@ciandt-flow/flow-ai-obs 0.7.1-beta.539 → 0.7.1-beta.547

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/cli.js CHANGED
@@ -1,193 +1,198 @@
1
1
  #!/usr/bin/env node
2
- 'use strict';var Ie=require('readline/promises'),ps=require('https'),E=require('fs'),Ht=require('os'),Lt=require('path'),child_process=require('child_process'),Rs=require('http'),util=require('util'),crypto=require('crypto');function _interopDefault(e){return e&&e.__esModule?e:{default:e}}function _interopNamespace(e){if(e&&e.__esModule)return e;var n=Object.create(null);if(e){Object.keys(e).forEach(function(k){if(k!=='default'){var d=Object.getOwnPropertyDescriptor(e,k);Object.defineProperty(n,k,d.get?d:{enumerable:true,get:function(){return e[k]}});}})}n.default=e;return Object.freeze(n)}var Ie__namespace=/*#__PURE__*/_interopNamespace(Ie);var ps__default=/*#__PURE__*/_interopDefault(ps);var E__namespace=/*#__PURE__*/_interopNamespace(E);var Ht__namespace=/*#__PURE__*/_interopNamespace(Ht);var Lt__namespace=/*#__PURE__*/_interopNamespace(Lt);var Rs__default=/*#__PURE__*/_interopDefault(Rs);var Le=Object.defineProperty;var os=Object.getOwnPropertyDescriptor;var is=Object.getOwnPropertyNames;var as=Object.prototype.hasOwnProperty;var Dt=(t=>typeof require<"u"?require:typeof Proxy<"u"?new Proxy(t,{get:(e,r)=>(typeof require<"u"?require:e)[r]}):t)(function(t){if(typeof require<"u")return require.apply(this,arguments);throw Error('Dynamic require of "'+t+'" is not supported')});var f=(t,e,r)=>()=>{if(r)throw r[0];try{return t&&(e=t(t=0)),e}catch(n){throw r=[n],n}};var cs=(t,e)=>()=>{try{return e||t((e={exports:{}}).exports,e),e.exports}catch(r){throw e=0,r}},H=(t,e)=>{for(var r in e)Le(t,r,{get:e[r],enumerable:true});},us=(t,e,r,n)=>{if(e&&typeof e=="object"||typeof e=="function")for(let s of is(e))!as.call(t,s)&&s!==r&&Le(t,s,{get:()=>e[s],enumerable:!(n=os(e,s))||n.enumerable});return t};var b=t=>us(Le({},"__esModule",{value:true}),t);var oe=cs((ri,ls)=>{ls.exports={name:"@ciandt-flow/flow-ai-obs",version:"0.7.1-beta.539",description:"Claude Code hooks for Langfuse OTLP tracing \u2014 cross-platform",main:"dist/index.js",bin:{"flow-ai-obs":"dist/cli.js","flow-ai-obs-setup":"dist/setup.js"},scripts:{build:"tsup",test:"jest",typecheck:"tsc --noEmit",lint:"eslint src bin scripts",format:'prettier --write "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"format:check":'prettier --check "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"security-scan":"trufflehog filesystem src/ --fail --no-update --exclude-paths .trufflehogignore",postinstall:`node -e "require('fs').existsSync('dist/setup.js') && require('child_process').execFileSync(process.execPath, ['dist/setup.js'], {stdio:'inherit'})"`,prepublishOnly:"npm run security-scan && npm run build","release:npm":"changeset publish",changeset:"changeset","version-packages":"changeset version","install:hooks":"node dist/cli.js install","auth:login":"node dist/cli.js auth login","auth:logout":"node dist/cli.js auth logout","auth:status":"node dist/cli.js auth status",smoke:"bash scripts/smoke-test.sh","smoke:debug":"bash scripts/smoke-test.sh --debug","smoke:send":"bash scripts/smoke-test.sh --send --allow-http --debug"},files:["dist/","README.md","LICENSE.md"],keywords:["claude-code","langfuse","observability","otlp","hooks","flow","ciandt"],author:"CI&T Flow Team",license:"SEE LICENSE IN LICENSE.md",private:!1,dependencies:{},optionalDependencies:{keytar:"7.9.0"},devDependencies:{"@changesets/changelog-github":"^0.6.0","@changesets/cli":"^2.30.0","@types/jest":"^30.0.0","@types/node":"^25.8.0",jest:"^30.4.2","ts-jest":"^29.4.9",tsup:"^8.5.1","eslint-config-prettier":"^10.1.5",prettier:"^3.5.3",typescript:"^6.0.3","typescript-eslint":"^8.33.0"},engines:{node:">=18.0.0"},overrides:{esbuild:"^0.28.1"},publishConfig:{registry:"https://registry.npmjs.org",access:"public"},repository:{type:"git",url:"git+https://github.com/CI-T-HyperX/flow-codeassistant-observability.git"}};});var Re={};H(Re,{bold:()=>j,cyan:()=>R,dim:()=>h,green:()=>P,red:()=>v,yellow:()=>A});function Tt(t,e){return ds?r=>`\x1B[${t}m${r}\x1B[${e}m`:r=>r}var ds,P,v,A,R,j,h,it=f(()=>{"use strict";ds=!process.env.NO_COLOR&&process.stdout.isTTY;P=Tt("32","39"),v=Tt("31","39"),A=Tt("33","39"),R=Tt("36","39"),j=Tt("1","22"),h=Tt("2","22");});function St(){return process.stdout.isTTY===true&&process.stdin.isTTY===true&&!process.argv.includes("--no-interactive")}async function be(t,e){let r=Ie__namespace.createInterface({input:process.stdin,output:process.stdout}),s=`${t} ${e===true?"(Y/n)":e===false?"(y/N)":"(y/n)"}: `;for(let o=1;o<=3;o++)try{let i=(await r.question(s)).trim().toLowerCase();if(i===""&&e!==void 0)return r.close(),e;if(i==="y"||i==="yes")return r.close(),!0;if(i==="n"||i==="no")return r.close(),!1;o<3&&process.stdout.write(` Invalid input. Please answer "y" or "n".
3
- `);}catch(i){throw r.close(),i}if(r.close(),e!==void 0)return e;throw new Error("Too many invalid attempts for yes/no prompt")}async function yr(t,e){let r=Ie__namespace.createInterface({input:process.stdin,output:process.stdout});try{let n=(await r.question(`${t}: `)).trim();if(e);return n}catch(n){throw n}finally{r.close();}}var Pe=f(()=>{"use strict";});var _t={};H(_t,{checkForUpdate:()=>Ts,checkForUpdateInteractive:()=>Ss,fetchLatestVersionAsync:()=>Or,isNewer:()=>yt,primeUpdateCache:()=>ys});function C(){return Ce||(Ce=oe()),Ce}function yt(t,e){let r=o=>{let i=String(o).replace(/^v/,"").match(/^(\d+)\.(\d+)\.(\d+)/);return i?[+i[1],+i[2],+i[3]]:null},n=r(t),s=r(e);return !n||!s?false:s[0]!==n[0]?s[0]>n[0]:s[1]!==n[1]?s[1]>n[1]:s[2]>n[2]}function $e(){try{let t=JSON.parse(E__namespace.default.readFileSync(Ar,"utf8"));return typeof t.latestVersion!="string"||Date.now()-t.checkedAt>=gs?null:t}catch{return null}}function Fe(t,e,r=Date.now()){try{E__namespace.default.writeFileSync(Ar,JSON.stringify({latestVersion:t,updatePriority:e??null,checkedAt:r}),{mode:384});}catch{}}function xe(t){let e=C().name,r=ps__default.default.get(`https://registry.npmjs.org/${encodeURIComponent(e)}/latest`,{timeout:hs},n=>{if(n.statusCode!==200)return n.resume(),t(new Error(`HTTP ${n.statusCode}`));let s="";n.setEncoding("utf8"),n.on("data",o=>{s+=o;}),n.on("end",()=>{try{let o=JSON.parse(s);if(typeof o.version!="string")throw new Error("no version field");t(null,{version:o.version,updatePriority:typeof o.updatePriority=="string"?o.updatePriority:null});}catch(o){t(o);}});});r.on("error",t),r.on("timeout",()=>{r.destroy(new Error("timeout"));});}function Ne(t){let e=C().name,n=` Update available: ${C().version} \u2192 ${t}`,s=` Run: npm install -g ${e}`,o=Math.max(n.length,s.length)+2,i="\u2500".repeat(o);process.stderr.write(`
2
+ 'use strict';var Pe=require('readline/promises'),ms=require('https'),g=require('fs'),lt=require('os'),It=require('path'),child_process=require('child_process'),Ps=require('http'),util=require('util'),crypto=require('crypto');function _interopDefault(e){return e&&e.__esModule?e:{default:e}}function _interopNamespace(e){if(e&&e.__esModule)return e;var n=Object.create(null);if(e){Object.keys(e).forEach(function(k){if(k!=='default'){var d=Object.getOwnPropertyDescriptor(e,k);Object.defineProperty(n,k,d.get?d:{enumerable:true,get:function(){return e[k]}});}})}n.default=e;return Object.freeze(n)}var Pe__namespace=/*#__PURE__*/_interopNamespace(Pe);var ms__default=/*#__PURE__*/_interopDefault(ms);var g__namespace=/*#__PURE__*/_interopNamespace(g);var lt__namespace=/*#__PURE__*/_interopNamespace(lt);var It__namespace=/*#__PURE__*/_interopNamespace(It);var Ps__default=/*#__PURE__*/_interopDefault(Ps);var Re=Object.defineProperty;var as=Object.getOwnPropertyDescriptor;var cs=Object.getOwnPropertyNames;var us=Object.prototype.hasOwnProperty;var xt=(t=>typeof require<"u"?require:typeof Proxy<"u"?new Proxy(t,{get:(e,r)=>(typeof require<"u"?require:e)[r]}):t)(function(t){if(typeof require<"u")return require.apply(this,arguments);throw Error('Dynamic require of "'+t+'" is not supported')});var m=(t,e,r)=>()=>{if(r)throw r[0];try{return t&&(e=t(t=0)),e}catch(n){throw r=[n],n}};var ls=(t,e)=>()=>{try{return e||t((e={exports:{}}).exports,e),e.exports}catch(r){throw e=0,r}},M=(t,e)=>{for(var r in e)Re(t,r,{get:e[r],enumerable:true});},ds=(t,e,r,n)=>{if(e&&typeof e=="object"||typeof e=="function")for(let s of cs(e))!us.call(t,s)&&s!==r&&Re(t,s,{get:()=>e[s],enumerable:!(n=as(e,s))||n.enumerable});return t};var I=t=>ds(Re({},"__esModule",{value:true}),t);var oe=ls((oi,ps)=>{ps.exports={name:"@ciandt-flow/flow-ai-obs",version:"0.7.1-beta.547",description:"Claude Code hooks for Langfuse OTLP tracing \u2014 cross-platform",main:"dist/index.js",bin:{"flow-ai-obs":"dist/cli.js","flow-ai-obs-setup":"dist/setup.js"},scripts:{build:"tsup",test:"jest",typecheck:"tsc --noEmit",lint:"eslint src bin scripts",format:'prettier --write "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"format:check":'prettier --check "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"security-scan":"trufflehog filesystem src/ --fail --no-update --exclude-paths .trufflehogignore",postinstall:`node -e "require('fs').existsSync('dist/setup.js') && require('child_process').execFileSync(process.execPath, ['dist/setup.js'], {stdio:'inherit'})"`,prepublishOnly:"npm run security-scan && npm run build","release:npm":"changeset publish",changeset:"changeset","version-packages":"changeset version","install:hooks":"node dist/cli.js install","auth:login":"node dist/cli.js auth login","auth:logout":"node dist/cli.js auth logout","auth:status":"node dist/cli.js auth status",smoke:"bash scripts/smoke-test.sh","smoke:debug":"bash scripts/smoke-test.sh --debug","smoke:send":"bash scripts/smoke-test.sh --send --allow-http --debug"},files:["dist/","README.md","LICENSE.md"],keywords:["claude-code","langfuse","observability","otlp","hooks","flow","ciandt"],author:"CI&T Flow Team",license:"SEE LICENSE IN LICENSE.md",private:!1,dependencies:{},optionalDependencies:{keytar:"7.9.0"},devDependencies:{"@changesets/changelog-github":"^0.6.0","@changesets/cli":"^2.30.0","@types/jest":"^30.0.0","@types/node":"^25.8.0",jest:"^30.4.2","ts-jest":"^29.4.9",tsup:"^8.5.1","eslint-config-prettier":"^10.1.5",prettier:"^3.5.3",typescript:"^6.0.3","typescript-eslint":"^8.33.0"},engines:{node:">=18.0.0"},overrides:{esbuild:"^0.28.1"},publishConfig:{registry:"https://registry.npmjs.org",access:"public"},repository:{type:"git",url:"git+https://github.com/CI-T-HyperX/flow-codeassistant-observability.git"}};});var Ie={};M(Ie,{bold:()=>H,cyan:()=>R,dim:()=>E,green:()=>P,red:()=>L,yellow:()=>k});function St(t,e){return fs?r=>`\x1B[${t}m${r}\x1B[${e}m`:r=>r}var fs,P,L,k,R,H,E,it=m(()=>{"use strict";fs=!process.env.NO_COLOR&&process.stdout.isTTY;P=St("32","39"),L=St("31","39"),k=St("33","39"),R=St("36","39"),H=St("1","22"),E=St("2","22");});function yt(){return process.stdout.isTTY===true&&process.stdin.isTTY===true&&!process.argv.includes("--no-interactive")}async function be(t,e){let r=Pe__namespace.createInterface({input:process.stdin,output:process.stdout}),s=`${t} ${e===true?"(Y/n)":e===false?"(y/N)":"(y/n)"}: `;for(let o=1;o<=3;o++)try{let i=(await r.question(s)).trim().toLowerCase();if(i===""&&e!==void 0)return r.close(),e;if(i==="y"||i==="yes")return r.close(),!0;if(i==="n"||i==="no")return r.close(),!1;o<3&&process.stdout.write(` Invalid input. Please answer "y" or "n".
3
+ `);}catch(i){throw r.close(),i}if(r.close(),e!==void 0)return e;throw new Error("Too many invalid attempts for yes/no prompt")}async function Sr(t,e){let r=Pe__namespace.createInterface({input:process.stdin,output:process.stdout});try{let n=(await r.question(`${t}: `)).trim();if(e);return n}catch(n){throw n}finally{r.close();}}var Ce=m(()=>{"use strict";});var Ot={};M(Ot,{checkForUpdate:()=>ys,checkForUpdateInteractive:()=>_s,fetchLatestVersionAsync:()=>kr,isNewer:()=>_t,primeUpdateCache:()=>Os});function C(){return Ne||(Ne=oe()),Ne}function _t(t,e){let r=o=>{let i=String(o).replace(/^v/,"").match(/^(\d+)\.(\d+)\.(\d+)/);return i?[+i[1],+i[2],+i[3]]:null},n=r(t),s=r(e);return !n||!s?false:s[0]!==n[0]?s[0]>n[0]:s[1]!==n[1]?s[1]>n[1]:s[2]>n[2]}function Fe(){try{let t=JSON.parse(g__namespace.default.readFileSync(Or,"utf8"));return typeof t.latestVersion!="string"||Date.now()-t.checkedAt>=ws?null:t}catch{return null}}function xe(t,e,r=Date.now()){try{g__namespace.default.writeFileSync(Or,JSON.stringify({latestVersion:t,updatePriority:e??null,checkedAt:r}),{mode:384});}catch{}}function De(t){let e=C().name,r=ms__default.default.get(`https://registry.npmjs.org/${encodeURIComponent(e)}/latest`,{timeout:Es},n=>{if(n.statusCode!==200)return n.resume(),t(new Error(`HTTP ${n.statusCode}`));let s="";n.setEncoding("utf8"),n.on("data",o=>{s+=o;}),n.on("end",()=>{try{let o=JSON.parse(s);if(typeof o.version!="string")throw new Error("no version field");t(null,{version:o.version,updatePriority:typeof o.updatePriority=="string"?o.updatePriority:null});}catch(o){t(o);}});});r.on("error",t),r.on("timeout",()=>{r.destroy(new Error("timeout"));});}function Ue(t){let e=C().name,n=` Update available: ${C().version} \u2192 ${t}`,s=` Run: npm install -g ${e}`,o=Math.max(n.length,s.length)+2,i="\u2500".repeat(o);process.stderr.write(`
4
4
  \u256D${i}\u256E
5
5
  \u2502${n.padEnd(o)}\u2502
6
6
  \u2502${s.padEnd(o)}\u2502
7
7
  \u2570${i}\u256F
8
8
 
9
- `);}function Ue(t){let e=C().name;process.stderr.write(`
9
+ `);}function $e(t){let e=C().name;process.stderr.write(`
10
10
  [${e}] Critical update detected \u2014 auto-updating to ${t}...
11
11
 
12
- `),child_process.spawn("npm",["install","-g",`${e}@${t}`],{detached:true,stdio:"ignore",windowsHide:true}).unref();}async function ws(t,e=1e4){let r=Dt("readline"),n=C().name,o=` Update available: ${C().version} \u2192 ${t}`,i=` Run: npm install -g ${n}`,a=" Install now? [y/N]: ",c=Math.max(o.length,i.length,a.length-2)+2,u="\u2500".repeat(c);return process.stderr.write(`
13
- \u256D${u}\u256E
12
+ `),child_process.spawn("npm",["install","-g",`${e}@${t}`],{detached:true,stdio:"ignore",windowsHide:true}).unref();}async function Ts(t,e=1e4){let r=xt("readline"),n=C().name,o=` Update available: ${C().version} \u2192 ${t}`,i=` Run: npm install -g ${n}`,a=" Install now? [y/N]: ",c=Math.max(o.length,i.length,a.length-2)+2,l="\u2500".repeat(c);return process.stderr.write(`
13
+ \u256D${l}\u256E
14
14
  \u2502${o.padEnd(c)}\u2502
15
15
  \u2502${i.padEnd(c)}\u2502
16
16
  \u2502${a.padEnd(c)}\u2502
17
- \u2570${u}\u256F
18
- `),new Promise(d=>{let T=r.createInterface({input:process.stdin,output:void 0,terminal:false}),g=false;function w(_){g||(g=true,clearTimeout(O),T.close(),process.stderr.write(`
19
- `),d(_));}let O=setTimeout(()=>w(false),e);T.once("line",_=>w(_.trim().toLowerCase()==="y")),T.once("close",()=>w(false));})}async function Es(t){let e=C().name;return process.stderr.write(` Installing ${e}@${t}...
17
+ \u2570${l}\u256F
18
+ `),new Promise(d=>{let h=r.createInterface({input:process.stdin,output:void 0,terminal:false}),w=false;function T(_){w||(w=true,clearTimeout(A),h.close(),process.stderr.write(`
19
+ `),d(_));}let A=setTimeout(()=>T(false),e);h.once("line",_=>T(_.trim().toLowerCase()==="y")),h.once("close",()=>T(false));})}async function Ss(t){let e=C().name;return process.stderr.write(` Installing ${e}@${t}...
20
20
  `),new Promise(r=>{let n=child_process.spawn("npm",["install","-g",`${e}@${t}`],{stdio:"inherit"});n.on("close",s=>{s!==0?process.stderr.write(` \u2717 Update failed \u2014 continuing with current version.
21
21
 
22
22
  `):process.stderr.write(` \u2713 Updated to ${t}. Please restart the command.
23
23
 
24
24
  `),r();}),n.on("error",()=>{process.stderr.write(` \u2717 Update failed \u2014 continuing with current version.
25
25
 
26
- `),r();});})}function Or(){return new Promise(t=>{xe((e,r)=>t(e||!r?null:r));})}function Ts(){try{let t=$e();if(t){yt(C().version,t.latestVersion)&&(t.updatePriority==="auto"?Ue(t.latestVersion):Ne(t.latestVersion));return}setImmediate(()=>{xe((e,r)=>{e||!r||(Fe(r.version,r.updatePriority),yt(C().version,r.version)&&(r.updatePriority==="auto"?Ue(r.version):Ne(r.version)));});});}catch{}}async function Ss(t={}){try{let e=$e();if(e){if(!yt(C().version,e.latestVersion))return}else {let n=await Or();if(!n||(Fe(n.version,n.updatePriority),!yt(C().version,n.version)))return;e={latestVersion:n.version,updatePriority:n.updatePriority,checkedAt:Date.now()};}if(e.updatePriority==="auto"){Ue(e.latestVersion);return}if(!St()){Ne(e.latestVersion);return}await ws(e.latestVersion,t.timeoutMs)&&await Es(e.latestVersion);}catch{}}function ys(){try{if($e())return;setImmediate(()=>{xe((t,e)=>{t||!e||yt(C().version,e.version)&&Fe(e.version,e.updatePriority,0);});});}catch{}}var Ce,Ar,gs,hs,kt=f(()=>{"use strict";Pe();Ar=Lt__namespace.default.join(Ht__namespace.default.tmpdir(),"flow-obs-update-cache.json"),gs=1440*60*1e3,hs=3e3;});function at(){let t=process.env.FLOW_BASE_URL;return t&&t.trim()?t.trim():ie}function At(){let t=at();return {AUTH_ENGINE:process.env.FLOW_AUTH_ENGINE_URL||`${t}/auth-engine-api/v2/api-key/token`,GATEWAY_TRACES:process.env.FLOW_GATEWAY_TRACES_URL||`${t}/flow-langfuse-gateway/v1/traces`,GATEWAY_HEALTH:process.env.FLOW_GATEWAY_HEALTH_URL||`${t}/flow-langfuse-gateway/v1/health`,OTEL_ENDPOINT:process.env.FLOW_OTEL_ENDPOINT_URL||`${t}/otel`}}function Bt(){let t=at();return {ANTHROPIC_BASE_URL:process.env.FLOW_LLM_PROXY_URL??`${t}/flow-llm-proxy/`,ANTHROPIC_MODEL:process.env.FLOW_LLM_PROXY_MODEL??"anthropic.claude-4-6-sonnet",ANTHROPIC_SMALL_FAST_MODEL:process.env.FLOW_LLM_PROXY_SMALL_MODEL??"anthropic.claude-4-6-sonnet",CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS:"1"}}function Me(){let t=at();return {API_URL:process.env.FLOW_METRICS_URL||`${t}/metrics-collector-api/log-event`,BOOSTER:"flow-ai-obs"}}var ie,_s,ae,ce,ue,De,V,m,le,vr,Be,D,Lr,Y,k=f(()=>{"use strict";ie="https://flow.ciandt.com";_s=At(),ae={SERVICE:"flow-plugins-cli",ACCOUNT_CREDS:"credentials",ACCOUNT_TOKEN:"token-cache"},ce="FLOW-nodejs",ue="config.json",De={SCOPE_NAME:"flow-ai-obs",SCOPE_VERSION:"0.1.0"};V={CLAUDE_CODE_ENABLE_TELEMETRY:"1",OTEL_EXPORTER_OTLP_ENDPOINT:_s.OTEL_ENDPOINT,OTEL_EXPORTER_OTLP_PROTOCOL:"http/json",OTEL_METRICS_EXPORTER:"otlp",OTEL_LOGS_EXPORTER:"otlp",OTEL_LOG_TOOL_DETAILS:"1",OTEL_LOG_USER_PROMPTS:"1"},m={FLOW_TELEMETRY:"FLOW_TELEMETRY",FLOW_TELEMETRY_GATEWAY:"FLOW_TELEMETRY_GATEWAY_URL",LANGFUSE_BASE_URL:"LANGFUSE_BASE_URL",LANGFUSE_PUBLIC_KEY:"LANGFUSE_PUBLIC_KEY",LANGFUSE_SECRET_KEY:"LANGFUSE_SECRET_KEY",ANTHROPIC_MODEL:"ANTHROPIC_MODEL",ANTHROPIC_AUTH_TOKEN:"ANTHROPIC_AUTH_TOKEN",FLOW_OBS_DEBUG:"FLOW_TELEMETRY_DEBUG",FLOW_OBS_ALLOW_HTTP:"FLOW_TELEMETRY_ALLOW_HTTP",BUFFER_TTL_DAYS:"FLOW_TELEMETRY_BUFFER_TTL_DAYS",BUFFER_MAX_FILES:"FLOW_TELEMETRY_BUFFER_MAX_FILES"},le={KEYCHAIN_ENABLED:!1},vr={LOCK_STALE_MS:3e4,CONNECTIVITY_MAX_RETRY:3,CONNECTIVITY_RETRY_MS:2e3},Be={UserPromptSubmit:5,PreToolUse:3,PostToolUse:10,Stop:15},D={FILE_PREFIX:"flow-obs-buffer-",DEFAULT_TTL_DAYS:4,MIN_TTL_DAYS:1,MAX_TTL_DAYS:30,DEFAULT_MAX_FILES:50,MIN_MAX_FILES:1,MAX_MAX_FILES:500,REPLAY_BATCH_SIZE:10},Lr="flow-ai-obs-debug.log",Y={TOOL_INPUT:2e4,TOOL_OUTPUT:2e4,TRACE_OUTPUT:2e4,USER_INSTRUCTION:1e4,TRACE_INPUT:5e4,TOOL_BRIEF:60};});function l(...t){if(process.env[m.FLOW_OBS_DEBUG]!=="1")return;let e=`[${new Date().toISOString()}] ${t.join(" ")}
27
- `;try{E.writeFileSync(vs,e,{flag:"a"});}catch(r){process.stderr.write(`[flow-obs debug ERROR] ${r.message}
28
- `);}}var vs,B=f(()=>{"use strict";k();vs=Lt.join(Ht.tmpdir(),Lr);});function bs(t){if(!Is.test(t))throw new Error(`Invalid tenant value: "${t}". Tenant must be lowercase alphanumeric and hyphens (1-64 chars).`)}function Ps(t,e){let r=e.length>400?e.slice(0,400)+"\u2026":e;l("toAuthError",`status=${t} body=${r}`);try{let n=JSON.parse(e);if(typeof n.error=="string"&&(l("toAuthError",`api_error_code=${n.error}`+(n.message?` api_message=${n.message}`:"")),Rr[n.error]))return new ct(Rr[n.error])}catch{}return t===401||t===403||t===500?new ct("Invalid credentials"):t>=400&&t<500?new ct("Authentication request was rejected"):new Error("Authentication service unavailable, please try again later")}function W(t){return new Promise((e,r)=>{try{bs(t.tenant);}catch(u){return r(u)}let n=JSON.stringify({clientSecret:t.clientSecret}),s=new URL(At().AUTH_ENGINE),o=s.protocol==="https:",i={hostname:s.hostname,port:s.port||(o?443:80),path:s.pathname+s.search,method:"POST",headers:{"Content-Type":"application/json","Content-Length":Buffer.byteLength(n),FlowTenant:t.tenant}};l("getToken",`requesting token tenant=${t.tenant} host=${i.hostname} path=${i.path}`);let c=(o?ps__default.default:Rs__default.default).request(i,u=>{let d=[];u.on("data",T=>d.push(T)),u.on("end",()=>{let T=d.join("");if((u.statusCode??0)>=400)return r(Ps(u.statusCode??0,T));let g;try{g=JSON.parse(T);}catch{return r(new Error("Invalid response from auth engine"))}let w=g.expires_at??new Date(Date.now()+(g.expires_in??3600)*1e3).toISOString();e({accessToken:g.access_token??"",expiresAt:w});});});c.on("error",u=>r(new Error(`Network error: ${u.message}`))),c.write(n),c.end();})}var ct,Is,Rr,Ot=f(()=>{"use strict";k();B();ct=class extends Error{constructor(e){super(e),this.name="AuthError";}},Is=/^[a-z0-9][a-z0-9-]{0,62}[a-z0-9]$|^[a-z0-9]$/;Rr={INVALID_CLIENT_SECRET:"Invalid Client Secret \u2014 check the value and try again",INVALID_CLIENT_ID:"Invalid Client ID \u2014 check the value and try again",INVALID_TENANT:"Invalid Tenant \u2014 check the value and try again",TENANT_NOT_FOUND:"Tenant not found \u2014 verify the tenant identifier"};});function Ir(){return process.platform==="win32"?false:process.getuid?.()===0}function ut(){if(Ir())return process.stderr.write(`
29
- `+v(` \u2717 flow-ai-obs is not supported in a sudo context.
26
+ `),r();});})}function kr(){return new Promise(t=>{De((e,r)=>t(e||!r?null:r));})}function ys(){try{let t=Fe();if(t){_t(C().version,t.latestVersion)&&(t.updatePriority==="auto"?$e(t.latestVersion):Ue(t.latestVersion));return}setImmediate(()=>{De((e,r)=>{e||!r||(xe(r.version,r.updatePriority),_t(C().version,r.version)&&(r.updatePriority==="auto"?$e(r.version):Ue(r.version)));});});}catch{}}async function _s(t={}){try{let e=Fe();if(e){if(!_t(C().version,e.latestVersion))return}else {let n=await kr();if(!n||(xe(n.version,n.updatePriority),!_t(C().version,n.version)))return;e={latestVersion:n.version,updatePriority:n.updatePriority,checkedAt:Date.now()};}if(e.updatePriority==="auto"){$e(e.latestVersion);return}if(!yt()){Ue(e.latestVersion);return}await Ts(e.latestVersion,t.timeoutMs)&&await Ss(e.latestVersion);}catch{}}function Os(){try{if(Fe())return;setImmediate(()=>{De((t,e)=>{t||!e||_t(C().version,e.version)&&xe(e.version,e.updatePriority,0);});});}catch{}}var Ne,Or,ws,Es,kt=m(()=>{"use strict";Ce();Or=It__namespace.default.join(lt__namespace.default.tmpdir(),"flow-obs-update-cache.json"),ws=1440*60*1e3,Es=3e3;});function at(){let t=process.env.FLOW_BASE_URL;return t&&t.trim()?t.trim():Dt}function At(){let t=at();return {AUTH_ENGINE:process.env.FLOW_AUTH_ENGINE_URL||`${t}/auth-engine-api/v2/api-key/token`,GATEWAY_TRACES:process.env.FLOW_GATEWAY_TRACES_URL||`${t}/flow-langfuse-gateway/v1/traces`,GATEWAY_HEALTH:process.env.FLOW_GATEWAY_HEALTH_URL||`${t}/flow-langfuse-gateway/v1/health`,OTEL_ENDPOINT:process.env.FLOW_OTEL_ENDPOINT_URL||`${t}/otel`}}function Bt(){let t=at();return {ANTHROPIC_BASE_URL:process.env.FLOW_LLM_PROXY_URL??`${t}/flow-llm-proxy/`,ANTHROPIC_MODEL:process.env.FLOW_LLM_PROXY_MODEL??"anthropic.claude-4-6-sonnet",ANTHROPIC_SMALL_FAST_MODEL:process.env.FLOW_LLM_PROXY_SMALL_MODEL??"anthropic.claude-4-6-sonnet",CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS:"1"}}function He(){let t=at();return {API_URL:process.env.FLOW_METRICS_URL||`${t}/metrics-collector-api/log-event`,BOOSTER:"flow-ai-obs"}}var Dt,ks,ie,ae,ce,Be,j,p,Ar,Me,x,vr,V,O=m(()=>{"use strict";Dt="https://flow.ciandt.com";ks=At(),ie={SERVICE:"flow-plugins-cli",ACCOUNT_CREDS:"credentials",ACCOUNT_TOKEN:"token-cache"},ae="FLOW-nodejs",ce="config.json",Be={SCOPE_NAME:"flow-ai-obs",SCOPE_VERSION:"0.1.0"};j={CLAUDE_CODE_ENABLE_TELEMETRY:"1",OTEL_EXPORTER_OTLP_ENDPOINT:ks.OTEL_ENDPOINT,OTEL_EXPORTER_OTLP_PROTOCOL:"http/json",OTEL_METRICS_EXPORTER:"otlp",OTEL_LOGS_EXPORTER:"otlp",OTEL_LOG_TOOL_DETAILS:"1",OTEL_LOG_USER_PROMPTS:"1"},p={FLOW_TELEMETRY:"FLOW_TELEMETRY",FLOW_TELEMETRY_GATEWAY:"FLOW_TELEMETRY_GATEWAY_URL",LANGFUSE_BASE_URL:"LANGFUSE_BASE_URL",LANGFUSE_PUBLIC_KEY:"LANGFUSE_PUBLIC_KEY",LANGFUSE_SECRET_KEY:"LANGFUSE_SECRET_KEY",ANTHROPIC_MODEL:"ANTHROPIC_MODEL",ANTHROPIC_AUTH_TOKEN:"ANTHROPIC_AUTH_TOKEN",FLOW_OBS_DEBUG:"FLOW_TELEMETRY_DEBUG",FLOW_OBS_ALLOW_HTTP:"FLOW_TELEMETRY_ALLOW_HTTP",BUFFER_TTL_DAYS:"FLOW_TELEMETRY_BUFFER_TTL_DAYS",BUFFER_MAX_FILES:"FLOW_TELEMETRY_BUFFER_MAX_FILES"},Ar={LOCK_STALE_MS:3e4,CONNECTIVITY_MAX_RETRY:3,CONNECTIVITY_RETRY_MS:2e3},Me={UserPromptSubmit:5,PreToolUse:3,PostToolUse:10,Stop:15},x={FILE_PREFIX:"flow-obs-buffer-",DEFAULT_TTL_DAYS:4,MIN_TTL_DAYS:1,MAX_TTL_DAYS:30,DEFAULT_MAX_FILES:50,MIN_MAX_FILES:1,MAX_MAX_FILES:500,REPLAY_BATCH_SIZE:10},vr="flow-ai-obs-debug.log",V={TOOL_INPUT:2e4,TOOL_OUTPUT:2e4,TRACE_OUTPUT:2e4,USER_INSTRUCTION:1e4,TRACE_INPUT:5e4,TOOL_BRIEF:60};});function u(...t){if(process.env[p.FLOW_OBS_DEBUG]!=="1")return;let e=`[${new Date().toISOString()}] ${t.join(" ")}
27
+ `;try{g.writeFileSync(Rs,e,{flag:"a"});}catch(r){process.stderr.write(`[flow-obs debug ERROR] ${r.message}
28
+ `);}}var Rs,D=m(()=>{"use strict";O();Rs=It.join(lt.tmpdir(),vr);});function Cs(t){if(!bs.test(t))throw new Error(`Invalid tenant value: "${t}". Tenant must be lowercase alphanumeric and hyphens (1-64 chars).`)}function Ns(t,e){let r=e.length>400?e.slice(0,400)+"\u2026":e;u("toAuthError",`status=${t} body=${r}`);try{let n=JSON.parse(e);if(typeof n.error=="string"&&(u("toAuthError",`api_error_code=${n.error}`+(n.message?` api_message=${n.message}`:"")),Lr[n.error]))return new ct(Lr[n.error])}catch{}return t===401||t===403||t===500?new ct("Invalid credentials"):t>=400&&t<500?new ct("Authentication request was rejected"):new Error("Authentication service unavailable, please try again later")}function W(t){return new Promise((e,r)=>{try{Cs(t.tenant);}catch(l){return r(l)}let n=JSON.stringify({clientSecret:t.clientSecret}),s=new URL(At().AUTH_ENGINE),o=s.protocol==="https:",i={hostname:s.hostname,port:s.port||(o?443:80),path:s.pathname+s.search,method:"POST",headers:{"Content-Type":"application/json","Content-Length":Buffer.byteLength(n),FlowTenant:t.tenant}};u("getToken",`requesting token tenant=${t.tenant} host=${i.hostname} path=${i.path}`);let c=(o?ms__default.default:Ps__default.default).request(i,l=>{let d=[];l.on("data",h=>d.push(h)),l.on("end",()=>{let h=d.join("");if((l.statusCode??0)>=400)return r(Ns(l.statusCode??0,h));let w;try{w=JSON.parse(h);}catch{return r(new Error("Invalid response from auth engine"))}let T=w.expires_at??new Date(Date.now()+(w.expires_in??3600)*1e3).toISOString();e({accessToken:w.access_token??"",expiresAt:T});});});c.on("error",l=>r(new Error(`Network error: ${l.message}`))),c.write(n),c.end();})}var ct,bs,Lr,vt=m(()=>{"use strict";O();D();ct=class extends Error{constructor(e){super(e),this.name="AuthError";}},bs=/^[a-z0-9][a-z0-9-]{0,62}[a-z0-9]$|^[a-z0-9]$/;Lr={INVALID_CLIENT_SECRET:"Invalid Client Secret \u2014 check the value and try again",INVALID_CLIENT_ID:"Invalid Client ID \u2014 check the value and try again",INVALID_TENANT:"Invalid Tenant \u2014 check the value and try again",TENANT_NOT_FOUND:"Tenant not found \u2014 verify the tenant identifier"};});function Rr(){return process.platform==="win32"?false:process.getuid?.()===0}function ut(){if(Rr())return process.stderr.write(`
29
+ `+L(` \u2717 flow-ai-obs is not supported in a sudo context.
30
30
 
