"AGENT",Task:"AGENT"}[r]??"TOOL",te=r==="Skill"&&E?E:me(T,60);i.toolCalls.push({tool:r,brief:te,error:_,durationMs:Xt});let Ft=i.spans;Ft.push({traceId:i.traceId,spanId:$t,parentSpanId:i.spanId,name:r,kind:3,startTimeUnixNano:p,endTimeUnixNano:a,attributes:ut(d(w.OBS_NAME,r),d(w.OBS_TYPE,Qt),d(w.OBS_LEVEL,zt),d(w.OBS_INPUT,X(g)),d(w.OBS_OUTPUT,O),d("tool.name",r),d("tool.error",String(_)),r==="Skill"&&E?d("skill.name",E):null,r==="Skill"?d("skill.invocation","slash-command"):null),status:{code:_?2:1}}),i.pendingTool=null,Ct(e,i),_&&lt("TOOL_ERROR",{toolName:r}),u("PostToolUse",`sid=${e}`,`tool=${r}`,`error=${_}`,`durationMs=${Xt}`,`totalSpans=${Ft.length}`),D(t);}var Vn=m(()=>{"use strict";Gt();Kt();cr();Pt();we();F();k();lr();Ee();});function Wn(t,e,r){let n=Object.keys(Yn).find(i=>(t??"").toLowerCase().includes(i));if(!n)return;let s=Yn[n],o=(e*s.input+r*s.output)/1e6;return Math.round(o*1e6)/1e6}var Yn,Gn=m(()=>{"use strict";Yn={"claude-opus-4-6":{input:15,output:75},"claude-opus-4-5":{input:15,output:75},"claude-sonnet-4-6":{input:3,output:15},"claude-sonnet-4-5":{input:3,output:15},"claude-haiku-4-5":{input:.8,output:4},"claude-4-6-opus":{input:15,output:75},"claude-4-6-sonnet":{input:3,output:15},"claude-4-5-opus":{input:15,output:75},"claude-4-5-sonnet":{input:3,output:15},"claude-4-5-haiku":{input:.8,output:4},"claude-3-5-sonnet-20241022":{input:3,output:15},"claude-3-5-haiku-20241022":{input:.8,output:4},"claude-3-opus-20240229":{input:15,output:75}};});async function Kn(t){let e=t.session_id||"unknown",r=t.stop_reason||"end_turn",n=Nt(e);if(!n){D(t);return}n.slashSkill&&!/^[a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?$/i.test(n.slashSkill)&&(u("Stop",`sid=${e}`,`slashSkill rejected post-disk: "${n.slashSkill}"`),n.slashSkill=null);let s=J(),o=await Wr(),i=n.toolCalls,a=n.spans;if(n.slashSkill&&!i.some(h=>h.tool==="Skill")){let h=ct(),Q=n.skillContent?n.skillContent:JSON.stringify({skill:n.slashSkill});i.push({tool:"Skill",brief:n.slashSkill,error:false,durationMs:0,synthetic:true}),a.push({traceId:n.traceId,spanId:h,parentSpanId:n.spanId,name:"Skill",kind:3,startTimeUnixNano:n.startNs,endTimeUnixNano:n.startNs,attributes:ut(d(w.OBS_NAME,"Skill"),d(w.OBS_TYPE,"TOOL"),d(w.OBS_LEVEL,"DEFAULT"),d(w.OBS_INPUT,Q),d(w.OBS_OUTPUT,"loaded via slash command"),d("tool.name","Skill"),d("tool.error","false"),d("skill.name",n.slashSkill),d("skill.invocation","slash-command")),status:{code:1}}),u("Stop",`slashSkill=${n.slashSkill}`,"synthetic span injected");}let c=t.transcript_path||n.transcriptPath||"",l=nr(c);if(c&&(i.some(h=>h.tool==="Skill"&&!h.synthetic)||!!n.slashSkill)&&!l?.text){await new Promise(Q=>setTimeout(Q,500));let h=nr(c);h?.text&&(l=h);}u("Stop",`transcriptPath=${c||"(empty)"}`,`assistantOut=${l?`text=${l.text.length}chars`:"null"}`);let T=i.length,g=i.filter(h=>h.error).length,E=X(l?.text?W(l.text,V.TRACE_OUTPUT):T===0?"No tools used":i.map((h,Q)=>`${Q+1}. ${h.tool}${h.brief?` \u2192 ${h.brief}`:""}${h.error?" [ERROR]":""}`).join(`
187
- `)),O=l?.inputTokens??0,_=l?.outputTokens??0,zt=i.map((h,Q)=>`${Q+1}. ${h.tool}${h.brief?` \u2192 ${h.brief}`:""}${h.error?" [ERROR]":""} (${h.durationMs}ms)`),$t=!!(n.slashSkill||i.some(h=>h.tool==="Skill")),Xt=i.some(h=>h.tool==="Agent");if(!$t&&!Xt){u("Stop",`sid=${e}`,"skipping trace \u2014 no Skill or Agent calls found"),lt("TRACE_SKIPPED",{reason:"no_skill_or_agent"}),rr(e),D(t);return}let Zt=$t?"skill":"agent",Qt=Math.round(Number(BigInt(s)-BigInt(n.startNs))/1e6),te=Wn(n.model,O,_),pt=_n(n);pt==="prerequisite_required"&&l?.text&&(pt="complete"),pt==="prerequisite_required"&&(a.push({traceId:n.traceId,spanId:ct(),parentSpanId:n.spanId,name:"prerequisite-check",kind:3,startTimeUnixNano:n.startNs,endTimeUnixNano:s,attributes:ut(d(w.OBS_NAME,"prerequisite-check"),d(w.OBS_TYPE,"EVENT"),d(w.OBS_LEVEL,"WARNING"),d(w.OBS_OUTPUT,E),d("skill.name",n.slashSkill||void 0),d("execution_status","prerequisite_required")),status:{code:1}}),u("Stop",`sid=${e}`,"prerequisite-check span injected",`skill=${n.slashSkill}`));let Ft=(()=>{if(!(!$t||!n.prompt)){if(n.slashSkill){let h=n.prompt.replace(new RegExp(`^\\/${n.slashSkill}\\s*`,"i"),"").trim();return h?W(X(h),V.USER_INSTRUCTION):void 0}return W(X(n.prompt),V.USER_INSTRUCTION)||void 0}})(),ee=JSON.stringify({trace_type:Zt,...pt!==null&&{execution_status:pt},...n.slashSkill?{skill_name:n.slashSkill}:{},...n.skillArtifacts?.length&&{skill_artifacts:n.skillArtifacts},...Ft!==void 0&&{user_instruction:Ft},latency_ms:Qt,...O&&{tokens_input:O},..._&&{tokens_output:_},cost_usd:te,...n.model?{model:n.model}:{},toolCount:T,errorCount:g,stopReason:r,sessionId:n.sessionId,tools:zt.length?zt:void 0}),Z=X(W(n.prompt,V.TRACE_INPUT)),zn=ut(d(w.TRACE_NAME,n.traceName),d(w.TRACE_INPUT,Z),d(w.TRACE_OUTPUT,E),d(w.OBS_INPUT,Z),d(w.OBS_OUTPUT,E),d(w.TRACE_METADATA,ee),d(w.SESSION_ID,n.sessionId),d(w.USER_ID,o.user),d(w.OBS_TYPE,"GENERATION"),d(w.MODEL,n.model),O?d(w.INPUT_TOKENS,O):null,_?d(w.OUTPUT_TOKENS,_):null,d("claude.stop_reason",r),d("claude.tool_count",String(T)),d("claude.error_count",String(g)),d("claude.session_id",n.sessionId),d("flow.trace_type",Zt),{key:w.TRACE_TAGS,value:{arrayValue:{values:[{stringValue:Zt}]}}}),Xn={traceId:n.traceId,spanId:n.spanId,name:n.traceName,kind:1,startTimeUnixNano:n.startNs,endTimeUnixNano:s,attributes:zn,status:{code:g>0?2:1}},Zn=ut(d("service.name",process.env.LANGFUSE_PROJECT_NAME||"claude-code"),d("deployment.environment",process.env.LANGFUSE_ENVIRONMENT||"default")),ur=[...a,Xn];u("Stop",`sid=${e}`,`totalTools=${T}`,`errorTools=${g}`,`spans=${ur.length}`,`inputTokens=${O}`,`outputTokens=${_}`,`traceOutput="${me(E,80)}"`);let Qn=await Mn(vn(Zn,ur));u("Stop",`POST status=${Qn}`,`traceId=${n.traceId}`),lt("TRACE_SENT",{latencyMs:Qt,totalTools:T,errorTools:g,inputTokens:O,outputTokens:_,costUsd:te}),rr(e),D(t);}var qn=m(()=>{"use strict";Gt();Kt();cr();Y();Gn();sr();Pt();F();we();lr();k();Ee();});async function Go(){let t=process.argv[2];if(t==="UserPromptSubmit"){let r=await Qe(),n;try{n=await K();}catch{process.stdout.write(JSON.stringify(r));return}n.authError?await or(r,true):n.length>0?await or(r):process.stdout.write(JSON.stringify(r));return}if(!await Gr()){let r=[];process.stdin.on("data",n=>r.push(n)),process.stdin.on("end",()=>process.stdout.write(r.join("")));return}let e=await Qe();switch(t){case "PreToolUse":await kn(e);break;case "PostToolUse":await jn(e);break;case "Stop":await Kn(e);break;default:process.stderr.write(`[flow-obs] unknown event: ${t}
188
- `),process.stdout.write(JSON.stringify(e));}}var Jn=m(()=>{"use strict";Y();Pt();An();On();Vn();qn();Go().catch(t=>{process.stderr.write(`[flow-obs] fatal: ${t.message}
189
- `),process.exit(0);});});var qo=new Set(["UserPromptSubmit","PreToolUse","PostToolUse","Stop"]),[,,U,Jt]=process.argv;function dt(t,e){let r=t.indexOf(e);return r!==-1?t[r+1]:void 0}if(U==="--version"||U==="-v"){let{version:t}=re();process.stdout.write(t+`
190
- `),process.exit(0);}else if(U==="--help"||U==="-h"){let{bold:t,cyan:e,dim:r}=(mt(),L(ye)),{version:n}=re();process.stdout.write(`
168
+ `),1)}var yn=f(()=>{"use strict";Kt();Lt();W();k();});var kn={};H(kn,{runCheck:()=>yo});function ur(t){return !t||t.length<=8?"****":t.slice(0,4)+"****...****"+t.slice(-4)}function zt(t){process.stdout.write(` \u2713 ${t}
169
+ `);}function ye(t){process.stdout.write(` \u26A0 ${t}
170
+ `);}function _e(t){process.stdout.write(` \u2717 ${t}
171
+ `);}function U(t){process.stdout.write(` ${t}
172
+ `);}function $(){process.stdout.write(`
173
+ `);}async function yo(){$(),process.stdout.write(` flow-claude-observability \u2014 configuration check
174
+ `),$(),process.stdout.write(` Auth
175
+ `);let t=N(process.env[m.ANTHROPIC_AUTH_TOKEN]),e=t||await b();if(!e){ye("Not authenticated \u2014 starting setup..."),$();let a=await pt();if(a!==0)return a;if(t=N(process.env[m.ANTHROPIC_AUTH_TOKEN]),e=t||await b(),!e)return _e("Authentication failed"),$(),1;$(),process.stdout.write(` Auth
176
+ `);}if(!t&&!await he()){ye("Session expired \u2014 re-authenticating..."),$();let a=await pt();if(a!==0)return a;$(),process.stdout.write(` Auth
177
+ `);}let r=await dt()||e.clientId;zt("Authenticated"),U(`Tenant: ${e.tenant}`),U(`User: ${r}`),$(),process.stdout.write(` Native OTEL
178
+ `);let n={};try{let a=h__namespace.readFileSync(P(),"utf8");n=JSON.parse(a).env||{};}catch{}let s=Object.keys(V).filter(a=>!n[a]);if(s.length===0?(zt("All OTEL env vars present in settings.json"),U(`Endpoint: ${n.OTEL_EXPORTER_OTLP_ENDPOINT}`)):(ye(`${s.length} OTEL var(s) missing from settings.json \u2014 native metrics/logs disabled`),s.forEach(a=>_e(`Missing: ${a}`)),U("Run: flow-ai-obs init (restores missing vars automatically)")),$(),process.stdout.write(` Tracing
179
+ `),process.env[m.FLOW_TELEMETRY]==="true"){zt("FLOW_TELEMETRY=true (direct mode enabled)");let a=[m.LANGFUSE_BASE_URL,m.LANGFUSE_PUBLIC_KEY,m.LANGFUSE_SECRET_KEY].filter(c=>!process.env[c]);a.length>0&&a.forEach(c=>ye(`Missing: ${c}`));}else U("FLOW_TELEMETRY not set \u2014 direct mode inactive (gateway mode may still be active)");let i=await J();if(!i||i.length===0)return i&&i.authError?_e("Token refresh failed \u2014 gateway mode could not activate"):(_e("No active destinations \u2014 no traces will be sent"),U("For direct mode: set FLOW_TELEMETRY=true + LANGFUSE_BASE_URL + LANGFUSE_PUBLIC_KEY + LANGFUSE_SECRET_KEY"),U("For gateway mode: run flow-claude-observability auth login")),$(),1;for(let a of i)if(a.mode==="gateway"){let c=await Ct();zt("Mode: gateway"),U(`Endpoint: ${a.endpoint}`),U(`Token: ${ur(c?.accessToken)}`);}else a.mode==="direct"&&(zt("Mode: direct"),U(`Endpoint: ${a.endpoint}`),U(`PK: ${ur(process.env[m.LANGFUSE_PUBLIC_KEY])}`),U(`SK: ${ur(process.env[m.LANGFUSE_SECRET_KEY])}`));return $(),process.stdout.write(` All checks passed \u2014 observability is active.
180
+ `),$(),0}var An=f(()=>{"use strict";Kt();W();Vt();k();Jt();});function K(t,e){let r=typeof t=="object"?JSON.stringify(t):String(t??"");return r.length>e?r.slice(0,e)+" \u2026[truncated]":r}function ke(t,e=100){return String(t??"").split(`
181
+ `)[0].slice(0,e).trim()}function lr(){return new Promise(t=>{let e="";process.stdin.setEncoding("utf8"),process.stdin.on("data",r=>{e+=r;}),process.stdin.on("end",()=>{try{t(JSON.parse(e));}catch{t({});}});})}function B(t){process.stdout.write(JSON.stringify(t));}var Ut=f(()=>{"use strict";});function Q(){return String(BigInt(Date.now())*1000000n)}var dr,mt,Xt=f(()=>{"use strict";dr=()=>crypto.randomBytes(16).toString("hex"),mt=()=>crypto.randomBytes(8).toString("hex");});function Po(t,e){let r=bt.resolve(t);if(!r.startsWith(e))throw new Error(`Path traversal detected: ${t}`);return r}function pr(t){if(!Io.test(t))throw new Error(`Invalid session ID: ${t}`);return Po(bt.join(it.tmpdir(),`flow-obs-${t}.json`),Co)}function $t(t){let e=pr(t);if(!h.existsSync(e))return null;try{return JSON.parse(h.readFileSync(e,"utf8"))}catch{return null}}function Ft(t,e){h.writeFileSync(pr(t),JSON.stringify(e),{encoding:"utf8",mode:384});}function fr(t){try{h.unlinkSync(pr(t));}catch{}}var Io,Co,Zt=f(()=>{"use strict";Io=/^[0-9a-f-]{1,64}$/i,Co=bt.normalize(it.tmpdir())+bt.sep;});function Rn(t){if(!t||!h.existsSync(t))return null;try{let e=h.readFileSync(t,"utf8").trimEnd().split(`
182
+ `);for(let r=e.length-1;r>=0;r--)try{let n=JSON.parse(e[r]);if(n.type==="user"&&n.uuid)return n.uuid}catch{}}catch{}return null}function mr(t){if(!t||!h.existsSync(t))return null;try{let e=h.readFileSync(t,"utf8").trimEnd().split(`
183
+ `),r=[],n=0,s=0;for(let o=e.length-1;o>=0;o--)try{let i=JSON.parse(e[o]);if(i.type==="user")break;if(i.type==="assistant"){let c=(i.message?.content??[]).filter(p=>p.type==="text").map(p=>p.text??"").join("");c&&r.unshift(c);let u=i.message?.usage??{};n+=(u.input_tokens??0)+(u.cache_read_input_tokens??0)+(u.cache_creation_input_tokens??0),s+=u.output_tokens??0;}}catch{}return !r.length&&n===0?null:{text:r.join(`
184
+
185
+ `),inputTokens:n,outputTokens:s}}catch{}return null}var gr=f(()=>{"use strict";});function Pn(t){return t.replace(":","/")}function Ae(t,e){if(!t)return null;let r=Pn(t),n=[bt.join(it.homedir(),".claude","skills",r,"SKILL.md"),bt.join(e??"",".claude","skills",r,"SKILL.md")];for(let s of n)if(h.existsSync(s))try{return h.readFileSync(s,"utf8")}catch{}return null}function Nn(t){return t.split(`
186
+ `)[0].match(/^\/([a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?)(?:\s.*)?$/i)?.[1]??null}function Un(t){return !!t.slashSkill||t.toolCalls.some(n=>n.tool==="Skill")?t.toolCalls.some(n=>n.tool==="Skill"&&!n.synthetic||Mo.has(n.tool))?"complete":"prerequisite_required":null}function Oe(t,e){if(!t)return null;let r=Pn(t),n=[bt.join(it.homedir(),".claude","skills",r),bt.join(e??"",".claude","skills",r)],s=null;for(let a of n)if(h.existsSync(bt.join(a,"SKILL.md"))){s=a;break}if(!s)return null;let o=[];function i(a,c){for(let u of h.readdirSync(a,{withFileTypes:true})){if(Fo.has(u.name)||Do.has(u.name)||xo.has(bt.extname(u.name)))continue;let p=c?`${c}/${u.name}`:u.name;u.isDirectory()?i(bt.join(a,u.name),p):o.push(p);}}return i(s,""),o.length>0?o:null}var Fo,xo,Do,Mo,ve=f(()=>{"use strict";Fo=new Set([".venv","__pycache__",".git","node_modules"]),xo=new Set([".pyc",".pyo"]),Do=new Set(["SKILL.md",".DS_Store",".gitignore"]);Mo=new Set(["Read","Write","Edit","MultiEdit","Bash","Glob","Grep","TodoWrite","WebFetch","WebSearch","Agent","Task"]);});function jo(t){try{let e=t.split(".")[1].replace(/-/g,"+").replace(/_/g,"/");return JSON.parse(Buffer.from(e,"base64").toString())}catch{return null}}function Vo(t,e,r,n){return new Promise(s=>{let o=new URL(t),i=o.protocol==="https:",a=(i?Ss__default.default:$s__default.default).request({hostname:o.hostname,port:o.port||(i?443:80),path:o.pathname+o.search,method:"POST",headers:{"Content-Type":"application/json","Content-Length":Buffer.byteLength(e),Authorization:`Bearer ${String(r).replace(/[\r\n]/g,"")}`,FlowTenant:String(n).replace(/[\r\n]/g,"")}},c=>{c.resume(),s(c.statusCode??0);});a.on("error",()=>s(0)),a.setTimeout(5e3,()=>{a.destroy(),s(0);}),a.write(e),a.end();})}async function gt(t,e={}){try{let r=N(process.env[m.ANTHROPIC_AUTH_TOKEN]);if(!r)return;let n,s=new Promise((y,w)=>{n=setTimeout(()=>w(new Error("getToken timeout")),4e3),n.unref();}),{accessToken:o}=await Promise.race([G(r),s]);clearTimeout(n);let i=jo(o);if(!i)return;let a=i.tenant||r.tenant,c=JSON.stringify({action:t,booster:Ye().BOOSTER,metadata:e,success:!0,tenant:a,timestamp:new Date().toISOString(),os:process.platform,user:{email:i.email||"",id:i.sub||"",name:i.name||i.email||""}}),u=Pt(Ye().API_URL),p=await Vo(u,c,o,a);l("metrics.logEvent",`action=${t} status=${p}`);}catch(r){l("metrics.logEvent",`silenced error: ${r.message}`);}}var Le=f(()=>{"use strict";k();Lt();W();M();});async function hr(t,e=false){if(e){process.stdout.write(JSON.stringify({decision:"block",reason:Yo})+`
187
+ `);return}let n=!!(await J()).authError,s=t.session_id||"unknown",o=t.prompt||"",i=t.cwd||"",a=Rn(t.transcript_path)||dr(),c=Nn(o),u=c?Ae(c,i):null,p=c?Oe(c,i):null;Ft(s,{traceId:dr(),spanId:mt(),startNs:Q(),sessionId:s,prompt:o,cwd:i,traceName:a,transcriptPath:t.transcript_path||"",model:process.env[m.ANTHROPIC_MODEL]||"",toolCalls:[],spans:[],pendingTool:null,slashSkill:c,skillContent:u,skillArtifacts:p}),gt("SESSION_STARTED",{traceType:c?"skill":"prompt",slashSkill:c,clientIdExpired:n}),l("UserPromptSubmit",`sid=${s}`,`traceName=${a}`,`slashSkill=${c}`),B(t);}var Yo,$n=f(()=>{"use strict";Xt();Zt();gr();ve();Ut();M();k();W();Le();Yo=`\u26D4 Your Flow API key has expired. You no longer have access to Claude Code through the Flow platform. To restore observability and access, visit ${ut()}/settings/api-keys to generate a new API key, then run: flow-ai-obs auth login`;});async function Fn(t){let e=t.session_id||"unknown",r=t.tool_name||"unknown",n=t.tool_input||{},s=$t(e);s&&(s.pendingTool={name:r,inputStr:K(n,Y.TOOL_INPUT),startNs:Q()},Ft(e,s)),l("PreToolUse",`sid=${e}`,`tool=${r}`,`stateFound=${!!s}`),B(t);}var xn=f(()=>{"use strict";Xt();Zt();Ut();M();k();});function d(t,e){return e==null||e===""?null:{key:t,value:{stringValue:String(e)}}}function ht(...t){return t.filter(e=>e!==null)}function Dn(t,e){return {resourceSpans:[{resource:{attributes:t},scopeSpans:[{scope:Go,spans:Array.isArray(e)?e:[e]}]}]}}var Go,S,Mn=f(()=>{"use strict";k();Go={name:je.SCOPE_NAME,version:je.SCOPE_VERSION},S={TRACE_NAME:"langfuse.trace.name",TRACE_INPUT:"langfuse.trace.input",TRACE_OUTPUT:"langfuse.trace.output",TRACE_METADATA:"langfuse.trace.metadata",TRACE_TAGS:"langfuse.trace.tags",USER_ID:"langfuse.user.id",SESSION_ID:"langfuse.session.id",OBS_NAME:"langfuse.observation.name",OBS_INPUT:"langfuse.observation.input",OBS_OUTPUT:"langfuse.observation.output",OBS_LEVEL:"langfuse.observation.level",OBS_TYPE:"langfuse.observation.type",MODEL:"gen_ai.request.model",INPUT_TOKENS:"gen_ai.usage.input_tokens",OUTPUT_TOKENS:"gen_ai.usage.output_tokens"};});function Hn(t,e,r,n,s){if(process.env[m.FLOW_OBS_DEBUG]!=="1")return;let o=JSON.stringify({ts:new Date().toISOString(),request:{method:"POST",url:t,headers:e,body:JSON.parse(r)},response:{status:n,body:s}});try{h.writeFileSync(Bn,o+`
188
+ `,{flag:"a",encoding:"utf8",mode:384}),l("sendTraces:dump",`request appendada em ${Bn}`);}catch(i){l("sendTraces:dump",`falha ao salvar: ${i.message}`);}}function Xo(t){let e=new URL(t),r=new URL(vt().GATEWAY_HEALTH);return r.hostname=e.hostname,r.port=e.port,r.protocol=e.protocol,r}function jn(t,e){return new Promise((r,n)=>{let s=t._isSSL?Ss__default.default:$s__default.default;t.headers=Object.assign({},t.headers,{Connection:"close"});let o=s.request(t,i=>{let a=[];i.on("data",c=>a.push(c)),i.on("end",()=>r({statusCode:i.statusCode??0,body:a.join("")}));});o.setTimeout(1e4,()=>{o.destroy(new Error("Request timeout"));}),o.on("error",i=>n(new Error(`Network error: ${i.message}`))),e&&o.write(e),o.end();})}async function Vn(t,e){let r;try{r=Xo(t);}catch{return false}let n=r.protocol==="https:";try{let s={};e&&(s.Authorization=String(e).replace(/[\r\n]/g,""));let o=await jn({hostname:r.hostname,port:r.port||(n?443:80),path:r.pathname,method:"GET",headers:s,_isSSL:n},null);return l("checkHealth",`url=${r.href} status=${o.statusCode}`),o.statusCode>=200&&o.statusCode<300}catch{return false}}async function be(t,e,r){let n=JSON.stringify(t),s=new URL(e),o=s.protocol==="https:",i=String(r).replace(/[\r\n]/g,""),a={"Content-Type":"application/json",Authorization:i,"Content-Length":Buffer.byteLength(n)};l("sendTraces:request",`POST ${e}`),l("sendTraces:request",`headers=${JSON.stringify({...a,Authorization:i.slice(0,20)+"\u2026"})}`),l("sendTraces:request",`body=${n.slice(0,500)}${n.length>500?"\u2026":""}`);try{let c=await jn({hostname:s.hostname,port:s.port||(o?443:80),path:s.pathname,method:"POST",headers:a,_isSSL:o},n);return l("sendTraces:response",`status=${c.statusCode}`),Hn(e,a,n,c.statusCode,c.body),c.statusCode}catch(c){return l("sendTraces:error",c.message),Hn(e,a,n,0,c.message),0}}var Bn,Yn=f(()=>{"use strict";k();M();Bn=bt.join(it.tmpdir(),"flow-obs-requests.ndjson");});function Zo(){let t=parseInt(process.env[m.BUFFER_TTL_DAYS]??"",10);return (Number.isFinite(t)?Math.max(D.MIN_TTL_DAYS,Math.min(D.MAX_TTL_DAYS,t)):D.DEFAULT_TTL_DAYS)*24*60*60*1e3}function Qo(){let t=parseInt(process.env[m.BUFFER_MAX_FILES]??"",10);return Number.isFinite(t)?Math.max(D.MIN_MAX_FILES,Math.min(D.MAX_MAX_FILES,t)):D.DEFAULT_MAX_FILES}function Wn(t){if(/[/\\]/.test(t))throw new Error(`Invalid buffer fileId: ${t}`);return bt__namespace.default.join(it__namespace.default.tmpdir(),`${D.FILE_PREFIX}${t}.json`)}function Er(){let t=it__namespace.default.tmpdir(),e;try{e=h__namespace.default.readdirSync(t);}catch{return []}return e.filter(r=>r.startsWith(D.FILE_PREFIX)&&r.endsWith(".json")).map(r=>{let n=bt__namespace.default.join(t,r),s=0;try{s=h__namespace.default.statSync(n).mtimeMs;}catch{}return {full:n,mtime:s}}).sort((r,n)=>r.mtime-n.mtime).map(r=>r.full)}function Qt(t){try{let e=Qo(),r=Er();if(r.length>=e){let o=r.slice(0,r.length-e+1);for(let i of o)try{h__namespace.default.unlinkSync(i);}catch{}}let n=`${Date.now()}-${Math.random().toString(36).slice(2,8)}`,s={fileId:n,bufferedAt:Date.now(),payload:t};return h__namespace.default.writeFileSync(Wn(n),JSON.stringify(s),{encoding:"utf8",mode:384}),l("buffer",`saved fileId=${n}`),n}catch(e){return l("buffer",`saveToBuffer failed: ${e.message}`),null}}function Kn(t){let e=Er(),r=t!=null&&t>0?t:e.length,n=[];for(let s of e){if(n.length>=r)break;try{let o=h__namespace.default.readFileSync(s,"utf8"),i=JSON.parse(o);i&&i.fileId&&i.payload&&n.push(i);}catch{l("buffer",`skipping malformed file: ${s}`);}}return n}function Jn(t){try{h__namespace.default.unlinkSync(Wn(t)),l("buffer",`deleted fileId=${t}`);}catch{}}function qn(){let t=Date.now()-Zo();for(let e of Er())try{let{mtimeMs:r}=h__namespace.default.statSync(e);r<t&&(h__namespace.default.unlinkSync(e),l("buffer",`evicted stale: ${bt__namespace.default.basename(e)}`));}catch{}}var zn=f(()=>{"use strict";k();M();});async function ti(t){qn();let e=Kn(D.REPLAY_BATCH_SIZE);e.length&&(l("replayBufferedTraces",`replaying ${e.length} buffered trace(s)`),await Promise.allSettled(e.map(async r=>{try{let n=await be(r.payload,t.endpoint,t.authHeader);n>=200&&n<300?(Jn(r.fileId),l("replayBufferedTraces",`replayed fileId=${r.fileId} status=${n}`)):l("replayBufferedTraces",`replay failed fileId=${r.fileId} status=${n}`);}catch(n){l("replayBufferedTraces",`replay error fileId=${r.fileId}: ${n.message}`);}})));}async function Xn(t){let e=await J();if(!e.length)return e.authError&&(l("postToLangfuse","auth refresh failed \u2014 buffering trace"),Qt(t)),0;let r=await Promise.all(e.map(async o=>{if(o.mode!=="gateway")return {creds:o,healthy:true};let i=await Vn(o.endpoint,o.authHeader);return {creds:o,healthy:i}})),n=r.find(o=>o.creds.mode==="gateway"&&o.healthy)?.creds??r.find(o=>o.creds.mode==="direct")?.creds;return n&&await ti(n),(await Promise.all(r.map(async({creds:o,healthy:i})=>{if(o.mode==="gateway"){if(!i)return l("postToLangfuse","gateway health check failed \u2014 buffering trace"),Qt(t),0;let c=await be(t,o.endpoint,o.authHeader);return (c===0||c>=500)&&(l("postToLangfuse",`gateway send failed (status ${c}) \u2014 buffering trace`),Qt(t)),c}let a=await be(t,o.endpoint,o.authHeader);return (a===0||a>=500)&&(l("postToLangfuse",`direct endpoint unavailable (status ${a}) \u2014 buffering trace`),Qt(t)),a}))).find(o=>o!==0)??0}var Zn=f(()=>{"use strict";W();M();Yn();zn();k();});var Sr=f(()=>{"use strict";Mn();Zn();});function et(t){if(t==null)return "";let e=typeof t=="string"?t:JSON.stringify(t);return si.reduce((r,{re:n,replace:s})=>r.replace(n,s),e)}var F,ei,ri,ni,Qn,si,Tr=f(()=>{"use strict";F="[REDACTED]",ei="[REDACTED-EMAIL]",ri="[REDACTED-CPF]",ni="[REDACTED-CNPJ]",Qn="[REDACTED-PHONE]",si=[{re:/\b(sk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`sk-${F}`},{re:/\b(pk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`pk-${F}`},{re:/\b(Bearer\s+)[A-Za-z0-9\-._~+/]+=*/gi,replace:(t,e)=>`${e}${F}`},{re:/\b(Basic\s+)[A-Za-z0-9+/]+=*/gi,replace:(t,e)=>`${e}${F}`},{re:/(-----BEGIN [A-Z ]+-----)[^-]*(-----END [A-Z ]+-----)/g,replace:(t,e,r)=>`${e}
189
+ ${F}
190
+ ${r}`},{re:/\b(AKIA[0-9A-Z]{16})\b/g,replace:()=>`AKIA${F}`},{re:/(aws_secret_access_key\s*[=:]\s*)([A-Za-z0-9/+]{40})/gi,replace:(t,e)=>`${e}${F}`},{re:/\b(ghp_[A-Za-z0-9]{36,})/g,replace:()=>`ghp_${F}`},{re:/\b(github_pat_[A-Za-z0-9_]{36,})/gi,replace:()=>`github_pat_${F}`},{re:/\b(eyJ[A-Za-z0-9_\-]+\.eyJ[A-Za-z0-9_\-]+\.[A-Za-z0-9_\-]+)/g,replace:()=>`eyJ.${F}`},{re:/\b([A-Z0-9_]*(?:SECRET|TOKEN|KEY|PASSWORD|PASSWD|PWD|CREDENTIAL|API)[A-Z0-9_]*\s*=\s*)(['"]?)([^\s'"#\n]+)\2/gi,replace:(t,e,r)=>`${e}${r}${F}${r}`},{re:/([a-z][a-z0-9+\-.]*:\/\/[^:/?#\s]*):([^@\s]+)@/gi,replace:(t,e)=>`${e}:${F}@`},{re:/[a-zA-Z0-9._%+\-]+@[a-zA-Z0-9.\-]+\.[a-zA-Z]{2,}/g,replace:()=>ei},{re:/\b\d{3}\.\d{3}\.\d{3}-\d{2}\b/g,replace:()=>ri},{re:/\b\d{2}\.\d{3}\.\d{3}\/\d{4}-\d{2}\b/g,replace:()=>ni},{re:/\(\d{2}\)\s?\d{4,5}[-\s]?\d{4}/g,replace:()=>Qn},{re:/\+55[\s-]?\d{2}[\s-]?\d{4,5}[-\s]?\d{4}/g,replace:()=>Qn}];});async function ts(t){let e=t.session_id||"unknown",r=t.tool_name||"unknown",n=t.tool_input||{},s=t.tool_response,o=s!==null&&typeof s=="object"?s.output??JSON.stringify(s):s??"",i=$t(e);if(!i){B(t);return}let a=Q(),c=i.pendingTool,u=c?.name===r,p=u?c.startNs:String(BigInt(a)-200000000n),y=u?c.inputStr:K(n,Y.TOOL_INPUT),w=y,T=null;if(r==="Skill"){let ie=typeof n=="object"&&n!==null?n.skill||n.name||n.skillName||n.commandName||String(Object.values(n)[0]??""):String(n);T=ie?String(ie).trim():null;let rt=T?Ae(T,i.cwd):null;rt&&(w=rt,i.skillContent||(i.skillContent=rt),i.skillArtifacts||(i.skillArtifacts=Oe(T,i.cwd))),T&&!i.slashSkill&&(i.slashSkill=T),l("PostToolUse","Skill tool detected",`skillName=${T}`,`contentFound=${!!rt}`);}let O=et(K(o,Y.TOOL_OUTPUT)),_=/\b(error|exception|failed|failure|traceback|errno)\b/i.test(O.slice(0,500)),ee=_?"ERROR":"DEFAULT",Dt=mt(),re=Math.round(Number(BigInt(a)-BigInt(p))/1e6),se={Agent:"AGENT",Task:"AGENT"}[r]??"TOOL",oe=r==="Skill"&&T?T:ke(y,60);i.toolCalls.push({tool:r,brief:oe,error:_,durationMs:re});let Mt=i.spans;Mt.push({traceId:i.traceId,spanId:Dt,parentSpanId:i.spanId,name:r,kind:3,startTimeUnixNano:p,endTimeUnixNano:a,attributes:ht(d(S.OBS_NAME,r),d(S.OBS_TYPE,se),d(S.OBS_LEVEL,ee),d(S.OBS_INPUT,et(w)),d(S.OBS_OUTPUT,O),d("tool.name",r),d("tool.error",String(_)),r==="Skill"&&T?d("skill.name",T):null,r==="Skill"?d("skill.invocation","slash-command"):null),status:{code:_?2:1}}),i.pendingTool=null,Ft(e,i),_&&gt("TOOL_ERROR",{toolName:r}),l("PostToolUse",`sid=${e}`,`tool=${r}`,`error=${_}`,`durationMs=${re}`,`totalSpans=${Mt.length}`),B(t);}var es=f(()=>{"use strict";Xt();Zt();Sr();Ut();ve();M();k();Tr();Le();});function ns(t,e,r){let n=Object.keys(rs).find(i=>(t??"").toLowerCase().includes(i));if(!n)return;let s=rs[n],o=(e*s.input+r*s.output)/1e6;return Math.round(o*1e6)/1e6}var rs,ss=f(()=>{"use strict";rs={"claude-opus-4-6":{input:15,output:75},"claude-opus-4-5":{input:15,output:75},"claude-sonnet-4-6":{input:3,output:15},"claude-sonnet-4-5":{input:3,output:15},"claude-haiku-4-5":{input:.8,output:4},"claude-4-6-opus":{input:15,output:75},"claude-4-6-sonnet":{input:3,output:15},"claude-4-5-opus":{input:15,output:75},"claude-4-5-sonnet":{input:3,output:15},"claude-4-5-haiku":{input:.8,output:4},"claude-3-5-sonnet-20241022":{input:3,output:15},"claude-3-5-haiku-20241022":{input:.8,output:4},"claude-3-opus-20240229":{input:15,output:75}};});async function os(t){let e=t.session_id||"unknown",r=t.stop_reason||"end_turn",n=$t(e);if(!n){B(t);return}n.slashSkill&&!/^[a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?$/i.test(n.slashSkill)&&(l("Stop",`sid=${e}`,`slashSkill rejected post-disk: "${n.slashSkill}"`),n.slashSkill=null);let s=Q(),o=await en(),i=n.toolCalls,a=n.spans;if(n.slashSkill&&!i.some(E=>E.tool==="Skill")){let E=mt(),nt=n.skillContent?n.skillContent:JSON.stringify({skill:n.slashSkill});i.push({tool:"Skill",brief:n.slashSkill,error:false,durationMs:0,synthetic:true}),a.push({traceId:n.traceId,spanId:E,parentSpanId:n.spanId,name:"Skill",kind:3,startTimeUnixNano:n.startNs,endTimeUnixNano:n.startNs,attributes:ht(d(S.OBS_NAME,"Skill"),d(S.OBS_TYPE,"TOOL"),d(S.OBS_LEVEL,"DEFAULT"),d(S.OBS_INPUT,nt),d(S.OBS_OUTPUT,"loaded via slash command"),d("tool.name","Skill"),d("tool.error","false"),d("skill.name",n.slashSkill),d("skill.invocation","slash-command")),status:{code:1}}),l("Stop",`slashSkill=${n.slashSkill}`,"synthetic span injected");}let c=t.transcript_path||n.transcriptPath||"",u=mr(c);if(c&&(i.some(E=>E.tool==="Skill"&&!E.synthetic)||!!n.slashSkill)&&!u?.text){await new Promise(nt=>setTimeout(nt,500));let E=mr(c);E?.text&&(u=E);}l("Stop",`transcriptPath=${c||"(empty)"}`,`assistantOut=${u?`text=${u.text.length}chars`:"null"}`);let y=i.length,w=i.filter(E=>E.error).length,T=et(u?.text?K(u.text,Y.TRACE_OUTPUT):y===0?"No tools used":i.map((E,nt)=>`${nt+1}. ${E.tool}${E.brief?` \u2192 ${E.brief}`:""}${E.error?" [ERROR]":""}`).join(`
191
+ `)),O=u?.inputTokens??0,_=u?.outputTokens??0,ee=i.map((E,nt)=>`${nt+1}. ${E.tool}${E.brief?` \u2192 ${E.brief}`:""}${E.error?" [ERROR]":""} (${E.durationMs}ms)`),Dt=!!(n.slashSkill||i.some(E=>E.tool==="Skill")),re=i.some(E=>E.tool==="Agent");if(!Dt&&!re){l("Stop",`sid=${e}`,"skipping trace \u2014 no Skill or Agent calls found"),gt("TRACE_SKIPPED",{reason:"no_skill_or_agent"}),fr(e),B(t);return}let ne=Dt?"skill":"agent",se=Math.round(Number(BigInt(s)-BigInt(n.startNs))/1e6),oe=ns(n.model,O,_),Et=Un(n);Et==="prerequisite_required"&&u?.text&&(Et="complete"),Et==="prerequisite_required"&&(a.push({traceId:n.traceId,spanId:mt(),parentSpanId:n.spanId,name:"prerequisite-check",kind:3,startTimeUnixNano:n.startNs,endTimeUnixNano:s,attributes:ht(d(S.OBS_NAME,"prerequisite-check"),d(S.OBS_TYPE,"EVENT"),d(S.OBS_LEVEL,"WARNING"),d(S.OBS_OUTPUT,T),d("skill.name",n.slashSkill||void 0),d("execution_status","prerequisite_required")),status:{code:1}}),l("Stop",`sid=${e}`,"prerequisite-check span injected",`skill=${n.slashSkill}`));let Mt=(()=>{if(!(!Dt||!n.prompt)){if(n.slashSkill){let E=n.prompt.replace(new RegExp(`^\\/${n.slashSkill}\\s*`,"i"),"").trim();return E?K(et(E),Y.USER_INSTRUCTION):void 0}return K(et(n.prompt),Y.USER_INSTRUCTION)||void 0}})(),ie=JSON.stringify({trace_type:ne,...Et!==null&&{execution_status:Et},...n.slashSkill?{skill_name:n.slashSkill}:{},...n.skillArtifacts?.length&&{skill_artifacts:n.skillArtifacts},...Mt!==void 0&&{user_instruction:Mt},latency_ms:se,...O&&{tokens_input:O},..._&&{tokens_output:_},cost_usd:oe,...n.model?{model:n.model}:{},toolCount:y,errorCount:w,stopReason:r,sessionId:n.sessionId,tools:ee.length?ee:void 0}),rt=et(K(n.prompt,Y.TRACE_INPUT)),cs=ht(d(S.TRACE_NAME,n.traceName),d(S.TRACE_INPUT,rt),d(S.TRACE_OUTPUT,T),d(S.OBS_INPUT,rt),d(S.OBS_OUTPUT,T),d(S.TRACE_METADATA,ie),d(S.SESSION_ID,n.sessionId),d(S.USER_ID,o.user),d(S.OBS_TYPE,"GENERATION"),d(S.MODEL,n.model),O?d(S.INPUT_TOKENS,O):null,_?d(S.OUTPUT_TOKENS,_):null,d("claude.stop_reason",r),d("claude.tool_count",String(y)),d("claude.error_count",String(w)),d("claude.session_id",n.sessionId),d("flow.trace_type",ne),{key:S.TRACE_TAGS,value:{arrayValue:{values:[{stringValue:ne}]}}}),us={traceId:n.traceId,spanId:n.spanId,name:n.traceName,kind:1,startTimeUnixNano:n.startNs,endTimeUnixNano:s,attributes:cs,status:{code:w>0?2:1}},ls=ht(d("service.name",process.env.LANGFUSE_PROJECT_NAME||"claude-code"),d("deployment.environment",process.env.LANGFUSE_ENVIRONMENT||"default")),yr=[...a,us];l("Stop",`sid=${e}`,`totalTools=${y}`,`errorTools=${w}`,`spans=${yr.length}`,`inputTokens=${O}`,`outputTokens=${_}`,`traceOutput="${ke(T,80)}"`);let ds=await Xn(Dn(ls,yr));l("Stop",`POST status=${ds}`,`traceId=${n.traceId}`),gt("TRACE_SENT",{latencyMs:se,totalTools:y,errorTools:w,inputTokens:O,outputTokens:_,costUsd:oe}),fr(e),B(t);}var is=f(()=>{"use strict";Xt();Zt();Sr();W();ss();gr();Ut();M();ve();Tr();k();Le();});async function oi(){let t=process.argv[2];if(t==="UserPromptSubmit"){let r=await lr(),n;try{n=await J();}catch{process.stdout.write(JSON.stringify(r));return}n.authError?await hr(r,true):n.length>0?await hr(r):process.stdout.write(JSON.stringify(r));return}if(!await rn()){let r=[];process.stdin.on("data",n=>r.push(n)),process.stdin.on("end",()=>process.stdout.write(r.join("")));return}let e=await lr();switch(t){case "PreToolUse":await Fn(e);break;case "PostToolUse":await ts(e);break;case "Stop":await os(e);break;default:process.stderr.write(`[flow-obs] unknown event: ${t}
192
+ `),process.stdout.write(JSON.stringify(e));}}var as=f(()=>{"use strict";W();Ut();$n();xn();es();is();oi().catch(t=>{process.stderr.write(`[flow-obs] fatal: ${t.message}
193
+ `),process.exit(0);});});var ai=new Set(["UserPromptSubmit","PreToolUse","PostToolUse","Stop"]),[,,x,te]=process.argv;function wt(t,e){let r=t.indexOf(e);return r!==-1?t[r+1]:void 0}if(x==="--version"||x==="-v"){let{version:t}=ae();process.stdout.write(t+`
194
+ `),process.exit(0);}else if(x==="--help"||x==="-h"){let{bold:t,cyan:e,dim:r}=(st(),R(Ie)),{version:n}=ae();process.stdout.write(`
191
195
  `+t(" flow-ai-obs")+r(" v"+n)+`
192
196
 
193
197
  `),process.stdout.write(e(" init")+r(` Auth (if needed) + hooks + native OTEL
@@ -207,13 +211,13 @@ ${r}`},{re:/\b(AKIA[0-9A-Z]{16})\b/g,replace:()=>`AKIA${C}`},{re:/(aws_secret_ac
207
211
 
208
212
  `)),process.stdout.write(r(` (Hook events: UserPromptSubmit | PreToolUse | PostToolUse | Stop)
209
213
 
210
- `)),process.exit(0);}else if(U==="init"||U==="install")(async()=>{U==="install"&&process.stderr.write(`Warning: "install" is deprecated, use "init" instead
211
- `),await(Et(),L(wt)).checkForUpdateInteractive();let{runInit:t}=(Xe(),L(sn)),e=process.argv.slice(3);process.exit(await t({url:dt(e,"--custom-url"),noInteractive:e.includes("--no-interactive")}));})().catch(t=>{process.stderr.write(`Unexpected error: ${t.message}
212
- `),process.exit(1);});else if(U==="setup")(async()=>{await(Et(),L(wt)).checkForUpdateInteractive();let{runSetup:t}=(an(),L(on)),e=process.argv.slice(3);process.exit(await t({clientId:dt(e,"--client-id"),clientSecret:dt(e,"--client-secret"),tenant:dt(e,"--tenant")}));})().catch(t=>{process.stderr.write(`Unexpected error: ${t.message}
213
- `),process.exit(1);});else if(U==="auth")(async()=>{let{runLogin:t,runLogout:e,runStatus:r}=(Yt(),L(Je)),n=0;if(Jt==="login"||!Jt){await(Et(),L(wt)).checkForUpdateInteractive();let s=process.argv.slice(4);n=await t({clientId:dt(s,"--client-id"),clientSecret:dt(s,"--client-secret"),tenant:dt(s,"--tenant")});}else if(Jt==="logout"){let s=process.argv.includes("--force");n=await e(s);}else Jt==="status"?(await(Et(),L(wt)).checkForUpdateInteractive(),n=await r()):(process.stderr.write(`Unknown auth subcommand: ${Jt}
214
+ `)),process.exit(0);}else if(x==="init"||x==="install")(async()=>{x==="install"&&process.stderr.write(`Warning: "install" is deprecated, use "init" instead
215
+ `),await(kt(),R(_t)).checkForUpdateInteractive();let{runInit:t}=(gn(),R(mn)),e=process.argv.slice(3);process.exit(await t({url:wt(e,"--custom-url"),noInteractive:e.includes("--no-interactive")}));})().catch(t=>{process.stderr.write(`Unexpected error: ${t.message}
216