31
31
  `)+R(` npm install -g @ciandt-flow/flow-ai-obs
32
32
  `)+`
33
- `),1}var Mt=f(()=>{"use strict";it();});function L(){if(process.env.WSL_DISTRO_NAME&&process.platform==="linux"){let t=process.env.USERPROFILE;if(!t){let r=child_process.spawnSync("cmd.exe",["/c","echo","%USERPROFILE%"],{encoding:"utf8",timeout:5e3}).stdout?.trim();r&&/^[A-Za-z]:\\/.test(r)&&(t=r);}if(t){let e=t.replace(/^([A-Za-z]):/,(r,n)=>`/mnt/${n.toLowerCase()}`).replace(/\\/g,"/");return Lt__namespace.join(e,".claude","settings.json")}return Lt__namespace.join(Ht__namespace.homedir(),".claude","settings.json")}if(process.platform==="win32"){let t=process.env.USERPROFILE||Ht__namespace.homedir();return Lt__namespace.join(t,".claude","settings.json")}if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let e=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(e)return Lt__namespace.join(e,".claude","settings.json")}return Lt__namespace.join(Ht__namespace.homedir(),".claude","settings.json")}var de=f(()=>{"use strict";Mt();});function He(t){try{let e=E__namespace.statSync(t);Date.now()-e.mtimeMs>Cs&&E__namespace.unlinkSync(t);}catch{}try{E__namespace.writeFileSync(t,String(process.pid),{flag:"wx"});}catch(e){throw e.code==="EEXIST"?new Error("Another install is already in progress. If this is stale, remove: "+t):e}}function je(t){try{E__namespace.unlinkSync(t);}catch{}}function Pr(t,e){let n=(Array.isArray(t)?t:[]).map(s=>{if(!Array.isArray(s?.hooks))return null;let o=s.hooks.filter(i=>!i.command?.startsWith?.("flow-ai-obs "));return o.length>0?{...s,hooks:o}:null}).filter(s=>s!=null);return [e,...n]}function Cr(){let t=L(),e=t+".lock",r=[];E__namespace.mkdirSync(Lt__namespace.dirname(t),{recursive:true}),He(e);try{if(E__namespace.existsSync(t)){E__namespace.copyFileSync(t,t+".bkp");try{E__namespace.chmodSync(t+".bkp",384);}catch{}}let n={};try{n=JSON.parse(E__namespace.readFileSync(t,"utf8"));}catch{}let s=n.env&&typeof n.env=="object"?n.env:{};delete s.OTEL_EXPORTER_OTLP_HEADERS,n.env={...s,...V,...Bt()},n.otelHeadersHelper="flow-ai-obs otel-headers",(!n.hooks||typeof n.hooks!="object"||Array.isArray(n.hooks))&&(n.hooks={});let o=(c,u)=>({matcher:"",hooks:[{type:"command",command:`flow-ai-obs ${c}`,timeout:u}]}),i=["UserPromptSubmit","PreToolUse","PostToolUse","Stop"],a=n.hooks;for(let c of i){let u=Pr(a[c],o(c,Be[c]));u.length>1&&r.push(c),a[c]=u;}E__namespace.writeFileSync(t,JSON.stringify(n,null,2)+`
34
- `,{encoding:"utf8",mode:384});try{E__namespace.chmodSync(t,384);}catch{}}finally{je(e);}return {settingsPath:t,preserved:r}}function X(t){let e=L(),r=e+".lock";E__namespace.mkdirSync(Lt__namespace.dirname(e),{recursive:true}),He(r);try{let n={};try{n=JSON.parse(E__namespace.readFileSync(e,"utf8"));}catch{}(!n.env||typeof n.env!="object")&&(n.env={}),Object.assign(n.env,t),E__namespace.writeFileSync(e,JSON.stringify(n,null,2)+`
35
- `,{encoding:"utf8",mode:384});try{E__namespace.chmodSync(e,384);}catch{}}finally{je(r);}}function Nr(){let t=L(),e=t+".lock",r=[];E__namespace.mkdirSync(Lt__namespace.dirname(t),{recursive:true}),He(e);try{if(E__namespace.existsSync(t)){E__namespace.copyFileSync(t,t+".bkp");try{E__namespace.chmodSync(t+".bkp",384);}catch{}}let n={};try{n=JSON.parse(E__namespace.readFileSync(t,"utf8"));}catch{}n.otelHeadersHelper="flow-ai-obs otel-headers",(!n.hooks||typeof n.hooks!="object"||Array.isArray(n.hooks))&&(n.hooks={});let s=(a,c)=>({matcher:"",hooks:[{type:"command",command:`flow-ai-obs ${a}`,timeout:c}]}),o=["UserPromptSubmit","PreToolUse","PostToolUse","Stop"],i=n.hooks;for(let a of o){let c=Pr(i[a],s(a,Be[a]));c.length>1&&r.push(a),i[a]=c;}E__namespace.writeFileSync(t,JSON.stringify(n,null,2)+`
36
- `,{encoding:"utf8",mode:384});try{E__namespace.chmodSync(t,384);}catch{}}finally{je(e);}return {settingsPath:t,preserved:r}}var Cs,jt=f(()=>{"use strict";k();Ot();de();Cs=vr.LOCK_STALE_MS;});function Vt(){try{let t=E__namespace.readFileSync(L(),"utf8"),r=JSON.parse(t).env?.FLOW_BASE_URL;return typeof r=="string"&&r.trim()?r.trim():null}catch{return null}}function Ur(){try{let t=E__namespace.readFileSync(L(),"utf8");return JSON.parse(t).env??null}catch{return null}}var $r=f(()=>{"use strict";de();});function Yt(){let t=Ht__namespace.default.homedir();if(process.platform==="darwin")return Lt__namespace.default.join(t,"Library","Preferences",ce,ue);if(process.platform==="win32"){let r=process.env.APPDATA??Lt__namespace.default.join(t,"AppData","Roaming");return Lt__namespace.default.join(r,ce,ue)}let e=process.env.XDG_CONFIG_HOME??Lt__namespace.default.join(t,".config");return Lt__namespace.default.join(e,ce,ue)}function We(){try{let t=E__namespace.default.readFileSync(Yt(),"utf8");return JSON.parse(t)}catch{return {}}}function Fr(t){let e=Yt();E__namespace.default.mkdirSync(Lt__namespace.default.dirname(e),{recursive:true}),E__namespace.default.writeFileSync(e,JSON.stringify(t,null,2),{encoding:"utf8",mode:384});}var Ye,fe,xr=f(()=>{"use strict";k();Ye={credentials:"credentials","token-cache":"tokenCache"};fe=class{static isAvailable(){return !0}static hasExistingData(){try{if(!E__namespace.default.existsSync(Yt()))return !1;let e=JSON.parse(E__namespace.default.readFileSync(Yt(),"utf8"));return !!(e&&e.credentials)}catch{return !1}}async getSecret(e,r){let n=We(),s=Ye[r]??r,o=n[s];return o?typeof o=="string"?o:JSON.stringify(o):null}async setSecret(e,r,n){let s=We(),o=Ye[r]??r;if(r==="token-cache")try{s[o]=JSON.parse(n);}catch{s[o]=n;}else s[o]=n;Fr(s);}async deleteSecret(e,r){let n=We(),s=Ye[r]??r;return s in n?(delete n[s],Fr(n),!0):!1}getStoragePath(){return `config.json (unencrypted) \u2014 ${Yt()}`}};});var Dr={};H(Dr,{MacOsKeyVaultProvider:()=>Ke});var Ge,Ke,Br=f(()=>{"use strict";Ge=util.promisify(child_process.execFile),Ke=class{static async isAvailable(){try{return E.accessSync("/usr/bin/security",E.constants.X_OK),!0}catch{return !1}}async getSecret(e,r){try{let{stdout:n}=await Ge("security",["find-generic-password","-w","-a",r,"-s",e]);return n.trim()||null}catch{return null}}async setSecret(e,r,n){await Ge("security",["add-generic-password","-U","-a",r,"-s",e,"-w",n]);}async deleteSecret(e,r){try{return await Ge("security",["delete-generic-password","-a",r,"-s",e]),!0}catch{return !1}}getStoragePath(){return "macOS Keychain"}};});var Hr={};H(Hr,{LinuxKeyVaultProvider:()=>Je});var Mr,Je,jr=f(()=>{"use strict";Mr=util.promisify(child_process.execFile),Je=class{static async isAvailable(){let e=["/usr/bin/secret-tool","/bin/secret-tool","/usr/local/bin/secret-tool"];for(let r of e)try{return E.accessSync(r,E.constants.X_OK),!0}catch{}return !1}async getSecret(e,r){try{let{stdout:n}=await Mr("secret-tool",["lookup","service",e,"account",r]);return n.trim()||null}catch{return null}}async setSecret(e,r,n){await new Promise((s,o)=>{let i=child_process.spawn("secret-tool",["store","--label",e,"service",e,"account",r]);i.on("error",o),i.on("close",a=>{a===0?s():o(new Error(`secret-tool exited with code ${a}`));}),i.stdin.write(n),i.stdin.end();});}async deleteSecret(e,r){try{return await Mr("secret-tool",["clear","service",e,"account",r]),!0}catch{return !1}}getStoragePath(){return "Linux Secret Service (libsecret)"}};});var Vr={};H(Vr,{WindowsKeyVaultProvider:()=>qe});var qe,Yr=f(()=>{"use strict";qe=class{static async isAvailable(){try{return await Dt("keytar").getPassword("__flow_probe__","__flow_probe__"),!0}catch{return !1}}async getSecret(e,r){return Dt("keytar").getPassword(e,r)}async setSecret(e,r,n){await Dt("keytar").setPassword(e,r,n);}async deleteSecret(e,r){return Dt("keytar").deletePassword(e,r)}getStoragePath(){return "Windows Credential Manager"}};});async function Wr(){return await Vs()??new fe}async function Vs(){switch(process.platform){case "darwin":{let{MacOsKeyVaultProvider:t}=await Promise.resolve().then(()=>(Br(),Dr));return await t.isAvailable()?new t:null}case "linux":{let{LinuxKeyVaultProvider:t}=await Promise.resolve().then(()=>(jr(),Hr));return await t.isAvailable()?new t:null}case "win32":{let{WindowsKeyVaultProvider:t}=await Promise.resolve().then(()=>(Yr(),Vr));return await t.isAvailable()?new t:null}default:return null}}var Gr=f(()=>{"use strict";xr();});function It(){return Xe||(Xe=Wr()),Xe}async function I(){let e=await(await It()).getSecret(Rt,ze);if(!e)return null;try{return JSON.parse(e)}catch{return null}}async function Qe(t){if(!t.clientId||!t.clientSecret||!t.tenant)throw new Error("clientId, clientSecret and tenant are required");await(await It()).setSecret(Rt,ze,JSON.stringify(t));}async function Kr(){let t=await It();await t.deleteSecret(Rt,ze),await t.deleteSecret(Rt,Ze);}async function Gt(t){await(await It()).setSecret(Rt,Ze,JSON.stringify({accessToken:t.accessToken,expiresAt:t.expiresAt,lastAuthCheckAt:t.lastAuthCheckAt}));}async function bt(){let e=await(await It()).getSecret(Rt,Ze);if(!e)return null;try{let r=JSON.parse(e);return {accessToken:r.accessToken,expiresAt:r.expiresAt,lastAuthCheckAt:r.lastAuthCheckAt}}catch{return null}}async function me(){let t=await bt();return t?new Date(t.expiresAt)>new Date:false}async function lt(){let t=await bt();if(!t||!t.accessToken)return null;try{let e=t.accessToken.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return r.email??r.preferred_username??r.upn??r.sub??null}catch{return null}}async function tr(){let t=await It();if(typeof t.getStoragePath=="function")return t.getStoragePath();let e=process.platform;return e==="darwin"?"macOS Keychain":e==="win32"?"Windows Credential Manager":"Linux Secret Service (libsecret)"}async function Jr(){let t=await I();return !!(t&&t.clientId&&t.clientSecret&&t.tenant)}var Rt,ze,Ze,Xe,Kt=f(()=>{"use strict";Gr();k();Rt=ae.SERVICE,ze=ae.ACCOUNT_CREDS,Ze=ae.ACCOUNT_TOKEN,Xe=null;});function Ws(t){return Ys.some(e=>e.test(t))}function Gs(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return r.email||r.preferred_username||r.upn||r.sub||null}catch{return null}}function N(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8")),{clientId:n,clientSecret:s,tenant:o}=r;return !n||!s||!o?null:{clientId:n,clientSecret:s,tenant:o}}catch{return null}}function qr(t){let e=Buffer.from(JSON.stringify({alg:"none",typ:"JWT"})).toString("base64url"),r=Buffer.from(JSON.stringify({clientId:t.clientId,clientSecret:t.clientSecret,tenant:t.tenant})).toString("base64url");return `${e}.${r}.`}function Pt(t){let e;try{e=new URL(t);}catch{throw new Error(`Invalid URL: ${t}`)}let r=process.env[m.FLOW_OBS_ALLOW_HTTP]==="true";if(!r&&e.protocol!=="https:")throw new Error(`URL must use HTTPS: ${t}`);if(e.username||e.password)throw new Error(`URL must not contain embedded credentials: ${t}`);if(!r&&Ws(e.hostname))throw new Error(`SSRF: private/loopback host not allowed: ${e.hostname}`);return t}async function Xr(){let t=N(process.env[m.ANTHROPIC_AUTH_TOKEN]);if(t)return {user:await lt().catch(()=>null)??t.clientId,tenant:t.tenant};if(le.KEYCHAIN_ENABLED)try{let e=await I();if(!e)return {user:"",tenant:""};let r=await lt()??e.clientId??"",n=e.tenant??"";return {user:r,tenant:n}}catch{return {user:"",tenant:""}}return {user:"",tenant:""}}function Ks(){return new Date().toISOString().slice(0,10)}async function Js(t){let e=Ks(),r=await bt();if(r?.lastAuthCheckAt!==e){l("getOrRefreshToken",`daily auth check (last: ${r?.lastAuthCheckAt??"never"})`);try{let o=await W(t);try{await Gt({...o,lastAuthCheckAt:e});}catch{}return l("getOrRefreshToken",`daily check passed, expires=${o.expiresAt}`),o.accessToken}catch(o){if(o instanceof ct)throw o;l("getOrRefreshToken",`daily check network error \u2014 using cache: ${o.message}`);}}let n=r!=null&&new Date(r.expiresAt)>new Date;if(l("getOrRefreshToken",`cacheValid=${n}`),n)return l("getOrRefreshToken",`using cached token, expires=${r.expiresAt}`),r.accessToken;l("getOrRefreshToken",`token expired \u2014 refreshing via auth-engine (tenant=${t.tenant} clientId=${t.clientId})`);let s=await W(t);try{await Gt({...s,lastAuthCheckAt:e});}catch(o){l("getOrRefreshToken",`token cache save failed (non-fatal): ${o.message}`);}return l("getOrRefreshToken",`token refreshed, expires=${s.expiresAt}`),s.accessToken}function qs(t,e){let r=e&&e.accessToken?e.accessToken:"";return {endpoint:t.replace(/\/$/,"")+"/flow-langfuse-gateway/v1/traces",authHeader:`Bearer ${r}`}}function Xs(t,e,r){let n=Buffer.from(`${e}:${r}`).toString("base64");return {endpoint:t.replace(/\/$/,"")+"/api/public/otel/v1/traces",authHeader:`Basic ${n}`}}async function J(){let t=[],e=process.env[m.ANTHROPIC_MODEL]??"",r=N(process.env[m.ANTHROPIC_AUTH_TOKEN]);l("resolveCredentials",r?"credentials resolved from ANTHROPIC_AUTH_TOKEN":"ANTHROPIC_AUTH_TOKEN absent or invalid"),r&&l("resolveCredentials",`clientId=${r.clientId}`,`tenant=${r.tenant}`),!r&&le.KEYCHAIN_ENABLED&&(r=await I(),r&&l("resolveCredentials","credentials resolved from keychain (FEATURES.KEYCHAIN_ENABLED=true)"));let n=r?r.tenant:"",s=process.env[m.FLOW_TELEMETRY]==="true",o=process.env[m.LANGFUSE_BASE_URL],i=process.env[m.LANGFUSE_PUBLIC_KEY],a=process.env[m.LANGFUSE_SECRET_KEY];if(s&&o&&i&&a){let g="",w=n;if(r)g=await lt().catch(()=>null)??r.clientId;else if(le.KEYCHAIN_ENABLED)try{let _=await I();_&&(g=await lt()??_.clientId,w=_.tenant);}catch{}let O={user:g??"",tenant:w??"",team:"",project:"",model:e};t.push({mode:"direct",...Xs(Pt(o),i,a),...O}),l("resolveCredentials","direct mode active",`user=${O.user}`,`tenant=${O.tenant}`);}if(!r){if(t.length===0){let g=[];return g.authError=false,g}return t}let c;try{c=await Js(r);}catch(g){if(l("resolveCredentials",`token refresh failed: ${g.message}`,`(tenant=${r.tenant} clientId=${r.clientId})`),t.length>0)return t.authError=true,t;let w=[];return w.authError=true,w}let d={user:Gs(c)??r.clientId,tenant:n,team:"",project:"",model:e},T=process.env[m.FLOW_TELEMETRY_GATEWAY]??at();return t.push({mode:"gateway",...qs(Pt(T),{accessToken:c}),...d}),t}async function zr(){return (await J()).length>0}var Ys,G=f(()=>{"use strict";Kt();Ot();k();B();Ys=[/^localhost\.?$/i,/^127\./,/^10\./,/^172\.(1[6-9]|2\d|3[01])\./,/^192\.168\./,/^169\.254\./,/^0\.0\.0\.0$/,/^::1$/,/^\[::1\]$/,/^\[::ffff:/i,/^\[f[cd]/i,/^\[fe80:/i,/^metadata\.google\.internal\.?$/i,/^metadata\.azure\.internal\.?$/i,/(?:^|\.)localtest\.me\.?$/i,/(?:^|\.)lvh\.me\.?$/i,/(?:^|\.)vcap\.me\.?$/i];});function ge(){if(process.env.WSL_DISTRO_NAME&&process.platform==="linux")return child_process.spawnSync("cmd.exe",["/c","where","claude"],{encoding:"utf8",timeout:5e3}).status===0;let t=process.platform==="win32"?"where":"which";return child_process.spawnSync(t,["claude"],{encoding:"utf8",timeout:5e3}).status===0}function rr(){try{if(process.env.WSL_DISTRO_NAME&&process.platform==="linux"){let e=child_process.spawnSync("cmd.exe",["/c","claude","--version"],{encoding:"utf8",timeout:5e3});return e.status===0?e.stdout.trim():null}let t=child_process.spawnSync("claude",["--version"],{encoding:"utf8",timeout:5e3});return t.status===0?t.stdout.trim():null}catch{return null}}function Zr(){if(child_process.spawnSync("node",["--version"],{encoding:"utf8",timeout:5e3}).status!==0)return {success:false,error:"no_nodejs",message:`Node.js is not installed. Install Node.js 18+ and try again:
33
+ `),1}var Mt=m(()=>{"use strict";it();});function Ir(){if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let e=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(e)return {home:e,username:process.env.SUDO_USER}}return {home:lt__namespace.homedir(),username:process.env.SUDO_USER||process.env.USER||lt__namespace.userInfo().username}}function v(){if(process.env.WSL_DISTRO_NAME&&process.platform==="linux"){let t=process.env.USERPROFILE;if(!t){let r=child_process.spawnSync("cmd.exe",["/c","echo","%USERPROFILE%"],{encoding:"utf8",timeout:5e3}).stdout?.trim();r&&/^[A-Za-z]:\\/.test(r)&&(t=r);}if(t){let e=t.replace(/^([A-Za-z]):/,(r,n)=>`/mnt/${n.toLowerCase()}`).replace(/\\/g,"/");return It__namespace.join(e,".claude","settings.json")}return It__namespace.join(lt__namespace.homedir(),".claude","settings.json")}if(process.platform==="win32"){let t=process.env.USERPROFILE||lt__namespace.homedir();return It__namespace.join(t,".claude","settings.json")}if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let e=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(e)return It__namespace.join(e,".claude","settings.json")}return It__namespace.join(lt__namespace.homedir(),".claude","settings.json")}var ue=m(()=>{"use strict";Mt();});function le(){if(process.platform==="win32"){let r=process.env.APPDATA||It__namespace.join(lt__namespace.homedir(),"AppData","Roaming");return It__namespace.join(r,Pr,br)}let t=Ir(),e=process.env.XDG_CONFIG_HOME||It__namespace.join(t.home,".config");return It__namespace.join(e,Pr,br)}function de(){try{let t=g__namespace.readFileSync(v(),"utf8"),r=JSON.parse(t).env?.FLOW_BASE_URL;return typeof r=="string"&&r.trim()?r.trim():null}catch{return null}}function Nr(){try{let t=g__namespace.readFileSync(v(),"utf8");return JSON.parse(t).env??null}catch{return null}}var Pr,br,We=m(()=>{"use strict";ue();Pr="flow-ai-obs",br="config.json";});function pe(t){try{let e=g__namespace.statSync(t);Date.now()-e.mtimeMs>Us&&g__namespace.unlinkSync(t);}catch{}try{g__namespace.writeFileSync(t,String(process.pid),{flag:"wx"});}catch(e){throw e.code==="EEXIST"?new Error("Another install is already in progress. If this is stale, remove: "+t):e}}function fe(t){try{g__namespace.unlinkSync(t);}catch{}}function Ur(t,e){let n=(Array.isArray(t)?t:[]).map(s=>{if(!Array.isArray(s?.hooks))return null;let o=s.hooks.filter(i=>!i.command?.startsWith?.("flow-ai-obs "));return o.length>0?{...s,hooks:o}:null}).filter(s=>s!=null);return [e,...n]}function $r(){let t=v(),e=t+".lock",r=[];g__namespace.mkdirSync(It__namespace.dirname(t),{recursive:true}),pe(e);try{if(g__namespace.existsSync(t)){g__namespace.copyFileSync(t,t+".bkp");try{g__namespace.chmodSync(t+".bkp",384);}catch{}}let n=le();if(g__namespace.existsSync(n)){let l=n+".bkp";g__namespace.copyFileSync(n,l);try{g__namespace.chmodSync(l,384);}catch{}}let s={};try{s=JSON.parse(g__namespace.readFileSync(t,"utf8"));}catch{}let o=s.env&&typeof s.env=="object"?s.env:{};delete o.OTEL_EXPORTER_OTLP_HEADERS,s.env={...o,...j,...Bt()},s.otelHeadersHelper="flow-ai-obs otel-headers",(!s.hooks||typeof s.hooks!="object"||Array.isArray(s.hooks))&&(s.hooks={});let i=(l,d)=>({matcher:"",hooks:[{type:"command",command:`flow-ai-obs ${l}`,timeout:d}]}),a=["UserPromptSubmit","PreToolUse","PostToolUse","Stop"],c=s.hooks;for(let l of a){let d=Ur(c[l],i(l,Me[l]));d.length>1&&r.push(l),c[l]=d;}g__namespace.writeFileSync(t,JSON.stringify(s,null,2)+`
34
+ `,{encoding:"utf8",mode:384});try{g__namespace.chmodSync(t,384);}catch{}}finally{fe(e);}return {settingsPath:t,preserved:r}}function Rt(t){try{let e=g__namespace.readFileSync(v(),"utf8"),n=JSON.parse(e).env?.[t];return typeof n=="string"?n:null}catch{return null}}function J(t){let e=v(),r=e+".lock";g__namespace.mkdirSync(It__namespace.dirname(e),{recursive:true}),pe(r);try{let n={};try{n=JSON.parse(g__namespace.readFileSync(e,"utf8"));}catch{}(!n.env||typeof n.env!="object")&&(n.env={}),Object.assign(n.env,t),g__namespace.writeFileSync(e,JSON.stringify(n,null,2)+`
35
+ `,{encoding:"utf8",mode:384});try{g__namespace.chmodSync(e,384);}catch{}}finally{fe(r);}}function Fr(){let t=v(),e=t+".lock",r=[];g__namespace.mkdirSync(It__namespace.dirname(t),{recursive:true}),pe(e);try{if(g__namespace.existsSync(t)){g__namespace.copyFileSync(t,t+".bkp");try{g__namespace.chmodSync(t+".bkp",384);}catch{}}let n={};try{n=JSON.parse(g__namespace.readFileSync(t,"utf8"));}catch{}n.otelHeadersHelper="flow-ai-obs otel-headers",(!n.hooks||typeof n.hooks!="object"||Array.isArray(n.hooks))&&(n.hooks={});let s=(a,c)=>({matcher:"",hooks:[{type:"command",command:`flow-ai-obs ${a}`,timeout:c}]}),o=["UserPromptSubmit","PreToolUse","PostToolUse","Stop"],i=n.hooks;for(let a of o){let c=Ur(i[a],s(a,Me[a]));c.length>1&&r.push(a),i[a]=c;}g__namespace.writeFileSync(t,JSON.stringify(n,null,2)+`
36
+ `,{encoding:"utf8",mode:384});try{g__namespace.chmodSync(t,384);}catch{}}finally{fe(e);}return {settingsPath:t,preserved:r}}function xr(t){let e=v(),r=e+".lock";g__namespace.mkdirSync(It__namespace.dirname(e),{recursive:true}),pe(r);try{let n={};try{n=JSON.parse(g__namespace.readFileSync(e,"utf8"));}catch{return}if(!n.env||typeof n.env!="object")return;for(let s of t)delete n.env[s];g__namespace.writeFileSync(e,JSON.stringify(n,null,2)+`
37
+ `,{encoding:"utf8",mode:384});try{g__namespace.chmodSync(e,384);}catch{}}finally{fe(r);}}var Us,Vt=m(()=>{"use strict";O();vt();ue();We();Us=Ar.LOCK_STALE_MS;});function Wt(){let t=lt__namespace.default.homedir();if(process.platform==="darwin")return It__namespace.default.join(t,"Library","Preferences",ae,ce);if(process.platform==="win32"){let r=process.env.APPDATA??It__namespace.default.join(t,"AppData","Roaming");return It__namespace.default.join(r,ae,ce)}let e=process.env.XDG_CONFIG_HOME??It__namespace.default.join(t,".config");return It__namespace.default.join(e,ae,ce)}function Ge(){try{let t=g__namespace.default.readFileSync(Wt(),"utf8");return JSON.parse(t)}catch{return {}}}function Dr(t){let e=Wt();g__namespace.default.mkdirSync(It__namespace.default.dirname(e),{recursive:true}),g__namespace.default.writeFileSync(e,JSON.stringify(t,null,2),{encoding:"utf8",mode:384});}var Ye,me,Br=m(()=>{"use strict";O();Ye={credentials:"credentials","token-cache":"tokenCache"};me=class{static isAvailable(){return !0}static hasExistingData(){try{if(!g__namespace.default.existsSync(Wt()))return !1;let e=JSON.parse(g__namespace.default.readFileSync(Wt(),"utf8"));return !!(e&&e.credentials)}catch{return !1}}async getSecret(e,r){let n=Ge(),s=Ye[r]??r,o=n[s];return o?typeof o=="string"?o:JSON.stringify(o):null}async setSecret(e,r,n){let s=Ge(),o=Ye[r]??r;if(r==="token-cache")try{s[o]=JSON.parse(n);}catch{s[o]=n;}else s[o]=n;Dr(s);}async deleteSecret(e,r){let n=Ge(),s=Ye[r]??r;return s in n?(delete n[s],Dr(n),!0):!1}getStoragePath(){return `config.json (unencrypted) \u2014 ${Wt()}`}};});var Mr={};M(Mr,{MacOsKeyVaultProvider:()=>Ke});var Je,Ke,Hr=m(()=>{"use strict";Je=util.promisify(child_process.execFile),Ke=class{static async isAvailable(){try{return g.accessSync("/usr/bin/security",g.constants.X_OK),!0}catch{return !1}}async getSecret(e,r){try{let{stdout:n}=await Je("security",["find-generic-password","-w","-a",r,"-s",e]);return n.trim()||null}catch{return null}}async setSecret(e,r,n){await Je("security",["add-generic-password","-U","-a",r,"-s",e,"-w",n]);}async deleteSecret(e,r){try{return await Je("security",["delete-generic-password","-a",r,"-s",e]),!0}catch{return !1}}getStoragePath(){return "macOS Keychain"}};});var Vr={};M(Vr,{LinuxKeyVaultProvider:()=>qe});var jr,qe,Wr=m(()=>{"use strict";jr=util.promisify(child_process.execFile),qe=class{static async isAvailable(){let e=["/usr/bin/secret-tool","/bin/secret-tool","/usr/local/bin/secret-tool"];for(let r of e)try{return g.accessSync(r,g.constants.X_OK),!0}catch{}return !1}async getSecret(e,r){try{let{stdout:n}=await jr("secret-tool",["lookup","service",e,"account",r]);return n.trim()||null}catch{return null}}async setSecret(e,r,n){await new Promise((s,o)=>{let i=child_process.spawn("secret-tool",["store","--label",e,"service",e,"account",r]);i.on("error",o),i.on("close",a=>{a===0?s():o(new Error(`secret-tool exited with code ${a}`));}),i.stdin.write(n),i.stdin.end();});}async deleteSecret(e,r){try{return await jr("secret-tool",["clear","service",e,"account",r]),!0}catch{return !1}}getStoragePath(){return "Linux Secret Service (libsecret)"}};});var Yr={};M(Yr,{WindowsKeyVaultProvider:()=>Xe});var Xe,Gr=m(()=>{"use strict";Xe=class{static async isAvailable(){try{return await xt("keytar").getPassword("__flow_probe__","__flow_probe__"),!0}catch{return !1}}async getSecret(e,r){return xt("keytar").getPassword(e,r)}async setSecret(e,r,n){await xt("keytar").setPassword(e,r,n);}async deleteSecret(e,r){return xt("keytar").deletePassword(e,r)}getStoragePath(){return "Windows Credential Manager"}};});async function Jr(){return await Ys()??new me}async function Ys(){switch(process.platform){case "darwin":{let{MacOsKeyVaultProvider:t}=await Promise.resolve().then(()=>(Hr(),Mr));return await t.isAvailable()?new t:null}case "linux":{let{LinuxKeyVaultProvider:t}=await Promise.resolve().then(()=>(Wr(),Vr));return await t.isAvailable()?new t:null}case "win32":{let{WindowsKeyVaultProvider:t}=await Promise.resolve().then(()=>(Gr(),Yr));return await t.isAvailable()?new t:null}default:return null}}var Kr=m(()=>{"use strict";Br();});function zr(){return ze||(ze=Jr()),ze}async function Gt(t){await(await zr()).setSecret(qr,Xr,JSON.stringify({accessToken:t.accessToken,expiresAt:t.expiresAt,lastAuthCheckAt:t.lastAuthCheckAt}));}async function Pt(){let e=await(await zr()).getSecret(qr,Xr);if(!e)return null;try{let r=JSON.parse(e);return {accessToken:r.accessToken,expiresAt:r.expiresAt,lastAuthCheckAt:r.lastAuthCheckAt}}catch{return null}}async function ge(){let t=await Pt();return t?new Date(t.expiresAt)>new Date:false}async function Jt(){let t=await Pt();if(!t||!t.accessToken)return null;try{let e=t.accessToken.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return r.email??r.preferred_username??r.upn??r.sub??null}catch{return null}}var qr,zi,Xr,ze,he=m(()=>{"use strict";Kr();O();qr=ie.SERVICE,zi=ie.ACCOUNT_CREDS,Xr=ie.ACCOUNT_TOKEN,ze=null;});function Js(t){return Gs.some(e=>e.test(t))}function Ks(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return r.email||r.preferred_username||r.upn||r.sub||null}catch{return null}}function b(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8")),{clientId:n,clientSecret:s,tenant:o}=r;return !n||!s||!o?null:{clientId:n,clientSecret:s,tenant:o}}catch{return null}}function Zr(t){let e=Buffer.from(JSON.stringify({alg:"none",typ:"JWT"})).toString("base64url"),r=Buffer.from(JSON.stringify({clientId:t.clientId,clientSecret:t.clientSecret,tenant:t.tenant})).toString("base64url");return `${e}.${r}.`}function dt(t){let e;try{e=new URL(t);}catch{throw new Error(`Invalid URL: ${t}`)}let r=process.env[p.FLOW_OBS_ALLOW_HTTP]==="true";if(!r&&e.protocol!=="https:")throw new Error(`URL must use HTTPS: ${t}`);if(e.username||e.password)throw new Error(`URL must not contain embedded credentials: ${t}`);if(!r&&Js(e.hostname))throw new Error(`SSRF: private/loopback host not allowed: ${e.hostname}`);return t}async function Qr(){let t=b(process.env[p.ANTHROPIC_AUTH_TOKEN]);return t?{user:await Jt().catch(()=>null)??t.clientId,tenant:t.tenant}:{user:"",tenant:""}}function qs(){return new Date().toISOString().slice(0,10)}async function Xs(t){let e=qs(),r=await Pt();if(r?.lastAuthCheckAt!==e){u("getOrRefreshToken",`daily auth check (last: ${r?.lastAuthCheckAt??"never"})`);try{let o=await W(t);try{await Gt({...o,lastAuthCheckAt:e});}catch{}return u("getOrRefreshToken",`daily check passed, expires=${o.expiresAt}`),o.accessToken}catch(o){if(o instanceof ct)throw o;u("getOrRefreshToken",`daily check network error \u2014 using cache: ${o.message}`);}}let n=r!=null&&new Date(r.expiresAt)>new Date;if(u("getOrRefreshToken",`cacheValid=${n}`),n)return u("getOrRefreshToken",`using cached token, expires=${r.expiresAt}`),r.accessToken;u("getOrRefreshToken",`token expired \u2014 refreshing via auth-engine (tenant=${t.tenant} clientId=${t.clientId})`);let s=await W(t);try{await Gt({...s,lastAuthCheckAt:e});}catch(o){u("getOrRefreshToken",`token cache save failed (non-fatal): ${o.message}`);}return u("getOrRefreshToken",`token refreshed, expires=${s.expiresAt}`),s.accessToken}function zs(t,e){let r=e&&e.accessToken?e.accessToken:"";return {endpoint:t.replace(/\/$/,"")+"/flow-langfuse-gateway/v1/traces",authHeader:`Bearer ${r}`}}function Zs(t,e,r){let n=Buffer.from(`${e}:${r}`).toString("base64");return {endpoint:t.replace(/\/$/,"")+"/api/public/otel/v1/traces",authHeader:`Basic ${n}`}}async function K(){let t=[],e=process.env[p.ANTHROPIC_MODEL]??"",r=b(process.env[p.ANTHROPIC_AUTH_TOKEN]);u("resolveCredentials",r?"credentials resolved from ANTHROPIC_AUTH_TOKEN":"ANTHROPIC_AUTH_TOKEN absent or invalid"),r&&u("resolveCredentials",`clientId=${r.clientId}`,`tenant=${r.tenant}`);let n=r?r.tenant:"",s=process.env[p.FLOW_TELEMETRY]==="true",o=process.env[p.LANGFUSE_BASE_URL],i=process.env[p.LANGFUSE_PUBLIC_KEY],a=process.env[p.LANGFUSE_SECRET_KEY];if(s&&o&&i&&a){let w="",T=n;r&&(w=await Jt().catch(()=>null)??r.clientId);let A={user:w??"",tenant:T??"",team:"",project:"",model:e};t.push({mode:"direct",...Zs(dt(o),i,a),...A}),u("resolveCredentials","direct mode active",`user=${A.user}`,`tenant=${A.tenant}`);}if(!r){if(t.length===0){let w=[];return w.authError=false,w}return t}let c;try{c=await Xs(r);}catch(w){if(u("resolveCredentials",`token refresh failed: ${w.message}`,`(tenant=${r.tenant} clientId=${r.clientId})`),t.length>0)return t.authError=true,t;let T=[];return T.authError=true,T}let d={user:Ks(c)??r.clientId,tenant:n,team:"",project:"",model:e},h=process.env[p.FLOW_TELEMETRY_GATEWAY]??at();return t.push({mode:"gateway",...zs(dt(h),{accessToken:c}),...d}),t}async function tn(){return (await K()).length>0}var Gs,Y=m(()=>{"use strict";he();vt();O();D();Gs=[/^localhost\.?$/i,/^127\./,/^10\./,/^172\.(1[6-9]|2\d|3[01])\./,/^192\.168\./,/^169\.254\./,/^0\.0\.0\.0$/,/^::1$/,/^\[::1\]$/,/^\[::ffff:/i,/^\[f[cd]/i,/^\[fe80:/i,/^metadata\.google\.internal\.?$/i,/^metadata\.azure\.internal\.?$/i,/(?:^|\.)localtest\.me\.?$/i,/(?:^|\.)lvh\.me\.?$/i,/(?:^|\.)vcap\.me\.?$/i];});function we(){if(process.env.WSL_DISTRO_NAME&&process.platform==="linux")return child_process.spawnSync("cmd.exe",["/c","where","claude"],{encoding:"utf8",timeout:5e3}).status===0;let t=process.platform==="win32"?"where":"which";return child_process.spawnSync(t,["claude"],{encoding:"utf8",timeout:5e3}).status===0}function Qe(){try{if(process.env.WSL_DISTRO_NAME&&process.platform==="linux"){let e=child_process.spawnSync("cmd.exe",["/c","claude","--version"],{encoding:"utf8",timeout:5e3});return e.status===0?e.stdout.trim():null}let t=child_process.spawnSync("claude",["--version"],{encoding:"utf8",timeout:5e3});return t.status===0?t.stdout.trim():null}catch{return null}}function en(){if(child_process.spawnSync("node",["--version"],{encoding:"utf8",timeout:5e3}).status!==0)return {success:false,error:"no_nodejs",message:`Node.js is not installed. Install Node.js 18+ and try again:
37
38
  ${{darwin:`brew install node
38
39
  or download from: https://nodejs.org`,win32:`winget install OpenJS.NodeJS
39
- or download from: https://nodejs.org`,linux:"See package manager instructions at: https://nodejs.org/en/download/package-manager"}[process.platform]??"Download from: https://nodejs.org"}`};let e=child_process.spawnSync("npm",["install","-g",er],{encoding:"utf8",stdio:["inherit","inherit","pipe"],timeout:12e4});if(e.status===0)return {success:true};let r=String(e.stderr??""),n=e.error,s=n instanceof Error?n.message:r;return s.includes("EACCES")||s.includes("permission denied")||s.includes("EPERM")||r.includes("EACCES")||r.includes("EPERM")?{success:false,error:"permission_denied",message:process.platform==="win32"?`Run this terminal as Administrator and try again:
40
- npm install -g ${er}`:`Try with elevated permissions:
41
- sudo npm install -g ${er}`}:{success:false,error:"unknown",message:s||"npm install failed"}}var er,nr=f(()=>{"use strict";er="@anthropic-ai/claude-code";});function sr(){return Lt__namespace.default.join(Ht__namespace.default.homedir(),".claude","flow-obs",".logged-out")}function tn(){try{let t=sr();E__namespace.default.mkdirSync(Lt__namespace.default.dirname(t),{recursive:!0}),E__namespace.default.writeFileSync(t,"",{mode:384});}catch{}}function en(){try{E__namespace.default.unlinkSync(sr());}catch{}}function we(){try{return E__namespace.default.existsSync(sr())}catch{return false}}var rn=f(()=>{"use strict";});var or={};H(or,{promptRaw:()=>z,runLogin:()=>dt,runLogout:()=>ro,runStatus:()=>no});function Z(t){return typeof t=="string"?t.replace(Zs,""):t}function z(t,e={}){return new Promise((r,n)=>{if(typeof process.stdin.setRawMode!="function"){n(new Error("NOT_A_TTY"));return}let{masked:s=false,defaultValue:o=""}=e;process.stdout.write(t+o);let i=o;function a(){try{process.stdin.setRawMode(!1);}catch{}}process.once("uncaughtException",a),process.once("unhandledRejection",a);let c=d=>{if(d===""){u(),n(new Error("SIGINT"));return}if(d==="\r"||d===`
42
- `){u(),process.stdout.write(`
43
- `),r(i);return}if(d==="\x7F"){i.length>0&&(i=i.slice(0,-1),process.stdout.write("\b \b"));return}d.startsWith("\x1B")||(i+=d,process.stdout.write(s?"*".repeat(d.length):d));};function u(){process.stdin.setRawMode(false),process.stdin.removeListener("data",c),process.removeListener("uncaughtException",a),process.removeListener("unhandledRejection",a);}process.stdin.setRawMode(true),process.stdin.resume(),process.stdin.setEncoding("utf8"),process.stdin.on("data",c);})}async function nn(t){if(!we())try{await I()||await Qe(t);}catch{}}async function sn(t){let{accessToken:e,expiresAt:r}=await W(t);await Qe(t),await Gt({accessToken:e,expiresAt:r}),en();try{let n=qr(t);X({[m.ANTHROPIC_AUTH_TOKEN]:n});}catch{}}async function Qs(t){try{return await sn(t),process.stdout.write(P(` \u2713 Setup complete. Tenant: ${Z(t.tenant)}
44
-
45
- `)),0}catch(e){return process.stderr.write(v(` \u2717 Authentication failed: ${Z(e.message)}
46
- `)),1}}async function to(){try{process.stdout.write(`
47
- `);let t=(await z(R(" ? ")+"Client ID: ")).trim(),e=(await z(R(" ? ")+"Client Secret: ",{masked:!0})).trim(),r=(await z(R(" ? ")+"Tenant: ")).trim();if(!t||!e||!r)return process.stderr.write(v(` \u2717 All fields are required
48
- `)),1;try{await sn({clientId:t,clientSecret:e,tenant:r});}catch(n){return process.stderr.write(v(` \u2717 Authentication failed: ${Z(n.message)}
49
- `)),1}return process.stdout.write(P(` \u2713 Setup complete. Tenant: ${Z(r)}
50
- `)),process.stdout.write(` Storage: ${await tr()}
51
-
52
- `),0}catch(t){if(t.message==="SIGINT"||t.message==="NOT_A_TTY")throw t;return process.stderr.write(v(` \u2717 Unexpected error: ${t.message}
53
- `)),1}}async function dt(t={}){let e=ut();if(e)return e;if(t.clientId&&t.clientSecret&&t.tenant)return Qs({clientId:t.clientId,clientSecret:t.clientSecret,tenant:t.tenant});let r=we()?null:N(process.env[m.ANTHROPIC_AUTH_TOKEN]);r&&await nn(r);let n=r||await I();if(n){process.stdout.write(`
54
- `),process.stdout.write(j(` Already authenticated
55
- `)),process.stdout.write(h(" Tenant: ")+Z(n.tenant)+`
56
- `),process.stdout.write(h(" Client ID: ")+Z(n.clientId)+`
40
+ or download from: https://nodejs.org`,linux:"See package manager instructions at: https://nodejs.org/en/download/package-manager"}[process.platform]??"Download from: https://nodejs.org"}`};let e=child_process.spawnSync("npm",["install","-g",Ze],{encoding:"utf8",stdio:["inherit","inherit","pipe"],timeout:12e4});if(e.status===0)return {success:true};let r=String(e.stderr??""),n=e.error,s=n instanceof Error?n.message:r;return s.includes("EACCES")||s.includes("permission denied")||s.includes("EPERM")||r.includes("EACCES")||r.includes("EPERM")?{success:false,error:"permission_denied",message:process.platform==="win32"?`Run this terminal as Administrator and try again:
41
+ npm install -g ${Ze}`:`Try with elevated permissions:
42
+ sudo npm install -g ${Ze}`}:{success:false,error:"unknown",message:s||"npm install failed"}}var Ze,tr=m(()=>{"use strict";Ze="@anthropic-ai/claude-code";});function er(){return It__namespace.default.join(lt__namespace.default.homedir(),".claude","flow-obs",".logged-out")}function nn(){try{let t=er();g__namespace.default.mkdirSync(It__namespace.default.dirname(t),{recursive:!0}),g__namespace.default.writeFileSync(t,"",{mode:384});}catch{}}function sn(){try{g__namespace.default.unlinkSync(er());}catch{}}function rr(){try{return g__namespace.default.existsSync(er())}catch{return false}}var on=m(()=>{"use strict";});var nr={};M(nr,{promptRaw:()=>X,runLogin:()=>pt,runLogout:()=>so,runStatus:()=>oo});function z(t){return typeof t=="string"?t.replace(to,""):t}function X(t,e={}){return new Promise((r,n)=>{if(typeof process.stdin.setRawMode!="function"){n(new Error("NOT_A_TTY"));return}let{masked:s=false,defaultValue:o=""}=e;process.stdout.write(t+o);let i=o;function a(){try{process.stdin.setRawMode(!1);}catch{}}process.once("uncaughtException",a),process.once("unhandledRejection",a);let c=d=>{if(d===""){l(),n(new Error("SIGINT"));return}if(d==="\r"||d===`
43
+ `){l(),process.stdout.write(`
44
+ `),r(i);return}if(d==="\x7F"){i.length>0&&(i=i.slice(0,-1),process.stdout.write("\b \b"));return}d.startsWith("\x1B")||(i+=d,process.stdout.write(s?"*".repeat(d.length):d));};function l(){process.stdin.setRawMode(false),process.stdin.removeListener("data",c),process.removeListener("uncaughtException",a),process.removeListener("unhandledRejection",a);}process.stdin.setRawMode(true),process.stdin.resume(),process.stdin.setEncoding("utf8"),process.stdin.on("data",c);})}async function an(t){let{accessToken:e,expiresAt:r}=await W(t),n=Zr(t);J({[p.ANTHROPIC_AUTH_TOKEN]:n}),sn(),await Gt({accessToken:e,expiresAt:r});}async function eo(t){try{return await an(t),process.stdout.write(P(` \u2713 Setup complete. Tenant: ${z(t.tenant)}
45
+
46
+ `)),0}catch(e){return process.stderr.write(L(` \u2717 Authentication failed: ${z(e.message)}
47
+ `)),1}}async function ro(){try{process.stdout.write(`
48
+ `);let t=(await X(R(" ? ")+"Client ID: ")).trim(),e=(await X(R(" ? ")+"Client Secret: ",{masked:!0})).trim(),r=(await X(R(" ? ")+"Tenant: ")).trim();if(!t||!e||!r)return process.stderr.write(L(` \u2717 All fields are required
49
+ `)),1;try{await an({clientId:t,clientSecret:e,tenant:r});}catch(n){return process.stderr.write(L(` \u2717 Authentication failed: ${z(n.message)}
50
+ `)),1}return process.stdout.write(P(` \u2713 Setup complete. Tenant: ${z(r)}
51
+ `)),process.stdout.write(` Storage: ANTHROPIC_AUTH_TOKEN (settings.json)
52
+
53
+ `),0}catch(t){if(t.message==="SIGINT"||t.message==="NOT_A_TTY")throw t;return process.stderr.write(L(` \u2717 Unexpected error: ${t.message}
54
+ `)),1}}async function pt(t={}){let e=ut();if(e)return e;if(t.clientId&&t.clientSecret&&t.tenant)return eo({clientId:t.clientId,clientSecret:t.clientSecret,tenant:t.tenant});let n=rr()?null:b(Rt(p.ANTHROPIC_AUTH_TOKEN)??process.env[p.ANTHROPIC_AUTH_TOKEN]);if(n){process.stdout.write(`
55
+ `),process.stdout.write(H(` Already authenticated
56
+ `)),process.stdout.write(E(" Tenant: ")+z(n.tenant)+`
57
+ `),process.stdout.write(E(" Client ID: ")+z(n.clientId)+`
57
58
  `),process.stdout.write(`
58
- `);let s;try{s=await z(R(" ? ")+"Re-authenticate? (y/N): ");}catch(o){if(o.message==="SIGINT")return process.stdout.write(`
59
+ `);let s;try{s=await X(R(" ? ")+"Re-authenticate? (y/N): ");}catch(o){if(o.message==="SIGINT")return process.stdout.write(`
59
60
  `),130;if(o.message==="NOT_A_TTY")return process.stdout.write(P(` \u2713 Using existing credentials.
60
61
 
61
62
  `)),0;throw o}if(s.trim().toLowerCase()!=="y")return process.stdout.write(P(` \u2713 Using existing credentials.
62
63
 
63
- `)),0}try{return await to()}catch(s){if(s.message==="SIGINT")return process.stdout.write(`
64
- `),130;if(s.message==="NOT_A_TTY")return process.stderr.write(v(` \u2717 No credentials found and no TTY available for interactive login.
65
- `)+" Pass --client-id, --client-secret and --tenant, or run `flow-ai-obs auth login` in a terminal.\n\n"),1;throw s}}async function eo(){try{return process.stdout.write(`
66
- `),(await z(R(" ? ")+"Are you sure? This will remove your local credentials. (y/N): ")).toLowerCase()!=="y"?(process.stdout.write(A(` \u26A0 Logout cancelled
64
+ `)),0}try{return await ro()}catch(s){if(s.message==="SIGINT")return process.stdout.write(`
65
+ `),130;if(s.message==="NOT_A_TTY")return process.stderr.write(L(` \u2717 No credentials found and no TTY available for interactive login.
66
+ `)+" Pass --client-id, --client-secret and --tenant, or run `flow-ai-obs auth login` in a terminal.\n\n"),1;throw s}}async function no(){try{return process.stdout.write(`
67
+ `),(await X(R(" ? ")+"Are you sure? This will remove your local credentials. (y/N): ")).toLowerCase()!=="y"?(process.stdout.write(k(` \u26A0 Logout cancelled
67
68
  `)),0):null}catch(t){if(t.message==="SIGINT")return process.stdout.write(`
68
- `),130;throw t}}async function ro(t=false){let e=ut();if(e)return e;if(!await Jr())return process.stdout.write(A(` \u26A0 You are not authenticated
69
- `)),0;if(!t){let r=await eo();if(r!==null)return r}try{return await Kr(),tn(),process.stdout.write(P(` \u2713 Credentials removed successfully
70
- `)),0}catch{return process.stderr.write(v(` \u2717 Error removing credentials
71
- `)),1}}async function no(){if(we())return process.stdout.write(A(" \u26A0 Not authenticated. Run `flow-ai-obs auth login` to set up.\n")),0;let t=N(process.env[m.ANTHROPIC_AUTH_TOKEN]);t&&await nn(t);let e=t||await I();if(!e)return process.stdout.write(A(" \u26A0 Not authenticated. Run `flow-ai-obs auth login` to set up.\n")),0;if(!t&&!await me())return process.stdout.write(A(" \u26A0 Session expired. Run `flow-ai-obs auth login` to re-authenticate.\n")),0;let r=e.clientSecret.length>4?"****...****"+e.clientSecret.slice(-4):"****",n=t?"ANTHROPIC_AUTH_TOKEN (settings.json)":await tr();return process.stdout.write(`
72
- `+j(` Authenticated
73
- `)),process.stdout.write(h(" Tenant: ")+Z(e.tenant)+`
74
- `),process.stdout.write(h(" Client ID: ")+Z(e.clientId)+`
75
- `),process.stdout.write(h(" Client Secret: ")+r+`
76
- `),process.stdout.write(h(" Storage: ")+n+`
77
-
78
- `),0}var Zs,Jt=f(()=>{"use strict";Kt();rn();Ot();G();jt();k();it();Mt();Zs=/[\x00-\x08\x0B-\x1F\x7F]|\x1b\[[0-9;]*[a-zA-Z]/g;});var ir={};H(ir,{runInit:()=>oo});function so(){try{let t=E__namespace.readFileSync(L(),"utf8"),e=JSON.parse(t);return !!(e.env&&e.env[m.ANTHROPIC_AUTH_TOKEN])}catch{return false}}function cn(t){let e;try{e=new URL(t);}catch{throw new Error(`Invalid URL: ${t}`)}if(e.protocol!=="https:")throw new Error(`Custom URL must use HTTPS: ${t}`);let r=process.env[m.FLOW_OBS_ALLOW_HTTP];try{delete process.env[m.FLOW_OBS_ALLOW_HTTP],Pt(t);}finally{r!==void 0&&(process.env[m.FLOW_OBS_ALLOW_HTTP]=r);}if(e.pathname!=="/"&&e.pathname!=="")throw new Error(`Custom URL must be a base URL with no path beyond the root.
69
+ `),130;throw t}}async function so(t=false){let e=ut();if(e)return e;if(!b(Rt(p.ANTHROPIC_AUTH_TOKEN)??process.env[p.ANTHROPIC_AUTH_TOKEN]))return process.stdout.write(k(` \u26A0 You are not authenticated
70
+ `)),0;if(!t){let n=await no();if(n!==null)return n}try{return xr([p.ANTHROPIC_AUTH_TOKEN]),delete process.env[p.ANTHROPIC_AUTH_TOKEN],nn(),process.stdout.write(P(` \u2713 Credentials removed successfully
71
+ `)),0}catch{return process.stderr.write(L(` \u2717 Error removing credentials
72
+ `)),1}}async function oo(){if(rr())return process.stdout.write(k(" \u26A0 Not authenticated. Run `flow-ai-obs auth login` to set up.\n")),0;let t=b(Rt(p.ANTHROPIC_AUTH_TOKEN)??process.env[p.ANTHROPIC_AUTH_TOKEN]);if(!t)return process.stdout.write(k(" \u26A0 Not authenticated. Run `flow-ai-obs auth login` to set up.\n")),0;if(!await ge())return process.stdout.write(k(" \u26A0 Session expired. Run `flow-ai-obs auth login` to re-authenticate.\n")),0;let e=t.clientSecret.length>4?"****...****"+t.clientSecret.slice(-4):"****";return process.stdout.write(`
73
+ `+H(` Authenticated
74
+ `)),process.stdout.write(E(" Tenant: ")+z(t.tenant)+`
75
+ `),process.stdout.write(E(" Client ID: ")+z(t.clientId)+`
76
+ `),process.stdout.write(E(" Client Secret: ")+e+`
77
+ `),process.stdout.write(E(" Storage: ")+`ANTHROPIC_AUTH_TOKEN (settings.json)
78
+
79
+ `),0}var to,Kt=m(()=>{"use strict";he();on();vt();Y();Vt();O();it();Mt();to=/[\x00-\x08\x0B-\x1F\x7F]|\x1b\[[0-9;]*[a-zA-Z]/g;});var or={};M(or,{normalizeCustomUrl:()=>ln,runInit:()=>co,validateCustomUrl:()=>sr});function io(){try{let t=g__namespace.readFileSync(v(),"utf8"),e=JSON.parse(t);return !!(e.env&&e.env[p.ANTHROPIC_AUTH_TOKEN])}catch{return false}}function ao(){let t=de();if(!t)return null;J({FLOW_BASE_URL:t});try{let e=le(),r={};try{r=JSON.parse(g__namespace.readFileSync(e,"utf8"));}catch{return t}delete r.baseUrl,Object.keys(r).length===0?g__namespace.unlinkSync(e):g__namespace.writeFileSync(e,JSON.stringify(r,null,2)+`
80
+ `,{encoding:"utf8",mode:384});}catch{}return t}function ln(t){let e=t.trim().replace(/\\/g,"/");/^https?:\/\//i.test(e)||(e=`https://${e}`);try{let r=new URL(e);return `${r.protocol}//${r.host}`}catch{return e}}function sr(t,e=false){if(e){let o;try{o=new URL(t);}catch{throw new Error(`Invalid URL: ${t}`)}if(o.protocol!=="https:")throw new Error(`Custom URL must use HTTPS: ${t}`);if(o.pathname!=="/"&&o.pathname!=="")throw new Error(`Custom URL must be a base URL with no path beyond the root.
79
81
  Received: ${t}
80
- Expected: https://tenant.example.com`);if(e.search)throw new Error(`Custom URL must not contain query parameters.
82
+ Expected: https://tenant.example.com`);if(o.search)throw new Error(`Custom URL must not contain query parameters.
81
83
  Received: ${t}
82
- Expected: https://tenant.example.com`);if(e.hash)throw new Error(`Custom URL must not contain fragment.
84
+ Expected: https://tenant.example.com`);if(o.hash)throw new Error(`Custom URL must not contain a fragment.
83
85
  Received: ${t}
84
- Expected: https://tenant.example.com`);return t.replace(/\/$/,"")}async function on(){for(let t=1;t<=3;t++)try{let e=await yr(" Enter your Flow base URL (e.g., https://tenant.ciandt.com)");return cn(e)}catch(e){if(process.stderr.write(A(` \u2717 ${e.message}
86
+ Expected: https://tenant.example.com`);let i=process.env[p.FLOW_OBS_ALLOW_HTTP];try{delete process.env[p.FLOW_OBS_ALLOW_HTTP],dt(t);}finally{i!==void 0&&(process.env[p.FLOW_OBS_ALLOW_HTTP]=i);}return t.replace(/\/$/,"")}let r=ln(t),n;try{n=new URL(r);}catch{throw new Error(`Invalid URL: ${t}`)}if(n.protocol!=="https:")throw new Error(`Custom URL must use HTTPS: ${t}`);if(!n.hostname.includes("."))throw new Error(`Invalid domain: ${n.hostname}. Expected format: tenant.example.com`);let s=process.env[p.FLOW_OBS_ALLOW_HTTP];try{delete process.env[p.FLOW_OBS_ALLOW_HTTP],dt(r);}finally{s!==void 0&&(process.env[p.FLOW_OBS_ALLOW_HTTP]=s);}return r.replace(/\/$/,"")}async function cn(){for(let t=1;t<=3;t++)try{let e=await Sr(" Enter your Flow domain (e.g., tenant.ciandt.com)");return sr(e)}catch(e){if(process.stderr.write(k(` \u2717 ${e.message}
85
87
 