+ `),process.exit(1);});else if(x==="setup")(async()=>{await(kt(),R(_t)).checkForUpdateInteractive();let{runSetup:t}=(Sn(),R(En)),e=process.argv.slice(3);process.exit(await t({clientId:wt(e,"--client-id"),clientSecret:wt(e,"--client-secret"),tenant:wt(e,"--tenant"),nonInteractive:e.includes("--non-interactive")}));})().catch(t=>{process.stderr.write(`Unexpected error: ${t.message}
217
+ `),process.exit(1);});else if(x==="auth")(async()=>{let{runLogin:t,runLogout:e,runStatus:r}=(Jt(),R(cr)),n=0;if(te==="login"||!te){await(kt(),R(_t)).checkForUpdateInteractive();let s=process.argv.slice(4);n=await t({clientId:wt(s,"--client-id"),clientSecret:wt(s,"--client-secret"),tenant:wt(s,"--tenant")});}else if(te==="logout"){let s=process.argv.includes("--force");n=await e(s);}else te==="status"?(await(kt(),R(_t)).checkForUpdateInteractive(),n=await r()):(process.stderr.write(`Unknown auth subcommand: ${te}
214
218
  `),process.stderr.write(`Usage: flow-ai-obs auth [login|logout|status]
215
- `),n=1);process.exit(n);})();else if(U==="otel-headers"){let{runOtelHeaders:t}=(ln(),L(cn));t().then(e=>process.exit(e)).catch(()=>process.exit(1));}else if(U==="check")(async()=>{await(Et(),L(wt)).checkForUpdateInteractive();let{runCheck:t}=(pn(),L(dn));process.exit(await t());})().catch(t=>{process.stderr.write(`Unexpected error: ${t.message}
216
- `),process.exit(1);});else if(qo.has(U))Jn();else {let{bold:t,cyan:e,dim:r}=(mt(),L(ye));process.stdout.write(`
219
+ `),n=1);process.exit(n);})();else if(x==="otel-headers"){let{runOtelHeaders:t}=(yn(),R(Tn));t().then(e=>process.exit(e)).catch(()=>process.exit(1));}else if(x==="check")(async()=>{await(kt(),R(_t)).checkForUpdateInteractive();let{runCheck:t}=(An(),R(kn));process.exit(await t());})().catch(t=>{process.stderr.write(`Unexpected error: ${t.message}
220
+ `),process.exit(1);});else if(ai.has(x))as();else {let{bold:t,cyan:e,dim:r}=(st(),R(Ie));process.stdout.write(`
217
221
  `+t(" flow-ai-obs")+`
218
222
 
219
223
  `),process.stdout.write(e(" init")+r(` Auth (if needed) + hooks + native OTEL
package/dist/index.js CHANGED
@@ -1,16 +1,16 @@
1
- 'use strict';var child_process=require('child_process'),util=require('util'),L=require('fs'),B=require('path'),st=require('os'),ir=require('https'),ar=require('http'),crypto=require('crypto');function _interopDefault(e){return e&&e.__esModule?e:{default:e}}function _interopNamespace(e){if(e&&e.__esModule)return e;var n=Object.create(null);if(e){Object.keys(e).forEach(function(k){if(k!=='default'){var d=Object.getOwnPropertyDescriptor(e,k);Object.defineProperty(n,k,d.get?d:{enumerable:true,get:function(){return e[k]}});}})}n.default=e;return Object.freeze(n)}var L__namespace=/*#__PURE__*/_interopNamespace(L);var B__namespace=/*#__PURE__*/_interopNamespace(B);var st__namespace=/*#__PURE__*/_interopNamespace(st);var ir__default=/*#__PURE__*/_interopDefault(ir);var ar__default=/*#__PURE__*/_interopDefault(ar);var xe=Object.defineProperty;var nt=(t=>typeof require<"u"?require:typeof Proxy<"u"?new Proxy(t,{get:(e,r)=>(typeof require<"u"?require:e)[r]}):t)(function(t){if(typeof require<"u")return require.apply(this,arguments);throw Error('Dynamic require of "'+t+'" is not supported')});var Et=(t,e,r)=>()=>{if(r)throw r[0];try{return t&&(e=t(t=0)),e}catch(n){throw r=[n],n}};var Tt=(t,e)=>{for(var r in e)xe(t,r,{get:e[r],enumerable:true});};var qt={};Tt(qt,{MacOsKeyVaultProvider:()=>kt});var wt,kt,zt=Et(()=>{"use strict";wt=util.promisify(child_process.execFile),kt=class{static async isAvailable(){try{return L.accessSync("/usr/bin/security",L.constants.X_OK),!0}catch{return !1}}async getSecret(e,r){try{let{stdout:n}=await wt("security",["find-generic-password","-w","-a",r,"-s",e]);return n.trim()||null}catch{return null}}async setSecret(e,r,n){await wt("security",["add-generic-password","-U","-a",r,"-s",e,"-w",n]);}async deleteSecret(e,r){try{return await wt("security",["delete-generic-password","-a",r,"-s",e]),!0}catch{return !1}}getStoragePath(){return "macOS Keychain"}};});var Zt={};Tt(Zt,{LinuxKeyVaultProvider:()=>It});var Xt,It,Qt=Et(()=>{"use strict";Xt=util.promisify(child_process.execFile),It=class{static async isAvailable(){let e=["/usr/bin/secret-tool","/bin/secret-tool","/usr/local/bin/secret-tool"];for(let r of e)try{return L.accessSync(r,L.constants.X_OK),!0}catch{}return !1}async getSecret(e,r){try{let{stdout:n}=await Xt("secret-tool",["lookup","service",e,"account",r]);return n.trim()||null}catch{return null}}async setSecret(e,r,n){await new Promise((o,s)=>{let i=child_process.spawn("secret-tool",["store","--label",e,"service",e,"account",r]);i.on("error",s),i.on("close",l=>{l===0?o():s(new Error(`secret-tool exited with code ${l}`));}),i.stdin.write(n),i.stdin.end();});}async deleteSecret(e,r){try{return await Xt("secret-tool",["clear","service",e,"account",r]),!0}catch{return !1}}getStoragePath(){return "Linux Secret Service (libsecret)"}};});var te={};Tt(te,{WindowsKeyVaultProvider:()=>Lt});var Lt,ee=Et(()=>{"use strict";Lt=class{static async isAvailable(){try{return await nt("keytar").getPassword("__flow_probe__","__flow_probe__"),!0}catch{return !1}}async getSecret(e,r){return nt("keytar").getPassword(e,r)}async setSecret(e,r,n){await nt("keytar").setPassword(e,r,n);}async deleteSecret(e,r){return nt("keytar").deletePassword(e,r)}getStoragePath(){return "Windows Credential Manager"}};});function Yt(){if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let e=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(e)return {home:e,username:process.env.SUDO_USER}}return {home:st__namespace.homedir(),username:process.env.SUDO_USER||process.env.USER||st__namespace.userInfo().username}}var Gt="flow-ai-obs",jt="config.json";function Me(){if(process.platform==="win32"){let r=process.env.APPDATA||B__namespace.join(st__namespace.homedir(),"AppData","Roaming");return B__namespace.join(r,Gt,jt)}let t=Yt(),e=process.env.XDG_CONFIG_HOME||B__namespace.join(t.home,".config");return B__namespace.join(e,Gt,jt)}function He(){try{let t=L__namespace.readFileSync(Me(),"utf8");return JSON.parse(t)}catch{return {}}}function Wt(){let{baseUrl:t}=He();return typeof t!="string"||t.trim()===""?null:t.trim().replace(/\/$/,"")}var Ye="https://flow.ciandt.com";function x(){return Wt()??process.env.FLOW_BASE_URL??Ye}function V(){let t=x();return {AUTH_ENGINE:process.env.FLOW_AUTH_ENGINE_URL||`${t}/auth-engine-api/v2/api-key/token`,GATEWAY_TRACES:process.env.FLOW_GATEWAY_TRACES_URL||`${t}/flow-langfuse-gateway/v1/traces`,GATEWAY_HEALTH:process.env.FLOW_GATEWAY_HEALTH_URL||`${t}/flow-langfuse-gateway/v1/health`,OTEL_ENDPOINT:process.env.FLOW_OTEL_ENDPOINT_URL||`${t}/otel`}}V();var it={SERVICE:"flow-plugins-cli",ACCOUNT_TOKEN:"token-cache"},at="FLOW-nodejs",ct="config.json",ht={SCOPE_NAME:"flow-ai-obs",SCOPE_VERSION:"0.1.0"};var S={FLOW_TELEMETRY:"FLOW_TELEMETRY",FLOW_TELEMETRY_GATEWAY:"FLOW_TELEMETRY_GATEWAY_URL",LANGFUSE_BASE_URL:"LANGFUSE_BASE_URL",LANGFUSE_PUBLIC_KEY:"LANGFUSE_PUBLIC_KEY",LANGFUSE_SECRET_KEY:"LANGFUSE_SECRET_KEY",ANTHROPIC_MODEL:"ANTHROPIC_MODEL",ANTHROPIC_AUTH_TOKEN:"ANTHROPIC_AUTH_TOKEN",FLOW_OBS_DEBUG:"FLOW_TELEMETRY_DEBUG",FLOW_OBS_ALLOW_HTTP:"FLOW_TELEMETRY_ALLOW_HTTP",BUFFER_TTL_DAYS:"FLOW_TELEMETRY_BUFFER_TTL_DAYS",BUFFER_MAX_FILES:"FLOW_TELEMETRY_BUFFER_MAX_FILES"};var y={FILE_PREFIX:"flow-obs-buffer-",DEFAULT_TTL_DAYS:4,MIN_TTL_DAYS:1,MAX_TTL_DAYS:30,DEFAULT_MAX_FILES:50,MIN_MAX_FILES:1,MAX_MAX_FILES:500,REPLAY_BATCH_SIZE:10},Jt="flow-ai-obs-debug.log",w={TOOL_INPUT:2e4,TOOL_OUTPUT:2e4,TRACE_OUTPUT:2e4,USER_INSTRUCTION:1e4,TRACE_INPUT:5e4};function At(){let t=x();return {API_URL:process.env.FLOW_METRICS_URL||`${t}/metrics-collector-api/log-event`,BOOSTER:"flow-ai-obs"}}var yt={credentials:"credentials","token-cache":"tokenCache"};function W(){let t=st__namespace.default.homedir();if(process.platform==="darwin")return B__namespace.default.join(t,"Library","Preferences",at,ct);if(process.platform==="win32"){let r=process.env.APPDATA??B__namespace.default.join(t,"AppData","Roaming");return B__namespace.default.join(r,at,ct)}let e=process.env.XDG_CONFIG_HOME??B__namespace.default.join(t,".config");return B__namespace.default.join(e,at,ct)}function Ot(){try{let t=L__namespace.default.readFileSync(W(),"utf8");return JSON.parse(t)}catch{return {}}}function Kt(t){let e=W();L__namespace.default.mkdirSync(B__namespace.default.dirname(e),{recursive:true}),L__namespace.default.writeFileSync(e,JSON.stringify(t,null,2),{encoding:"utf8",mode:384});}var ut=class{static isAvailable(){return true}static hasExistingData(){try{if(!L__namespace.default.existsSync(W()))return !1;let e=JSON.parse(L__namespace.default.readFileSync(W(),"utf8"));return !!(e&&e.credentials)}catch{return false}}async getSecret(e,r){let n=Ot(),o=yt[r]??r,s=n[o];return s?typeof s=="string"?s:JSON.stringify(s):null}async setSecret(e,r,n){let o=Ot(),s=yt[r]??r;if(r==="token-cache")try{o[s]=JSON.parse(n);}catch{o[s]=n;}else o[s]=n;Kt(o);}async deleteSecret(e,r){let n=Ot(),o=yt[r]??r;return o in n?(delete n[o],Kt(n),true):false}getStoragePath(){return `config.json (unencrypted) \u2014 ${W()}`}};async function re(){return await tr()??new ut}async function tr(){switch(process.platform){case "darwin":{let{MacOsKeyVaultProvider:t}=await Promise.resolve().then(()=>(zt(),qt));return await t.isAvailable()?new t:null}case "linux":{let{LinuxKeyVaultProvider:t}=await Promise.resolve().then(()=>(Qt(),Zt));return await t.isAvailable()?new t:null}case "win32":{let{WindowsKeyVaultProvider:t}=await Promise.resolve().then(()=>(ee(),te));return await t.isAvailable()?new t:null}default:return null}}var Nt=it.SERVICE,ne=it.ACCOUNT_TOKEN,Rt=null;function Pt(){return Rt||(Rt=re()),Rt}async function bt(t){await(await Pt()).setSecret(Nt,ne,JSON.stringify({accessToken:t.accessToken,expiresAt:t.expiresAt,lastAuthCheckAt:t.lastAuthCheckAt}));}async function Ut(){let e=await(await Pt()).getSecret(Nt,ne);if(!e)return null;try{let r=JSON.parse(e);return {accessToken:r.accessToken,expiresAt:r.expiresAt,lastAuthCheckAt:r.lastAuthCheckAt}}catch{return null}}async function K(){let t=await Ut();if(!t||!t.accessToken)return null;try{let e=t.accessToken.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return r.email??r.preferred_username??r.upn??r.sub??null}catch{return null}}var or=B.join(st.tmpdir(),Jt);function a(...t){if(process.env[S.FLOW_OBS_DEBUG]!=="1")return;let e=`[${new Date().toISOString()}] ${t.join(" ")}
2
- `;try{L.writeFileSync(or,e,{flag:"a"});}catch(r){process.stderr.write(`[flow-obs debug ERROR] ${r.message}
3
- `);}}var b=class extends Error{constructor(e){super(e),this.name="AuthError";}},cr=/^[a-z0-9][a-z0-9-]{0,62}[a-z0-9]$|^[a-z0-9]$/;function lr(t){if(!cr.test(t))throw new Error(`Invalid tenant value: "${t}". Tenant must be lowercase alphanumeric and hyphens (1-64 chars).`)}var se={INVALID_CLIENT_SECRET:"Invalid Client Secret \u2014 check the value and try again",INVALID_CLIENT_ID:"Invalid Client ID \u2014 check the value and try again",INVALID_TENANT:"Invalid Tenant \u2014 check the value and try again",TENANT_NOT_FOUND:"Tenant not found \u2014 verify the tenant identifier"};function ur(t,e){let r=e.length>400?e.slice(0,400)+"\u2026":e;a("toAuthError",`status=${t} body=${r}`);try{let n=JSON.parse(e);if(typeof n.error=="string"&&(a("toAuthError",`api_error_code=${n.error}`+(n.message?` api_message=${n.message}`:"")),se[n.error]))return new b(se[n.error])}catch{}return t===401||t===403||t===500?new b("Invalid credentials"):t>=400&&t<500?new b("Authentication request was rejected"):new Error("Authentication service unavailable, please try again later")}function q(t){return new Promise((e,r)=>{try{lr(t.tenant);}catch(p){return r(p)}let n=JSON.stringify({clientSecret:t.clientSecret}),o=new URL(V().AUTH_ENGINE),s=o.protocol==="https:",i={hostname:o.hostname,port:o.port||(s?443:80),path:o.pathname+o.search,method:"POST",headers:{"Content-Type":"application/json","Content-Length":Buffer.byteLength(n),FlowTenant:t.tenant}};a("getToken",`requesting token tenant=${t.tenant} host=${i.hostname} path=${i.path}`);let c=(s?ir__default.default:ar__default.default).request(i,p=>{let _=[];p.on("data",T=>_.push(T)),p.on("end",()=>{let T=_.join("");if((p.statusCode??0)>=400)return r(ur(p.statusCode??0,T));let m;try{m=JSON.parse(T);}catch{return r(new Error("Invalid response from auth engine"))}let g=m.expires_at??new Date(Date.now()+(m.expires_in??3600)*1e3).toISOString();e({accessToken:m.access_token??"",expiresAt:g});});});c.on("error",p=>r(new Error(`Network error: ${p.message}`))),c.write(n),c.end();})}var pr=[/^localhost\.?$/i,/^127\./,/^10\./,/^172\.(1[6-9]|2\d|3[01])\./,/^192\.168\./,/^169\.254\./,/^0\.0\.0\.0$/,/^::1$/,/^\[::1\]$/,/^\[::ffff:/i,/^\[f[cd]/i,/^\[fe80:/i,/^metadata\.google\.internal\.?$/i,/^metadata\.azure\.internal\.?$/i,/(?:^|\.)localtest\.me\.?$/i,/(?:^|\.)lvh\.me\.?$/i,/(?:^|\.)vcap\.me\.?$/i];function dr(t){return pr.some(e=>e.test(t))}function fr(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return r.email||r.preferred_username||r.upn||r.sub||null}catch{return null}}function ft(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8")),{clientId:n,clientSecret:o,tenant:s}=r;return !n||!o||!s?null:{clientId:n,clientSecret:o,tenant:s}}catch{return null}}function dt(t){let e;try{e=new URL(t);}catch{throw new Error(`Invalid URL: ${t}`)}let r=process.env[S.FLOW_OBS_ALLOW_HTTP]==="true";if(!r&&e.protocol!=="https:")throw new Error(`URL must use HTTPS: ${t}`);if(e.username||e.password)throw new Error(`URL must not contain embedded credentials: ${t}`);if(!r&&dr(e.hostname))throw new Error(`SSRF: private/loopback host not allowed: ${e.hostname}`);return t}async function oe(){let t=ft(process.env[S.ANTHROPIC_AUTH_TOKEN]);if(t)return {user:await K().catch(()=>null)??t.clientId,tenant:t.tenant};return {user:"",tenant:""}}function mr(){return new Date().toISOString().slice(0,10)}async function gr(t){let e=mr(),r=await Ut();if(r?.lastAuthCheckAt!==e){a("getOrRefreshToken",`daily auth check (last: ${r?.lastAuthCheckAt??"never"})`);try{let s=await q(t);try{await bt({...s,lastAuthCheckAt:e});}catch{}return a("getOrRefreshToken",`daily check passed, expires=${s.expiresAt}`),s.accessToken}catch(s){if(s instanceof b)throw s;a("getOrRefreshToken",`daily check network error \u2014 using cache: ${s.message}`);}}let n=r!=null&&new Date(r.expiresAt)>new Date;if(a("getOrRefreshToken",`cacheValid=${n}`),n)return a("getOrRefreshToken",`using cached token, expires=${r.expiresAt}`),r.accessToken;a("getOrRefreshToken",`token expired \u2014 refreshing via auth-engine (tenant=${t.tenant} clientId=${t.clientId})`);let o=await q(t);try{await bt({...o,lastAuthCheckAt:e});}catch(s){a("getOrRefreshToken",`token cache save failed (non-fatal): ${s.message}`);}return a("getOrRefreshToken",`token refreshed, expires=${o.expiresAt}`),o.accessToken}function Sr(t,e){let r=e&&e.accessToken?e.accessToken:"";return {endpoint:t.replace(/\/$/,"")+"/flow-langfuse-gateway/v1/traces",authHeader:`Bearer ${r}`}}function _r(t,e,r){let n=Buffer.from(`${e}:${r}`).toString("base64");return {endpoint:t.replace(/\/$/,"")+"/api/public/otel/v1/traces",authHeader:`Basic ${n}`}}async function U(){let t=[],e=process.env[S.ANTHROPIC_MODEL]??"",r=ft(process.env[S.ANTHROPIC_AUTH_TOKEN]);a("resolveCredentials",r?"credentials resolved from ANTHROPIC_AUTH_TOKEN":"ANTHROPIC_AUTH_TOKEN absent or invalid"),r&&a("resolveCredentials",`clientId=${r.clientId}`,`tenant=${r.tenant}`);let n=r?r.tenant:"",o=process.env[S.FLOW_TELEMETRY]==="true",s=process.env[S.LANGFUSE_BASE_URL],i=process.env[S.LANGFUSE_PUBLIC_KEY],l=process.env[S.LANGFUSE_SECRET_KEY];if(o&&s&&i&&l){let m="",g=n;if(r)m=await K().catch(()=>null)??r.clientId;let h={user:m??"",tenant:g??"",team:"",project:"",model:e};t.push({mode:"direct",..._r(dt(s),i,l),...h}),a("resolveCredentials","direct mode active",`user=${h.user}`,`tenant=${h.tenant}`);}if(!r){if(t.length===0){let m=[];return m.authError=false,m}return t}let c;try{c=await gr(r);}catch(m){if(a("resolveCredentials",`token refresh failed: ${m.message}`,`(tenant=${r.tenant} clientId=${r.clientId})`),t.length>0)return t.authError=true,t;let g=[];return g.authError=true,g}let _={user:fr(c)??r.clientId,tenant:n,team:"",project:"",model:e},T=process.env[S.FLOW_TELEMETRY_GATEWAY]??x();return t.push({mode:"gateway",...Sr(dt(T),{accessToken:c}),..._}),t}async function ie(){return (await U()).length>0}function k(t,e){let r=typeof t=="object"?JSON.stringify(t):String(t??"");return r.length>e?r.slice(0,e)+" \u2026[truncated]":r}function mt(t,e=100){return String(t??"").split(`
4
- `)[0].slice(0,e).trim()}function Ct(){return new Promise(t=>{let e="";process.stdin.setEncoding("utf8"),process.stdin.on("data",r=>{e+=r;}),process.stdin.on("end",()=>{try{t(JSON.parse(e));}catch{t({});}});})}function O(t){process.stdout.write(JSON.stringify(t));}var vt=()=>crypto.randomBytes(16).toString("hex"),C=()=>crypto.randomBytes(8).toString("hex");function I(){return String(BigInt(Date.now())*1000000n)}var Ir=/^[0-9a-f-]{1,64}$/i,Lr=B.normalize(st.tmpdir())+B.sep;function Rr(t,e){let r=B.resolve(t);if(!r.startsWith(e))throw new Error(`Path traversal detected: ${t}`);return r}function Ft(t){if(!Ir.test(t))throw new Error(`Invalid session ID: ${t}`);return Rr(B.join(st.tmpdir(),`flow-obs-${t}.json`),Lr)}function M(t){let e=Ft(t);if(!L.existsSync(e))return null;try{return JSON.parse(L.readFileSync(e,"utf8"))}catch{return null}}function H(t,e){L.writeFileSync(Ft(t),JSON.stringify(e),{encoding:"utf8",mode:384});}function $t(t){try{L.unlinkSync(Ft(t));}catch{}}function pe(t){if(!t||!L.existsSync(t))return null;try{let e=L.readFileSync(t,"utf8").trimEnd().split(`