86
- `)),t===3)throw process.stderr.write(v(` Too many invalid attempts.
88
+ `)),t===3)throw process.stderr.write(L(` Too many invalid attempts.
87
89
 
88
- `)),new Error("Too many invalid URL attempts")}throw new Error("Too many invalid URL attempts")}async function oo(t={}){let e=ut();if(e)return e;let r=t.url;if(!ge())return process.stderr.write(`
89
- `+v(` \u2717 Claude Code is not installed or not found in PATH.
90
+ `)),new Error("Too many invalid URL attempts")}throw new Error("Too many invalid URL attempts")}function un(){try{let t=g__namespace.readFileSync(v(),"utf8"),r=JSON.parse(t).env?.FLOW_BASE_URL;return typeof r=="string"&&r.trim()?r.trim():null}catch{return null}}async function co(t={}){let e=ut();if(e)return e;let r=t.url;if(!we())return process.stderr.write(`
91
+ `+L(` \u2717 Claude Code is not installed or not found in PATH.
90
92
 
91
93
  `)+` flow-ai-obs requires Claude Code to function.
92
94
  Install it with:
93
95
 
94
96
  `+R(" npm install -g @anthropic-ai/claude-code")+`
95
97
 
96
- `),1;if(process.env.WSL_DISTRO_NAME&&process.platform==="linux"&&process.stdout.write(A(` \u26A0 WSL detected. If Claude Code is installed on Windows, install flow-ai-obs
97
- `)+A(" on Windows too: ")+R(`npm install -g @ciandt-flow/flow-ai-obs
98
- `)+A(` Running Claude (Windows) + flow-ai-obs (WSL) is not a supported configuration.
99
-
100
- `)),!r&&!t.noInteractive&&St()){let u=Vt();try{u?(process.stdout.write(`
101
- Current base URL: ${j(u)}
102
- `),await be(" Keep this URL?",!0)||(r=await on())):(process.stdout.write(`
103
- `),await be(" Does your organization use a custom Flow URL?",!1)&&(r=await on()));}catch{return 1}process.stdout.write(`
104
- `);}if(!r&&!t.noInteractive&&!St()){let u=Vt(),d=process.env.FLOW_BASE_URL,T=u??d??ie,g=!!(u??d);process.stdout.write(A(` \u26A0 Non-interactive environment detected.
105
- `)+h(` Using URL: ${T}
106
- `)+(g?"":h(` Run with --custom-url to configure a custom domain.
98
+ `),1;process.env.WSL_DISTRO_NAME&&process.platform==="linux"&&process.stdout.write(k(` \u26A0 WSL detected. If Claude Code is installed on Windows, install flow-ai-obs
99
+ `)+k(" on Windows too: ")+R(`npm install -g @ciandt-flow/flow-ai-obs
100
+ `)+k(` Running Claude (Windows) + flow-ai-obs (WSL) is not a supported configuration.
101
+
102
+ `));let n=ao();if(n&&process.stdout.write(k(` \u26A0 Legacy config migrated.
103
+ `)+E(` Custom URL moved from ~/.config/flow-ai-obs/config.json
104
+ `)+E(` to FLOW_BASE_URL in ~/.claude/settings.json: ${n}
105
+
106
+ `)),!r&&!t.noInteractive&&yt()){let d=un();try{d?(process.stdout.write(`
107
+ Current base URL: ${H(d)}
108
+ `),await be(" Keep this URL?",!0)||(r=await cn())):(process.stdout.write(`
109
+ `),await be(" Does your organization use a custom Flow URL?",!1)&&(r=await cn()));}catch{return 1}process.stdout.write(`
110
+ `);}if(!r&&!t.noInteractive&&!yt()){let d=un(),h=process.env.FLOW_BASE_URL,w=d??h??Dt,T=!!(d??h);process.stdout.write(k(` \u26A0 Non-interactive environment detected.
111
+ `)+E(` Using URL: ${w}
112
+ `)+(T?"":E(` Run with --custom-url to configure a custom domain.
107
113
  `))+`
108
- `);}let n=null,s=null;if(r){let u;try{u=cn(r);}catch(wt){return process.stderr.write(`
109
- \u2717 Invalid --custom-url: ${wt.message}
114
+ `);}let s=null,o=null;if(r){let d;try{d=sr(r,!0);}catch(Et){return process.stderr.write(`
115
+ \u2717 Invalid --custom-url: ${Et.message}
110
116
 
111
- `),1}let d=Vt(),T=Ur(),g=`${u}/otel`,w=`${u}/flow-llm-proxy/`,_=d??"https://flow.ciandt.com",ht=T?.OTEL_EXPORTER_OTLP_ENDPOINT&&T.OTEL_EXPORTER_OTLP_ENDPOINT!==`${_}/otel`,nt=T?.ANTHROPIC_BASE_URL&&T.ANTHROPIC_BASE_URL!==`${_}/flow-llm-proxy/`;s={FLOW_BASE_URL:u,OTEL_EXPORTER_OTLP_ENDPOINT:ht?T.OTEL_EXPORTER_OTLP_ENDPOINT:g,ANTHROPIC_BASE_URL:nt?T.ANTHROPIC_BASE_URL:w},n=u,d&&d!==u?process.stdout.write(A(` \u26A0 Base URL updated.
112
- `)+h(` Previous: ${d}
113
- `)+h(` New: ${u}
117
+ `),1}let h=de(),w=Nr(),T=`${d}/otel`,A=`${d}/flow-llm-proxy/`,_=h??Dt,wt=w?.OTEL_EXPORTER_OTLP_ENDPOINT&&w.OTEL_EXPORTER_OTLP_ENDPOINT!==`${_}/otel`,nt=w?.ANTHROPIC_BASE_URL&&w.ANTHROPIC_BASE_URL!==`${_}/flow-llm-proxy/`;o={FLOW_BASE_URL:d,OTEL_EXPORTER_OTLP_ENDPOINT:wt?w.OTEL_EXPORTER_OTLP_ENDPOINT:T,ANTHROPIC_BASE_URL:nt?w.ANTHROPIC_BASE_URL:A},s=d,h&&h!==d?process.stdout.write(k(` \u26A0 Base URL updated.
118
+ `)+E(` Previous: ${h}
119
+ `)+E(` New: ${d}
114
120
 
115
- `)):process.stdout.write(P(` \u2713 Base URL configured: ${u}
121
+ `)):process.stdout.write(P(` \u2713 Base URL configured: ${d}
116
122
 
117
- `));}if(!so())if(t.noInteractive||!St())process.stdout.write(A(" \u26A0 No credentials found in settings.json \u2014 run `flow-ai-obs auth login` to authenticate.\n\n"));else {process.stdout.write(A(` \u26A0 No credentials found in settings.json \u2014 authentication required.
123
+ `));}if(!io())if(t.noInteractive||!yt())process.stdout.write(k(" \u26A0 No credentials found in settings.json \u2014 run `flow-ai-obs auth login` to authenticate.\n\n"));else {process.stdout.write(k(` \u26A0 No credentials found in settings.json \u2014 authentication required.
118
124
 
119
- `));let{runLogin:u}=await Promise.resolve().then(()=>(Jt(),or)),d=await u();if(d!==0)return d}let o,i;try{(({settingsPath:o,preserved:i}=Cr())),s&&X(s);}catch(u){return process.stderr.write(` \u2717 Failed to write settings: ${u.message}
125
+ `));let{runLogin:d}=await Promise.resolve().then(()=>(Kt(),nr)),h=await d();if(h!==0)return h}let i,a;try{(({settingsPath:i,preserved:a}=$r())),o&&J(o);}catch(d){return process.stderr.write(` \u2717 Failed to write settings: ${d.message}
120
126
  `),1}process.stdout.write(`
121
- `+j(" Native OTEL configured")+` (metrics & logs)
122
- `);let a=s?{...V,OTEL_EXPORTER_OTLP_ENDPOINT:s.OTEL_EXPORTER_OTLP_ENDPOINT}:V;for(let[u,d]of Object.entries(a))process.stdout.write(h(` ${u.padEnd(36)}`)+d+`
127
+ `+H(" Native OTEL configured")+` (metrics & logs)
128
+ `);let c=o?{...j,OTEL_EXPORTER_OTLP_ENDPOINT:o.OTEL_EXPORTER_OTLP_ENDPOINT}:j;for(let[d,h]of Object.entries(c))process.stdout.write(E(` ${d.padEnd(36)}`)+h+`
123
129
  `);process.stdout.write(`
124
- `),process.stdout.write(j(" Hooks registered")+` (Langfuse trace capture)
125
- `),process.stdout.write(h(" UserPromptSubmit")+` \u2192 flow-ai-obs UserPromptSubmit (timeout: 5s)
126
- `),process.stdout.write(h(" PreToolUse ")+` \u2192 flow-ai-obs PreToolUse (timeout: 3s)
127
- `),process.stdout.write(h(" PostToolUse ")+` \u2192 flow-ai-obs PostToolUse (timeout: 10s)
128
- `),process.stdout.write(h(" Stop ")+` \u2192 flow-ai-obs Stop (timeout: 15s)
129
- `),i.length>0&&(process.stdout.write(`
130
- `),process.stdout.write(A(` \u26A0 Third-party hooks detected and preserved on: ${i.join(", ")}
131
- `)),process.stdout.write(h(` flow-ai-obs was prepended \u2014 it executes first.
130
+ `),process.stdout.write(H(" Hooks registered")+` (Langfuse trace capture)
131
+ `),process.stdout.write(E(" UserPromptSubmit")+` \u2192 flow-ai-obs UserPromptSubmit (timeout: 5s)
132
+ `),process.stdout.write(E(" PreToolUse ")+` \u2192 flow-ai-obs PreToolUse (timeout: 3s)
133
+ `),process.stdout.write(E(" PostToolUse ")+` \u2192 flow-ai-obs PostToolUse (timeout: 10s)
134
+ `),process.stdout.write(E(" Stop ")+` \u2192 flow-ai-obs Stop (timeout: 15s)
135
+ `),a.length>0&&(process.stdout.write(`
136
+ `),process.stdout.write(k(` \u26A0 Third-party hooks detected and preserved on: ${a.join(", ")}
137
+ `)),process.stdout.write(E(` flow-ai-obs was prepended \u2014 it executes first.
132
138
  `))),process.stdout.write(`
133
- `),process.stdout.write(h(" Settings: ")+o+`
134
- `),process.stdout.write(h(" Backup: ")+o+`.bkp
135
- `),process.stdout.write(h(" OTEL auth: flow-ai-obs otel-headers")+h(` (reads keychain at runtime)
136
- `));let c=n??Vt()??process.env.FLOW_BASE_URL??ie;return process.stdout.write(h(" Base URL: ")+c+`
139
+ `),process.stdout.write(E(" Settings: ")+i+`
140
+ `),process.stdout.write(E(" Backup: ")+i+`.bkp
141
+ `),process.stdout.write(E(" OTEL auth: flow-ai-obs otel-headers")+E(` (reads ANTHROPIC_AUTH_TOKEN from settings.json)
142
+ `));let l=s??de()??process.env.FLOW_BASE_URL??Dt;return process.stdout.write(E(" Base URL: ")+l+`
137
143
  `),process.stdout.write(`
138
144
  `),t.skipHint||(process.stdout.write(P(` \u2713 Ready. Native OTEL + Langfuse trace capture active.
139
- `)),process.stdout.write(h(" Run `flow-ai-obs setup` to configure a full environment from scratch.\n\n"))),0}var ar=f(()=>{"use strict";jt();k();it();de();Mt();$r();G();nr();Pe();});var dn={};H(dn,{runSetup:()=>po});function io(){try{return JSON.parse(E__namespace.readFileSync(L(),"utf8"))}catch{return {}}}function ao(t){return !!(t.env??{}).ANTHROPIC_BASE_URL}function co(t){let e=t.env??{};return Object.keys(V).every(r=>!!e[r])}function uo(t){let e=t.hooks??{};return ["UserPromptSubmit","PreToolUse","PostToolUse","Stop"].every(n=>{let s=e[n];return Array.isArray(s)?s.some(o=>{let i=o;return Array.isArray(i?.hooks)&&i.hooks.some(a=>a?.command?.startsWith("flow-ai-obs "))}):false})}async function lo(t){return (await z(t)).trim().toLowerCase()==="y"}function Ee(t,e,r){process.stdout.write(`
140
- ${j(`[${t}/${e}]`)} ${r}
145
+ `)),process.stdout.write(E(" Run `flow-ai-obs setup` to configure a full environment from scratch.\n\n"))),0}var ir=m(()=>{"use strict";Vt();O();it();ue();Mt();We();Y();tr();Ce();});var fn={};M(fn,{runSetup:()=>go});function uo(){try{return JSON.parse(g__namespace.readFileSync(v(),"utf8"))}catch{return {}}}function lo(t){return !!(t.env??{}).ANTHROPIC_BASE_URL}function po(t){let e=t.env??{};return Object.keys(j).every(r=>!!e[r])}function fo(t){let e=t.hooks??{};return ["UserPromptSubmit","PreToolUse","PostToolUse","Stop"].every(n=>{let s=e[n];return Array.isArray(s)?s.some(o=>{let i=o;return Array.isArray(i?.hooks)&&i.hooks.some(a=>a?.command?.startsWith("flow-ai-obs "))}):false})}async function mo(t){return (await X(t)).trim().toLowerCase()==="y"}function Te(t,e,r){process.stdout.write(`
146
+ ${H(`[${t}/${e}]`)} ${r}
141
147
  `);}function q(t){process.stdout.write(P(` \u2713 ${t}
142
- `));}function un(t){process.stdout.write(A(` \u26A0 ${t}
143
- `));}function qt(t){process.stderr.write(v(` \u2717 ${t}
144
- `));}function pt(t){process.stdout.write(h(` ${t}
145
- `));}async function po(t={}){let e=ut();if(e)return e;let r=4;process.stdout.write(`
148
+ `));}function dn(t){process.stdout.write(k(` \u26A0 ${t}
149
+ `));}function qt(t){process.stderr.write(L(` \u2717 ${t}
150
+ `));}function ft(t){process.stdout.write(E(` ${t}
151
+ `));}async function go(t={}){let e=ut();if(e)return e;let r=4;process.stdout.write(`
146
152
  \u2554\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2557
147
153
  `),process.stdout.write(`\u2551 flow-ai-obs \u2014 setup \u2551
148
154
  `),process.stdout.write(`\u255A\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u255D
149
155
  `),process.stdout.write(`
150
156
  This will configure your development environment:
151
- `),process.stdout.write(h(` [1/4] Claude Code Install @anthropic-ai/claude-code (if needed)
152
- `)),process.stdout.write(h(` [2/4] Proxy Configure Flow LLM routing
153
- `)),process.stdout.write(h(` [3/4] AI Usage Enable native OTEL telemetry
154
- `)),process.stdout.write(h(` [4/4] Langfuse Register trace capture hooks
157
+ `),process.stdout.write(E(` [1/4] Claude Code Install @anthropic-ai/claude-code (if needed)
158
+ `)),process.stdout.write(E(` [2/4] Proxy Configure Flow LLM routing
159
+ `)),process.stdout.write(E(` [3/4] AI Usage Enable native OTEL telemetry
160
+ `)),process.stdout.write(E(` [4/4] Langfuse Register trace capture hooks
155
161
  `)),process.stdout.write(`
156
- `);let n=io();if(Ee(1,r,"Checking Claude Code..."),ge()){let s=rr();q(s?`Already installed (${s}) \u2014 skipping.`:"Already installed \u2014 skipping.");}else {pt("Not found. Installing via npm...");let s=Zr();if(!s.success)return qt(s.message??"Failed to install Claude Code."),process.stderr.write(v(` Setup aborted at step 1. Resolve the error above and try again.
157
- `)),1;let o=rr();q(o?`Claude Code ${o} installed.`:"Claude Code installed.");}if(Ee(2,r,"Configuring proxy..."),ao(n)){let s=n.env.ANTHROPIC_BASE_URL;un(`Proxy already configured (${s})`);let o=t.nonInteractive||!process.stdin.isTTY,i=false;if(!o)try{i=await lo(R(" ? ")+"Replace existing proxy configuration? [y/N]: ");}catch(a){if(a.message==="SIGINT")return process.stdout.write(`
158
- `),130;throw a}if(!i)pt("Keeping existing proxy configuration.");else {let a=await dt(t);if(a!==0)return a;try{X(Bt()),q("Proxy reconfigured.");}catch(c){return qt(`Could not write proxy config: ${c.message}`),1}}}else {let s=await dt(t);if(s!==0)return s;try{X(Bt()),q("Proxy configured."),pt(`Settings: ${L()}`);}catch(o){return qt(`Could not write proxy config: ${o.message}`),1}}if(Ee(3,r,"Configuring AI Usage..."),t.url){let{runInit:s}=await Promise.resolve().then(()=>(ar(),ir)),o=await s({noInteractive:true,url:t.url,skipHint:true});if(o!==0)return o;q("AI Usage configured with custom URL.");}else if(co(n))q("Already configured \u2014 skipping.");else try{X(V),q("AI Usage configured."),pt(`Settings: ${L()}`);}catch(s){return qt(`Could not write AI Usage config: ${s.message}`),1}if(Ee(4,r,"Configuring Langfuse..."),uo(n))q("Already configured \u2014 skipping.");else {let s,o;try{({settingsPath:s,preserved:o}=Nr());}catch(i){return qt(`Could not write hooks: ${i.message}`),1}q("Hooks registered (UserPromptSubmit, PreToolUse, PostToolUse, Stop)"),o.length>0&&(un(`Third-party hooks preserved on: ${o.join(", ")}`),pt("flow-ai-obs was prepended \u2014 it executes first.")),pt(`Settings: ${s}`),pt(`Backup: ${s}.bkp`);}return process.stdout.write(`
159
- `+P(" \u2713 Setup complete. Run `claude` to start.\n\n")),0}var pn=f(()=>{"use strict";k();it();Mt();Jt();jt();nr();});var fn={};H(fn,{runOtelHeaders:()=>fo});async function fo(){let t=N(process.env[m.ANTHROPIC_AUTH_TOKEN]);if(!t)try{t=await I();}catch{return process.stderr.write(`[flow-ai-obs otel-headers] Failed to read credentials
160
- `),1}if(!t)return process.stderr.write(`[flow-ai-obs otel-headers] Not authenticated \u2014 run: flow-ai-obs auth login
162
+ `);let n=uo();if(Te(1,r,"Checking Claude Code..."),we()){let s=Qe();q(s?`Already installed (${s}) \u2014 skipping.`:"Already installed \u2014 skipping.");}else {ft("Not found. Installing via npm...");let s=en();if(!s.success)return qt(s.message??"Failed to install Claude Code."),process.stderr.write(L(` Setup aborted at step 1. Resolve the error above and try again.
163
+ `)),1;let o=Qe();q(o?`Claude Code ${o} installed.`:"Claude Code installed.");}if(Te(2,r,"Configuring proxy..."),lo(n)){let s=n.env.ANTHROPIC_BASE_URL;dn(`Proxy already configured (${s})`);let o=t.nonInteractive||!process.stdin.isTTY,i=false;if(!o)try{i=await mo(R(" ? ")+"Replace existing proxy configuration? [y/N]: ");}catch(a){if(a.message==="SIGINT")return process.stdout.write(`
164
+ `),130;throw a}if(!i)ft("Keeping existing proxy configuration.");else {let a=await pt(t);if(a!==0)return a;try{J(Bt()),q("Proxy reconfigured.");}catch(c){return qt(`Could not write proxy config: ${c.message}`),1}}}else {let s=await pt(t);if(s!==0)return s;try{J(Bt()),q("Proxy configured."),ft(`Settings: ${v()}`);}catch(o){return qt(`Could not write proxy config: ${o.message}`),1}}if(Te(3,r,"Configuring AI Usage..."),t.url){let{runInit:s}=await Promise.resolve().then(()=>(ir(),or)),o=await s({noInteractive:true,url:t.url,skipHint:true});if(o!==0)return o;q("AI Usage configured with custom URL.");}else if(po(n))q("Already configured \u2014 skipping.");else try{J(j),q("AI Usage configured."),ft(`Settings: ${v()}`);}catch(s){return qt(`Could not write AI Usage config: ${s.message}`),1}if(Te(4,r,"Configuring Langfuse..."),fo(n))q("Already configured \u2014 skipping.");else {let s,o;try{({settingsPath:s,preserved:o}=Fr());}catch(i){return qt(`Could not write hooks: ${i.message}`),1}q("Hooks registered (UserPromptSubmit, PreToolUse, PostToolUse, Stop)"),o.length>0&&(dn(`Third-party hooks preserved on: ${o.join(", ")}`),ft("flow-ai-obs was prepended \u2014 it executes first.")),ft(`Settings: ${s}`),ft(`Backup: ${s}.bkp`);}return process.stdout.write(`
165
+ `+P(" \u2713 Setup complete. Run `claude` to start.\n\n")),0}var mn=m(()=>{"use strict";O();it();Mt();Kt();Vt();tr();});var gn={};M(gn,{runOtelHeaders:()=>ho});async function ho(){let t=b(process.env[p.ANTHROPIC_AUTH_TOKEN]);if(!t)return process.stderr.write(`[flow-ai-obs otel-headers] Not authenticated \u2014 run: flow-ai-obs auth login
161
166
  `),1;let e;try{e=(await W(t)).accessToken;}catch(r){return process.stderr.write(`[flow-ai-obs otel-headers] Token fetch failed: ${r.message}
162
167
  `),1}return e?(process.stdout.write(`{"Authorization": "Bearer ${e}"}
163
168
  `),0):(process.stderr.write(`[flow-ai-obs otel-headers] Empty token received
164
- `),1)}var mn=f(()=>{"use strict";Kt();Ot();G();k();});var hn={};H(hn,{runCheck:()=>mo});function cr(t){return !t||t.length<=8?"****":t.slice(0,4)+"****...****"+t.slice(-4)}function Xt(t){process.stdout.write(` \u2713 ${t}
165
- `);}function Te(t){process.stdout.write(` \u26A0 ${t}
166
- `);}function Se(t){process.stdout.write(` \u2717 ${t}
167
- `);}function U(t){process.stdout.write(` ${t}
168
- `);}function $(){process.stdout.write(`
169
- `);}async function mo(){$(),process.stdout.write(` flow-claude-observability \u2014 configuration check
170
- `),$(),process.stdout.write(` Auth
171
- `);let t=N(process.env[m.ANTHROPIC_AUTH_TOKEN]),e=t||await I();if(!e){Te("Not authenticated \u2014 starting setup..."),$();let a=await dt();if(a!==0)return a;if(t=N(process.env[m.ANTHROPIC_AUTH_TOKEN]),e=t||await I(),!e)return Se("Authentication failed"),$(),1;$(),process.stdout.write(` Auth
172
- `);}if(!t&&!await me()){Te("Session expired \u2014 re-authenticating..."),$();let a=await dt();if(a!==0)return a;$(),process.stdout.write(` Auth
173
- `);}let r=await lt()||e.clientId;Xt("Authenticated"),U(`Tenant: ${e.tenant}`),U(`User: ${r}`),$(),process.stdout.write(` Native OTEL
174
- `);let n={};try{let a=E__namespace.readFileSync(L(),"utf8");n=JSON.parse(a).env||{};}catch{}let s=Object.keys(V).filter(a=>!n[a]);if(s.length===0?(Xt("All OTEL env vars present in settings.json"),U(`Endpoint: ${n.OTEL_EXPORTER_OTLP_ENDPOINT}`)):(Te(`${s.length} OTEL var(s) missing from settings.json \u2014 native metrics/logs disabled`),s.forEach(a=>Se(`Missing: ${a}`)),U("Run: flow-ai-obs init (restores missing vars automatically)")),$(),process.stdout.write(` Tracing
175
- `),process.env[m.FLOW_TELEMETRY]==="true"){Xt("FLOW_TELEMETRY=true (direct mode enabled)");let a=[m.LANGFUSE_BASE_URL,m.LANGFUSE_PUBLIC_KEY,m.LANGFUSE_SECRET_KEY].filter(c=>!process.env[c]);a.length>0&&a.forEach(c=>Te(`Missing: ${c}`));}else U("FLOW_TELEMETRY not set \u2014 direct mode inactive (gateway mode may still be active)");let i=await J();if(!i||i.length===0)return i&&i.authError?Se("Token refresh failed \u2014 gateway mode could not activate"):(Se("No active destinations \u2014 no traces will be sent"),U("For direct mode: set FLOW_TELEMETRY=true + LANGFUSE_BASE_URL + LANGFUSE_PUBLIC_KEY + LANGFUSE_SECRET_KEY"),U("For gateway mode: run flow-claude-observability auth login")),$(),1;for(let a of i)if(a.mode==="gateway"){let c=await bt();Xt("Mode: gateway"),U(`Endpoint: ${a.endpoint}`),U(`Token: ${cr(c?.accessToken)}`);}else a.mode==="direct"&&(Xt("Mode: direct"),U(`Endpoint: ${a.endpoint}`),U(`PK: ${cr(process.env[m.LANGFUSE_PUBLIC_KEY])}`),U(`SK: ${cr(process.env[m.LANGFUSE_SECRET_KEY])}`));return $(),process.stdout.write(` All checks passed \u2014 observability is active.
176
- `),$(),0}var wn=f(()=>{"use strict";Kt();G();jt();k();Jt();});function K(t,e){let r=typeof t=="object"?JSON.stringify(t):String(t??"");return r.length>e?r.slice(0,e)+" \u2026[truncated]":r}function ye(t,e=100){return String(t??"").split(`
177
- `)[0].slice(0,e).trim()}function ur(){return new Promise(t=>{let e="";process.stdin.setEncoding("utf8"),process.stdin.on("data",r=>{e+=r;}),process.stdin.on("end",()=>{try{t(JSON.parse(e));}catch{t({});}});})}function M(t){process.stdout.write(JSON.stringify(t));}var Nt=f(()=>{"use strict";});function Q(){return String(BigInt(Date.now())*1000000n)}var lr,ft,zt=f(()=>{"use strict";lr=()=>crypto.randomBytes(16).toString("hex"),ft=()=>crypto.randomBytes(8).toString("hex");});function Oo(t,e){let r=Lt.resolve(t);if(!r.startsWith(e))throw new Error(`Path traversal detected: ${t}`);return r}function dr(t){if(!ko.test(t))throw new Error(`Invalid session ID: ${t}`);return Oo(Lt.join(Ht.tmpdir(),`flow-obs-${t}.json`),Ao)}function Ut(t){let e=dr(t);if(!E.existsSync(e))return null;try{return JSON.parse(E.readFileSync(e,"utf8"))}catch{return null}}function $t(t,e){E.writeFileSync(dr(t),JSON.stringify(e),{encoding:"utf8",mode:384});}function pr(t){try{E.unlinkSync(dr(t));}catch{}}var ko,Ao,Zt=f(()=>{"use strict";ko=/^[0-9a-f-]{1,64}$/i,Ao=Lt.normalize(Ht.tmpdir())+Lt.sep;});function _n(t){if(!t||!E.existsSync(t))return null;try{let e=E.readFileSync(t,"utf8").trimEnd().split(`
178
- `);for(let r=e.length-1;r>=0;r--)try{let n=JSON.parse(e[r]);if(n.type==="user"&&n.uuid)return n.uuid}catch{}}catch{}return null}function fr(t){if(!t||!E.existsSync(t))return null;try{let e=E.readFileSync(t,"utf8").trimEnd().split(`
179
- `),r=[],n=0,s=0;for(let o=e.length-1;o>=0;o--)try{let i=JSON.parse(e[o]);if(i.type==="user")break;if(i.type==="assistant"){let c=(i.message?.content??[]).filter(d=>d.type==="text").map(d=>d.text??"").join("");c&&r.unshift(c);let u=i.message?.usage??{};n+=(u.input_tokens??0)+(u.cache_read_input_tokens??0)+(u.cache_creation_input_tokens??0),s+=u.output_tokens??0;}}catch{}return !r.length&&n===0?null:{text:r.join(`
180
-
181
- `),inputTokens:n,outputTokens:s}}catch{}return null}var mr=f(()=>{"use strict";});function On(t){return t.replace(":","/")}function _e(t,e){if(!t)return null;let r=On(t),n=[Lt.join(Ht.homedir(),".claude","skills",r,"SKILL.md"),Lt.join(e??"",".claude","skills",r,"SKILL.md")];for(let s of n)if(E.existsSync(s))try{return E.readFileSync(s,"utf8")}catch{}return null}function vn(t){return t.split(`
182
- `)[0].match(/^\/([a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?)(?:\s.*)?$/i)?.[1]??null}function Ln(t){return !!t.slashSkill||t.toolCalls.some(n=>n.tool==="Skill")?t.toolCalls.some(n=>n.tool==="Skill"&&!n.synthetic||Co.has(n.tool))?"complete":"prerequisite_required":null}function ke(t,e){if(!t)return null;let r=On(t),n=[Lt.join(Ht.homedir(),".claude","skills",r),Lt.join(e??"",".claude","skills",r)],s=null;for(let a of n)if(E.existsSync(Lt.join(a,"SKILL.md"))){s=a;break}if(!s)return null;let o=[];function i(a,c){for(let u of E.readdirSync(a,{withFileTypes:true})){if(Io.has(u.name)||Po.has(u.name)||bo.has(Lt.extname(u.name)))continue;let d=c?`${c}/${u.name}`:u.name;u.isDirectory()?i(Lt.join(a,u.name),d):o.push(d);}}return i(s,""),o.length>0?o:null}var Io,bo,Po,Co,Ae=f(()=>{"use strict";Io=new Set([".venv","__pycache__",".git","node_modules"]),bo=new Set([".pyc",".pyo"]),Po=new Set(["SKILL.md",".DS_Store",".gitignore"]);Co=new Set(["Read","Write","Edit","MultiEdit","Bash","Glob","Grep","TodoWrite","WebFetch","WebSearch","Agent","Task"]);});function $o(t){try{let e=t.split(".")[1].replace(/-/g,"+").replace(/_/g,"/");return JSON.parse(Buffer.from(e,"base64").toString())}catch{return null}}function Fo(t,e,r,n){return new Promise(s=>{let o=new URL(t),i=o.protocol==="https:",a=(i?ps__default.default:Rs__default.default).request({hostname:o.hostname,port:o.port||(i?443:80),path:o.pathname+o.search,method:"POST",headers:{"Content-Type":"application/json","Content-Length":Buffer.byteLength(e),Authorization:`Bearer ${String(r).replace(/[\r\n]/g,"")}`,FlowTenant:String(n).replace(/[\r\n]/g,"")}},c=>{c.resume(),s(c.statusCode??0);});a.on("error",()=>s(0)),a.setTimeout(5e3,()=>{a.destroy(),s(0);}),a.write(e),a.end();})}async function mt(t,e={}){try{let r=N(process.env[m.ANTHROPIC_AUTH_TOKEN]);if(!r)return;let n,s=new Promise((T,g)=>{n=setTimeout(()=>g(new Error("getToken timeout")),4e3),n.unref();}),{accessToken:o}=await Promise.race([W(r),s]);clearTimeout(n);let i=$o(o);if(!i)return;let a=i.tenant||r.tenant,c=JSON.stringify({action:t,booster:Me().BOOSTER,metadata:e,success:!0,tenant:a,timestamp:new Date().toISOString(),os:process.platform,user:{email:i.email||"",id:i.sub||"",name:i.name||i.email||""}}),u=Pt(Me().API_URL),d=await Fo(u,c,o,a);l("metrics.logEvent",`action=${t} status=${d}`);}catch(r){l("metrics.logEvent",`silenced error: ${r.message}`);}}var Oe=f(()=>{"use strict";k();Ot();G();B();});async function gr(t,e=false){if(e){process.stdout.write(JSON.stringify({decision:"block",reason:xo})+`
183
- `);return}let n=!!(await J()).authError,s=t.session_id||"unknown",o=t.prompt||"",i=t.cwd||"",a=_n(t.transcript_path)||lr(),c=vn(o),u=c?_e(c,i):null,d=c?ke(c,i):null;$t(s,{traceId:lr(),spanId:ft(),startNs:Q(),sessionId:s,prompt:o,cwd:i,traceName:a,transcriptPath:t.transcript_path||"",model:process.env[m.ANTHROPIC_MODEL]||"",toolCalls:[],spans:[],pendingTool:null,slashSkill:c,skillContent:u,skillArtifacts:d}),mt("SESSION_STARTED",{traceType:c?"skill":"prompt",slashSkill:c,clientIdExpired:n}),l("UserPromptSubmit",`sid=${s}`,`traceName=${a}`,`slashSkill=${c}`),M(t);}var xo,Rn=f(()=>{"use strict";zt();Zt();mr();Ae();Nt();B();k();G();Oe();xo=`\u26D4 Your Flow API key has expired. You no longer have access to Claude Code through the Flow platform. To restore observability and access, visit ${at()}/settings/api-keys to generate a new API key, then run: flow-ai-obs auth login`;});async function In(t){let e=t.session_id||"unknown",r=t.tool_name||"unknown",n=t.tool_input||{},s=Ut(e);s&&(s.pendingTool={name:r,inputStr:K(n,Y.TOOL_INPUT),startNs:Q()},$t(e,s)),l("PreToolUse",`sid=${e}`,`tool=${r}`,`stateFound=${!!s}`),M(t);}var bn=f(()=>{"use strict";zt();Zt();Nt();B();k();});function p(t,e){return e==null||e===""?null:{key:t,value:{stringValue:String(e)}}}function gt(...t){return t.filter(e=>e!==null)}function Pn(t,e){return {resourceSpans:[{resource:{attributes:t},scopeSpans:[{scope:Do,spans:Array.isArray(e)?e:[e]}]}]}}var Do,y,Cn=f(()=>{"use strict";k();Do={name:De.SCOPE_NAME,version:De.SCOPE_VERSION},y={TRACE_NAME:"langfuse.trace.name",TRACE_INPUT:"langfuse.trace.input",TRACE_OUTPUT:"langfuse.trace.output",TRACE_METADATA:"langfuse.trace.metadata",TRACE_TAGS:"langfuse.trace.tags",USER_ID:"langfuse.user.id",SESSION_ID:"langfuse.session.id",OBS_NAME:"langfuse.observation.name",OBS_INPUT:"langfuse.observation.input",OBS_OUTPUT:"langfuse.observation.output",OBS_LEVEL:"langfuse.observation.level",OBS_TYPE:"langfuse.observation.type",MODEL:"gen_ai.request.model",INPUT_TOKENS:"gen_ai.usage.input_tokens",OUTPUT_TOKENS:"gen_ai.usage.output_tokens"};});function Un(t,e,r,n,s){if(process.env[m.FLOW_OBS_DEBUG]!=="1")return;let o=JSON.stringify({ts:new Date().toISOString(),request:{method:"POST",url:t,headers:e,body:JSON.parse(r)},response:{status:n,body:s}});try{E.writeFileSync(Nn,o+`
184
- `,{flag:"a",encoding:"utf8",mode:384}),l("sendTraces:dump",`request appendada em ${Nn}`);}catch(i){l("sendTraces:dump",`falha ao salvar: ${i.message}`);}}function Yo(t){let e=new URL(t),r=new URL(At().GATEWAY_HEALTH);return r.hostname=e.hostname,r.port=e.port,r.protocol=e.protocol,r}function $n(t,e){return new Promise((r,n)=>{let s=t._isSSL?ps__default.default:Rs__default.default;t.headers=Object.assign({},t.headers,{Connection:"close"});let o=s.request(t,i=>{let a=[];i.on("data",c=>a.push(c)),i.on("end",()=>r({statusCode:i.statusCode??0,body:a.join("")}));});o.setTimeout(1e4,()=>{o.destroy(new Error("Request timeout"));}),o.on("error",i=>n(new Error(`Network error: ${i.message}`))),e&&o.write(e),o.end();})}async function Fn(t,e){let r;try{r=Yo(t);}catch{return false}let n=r.protocol==="https:";try{let s={};e&&(s.Authorization=String(e).replace(/[\r\n]/g,""));let o=await $n({hostname:r.hostname,port:r.port||(n?443:80),path:r.pathname,method:"GET",headers:s,_isSSL:n},null);return l("checkHealth",`url=${r.href} status=${o.statusCode}`),o.statusCode>=200&&o.statusCode<300}catch{return false}}async function ve(t,e,r){let n=JSON.stringify(t),s=new URL(e),o=s.protocol==="https:",i=String(r).replace(/[\r\n]/g,""),a={"Content-Type":"application/json",Authorization:i,"Content-Length":Buffer.byteLength(n)};l("sendTraces:request",`POST ${e}`),l("sendTraces:request",`headers=${JSON.stringify({...a,Authorization:i.slice(0,20)+"\u2026"})}`),l("sendTraces:request",`body=${n.slice(0,500)}${n.length>500?"\u2026":""}`);try{let c=await $n({hostname:s.hostname,port:s.port||(o?443:80),path:s.pathname,method:"POST",headers:a,_isSSL:o},n);return l("sendTraces:response",`status=${c.statusCode}`),Un(e,a,n,c.statusCode,c.body),c.statusCode}catch(c){return l("sendTraces:error",c.message),Un(e,a,n,0,c.message),0}}var Nn,xn=f(()=>{"use strict";k();B();Nn=Lt.join(Ht.tmpdir(),"flow-obs-requests.ndjson");});function Wo(){let t=parseInt(process.env[m.BUFFER_TTL_DAYS]??"",10);return (Number.isFinite(t)?Math.max(D.MIN_TTL_DAYS,Math.min(D.MAX_TTL_DAYS,t)):D.DEFAULT_TTL_DAYS)*24*60*60*1e3}function Go(){let t=parseInt(process.env[m.BUFFER_MAX_FILES]??"",10);return Number.isFinite(t)?Math.max(D.MIN_MAX_FILES,Math.min(D.MAX_MAX_FILES,t)):D.DEFAULT_MAX_FILES}function Bn(t){if(/[/\\]/.test(t))throw new Error(`Invalid buffer fileId: ${t}`);return Lt__namespace.default.join(Ht__namespace.default.tmpdir(),`${D.FILE_PREFIX}${t}.json`)}function wr(){let t=Ht__namespace.default.tmpdir(),e;try{e=E__namespace.default.readdirSync(t);}catch{return []}return e.filter(r=>r.startsWith(D.FILE_PREFIX)&&r.endsWith(".json")).map(r=>{let n=Lt__namespace.default.join(t,r),s=0;try{s=E__namespace.default.statSync(n).mtimeMs;}catch{}return {full:n,mtime:s}}).sort((r,n)=>r.mtime-n.mtime).map(r=>r.full)}function Qt(t){try{let e=Go(),r=wr();if(r.length>=e){let o=r.slice(0,r.length-e+1);for(let i of o)try{E__namespace.default.unlinkSync(i);}catch{}}let n=`${Date.now()}-${Math.random().toString(36).slice(2,8)}`,s={fileId:n,bufferedAt:Date.now(),payload:t};return E__namespace.default.writeFileSync(Bn(n),JSON.stringify(s),{encoding:"utf8",mode:384}),l("buffer",`saved fileId=${n}`),n}catch(e){return l("buffer",`saveToBuffer failed: ${e.message}`),null}}function Mn(t){let e=wr(),r=t!=null&&t>0?t:e.length,n=[];for(let s of e){if(n.length>=r)break;try{let o=E__namespace.default.readFileSync(s,"utf8"),i=JSON.parse(o);i&&i.fileId&&i.payload&&n.push(i);}catch{l("buffer",`skipping malformed file: ${s}`);}}return n}function Hn(t){try{E__namespace.default.unlinkSync(Bn(t)),l("buffer",`deleted fileId=${t}`);}catch{}}function jn(){let t=Date.now()-Wo();for(let e of wr())try{let{mtimeMs:r}=E__namespace.default.statSync(e);r<t&&(E__namespace.default.unlinkSync(e),l("buffer",`evicted stale: ${Lt__namespace.default.basename(e)}`));}catch{}}var Vn=f(()=>{"use strict";k();B();});async function Ko(t){jn();let e=Mn(D.REPLAY_BATCH_SIZE);e.length&&(l("replayBufferedTraces",`replaying ${e.length} buffered trace(s)`),await Promise.allSettled(e.map(async r=>{try{let n=await ve(r.payload,t.endpoint,t.authHeader);n>=200&&n<300?(Hn(r.fileId),l("replayBufferedTraces",`replayed fileId=${r.fileId} status=${n}`)):l("replayBufferedTraces",`replay failed fileId=${r.fileId} status=${n}`);}catch(n){l("replayBufferedTraces",`replay error fileId=${r.fileId}: ${n.message}`);}})));}async function Yn(t){let e=await J();if(!e.length)return e.authError&&(l("postToLangfuse","auth refresh failed \u2014 buffering trace"),Qt(t)),0;let r=await Promise.all(e.map(async o=>{if(o.mode!=="gateway")return {creds:o,healthy:true};let i=await Fn(o.endpoint,o.authHeader);return {creds:o,healthy:i}})),n=r.find(o=>o.creds.mode==="gateway"&&o.healthy)?.creds??r.find(o=>o.creds.mode==="direct")?.creds;return n&&await Ko(n),(await Promise.all(r.map(async({creds:o,healthy:i})=>{if(o.mode==="gateway"){if(!i)return l("postToLangfuse","gateway health check failed \u2014 buffering trace"),Qt(t),0;let c=await ve(t,o.endpoint,o.authHeader);return (c===0||c>=500)&&(l("postToLangfuse",`gateway send failed (status ${c}) \u2014 buffering trace`),Qt(t)),c}let a=await ve(t,o.endpoint,o.authHeader);return (a===0||a>=500)&&(l("postToLangfuse",`direct endpoint unavailable (status ${a}) \u2014 buffering trace`),Qt(t)),a}))).find(o=>o!==0)??0}var Wn=f(()=>{"use strict";G();B();xn();Vn();k();});var Er=f(()=>{"use strict";Cn();Wn();});function et(t){if(t==null)return "";let e=typeof t=="string"?t:JSON.stringify(t);return zo.reduce((r,{re:n,replace:s})=>r.replace(n,s),e)}var F,Jo,qo,Xo,Gn,zo,Tr=f(()=>{"use strict";F="[REDACTED]",Jo="[REDACTED-EMAIL]",qo="[REDACTED-CPF]",Xo="[REDACTED-CNPJ]",Gn="[REDACTED-PHONE]",zo=[{re:/\b(sk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`sk-${F}`},{re:/\b(pk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`pk-${F}`},{re:/\b(Bearer\s+)[A-Za-z0-9\-._~+/]+=*/gi,replace:(t,e)=>`${e}${F}`},{re:/\b(Basic\s+)[A-Za-z0-9+/]+=*/gi,replace:(t,e)=>`${e}${F}`},{re:/(-----BEGIN [A-Z ]+-----)[^-]*(-----END [A-Z ]+-----)/g,replace:(t,e,r)=>`${e}
185
- ${F}
186
- ${r}`},{re:/\b(AKIA[0-9A-Z]{16})\b/g,replace:()=>`AKIA${F}`},{re:/(aws_secret_access_key\s*[=:]\s*)([A-Za-z0-9/+]{40})/gi,replace:(t,e)=>`${e}${F}`},{re:/\b(ghp_[A-Za-z0-9]{36,})/g,replace:()=>`ghp_${F}`},{re:/\b(github_pat_[A-Za-z0-9_]{36,})/gi,replace:()=>`github_pat_${F}`},{re:/\b(eyJ[A-Za-z0-9_\-]+\.eyJ[A-Za-z0-9_\-]+\.[A-Za-z0-9_\-]+)/g,replace:()=>`eyJ.${F}`},{re:/\b([A-Z0-9_]*(?:SECRET|TOKEN|KEY|PASSWORD|PASSWD|PWD|CREDENTIAL|API)[A-Z0-9_]*\s*=\s*)(['"]?)([^\s'"#\n]+)\2/gi,replace:(t,e,r)=>`${e}${r}${F}${r}`},{re:/([a-z][a-z0-9+\-.]*:\/\/[^:/?#\s]*):([^@\s]+)@/gi,replace:(t,e)=>`${e}:${F}@`},{re:/[a-zA-Z0-9._%+\-]+@[a-zA-Z0-9.\-]+\.[a-zA-Z]{2,}/g,replace:()=>Jo},{re:/\b\d{3}\.\d{3}\.\d{3}-\d{2}\b/g,replace:()=>qo},{re:/\b\d{2}\.\d{3}\.\d{3}\/\d{4}-\d{2}\b/g,replace:()=>Xo},{re:/\(\d{2}\)\s?\d{4,5}[-\s]?\d{4}/g,replace:()=>Gn},{re:/\+55[\s-]?\d{2}[\s-]?\d{4,5}[-\s]?\d{4}/g,replace:()=>Gn}];});async function Kn(t){let e=t.session_id||"unknown",r=t.tool_name||"unknown",n=t.tool_input||{},s=t.tool_response,o=s!==null&&typeof s=="object"?s.output??JSON.stringify(s):s??"",i=Ut(e);if(!i){M(t);return}let a=Q(),c=i.pendingTool,u=c?.name===r,d=u?c.startNs:String(BigInt(a)-200000000n),T=u?c.inputStr:K(n,Y.TOOL_INPUT),g=T,w=null;if(r==="Skill"){let se=typeof n=="object"&&n!==null?n.skill||n.name||n.skillName||n.commandName||String(Object.values(n)[0]??""):String(n);w=se?String(se).trim():null;let st=w?_e(w,i.cwd):null;st&&(g=st,i.skillContent||(i.skillContent=st),i.skillArtifacts||(i.skillArtifacts=ke(w,i.cwd))),w&&!i.slashSkill&&(i.slashSkill=w),l("PostToolUse","Skill tool detected",`skillName=${w}`,`contentFound=${!!st}`);}let O=et(K(o,Y.TOOL_OUTPUT)),_=/\b(error|exception|failed|failure|traceback|errno)\b/i.test(O.slice(0,500)),ht=_?"ERROR":"DEFAULT",nt=ft(),wt=Math.round(Number(BigInt(a)-BigInt(d))/1e6),re={Agent:"AGENT",Task:"AGENT"}[r]??"TOOL",ne=r==="Skill"&&w?w:ye(T,60);i.toolCalls.push({tool:r,brief:ne,error:_,durationMs:wt});let xt=i.spans;xt.push({traceId:i.traceId,spanId:nt,parentSpanId:i.spanId,name:r,kind:3,startTimeUnixNano:d,endTimeUnixNano:a,attributes:gt(p(y.OBS_NAME,r),p(y.OBS_TYPE,re),p(y.OBS_LEVEL,ht),p(y.OBS_INPUT,et(g)),p(y.OBS_OUTPUT,O),p("tool.name",r),p("tool.error",String(_)),r==="Skill"&&w?p("skill.name",w):null,r==="Skill"?p("skill.invocation","slash-command"):null),status:{code:_?2:1}}),i.pendingTool=null,$t(e,i),_&&mt("TOOL_ERROR",{toolName:r}),l("PostToolUse",`sid=${e}`,`tool=${r}`,`error=${_}`,`durationMs=${wt}`,`totalSpans=${xt.length}`),M(t);}var Jn=f(()=>{"use strict";zt();Zt();Er();Nt();Ae();B();k();Tr();Oe();});function Xn(t,e,r){let n=Object.keys(qn).find(i=>(t??"").toLowerCase().includes(i));if(!n)return;let s=qn[n],o=(e*s.input+r*s.output)/1e6;return Math.round(o*1e6)/1e6}var qn,zn=f(()=>{"use strict";qn={"claude-opus-4-6":{input:15,output:75},"claude-opus-4-5":{input:15,output:75},"claude-sonnet-4-6":{input:3,output:15},"claude-sonnet-4-5":{input:3,output:15},"claude-haiku-4-5":{input:.8,output:4},"claude-4-6-opus":{input:15,output:75},"claude-4-6-sonnet":{input:3,output:15},"claude-4-5-opus":{input:15,output:75},"claude-4-5-sonnet":{input:3,output:15},"claude-4-5-haiku":{input:.8,output:4},"claude-3-5-sonnet-20241022":{input:3,output:15},"claude-3-5-haiku-20241022":{input:.8,output:4},"claude-3-opus-20240229":{input:15,output:75}};});async function Zn(t){let e=t.session_id||"unknown",r=t.stop_reason||"end_turn",n=Ut(e);if(!n){M(t);return}n.slashSkill&&!/^[a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?$/i.test(n.slashSkill)&&(l("Stop",`sid=${e}`,`slashSkill rejected post-disk: "${n.slashSkill}"`),n.slashSkill=null);let s=Q(),o=await Xr(),i=n.toolCalls,a=n.spans;if(n.slashSkill&&!i.some(S=>S.tool==="Skill")){let S=ft(),ot=n.skillContent?n.skillContent:JSON.stringify({skill:n.slashSkill});i.push({tool:"Skill",brief:n.slashSkill,error:false,durationMs:0,synthetic:true}),a.push({traceId:n.traceId,spanId:S,parentSpanId:n.spanId,name:"Skill",kind:3,startTimeUnixNano:n.startNs,endTimeUnixNano:n.startNs,attributes:gt(p(y.OBS_NAME,"Skill"),p(y.OBS_TYPE,"TOOL"),p(y.OBS_LEVEL,"DEFAULT"),p(y.OBS_INPUT,ot),p(y.OBS_OUTPUT,"loaded via slash command"),p("tool.name","Skill"),p("tool.error","false"),p("skill.name",n.slashSkill),p("skill.invocation","slash-command")),status:{code:1}}),l("Stop",`slashSkill=${n.slashSkill}`,"synthetic span injected");}let c=t.transcript_path||n.transcriptPath||"",u=fr(c);if(c&&(i.some(S=>S.tool==="Skill"&&!S.synthetic)||!!n.slashSkill)&&!u?.text){await new Promise(ot=>setTimeout(ot,500));let S=fr(c);S?.text&&(u=S);}l("Stop",`transcriptPath=${c||"(empty)"}`,`assistantOut=${u?`text=${u.text.length}chars`:"null"}`);let T=i.length,g=i.filter(S=>S.error).length,w=et(u?.text?K(u.text,Y.TRACE_OUTPUT):T===0?"No tools used":i.map((S,ot)=>`${ot+1}. ${S.tool}${S.brief?` \u2192 ${S.brief}`:""}${S.error?" [ERROR]":""}`).join(`