5
- `);for(let r=e.length-1;r>=0;r--)try{let n=JSON.parse(e[r]);if(n.type==="user"&&n.uuid)return n.uuid}catch{}}catch{}return null}function Dt(t){if(!t||!L.existsSync(t))return null;try{let e=L.readFileSync(t,"utf8").trimEnd().split(`
6
- `),r=[],n=0,o=0;for(let s=e.length-1;s>=0;s--)try{let i=JSON.parse(e[s]);if(i.type==="user")break;if(i.type==="assistant"){let c=(i.message?.content??[]).filter(_=>_.type==="text").map(_=>_.text??"").join("");c&&r.unshift(c);let p=i.message?.usage??{};n+=(p.input_tokens??0)+(p.cache_read_input_tokens??0)+(p.cache_creation_input_tokens??0),o+=p.output_tokens??0;}}catch{}return !r.length&&n===0?null:{text:r.join(`
1
+ 'use strict';var child_process=require('child_process'),util=require('util'),L=require('fs'),M=require('path'),ot=require('os'),ur=require('https'),pr=require('http'),crypto=require('crypto');function _interopDefault(e){return e&&e.__esModule?e:{default:e}}function _interopNamespace(e){if(e&&e.__esModule)return e;var n=Object.create(null);if(e){Object.keys(e).forEach(function(k){if(k!=='default'){var d=Object.getOwnPropertyDescriptor(e,k);Object.defineProperty(n,k,d.get?d:{enumerable:true,get:function(){return e[k]}});}})}n.default=e;return Object.freeze(n)}var L__namespace=/*#__PURE__*/_interopNamespace(L);var M__namespace=/*#__PURE__*/_interopNamespace(M);var ot__namespace=/*#__PURE__*/_interopNamespace(ot);var ur__default=/*#__PURE__*/_interopDefault(ur);var pr__default=/*#__PURE__*/_interopDefault(pr);var Be=Object.defineProperty;var st=(t=>typeof require<"u"?require:typeof Proxy<"u"?new Proxy(t,{get:(e,r)=>(typeof require<"u"?require:e)[r]}):t)(function(t){if(typeof require<"u")return require.apply(this,arguments);throw Error('Dynamic require of "'+t+'" is not supported')});var Tt=(t,e,r)=>()=>{if(r)throw r[0];try{return t&&(e=t(t=0)),e}catch(n){throw r=[n],n}};var ht=(t,e)=>{for(var r in e)Be(t,r,{get:e[r],enumerable:true});};var zt={};ht(zt,{MacOsKeyVaultProvider:()=>It});var kt,It,Xt=Tt(()=>{"use strict";kt=util.promisify(child_process.execFile),It=class{static async isAvailable(){try{return L.accessSync("/usr/bin/security",L.constants.X_OK),!0}catch{return !1}}async getSecret(e,r){try{let{stdout:n}=await kt("security",["find-generic-password","-w","-a",r,"-s",e]);return n.trim()||null}catch{return null}}async setSecret(e,r,n){await kt("security",["add-generic-password","-U","-a",r,"-s",e,"-w",n]);}async deleteSecret(e,r){try{return await kt("security",["delete-generic-password","-a",r,"-s",e]),!0}catch{return !1}}getStoragePath(){return "macOS Keychain"}};});var Qt={};ht(Qt,{LinuxKeyVaultProvider:()=>Lt});var Zt,Lt,te=Tt(()=>{"use strict";Zt=util.promisify(child_process.execFile),Lt=class{static async isAvailable(){let e=["/usr/bin/secret-tool","/bin/secret-tool","/usr/local/bin/secret-tool"];for(let r of e)try{return L.accessSync(r,L.constants.X_OK),!0}catch{}return !1}async getSecret(e,r){try{let{stdout:n}=await Zt("secret-tool",["lookup","service",e,"account",r]);return n.trim()||null}catch{return null}}async setSecret(e,r,n){await new Promise((o,s)=>{let i=child_process.spawn("secret-tool",["store","--label",e,"service",e,"account",r]);i.on("error",s),i.on("close",l=>{l===0?o():s(new Error(`secret-tool exited with code ${l}`));}),i.stdin.write(n),i.stdin.end();});}async deleteSecret(e,r){try{return await Zt("secret-tool",["clear","service",e,"account",r]),!0}catch{return !1}}getStoragePath(){return "Linux Secret Service (libsecret)"}};});var ee={};ht(ee,{WindowsKeyVaultProvider:()=>Rt});var Rt,re=Tt(()=>{"use strict";Rt=class{static async isAvailable(){try{return await st("keytar").getPassword("__flow_probe__","__flow_probe__"),!0}catch{return !1}}async getSecret(e,r){return st("keytar").getPassword(e,r)}async setSecret(e,r,n){await st("keytar").setPassword(e,r,n);}async deleteSecret(e,r){return st("keytar").deletePassword(e,r)}getStoragePath(){return "Windows Credential Manager"}};});!process.env.NO_COLOR&&process.stdout.isTTY;function jt(){if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let e=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(e)return {home:e,username:process.env.SUDO_USER}}return {home:ot__namespace.homedir(),username:process.env.SUDO_USER||process.env.USER||ot__namespace.userInfo().username}}var Gt="flow-ai-obs",Vt="config.json";function Ge(){if(process.platform==="win32"){let r=process.env.APPDATA||M__namespace.join(ot__namespace.homedir(),"AppData","Roaming");return M__namespace.join(r,Gt,Vt)}let t=jt(),e=process.env.XDG_CONFIG_HOME||M__namespace.join(t.home,".config");return M__namespace.join(e,Gt,Vt)}function Ve(){try{let t=L__namespace.readFileSync(Ge(),"utf8");return JSON.parse(t)}catch{return {}}}function Jt(){let{baseUrl:t}=Ve();return typeof t!="string"||t.trim()===""?null:t.trim().replace(/\/$/,"")}var We="https://flow.ciandt.com";function B(){return Jt()??process.env.FLOW_BASE_URL??We}function W(){let t=B();return {AUTH_ENGINE:process.env.FLOW_AUTH_ENGINE_URL||`${t}/auth-engine-api/v2/api-key/token`,GATEWAY_TRACES:process.env.FLOW_GATEWAY_TRACES_URL||`${t}/flow-langfuse-gateway/v1/traces`,GATEWAY_HEALTH:process.env.FLOW_GATEWAY_HEALTH_URL||`${t}/flow-langfuse-gateway/v1/health`,OTEL_ENDPOINT:process.env.FLOW_OTEL_ENDPOINT_URL||`${t}/otel`}}W();var at={SERVICE:"flow-plugins-cli",ACCOUNT_TOKEN:"token-cache"},ct="FLOW-nodejs",lt="config.json",At={SCOPE_NAME:"flow-ai-obs",SCOPE_VERSION:"0.1.0"};var S={FLOW_TELEMETRY:"FLOW_TELEMETRY",FLOW_TELEMETRY_GATEWAY:"FLOW_TELEMETRY_GATEWAY_URL",LANGFUSE_BASE_URL:"LANGFUSE_BASE_URL",LANGFUSE_PUBLIC_KEY:"LANGFUSE_PUBLIC_KEY",LANGFUSE_SECRET_KEY:"LANGFUSE_SECRET_KEY",ANTHROPIC_MODEL:"ANTHROPIC_MODEL",ANTHROPIC_AUTH_TOKEN:"ANTHROPIC_AUTH_TOKEN",FLOW_OBS_DEBUG:"FLOW_TELEMETRY_DEBUG",FLOW_OBS_ALLOW_HTTP:"FLOW_TELEMETRY_ALLOW_HTTP",BUFFER_TTL_DAYS:"FLOW_TELEMETRY_BUFFER_TTL_DAYS",BUFFER_MAX_FILES:"FLOW_TELEMETRY_BUFFER_MAX_FILES"};var y={FILE_PREFIX:"flow-obs-buffer-",DEFAULT_TTL_DAYS:4,MIN_TTL_DAYS:1,MAX_TTL_DAYS:30,DEFAULT_MAX_FILES:50,MIN_MAX_FILES:1,MAX_MAX_FILES:500,REPLAY_BATCH_SIZE:10},Kt="flow-ai-obs-debug.log",w={TOOL_INPUT:2e4,TOOL_OUTPUT:2e4,TRACE_OUTPUT:2e4,USER_INSTRUCTION:1e4,TRACE_INPUT:5e4};function yt(){let t=B();return {API_URL:process.env.FLOW_METRICS_URL||`${t}/metrics-collector-api/log-event`,BOOSTER:"flow-ai-obs"}}var Ot={credentials:"credentials","token-cache":"tokenCache"};function J(){let t=ot__namespace.default.homedir();if(process.platform==="darwin")return M__namespace.default.join(t,"Library","Preferences",ct,lt);if(process.platform==="win32"){let r=process.env.APPDATA??M__namespace.default.join(t,"AppData","Roaming");return M__namespace.default.join(r,ct,lt)}let e=process.env.XDG_CONFIG_HOME??M__namespace.default.join(t,".config");return M__namespace.default.join(e,ct,lt)}function wt(){try{let t=L__namespace.default.readFileSync(J(),"utf8");return JSON.parse(t)}catch{return {}}}function qt(t){let e=J();L__namespace.default.mkdirSync(M__namespace.default.dirname(e),{recursive:true}),L__namespace.default.writeFileSync(e,JSON.stringify(t,null,2),{encoding:"utf8",mode:384});}var pt=class{static isAvailable(){return true}static hasExistingData(){try{if(!L__namespace.default.existsSync(J()))return !1;let e=JSON.parse(L__namespace.default.readFileSync(J(),"utf8"));return !!(e&&e.credentials)}catch{return false}}async getSecret(e,r){let n=wt(),o=Ot[r]??r,s=n[o];return s?typeof s=="string"?s:JSON.stringify(s):null}async setSecret(e,r,n){let o=wt(),s=Ot[r]??r;if(r==="token-cache")try{o[s]=JSON.parse(n);}catch{o[s]=n;}else o[s]=n;qt(o);}async deleteSecret(e,r){let n=wt(),o=Ot[r]??r;return o in n?(delete n[o],qt(n),true):false}getStoragePath(){return `config.json (unencrypted) \u2014 ${J()}`}};async function ne(){return await sr()??new pt}async function sr(){switch(process.platform){case "darwin":{let{MacOsKeyVaultProvider:t}=await Promise.resolve().then(()=>(Xt(),zt));return await t.isAvailable()?new t:null}case "linux":{let{LinuxKeyVaultProvider:t}=await Promise.resolve().then(()=>(te(),Qt));return await t.isAvailable()?new t:null}case "win32":{let{WindowsKeyVaultProvider:t}=await Promise.resolve().then(()=>(re(),ee));return await t.isAvailable()?new t:null}default:return null}}var Pt=at.SERVICE,se=at.ACCOUNT_TOKEN,Nt=null;function bt(){return Nt||(Nt=ne()),Nt}async function Ut(t){await(await bt()).setSecret(Pt,se,JSON.stringify({accessToken:t.accessToken,expiresAt:t.expiresAt,lastAuthCheckAt:t.lastAuthCheckAt}));}async function Ct(){let e=await(await bt()).getSecret(Pt,se);if(!e)return null;try{let r=JSON.parse(e);return {accessToken:r.accessToken,expiresAt:r.expiresAt,lastAuthCheckAt:r.lastAuthCheckAt}}catch{return null}}async function q(){let t=await Ct();if(!t||!t.accessToken)return null;try{let e=t.accessToken.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return r.email??r.preferred_username??r.upn??r.sub??null}catch{return null}}var lr=M.join(ot.tmpdir(),Kt);function a(...t){if(process.env[S.FLOW_OBS_DEBUG]!=="1")return;let e=`[${new Date().toISOString()}] ${t.join(" ")}
2
+ `;try{L.writeFileSync(lr,e,{flag:"a"});}catch(r){process.stderr.write(`[flow-obs debug ERROR] ${r.message}
3
+ `);}}var b=class extends Error{constructor(e){super(e),this.name="AuthError";}},dr=/^[a-z0-9][a-z0-9-]{0,62}[a-z0-9]$|^[a-z0-9]$/;function fr(t){if(!dr.test(t))throw new Error(`Invalid tenant value: "${t}". Tenant must be lowercase alphanumeric and hyphens (1-64 chars).`)}var oe={INVALID_CLIENT_SECRET:"Invalid Client Secret \u2014 check the value and try again",INVALID_CLIENT_ID:"Invalid Client ID \u2014 check the value and try again",INVALID_TENANT:"Invalid Tenant \u2014 check the value and try again",TENANT_NOT_FOUND:"Tenant not found \u2014 verify the tenant identifier"};function mr(t,e){let r=e.length>400?e.slice(0,400)+"\u2026":e;a("toAuthError",`status=${t} body=${r}`);try{let n=JSON.parse(e);if(typeof n.error=="string"&&(a("toAuthError",`api_error_code=${n.error}`+(n.message?` api_message=${n.message}`:"")),oe[n.error]))return new b(oe[n.error])}catch{}return t===401||t===403||t===500?new b("Invalid credentials"):t>=400&&t<500?new b("Authentication request was rejected"):new Error("Authentication service unavailable, please try again later")}function z(t){return new Promise((e,r)=>{try{fr(t.tenant);}catch(p){return r(p)}let n=JSON.stringify({clientSecret:t.clientSecret}),o=new URL(W().AUTH_ENGINE),s=o.protocol==="https:",i={hostname:o.hostname,port:o.port||(s?443:80),path:o.pathname+o.search,method:"POST",headers:{"Content-Type":"application/json","Content-Length":Buffer.byteLength(n),FlowTenant:t.tenant}};a("getToken",`requesting token tenant=${t.tenant} host=${i.hostname} path=${i.path}`);let c=(s?ur__default.default:pr__default.default).request(i,p=>{let E=[];p.on("data",T=>E.push(T)),p.on("end",()=>{let T=E.join("");if((p.statusCode??0)>=400)return r(mr(p.statusCode??0,T));let m;try{m=JSON.parse(T);}catch{return r(new Error("Invalid response from auth engine"))}let g=m.expires_at??new Date(Date.now()+(m.expires_in??3600)*1e3).toISOString();e({accessToken:m.access_token??"",expiresAt:g});});});c.on("error",p=>r(new Error(`Network error: ${p.message}`))),c.write(n),c.end();})}var gr=[/^localhost\.?$/i,/^127\./,/^10\./,/^172\.(1[6-9]|2\d|3[01])\./,/^192\.168\./,/^169\.254\./,/^0\.0\.0\.0$/,/^::1$/,/^\[::1\]$/,/^\[::ffff:/i,/^\[f[cd]/i,/^\[fe80:/i,/^metadata\.google\.internal\.?$/i,/^metadata\.azure\.internal\.?$/i,/(?:^|\.)localtest\.me\.?$/i,/(?:^|\.)lvh\.me\.?$/i,/(?:^|\.)vcap\.me\.?$/i];function Sr(t){return gr.some(e=>e.test(t))}function Er(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return r.email||r.preferred_username||r.upn||r.sub||null}catch{return null}}function mt(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8")),{clientId:n,clientSecret:o,tenant:s}=r;return !n||!o||!s?null:{clientId:n,clientSecret:o,tenant:s}}catch{return null}}function ft(t){let e;try{e=new URL(t);}catch{throw new Error(`Invalid URL: ${t}`)}let r=process.env[S.FLOW_OBS_ALLOW_HTTP]==="true";if(!r&&e.protocol!=="https:")throw new Error(`URL must use HTTPS: ${t}`);if(e.username||e.password)throw new Error(`URL must not contain embedded credentials: ${t}`);if(!r&&Sr(e.hostname))throw new Error(`SSRF: private/loopback host not allowed: ${e.hostname}`);return t}async function ie(){let t=mt(process.env[S.ANTHROPIC_AUTH_TOKEN]);if(t)return {user:await q().catch(()=>null)??t.clientId,tenant:t.tenant};return {user:"",tenant:""}}function _r(){return new Date().toISOString().slice(0,10)}async function Tr(t){let e=_r(),r=await Ct();if(r?.lastAuthCheckAt!==e){a("getOrRefreshToken",`daily auth check (last: ${r?.lastAuthCheckAt??"never"})`);try{let s=await z(t);try{await Ut({...s,lastAuthCheckAt:e});}catch{}return a("getOrRefreshToken",`daily check passed, expires=${s.expiresAt}`),s.accessToken}catch(s){if(s instanceof b)throw s;a("getOrRefreshToken",`daily check network error \u2014 using cache: ${s.message}`);}}let n=r!=null&&new Date(r.expiresAt)>new Date;if(a("getOrRefreshToken",`cacheValid=${n}`),n)return a("getOrRefreshToken",`using cached token, expires=${r.expiresAt}`),r.accessToken;a("getOrRefreshToken",`token expired \u2014 refreshing via auth-engine (tenant=${t.tenant} clientId=${t.clientId})`);let o=await z(t);try{await Ut({...o,lastAuthCheckAt:e});}catch(s){a("getOrRefreshToken",`token cache save failed (non-fatal): ${s.message}`);}return a("getOrRefreshToken",`token refreshed, expires=${o.expiresAt}`),o.accessToken}function hr(t,e){let r=e&&e.accessToken?e.accessToken:"";return {endpoint:t.replace(/\/$/,"")+"/flow-langfuse-gateway/v1/traces",authHeader:`Bearer ${r}`}}function Ar(t,e,r){let n=Buffer.from(`${e}:${r}`).toString("base64");return {endpoint:t.replace(/\/$/,"")+"/api/public/otel/v1/traces",authHeader:`Basic ${n}`}}async function U(){let t=[],e=process.env[S.ANTHROPIC_MODEL]??"",r=mt(process.env[S.ANTHROPIC_AUTH_TOKEN]);a("resolveCredentials",r?"credentials resolved from ANTHROPIC_AUTH_TOKEN":"ANTHROPIC_AUTH_TOKEN absent or invalid"),r&&a("resolveCredentials",`clientId=${r.clientId}`,`tenant=${r.tenant}`);let n=r?r.tenant:"",o=process.env[S.FLOW_TELEMETRY]==="true",s=process.env[S.LANGFUSE_BASE_URL],i=process.env[S.LANGFUSE_PUBLIC_KEY],l=process.env[S.LANGFUSE_SECRET_KEY];if(o&&s&&i&&l){let m="",g=n;if(r)m=await q().catch(()=>null)??r.clientId;let h={user:m??"",tenant:g??"",team:"",project:"",model:e};t.push({mode:"direct",...Ar(ft(s),i,l),...h}),a("resolveCredentials","direct mode active",`user=${h.user}`,`tenant=${h.tenant}`);}if(!r){if(t.length===0){let m=[];return m.authError=false,m}return t}let c;try{c=await Tr(r);}catch(m){if(a("resolveCredentials",`token refresh failed: ${m.message}`,`(tenant=${r.tenant} clientId=${r.clientId})`),t.length>0)return t.authError=true,t;let g=[];return g.authError=true,g}let E={user:Er(c)??r.clientId,tenant:n,team:"",project:"",model:e},T=process.env[S.FLOW_TELEMETRY_GATEWAY]??B();return t.push({mode:"gateway",...hr(ft(T),{accessToken:c}),...E}),t}async function ae(){return (await U()).length>0}function k(t,e){let r=typeof t=="object"?JSON.stringify(t):String(t??"");return r.length>e?r.slice(0,e)+" \u2026[truncated]":r}function gt(t,e=100){return String(t??"").split(`
4
+ `)[0].slice(0,e).trim()}function vt(){return new Promise(t=>{let e="";process.stdin.setEncoding("utf8"),process.stdin.on("data",r=>{e+=r;}),process.stdin.on("end",()=>{try{t(JSON.parse(e));}catch{t({});}});})}function O(t){process.stdout.write(JSON.stringify(t));}var $t=()=>crypto.randomBytes(16).toString("hex"),C=()=>crypto.randomBytes(8).toString("hex");function I(){return String(BigInt(Date.now())*1000000n)}var Pr=/^[0-9a-f-]{1,64}$/i,br=M.normalize(ot.tmpdir())+M.sep;function Ur(t,e){let r=M.resolve(t);if(!r.startsWith(e))throw new Error(`Path traversal detected: ${t}`);return r}function Ft(t){if(!Pr.test(t))throw new Error(`Invalid session ID: ${t}`);return Ur(M.join(ot.tmpdir(),`flow-obs-${t}.json`),br)}function H(t){let e=Ft(t);if(!L.existsSync(e))return null;try{return JSON.parse(L.readFileSync(e,"utf8"))}catch{return null}}function Y(t,e){L.writeFileSync(Ft(t),JSON.stringify(e),{encoding:"utf8",mode:384});}function Dt(t){try{L.unlinkSync(Ft(t));}catch{}}function de(t){if(!t||!L.existsSync(t))return null;try{let e=L.readFileSync(t,"utf8").trimEnd().split(`
5
+ `);for(let r=e.length-1;r>=0;r--)try{let n=JSON.parse(e[r]);if(n.type==="user"&&n.uuid)return n.uuid}catch{}}catch{}return null}function xt(t){if(!t||!L.existsSync(t))return null;try{let e=L.readFileSync(t,"utf8").trimEnd().split(`
6
+ `),r=[],n=0,o=0;for(let s=e.length-1;s>=0;s--)try{let i=JSON.parse(e[s]);if(i.type==="user")break;if(i.type==="assistant"){let c=(i.message?.content??[]).filter(E=>E.type==="text").map(E=>E.text??"").join("");c&&r.unshift(c);let p=i.message?.usage??{};n+=(p.input_tokens??0)+(p.cache_read_input_tokens??0)+(p.cache_creation_input_tokens??0),o+=p.output_tokens??0;}}catch{}return !r.length&&n===0?null:{text:r.join(`
7
7
 
8
- `),inputTokens:n,outputTokens:o}}catch{}return null}var Ur=new Set([".venv","__pycache__",".git","node_modules"]),Cr=new Set([".pyc",".pyo"]),vr=new Set(["SKILL.md",".DS_Store",".gitignore"]);function me(t){return t.replace(":","/")}function gt(t,e){if(!t)return null;let r=me(t),n=[B.join(st.homedir(),".claude","skills",r,"SKILL.md"),B.join(e??"",".claude","skills",r,"SKILL.md")];for(let o of n)if(L.existsSync(o))try{return L.readFileSync(o,"utf8")}catch{}return null}function ge(t){return t.split(`
9
- `)[0].match(/^\/([a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?)(?:\s.*)?$/i)?.[1]??null}var Fr=new Set(["Read","Write","Edit","MultiEdit","Bash","Glob","Grep","TodoWrite","WebFetch","WebSearch","Agent","Task"]);function Se(t){return !!t.slashSkill||t.toolCalls.some(n=>n.tool==="Skill")?t.toolCalls.some(n=>n.tool==="Skill"&&!n.synthetic||Fr.has(n.tool))?"complete":"prerequisite_required":null}function St(t,e){if(!t)return null;let r=me(t),n=[B.join(st.homedir(),".claude","skills",r),B.join(e??"",".claude","skills",r)],o=null;for(let l of n)if(L.existsSync(B.join(l,"SKILL.md"))){o=l;break}if(!o)return null;let s=[];function i(l,c){for(let p of L.readdirSync(l,{withFileTypes:true})){if(Ur.has(p.name)||vr.has(p.name)||Cr.has(B.extname(p.name)))continue;let _=c?`${c}/${p.name}`:p.name;p.isDirectory()?i(B.join(l,p.name),_):s.push(_);}}return i(o,""),s.length>0?s:null}function xr(t){try{let e=t.split(".")[1].replace(/-/g,"+").replace(/_/g,"/");return JSON.parse(Buffer.from(e,"base64").toString())}catch{return null}}function Br(t,e,r,n){return new Promise(o=>{let s=new URL(t),i=s.protocol==="https:",l=(i?ir__default.default:ar__default.default).request({hostname:s.hostname,port:s.port||(i?443:80),path:s.pathname+s.search,method:"POST",headers:{"Content-Type":"application/json","Content-Length":Buffer.byteLength(e),Authorization:`Bearer ${String(r).replace(/[\r\n]/g,"")}`,FlowTenant:String(n).replace(/[\r\n]/g,"")}},c=>{c.resume(),o(c.statusCode??0);});l.on("error",()=>o(0)),l.setTimeout(5e3,()=>{l.destroy(),o(0);}),l.write(e),l.end();})}async function v(t,e={}){try{let r=ft(process.env[S.ANTHROPIC_AUTH_TOKEN]);if(!r)return;let n,o=new Promise((T,m)=>{n=setTimeout(()=>m(new Error("getToken timeout")),4e3),n.unref();}),{accessToken:s}=await Promise.race([q(r),o]);clearTimeout(n);let i=xr(s);if(!i)return;let l=i.tenant||r.tenant,c=JSON.stringify({action:t,booster:At().BOOSTER,metadata:e,success:!0,tenant:l,timestamp:new Date().toISOString(),os:process.platform,user:{email:i.email||"",id:i.sub||"",name:i.name||i.email||""}}),p=dt(At().API_URL),_=await Br(p,c,s,l);a("metrics.logEvent",`action=${t} status=${_}`);}catch(r){a("metrics.logEvent",`silenced error: ${r.message}`);}}var Mr=`\u26D4 Your Flow API key has expired. You no longer have access to Claude Code through the Flow platform. To restore observability and access, visit ${x()}/settings/api-keys to generate a new API key, then run: flow-ai-obs auth login`;async function xt(t,e=false){if(e){process.stdout.write(JSON.stringify({decision:"block",reason:Mr})+`
10
- `);return}let n=!!(await U()).authError,o=t.session_id||"unknown",s=t.prompt||"",i=t.cwd||"",l=pe(t.transcript_path)||vt(),c=ge(s),p=c?gt(c,i):null,_=c?St(c,i):null;H(o,{traceId:vt(),spanId:C(),startNs:I(),sessionId:o,prompt:s,cwd:i,traceName:l,transcriptPath:t.transcript_path||"",model:process.env[S.ANTHROPIC_MODEL]||"",toolCalls:[],spans:[],pendingTool:null,slashSkill:c,skillContent:p,skillArtifacts:_}),v("SESSION_STARTED",{traceType:c?"skill":"prompt",slashSkill:c,clientIdExpired:n}),a("UserPromptSubmit",`sid=${o}`,`traceName=${l}`,`slashSkill=${c}`),O(t);}async function _e(t){let e=t.session_id||"unknown",r=t.tool_name||"unknown",n=t.tool_input||{},o=M(e);o&&(o.pendingTool={name:r,inputStr:k(n,w.TOOL_INPUT),startNs:I()},H(e,o)),a("PreToolUse",`sid=${e}`,`tool=${r}`,`stateFound=${!!o}`),O(t);}var Hr={name:ht.SCOPE_NAME,version:ht.SCOPE_VERSION},f={TRACE_NAME:"langfuse.trace.name",TRACE_INPUT:"langfuse.trace.input",TRACE_OUTPUT:"langfuse.trace.output",TRACE_METADATA:"langfuse.trace.metadata",TRACE_TAGS:"langfuse.trace.tags",USER_ID:"langfuse.user.id",SESSION_ID:"langfuse.session.id",OBS_NAME:"langfuse.observation.name",OBS_INPUT:"langfuse.observation.input",OBS_OUTPUT:"langfuse.observation.output",OBS_LEVEL:"langfuse.observation.level",OBS_TYPE:"langfuse.observation.type",MODEL:"gen_ai.request.model",INPUT_TOKENS:"gen_ai.usage.input_tokens",OUTPUT_TOKENS:"gen_ai.usage.output_tokens"};function u(t,e){return e==null||e===""?null:{key:t,value:{stringValue:String(e)}}}function F(...t){return t.filter(e=>e!==null)}function Ee(t,e){return {resourceSpans:[{resource:{attributes:t},scopeSpans:[{scope:Hr,spans:Array.isArray(e)?e:[e]}]}]}}var Te=B.join(st.tmpdir(),"flow-obs-requests.ndjson");function he(t,e,r,n,o){if(process.env[S.FLOW_OBS_DEBUG]!=="1")return;let s=JSON.stringify({ts:new Date().toISOString(),request:{method:"POST",url:t,headers:e,body:JSON.parse(r)},response:{status:n,body:o}});try{L.writeFileSync(Te,s+`
11
- `,{flag:"a",encoding:"utf8",mode:384}),a("sendTraces:dump",`request appendada em ${Te}`);}catch(i){a("sendTraces:dump",`falha ao salvar: ${i.message}`);}}function Jr(t){let e=new URL(t),r=new URL(V().GATEWAY_HEALTH);return r.hostname=e.hostname,r.port=e.port,r.protocol=e.protocol,r}function Ae(t,e){return new Promise((r,n)=>{let o=t._isSSL?ir__default.default:ar__default.default;t.headers=Object.assign({},t.headers,{Connection:"close"});let s=o.request(t,i=>{let l=[];i.on("data",c=>l.push(c)),i.on("end",()=>r({statusCode:i.statusCode??0,body:l.join("")}));});s.setTimeout(1e4,()=>{s.destroy(new Error("Request timeout"));}),s.on("error",i=>n(new Error(`Network error: ${i.message}`))),e&&s.write(e),s.end();})}async function ye(t,e){let r;try{r=Jr(t);}catch{return false}let n=r.protocol==="https:";try{let o={};e&&(o.Authorization=String(e).replace(/[\r\n]/g,""));let s=await Ae({hostname:r.hostname,port:r.port||(n?443:80),path:r.pathname,method:"GET",headers:o,_isSSL:n},null);return a("checkHealth",`url=${r.href} status=${s.statusCode}`),s.statusCode>=200&&s.statusCode<300}catch{return false}}async function _t(t,e,r){let n=JSON.stringify(t),o=new URL(e),s=o.protocol==="https:",i=String(r).replace(/[\r\n]/g,""),l={"Content-Type":"application/json",Authorization:i,"Content-Length":Buffer.byteLength(n)};a("sendTraces:request",`POST ${e}`),a("sendTraces:request",`headers=${JSON.stringify({...l,Authorization:i.slice(0,20)+"\u2026"})}`),a("sendTraces:request",`body=${n.slice(0,500)}${n.length>500?"\u2026":""}`);try{let c=await Ae({hostname:o.hostname,port:o.port||(s?443:80),path:o.pathname,method:"POST",headers:l,_isSSL:s},n);return a("sendTraces:response",`status=${c.statusCode}`),he(e,l,n,c.statusCode,c.body),c.statusCode}catch(c){return a("sendTraces:error",c.message),he(e,l,n,0,c.message),0}}function Kr(){let t=parseInt(process.env[S.BUFFER_TTL_DAYS]??"",10);return (Number.isFinite(t)?Math.max(y.MIN_TTL_DAYS,Math.min(y.MAX_TTL_DAYS,t)):y.DEFAULT_TTL_DAYS)*24*60*60*1e3}function qr(){let t=parseInt(process.env[S.BUFFER_MAX_FILES]??"",10);return Number.isFinite(t)?Math.max(y.MIN_MAX_FILES,Math.min(y.MAX_MAX_FILES,t)):y.DEFAULT_MAX_FILES}function we(t){if(/[/\\]/.test(t))throw new Error(`Invalid buffer fileId: ${t}`);return B__namespace.default.join(st__namespace.default.tmpdir(),`${y.FILE_PREFIX}${t}.json`)}function Mt(){let t=st__namespace.default.tmpdir(),e;try{e=L__namespace.default.readdirSync(t);}catch{return []}return e.filter(r=>r.startsWith(y.FILE_PREFIX)&&r.endsWith(".json")).map(r=>{let n=B__namespace.default.join(t,r),o=0;try{o=L__namespace.default.statSync(n).mtimeMs;}catch{}return {full:n,mtime:o}}).sort((r,n)=>r.mtime-n.mtime).map(r=>r.full)}function z(t){try{let e=qr(),r=Mt();if(r.length>=e){let s=r.slice(0,r.length-e+1);for(let i of s)try{L__namespace.default.unlinkSync(i);}catch{}}let n=`${Date.now()}-${Math.random().toString(36).slice(2,8)}`,o={fileId:n,bufferedAt:Date.now(),payload:t};return L__namespace.default.writeFileSync(we(n),JSON.stringify(o),{encoding:"utf8",mode:384}),a("buffer",`saved fileId=${n}`),n}catch(e){return a("buffer",`saveToBuffer failed: ${e.message}`),null}}function ke(t){let e=Mt(),r=t,n=[];for(let o of e){if(n.length>=r)break;try{let s=L__namespace.default.readFileSync(o,"utf8"),i=JSON.parse(s);i&&i.fileId&&i.payload&&n.push(i);}catch{a("buffer",`skipping malformed file: ${o}`);}}return n}function Ie(t){try{L__namespace.default.unlinkSync(we(t)),a("buffer",`deleted fileId=${t}`);}catch{}}function Le(){let t=Date.now()-Kr();for(let e of Mt())try{let{mtimeMs:r}=L__namespace.default.statSync(e);r<t&&(L__namespace.default.unlinkSync(e),a("buffer",`evicted stale: ${B__namespace.default.basename(e)}`));}catch{}}async function zr(t){Le();let e=ke(y.REPLAY_BATCH_SIZE);e.length&&(a("replayBufferedTraces",`replaying ${e.length} buffered trace(s)`),await Promise.allSettled(e.map(async r=>{try{let n=await _t(r.payload,t.endpoint,t.authHeader);n>=200&&n<300?(Ie(r.fileId),a("replayBufferedTraces",`replayed fileId=${r.fileId} status=${n}`)):a("replayBufferedTraces",`replay failed fileId=${r.fileId} status=${n}`);}catch(n){a("replayBufferedTraces",`replay error fileId=${r.fileId}: ${n.message}`);}})));}async function Re(t){let e=await U();if(!e.length)return e.authError&&(a("postToLangfuse","auth refresh failed \u2014 buffering trace"),z(t)),0;let r=await Promise.all(e.map(async s=>{if(s.mode!=="gateway")return {creds:s,healthy:true};let i=await ye(s.endpoint,s.authHeader);return {creds:s,healthy:i}})),n=r.find(s=>s.creds.mode==="gateway"&&s.healthy)?.creds??r.find(s=>s.creds.mode==="direct")?.creds;return n&&await zr(n),(await Promise.all(r.map(async({creds:s,healthy:i})=>{if(s.mode==="gateway"){if(!i)return a("postToLangfuse","gateway health check failed \u2014 buffering trace"),z(t),0;let c=await _t(t,s.endpoint,s.authHeader);return (c===0||c>=500)&&(a("postToLangfuse",`gateway send failed (status ${c}) \u2014 buffering trace`),z(t)),c}let l=await _t(t,s.endpoint,s.authHeader);return (l===0||l>=500)&&(a("postToLangfuse",`direct endpoint unavailable (status ${l}) \u2014 buffering trace`),z(t)),l}))).find(s=>s!==0)??0}var A="[REDACTED]",Xr="[REDACTED-EMAIL]",Zr="[REDACTED-CPF]",Qr="[REDACTED-CNPJ]",Ne="[REDACTED-PHONE]",tn=[{re:/\b(sk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`sk-${A}`},{re:/\b(pk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`pk-${A}`},{re:/\b(Bearer\s+)[A-Za-z0-9\-._~+/]+=*/gi,replace:(t,e)=>`${e}${A}`},{re:/\b(Basic\s+)[A-Za-z0-9+/]+=*/gi,replace:(t,e)=>`${e}${A}`},{re:/(-----BEGIN [A-Z ]+-----)[^-]*(-----END [A-Z ]+-----)/g,replace:(t,e,r)=>`${e}
8
+ `),inputTokens:n,outputTokens:o}}catch{}return null}var Fr=new Set([".venv","__pycache__",".git","node_modules"]),Dr=new Set([".pyc",".pyo"]),xr=new Set(["SKILL.md",".DS_Store",".gitignore"]);function ge(t){return t.replace(":","/")}function St(t,e){if(!t)return null;let r=ge(t),n=[M.join(ot.homedir(),".claude","skills",r,"SKILL.md"),M.join(e??"",".claude","skills",r,"SKILL.md")];for(let o of n)if(L.existsSync(o))try{return L.readFileSync(o,"utf8")}catch{}return null}function Se(t){return t.split(`
9
+ `)[0].match(/^\/([a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?)(?:\s.*)?$/i)?.[1]??null}var Br=new Set(["Read","Write","Edit","MultiEdit","Bash","Glob","Grep","TodoWrite","WebFetch","WebSearch","Agent","Task"]);function Ee(t){return !!t.slashSkill||t.toolCalls.some(n=>n.tool==="Skill")?t.toolCalls.some(n=>n.tool==="Skill"&&!n.synthetic||Br.has(n.tool))?"complete":"prerequisite_required":null}function Et(t,e){if(!t)return null;let r=ge(t),n=[M.join(ot.homedir(),".claude","skills",r),M.join(e??"",".claude","skills",r)],o=null;for(let l of n)if(L.existsSync(M.join(l,"SKILL.md"))){o=l;break}if(!o)return null;let s=[];function i(l,c){for(let p of L.readdirSync(l,{withFileTypes:true})){if(Fr.has(p.name)||xr.has(p.name)||Dr.has(M.extname(p.name)))continue;let E=c?`${c}/${p.name}`:p.name;p.isDirectory()?i(M.join(l,p.name),E):s.push(E);}}return i(o,""),s.length>0?s:null}function Yr(t){try{let e=t.split(".")[1].replace(/-/g,"+").replace(/_/g,"/");return JSON.parse(Buffer.from(e,"base64").toString())}catch{return null}}function jr(t,e,r,n){return new Promise(o=>{let s=new URL(t),i=s.protocol==="https:",l=(i?ur__default.default:pr__default.default).request({hostname:s.hostname,port:s.port||(i?443:80),path:s.pathname+s.search,method:"POST",headers:{"Content-Type":"application/json","Content-Length":Buffer.byteLength(e),Authorization:`Bearer ${String(r).replace(/[\r\n]/g,"")}`,FlowTenant:String(n).replace(/[\r\n]/g,"")}},c=>{c.resume(),o(c.statusCode??0);});l.on("error",()=>o(0)),l.setTimeout(5e3,()=>{l.destroy(),o(0);}),l.write(e),l.end();})}async function v(t,e={}){try{let r=mt(process.env[S.ANTHROPIC_AUTH_TOKEN]);if(!r)return;let n,o=new Promise((T,m)=>{n=setTimeout(()=>m(new Error("getToken timeout")),4e3),n.unref();}),{accessToken:s}=await Promise.race([z(r),o]);clearTimeout(n);let i=Yr(s);if(!i)return;let l=i.tenant||r.tenant,c=JSON.stringify({action:t,booster:yt().BOOSTER,metadata:e,success:!0,tenant:l,timestamp:new Date().toISOString(),os:process.platform,user:{email:i.email||"",id:i.sub||"",name:i.name||i.email||""}}),p=ft(yt().API_URL),E=await jr(p,c,s,l);a("metrics.logEvent",`action=${t} status=${E}`);}catch(r){a("metrics.logEvent",`silenced error: ${r.message}`);}}var Gr=`\u26D4 Your Flow API key has expired. You no longer have access to Claude Code through the Flow platform. To restore observability and access, visit ${B()}/settings/api-keys to generate a new API key, then run: flow-ai-obs auth login`;async function Bt(t,e=false){if(e){process.stdout.write(JSON.stringify({decision:"block",reason:Gr})+`
10
+ `);return}let n=!!(await U()).authError,o=t.session_id||"unknown",s=t.prompt||"",i=t.cwd||"",l=de(t.transcript_path)||$t(),c=Se(s),p=c?St(c,i):null,E=c?Et(c,i):null;Y(o,{traceId:$t(),spanId:C(),startNs:I(),sessionId:o,prompt:s,cwd:i,traceName:l,transcriptPath:t.transcript_path||"",model:process.env[S.ANTHROPIC_MODEL]||"",toolCalls:[],spans:[],pendingTool:null,slashSkill:c,skillContent:p,skillArtifacts:E}),v("SESSION_STARTED",{traceType:c?"skill":"prompt",slashSkill:c,clientIdExpired:n}),a("UserPromptSubmit",`sid=${o}`,`traceName=${l}`,`slashSkill=${c}`),O(t);}async function _e(t){let e=t.session_id||"unknown",r=t.tool_name||"unknown",n=t.tool_input||{},o=H(e);o&&(o.pendingTool={name:r,inputStr:k(n,w.TOOL_INPUT),startNs:I()},Y(e,o)),a("PreToolUse",`sid=${e}`,`tool=${r}`,`stateFound=${!!o}`),O(t);}var Vr={name:At.SCOPE_NAME,version:At.SCOPE_VERSION},f={TRACE_NAME:"langfuse.trace.name",TRACE_INPUT:"langfuse.trace.input",TRACE_OUTPUT:"langfuse.trace.output",TRACE_METADATA:"langfuse.trace.metadata",TRACE_TAGS:"langfuse.trace.tags",USER_ID:"langfuse.user.id",SESSION_ID:"langfuse.session.id",OBS_NAME:"langfuse.observation.name",OBS_INPUT:"langfuse.observation.input",OBS_OUTPUT:"langfuse.observation.output",OBS_LEVEL:"langfuse.observation.level",OBS_TYPE:"langfuse.observation.type",MODEL:"gen_ai.request.model",INPUT_TOKENS:"gen_ai.usage.input_tokens",OUTPUT_TOKENS:"gen_ai.usage.output_tokens"};function u(t,e){return e==null||e===""?null:{key:t,value:{stringValue:String(e)}}}function $(...t){return t.filter(e=>e!==null)}function Te(t,e){return {resourceSpans:[{resource:{attributes:t},scopeSpans:[{scope:Vr,spans:Array.isArray(e)?e:[e]}]}]}}var he=M.join(ot.tmpdir(),"flow-obs-requests.ndjson");function Ae(t,e,r,n,o){if(process.env[S.FLOW_OBS_DEBUG]!=="1")return;let s=JSON.stringify({ts:new Date().toISOString(),request:{method:"POST",url:t,headers:e,body:JSON.parse(r)},response:{status:n,body:o}});try{L.writeFileSync(he,s+`
11