187
- `)),O=u?.inputTokens??0,_=u?.outputTokens??0,ht=i.map((S,ot)=>`${ot+1}. ${S.tool}${S.brief?` \u2192 ${S.brief}`:""}${S.error?" [ERROR]":""} (${S.durationMs}ms)`),nt=!!(n.slashSkill||i.some(S=>S.tool==="Skill")),wt=i.some(S=>S.tool==="Agent");if(!nt&&!wt){l("Stop",`sid=${e}`,"skipping trace \u2014 no Skill or Agent calls found"),mt("TRACE_SKIPPED",{reason:"no_skill_or_agent"}),pr(e),M(t);return}let ee=nt?"skill":"agent",re=Math.round(Number(BigInt(s)-BigInt(n.startNs))/1e6),ne=Xn(n.model,O,_),Et=Ln(n);Et==="prerequisite_required"&&u?.text&&(Et="complete"),Et==="prerequisite_required"&&(a.push({traceId:n.traceId,spanId:ft(),parentSpanId:n.spanId,name:"prerequisite-check",kind:3,startTimeUnixNano:n.startNs,endTimeUnixNano:s,attributes:gt(p(y.OBS_NAME,"prerequisite-check"),p(y.OBS_TYPE,"EVENT"),p(y.OBS_LEVEL,"WARNING"),p(y.OBS_OUTPUT,w),p("skill.name",n.slashSkill||void 0),p("execution_status","prerequisite_required")),status:{code:1}}),l("Stop",`sid=${e}`,"prerequisite-check span injected",`skill=${n.slashSkill}`));let xt=(()=>{if(!(!nt||!n.prompt)){if(n.slashSkill){let S=n.prompt.replace(new RegExp(`^\\/${n.slashSkill}\\s*`,"i"),"").trim();return S?K(et(S),Y.USER_INSTRUCTION):void 0}return K(et(n.prompt),Y.USER_INSTRUCTION)||void 0}})(),se=JSON.stringify({trace_type:ee,...Et!==null&&{execution_status:Et},...n.slashSkill?{skill_name:n.slashSkill}:{},...n.skillArtifacts?.length&&{skill_artifacts:n.skillArtifacts},...xt!==void 0&&{user_instruction:xt},latency_ms:re,...O&&{tokens_input:O},..._&&{tokens_output:_},cost_usd:ne,...n.model?{model:n.model}:{},toolCount:T,errorCount:g,stopReason:r,sessionId:n.sessionId,tools:ht.length?ht:void 0}),st=et(K(n.prompt,Y.TRACE_INPUT)),es=gt(p(y.TRACE_NAME,n.traceName),p(y.TRACE_INPUT,st),p(y.TRACE_OUTPUT,w),p(y.OBS_INPUT,st),p(y.OBS_OUTPUT,w),p(y.TRACE_METADATA,se),p(y.SESSION_ID,n.sessionId),p(y.USER_ID,o.user),p(y.OBS_TYPE,"GENERATION"),p(y.MODEL,n.model),O?p(y.INPUT_TOKENS,O):null,_?p(y.OUTPUT_TOKENS,_):null,p("claude.stop_reason",r),p("claude.tool_count",String(T)),p("claude.error_count",String(g)),p("claude.session_id",n.sessionId),p("flow.trace_type",ee),{key:y.TRACE_TAGS,value:{arrayValue:{values:[{stringValue:ee}]}}}),rs={traceId:n.traceId,spanId:n.spanId,name:n.traceName,kind:1,startTimeUnixNano:n.startNs,endTimeUnixNano:s,attributes:es,status:{code:g>0?2:1}},ns=gt(p("service.name",process.env.LANGFUSE_PROJECT_NAME||"claude-code"),p("deployment.environment",process.env.LANGFUSE_ENVIRONMENT||"default")),Sr=[...a,rs];l("Stop",`sid=${e}`,`totalTools=${T}`,`errorTools=${g}`,`spans=${Sr.length}`,`inputTokens=${O}`,`outputTokens=${_}`,`traceOutput="${ye(w,80)}"`);let ss=await Yn(Pn(ns,Sr));l("Stop",`POST status=${ss}`,`traceId=${n.traceId}`),mt("TRACE_SENT",{latencyMs:re,totalTools:T,errorTools:g,inputTokens:O,outputTokens:_,costUsd:ne}),pr(e),M(t);}var Qn=f(()=>{"use strict";zt();Zt();Er();G();zn();mr();Nt();B();Ae();Tr();k();Oe();});async function Zo(){let t=process.argv[2];if(t==="UserPromptSubmit"){let r=await ur(),n;try{n=await J();}catch{process.stdout.write(JSON.stringify(r));return}n.authError?await gr(r,true):n.length>0?await gr(r):process.stdout.write(JSON.stringify(r));return}if(!await zr()){let r=[];process.stdin.on("data",n=>r.push(n)),process.stdin.on("end",()=>process.stdout.write(r.join("")));return}let e=await ur();switch(t){case "PreToolUse":await In(e);break;case "PostToolUse":await Kn(e);break;case "Stop":await Zn(e);break;default:process.stderr.write(`[flow-obs] unknown event: ${t}
188
- `),process.stdout.write(JSON.stringify(e));}}var ts=f(()=>{"use strict";G();Nt();Rn();bn();Jn();Qn();Zo().catch(t=>{process.stderr.write(`[flow-obs] fatal: ${t.message}
189
- `),process.exit(0);});});var ti=new Set(["UserPromptSubmit","PreToolUse","PostToolUse","Stop"]),[,,x,te]=process.argv;function rt(t,e){let r=t.indexOf(e);return r!==-1?t[r+1]:void 0}if(x==="--version"||x==="-v"){let{version:t}=oe();process.stdout.write(t+`
190
- `),process.exit(0);}else if(x==="--help"||x==="-h"){let{bold:t,cyan:e,dim:r}=(it(),b(Re)),{version:n}=oe();process.stdout.write(`
169
+ `),1)}var hn=m(()=>{"use strict";vt();Y();O();});var En={};M(En,{runCheck:()=>wo});function ar(t){return !t||t.length<=8?"****":t.slice(0,4)+"****...****"+t.slice(-4)}function Xt(t){process.stdout.write(` \u2713 ${t}
170
+ `);}function Se(t){process.stdout.write(` \u26A0 ${t}
171
+ `);}function ye(t){process.stdout.write(` \u2717 ${t}
172
+ `);}function N(t){process.stdout.write(` ${t}
173
+ `);}function U(){process.stdout.write(`
174
+ `);}async function wo(){U(),process.stdout.write(` flow-claude-observability \u2014 configuration check
175
+ `),U(),process.stdout.write(` Auth
176
+ `);let t=()=>Rt(p.ANTHROPIC_AUTH_TOKEN)??process.env[p.ANTHROPIC_AUTH_TOKEN],e=b(t());if(!e){Se("Not authenticated \u2014 starting setup..."),U();let a=await pt();if(a!==0)return a;if(e=b(t()),!e)return ye("Authentication failed"),U(),1;U(),process.stdout.write(` Auth
177
+ `);}if(!await ge()){Se("Session expired \u2014 re-authenticating..."),U();let a=await pt();if(a!==0)return a;U(),process.stdout.write(` Auth
178
+ `);}let r=await Jt()||e.clientId;Xt("Authenticated"),N(`Tenant: ${e.tenant}`),N(`User: ${r}`),U(),process.stdout.write(` Native OTEL
179
+ `);let n={};try{let a=g__namespace.readFileSync(v(),"utf8");n=JSON.parse(a).env||{};}catch{}let s=Object.keys(j).filter(a=>!n[a]);if(s.length===0?(Xt("All OTEL env vars present in settings.json"),N(`Endpoint: ${n.OTEL_EXPORTER_OTLP_ENDPOINT}`)):(Se(`${s.length} OTEL var(s) missing from settings.json \u2014 native metrics/logs disabled`),s.forEach(a=>ye(`Missing: ${a}`)),N("Run: flow-ai-obs init (restores missing vars automatically)")),U(),process.stdout.write(` Tracing
180
+ `),process.env[p.FLOW_TELEMETRY]==="true"){Xt("FLOW_TELEMETRY=true (direct mode enabled)");let a=[p.LANGFUSE_BASE_URL,p.LANGFUSE_PUBLIC_KEY,p.LANGFUSE_SECRET_KEY].filter(c=>!process.env[c]);a.length>0&&a.forEach(c=>Se(`Missing: ${c}`));}else N("FLOW_TELEMETRY not set \u2014 direct mode inactive (gateway mode may still be active)");let i=await K();if(!i||i.length===0)return i&&i.authError?ye("Token refresh failed \u2014 gateway mode could not activate"):(ye("No active destinations \u2014 no traces will be sent"),N("For direct mode: set FLOW_TELEMETRY=true + LANGFUSE_BASE_URL + LANGFUSE_PUBLIC_KEY + LANGFUSE_SECRET_KEY"),N("For gateway mode: run flow-claude-observability auth login")),U(),1;for(let a of i)if(a.mode==="gateway"){let c=await Pt();Xt("Mode: gateway"),N(`Endpoint: ${a.endpoint}`),N(`Token: ${ar(c?.accessToken)}`);}else a.mode==="direct"&&(Xt("Mode: direct"),N(`Endpoint: ${a.endpoint}`),N(`PK: ${ar(process.env[p.LANGFUSE_PUBLIC_KEY])}`),N(`SK: ${ar(process.env[p.LANGFUSE_SECRET_KEY])}`));return U(),process.stdout.write(` All checks passed \u2014 observability is active.
181
+ `),U(),0}var Tn=m(()=>{"use strict";he();Y();Vt();O();Kt();});function G(t,e){let r=typeof t=="object"?JSON.stringify(t):String(t??"");return r.length>e?r.slice(0,e)+" \u2026[truncated]":r}function _e(t,e=100){return String(t??"").split(`
182
+ `)[0].slice(0,e).trim()}function cr(){return new Promise(t=>{let e="";process.stdin.setEncoding("utf8"),process.stdin.on("data",r=>{e+=r;}),process.stdin.on("end",()=>{try{t(JSON.parse(e));}catch{t({});}});})}function B(t){process.stdout.write(JSON.stringify(t));}var Ct=m(()=>{"use strict";});function Q(){return String(BigInt(Date.now())*1000000n)}var ur,mt,zt=m(()=>{"use strict";ur=()=>crypto.randomBytes(16).toString("hex"),mt=()=>crypto.randomBytes(8).toString("hex");});function Ro(t,e){let r=It.resolve(t);if(!r.startsWith(e))throw new Error(`Path traversal detected: ${t}`);return r}function lr(t){if(!vo.test(t))throw new Error(`Invalid session ID: ${t}`);return Ro(It.join(lt.tmpdir(),`flow-obs-${t}.json`),Lo)}function Nt(t){let e=lr(t);if(!g.existsSync(e))return null;try{return JSON.parse(g.readFileSync(e,"utf8"))}catch{return null}}function Ut(t,e){g.writeFileSync(lr(t),JSON.stringify(e),{encoding:"utf8",mode:384});}function dr(t){try{g.unlinkSync(lr(t));}catch{}}var vo,Lo,Zt=m(()=>{"use strict";vo=/^[0-9a-f-]{1,64}$/i,Lo=It.normalize(lt.tmpdir())+It.sep;});function kn(t){if(!t||!g.existsSync(t))return null;try{let e=g.readFileSync(t,"utf8").trimEnd().split(`
183
+ `);for(let r=e.length-1;r>=0;r--)try{let n=JSON.parse(e[r]);if(n.type==="user"&&n.uuid)return n.uuid}catch{}}catch{}return null}function pr(t){if(!t||!g.existsSync(t))return null;try{let e=g.readFileSync(t,"utf8").trimEnd().split(`
184
+ `),r=[],n=0,s=0;for(let o=e.length-1;o>=0;o--)try{let i=JSON.parse(e[o]);if(i.type==="user")break;if(i.type==="assistant"){let c=(i.message?.content??[]).filter(d=>d.type==="text").map(d=>d.text??"").join("");c&&r.unshift(c);let l=i.message?.usage??{};n+=(l.input_tokens??0)+(l.cache_read_input_tokens??0)+(l.cache_creation_input_tokens??0),s+=l.output_tokens??0;}}catch{}return !r.length&&n===0?null:{text:r.join(`
185
+
186
+ `),inputTokens:n,outputTokens:s}}catch{}return null}var fr=m(()=>{"use strict";});function Ln(t){return t.replace(":","/")}function Oe(t,e){if(!t)return null;let r=Ln(t),n=[It.join(lt.homedir(),".claude","skills",r,"SKILL.md"),It.join(e??"",".claude","skills",r,"SKILL.md")];for(let s of n)if(g.existsSync(s))try{return g.readFileSync(s,"utf8")}catch{}return null}function Rn(t){return t.split(`
187
+ `)[0].match(/^\/([a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?)(?:\s.*)?$/i)?.[1]??null}function In(t){return !!t.slashSkill||t.toolCalls.some(n=>n.tool==="Skill")?t.toolCalls.some(n=>n.tool==="Skill"&&!n.synthetic||$o.has(n.tool))?"complete":"prerequisite_required":null}function ke(t,e){if(!t)return null;let r=Ln(t),n=[It.join(lt.homedir(),".claude","skills",r),It.join(e??"",".claude","skills",r)],s=null;for(let a of n)if(g.existsSync(It.join(a,"SKILL.md"))){s=a;break}if(!s)return null;let o=[];function i(a,c){for(let l of g.readdirSync(a,{withFileTypes:true})){if(Co.has(l.name)||Uo.has(l.name)||No.has(It.extname(l.name)))continue;let d=c?`${c}/${l.name}`:l.name;l.isDirectory()?i(It.join(a,l.name),d):o.push(d);}}return i(s,""),o.length>0?o:null}var Co,No,Uo,$o,Ae=m(()=>{"use strict";Co=new Set([".venv","__pycache__",".git","node_modules"]),No=new Set([".pyc",".pyo"]),Uo=new Set(["SKILL.md",".DS_Store",".gitignore"]);$o=new Set(["Read","Write","Edit","MultiEdit","Bash","Glob","Grep","TodoWrite","WebFetch","WebSearch","Agent","Task"]);});function Do(t){try{let e=t.split(".")[1].replace(/-/g,"+").replace(/_/g,"/");return JSON.parse(Buffer.from(e,"base64").toString())}catch{return null}}function Bo(t,e,r,n){return new Promise(s=>{let o=new URL(t),i=o.protocol==="https:",a=(i?ms__default.default:Ps__default.default).request({hostname:o.hostname,port:o.port||(i?443:80),path:o.pathname+o.search,method:"POST",headers:{"Content-Type":"application/json","Content-Length":Buffer.byteLength(e),Authorization:`Bearer ${String(r).replace(/[\r\n]/g,"")}`,FlowTenant:String(n).replace(/[\r\n]/g,"")}},c=>{c.resume(),s(c.statusCode??0);});a.on("error",()=>s(0)),a.setTimeout(5e3,()=>{a.destroy(),s(0);}),a.write(e),a.end();})}async function gt(t,e={}){try{let r=b(process.env[p.ANTHROPIC_AUTH_TOKEN]);if(!r)return;let n,s=new Promise((h,w)=>{n=setTimeout(()=>w(new Error("getToken timeout")),4e3),n.unref();}),{accessToken:o}=await Promise.race([W(r),s]);clearTimeout(n);let i=Do(o);if(!i)return;let a=i.tenant||r.tenant,c=JSON.stringify({action:t,booster:He().BOOSTER,metadata:e,success:!0,tenant:a,timestamp:new Date().toISOString(),os:process.platform,user:{email:i.email||"",id:i.sub||"",name:i.name||i.email||""}}),l=dt(He().API_URL),d=await Bo(l,c,o,a);u("metrics.logEvent",`action=${t} status=${d}`);}catch(r){u("metrics.logEvent",`silenced error: ${r.message}`);}}var ve=m(()=>{"use strict";O();vt();Y();D();});async function mr(t,e=false){if(e){process.stdout.write(JSON.stringify({decision:"block",reason:Mo})+`
188
+ `);return}let n=!!(await K()).authError,s=t.session_id||"unknown",o=t.prompt||"",i=t.cwd||"",a=kn(t.transcript_path)||ur(),c=Rn(o),l=c?Oe(c,i):null,d=c?ke(c,i):null;Ut(s,{traceId:ur(),spanId:mt(),startNs:Q(),sessionId:s,prompt:o,cwd:i,traceName:a,transcriptPath:t.transcript_path||"",model:process.env[p.ANTHROPIC_MODEL]||"",toolCalls:[],spans:[],pendingTool:null,slashSkill:c,skillContent:l,skillArtifacts:d}),gt("SESSION_STARTED",{traceType:c?"skill":"prompt",slashSkill:c,clientIdExpired:n}),u("UserPromptSubmit",`sid=${s}`,`traceName=${a}`,`slashSkill=${c}`),B(t);}var Mo,Pn=m(()=>{"use strict";zt();Zt();fr();Ae();Ct();D();O();Y();ve();Mo=`\u26D4 Your Flow API key has expired. You no longer have access to Claude Code through the Flow platform. To restore observability and access, visit ${at()}/settings/api-keys to generate a new API key, then run: flow-ai-obs auth login`;});async function bn(t){let e=t.session_id||"unknown",r=t.tool_name||"unknown",n=t.tool_input||{},s=Nt(e);s&&(s.pendingTool={name:r,inputStr:G(n,V.TOOL_INPUT),startNs:Q()},Ut(e,s)),u("PreToolUse",`sid=${e}`,`tool=${r}`,`stateFound=${!!s}`),B(t);}var Cn=m(()=>{"use strict";zt();Zt();Ct();D();O();});function f(t,e){return e==null||e===""?null:{key:t,value:{stringValue:String(e)}}}function ht(...t){return t.filter(e=>e!==null)}function Nn(t,e){return {resourceSpans:[{resource:{attributes:t},scopeSpans:[{scope:Ho,spans:Array.isArray(e)?e:[e]}]}]}}var Ho,y,Un=m(()=>{"use strict";O();Ho={name:Be.SCOPE_NAME,version:Be.SCOPE_VERSION},y={TRACE_NAME:"langfuse.trace.name",TRACE_INPUT:"langfuse.trace.input",TRACE_OUTPUT:"langfuse.trace.output",TRACE_METADATA:"langfuse.trace.metadata",TRACE_TAGS:"langfuse.trace.tags",USER_ID:"langfuse.user.id",SESSION_ID:"langfuse.session.id",OBS_NAME:"langfuse.observation.name",OBS_INPUT:"langfuse.observation.input",OBS_OUTPUT:"langfuse.observation.output",OBS_LEVEL:"langfuse.observation.level",OBS_TYPE:"langfuse.observation.type",MODEL:"gen_ai.request.model",INPUT_TOKENS:"gen_ai.usage.input_tokens",OUTPUT_TOKENS:"gen_ai.usage.output_tokens"};});function Fn(t,e,r,n,s){if(process.env[p.FLOW_OBS_DEBUG]!=="1")return;let o=JSON.stringify({ts:new Date().toISOString(),request:{method:"POST",url:t,headers:e,body:JSON.parse(r)},response:{status:n,body:s}});try{g.writeFileSync($n,o+`
189
+ `,{flag:"a",encoding:"utf8",mode:384}),u("sendTraces:dump",`request appendada em ${$n}`);}catch(i){u("sendTraces:dump",`falha ao salvar: ${i.message}`);}}function Jo(t){let e=new URL(t),r=new URL(At().GATEWAY_HEALTH);return r.hostname=e.hostname,r.port=e.port,r.protocol=e.protocol,r}function xn(t,e){return new Promise((r,n)=>{let s=t._isSSL?ms__default.default:Ps__default.default;t.headers=Object.assign({},t.headers,{Connection:"close"});let o=s.request(t,i=>{let a=[];i.on("data",c=>a.push(c)),i.on("end",()=>r({statusCode:i.statusCode??0,body:a.join("")}));});o.setTimeout(1e4,()=>{o.destroy(new Error("Request timeout"));}),o.on("error",i=>n(new Error(`Network error: ${i.message}`))),e&&o.write(e),o.end();})}async function Dn(t,e){let r;try{r=Jo(t);}catch{return false}let n=r.protocol==="https:";try{let s={};e&&(s.Authorization=String(e).replace(/[\r\n]/g,""));let o=await xn({hostname:r.hostname,port:r.port||(n?443:80),path:r.pathname,method:"GET",headers:s,_isSSL:n},null);return u("checkHealth",`url=${r.href} status=${o.statusCode}`),o.statusCode>=200&&o.statusCode<300}catch{return false}}async function Le(t,e,r){let n=JSON.stringify(t),s=new URL(e),o=s.protocol==="https:",i=String(r).replace(/[\r\n]/g,""),a={"Content-Type":"application/json",Authorization:i,"Content-Length":Buffer.byteLength(n)};u("sendTraces:request",`POST ${e}`),u("sendTraces:request",`headers=${JSON.stringify({...a,Authorization:i.slice(0,20)+"\u2026"})}`),u("sendTraces:request",`body=${n.slice(0,500)}${n.length>500?"\u2026":""}`);try{let c=await xn({hostname:s.hostname,port:s.port||(o?443:80),path:s.pathname,method:"POST",headers:a,_isSSL:o},n);return u("sendTraces:response",`status=${c.statusCode}`),Fn(e,a,n,c.statusCode,c.body),c.statusCode}catch(c){return u("sendTraces:error",c.message),Fn(e,a,n,0,c.message),0}}var $n,Bn=m(()=>{"use strict";O();D();$n=It.join(lt.tmpdir(),"flow-obs-requests.ndjson");});function Ko(){let t=parseInt(process.env[p.BUFFER_TTL_DAYS]??"",10);return (Number.isFinite(t)?Math.max(x.MIN_TTL_DAYS,Math.min(x.MAX_TTL_DAYS,t)):x.DEFAULT_TTL_DAYS)*24*60*60*1e3}function qo(){let t=parseInt(process.env[p.BUFFER_MAX_FILES]??"",10);return Number.isFinite(t)?Math.max(x.MIN_MAX_FILES,Math.min(x.MAX_MAX_FILES,t)):x.DEFAULT_MAX_FILES}function Hn(t){if(/[/\\]/.test(t))throw new Error(`Invalid buffer fileId: ${t}`);return It__namespace.default.join(lt__namespace.default.tmpdir(),`${x.FILE_PREFIX}${t}.json`)}function hr(){let t=lt__namespace.default.tmpdir(),e;try{e=g__namespace.default.readdirSync(t);}catch{return []}return e.filter(r=>r.startsWith(x.FILE_PREFIX)&&r.endsWith(".json")).map(r=>{let n=It__namespace.default.join(t,r),s=0;try{s=g__namespace.default.statSync(n).mtimeMs;}catch{}return {full:n,mtime:s}}).sort((r,n)=>r.mtime-n.mtime).map(r=>r.full)}function Qt(t){try{let e=qo(),r=hr();if(r.length>=e){let o=r.slice(0,r.length-e+1);for(let i of o)try{g__namespace.default.unlinkSync(i);}catch{}}let n=`${Date.now()}-${Math.random().toString(36).slice(2,8)}`,s={fileId:n,bufferedAt:Date.now(),payload:t};return g__namespace.default.writeFileSync(Hn(n),JSON.stringify(s),{encoding:"utf8",mode:384}),u("buffer",`saved fileId=${n}`),n}catch(e){return u("buffer",`saveToBuffer failed: ${e.message}`),null}}function jn(t){let e=hr(),r=t!=null&&t>0?t:e.length,n=[];for(let s of e){if(n.length>=r)break;try{let o=g__namespace.default.readFileSync(s,"utf8"),i=JSON.parse(o);i&&i.fileId&&i.payload&&n.push(i);}catch{u("buffer",`skipping malformed file: ${s}`);}}return n}function Vn(t){try{g__namespace.default.unlinkSync(Hn(t)),u("buffer",`deleted fileId=${t}`);}catch{}}function Wn(){let t=Date.now()-Ko();for(let e of hr())try{let{mtimeMs:r}=g__namespace.default.statSync(e);r<t&&(g__namespace.default.unlinkSync(e),u("buffer",`evicted stale: ${It__namespace.default.basename(e)}`));}catch{}}var Yn=m(()=>{"use strict";O();D();});async function Xo(t){Wn();let e=jn(x.REPLAY_BATCH_SIZE);e.length&&(u("replayBufferedTraces",`replaying ${e.length} buffered trace(s)`),await Promise.allSettled(e.map(async r=>{try{let n=await Le(r.payload,t.endpoint,t.authHeader);n>=200&&n<300?(Vn(r.fileId),u("replayBufferedTraces",`replayed fileId=${r.fileId} status=${n}`)):u("replayBufferedTraces",`replay failed fileId=${r.fileId} status=${n}`);}catch(n){u("replayBufferedTraces",`replay error fileId=${r.fileId}: ${n.message}`);}})));}async function Gn(t){let e=await K();if(!e.length)return e.authError&&(u("postToLangfuse","auth refresh failed \u2014 buffering trace"),Qt(t)),0;let r=await Promise.all(e.map(async o=>{if(o.mode!=="gateway")return {creds:o,healthy:true};let i=await Dn(o.endpoint,o.authHeader);return {creds:o,healthy:i}})),n=r.find(o=>o.creds.mode==="gateway"&&o.healthy)?.creds??r.find(o=>o.creds.mode==="direct")?.creds;return n&&await Xo(n),(await Promise.all(r.map(async({creds:o,healthy:i})=>{if(o.mode==="gateway"){if(!i)return u("postToLangfuse","gateway health check failed \u2014 buffering trace"),Qt(t),0;let c=await Le(t,o.endpoint,o.authHeader);return (c===0||c>=500)&&(u("postToLangfuse",`gateway send failed (status ${c}) \u2014 buffering trace`),Qt(t)),c}let a=await Le(t,o.endpoint,o.authHeader);return (a===0||a>=500)&&(u("postToLangfuse",`direct endpoint unavailable (status ${a}) \u2014 buffering trace`),Qt(t)),a}))).find(o=>o!==0)??0}var Jn=m(()=>{"use strict";Y();D();Bn();Yn();O();});var wr=m(()=>{"use strict";Un();Jn();});function et(t){if(t==null)return "";let e=typeof t=="string"?t:JSON.stringify(t);return ti.reduce((r,{re:n,replace:s})=>r.replace(n,s),e)}var $,zo,Zo,Qo,Kn,ti,Er=m(()=>{"use strict";$="[REDACTED]",zo="[REDACTED-EMAIL]",Zo="[REDACTED-CPF]",Qo="[REDACTED-CNPJ]",Kn="[REDACTED-PHONE]",ti=[{re:/\b(sk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`sk-${$}`},{re:/\b(pk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`pk-${$}`},{re:/\b(Bearer\s+)[A-Za-z0-9\-._~+/]+=*/gi,replace:(t,e)=>`${e}${$}`},{re:/\b(Basic\s+)[A-Za-z0-9+/]+=*/gi,replace:(t,e)=>`${e}${$}`},{re:/(-----BEGIN [A-Z ]+-----)[^-]*(-----END [A-Z ]+-----)/g,replace:(t,e,r)=>`${e}
190
+ ${$}
191
+ ${r}`},{re:/\b(AKIA[0-9A-Z]{16})\b/g,replace:()=>`AKIA${$}`},{re:/(aws_secret_access_key\s*[=:]\s*)([A-Za-z0-9/+]{40})/gi,replace:(t,e)=>`${e}${$}`},{re:/\b(ghp_[A-Za-z0-9]{36,})/g,replace:()=>`ghp_${$}`},{re:/\b(github_pat_[A-Za-z0-9_]{36,})/gi,replace:()=>`github_pat_${$}`},{re:/\b(eyJ[A-Za-z0-9_\-]+\.eyJ[A-Za-z0-9_\-]+\.[A-Za-z0-9_\-]+)/g,replace:()=>`eyJ.${$}`},{re:/\b([A-Z0-9_]*(?:SECRET|TOKEN|KEY|PASSWORD|PASSWD|PWD|CREDENTIAL|API)[A-Z0-9_]*\s*=\s*)(['"]?)([^\s'"#\n]+)\2/gi,replace:(t,e,r)=>`${e}${r}${$}${r}`},{re:/([a-z][a-z0-9+\-.]*:\/\/[^:/?#\s]*):([^@\s]+)@/gi,replace:(t,e)=>`${e}:${$}@`},{re:/[a-zA-Z0-9._%+\-]+@[a-zA-Z0-9.\-]+\.[a-zA-Z]{2,}/g,replace:()=>zo},{re:/\b\d{3}\.\d{3}\.\d{3}-\d{2}\b/g,replace:()=>Zo},{re:/\b\d{2}\.\d{3}\.\d{3}\/\d{4}-\d{2}\b/g,replace:()=>Qo},{re:/\(\d{2}\)\s?\d{4,5}[-\s]?\d{4}/g,replace:()=>Kn},{re:/\+55[\s-]?\d{2}[\s-]?\d{4,5}[-\s]?\d{4}/g,replace:()=>Kn}];});async function qn(t){let e=t.session_id||"unknown",r=t.tool_name||"unknown",n=t.tool_input||{},s=t.tool_response,o=s!==null&&typeof s=="object"?s.output??JSON.stringify(s):s??"",i=Nt(e);if(!i){B(t);return}let a=Q(),c=i.pendingTool,l=c?.name===r,d=l?c.startNs:String(BigInt(a)-200000000n),h=l?c.inputStr:G(n,V.TOOL_INPUT),w=h,T=null;if(r==="Skill"){let se=typeof n=="object"&&n!==null?n.skill||n.name||n.skillName||n.commandName||String(Object.values(n)[0]??""):String(n);T=se?String(se).trim():null;let st=T?Oe(T,i.cwd):null;st&&(w=st,i.skillContent||(i.skillContent=st),i.skillArtifacts||(i.skillArtifacts=ke(T,i.cwd))),T&&!i.slashSkill&&(i.slashSkill=T),u("PostToolUse","Skill tool detected",`skillName=${T}`,`contentFound=${!!st}`);}let A=et(G(o,V.TOOL_OUTPUT)),_=/\b(error|exception|failed|failure|traceback|errno)\b/i.test(A.slice(0,500)),wt=_?"ERROR":"DEFAULT",nt=mt(),Et=Math.round(Number(BigInt(a)-BigInt(d))/1e6),re={Agent:"AGENT",Task:"AGENT"}[r]??"TOOL",ne=r==="Skill"&&T?T:_e(h,60);i.toolCalls.push({tool:r,brief:ne,error:_,durationMs:Et});let Ft=i.spans;Ft.push({traceId:i.traceId,spanId:nt,parentSpanId:i.spanId,name:r,kind:3,startTimeUnixNano:d,endTimeUnixNano:a,attributes:ht(f(y.OBS_NAME,r),f(y.OBS_TYPE,re),f(y.OBS_LEVEL,wt),f(y.OBS_INPUT,et(w)),f(y.OBS_OUTPUT,A),f("tool.name",r),f("tool.error",String(_)),r==="Skill"&&T?f("skill.name",T):null,r==="Skill"?f("skill.invocation","slash-command"):null),status:{code:_?2:1}}),i.pendingTool=null,Ut(e,i),_&&gt("TOOL_ERROR",{toolName:r}),u("PostToolUse",`sid=${e}`,`tool=${r}`,`error=${_}`,`durationMs=${Et}`,`totalSpans=${Ft.length}`),B(t);}var Xn=m(()=>{"use strict";zt();Zt();wr();Ct();Ae();D();O();Er();ve();});function Zn(t,e,r){let n=Object.keys(zn).find(i=>(t??"").toLowerCase().includes(i));if(!n)return;let s=zn[n],o=(e*s.input+r*s.output)/1e6;return Math.round(o*1e6)/1e6}var zn,Qn=m(()=>{"use strict";zn={"claude-opus-4-6":{input:15,output:75},"claude-opus-4-5":{input:15,output:75},"claude-sonnet-4-6":{input:3,output:15},"claude-sonnet-4-5":{input:3,output:15},"claude-haiku-4-5":{input:.8,output:4},"claude-4-6-opus":{input:15,output:75},"claude-4-6-sonnet":{input:3,output:15},"claude-4-5-opus":{input:15,output:75},"claude-4-5-sonnet":{input:3,output:15},"claude-4-5-haiku":{input:.8,output:4},"claude-3-5-sonnet-20241022":{input:3,output:15},"claude-3-5-haiku-20241022":{input:.8,output:4},"claude-3-opus-20240229":{input:15,output:75}};});async function ts(t){let e=t.session_id||"unknown",r=t.stop_reason||"end_turn",n=Nt(e);if(!n){B(t);return}n.slashSkill&&!/^[a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?$/i.test(n.slashSkill)&&(u("Stop",`sid=${e}`,`slashSkill rejected post-disk: "${n.slashSkill}"`),n.slashSkill=null);let s=Q(),o=await Qr(),i=n.toolCalls,a=n.spans;if(n.slashSkill&&!i.some(S=>S.tool==="Skill")){let S=mt(),ot=n.skillContent?n.skillContent:JSON.stringify({skill:n.slashSkill});i.push({tool:"Skill",brief:n.slashSkill,error:false,durationMs:0,synthetic:true}),a.push({traceId:n.traceId,spanId:S,parentSpanId:n.spanId,name:"Skill",kind:3,startTimeUnixNano:n.startNs,endTimeUnixNano:n.startNs,attributes:ht(f(y.OBS_NAME,"Skill"),f(y.OBS_TYPE,"TOOL"),f(y.OBS_LEVEL,"DEFAULT"),f(y.OBS_INPUT,ot),f(y.OBS_OUTPUT,"loaded via slash command"),f("tool.name","Skill"),f("tool.error","false"),f("skill.name",n.slashSkill),f("skill.invocation","slash-command")),status:{code:1}}),u("Stop",`slashSkill=${n.slashSkill}`,"synthetic span injected");}let c=t.transcript_path||n.transcriptPath||"",l=pr(c);if(c&&(i.some(S=>S.tool==="Skill"&&!S.synthetic)||!!n.slashSkill)&&!l?.text){await new Promise(ot=>setTimeout(ot,500));let S=pr(c);S?.text&&(l=S);}u("Stop",`transcriptPath=${c||"(empty)"}`,`assistantOut=${l?`text=${l.text.length}chars`:"null"}`);let h=i.length,w=i.filter(S=>S.error).length,T=et(l?.text?G(l.text,V.TRACE_OUTPUT):h===0?"No tools used":i.map((S,ot)=>`${ot+1}. ${S.tool}${S.brief?` \u2192 ${S.brief}`:""}${S.error?" [ERROR]":""}`).join(`
192
+ `)),A=l?.inputTokens??0,_=l?.outputTokens??0,wt=i.map((S,ot)=>`${ot+1}. ${S.tool}${S.brief?` \u2192 ${S.brief}`:""}${S.error?" [ERROR]":""} (${S.durationMs}ms)`),nt=!!(n.slashSkill||i.some(S=>S.tool==="Skill")),Et=i.some(S=>S.tool==="Agent");if(!nt&&!Et){u("Stop",`sid=${e}`,"skipping trace \u2014 no Skill or Agent calls found"),gt("TRACE_SKIPPED",{reason:"no_skill_or_agent"}),dr(e),B(t);return}let ee=nt?"skill":"agent",re=Math.round(Number(BigInt(s)-BigInt(n.startNs))/1e6),ne=Zn(n.model,A,_),Tt=In(n);Tt==="prerequisite_required"&&l?.text&&(Tt="complete"),Tt==="prerequisite_required"&&(a.push({traceId:n.traceId,spanId:mt(),parentSpanId:n.spanId,name:"prerequisite-check",kind:3,startTimeUnixNano:n.startNs,endTimeUnixNano:s,attributes:ht(f(y.OBS_NAME,"prerequisite-check"),f(y.OBS_TYPE,"EVENT"),f(y.OBS_LEVEL,"WARNING"),f(y.OBS_OUTPUT,T),f("skill.name",n.slashSkill||void 0),f("execution_status","prerequisite_required")),status:{code:1}}),u("Stop",`sid=${e}`,"prerequisite-check span injected",`skill=${n.slashSkill}`));let Ft=(()=>{if(!(!nt||!n.prompt)){if(n.slashSkill){let S=n.prompt.replace(new RegExp(`^\\/${n.slashSkill}\\s*`,"i"),"").trim();return S?G(et(S),V.USER_INSTRUCTION):void 0}return G(et(n.prompt),V.USER_INSTRUCTION)||void 0}})(),se=JSON.stringify({trace_type:ee,...Tt!==null&&{execution_status:Tt},...n.slashSkill?{skill_name:n.slashSkill}:{},...n.skillArtifacts?.length&&{skill_artifacts:n.skillArtifacts},...Ft!==void 0&&{user_instruction:Ft},latency_ms:re,...A&&{tokens_input:A},..._&&{tokens_output:_},cost_usd:ne,...n.model?{model:n.model}:{},toolCount:h,errorCount:w,stopReason:r,sessionId:n.sessionId,tools:wt.length?wt:void 0}),st=et(G(n.prompt,V.TRACE_INPUT)),ns=ht(f(y.TRACE_NAME,n.traceName),f(y.TRACE_INPUT,st),f(y.TRACE_OUTPUT,T),f(y.OBS_INPUT,st),f(y.OBS_OUTPUT,T),f(y.TRACE_METADATA,se),f(y.SESSION_ID,n.sessionId),f(y.USER_ID,o.user),f(y.OBS_TYPE,"GENERATION"),f(y.MODEL,n.model),A?f(y.INPUT_TOKENS,A):null,_?f(y.OUTPUT_TOKENS,_):null,f("claude.stop_reason",r),f("claude.tool_count",String(h)),f("claude.error_count",String(w)),f("claude.session_id",n.sessionId),f("flow.trace_type",ee),{key:y.TRACE_TAGS,value:{arrayValue:{values:[{stringValue:ee}]}}}),ss={traceId:n.traceId,spanId:n.spanId,name:n.traceName,kind:1,startTimeUnixNano:n.startNs,endTimeUnixNano:s,attributes:ns,status:{code:w>0?2:1}},os=ht(f("service.name",process.env.LANGFUSE_PROJECT_NAME||"claude-code"),f("deployment.environment",process.env.LANGFUSE_ENVIRONMENT||"default")),Tr=[...a,ss];u("Stop",`sid=${e}`,`totalTools=${h}`,`errorTools=${w}`,`spans=${Tr.length}`,`inputTokens=${A}`,`outputTokens=${_}`,`traceOutput="${_e(T,80)}"`);let is=await Gn(Nn(os,Tr));u("Stop",`POST status=${is}`,`traceId=${n.traceId}`),gt("TRACE_SENT",{latencyMs:re,totalTools:h,errorTools:w,inputTokens:A,outputTokens:_,costUsd:ne}),dr(e),B(t);}var es=m(()=>{"use strict";zt();Zt();wr();Y();Qn();fr();Ct();D();Ae();Er();O();ve();});async function ei(){let t=process.argv[2];if(t==="UserPromptSubmit"){let r=await cr(),n;try{n=await K();}catch{process.stdout.write(JSON.stringify(r));return}n.authError?await mr(r,true):n.length>0?await mr(r):process.stdout.write(JSON.stringify(r));return}if(!await tn()){let r=[];process.stdin.on("data",n=>r.push(n)),process.stdin.on("end",()=>process.stdout.write(r.join("")));return}let e=await cr();switch(t){case "PreToolUse":await bn(e);break;case "PostToolUse":await qn(e);break;case "Stop":await ts(e);break;default:process.stderr.write(`[flow-obs] unknown event: ${t}
193
+ `),process.stdout.write(JSON.stringify(e));}}var rs=m(()=>{"use strict";Y();Ct();Pn();Cn();Xn();es();ei().catch(t=>{process.stderr.write(`[flow-obs] fatal: ${t.message}
194
+ `),process.exit(0);});});var ni=new Set(["UserPromptSubmit","PreToolUse","PostToolUse","Stop"]),[,,F,te]=process.argv;function rt(t,e){let r=t.indexOf(e);return r!==-1?t[r+1]:void 0}if(F==="--version"||F==="-v"){let{version:t}=oe();process.stdout.write(t+`
195
+ `),process.exit(0);}else if(F==="--help"||F==="-h"){let{bold:t,cyan:e,dim:r}=(it(),I(Ie)),{version:n}=oe();process.stdout.write(`
191
196
  `+t(" flow-ai-obs")+r(" v"+n)+`
192
197
 