+ `,{flag:"a",encoding:"utf8",mode:384}),a("sendTraces:dump",`request appendada em ${he}`);}catch(i){a("sendTraces:dump",`falha ao salvar: ${i.message}`);}}function Xr(t){let e=new URL(t),r=new URL(W().GATEWAY_HEALTH);return r.hostname=e.hostname,r.port=e.port,r.protocol=e.protocol,r}function ye(t,e){return new Promise((r,n)=>{let o=t._isSSL?ur__default.default:pr__default.default;t.headers=Object.assign({},t.headers,{Connection:"close"});let s=o.request(t,i=>{let l=[];i.on("data",c=>l.push(c)),i.on("end",()=>r({statusCode:i.statusCode??0,body:l.join("")}));});s.setTimeout(1e4,()=>{s.destroy(new Error("Request timeout"));}),s.on("error",i=>n(new Error(`Network error: ${i.message}`))),e&&s.write(e),s.end();})}async function Oe(t,e){let r;try{r=Xr(t);}catch{return false}let n=r.protocol==="https:";try{let o={};e&&(o.Authorization=String(e).replace(/[\r\n]/g,""));let s=await ye({hostname:r.hostname,port:r.port||(n?443:80),path:r.pathname,method:"GET",headers:o,_isSSL:n},null);return a("checkHealth",`url=${r.href} status=${s.statusCode}`),s.statusCode>=200&&s.statusCode<300}catch{return false}}async function _t(t,e,r){let n=JSON.stringify(t),o=new URL(e),s=o.protocol==="https:",i=String(r).replace(/[\r\n]/g,""),l={"Content-Type":"application/json",Authorization:i,"Content-Length":Buffer.byteLength(n)};a("sendTraces:request",`POST ${e}`),a("sendTraces:request",`headers=${JSON.stringify({...l,Authorization:i.slice(0,20)+"\u2026"})}`),a("sendTraces:request",`body=${n.slice(0,500)}${n.length>500?"\u2026":""}`);try{let c=await ye({hostname:o.hostname,port:o.port||(s?443:80),path:o.pathname,method:"POST",headers:l,_isSSL:s},n);return a("sendTraces:response",`status=${c.statusCode}`),Ae(e,l,n,c.statusCode,c.body),c.statusCode}catch(c){return a("sendTraces:error",c.message),Ae(e,l,n,0,c.message),0}}function Zr(){let t=parseInt(process.env[S.BUFFER_TTL_DAYS]??"",10);return (Number.isFinite(t)?Math.max(y.MIN_TTL_DAYS,Math.min(y.MAX_TTL_DAYS,t)):y.DEFAULT_TTL_DAYS)*24*60*60*1e3}function Qr(){let t=parseInt(process.env[S.BUFFER_MAX_FILES]??"",10);return Number.isFinite(t)?Math.max(y.MIN_MAX_FILES,Math.min(y.MAX_MAX_FILES,t)):y.DEFAULT_MAX_FILES}function ke(t){if(/[/\\]/.test(t))throw new Error(`Invalid buffer fileId: ${t}`);return M__namespace.default.join(ot__namespace.default.tmpdir(),`${y.FILE_PREFIX}${t}.json`)}function Ht(){let t=ot__namespace.default.tmpdir(),e;try{e=L__namespace.default.readdirSync(t);}catch{return []}return e.filter(r=>r.startsWith(y.FILE_PREFIX)&&r.endsWith(".json")).map(r=>{let n=M__namespace.default.join(t,r),o=0;try{o=L__namespace.default.statSync(n).mtimeMs;}catch{}return {full:n,mtime:o}}).sort((r,n)=>r.mtime-n.mtime).map(r=>r.full)}function X(t){try{let e=Qr(),r=Ht();if(r.length>=e){let s=r.slice(0,r.length-e+1);for(let i of s)try{L__namespace.default.unlinkSync(i);}catch{}}let n=`${Date.now()}-${Math.random().toString(36).slice(2,8)}`,o={fileId:n,bufferedAt:Date.now(),payload:t};return L__namespace.default.writeFileSync(ke(n),JSON.stringify(o),{encoding:"utf8",mode:384}),a("buffer",`saved fileId=${n}`),n}catch(e){return a("buffer",`saveToBuffer failed: ${e.message}`),null}}function Ie(t){let e=Ht(),r=t,n=[];for(let o of e){if(n.length>=r)break;try{let s=L__namespace.default.readFileSync(o,"utf8"),i=JSON.parse(s);i&&i.fileId&&i.payload&&n.push(i);}catch{a("buffer",`skipping malformed file: ${o}`);}}return n}function Le(t){try{L__namespace.default.unlinkSync(ke(t)),a("buffer",`deleted fileId=${t}`);}catch{}}function Re(){let t=Date.now()-Zr();for(let e of Ht())try{let{mtimeMs:r}=L__namespace.default.statSync(e);r<t&&(L__namespace.default.unlinkSync(e),a("buffer",`evicted stale: ${M__namespace.default.basename(e)}`));}catch{}}async function tn(t){Re();let e=Ie(y.REPLAY_BATCH_SIZE);e.length&&(a("replayBufferedTraces",`replaying ${e.length} buffered trace(s)`),await Promise.allSettled(e.map(async r=>{try{let n=await _t(r.payload,t.endpoint,t.authHeader);n>=200&&n<300?(Le(r.fileId),a("replayBufferedTraces",`replayed fileId=${r.fileId} status=${n}`)):a("replayBufferedTraces",`replay failed fileId=${r.fileId} status=${n}`);}catch(n){a("replayBufferedTraces",`replay error fileId=${r.fileId}: ${n.message}`);}})));}async function Ne(t){let e=await U();if(!e.length)return e.authError&&(a("postToLangfuse","auth refresh failed \u2014 buffering trace"),X(t)),0;let r=await Promise.all(e.map(async s=>{if(s.mode!=="gateway")return {creds:s,healthy:true};let i=await Oe(s.endpoint,s.authHeader);return {creds:s,healthy:i}})),n=r.find(s=>s.creds.mode==="gateway"&&s.healthy)?.creds??r.find(s=>s.creds.mode==="direct")?.creds;return n&&await tn(n),(await Promise.all(r.map(async({creds:s,healthy:i})=>{if(s.mode==="gateway"){if(!i)return a("postToLangfuse","gateway health check failed \u2014 buffering trace"),X(t),0;let c=await _t(t,s.endpoint,s.authHeader);return (c===0||c>=500)&&(a("postToLangfuse",`gateway send failed (status ${c}) \u2014 buffering trace`),X(t)),c}let l=await _t(t,s.endpoint,s.authHeader);return (l===0||l>=500)&&(a("postToLangfuse",`direct endpoint unavailable (status ${l}) \u2014 buffering trace`),X(t)),l}))).find(s=>s!==0)??0}var A="[REDACTED]",en="[REDACTED-EMAIL]",rn="[REDACTED-CPF]",nn="[REDACTED-CNPJ]",Pe="[REDACTED-PHONE]",sn=[{re:/\b(sk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`sk-${A}`},{re:/\b(pk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`pk-${A}`},{re:/\b(Bearer\s+)[A-Za-z0-9\-._~+/]+=*/gi,replace:(t,e)=>`${e}${A}`},{re:/\b(Basic\s+)[A-Za-z0-9+/]+=*/gi,replace:(t,e)=>`${e}${A}`},{re:/(-----BEGIN [A-Z ]+-----)[^-]*(-----END [A-Z ]+-----)/g,replace:(t,e,r)=>`${e}
12
12
  ${A}
13
- ${r}`},{re:/\b(AKIA[0-9A-Z]{16})\b/g,replace:()=>`AKIA${A}`},{re:/(aws_secret_access_key\s*[=:]\s*)([A-Za-z0-9/+]{40})/gi,replace:(t,e)=>`${e}${A}`},{re:/\b(ghp_[A-Za-z0-9]{36,})/g,replace:()=>`ghp_${A}`},{re:/\b(github_pat_[A-Za-z0-9_]{36,})/gi,replace:()=>`github_pat_${A}`},{re:/\b(eyJ[A-Za-z0-9_\-]+\.eyJ[A-Za-z0-9_\-]+\.[A-Za-z0-9_\-]+)/g,replace:()=>`eyJ.${A}`},{re:/\b([A-Z0-9_]*(?:SECRET|TOKEN|KEY|PASSWORD|PASSWD|PWD|CREDENTIAL|API)[A-Z0-9_]*\s*=\s*)(['"]?)([^\s'"#\n]+)\2/gi,replace:(t,e,r)=>`${e}${r}${A}${r}`},{re:/([a-z][a-z0-9+\-.]*:\/\/[^:/?#\s]*):([^@\s]+)@/gi,replace:(t,e)=>`${e}:${A}@`},{re:/[a-zA-Z0-9._%+\-]+@[a-zA-Z0-9.\-]+\.[a-zA-Z]{2,}/g,replace:()=>Xr},{re:/\b\d{3}\.\d{3}\.\d{3}-\d{2}\b/g,replace:()=>Zr},{re:/\b\d{2}\.\d{3}\.\d{3}\/\d{4}-\d{2}\b/g,replace:()=>Qr},{re:/\(\d{2}\)\s?\d{4,5}[-\s]?\d{4}/g,replace:()=>Ne},{re:/\+55[\s-]?\d{2}[\s-]?\d{4,5}[-\s]?\d{4}/g,replace:()=>Ne}];function R(t){if(t==null)return "";let e=typeof t=="string"?t:JSON.stringify(t);return tn.reduce((r,{re:n,replace:o})=>r.replace(n,o),e)}async function Pe(t){let e=t.session_id||"unknown",r=t.tool_name||"unknown",n=t.tool_input||{},o=t.tool_response,s=o!==null&&typeof o=="object"?o.output??JSON.stringify(o):o??"",i=M(e);if(!i){O(t);return}let l=I(),c=i.pendingTool,p=c?.name===r,_=p?c.startNs:String(BigInt(l)-200000000n),T=p?c.inputStr:k(n,w.TOOL_INPUT),m=T,g=null;if(r==="Skill"){let rt=typeof n=="object"&&n!==null?n.skill||n.name||n.skillName||n.commandName||String(Object.values(n)[0]??""):String(n);g=rt?String(rt).trim():null;let N=g?gt(g,i.cwd):null;N&&(m=N,i.skillContent||(i.skillContent=N),i.skillArtifacts||(i.skillArtifacts=St(g,i.cwd))),g&&!i.slashSkill&&(i.slashSkill=g),a("PostToolUse","Skill tool detected",`skillName=${g}`,`contentFound=${!!N}`);}let h=R(k(s,w.TOOL_OUTPUT)),E=/\b(error|exception|failed|failure|traceback|errno)\b/i.test(h.slice(0,500)),X=E?"ERROR":"DEFAULT",G=C(),Z=Math.round(Number(BigInt(l)-BigInt(_))/1e6),tt={Agent:"AGENT",Task:"AGENT"}[r]??"TOOL",et=r==="Skill"&&g?g:mt(T,60);i.toolCalls.push({tool:r,brief:et,error:E,durationMs:Z});let j=i.spans;j.push({traceId:i.traceId,spanId:G,parentSpanId:i.spanId,name:r,kind:3,startTimeUnixNano:_,endTimeUnixNano:l,attributes:F(u(f.OBS_NAME,r),u(f.OBS_TYPE,tt),u(f.OBS_LEVEL,X),u(f.OBS_INPUT,R(m)),u(f.OBS_OUTPUT,h),u("tool.name",r),u("tool.error",String(E)),r==="Skill"&&g?u("skill.name",g):null,r==="Skill"?u("skill.invocation","slash-command"):null),status:{code:E?2:1}}),i.pendingTool=null,H(e,i),E&&v("TOOL_ERROR",{toolName:r}),a("PostToolUse",`sid=${e}`,`tool=${r}`,`error=${E}`,`durationMs=${Z}`,`totalSpans=${j.length}`),O(t);}var be={"claude-opus-4-6":{input:15,output:75},"claude-opus-4-5":{input:15,output:75},"claude-sonnet-4-6":{input:3,output:15},"claude-sonnet-4-5":{input:3,output:15},"claude-haiku-4-5":{input:.8,output:4},"claude-4-6-opus":{input:15,output:75},"claude-4-6-sonnet":{input:3,output:15},"claude-4-5-opus":{input:15,output:75},"claude-4-5-sonnet":{input:3,output:15},"claude-4-5-haiku":{input:.8,output:4},"claude-3-5-sonnet-20241022":{input:3,output:15},"claude-3-5-haiku-20241022":{input:.8,output:4},"claude-3-opus-20240229":{input:15,output:75}};function Ue(t,e,r){let n=Object.keys(be).find(i=>(t??"").toLowerCase().includes(i));if(!n)return;let o=be[n],s=(e*o.input+r*o.output)/1e6;return Math.round(s*1e6)/1e6}async function Ce(t){let e=t.session_id||"unknown",r=t.stop_reason||"end_turn",n=M(e);if(!n){O(t);return}n.slashSkill&&!/^[a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?$/i.test(n.slashSkill)&&(a("Stop",`sid=${e}`,`slashSkill rejected post-disk: "${n.slashSkill}"`),n.slashSkill=null);let o=I(),s=await oe(),i=n.toolCalls,l=n.spans;if(n.slashSkill&&!i.some(d=>d.tool==="Skill")){let d=C(),P=n.skillContent?n.skillContent:JSON.stringify({skill:n.slashSkill});i.push({tool:"Skill",brief:n.slashSkill,error:false,durationMs:0,synthetic:true}),l.push({traceId:n.traceId,spanId:d,parentSpanId:n.spanId,name:"Skill",kind:3,startTimeUnixNano:n.startNs,endTimeUnixNano:n.startNs,attributes:F(u(f.OBS_NAME,"Skill"),u(f.OBS_TYPE,"TOOL"),u(f.OBS_LEVEL,"DEFAULT"),u(f.OBS_INPUT,P),u(f.OBS_OUTPUT,"loaded via slash command"),u("tool.name","Skill"),u("tool.error","false"),u("skill.name",n.slashSkill),u("skill.invocation","slash-command")),status:{code:1}}),a("Stop",`slashSkill=${n.slashSkill}`,"synthetic span injected");}let c=t.transcript_path||n.transcriptPath||"",p=Dt(c);if(c&&(i.some(d=>d.tool==="Skill"&&!d.synthetic)||!!n.slashSkill)&&!p?.text){await new Promise(P=>setTimeout(P,500));let d=Dt(c);d?.text&&(p=d);}a("Stop",`transcriptPath=${c||"(empty)"}`,`assistantOut=${p?`text=${p.text.length}chars`:"null"}`);let T=i.length,m=i.filter(d=>d.error).length,g=R(p?.text?k(p.text,w.TRACE_OUTPUT):T===0?"No tools used":i.map((d,P)=>`${P+1}. ${d.tool}${d.brief?` \u2192 ${d.brief}`:""}${d.error?" [ERROR]":""}`).join(`
14
- `)),h=p?.inputTokens??0,E=p?.outputTokens??0,X=i.map((d,P)=>`${P+1}. ${d.tool}${d.brief?` \u2192 ${d.brief}`:""}${d.error?" [ERROR]":""} (${d.durationMs}ms)`),G=!!(n.slashSkill||i.some(d=>d.tool==="Skill")),Z=i.some(d=>d.tool==="Agent");if(!G&&!Z){a("Stop",`sid=${e}`,"skipping trace \u2014 no Skill or Agent calls found"),v("TRACE_SKIPPED",{reason:"no_skill_or_agent"}),$t(e),O(t);return}let Q=G?"skill":"agent",tt=Math.round(Number(BigInt(o)-BigInt(n.startNs))/1e6),et=Ue(n.model,h,E),$=Se(n);$==="prerequisite_required"&&p?.text&&($="complete"),$==="prerequisite_required"&&(l.push({traceId:n.traceId,spanId:C(),parentSpanId:n.spanId,name:"prerequisite-check",kind:3,startTimeUnixNano:n.startNs,endTimeUnixNano:o,attributes:F(u(f.OBS_NAME,"prerequisite-check"),u(f.OBS_TYPE,"EVENT"),u(f.OBS_LEVEL,"WARNING"),u(f.OBS_OUTPUT,g),u("skill.name",n.slashSkill||void 0),u("execution_status","prerequisite_required")),status:{code:1}}),a("Stop",`sid=${e}`,"prerequisite-check span injected",`skill=${n.slashSkill}`));let j=(()=>{if(!(!G||!n.prompt)){if(n.slashSkill){let d=n.prompt.replace(new RegExp(`^\\/${n.slashSkill}\\s*`,"i"),"").trim();return d?k(R(d),w.USER_INSTRUCTION):void 0}return k(R(n.prompt),w.USER_INSTRUCTION)||void 0}})(),rt=JSON.stringify({trace_type:Q,...$!==null&&{execution_status:$},...n.slashSkill?{skill_name:n.slashSkill}:{},...n.skillArtifacts?.length&&{skill_artifacts:n.skillArtifacts},...j!==void 0&&{user_instruction:j},latency_ms:tt,...h&&{tokens_input:h},...E&&{tokens_output:E},cost_usd:et,...n.model?{model:n.model}:{},toolCount:T,errorCount:m,stopReason:r,sessionId:n.sessionId,tools:X.length?X:void 0}),N=R(k(n.prompt,w.TRACE_INPUT)),ve=F(u(f.TRACE_NAME,n.traceName),u(f.TRACE_INPUT,N),u(f.TRACE_OUTPUT,g),u(f.OBS_INPUT,N),u(f.OBS_OUTPUT,g),u(f.TRACE_METADATA,rt),u(f.SESSION_ID,n.sessionId),u(f.USER_ID,s.user),u(f.OBS_TYPE,"GENERATION"),u(f.MODEL,n.model),h?u(f.INPUT_TOKENS,h):null,E?u(f.OUTPUT_TOKENS,E):null,u("claude.stop_reason",r),u("claude.tool_count",String(T)),u("claude.error_count",String(m)),u("claude.session_id",n.sessionId),u("flow.trace_type",Q),{key:f.TRACE_TAGS,value:{arrayValue:{values:[{stringValue:Q}]}}}),Fe={traceId:n.traceId,spanId:n.spanId,name:n.traceName,kind:1,startTimeUnixNano:n.startNs,endTimeUnixNano:o,attributes:ve,status:{code:m>0?2:1}},$e=F(u("service.name",process.env.LANGFUSE_PROJECT_NAME||"claude-code"),u("deployment.environment",process.env.LANGFUSE_ENVIRONMENT||"default")),Ht=[...l,Fe];a("Stop",`sid=${e}`,`totalTools=${T}`,`errorTools=${m}`,`spans=${Ht.length}`,`inputTokens=${h}`,`outputTokens=${E}`,`traceOutput="${mt(g,80)}"`);let De=await Re(Ee($e,Ht));a("Stop",`POST status=${De}`,`traceId=${n.traceId}`),v("TRACE_SENT",{latencyMs:tt,totalTools:T,errorTools:m,inputTokens:h,outputTokens:E,costUsd:et}),$t(e),O(t);}async function en(){let t=process.argv[2];if(t==="UserPromptSubmit"){let r=await Ct(),n;try{n=await U();}catch{process.stdout.write(JSON.stringify(r));return}n.authError?await xt(r,true):n.length>0?await xt(r):process.stdout.write(JSON.stringify(r));return}if(!await ie()){let r=[];process.stdin.on("data",n=>r.push(n)),process.stdin.on("end",()=>process.stdout.write(r.join("")));return}let e=await Ct();switch(t){case "PreToolUse":await _e(e);break;case "PostToolUse":await Pe(e);break;case "Stop":await Ce(e);break;default:process.stderr.write(`[flow-obs] unknown event: ${t}
15
- `),process.stdout.write(JSON.stringify(e));}}en().catch(t=>{process.stderr.write(`[flow-obs] fatal: ${t.message}
13
+ ${r}`},{re:/\b(AKIA[0-9A-Z]{16})\b/g,replace:()=>`AKIA${A}`},{re:/(aws_secret_access_key\s*[=:]\s*)([A-Za-z0-9/+]{40})/gi,replace:(t,e)=>`${e}${A}`},{re:/\b(ghp_[A-Za-z0-9]{36,})/g,replace:()=>`ghp_${A}`},{re:/\b(github_pat_[A-Za-z0-9_]{36,})/gi,replace:()=>`github_pat_${A}`},{re:/\b(eyJ[A-Za-z0-9_\-]+\.eyJ[A-Za-z0-9_\-]+\.[A-Za-z0-9_\-]+)/g,replace:()=>`eyJ.${A}`},{re:/\b([A-Z0-9_]*(?:SECRET|TOKEN|KEY|PASSWORD|PASSWD|PWD|CREDENTIAL|API)[A-Z0-9_]*\s*=\s*)(['"]?)([^\s'"#\n]+)\2/gi,replace:(t,e,r)=>`${e}${r}${A}${r}`},{re:/([a-z][a-z0-9+\-.]*:\/\/[^:/?#\s]*):([^@\s]+)@/gi,replace:(t,e)=>`${e}:${A}@`},{re:/[a-zA-Z0-9._%+\-]+@[a-zA-Z0-9.\-]+\.[a-zA-Z]{2,}/g,replace:()=>en},{re:/\b\d{3}\.\d{3}\.\d{3}-\d{2}\b/g,replace:()=>rn},{re:/\b\d{2}\.\d{3}\.\d{3}\/\d{4}-\d{2}\b/g,replace:()=>nn},{re:/\(\d{2}\)\s?\d{4,5}[-\s]?\d{4}/g,replace:()=>Pe},{re:/\+55[\s-]?\d{2}[\s-]?\d{4,5}[-\s]?\d{4}/g,replace:()=>Pe}];function R(t){if(t==null)return "";let e=typeof t=="string"?t:JSON.stringify(t);return sn.reduce((r,{re:n,replace:o})=>r.replace(n,o),e)}async function be(t){let e=t.session_id||"unknown",r=t.tool_name||"unknown",n=t.tool_input||{},o=t.tool_response,s=o!==null&&typeof o=="object"?o.output??JSON.stringify(o):o??"",i=H(e);if(!i){O(t);return}let l=I(),c=i.pendingTool,p=c?.name===r,E=p?c.startNs:String(BigInt(l)-200000000n),T=p?c.inputStr:k(n,w.TOOL_INPUT),m=T,g=null;if(r==="Skill"){let nt=typeof n=="object"&&n!==null?n.skill||n.name||n.skillName||n.commandName||String(Object.values(n)[0]??""):String(n);g=nt?String(nt).trim():null;let N=g?St(g,i.cwd):null;N&&(m=N,i.skillContent||(i.skillContent=N),i.skillArtifacts||(i.skillArtifacts=Et(g,i.cwd))),g&&!i.slashSkill&&(i.slashSkill=g),a("PostToolUse","Skill tool detected",`skillName=${g}`,`contentFound=${!!N}`);}let h=R(k(s,w.TOOL_OUTPUT)),_=/\b(error|exception|failed|failure|traceback|errno)\b/i.test(h.slice(0,500)),Z=_?"ERROR":"DEFAULT",G=C(),Q=Math.round(Number(BigInt(l)-BigInt(E))/1e6),et={Agent:"AGENT",Task:"AGENT"}[r]??"TOOL",rt=r==="Skill"&&g?g:gt(T,60);i.toolCalls.push({tool:r,brief:rt,error:_,durationMs:Q});let V=i.spans;V.push({traceId:i.traceId,spanId:G,parentSpanId:i.spanId,name:r,kind:3,startTimeUnixNano:E,endTimeUnixNano:l,attributes:$(u(f.OBS_NAME,r),u(f.OBS_TYPE,et),u(f.OBS_LEVEL,Z),u(f.OBS_INPUT,R(m)),u(f.OBS_OUTPUT,h),u("tool.name",r),u("tool.error",String(_)),r==="Skill"&&g?u("skill.name",g):null,r==="Skill"?u("skill.invocation","slash-command"):null),status:{code:_?2:1}}),i.pendingTool=null,Y(e,i),_&&v("TOOL_ERROR",{toolName:r}),a("PostToolUse",`sid=${e}`,`tool=${r}`,`error=${_}`,`durationMs=${Q}`,`totalSpans=${V.length}`),O(t);}var Ue={"claude-opus-4-6":{input:15,output:75},"claude-opus-4-5":{input:15,output:75},"claude-sonnet-4-6":{input:3,output:15},"claude-sonnet-4-5":{input:3,output:15},"claude-haiku-4-5":{input:.8,output:4},"claude-4-6-opus":{input:15,output:75},"claude-4-6-sonnet":{input:3,output:15},"claude-4-5-opus":{input:15,output:75},"claude-4-5-sonnet":{input:3,output:15},"claude-4-5-haiku":{input:.8,output:4},"claude-3-5-sonnet-20241022":{input:3,output:15},"claude-3-5-haiku-20241022":{input:.8,output:4},"claude-3-opus-20240229":{input:15,output:75}};function Ce(t,e,r){let n=Object.keys(Ue).find(i=>(t??"").toLowerCase().includes(i));if(!n)return;let o=Ue[n],s=(e*o.input+r*o.output)/1e6;return Math.round(s*1e6)/1e6}async function ve(t){let e=t.session_id||"unknown",r=t.stop_reason||"end_turn",n=H(e);if(!n){O(t);return}n.slashSkill&&!/^[a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?$/i.test(n.slashSkill)&&(a("Stop",`sid=${e}`,`slashSkill rejected post-disk: "${n.slashSkill}"`),n.slashSkill=null);let o=I(),s=await ie(),i=n.toolCalls,l=n.spans;if(n.slashSkill&&!i.some(d=>d.tool==="Skill")){let d=C(),P=n.skillContent?n.skillContent:JSON.stringify({skill:n.slashSkill});i.push({tool:"Skill",brief:n.slashSkill,error:false,durationMs:0,synthetic:true}),l.push({traceId:n.traceId,spanId:d,parentSpanId:n.spanId,name:"Skill",kind:3,startTimeUnixNano:n.startNs,endTimeUnixNano:n.startNs,attributes:$(u(f.OBS_NAME,"Skill"),u(f.OBS_TYPE,"TOOL"),u(f.OBS_LEVEL,"DEFAULT"),u(f.OBS_INPUT,P),u(f.OBS_OUTPUT,"loaded via slash command"),u("tool.name","Skill"),u("tool.error","false"),u("skill.name",n.slashSkill),u("skill.invocation","slash-command")),status:{code:1}}),a("Stop",`slashSkill=${n.slashSkill}`,"synthetic span injected");}let c=t.transcript_path||n.transcriptPath||"",p=xt(c);if(c&&(i.some(d=>d.tool==="Skill"&&!d.synthetic)||!!n.slashSkill)&&!p?.text){await new Promise(P=>setTimeout(P,500));let d=xt(c);d?.text&&(p=d);}a("Stop",`transcriptPath=${c||"(empty)"}`,`assistantOut=${p?`text=${p.text.length}chars`:"null"}`);let T=i.length,m=i.filter(d=>d.error).length,g=R(p?.text?k(p.text,w.TRACE_OUTPUT):T===0?"No tools used":i.map((d,P)=>`${P+1}. ${d.tool}${d.brief?` \u2192 ${d.brief}`:""}${d.error?" [ERROR]":""}`).join(`
14
+ `)),h=p?.inputTokens??0,_=p?.outputTokens??0,Z=i.map((d,P)=>`${P+1}. ${d.tool}${d.brief?` \u2192 ${d.brief}`:""}${d.error?" [ERROR]":""} (${d.durationMs}ms)`),G=!!(n.slashSkill||i.some(d=>d.tool==="Skill")),Q=i.some(d=>d.tool==="Agent");if(!G&&!Q){a("Stop",`sid=${e}`,"skipping trace \u2014 no Skill or Agent calls found"),v("TRACE_SKIPPED",{reason:"no_skill_or_agent"}),Dt(e),O(t);return}let tt=G?"skill":"agent",et=Math.round(Number(BigInt(o)-BigInt(n.startNs))/1e6),rt=Ce(n.model,h,_),F=Ee(n);F==="prerequisite_required"&&p?.text&&(F="complete"),F==="prerequisite_required"&&(l.push({traceId:n.traceId,spanId:C(),parentSpanId:n.spanId,name:"prerequisite-check",kind:3,startTimeUnixNano:n.startNs,endTimeUnixNano:o,attributes:$(u(f.OBS_NAME,"prerequisite-check"),u(f.OBS_TYPE,"EVENT"),u(f.OBS_LEVEL,"WARNING"),u(f.OBS_OUTPUT,g),u("skill.name",n.slashSkill||void 0),u("execution_status","prerequisite_required")),status:{code:1}}),a("Stop",`sid=${e}`,"prerequisite-check span injected",`skill=${n.slashSkill}`));let V=(()=>{if(!(!G||!n.prompt)){if(n.slashSkill){let d=n.prompt.replace(new RegExp(`^\\/${n.slashSkill}\\s*`,"i"),"").trim();return d?k(R(d),w.USER_INSTRUCTION):void 0}return k(R(n.prompt),w.USER_INSTRUCTION)||void 0}})(),nt=JSON.stringify({trace_type:tt,...F!==null&&{execution_status:F},...n.slashSkill?{skill_name:n.slashSkill}:{},...n.skillArtifacts?.length&&{skill_artifacts:n.skillArtifacts},...V!==void 0&&{user_instruction:V},latency_ms:et,...h&&{tokens_input:h},..._&&{tokens_output:_},cost_usd:rt,...n.model?{model:n.model}:{},toolCount:T,errorCount:m,stopReason:r,sessionId:n.sessionId,tools:Z.length?Z:void 0}),N=R(k(n.prompt,w.TRACE_INPUT)),$e=$(u(f.TRACE_NAME,n.traceName),u(f.TRACE_INPUT,N),u(f.TRACE_OUTPUT,g),u(f.OBS_INPUT,N),u(f.OBS_OUTPUT,g),u(f.TRACE_METADATA,nt),u(f.SESSION_ID,n.sessionId),u(f.USER_ID,s.user),u(f.OBS_TYPE,"GENERATION"),u(f.MODEL,n.model),h?u(f.INPUT_TOKENS,h):null,_?u(f.OUTPUT_TOKENS,_):null,u("claude.stop_reason",r),u("claude.tool_count",String(T)),u("claude.error_count",String(m)),u("claude.session_id",n.sessionId),u("flow.trace_type",tt),{key:f.TRACE_TAGS,value:{arrayValue:{values:[{stringValue:tt}]}}}),Fe={traceId:n.traceId,spanId:n.spanId,name:n.traceName,kind:1,startTimeUnixNano:n.startNs,endTimeUnixNano:o,attributes:$e,status:{code:m>0?2:1}},De=$(u("service.name",process.env.LANGFUSE_PROJECT_NAME||"claude-code"),u("deployment.environment",process.env.LANGFUSE_ENVIRONMENT||"default")),Yt=[...l,Fe];a("Stop",`sid=${e}`,`totalTools=${T}`,`errorTools=${m}`,`spans=${Yt.length}`,`inputTokens=${h}`,`outputTokens=${_}`,`traceOutput="${gt(g,80)}"`);let xe=await Ne(Te(De,Yt));a("Stop",`POST status=${xe}`,`traceId=${n.traceId}`),v("TRACE_SENT",{latencyMs:et,totalTools:T,errorTools:m,inputTokens:h,outputTokens:_,costUsd:rt}),Dt(e),O(t);}async function on(){let t=process.argv[2];if(t==="UserPromptSubmit"){let r=await vt(),n;try{n=await U();}catch{process.stdout.write(JSON.stringify(r));return}n.authError?await Bt(r,true):n.length>0?await Bt(r):process.stdout.write(JSON.stringify(r));return}if(!await ae()){let r=[];process.stdin.on("data",n=>r.push(n)),process.stdin.on("end",()=>process.stdout.write(r.join("")));return}let e=await vt();switch(t){case "PreToolUse":await _e(e);break;case "PostToolUse":await be(e);break;case "Stop":await ve(e);break;default:process.stderr.write(`[flow-obs] unknown event: ${t}
15
+ `),process.stdout.write(JSON.stringify(e));}}on().catch(t=>{process.stderr.write(`[flow-obs] fatal: ${t.message}
16
16
  `),process.exit(0);});
package/dist/setup.js CHANGED
@@ -1,8 +1,12 @@
1
1
  #!/usr/bin/env node
2
- 'use strict';var child_process=require('child_process'),util=require('util'),i=require('fs'),d=require('path'),l=require('os'),Be=require('https');require('readline/promises');function _interopDefault(e){return e&&e.__esModule?e:{default:e}}function _interopNamespace(e){if(e&&e.__esModule)return e;var n=Object.create(null);if(e){Object.keys(e).forEach(function(k){if(k!=='default'){var d=Object.getOwnPropertyDescriptor(e,k);Object.defineProperty(n,k,d.get?d:{enumerable:true,get:function(){return e[k]}});}})}n.default=e;return Object.freeze(n)}var i__namespace=/*#__PURE__*/_interopNamespace(i);var d__namespace=/*#__PURE__*/_interopNamespace(d);var l__namespace=/*#__PURE__*/_interopNamespace(l);var Be__default=/*#__PURE__*/_interopDefault(Be);var Ee=Object.defineProperty;var y=(e=>typeof require<"u"?require:typeof Proxy<"u"?new Proxy(e,{get:(t,r)=>(typeof require<"u"?require:t)[r]}):e)(function(e){if(typeof require<"u")return require.apply(this,arguments);throw Error('Dynamic require of "'+e+'" is not supported')});var v=(e,t,r)=>()=>{if(r)throw r[0];try{return e&&(t=e(e=0)),t}catch(n){throw r=[n],n}};var ye=(e,t)=>()=>{try{return t||e((t={exports:{}}).exports,t),t.exports}catch(r){throw t=0,r}},O=(e,t)=>{for(var r in t)Ee(e,r,{get:t[r],enumerable:true});};var z={};O(z,{MacOsKeyVaultProvider:()=>U});var N,U,Z=v(()=>{"use strict";N=util.promisify(child_process.execFile),U=class{static async isAvailable(){try{return i.accessSync("/usr/bin/security",i.constants.X_OK),!0}catch{return !1}}async getSecret(t,r){try{let{stdout:n}=await N("security",["find-generic-password","-w","-a",r,"-s",t]);return n.trim()||null}catch{return null}}async setSecret(t,r,n){await N("security",["add-generic-password","-U","-a",r,"-s",t,"-w",n]);}async deleteSecret(t,r){try{return await N("security",["delete-generic-password","-a",r,"-s",t]),!0}catch{return !1}}getStoragePath(){return "macOS Keychain"}};});var ee={};O(ee,{LinuxKeyVaultProvider:()=>b});var Q,b,te=v(()=>{"use strict";Q=util.promisify(child_process.execFile),b=class{static async isAvailable(){let t=["/usr/bin/secret-tool","/bin/secret-tool","/usr/local/bin/secret-tool"];for(let r of t)try{return i.accessSync(r,i.constants.X_OK),!0}catch{}return !1}async getSecret(t,r){try{let{stdout:n}=await Q("secret-tool",["lookup","service",t,"account",r]);return n.trim()||null}catch{return null}}async setSecret(t,r,n){await new Promise((s,o)=>{let a=child_process.spawn("secret-tool",["store","--label",t,"service",t,"account",r]);a.on("error",o),a.on("close",f=>{f===0?s():o(new Error(`secret-tool exited with code ${f}`));}),a.stdin.write(n),a.stdin.end();});}async deleteSecret(t,r){try{return await Q("secret-tool",["clear","service",t,"account",r]),!0}catch{return !1}}getStoragePath(){return "Linux Secret Service (libsecret)"}};});var re={};O(re,{WindowsKeyVaultProvider:()=>F});var F,ne=v(()=>{"use strict";F=class{static async isAvailable(){try{return await y("keytar").getPassword("__flow_probe__","__flow_probe__"),!0}catch{return !1}}async getSecret(t,r){return y("keytar").getPassword(t,r)}async setSecret(t,r,n){await y("keytar").setPassword(t,r,n);}async deleteSecret(t,r){return y("keytar").deletePassword(t,r)}getStoragePath(){return "Windows Credential Manager"}};});var pe=ye((qt,Ge)=>{Ge.exports={name:"@ciandt-flow/flow-ai-obs",version:"0.7.1-beta.501",description:"Claude Code hooks for Langfuse OTLP tracing \u2014 cross-platform",main:"dist/index.js",bin:{"flow-ai-obs":"dist/cli.js","flow-ai-obs-setup":"dist/setup.js"},scripts:{build:"tsup",test:"jest",typecheck:"tsc --noEmit",lint:"eslint src bin scripts",format:'prettier --write "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"format:check":'prettier --check "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"security-scan":"trufflehog filesystem src/ --fail --no-update --exclude-paths .trufflehogignore",postinstall:`node -e "require('fs').existsSync('dist/setup.js') && require('child_process').execFileSync(process.execPath, ['dist/setup.js'], {stdio:'inherit'})"`,prepublishOnly:"npm run security-scan && npm run build","release:npm":"changeset publish",changeset:"changeset","version-packages":"changeset version","install:hooks":"node dist/cli.js install","auth:login":"node dist/cli.js auth login","auth:logout":"node dist/cli.js auth logout","auth:status":"node dist/cli.js auth status",smoke:"bash scripts/smoke-test.sh","smoke:debug":"bash scripts/smoke-test.sh --debug","smoke:send":"bash scripts/smoke-test.sh --send --allow-http --debug"},files:["dist/","README.md","LICENSE.md"],keywords:["claude-code","langfuse","observability","otlp","hooks","flow","ciandt"],author:"CI&T Flow Team",license:"SEE LICENSE IN LICENSE.md",private:!1,dependencies:{},optionalDependencies:{keytar:"7.9.0"},devDependencies:{"@changesets/changelog-github":"^0.6.0","@changesets/cli":"^2.30.0","@types/jest":"^30.0.0","@types/node":"^25.8.0",jest:"^30.4.2","ts-jest":"^29.4.9",tsup:"^8.5.1","eslint-config-prettier":"^10.1.5",prettier:"^3.5.3",typescript:"^6.0.3","typescript-eslint":"^8.33.0"},engines:{node:">=18.0.0"},overrides:{esbuild:"^0.28.1"},publishConfig:{registry:"https://registry.npmjs.org",access:"public"},repository:{type:"git",url:"git+https://github.com/CI-T-HyperX/flow-codeassistant-observability.git"}};});function x(){if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let t=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(t)return {home:t,username:process.env.SUDO_USER}}return {home:l__namespace.homedir(),username:process.env.SUDO_USER||process.env.USER||l__namespace.userInfo().username}}function P(){if(process.env.WSL_DISTRO_NAME&&process.platform==="linux"){let e=process.env.USERPROFILE;if(!e){let r=child_process.spawnSync("cmd.exe",["/c","echo","%USERPROFILE%"],{encoding:"utf8",timeout:5e3}).stdout?.trim();r&&/^[A-Za-z]:\\/.test(r)&&(e=r);}if(e){let t=e.replace(/^([A-Za-z]):/,(r,n)=>`/mnt/${n.toLowerCase()}`).replace(/\\/g,"/");return d__namespace.join(t,".claude","settings.json")}return d__namespace.join(l__namespace.homedir(),".claude","settings.json")}if(process.platform==="win32"){let e=process.env.USERPROFILE||l__namespace.homedir();return d__namespace.join(e,".claude","settings.json")}if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let t=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(t)return d__namespace.join(t,".claude","settings.json")}return d__namespace.join(l__namespace.homedir(),".claude","settings.json")}var V="flow-ai-obs",Y="config.json";function Te(){if(process.platform==="win32"){let r=process.env.APPDATA||d__namespace.join(l__namespace.homedir(),"AppData","Roaming");return d__namespace.join(r,V,Y)}let e=x(),t=process.env.XDG_CONFIG_HOME||d__namespace.join(e.home,".config");return d__namespace.join(t,V,Y)}function _e(){try{let e=i__namespace.readFileSync(Te(),"utf8");return JSON.parse(e)}catch{return {}}}function G(){let{baseUrl:e}=_e();return typeof e!="string"||e.trim()===""?null:e.trim().replace(/\/$/,"")}var Se="https://flow.ciandt.com";function R(){return G()??process.env.FLOW_BASE_URL??Se}function I(){let e=R();return {AUTH_ENGINE:process.env.FLOW_AUTH_ENGINE_URL||`${e}/auth-engine-api/v2/api-key/token`,GATEWAY_TRACES:process.env.FLOW_GATEWAY_TRACES_URL||`${e}/flow-langfuse-gateway/v1/traces`,GATEWAY_HEALTH:process.env.FLOW_GATEWAY_HEALTH_URL||`${e}/flow-langfuse-gateway/v1/health`,OTEL_ENDPOINT:process.env.FLOW_OTEL_ENDPOINT_URL||`${e}/otel`}}var we=I(),_={SERVICE:"flow-plugins-cli",ACCOUNT_CREDS:"credentials"},S="FLOW-nodejs",w="config.json";function B(){let e=R();return {ANTHROPIC_BASE_URL:process.env.FLOW_LLM_PROXY_URL??`${e}/flow-llm-proxy/`,ANTHROPIC_MODEL:process.env.FLOW_LLM_PROXY_MODEL??"anthropic.claude-4-6-sonnet",ANTHROPIC_SMALL_FAST_MODEL:process.env.FLOW_LLM_PROXY_SMALL_MODEL??"anthropic.claude-4-6-sonnet",CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS:"1"}}var W={CLAUDE_CODE_ENABLE_TELEMETRY:"1",OTEL_EXPORTER_OTLP_ENDPOINT:we.OTEL_ENDPOINT,OTEL_EXPORTER_OTLP_PROTOCOL:"http/json",OTEL_METRICS_EXPORTER:"otlp",OTEL_LOGS_EXPORTER:"otlp",OTEL_LOG_TOOL_DETAILS:"1",OTEL_LOG_USER_PROMPTS:"1"},m={FLOW_TELEMETRY:"FLOW_TELEMETRY",FLOW_TELEMETRY_GATEWAY:"FLOW_TELEMETRY_GATEWAY_URL",LANGFUSE_BASE_URL:"LANGFUSE_BASE_URL",LANGFUSE_PUBLIC_KEY:"LANGFUSE_PUBLIC_KEY",LANGFUSE_SECRET_KEY:"LANGFUSE_SECRET_KEY",ANTHROPIC_MODEL:"ANTHROPIC_MODEL",ANTHROPIC_AUTH_TOKEN:"ANTHROPIC_AUTH_TOKEN",FLOW_OBS_DEBUG:"FLOW_TELEMETRY_DEBUG",FLOW_OBS_ALLOW_HTTP:"FLOW_TELEMETRY_ALLOW_HTTP",BUFFER_TTL_DAYS:"FLOW_TELEMETRY_BUFFER_TTL_DAYS",BUFFER_MAX_FILES:"FLOW_TELEMETRY_BUFFER_MAX_FILES"};var K={LOCK_STALE_MS:3e4},J={UserPromptSubmit:5,PreToolUse:3,PostToolUse:10,Stop:15};var X="flow-ai-obs-debug.log";var C={credentials:"credentials","token-cache":"tokenCache"};function g(){let e=l__namespace.default.homedir();if(process.platform==="darwin")return d__namespace.default.join(e,"Library","Preferences",S,w);if(process.platform==="win32"){let r=process.env.APPDATA??d__namespace.default.join(e,"AppData","Roaming");return d__namespace.default.join(r,S,w)}let t=process.env.XDG_CONFIG_HOME??d__namespace.default.join(e,".config");return d__namespace.default.join(t,S,w)}function k(){try{let e=i__namespace.default.readFileSync(g(),"utf8");return JSON.parse(e)}catch{return {}}}function q(e){let t=g();i__namespace.default.mkdirSync(d__namespace.default.dirname(t),{recursive:true}),i__namespace.default.writeFileSync(t,JSON.stringify(e,null,2),{encoding:"utf8",mode:384});}var A=class{static isAvailable(){return true}static hasExistingData(){try{if(!i__namespace.default.existsSync(g()))return !1;let t=JSON.parse(i__namespace.default.readFileSync(g(),"utf8"));return !!(t&&t.credentials)}catch{return false}}async getSecret(t,r){let n=k(),s=C[r]??r,o=n[s];return o?typeof o=="string"?o:JSON.stringify(o):null}async setSecret(t,r,n){let s=k(),o=C[r]??r;if(r==="token-cache")try{s[o]=JSON.parse(n);}catch{s[o]=n;}else s[o]=n;q(s);}async deleteSecret(t,r){let n=k(),s=C[r]??r;return s in n?(delete n[s],q(n),true):false}getStoragePath(){return `config.json (unencrypted) \u2014 ${g()}`}};async function se(){return await Ue()??new A}async function Ue(){switch(process.platform){case "darwin":{let{MacOsKeyVaultProvider:e}=await Promise.resolve().then(()=>(Z(),z));return await e.isAvailable()?new e:null}case "linux":{let{LinuxKeyVaultProvider:e}=await Promise.resolve().then(()=>(te(),ee));return await e.isAvailable()?new e:null}case "win32":{let{WindowsKeyVaultProvider:e}=await Promise.resolve().then(()=>(ne(),re));return await e.isAvailable()?new e:null}default:return null}}var be=_.SERVICE,Fe=_.ACCOUNT_CREDS,$=null;function $e(){return $||($=se()),$}async function D(){let t=await(await $e()).getSecret(be,Fe);if(!t)return null;try{return JSON.parse(t)}catch{return null}}d.join(l.tmpdir(),X);var Ve=K.LOCK_STALE_MS;function oe(e){try{let t=i__namespace.statSync(e);Date.now()-t.mtimeMs>Ve&&i__namespace.unlinkSync(e);}catch{}try{i__namespace.writeFileSync(e,String(process.pid),{flag:"wx"});}catch(t){throw t.code==="EEXIST"?new Error("Another install is already in progress. If this is stale, remove: "+e):t}}function ie(e){try{i__namespace.unlinkSync(e);}catch{}}function Ye(e,t){let n=(Array.isArray(e)?e:[]).map(s=>{if(!Array.isArray(s?.hooks))return null;let o=s.hooks.filter(a=>!a.command?.startsWith?.("flow-ai-obs "));return o.length>0?{...s,hooks:o}:null}).filter(s=>s!=null);return [t,...n]}function ae(){let e=P(),t=e+".lock",r=[];i__namespace.mkdirSync(d__namespace.dirname(e),{recursive:true}),oe(t);try{if(i__namespace.existsSync(e)){i__namespace.copyFileSync(e,e+".bkp");try{i__namespace.chmodSync(e+".bkp",384);}catch{}}let n={};try{n=JSON.parse(i__namespace.readFileSync(e,"utf8"));}catch{}let s=n.env&&typeof n.env=="object"?n.env:{};n.env={...W,...B(),...s},n.otelHeadersHelper="flow-ai-obs otel-headers",(!n.hooks||typeof n.hooks!="object"||Array.isArray(n.hooks))&&(n.hooks={});let o=(c,E)=>({matcher:"",hooks:[{type:"command",command:`flow-ai-obs ${c}`,timeout:E}]}),a=["UserPromptSubmit","PreToolUse","PostToolUse","Stop"],f=n.hooks;for(let c of a){let E=Ye(f[c],o(c,J[c]));E.length>1&&r.push(c),f[c]=E;}i__namespace.writeFileSync(e,JSON.stringify(n,null,2)+`
3
- `,{encoding:"utf8",mode:384});try{i__namespace.chmodSync(e,384);}catch{}}finally{ie(t);}return {settingsPath:e,preserved:r}}function ce(e){let t=P(),r=t+".lock";i__namespace.mkdirSync(d__namespace.dirname(t),{recursive:true}),oe(r);try{let n={};try{n=JSON.parse(i__namespace.readFileSync(t,"utf8"));}catch{}(!n.env||typeof n.env!="object")&&(n.env={}),Object.assign(n.env,e),i__namespace.writeFileSync(t,JSON.stringify(n,null,2)+`
4