193
198
  `),process.stdout.write(e(" init")+r(` Auth (if needed) + hooks + native OTEL
@@ -207,13 +212,13 @@ ${r}`},{re:/\b(AKIA[0-9A-Z]{16})\b/g,replace:()=>`AKIA${F}`},{re:/(aws_secret_ac
207
212
 
208
213
  `)),process.stdout.write(r(` (Hook events: UserPromptSubmit | PreToolUse | PostToolUse | Stop)
209
214
 
210
- `)),process.exit(0);}else if(x==="init"||x==="install")(async()=>{x==="install"&&process.stderr.write(`Warning: "install" is deprecated, use "init" instead
211
- `),await(kt(),b(_t)).checkForUpdateInteractive();let{runInit:t}=(ar(),b(ir)),e=process.argv.slice(3);process.exit(await t({url:rt(e,"--custom-url"),noInteractive:e.includes("--no-interactive")}));})().catch(t=>{process.stderr.write(`Unexpected error: ${t.message}
212
- `),process.exit(1);});else if(x==="setup")(async()=>{await(kt(),b(_t)).checkForUpdateInteractive();let{runSetup:t}=(pn(),b(dn)),e=process.argv.slice(3);process.exit(await t({clientId:rt(e,"--client-id"),clientSecret:rt(e,"--client-secret"),tenant:rt(e,"--tenant"),nonInteractive:e.includes("--non-interactive"),url:rt(e,"--custom-url")}));})().catch(t=>{process.stderr.write(`Unexpected error: ${t.message}
213
- `),process.exit(1);});else if(x==="auth")(async()=>{let{runLogin:t,runLogout:e,runStatus:r}=(Jt(),b(or)),n=0;if(te==="login"||!te){await(kt(),b(_t)).checkForUpdateInteractive();let s=process.argv.slice(4);n=await t({clientId:rt(s,"--client-id"),clientSecret:rt(s,"--client-secret"),tenant:rt(s,"--tenant")});}else if(te==="logout"){let s=process.argv.includes("--force");n=await e(s);}else te==="status"?(await(kt(),b(_t)).checkForUpdateInteractive(),n=await r()):(process.stderr.write(`Unknown auth subcommand: ${te}
215
+ `)),process.exit(0);}else if(F==="init"||F==="install")(async()=>{F==="install"&&process.stderr.write(`Warning: "install" is deprecated, use "init" instead
216
+ `),await(kt(),I(Ot)).checkForUpdateInteractive();let{runInit:t}=(ir(),I(or)),e=process.argv.slice(3);process.exit(await t({url:rt(e,"--custom-url"),noInteractive:e.includes("--no-interactive")}));})().catch(t=>{process.stderr.write(`Unexpected error: ${t.message}
217
+ `),process.exit(1);});else if(F==="setup")(async()=>{await(kt(),I(Ot)).checkForUpdateInteractive();let{runSetup:t}=(mn(),I(fn)),e=process.argv.slice(3);process.exit(await t({clientId:rt(e,"--client-id"),clientSecret:rt(e,"--client-secret"),tenant:rt(e,"--tenant"),nonInteractive:e.includes("--non-interactive"),url:rt(e,"--custom-url")}));})().catch(t=>{process.stderr.write(`Unexpected error: ${t.message}
218
+ `),process.exit(1);});else if(F==="auth")(async()=>{let{runLogin:t,runLogout:e,runStatus:r}=(Kt(),I(nr)),n=0;if(te==="login"||!te){await(kt(),I(Ot)).checkForUpdateInteractive();let s=process.argv.slice(4);n=await t({clientId:rt(s,"--client-id"),clientSecret:rt(s,"--client-secret"),tenant:rt(s,"--tenant")});}else if(te==="logout"){let s=process.argv.includes("--force");n=await e(s);}else te==="status"?(await(kt(),I(Ot)).checkForUpdateInteractive(),n=await r()):(process.stderr.write(`Unknown auth subcommand: ${te}
214
219
  `),process.stderr.write(`Usage: flow-ai-obs auth [login|logout|status]
215
- `),n=1);process.exit(n);})();else if(x==="otel-headers"){let{runOtelHeaders:t}=(mn(),b(fn));t().then(e=>process.exit(e)).catch(()=>process.exit(1));}else if(x==="check")(async()=>{await(kt(),b(_t)).checkForUpdateInteractive();let{runCheck:t}=(wn(),b(hn));process.exit(await t());})().catch(t=>{process.stderr.write(`Unexpected error: ${t.message}
216
- `),process.exit(1);});else if(ti.has(x))ts();else {let{bold:t,cyan:e,dim:r}=(it(),b(Re));process.stdout.write(`
220
+ `),n=1);process.exit(n);})();else if(F==="otel-headers"){let{runOtelHeaders:t}=(hn(),I(gn));t().then(e=>process.exit(e)).catch(()=>process.exit(1));}else if(F==="check")(async()=>{await(kt(),I(Ot)).checkForUpdateInteractive();let{runCheck:t}=(Tn(),I(En));process.exit(await t());})().catch(t=>{process.stderr.write(`Unexpected error: ${t.message}
221
+ `),process.exit(1);});else if(ni.has(F))rs();else {let{bold:t,cyan:e,dim:r}=(it(),I(Ie));process.stdout.write(`
217
222
  `+t(" flow-ai-obs")+`
218
223
 
219
224
  `),process.stdout.write(e(" init")+r(` Auth (if needed) + hooks + native OTEL
package/dist/index.js CHANGED
@@ -1,16 +1,16 @@
1
- 'use strict';var child_process=require('child_process'),util=require('util'),I=require('fs'),B=require('path'),ge=require('os'),qe=require('https'),ze=require('http'),crypto=require('crypto');function _interopDefault(e){return e&&e.__esModule?e:{default:e}}var I__default=/*#__PURE__*/_interopDefault(I);var B__default=/*#__PURE__*/_interopDefault(B);var ge__default=/*#__PURE__*/_interopDefault(ge);var qe__default=/*#__PURE__*/_interopDefault(qe);var ze__default=/*#__PURE__*/_interopDefault(ze);var Pe=Object.defineProperty;var rt=(t=>typeof require<"u"?require:typeof Proxy<"u"?new Proxy(t,{get:(e,r)=>(typeof require<"u"?require:e)[r]}):t)(function(t){if(typeof require<"u")return require.apply(this,arguments);throw Error('Dynamic require of "'+t+'" is not supported')});var gt=(t,e,r)=>()=>{if(r)throw r[0];try{return t&&(e=t(t=0)),e}catch(n){throw r=[n],n}};var _t=(t,e)=>{for(var r in e)Pe(t,r,{get:e[r],enumerable:true});};var Ht={};_t(Ht,{MacOsKeyVaultProvider:()=>yt});var At,yt,Yt=gt(()=>{"use strict";At=util.promisify(child_process.execFile),yt=class{static async isAvailable(){try{return I.accessSync("/usr/bin/security",I.constants.X_OK),!0}catch{return !1}}async getSecret(e,r){try{let{stdout:n}=await At("security",["find-generic-password","-w","-a",r,"-s",e]);return n.trim()||null}catch{return null}}async setSecret(e,r,n){await At("security",["add-generic-password","-U","-a",r,"-s",e,"-w",n]);}async deleteSecret(e,r){try{return await At("security",["delete-generic-password","-a",r,"-s",e]),!0}catch{return !1}}getStoragePath(){return "macOS Keychain"}};});var Gt={};_t(Gt,{LinuxKeyVaultProvider:()=>Ot});var Vt,Ot,Wt=gt(()=>{"use strict";Vt=util.promisify(child_process.execFile),Ot=class{static async isAvailable(){let e=["/usr/bin/secret-tool","/bin/secret-tool","/usr/local/bin/secret-tool"];for(let r of e)try{return I.accessSync(r,I.constants.X_OK),!0}catch{}return !1}async getSecret(e,r){try{let{stdout:n}=await Vt("secret-tool",["lookup","service",e,"account",r]);return n.trim()||null}catch{return null}}async setSecret(e,r,n){await new Promise((o,s)=>{let i=child_process.spawn("secret-tool",["store","--label",e,"service",e,"account",r]);i.on("error",s),i.on("close",l=>{l===0?o():s(new Error(`secret-tool exited with code ${l}`));}),i.stdin.write(n),i.stdin.end();});}async deleteSecret(e,r){try{return await Vt("secret-tool",["clear","service",e,"account",r]),!0}catch{return !1}}getStoragePath(){return "Linux Secret Service (libsecret)"}};});var Jt={};_t(Jt,{WindowsKeyVaultProvider:()=>wt});var wt,Kt=gt(()=>{"use strict";wt=class{static async isAvailable(){try{return await rt("keytar").getPassword("__flow_probe__","__flow_probe__"),!0}catch{return !1}}async getSecret(e,r){return rt("keytar").getPassword(e,r)}async setSecret(e,r,n){await rt("keytar").setPassword(e,r,n);}async deleteSecret(e,r){return rt("keytar").deletePassword(e,r)}getStoragePath(){return "Windows Credential Manager"}};});var be="https://flow.ciandt.com";function D(){let t=process.env.FLOW_BASE_URL;return t&&t.trim()?t.trim():be}function G(){let t=D();return {AUTH_ENGINE:process.env.FLOW_AUTH_ENGINE_URL||`${t}/auth-engine-api/v2/api-key/token`,GATEWAY_TRACES:process.env.FLOW_GATEWAY_TRACES_URL||`${t}/flow-langfuse-gateway/v1/traces`,GATEWAY_HEALTH:process.env.FLOW_GATEWAY_HEALTH_URL||`${t}/flow-langfuse-gateway/v1/health`,OTEL_ENDPOINT:process.env.FLOW_OTEL_ENDPOINT_URL||`${t}/otel`}}G();var nt={SERVICE:"flow-plugins-cli",ACCOUNT_TOKEN:"token-cache"},st="FLOW-nodejs",ot="config.json",St={SCOPE_NAME:"flow-ai-obs",SCOPE_VERSION:"0.1.0"};var _={FLOW_TELEMETRY:"FLOW_TELEMETRY",FLOW_TELEMETRY_GATEWAY:"FLOW_TELEMETRY_GATEWAY_URL",LANGFUSE_BASE_URL:"LANGFUSE_BASE_URL",LANGFUSE_PUBLIC_KEY:"LANGFUSE_PUBLIC_KEY",LANGFUSE_SECRET_KEY:"LANGFUSE_SECRET_KEY",ANTHROPIC_MODEL:"ANTHROPIC_MODEL",ANTHROPIC_AUTH_TOKEN:"ANTHROPIC_AUTH_TOKEN",FLOW_OBS_DEBUG:"FLOW_TELEMETRY_DEBUG",FLOW_OBS_ALLOW_HTTP:"FLOW_TELEMETRY_ALLOW_HTTP",BUFFER_TTL_DAYS:"FLOW_TELEMETRY_BUFFER_TTL_DAYS",BUFFER_MAX_FILES:"FLOW_TELEMETRY_BUFFER_MAX_FILES"};var y={FILE_PREFIX:"flow-obs-buffer-",DEFAULT_TTL_DAYS:4,MIN_TTL_DAYS:1,MAX_TTL_DAYS:30,DEFAULT_MAX_FILES:50,MIN_MAX_FILES:1,MAX_MAX_FILES:500,REPLAY_BATCH_SIZE:10},xt="flow-ai-obs-debug.log",w={TOOL_INPUT:2e4,TOOL_OUTPUT:2e4,TRACE_OUTPUT:2e4,USER_INSTRUCTION:1e4,TRACE_INPUT:5e4};function Et(){let t=D();return {API_URL:process.env.FLOW_METRICS_URL||`${t}/metrics-collector-api/log-event`,BOOSTER:"flow-ai-obs"}}var Tt={credentials:"credentials","token-cache":"tokenCache"};function W(){let t=ge__default.default.homedir();if(process.platform==="darwin")return B__default.default.join(t,"Library","Preferences",st,ot);if(process.platform==="win32"){let r=process.env.APPDATA??B__default.default.join(t,"AppData","Roaming");return B__default.default.join(r,st,ot)}let e=process.env.XDG_CONFIG_HOME??B__default.default.join(t,".config");return B__default.default.join(e,st,ot)}function ht(){try{let t=I__default.default.readFileSync(W(),"utf8");return JSON.parse(t)}catch{return {}}}function Mt(t){let e=W();I__default.default.mkdirSync(B__default.default.dirname(e),{recursive:true}),I__default.default.writeFileSync(e,JSON.stringify(t,null,2),{encoding:"utf8",mode:384});}var at=class{static isAvailable(){return true}static hasExistingData(){try{if(!I__default.default.existsSync(W()))return !1;let e=JSON.parse(I__default.default.readFileSync(W(),"utf8"));return !!(e&&e.credentials)}catch{return false}}async getSecret(e,r){let n=ht(),o=Tt[r]??r,s=n[o];return s?typeof s=="string"?s:JSON.stringify(s):null}async setSecret(e,r,n){let o=ht(),s=Tt[r]??r;if(r==="token-cache")try{o[s]=JSON.parse(n);}catch{o[s]=n;}else o[s]=n;Mt(o);}async deleteSecret(e,r){let n=ht(),o=Tt[r]??r;return o in n?(delete n[o],Mt(n),true):false}getStoragePath(){return `config.json (unencrypted) \u2014 ${W()}`}};async function jt(){return await Ve()??new at}async function Ve(){switch(process.platform){case "darwin":{let{MacOsKeyVaultProvider:t}=await Promise.resolve().then(()=>(Yt(),Ht));return await t.isAvailable()?new t:null}case "linux":{let{LinuxKeyVaultProvider:t}=await Promise.resolve().then(()=>(Wt(),Gt));return await t.isAvailable()?new t:null}case "win32":{let{WindowsKeyVaultProvider:t}=await Promise.resolve().then(()=>(Kt(),Jt));return await t.isAvailable()?new t:null}default:return null}}var Lt=nt.SERVICE,qt=nt.ACCOUNT_TOKEN,kt=null;function It(){return kt||(kt=jt()),kt}async function Rt(t){await(await It()).setSecret(Lt,qt,JSON.stringify({accessToken:t.accessToken,expiresAt:t.expiresAt,lastAuthCheckAt:t.lastAuthCheckAt}));}async function Nt(){let e=await(await It()).getSecret(Lt,qt);if(!e)return null;try{let r=JSON.parse(e);return {accessToken:r.accessToken,expiresAt:r.expiresAt,lastAuthCheckAt:r.lastAuthCheckAt}}catch{return null}}async function K(){let t=await Nt();if(!t||!t.accessToken)return null;try{let e=t.accessToken.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return r.email??r.preferred_username??r.upn??r.sub??null}catch{return null}}var je=B.join(ge.tmpdir(),xt);function a(...t){if(process.env[_.FLOW_OBS_DEBUG]!=="1")return;let e=`[${new Date().toISOString()}] ${t.join(" ")}
2
- `;try{I.writeFileSync(je,e,{flag:"a"});}catch(r){process.stderr.write(`[flow-obs debug ERROR] ${r.message}
3
- `);}}var b=class extends Error{constructor(e){super(e),this.name="AuthError";}},Xe=/^[a-z0-9][a-z0-9-]{0,62}[a-z0-9]$|^[a-z0-9]$/;function Ze(t){if(!Xe.test(t))throw new Error(`Invalid tenant value: "${t}". Tenant must be lowercase alphanumeric and hyphens (1-64 chars).`)}var zt={INVALID_CLIENT_SECRET:"Invalid Client Secret \u2014 check the value and try again",INVALID_CLIENT_ID:"Invalid Client ID \u2014 check the value and try again",INVALID_TENANT:"Invalid Tenant \u2014 check the value and try again",TENANT_NOT_FOUND:"Tenant not found \u2014 verify the tenant identifier"};function Qe(t,e){let r=e.length>400?e.slice(0,400)+"\u2026":e;a("toAuthError",`status=${t} body=${r}`);try{let n=JSON.parse(e);if(typeof n.error=="string"&&(a("toAuthError",`api_error_code=${n.error}`+(n.message?` api_message=${n.message}`:"")),zt[n.error]))return new b(zt[n.error])}catch{}return t===401||t===403||t===500?new b("Invalid credentials"):t>=400&&t<500?new b("Authentication request was rejected"):new Error("Authentication service unavailable, please try again later")}function j(t){return new Promise((e,r)=>{try{Ze(t.tenant);}catch(p){return r(p)}let n=JSON.stringify({clientSecret:t.clientSecret}),o=new URL(G().AUTH_ENGINE),s=o.protocol==="https:",i={hostname:o.hostname,port:o.port||(s?443:80),path:o.pathname+o.search,method:"POST",headers:{"Content-Type":"application/json","Content-Length":Buffer.byteLength(n),FlowTenant:t.tenant}};a("getToken",`requesting token tenant=${t.tenant} host=${i.hostname} path=${i.path}`);let c=(s?qe__default.default:ze__default.default).request(i,p=>{let S=[];p.on("data",T=>S.push(T)),p.on("end",()=>{let T=S.join("");if((p.statusCode??0)>=400)return r(Qe(p.statusCode??0,T));let m;try{m=JSON.parse(T);}catch{return r(new Error("Invalid response from auth engine"))}let g=m.expires_at??new Date(Date.now()+(m.expires_in??3600)*1e3).toISOString();e({accessToken:m.access_token??"",expiresAt:g});});});c.on("error",p=>r(new Error(`Network error: ${p.message}`))),c.write(n),c.end();})}var tr=[/^localhost\.?$/i,/^127\./,/^10\./,/^172\.(1[6-9]|2\d|3[01])\./,/^192\.168\./,/^169\.254\./,/^0\.0\.0\.0$/,/^::1$/,/^\[::1\]$/,/^\[::ffff:/i,/^\[f[cd]/i,/^\[fe80:/i,/^metadata\.google\.internal\.?$/i,/^metadata\.azure\.internal\.?$/i,/(?:^|\.)localtest\.me\.?$/i,/(?:^|\.)lvh\.me\.?$/i,/(?:^|\.)vcap\.me\.?$/i];function er(t){return tr.some(e=>e.test(t))}function rr(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return r.email||r.preferred_username||r.upn||r.sub||null}catch{return null}}function ut(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8")),{clientId:n,clientSecret:o,tenant:s}=r;return !n||!o||!s?null:{clientId:n,clientSecret:o,tenant:s}}catch{return null}}function lt(t){let e;try{e=new URL(t);}catch{throw new Error(`Invalid URL: ${t}`)}let r=process.env[_.FLOW_OBS_ALLOW_HTTP]==="true";if(!r&&e.protocol!=="https:")throw new Error(`URL must use HTTPS: ${t}`);if(e.username||e.password)throw new Error(`URL must not contain embedded credentials: ${t}`);if(!r&&er(e.hostname))throw new Error(`SSRF: private/loopback host not allowed: ${e.hostname}`);return t}async function Xt(){let t=ut(process.env[_.ANTHROPIC_AUTH_TOKEN]);if(t)return {user:await K().catch(()=>null)??t.clientId,tenant:t.tenant};return {user:"",tenant:""}}function nr(){return new Date().toISOString().slice(0,10)}async function sr(t){let e=nr(),r=await Nt();if(r?.lastAuthCheckAt!==e){a("getOrRefreshToken",`daily auth check (last: ${r?.lastAuthCheckAt??"never"})`);try{let s=await j(t);try{await Rt({...s,lastAuthCheckAt:e});}catch{}return a("getOrRefreshToken",`daily check passed, expires=${s.expiresAt}`),s.accessToken}catch(s){if(s instanceof b)throw s;a("getOrRefreshToken",`daily check network error \u2014 using cache: ${s.message}`);}}let n=r!=null&&new Date(r.expiresAt)>new Date;if(a("getOrRefreshToken",`cacheValid=${n}`),n)return a("getOrRefreshToken",`using cached token, expires=${r.expiresAt}`),r.accessToken;a("getOrRefreshToken",`token expired \u2014 refreshing via auth-engine (tenant=${t.tenant} clientId=${t.clientId})`);let o=await j(t);try{await Rt({...o,lastAuthCheckAt:e});}catch(s){a("getOrRefreshToken",`token cache save failed (non-fatal): ${s.message}`);}return a("getOrRefreshToken",`token refreshed, expires=${o.expiresAt}`),o.accessToken}function or(t,e){let r=e&&e.accessToken?e.accessToken:"";return {endpoint:t.replace(/\/$/,"")+"/flow-langfuse-gateway/v1/traces",authHeader:`Bearer ${r}`}}function ir(t,e,r){let n=Buffer.from(`${e}:${r}`).toString("base64");return {endpoint:t.replace(/\/$/,"")+"/api/public/otel/v1/traces",authHeader:`Basic ${n}`}}async function C(){let t=[],e=process.env[_.ANTHROPIC_MODEL]??"",r=ut(process.env[_.ANTHROPIC_AUTH_TOKEN]);a("resolveCredentials",r?"credentials resolved from ANTHROPIC_AUTH_TOKEN":"ANTHROPIC_AUTH_TOKEN absent or invalid"),r&&a("resolveCredentials",`clientId=${r.clientId}`,`tenant=${r.tenant}`);let n=r?r.tenant:"",o=process.env[_.FLOW_TELEMETRY]==="true",s=process.env[_.LANGFUSE_BASE_URL],i=process.env[_.LANGFUSE_PUBLIC_KEY],l=process.env[_.LANGFUSE_SECRET_KEY];if(o&&s&&i&&l){let m="",g=n;if(r)m=await K().catch(()=>null)??r.clientId;let h={user:m??"",tenant:g??"",team:"",project:"",model:e};t.push({mode:"direct",...ir(lt(s),i,l),...h}),a("resolveCredentials","direct mode active",`user=${h.user}`,`tenant=${h.tenant}`);}if(!r){if(t.length===0){let m=[];return m.authError=false,m}return t}let c;try{c=await sr(r);}catch(m){if(a("resolveCredentials",`token refresh failed: ${m.message}`,`(tenant=${r.tenant} clientId=${r.clientId})`),t.length>0)return t.authError=true,t;let g=[];return g.authError=true,g}let S={user:rr(c)??r.clientId,tenant:n,team:"",project:"",model:e},T=process.env[_.FLOW_TELEMETRY_GATEWAY]??D();return t.push({mode:"gateway",...or(lt(T),{accessToken:c}),...S}),t}async function Zt(){return (await C()).length>0}function k(t,e){let r=typeof t=="object"?JSON.stringify(t):String(t??"");return r.length>e?r.slice(0,e)+" \u2026[truncated]":r}function pt(t,e=100){return String(t??"").split(`
4
- `)[0].slice(0,e).trim()}function Pt(){return new Promise(t=>{let e="";process.stdin.setEncoding("utf8"),process.stdin.on("data",r=>{e+=r;}),process.stdin.on("end",()=>{try{t(JSON.parse(e));}catch{t({});}});})}function O(t){process.stdout.write(JSON.stringify(t));}var bt=()=>crypto.randomBytes(16).toString("hex"),v=()=>crypto.randomBytes(8).toString("hex");function L(){return String(BigInt(Date.now())*1000000n)}var gr=/^[0-9a-f-]{1,64}$/i,_r=B.normalize(ge.tmpdir())+B.sep;function Sr(t,e){let r=B.resolve(t);if(!r.startsWith(e))throw new Error(`Path traversal detected: ${t}`);return r}function Ct(t){if(!gr.test(t))throw new Error(`Invalid session ID: ${t}`);return Sr(B.join(ge.tmpdir(),`flow-obs-${t}.json`),_r)}function x(t){let e=Ct(t);if(!I.existsSync(e))return null;try{return JSON.parse(I.readFileSync(e,"utf8"))}catch{return null}}function M(t,e){I.writeFileSync(Ct(t),JSON.stringify(e),{encoding:"utf8",mode:384});}function vt(t){try{I.unlinkSync(Ct(t));}catch{}}function ne(t){if(!t||!I.existsSync(t))return null;try{let e=I.readFileSync(t,"utf8").trimEnd().split(`
5
- `);for(let r=e.length-1;r>=0;r--)try{let n=JSON.parse(e[r]);if(n.type==="user"&&n.uuid)return n.uuid}catch{}}catch{}return null}function Ut(t){if(!t||!I.existsSync(t))return null;try{let e=I.readFileSync(t,"utf8").trimEnd().split(`
1
+ 'use strict';var child_process=require('child_process'),util=require('util'),I=require('fs'),x=require('path'),fe=require('os'),Je=require('https'),je=require('http'),crypto=require('crypto');function _interopDefault(e){return e&&e.__esModule?e:{default:e}}var I__default=/*#__PURE__*/_interopDefault(I);var x__default=/*#__PURE__*/_interopDefault(x);var fe__default=/*#__PURE__*/_interopDefault(fe);var Je__default=/*#__PURE__*/_interopDefault(Je);var je__default=/*#__PURE__*/_interopDefault(je);var Re=Object.defineProperty;var et=(t=>typeof require<"u"?require:typeof Proxy<"u"?new Proxy(t,{get:(e,r)=>(typeof require<"u"?require:e)[r]}):t)(function(t){if(typeof require<"u")return require.apply(this,arguments);throw Error('Dynamic require of "'+t+'" is not supported')});var dt=(t,e,r)=>()=>{if(r)throw r[0];try{return t&&(e=t(t=0)),e}catch(n){throw r=[n],n}};var ft=(t,e)=>{for(var r in e)Re(t,r,{get:e[r],enumerable:true});};var Dt={};ft(Dt,{MacOsKeyVaultProvider:()=>Et});var Tt,Et,xt=dt(()=>{"use strict";Tt=util.promisify(child_process.execFile),Et=class{static async isAvailable(){try{return I.accessSync("/usr/bin/security",I.constants.X_OK),!0}catch{return !1}}async getSecret(e,r){try{let{stdout:n}=await Tt("security",["find-generic-password","-w","-a",r,"-s",e]);return n.trim()||null}catch{return null}}async setSecret(e,r,n){await Tt("security",["add-generic-password","-U","-a",r,"-s",e,"-w",n]);}async deleteSecret(e,r){try{return await Tt("security",["delete-generic-password","-a",r,"-s",e]),!0}catch{return !1}}getStoragePath(){return "macOS Keychain"}};});var Mt={};ft(Mt,{LinuxKeyVaultProvider:()=>ht});var Bt,ht,Ht=dt(()=>{"use strict";Bt=util.promisify(child_process.execFile),ht=class{static async isAvailable(){let e=["/usr/bin/secret-tool","/bin/secret-tool","/usr/local/bin/secret-tool"];for(let r of e)try{return I.accessSync(r,I.constants.X_OK),!0}catch{}return !1}async getSecret(e,r){try{let{stdout:n}=await Bt("secret-tool",["lookup","service",e,"account",r]);return n.trim()||null}catch{return null}}async setSecret(e,r,n){await new Promise((o,s)=>{let i=child_process.spawn("secret-tool",["store","--label",e,"service",e,"account",r]);i.on("error",s),i.on("close",l=>{l===0?o():s(new Error(`secret-tool exited with code ${l}`));}),i.stdin.write(n),i.stdin.end();});}async deleteSecret(e,r){try{return await Bt("secret-tool",["clear","service",e,"account",r]),!0}catch{return !1}}getStoragePath(){return "Linux Secret Service (libsecret)"}};});var Vt={};ft(Vt,{WindowsKeyVaultProvider:()=>yt});var yt,Yt=dt(()=>{"use strict";yt=class{static async isAvailable(){try{return await et("keytar").getPassword("__flow_probe__","__flow_probe__"),!0}catch{return !1}}async getSecret(e,r){return et("keytar").getPassword(e,r)}async setSecret(e,r,n){await et("keytar").setPassword(e,r,n);}async deleteSecret(e,r){return et("keytar").deletePassword(e,r)}getStoragePath(){return "Windows Credential Manager"}};});var Ne="https://flow.ciandt.com";function D(){let t=process.env.FLOW_BASE_URL;return t&&t.trim()?t.trim():Ne}function G(){let t=D();return {AUTH_ENGINE:process.env.FLOW_AUTH_ENGINE_URL||`${t}/auth-engine-api/v2/api-key/token`,GATEWAY_TRACES:process.env.FLOW_GATEWAY_TRACES_URL||`${t}/flow-langfuse-gateway/v1/traces`,GATEWAY_HEALTH:process.env.FLOW_GATEWAY_HEALTH_URL||`${t}/flow-langfuse-gateway/v1/health`,OTEL_ENDPOINT:process.env.FLOW_OTEL_ENDPOINT_URL||`${t}/otel`}}G();var rt={SERVICE:"flow-plugins-cli",ACCOUNT_TOKEN:"token-cache"},nt="FLOW-nodejs",st="config.json",mt={SCOPE_NAME:"flow-ai-obs",SCOPE_VERSION:"0.1.0"};var _={FLOW_TELEMETRY:"FLOW_TELEMETRY",FLOW_TELEMETRY_GATEWAY:"FLOW_TELEMETRY_GATEWAY_URL",LANGFUSE_BASE_URL:"LANGFUSE_BASE_URL",LANGFUSE_PUBLIC_KEY:"LANGFUSE_PUBLIC_KEY",LANGFUSE_SECRET_KEY:"LANGFUSE_SECRET_KEY",ANTHROPIC_MODEL:"ANTHROPIC_MODEL",ANTHROPIC_AUTH_TOKEN:"ANTHROPIC_AUTH_TOKEN",FLOW_OBS_DEBUG:"FLOW_TELEMETRY_DEBUG",FLOW_OBS_ALLOW_HTTP:"FLOW_TELEMETRY_ALLOW_HTTP",BUFFER_TTL_DAYS:"FLOW_TELEMETRY_BUFFER_TTL_DAYS",BUFFER_MAX_FILES:"FLOW_TELEMETRY_BUFFER_MAX_FILES"};var A={FILE_PREFIX:"flow-obs-buffer-",DEFAULT_TTL_DAYS:4,MIN_TTL_DAYS:1,MAX_TTL_DAYS:30,DEFAULT_MAX_FILES:50,MIN_MAX_FILES:1,MAX_MAX_FILES:500,REPLAY_BATCH_SIZE:10},$t="flow-ai-obs-debug.log",k={TOOL_INPUT:2e4,TOOL_OUTPUT:2e4,TRACE_OUTPUT:2e4,USER_INSTRUCTION:1e4,TRACE_INPUT:5e4};function gt(){let t=D();return {API_URL:process.env.FLOW_METRICS_URL||`${t}/metrics-collector-api/log-event`,BOOSTER:"flow-ai-obs"}}var _t={credentials:"credentials","token-cache":"tokenCache"};function W(){let t=fe__default.default.homedir();if(process.platform==="darwin")return x__default.default.join(t,"Library","Preferences",nt,st);if(process.platform==="win32"){let r=process.env.APPDATA??x__default.default.join(t,"AppData","Roaming");return x__default.default.join(r,nt,st)}let e=process.env.XDG_CONFIG_HOME??x__default.default.join(t,".config");return x__default.default.join(e,nt,st)}function St(){try{let t=I__default.default.readFileSync(W(),"utf8");return JSON.parse(t)}catch{return {}}}function Ft(t){let e=W();I__default.default.mkdirSync(x__default.default.dirname(e),{recursive:true}),I__default.default.writeFileSync(e,JSON.stringify(t,null,2),{encoding:"utf8",mode:384});}var ot=class{static isAvailable(){return true}static hasExistingData(){try{if(!I__default.default.existsSync(W()))return !1;let e=JSON.parse(I__default.default.readFileSync(W(),"utf8"));return !!(e&&e.credentials)}catch{return false}}async getSecret(e,r){let n=St(),o=_t[r]??r,s=n[o];return s?typeof s=="string"?s:JSON.stringify(s):null}async setSecret(e,r,n){let o=St(),s=_t[r]??r;if(r==="token-cache")try{o[s]=JSON.parse(n);}catch{o[s]=n;}else o[s]=n;Ft(o);}async deleteSecret(e,r){let n=St(),o=_t[r]??r;return o in n?(delete n[o],Ft(n),true):false}getStoragePath(){return `config.json (unencrypted) \u2014 ${W()}`}};async function Gt(){return await He()??new ot}async function He(){switch(process.platform){case "darwin":{let{MacOsKeyVaultProvider:t}=await Promise.resolve().then(()=>(xt(),Dt));return await t.isAvailable()?new t:null}case "linux":{let{LinuxKeyVaultProvider:t}=await Promise.resolve().then(()=>(Ht(),Mt));return await t.isAvailable()?new t:null}case "win32":{let{WindowsKeyVaultProvider:t}=await Promise.resolve().then(()=>(Yt(),Vt));return await t.isAvailable()?new t:null}default:return null}}var Wt=rt.SERVICE,Jt=rt.ACCOUNT_TOKEN,At=null;function jt(){return At||(At=Gt()),At}async function Ot(t){await(await jt()).setSecret(Wt,Jt,JSON.stringify({accessToken:t.accessToken,expiresAt:t.expiresAt,lastAuthCheckAt:t.lastAuthCheckAt}));}async function kt(){let e=await(await jt()).getSecret(Wt,Jt);if(!e)return null;try{let r=JSON.parse(e);return {accessToken:r.accessToken,expiresAt:r.expiresAt,lastAuthCheckAt:r.lastAuthCheckAt}}catch{return null}}async function wt(){let t=await kt();if(!t||!t.accessToken)return null;try{let e=t.accessToken.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return r.email??r.preferred_username??r.upn??r.sub??null}catch{return null}}var We=x.join(fe.tmpdir(),$t);function a(...t){if(process.env[_.FLOW_OBS_DEBUG]!=="1")return;let e=`[${new Date().toISOString()}] ${t.join(" ")}
2
+ `;try{I.writeFileSync(We,e,{flag:"a"});}catch(r){process.stderr.write(`[flow-obs debug ERROR] ${r.message}
3
+ `);}}var b=class extends Error{constructor(e){super(e),this.name="AuthError";}},Ke=/^[a-z0-9][a-z0-9-]{0,62}[a-z0-9]$|^[a-z0-9]$/;function qe(t){if(!Ke.test(t))throw new Error(`Invalid tenant value: "${t}". Tenant must be lowercase alphanumeric and hyphens (1-64 chars).`)}var Kt={INVALID_CLIENT_SECRET:"Invalid Client Secret \u2014 check the value and try again",INVALID_CLIENT_ID:"Invalid Client ID \u2014 check the value and try again",INVALID_TENANT:"Invalid Tenant \u2014 check the value and try again",TENANT_NOT_FOUND:"Tenant not found \u2014 verify the tenant identifier"};function ze(t,e){let r=e.length>400?e.slice(0,400)+"\u2026":e;a("toAuthError",`status=${t} body=${r}`);try{let n=JSON.parse(e);if(typeof n.error=="string"&&(a("toAuthError",`api_error_code=${n.error}`+(n.message?` api_message=${n.message}`:"")),Kt[n.error]))return new b(Kt[n.error])}catch{}return t===401||t===403||t===500?new b("Invalid credentials"):t>=400&&t<500?new b("Authentication request was rejected"):new Error("Authentication service unavailable, please try again later")}function j(t){return new Promise((e,r)=>{try{qe(t.tenant);}catch(p){return r(p)}let n=JSON.stringify({clientSecret:t.clientSecret}),o=new URL(G().AUTH_ENGINE),s=o.protocol==="https:",i={hostname:o.hostname,port:o.port||(s?443:80),path:o.pathname+o.search,method:"POST",headers:{"Content-Type":"application/json","Content-Length":Buffer.byteLength(n),FlowTenant:t.tenant}};a("getToken",`requesting token tenant=${t.tenant} host=${i.hostname} path=${i.path}`);let c=(s?Je__default.default:je__default.default).request(i,p=>{let S=[];p.on("data",T=>S.push(T)),p.on("end",()=>{let T=S.join("");if((p.statusCode??0)>=400)return r(ze(p.statusCode??0,T));let m;try{m=JSON.parse(T);}catch{return r(new Error("Invalid response from auth engine"))}let g=m.expires_at??new Date(Date.now()+(m.expires_in??3600)*1e3).toISOString();e({accessToken:m.access_token??"",expiresAt:g});});});c.on("error",p=>r(new Error(`Network error: ${p.message}`))),c.write(n),c.end();})}var Xe=[/^localhost\.?$/i,/^127\./,/^10\./,/^172\.(1[6-9]|2\d|3[01])\./,/^192\.168\./,/^169\.254\./,/^0\.0\.0\.0$/,/^::1$/,/^\[::1\]$/,/^\[::ffff:/i,/^\[f[cd]/i,/^\[fe80:/i,/^metadata\.google\.internal\.?$/i,/^metadata\.azure\.internal\.?$/i,/(?:^|\.)localtest\.me\.?$/i,/(?:^|\.)lvh\.me\.?$/i,/(?:^|\.)vcap\.me\.?$/i];function Ze(t){return Xe.some(e=>e.test(t))}function Qe(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return r.email||r.preferred_username||r.upn||r.sub||null}catch{return null}}function at(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8")),{clientId:n,clientSecret:o,tenant:s}=r;return !n||!o||!s?null:{clientId:n,clientSecret:o,tenant:s}}catch{return null}}function it(t){let e;try{e=new URL(t);}catch{throw new Error(`Invalid URL: ${t}`)}let r=process.env[_.FLOW_OBS_ALLOW_HTTP]==="true";if(!r&&e.protocol!=="https:")throw new Error(`URL must use HTTPS: ${t}`);if(e.username||e.password)throw new Error(`URL must not contain embedded credentials: ${t}`);if(!r&&Ze(e.hostname))throw new Error(`SSRF: private/loopback host not allowed: ${e.hostname}`);return t}async function qt(){let t=at(process.env[_.ANTHROPIC_AUTH_TOKEN]);return t?{user:await wt().catch(()=>null)??t.clientId,tenant:t.tenant}:{user:"",tenant:""}}function tr(){return new Date().toISOString().slice(0,10)}async function er(t){let e=tr(),r=await kt();if(r?.lastAuthCheckAt!==e){a("getOrRefreshToken",`daily auth check (last: ${r?.lastAuthCheckAt??"never"})`);try{let s=await j(t);try{await Ot({...s,lastAuthCheckAt:e});}catch{}return a("getOrRefreshToken",`daily check passed, expires=${s.expiresAt}`),s.accessToken}catch(s){if(s instanceof b)throw s;a("getOrRefreshToken",`daily check network error \u2014 using cache: ${s.message}`);}}let n=r!=null&&new Date(r.expiresAt)>new Date;if(a("getOrRefreshToken",`cacheValid=${n}`),n)return a("getOrRefreshToken",`using cached token, expires=${r.expiresAt}`),r.accessToken;a("getOrRefreshToken",`token expired \u2014 refreshing via auth-engine (tenant=${t.tenant} clientId=${t.clientId})`);let o=await j(t);try{await Ot({...o,lastAuthCheckAt:e});}catch(s){a("getOrRefreshToken",`token cache save failed (non-fatal): ${s.message}`);}return a("getOrRefreshToken",`token refreshed, expires=${o.expiresAt}`),o.accessToken}function rr(t,e){let r=e&&e.accessToken?e.accessToken:"";return {endpoint:t.replace(/\/$/,"")+"/flow-langfuse-gateway/v1/traces",authHeader:`Bearer ${r}`}}function nr(t,e,r){let n=Buffer.from(`${e}:${r}`).toString("base64");return {endpoint:t.replace(/\/$/,"")+"/api/public/otel/v1/traces",authHeader:`Basic ${n}`}}async function v(){let t=[],e=process.env[_.ANTHROPIC_MODEL]??"",r=at(process.env[_.ANTHROPIC_AUTH_TOKEN]);a("resolveCredentials",r?"credentials resolved from ANTHROPIC_AUTH_TOKEN":"ANTHROPIC_AUTH_TOKEN absent or invalid"),r&&a("resolveCredentials",`clientId=${r.clientId}`,`tenant=${r.tenant}`);let n=r?r.tenant:"",o=process.env[_.FLOW_TELEMETRY]==="true",s=process.env[_.LANGFUSE_BASE_URL],i=process.env[_.LANGFUSE_PUBLIC_KEY],l=process.env[_.LANGFUSE_SECRET_KEY];if(o&&s&&i&&l){let m="",g=n;r&&(m=await wt().catch(()=>null)??r.clientId);let E={user:m??"",tenant:g??"",team:"",project:"",model:e};t.push({mode:"direct",...nr(it(s),i,l),...E}),a("resolveCredentials","direct mode active",`user=${E.user}`,`tenant=${E.tenant}`);}if(!r){if(t.length===0){let m=[];return m.authError=false,m}return t}let c;try{c=await er(r);}catch(m){if(a("resolveCredentials",`token refresh failed: ${m.message}`,`(tenant=${r.tenant} clientId=${r.clientId})`),t.length>0)return t.authError=true,t;let g=[];return g.authError=true,g}let S={user:Qe(c)??r.clientId,tenant:n,team:"",project:"",model:e},T=process.env[_.FLOW_TELEMETRY_GATEWAY]??D();return t.push({mode:"gateway",...rr(it(T),{accessToken:c}),...S}),t}async function zt(){return (await v()).length>0}function w(t,e){let r=typeof t=="object"?JSON.stringify(t):String(t??"");return r.length>e?r.slice(0,e)+" \u2026[truncated]":r}function ct(t,e=100){return String(t??"").split(`
4
+ `)[0].slice(0,e).trim()}function Lt(){return new Promise(t=>{let e="";process.stdin.setEncoding("utf8"),process.stdin.on("data",r=>{e+=r;}),process.stdin.on("end",()=>{try{t(JSON.parse(e));}catch{t({});}});})}function O(t){process.stdout.write(JSON.stringify(t));}var It=()=>crypto.randomBytes(16).toString("hex"),C=()=>crypto.randomBytes(8).toString("hex");function L(){return String(BigInt(Date.now())*1000000n)}var dr=/^[0-9a-f-]{1,64}$/i,fr=x.normalize(fe.tmpdir())+x.sep;function mr(t,e){let r=x.resolve(t);if(!r.startsWith(e))throw new Error(`Path traversal detected: ${t}`);return r}function Rt(t){if(!dr.test(t))throw new Error(`Invalid session ID: ${t}`);return mr(x.join(fe.tmpdir(),`flow-obs-${t}.json`),fr)}function B(t){let e=Rt(t);if(!I.existsSync(e))return null;try{return JSON.parse(I.readFileSync(e,"utf8"))}catch{return null}}function M(t,e){I.writeFileSync(Rt(t),JSON.stringify(e),{encoding:"utf8",mode:384});}function Nt(t){try{I.unlinkSync(Rt(t));}catch{}}function ee(t){if(!t||!I.existsSync(t))return null;try{let e=I.readFileSync(t,"utf8").trimEnd().split(`
5
+ `);for(let r=e.length-1;r>=0;r--)try{let n=JSON.parse(e[r]);if(n.type==="user"&&n.uuid)return n.uuid}catch{}}catch{}return null}function Pt(t){if(!t||!I.existsSync(t))return null;try{let e=I.readFileSync(t,"utf8").trimEnd().split(`
6
6
  `),r=[],n=0,o=0;for(let s=e.length-1;s>=0;s--)try{let i=JSON.parse(e[s]);if(i.type==="user")break;if(i.type==="assistant"){let c=(i.message?.content??[]).filter(S=>S.type==="text").map(S=>S.text??"").join("");c&&r.unshift(c);let p=i.message?.usage??{};n+=(p.input_tokens??0)+(p.cache_read_input_tokens??0)+(p.cache_creation_input_tokens??0),o+=p.output_tokens??0;}}catch{}return !r.length&&n===0?null:{text:r.join(`
7
7
 