- `,{encoding:"utf8",mode:384});try{i__namespace.chmodSync(t,384);}catch{}}finally{ie(r);}}function le(e){if(!e)return null;try{let t=e.split(".");if(t.length<2)return null;let r=JSON.parse(Buffer.from(t[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8")),{clientId:n,clientSecret:s,tenant:o}=r;return !n||!s||!o?null:{clientId:n,clientSecret:s,tenant:o}}catch{return null}}function ue(e){let t=Buffer.from(JSON.stringify({alg:"none",typ:"JWT"})).toString("base64url"),r=Buffer.from(JSON.stringify({clientId:e.clientId,clientSecret:e.clientSecret,tenant:e.tenant})).toString("base64url");return `${t}.${r}.`}var M;function fe(){return M||(M=pe()),M}var me=d__namespace.default.join(l__namespace.default.tmpdir(),"flow-obs-update-cache.json"),Je=1440*60*1e3,Xe=3e3;function qe(e,t){let r=o=>{let a=String(o).replace(/^v/,"").match(/^(\d+)\.(\d+)\.(\d+)/);return a?[+a[1],+a[2],+a[3]]:null},n=r(e),s=r(t);return !n||!s?false:s[0]!==n[0]?s[0]>n[0]:s[1]!==n[1]?s[1]>n[1]:s[2]>n[2]}function ze(){try{let e=JSON.parse(i__namespace.default.readFileSync(me,"utf8"));return typeof e.latestVersion!="string"||Date.now()-e.checkedAt>=Je?null:e}catch{return null}}function Ze(e,t,r=Date.now()){try{i__namespace.default.writeFileSync(me,JSON.stringify({latestVersion:e,updatePriority:t??null,checkedAt:r}),{mode:384});}catch{}}function Qe(e){let t=fe().name,r=Be__default.default.get(`https://registry.npmjs.org/${encodeURIComponent(t)}/latest`,{timeout:Xe},n=>{if(n.statusCode!==200)return n.resume(),e(new Error(`HTTP ${n.statusCode}`));let s="";n.setEncoding("utf8"),n.on("data",o=>{s+=o;}),n.on("end",()=>{try{let o=JSON.parse(s);if(typeof o.version!="string")throw new Error("no version field");e(null,{version:o.version,updatePriority:typeof o.updatePriority=="string"?o.updatePriority:null});}catch(o){e(o);}});});r.on("error",e),r.on("timeout",()=>{r.destroy(new Error("timeout"));});}function ge(){try{if(ze())return;setImmediate(()=>{Qe((e,t)=>{e||!t||qe(fe().version,t.version)&&Ze(t.version,t.updatePriority,0);});});}catch{}}var et=d__namespace.default.resolve(__dirname,".."),tt=process.env.INIT_CWD?d__namespace.default.resolve(process.env.INIT_CWD):null;tt===et&&process.exit(0);async function rt(){try{ae();}catch{}let e=await D();if(!e){process.stderr.write(`
2
+ 'use strict';var child_process=require('child_process'),util=require('util'),i=require('fs'),f=require('path'),l=require('os'),qe=require('https');require('readline/promises');function _interopDefault(e){return e&&e.__esModule?e:{default:e}}function _interopNamespace(e){if(e&&e.__esModule)return e;var n=Object.create(null);if(e){Object.keys(e).forEach(function(k){if(k!=='default'){var d=Object.getOwnPropertyDescriptor(e,k);Object.defineProperty(n,k,d.get?d:{enumerable:true,get:function(){return e[k]}});}})}n.default=e;return Object.freeze(n)}var i__namespace=/*#__PURE__*/_interopNamespace(i);var f__namespace=/*#__PURE__*/_interopNamespace(f);var l__namespace=/*#__PURE__*/_interopNamespace(l);var qe__default=/*#__PURE__*/_interopDefault(qe);var Te=Object.defineProperty;var T=(e=>typeof require<"u"?require:typeof Proxy<"u"?new Proxy(e,{get:(t,r)=>(typeof require<"u"?require:t)[r]}):e)(function(e){if(typeof require<"u")return require.apply(this,arguments);throw Error('Dynamic require of "'+e+'" is not supported')});var v=(e,t,r)=>()=>{if(r)throw r[0];try{return e&&(t=e(e=0)),t}catch(n){throw r=[n],n}};var _e=(e,t)=>()=>{try{return t||e((t={exports:{}}).exports,t),t.exports}catch(r){throw t=0,r}},L=(e,t)=>{for(var r in t)Te(e,r,{get:t[r],enumerable:true});};var Q={};L(Q,{MacOsKeyVaultProvider:()=>F});var U,F,ee=v(()=>{"use strict";U=util.promisify(child_process.execFile),F=class{static async isAvailable(){try{return i.accessSync("/usr/bin/security",i.constants.X_OK),!0}catch{return !1}}async getSecret(t,r){try{let{stdout:n}=await U("security",["find-generic-password","-w","-a",r,"-s",t]);return n.trim()||null}catch{return null}}async setSecret(t,r,n){await U("security",["add-generic-password","-U","-a",r,"-s",t,"-w",n]);}async deleteSecret(t,r){try{return await U("security",["delete-generic-password","-a",r,"-s",t]),!0}catch{return !1}}getStoragePath(){return "macOS Keychain"}};});var re={};L(re,{LinuxKeyVaultProvider:()=>$});var te,$,ne=v(()=>{"use strict";te=util.promisify(child_process.execFile),$=class{static async isAvailable(){let t=["/usr/bin/secret-tool","/bin/secret-tool","/usr/local/bin/secret-tool"];for(let r of t)try{return i.accessSync(r,i.constants.X_OK),!0}catch{}return !1}async getSecret(t,r){try{let{stdout:n}=await te("secret-tool",["lookup","service",t,"account",r]);return n.trim()||null}catch{return null}}async setSecret(t,r,n){await new Promise((o,s)=>{let a=child_process.spawn("secret-tool",["store","--label",t,"service",t,"account",r]);a.on("error",s),a.on("close",m=>{m===0?o():s(new Error(`secret-tool exited with code ${m}`));}),a.stdin.write(n),a.stdin.end();});}async deleteSecret(t,r){try{return await te("secret-tool",["clear","service",t,"account",r]),!0}catch{return !1}}getStoragePath(){return "Linux Secret Service (libsecret)"}};});var oe={};L(oe,{WindowsKeyVaultProvider:()=>D});var D,se=v(()=>{"use strict";D=class{static async isAvailable(){try{return await T("keytar").getPassword("__flow_probe__","__flow_probe__"),!0}catch{return !1}}async getSecret(t,r){return T("keytar").getPassword(t,r)}async setSecret(t,r,n){await T("keytar").setPassword(t,r,n);}async deleteSecret(t,r){return T("keytar").deletePassword(t,r)}getStoragePath(){return "Windows Credential Manager"}};});var fe=_e((lr,Xe)=>{Xe.exports={name:"@ciandt-flow/flow-ai-obs",version:"0.7.1-beta.522",description:"Claude Code hooks for Langfuse OTLP tracing \u2014 cross-platform",main:"dist/index.js",bin:{"flow-ai-obs":"dist/cli.js","flow-ai-obs-setup":"dist/setup.js"},scripts:{build:"tsup",test:"jest",typecheck:"tsc --noEmit",lint:"eslint src bin scripts",format:'prettier --write "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"format:check":'prettier --check "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"security-scan":"trufflehog filesystem src/ --fail --no-update --exclude-paths .trufflehogignore",postinstall:`node -e "require('fs').existsSync('dist/setup.js') && require('child_process').execFileSync(process.execPath, ['dist/setup.js'], {stdio:'inherit'})"`,prepublishOnly:"npm run security-scan && npm run build","release:npm":"changeset publish",changeset:"changeset","version-packages":"changeset version","install:hooks":"node dist/cli.js install","auth:login":"node dist/cli.js auth login","auth:logout":"node dist/cli.js auth logout","auth:status":"node dist/cli.js auth status",smoke:"bash scripts/smoke-test.sh","smoke:debug":"bash scripts/smoke-test.sh --debug","smoke:send":"bash scripts/smoke-test.sh --send --allow-http --debug"},files:["dist/","README.md","LICENSE.md"],keywords:["claude-code","langfuse","observability","otlp","hooks","flow","ciandt"],author:"CI&T Flow Team",license:"SEE LICENSE IN LICENSE.md",private:!1,dependencies:{},optionalDependencies:{keytar:"7.9.0"},devDependencies:{"@changesets/changelog-github":"^0.6.0","@changesets/cli":"^2.30.0","@types/jest":"^30.0.0","@types/node":"^25.8.0",jest:"^30.4.2","ts-jest":"^29.4.9",tsup:"^8.5.1","eslint-config-prettier":"^10.1.5",prettier:"^3.5.3",typescript:"^6.0.3","typescript-eslint":"^8.33.0"},engines:{node:">=18.0.0"},overrides:{esbuild:"^0.28.1"},publishConfig:{registry:"https://registry.npmjs.org",access:"public"},repository:{type:"git",url:"git+https://github.com/CI-T-HyperX/flow-codeassistant-observability.git"}};});!process.env.NO_COLOR&&process.stdout.isTTY;function k(){return process.platform==="win32"?false:process.getuid?.()===0}function Y(){if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let t=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(t)return {home:t,username:process.env.SUDO_USER}}return {home:l__namespace.homedir(),username:process.env.SUDO_USER||process.env.USER||l__namespace.userInfo().username}}function P(){if(process.env.WSL_DISTRO_NAME&&process.platform==="linux"){let e=process.env.USERPROFILE;if(!e){let r=child_process.spawnSync("cmd.exe",["/c","echo","%USERPROFILE%"],{encoding:"utf8",timeout:5e3}).stdout?.trim();r&&/^[A-Za-z]:\\/.test(r)&&(e=r);}if(e){let t=e.replace(/^([A-Za-z]):/,(r,n)=>`/mnt/${n.toLowerCase()}`).replace(/\\/g,"/");return f__namespace.join(t,".claude","settings.json")}return f__namespace.join(l__namespace.homedir(),".claude","settings.json")}if(process.platform==="win32"){let e=process.env.USERPROFILE||l__namespace.homedir();return f__namespace.join(e,".claude","settings.json")}if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let t=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(t)return f__namespace.join(t,".claude","settings.json")}return f__namespace.join(l__namespace.homedir(),".claude","settings.json")}var j="flow-ai-obs",G="config.json";function Oe(){if(process.platform==="win32"){let r=process.env.APPDATA||f__namespace.join(l__namespace.homedir(),"AppData","Roaming");return f__namespace.join(r,j,G)}let e=Y(),t=process.env.XDG_CONFIG_HOME||f__namespace.join(e.home,".config");return f__namespace.join(t,j,G)}function ve(){try{let e=i__namespace.readFileSync(Oe(),"utf8");return JSON.parse(e)}catch{return {}}}function W(){let{baseUrl:e}=ve();return typeof e!="string"||e.trim()===""?null:e.trim().replace(/\/$/,"")}var Le="https://flow.ciandt.com";function I(){return W()??process.env.FLOW_BASE_URL??Le}function C(){let e=I();return {AUTH_ENGINE:process.env.FLOW_AUTH_ENGINE_URL||`${e}/auth-engine-api/v2/api-key/token`,GATEWAY_TRACES:process.env.FLOW_GATEWAY_TRACES_URL||`${e}/flow-langfuse-gateway/v1/traces`,GATEWAY_HEALTH:process.env.FLOW_GATEWAY_HEALTH_URL||`${e}/flow-langfuse-gateway/v1/health`,OTEL_ENDPOINT:process.env.FLOW_OTEL_ENDPOINT_URL||`${e}/otel`}}var ke=C(),S={SERVICE:"flow-plugins-cli",ACCOUNT_CREDS:"credentials"},w="FLOW-nodejs",A="config.json";function J(){let e=I();return {ANTHROPIC_BASE_URL:process.env.FLOW_LLM_PROXY_URL??`${e}/flow-llm-proxy/`,ANTHROPIC_MODEL:process.env.FLOW_LLM_PROXY_MODEL??"anthropic.claude-4-6-sonnet",ANTHROPIC_SMALL_FAST_MODEL:process.env.FLOW_LLM_PROXY_SMALL_MODEL??"anthropic.claude-4-6-sonnet",CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS:"1"}}var K={CLAUDE_CODE_ENABLE_TELEMETRY:"1",OTEL_EXPORTER_OTLP_ENDPOINT:ke.OTEL_ENDPOINT,OTEL_EXPORTER_OTLP_PROTOCOL:"http/json",OTEL_METRICS_EXPORTER:"otlp",OTEL_LOGS_EXPORTER:"otlp",OTEL_LOG_TOOL_DETAILS:"1",OTEL_LOG_USER_PROMPTS:"1"},g={FLOW_TELEMETRY:"FLOW_TELEMETRY",FLOW_TELEMETRY_GATEWAY:"FLOW_TELEMETRY_GATEWAY_URL",LANGFUSE_BASE_URL:"LANGFUSE_BASE_URL",LANGFUSE_PUBLIC_KEY:"LANGFUSE_PUBLIC_KEY",LANGFUSE_SECRET_KEY:"LANGFUSE_SECRET_KEY",ANTHROPIC_MODEL:"ANTHROPIC_MODEL",ANTHROPIC_AUTH_TOKEN:"ANTHROPIC_AUTH_TOKEN",FLOW_OBS_DEBUG:"FLOW_TELEMETRY_DEBUG",FLOW_OBS_ALLOW_HTTP:"FLOW_TELEMETRY_ALLOW_HTTP",BUFFER_TTL_DAYS:"FLOW_TELEMETRY_BUFFER_TTL_DAYS",BUFFER_MAX_FILES:"FLOW_TELEMETRY_BUFFER_MAX_FILES"};var X={LOCK_STALE_MS:3e4},q={UserPromptSubmit:5,PreToolUse:3,PostToolUse:10,Stop:15};var z="flow-ai-obs-debug.log";var N={credentials:"credentials","token-cache":"tokenCache"};function h(){let e=l__namespace.default.homedir();if(process.platform==="darwin")return f__namespace.default.join(e,"Library","Preferences",w,A);if(process.platform==="win32"){let r=process.env.APPDATA??f__namespace.default.join(e,"AppData","Roaming");return f__namespace.default.join(r,w,A)}let t=process.env.XDG_CONFIG_HOME??f__namespace.default.join(e,".config");return f__namespace.default.join(t,w,A)}function b(){try{let e=i__namespace.default.readFileSync(h(),"utf8");return JSON.parse(e)}catch{return {}}}function Z(e){let t=h();i__namespace.default.mkdirSync(f__namespace.default.dirname(t),{recursive:true}),i__namespace.default.writeFileSync(t,JSON.stringify(e,null,2),{encoding:"utf8",mode:384});}var O=class{static isAvailable(){return true}static hasExistingData(){try{if(!i__namespace.default.existsSync(h()))return !1;let t=JSON.parse(i__namespace.default.readFileSync(h(),"utf8"));return !!(t&&t.credentials)}catch{return false}}async getSecret(t,r){let n=b(),o=N[r]??r,s=n[o];return s?typeof s=="string"?s:JSON.stringify(s):null}async setSecret(t,r,n){let o=b(),s=N[r]??r;if(r==="token-cache")try{o[s]=JSON.parse(n);}catch{o[s]=n;}else o[s]=n;Z(o);}async deleteSecret(t,r){let n=b(),o=N[r]??r;return o in n?(delete n[o],Z(n),true):false}getStoragePath(){return `config.json (unencrypted) \u2014 ${h()}`}};async function ie(){return await He()??new O}async function He(){switch(process.platform){case "darwin":{let{MacOsKeyVaultProvider:e}=await Promise.resolve().then(()=>(ee(),Q));return await e.isAvailable()?new e:null}case "linux":{let{LinuxKeyVaultProvider:e}=await Promise.resolve().then(()=>(ne(),re));return await e.isAvailable()?new e:null}case "win32":{let{WindowsKeyVaultProvider:e}=await Promise.resolve().then(()=>(se(),oe));return await e.isAvailable()?new e:null}default:return null}}var xe=S.SERVICE,Me=S.ACCOUNT_CREDS,H=null;function Ve(){return H||(H=ie()),H}async function x(){let t=await(await Ve()).getSecret(xe,Me);if(!t)return null;try{return JSON.parse(t)}catch{return null}}f.join(l.tmpdir(),z);var We=X.LOCK_STALE_MS;function ae(e){try{let t=i__namespace.statSync(e);Date.now()-t.mtimeMs>We&&i__namespace.unlinkSync(e);}catch{}try{i__namespace.writeFileSync(e,String(process.pid),{flag:"wx"});}catch(t){throw t.code==="EEXIST"?new Error("Another install is already in progress. If this is stale, remove: "+e):t}}function ce(e){try{i__namespace.unlinkSync(e);}catch{}}function Je(e,t){let n=(Array.isArray(e)?e:[]).map(o=>{if(!Array.isArray(o?.hooks))return null;let s=o.hooks.filter(a=>!a.command?.startsWith?.("flow-ai-obs "));return s.length>0?{...o,hooks:s}:null}).filter(o=>o!=null);return [t,...n]}function le(){let e=P(),t=e+".lock",r=[];i__namespace.mkdirSync(f__namespace.dirname(e),{recursive:true}),ae(t);try{if(i__namespace.existsSync(e)){i__namespace.copyFileSync(e,e+".bkp");try{i__namespace.chmodSync(e+".bkp",384);}catch{}}let n={};try{n=JSON.parse(i__namespace.readFileSync(e,"utf8"));}catch{}let o=n.env&&typeof n.env=="object"?n.env:{};n.env={...K,...J(),...o},n.otelHeadersHelper="flow-ai-obs otel-headers",(!n.hooks||typeof n.hooks!="object"||Array.isArray(n.hooks))&&(n.hooks={});let s=(c,y)=>({matcher:"",hooks:[{type:"command",command:`flow-ai-obs ${c}`,timeout:y}]}),a=["UserPromptSubmit","PreToolUse","PostToolUse","Stop"],m=n.hooks;for(let c of a){let y=Je(m[c],s(c,q[c]));y.length>1&&r.push(c),m[c]=y;}i__namespace.writeFileSync(e,JSON.stringify(n,null,2)+`
3
+ `,{encoding:"utf8",mode:384});try{i__namespace.chmodSync(e,384);}catch{}}finally{ce(t);}return {settingsPath:e,preserved:r}}function ue(e){let t=P(),r=t+".lock";i__namespace.mkdirSync(f__namespace.dirname(t),{recursive:true}),ae(r);try{let n={};try{n=JSON.parse(i__namespace.readFileSync(t,"utf8"));}catch{}(!n.env||typeof n.env!="object")&&(n.env={}),Object.assign(n.env,e),i__namespace.writeFileSync(t,JSON.stringify(n,null,2)+`
4
+ `,{encoding:"utf8",mode:384});try{i__namespace.chmodSync(t,384);}catch{}}finally{ce(r);}}function pe(e){if(!e)return null;try{let t=e.split(".");if(t.length<2)return null;let r=JSON.parse(Buffer.from(t[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8")),{clientId:n,clientSecret:o,tenant:s}=r;return !n||!o||!s?null:{clientId:n,clientSecret:o,tenant:s}}catch{return null}}function de(e){let t=Buffer.from(JSON.stringify({alg:"none",typ:"JWT"})).toString("base64url"),r=Buffer.from(JSON.stringify({clientId:e.clientId,clientSecret:e.clientSecret,tenant:e.tenant})).toString("base64url");return `${t}.${r}.`}var V;function ge(){return V||(V=fe()),V}var he=f__namespace.default.join(l__namespace.default.tmpdir(),"flow-obs-update-cache.json"),Qe=1440*60*1e3,et=3e3;function tt(e,t){let r=s=>{let a=String(s).replace(/^v/,"").match(/^(\d+)\.(\d+)\.(\d+)/);return a?[+a[1],+a[2],+a[3]]:null},n=r(e),o=r(t);return !n||!o?false:o[0]!==n[0]?o[0]>n[0]:o[1]!==n[1]?o[1]>n[1]:o[2]>n[2]}function rt(){try{let e=JSON.parse(i__namespace.default.readFileSync(he,"utf8"));return typeof e.latestVersion!="string"||Date.now()-e.checkedAt>=Qe?null:e}catch{return null}}function nt(e,t,r=Date.now()){try{i__namespace.default.writeFileSync(he,JSON.stringify({latestVersion:e,updatePriority:t??null,checkedAt:r}),{mode:384});}catch{}}function ot(e){let t=ge().name,r=qe__default.default.get(`https://registry.npmjs.org/${encodeURIComponent(t)}/latest`,{timeout:et},n=>{if(n.statusCode!==200)return n.resume(),e(new Error(`HTTP ${n.statusCode}`));let o="";n.setEncoding("utf8"),n.on("data",s=>{o+=s;}),n.on("end",()=>{try{let s=JSON.parse(o);if(typeof s.version!="string")throw new Error("no version field");e(null,{version:s.version,updatePriority:typeof s.updatePriority=="string"?s.updatePriority:null});}catch(s){e(s);}});});r.on("error",e),r.on("timeout",()=>{r.destroy(new Error("timeout"));});}function Ee(){try{if(rt())return;setImmediate(()=>{ot((e,t)=>{e||!t||tt(ge().version,t.version)&&nt(t.version,t.updatePriority,0);});});}catch{}}var st=f__namespace.default.resolve(__dirname,".."),it=process.env.INIT_CWD?f__namespace.default.resolve(process.env.INIT_CWD):null;it===st&&process.exit(0);k()&&(process.stderr.write(`
5
+ [flow-ai-obs] \u2717 Do not install with sudo.
6
+ Run without sudo: npm install -g @ciandt-flow/flow-ai-obs
7
+
8
+ `),process.exit(1));async function at(){try{le();}catch{}let e=await x();if(!e){process.stderr.write(`
5
9
  [flow-ai-obs] No credentials found.
6
10
  Run \`flow-ai-obs auth login\` to authenticate and enable telemetry.
7
11
 
8
- `);return}let t=le(process.env[m.ANTHROPIC_AUTH_TOKEN]);if(!t||t.clientId!==e.clientId||t.clientSecret!==e.clientSecret||t.tenant!==e.tenant)try{let n=ue(e);ce({[m.ANTHROPIC_AUTH_TOKEN]:n});}catch{}}rt().catch(()=>{}).finally(()=>ge());
12
+ `);return}let t=pe(process.env[g.ANTHROPIC_AUTH_TOKEN]);if(!t||t.clientId!==e.clientId||t.clientSecret!==e.clientSecret||t.tenant!==e.tenant)try{let n=de(e);ue({[g.ANTHROPIC_AUTH_TOKEN]:n});}catch{}}at().catch(()=>{}).finally(()=>Ee());
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@ciandt-flow/flow-ai-obs",
3
- "version": "0.7.1-beta.501",
3
+ "version": "0.7.1-beta.522",
4
4
  "description": "Claude Code hooks for Langfuse OTLP tracing — cross-platform",
5
5
  "main": "dist/index.js",
6
6
  "bin": {