8
- `),inputTokens:n,outputTokens:o}}catch{}return null}var Ar=new Set([".venv","__pycache__",".git","node_modules"]),yr=new Set([".pyc",".pyo"]),Or=new Set(["SKILL.md",".DS_Store",".gitignore"]);function ie(t){return t.replace(":","/")}function dt(t,e){if(!t)return null;let r=ie(t),n=[B.join(ge.homedir(),".claude","skills",r,"SKILL.md"),B.join(e??"",".claude","skills",r,"SKILL.md")];for(let o of n)if(I.existsSync(o))try{return I.readFileSync(o,"utf8")}catch{}return null}function ae(t){return t.split(`
9
- `)[0].match(/^\/([a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?)(?:\s.*)?$/i)?.[1]??null}var wr=new Set(["Read","Write","Edit","MultiEdit","Bash","Glob","Grep","TodoWrite","WebFetch","WebSearch","Agent","Task"]);function ce(t){return !!t.slashSkill||t.toolCalls.some(n=>n.tool==="Skill")?t.toolCalls.some(n=>n.tool==="Skill"&&!n.synthetic||wr.has(n.tool))?"complete":"prerequisite_required":null}function ft(t,e){if(!t)return null;let r=ie(t),n=[B.join(ge.homedir(),".claude","skills",r),B.join(e??"",".claude","skills",r)],o=null;for(let l of n)if(I.existsSync(B.join(l,"SKILL.md"))){o=l;break}if(!o)return null;let s=[];function i(l,c){for(let p of I.readdirSync(l,{withFileTypes:true})){if(Ar.has(p.name)||Or.has(p.name)||yr.has(B.extname(p.name)))continue;let S=c?`${c}/${p.name}`:p.name;p.isDirectory()?i(B.join(l,p.name),S):s.push(S);}}return i(o,""),s.length>0?s:null}function Ir(t){try{let e=t.split(".")[1].replace(/-/g,"+").replace(/_/g,"/");return JSON.parse(Buffer.from(e,"base64").toString())}catch{return null}}function Rr(t,e,r,n){return new Promise(o=>{let s=new URL(t),i=s.protocol==="https:",l=(i?qe__default.default:ze__default.default).request({hostname:s.hostname,port:s.port||(i?443:80),path:s.pathname+s.search,method:"POST",headers:{"Content-Type":"application/json","Content-Length":Buffer.byteLength(e),Authorization:`Bearer ${String(r).replace(/[\r\n]/g,"")}`,FlowTenant:String(n).replace(/[\r\n]/g,"")}},c=>{c.resume(),o(c.statusCode??0);});l.on("error",()=>o(0)),l.setTimeout(5e3,()=>{l.destroy(),o(0);}),l.write(e),l.end();})}async function U(t,e={}){try{let r=ut(process.env[_.ANTHROPIC_AUTH_TOKEN]);if(!r)return;let n,o=new Promise((T,m)=>{n=setTimeout(()=>m(new Error("getToken timeout")),4e3),n.unref();}),{accessToken:s}=await Promise.race([j(r),o]);clearTimeout(n);let i=Ir(s);if(!i)return;let l=i.tenant||r.tenant,c=JSON.stringify({action:t,booster:Et().BOOSTER,metadata:e,success:!0,tenant:l,timestamp:new Date().toISOString(),os:process.platform,user:{email:i.email||"",id:i.sub||"",name:i.name||i.email||""}}),p=lt(Et().API_URL),S=await Rr(p,c,s,l);a("metrics.logEvent",`action=${t} status=${S}`);}catch(r){a("metrics.logEvent",`silenced error: ${r.message}`);}}var Nr=`\u26D4 Your Flow API key has expired. You no longer have access to Claude Code through the Flow platform. To restore observability and access, visit ${D()}/settings/api-keys to generate a new API key, then run: flow-ai-obs auth login`;async function $t(t,e=false){if(e){process.stdout.write(JSON.stringify({decision:"block",reason:Nr})+`
10
- `);return}let n=!!(await C()).authError,o=t.session_id||"unknown",s=t.prompt||"",i=t.cwd||"",l=ne(t.transcript_path)||bt(),c=ae(s),p=c?dt(c,i):null,S=c?ft(c,i):null;M(o,{traceId:bt(),spanId:v(),startNs:L(),sessionId:o,prompt:s,cwd:i,traceName:l,transcriptPath:t.transcript_path||"",model:process.env[_.ANTHROPIC_MODEL]||"",toolCalls:[],spans:[],pendingTool:null,slashSkill:c,skillContent:p,skillArtifacts:S}),U("SESSION_STARTED",{traceType:c?"skill":"prompt",slashSkill:c,clientIdExpired:n}),a("UserPromptSubmit",`sid=${o}`,`traceName=${l}`,`slashSkill=${c}`),O(t);}async function le(t){let e=t.session_id||"unknown",r=t.tool_name||"unknown",n=t.tool_input||{},o=x(e);o&&(o.pendingTool={name:r,inputStr:k(n,w.TOOL_INPUT),startNs:L()},M(e,o)),a("PreToolUse",`sid=${e}`,`tool=${r}`,`stateFound=${!!o}`),O(t);}var Pr={name:St.SCOPE_NAME,version:St.SCOPE_VERSION},f={TRACE_NAME:"langfuse.trace.name",TRACE_INPUT:"langfuse.trace.input",TRACE_OUTPUT:"langfuse.trace.output",TRACE_METADATA:"langfuse.trace.metadata",TRACE_TAGS:"langfuse.trace.tags",USER_ID:"langfuse.user.id",SESSION_ID:"langfuse.session.id",OBS_NAME:"langfuse.observation.name",OBS_INPUT:"langfuse.observation.input",OBS_OUTPUT:"langfuse.observation.output",OBS_LEVEL:"langfuse.observation.level",OBS_TYPE:"langfuse.observation.type",MODEL:"gen_ai.request.model",INPUT_TOKENS:"gen_ai.usage.input_tokens",OUTPUT_TOKENS:"gen_ai.usage.output_tokens"};function u(t,e){return e==null||e===""?null:{key:t,value:{stringValue:String(e)}}}function $(...t){return t.filter(e=>e!==null)}function ue(t,e){return {resourceSpans:[{resource:{attributes:t},scopeSpans:[{scope:Pr,spans:Array.isArray(e)?e:[e]}]}]}}var pe=B.join(ge.tmpdir(),"flow-obs-requests.ndjson");function de(t,e,r,n,o){if(process.env[_.FLOW_OBS_DEBUG]!=="1")return;let s=JSON.stringify({ts:new Date().toISOString(),request:{method:"POST",url:t,headers:e,body:JSON.parse(r)},response:{status:n,body:o}});try{I.writeFileSync(pe,s+`
11
- `,{flag:"a",encoding:"utf8",mode:384}),a("sendTraces:dump",`request appendada em ${pe}`);}catch(i){a("sendTraces:dump",`falha ao salvar: ${i.message}`);}}function Fr(t){let e=new URL(t),r=new URL(G().GATEWAY_HEALTH);return r.hostname=e.hostname,r.port=e.port,r.protocol=e.protocol,r}function fe(t,e){return new Promise((r,n)=>{let o=t._isSSL?qe__default.default:ze__default.default;t.headers=Object.assign({},t.headers,{Connection:"close"});let s=o.request(t,i=>{let l=[];i.on("data",c=>l.push(c)),i.on("end",()=>r({statusCode:i.statusCode??0,body:l.join("")}));});s.setTimeout(1e4,()=>{s.destroy(new Error("Request timeout"));}),s.on("error",i=>n(new Error(`Network error: ${i.message}`))),e&&s.write(e),s.end();})}async function me(t,e){let r;try{r=Fr(t);}catch{return false}let n=r.protocol==="https:";try{let o={};e&&(o.Authorization=String(e).replace(/[\r\n]/g,""));let s=await fe({hostname:r.hostname,port:r.port||(n?443:80),path:r.pathname,method:"GET",headers:o,_isSSL:n},null);return a("checkHealth",`url=${r.href} status=${s.statusCode}`),s.statusCode>=200&&s.statusCode<300}catch{return false}}async function mt(t,e,r){let n=JSON.stringify(t),o=new URL(e),s=o.protocol==="https:",i=String(r).replace(/[\r\n]/g,""),l={"Content-Type":"application/json",Authorization:i,"Content-Length":Buffer.byteLength(n)};a("sendTraces:request",`POST ${e}`),a("sendTraces:request",`headers=${JSON.stringify({...l,Authorization:i.slice(0,20)+"\u2026"})}`),a("sendTraces:request",`body=${n.slice(0,500)}${n.length>500?"\u2026":""}`);try{let c=await fe({hostname:o.hostname,port:o.port||(s?443:80),path:o.pathname,method:"POST",headers:l,_isSSL:s},n);return a("sendTraces:response",`status=${c.statusCode}`),de(e,l,n,c.statusCode,c.body),c.statusCode}catch(c){return a("sendTraces:error",c.message),de(e,l,n,0,c.message),0}}function Dr(){let t=parseInt(process.env[_.BUFFER_TTL_DAYS]??"",10);return (Number.isFinite(t)?Math.max(y.MIN_TTL_DAYS,Math.min(y.MAX_TTL_DAYS,t)):y.DEFAULT_TTL_DAYS)*24*60*60*1e3}function Br(){let t=parseInt(process.env[_.BUFFER_MAX_FILES]??"",10);return Number.isFinite(t)?Math.max(y.MIN_MAX_FILES,Math.min(y.MAX_MAX_FILES,t)):y.DEFAULT_MAX_FILES}function _e(t){if(/[/\\]/.test(t))throw new Error(`Invalid buffer fileId: ${t}`);return B__default.default.join(ge__default.default.tmpdir(),`${y.FILE_PREFIX}${t}.json`)}function Dt(){let t=ge__default.default.tmpdir(),e;try{e=I__default.default.readdirSync(t);}catch{return []}return e.filter(r=>r.startsWith(y.FILE_PREFIX)&&r.endsWith(".json")).map(r=>{let n=B__default.default.join(t,r),o=0;try{o=I__default.default.statSync(n).mtimeMs;}catch{}return {full:n,mtime:o}}).sort((r,n)=>r.mtime-n.mtime).map(r=>r.full)}function q(t){try{let e=Br(),r=Dt();if(r.length>=e){let s=r.slice(0,r.length-e+1);for(let i of s)try{I__default.default.unlinkSync(i);}catch{}}let n=`${Date.now()}-${Math.random().toString(36).slice(2,8)}`,o={fileId:n,bufferedAt:Date.now(),payload:t};return I__default.default.writeFileSync(_e(n),JSON.stringify(o),{encoding:"utf8",mode:384}),a("buffer",`saved fileId=${n}`),n}catch(e){return a("buffer",`saveToBuffer failed: ${e.message}`),null}}function Se(t){let e=Dt(),r=t,n=[];for(let o of e){if(n.length>=r)break;try{let s=I__default.default.readFileSync(o,"utf8"),i=JSON.parse(s);i&&i.fileId&&i.payload&&n.push(i);}catch{a("buffer",`skipping malformed file: ${o}`);}}return n}function Ee(t){try{I__default.default.unlinkSync(_e(t)),a("buffer",`deleted fileId=${t}`);}catch{}}function Te(){let t=Date.now()-Dr();for(let e of Dt())try{let{mtimeMs:r}=I__default.default.statSync(e);r<t&&(I__default.default.unlinkSync(e),a("buffer",`evicted stale: ${B__default.default.basename(e)}`));}catch{}}async function xr(t){Te();let e=Se(y.REPLAY_BATCH_SIZE);e.length&&(a("replayBufferedTraces",`replaying ${e.length} buffered trace(s)`),await Promise.allSettled(e.map(async r=>{try{let n=await mt(r.payload,t.endpoint,t.authHeader);n>=200&&n<300?(Ee(r.fileId),a("replayBufferedTraces",`replayed fileId=${r.fileId} status=${n}`)):a("replayBufferedTraces",`replay failed fileId=${r.fileId} status=${n}`);}catch(n){a("replayBufferedTraces",`replay error fileId=${r.fileId}: ${n.message}`);}})));}async function he(t){let e=await C();if(!e.length)return e.authError&&(a("postToLangfuse","auth refresh failed \u2014 buffering trace"),q(t)),0;let r=await Promise.all(e.map(async s=>{if(s.mode!=="gateway")return {creds:s,healthy:true};let i=await me(s.endpoint,s.authHeader);return {creds:s,healthy:i}})),n=r.find(s=>s.creds.mode==="gateway"&&s.healthy)?.creds??r.find(s=>s.creds.mode==="direct")?.creds;return n&&await xr(n),(await Promise.all(r.map(async({creds:s,healthy:i})=>{if(s.mode==="gateway"){if(!i)return a("postToLangfuse","gateway health check failed \u2014 buffering trace"),q(t),0;let c=await mt(t,s.endpoint,s.authHeader);return (c===0||c>=500)&&(a("postToLangfuse",`gateway send failed (status ${c}) \u2014 buffering trace`),q(t)),c}let l=await mt(t,s.endpoint,s.authHeader);return (l===0||l>=500)&&(a("postToLangfuse",`direct endpoint unavailable (status ${l}) \u2014 buffering trace`),q(t)),l}))).find(s=>s!==0)??0}var A="[REDACTED]",Mr="[REDACTED-EMAIL]",Hr="[REDACTED-CPF]",Yr="[REDACTED-CNPJ]",Ae="[REDACTED-PHONE]",Vr=[{re:/\b(sk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`sk-${A}`},{re:/\b(pk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`pk-${A}`},{re:/\b(Bearer\s+)[A-Za-z0-9\-._~+/]+=*/gi,replace:(t,e)=>`${e}${A}`},{re:/\b(Basic\s+)[A-Za-z0-9+/]+=*/gi,replace:(t,e)=>`${e}${A}`},{re:/(-----BEGIN [A-Z ]+-----)[^-]*(-----END [A-Z ]+-----)/g,replace:(t,e,r)=>`${e}
12
- ${A}
13
- ${r}`},{re:/\b(AKIA[0-9A-Z]{16})\b/g,replace:()=>`AKIA${A}`},{re:/(aws_secret_access_key\s*[=:]\s*)([A-Za-z0-9/+]{40})/gi,replace:(t,e)=>`${e}${A}`},{re:/\b(ghp_[A-Za-z0-9]{36,})/g,replace:()=>`ghp_${A}`},{re:/\b(github_pat_[A-Za-z0-9_]{36,})/gi,replace:()=>`github_pat_${A}`},{re:/\b(eyJ[A-Za-z0-9_\-]+\.eyJ[A-Za-z0-9_\-]+\.[A-Za-z0-9_\-]+)/g,replace:()=>`eyJ.${A}`},{re:/\b([A-Z0-9_]*(?:SECRET|TOKEN|KEY|PASSWORD|PASSWD|PWD|CREDENTIAL|API)[A-Z0-9_]*\s*=\s*)(['"]?)([^\s'"#\n]+)\2/gi,replace:(t,e,r)=>`${e}${r}${A}${r}`},{re:/([a-z][a-z0-9+\-.]*:\/\/[^:/?#\s]*):([^@\s]+)@/gi,replace:(t,e)=>`${e}:${A}@`},{re:/[a-zA-Z0-9._%+\-]+@[a-zA-Z0-9.\-]+\.[a-zA-Z]{2,}/g,replace:()=>Mr},{re:/\b\d{3}\.\d{3}\.\d{3}-\d{2}\b/g,replace:()=>Hr},{re:/\b\d{2}\.\d{3}\.\d{3}\/\d{4}-\d{2}\b/g,replace:()=>Yr},{re:/\(\d{2}\)\s?\d{4,5}[-\s]?\d{4}/g,replace:()=>Ae},{re:/\+55[\s-]?\d{2}[\s-]?\d{4,5}[-\s]?\d{4}/g,replace:()=>Ae}];function R(t){if(t==null)return "";let e=typeof t=="string"?t:JSON.stringify(t);return Vr.reduce((r,{re:n,replace:o})=>r.replace(n,o),e)}async function ye(t){let e=t.session_id||"unknown",r=t.tool_name||"unknown",n=t.tool_input||{},o=t.tool_response,s=o!==null&&typeof o=="object"?o.output??JSON.stringify(o):o??"",i=x(e);if(!i){O(t);return}let l=L(),c=i.pendingTool,p=c?.name===r,S=p?c.startNs:String(BigInt(l)-200000000n),T=p?c.inputStr:k(n,w.TOOL_INPUT),m=T,g=null;if(r==="Skill"){let et=typeof n=="object"&&n!==null?n.skill||n.name||n.skillName||n.commandName||String(Object.values(n)[0]??""):String(n);g=et?String(et).trim():null;let N=g?dt(g,i.cwd):null;N&&(m=N,i.skillContent||(i.skillContent=N),i.skillArtifacts||(i.skillArtifacts=ft(g,i.cwd))),g&&!i.slashSkill&&(i.slashSkill=g),a("PostToolUse","Skill tool detected",`skillName=${g}`,`contentFound=${!!N}`);}let h=R(k(s,w.TOOL_OUTPUT)),E=/\b(error|exception|failed|failure|traceback|errno)\b/i.test(h.slice(0,500)),z=E?"ERROR":"DEFAULT",Y=v(),X=Math.round(Number(BigInt(l)-BigInt(S))/1e6),Q={Agent:"AGENT",Task:"AGENT"}[r]??"TOOL",tt=r==="Skill"&&g?g:pt(T,60);i.toolCalls.push({tool:r,brief:tt,error:E,durationMs:X});let V=i.spans;V.push({traceId:i.traceId,spanId:Y,parentSpanId:i.spanId,name:r,kind:3,startTimeUnixNano:S,endTimeUnixNano:l,attributes:$(u(f.OBS_NAME,r),u(f.OBS_TYPE,Q),u(f.OBS_LEVEL,z),u(f.OBS_INPUT,R(m)),u(f.OBS_OUTPUT,h),u("tool.name",r),u("tool.error",String(E)),r==="Skill"&&g?u("skill.name",g):null,r==="Skill"?u("skill.invocation","slash-command"):null),status:{code:E?2:1}}),i.pendingTool=null,M(e,i),E&&U("TOOL_ERROR",{toolName:r}),a("PostToolUse",`sid=${e}`,`tool=${r}`,`error=${E}`,`durationMs=${X}`,`totalSpans=${V.length}`),O(t);}var Oe={"claude-opus-4-6":{input:15,output:75},"claude-opus-4-5":{input:15,output:75},"claude-sonnet-4-6":{input:3,output:15},"claude-sonnet-4-5":{input:3,output:15},"claude-haiku-4-5":{input:.8,output:4},"claude-4-6-opus":{input:15,output:75},"claude-4-6-sonnet":{input:3,output:15},"claude-4-5-opus":{input:15,output:75},"claude-4-5-sonnet":{input:3,output:15},"claude-4-5-haiku":{input:.8,output:4},"claude-3-5-sonnet-20241022":{input:3,output:15},"claude-3-5-haiku-20241022":{input:.8,output:4},"claude-3-opus-20240229":{input:15,output:75}};function we(t,e,r){let n=Object.keys(Oe).find(i=>(t??"").toLowerCase().includes(i));if(!n)return;let o=Oe[n],s=(e*o.input+r*o.output)/1e6;return Math.round(s*1e6)/1e6}async function ke(t){let e=t.session_id||"unknown",r=t.stop_reason||"end_turn",n=x(e);if(!n){O(t);return}n.slashSkill&&!/^[a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?$/i.test(n.slashSkill)&&(a("Stop",`sid=${e}`,`slashSkill rejected post-disk: "${n.slashSkill}"`),n.slashSkill=null);let o=L(),s=await Xt(),i=n.toolCalls,l=n.spans;if(n.slashSkill&&!i.some(d=>d.tool==="Skill")){let d=v(),P=n.skillContent?n.skillContent:JSON.stringify({skill:n.slashSkill});i.push({tool:"Skill",brief:n.slashSkill,error:false,durationMs:0,synthetic:true}),l.push({traceId:n.traceId,spanId:d,parentSpanId:n.spanId,name:"Skill",kind:3,startTimeUnixNano:n.startNs,endTimeUnixNano:n.startNs,attributes:$(u(f.OBS_NAME,"Skill"),u(f.OBS_TYPE,"TOOL"),u(f.OBS_LEVEL,"DEFAULT"),u(f.OBS_INPUT,P),u(f.OBS_OUTPUT,"loaded via slash command"),u("tool.name","Skill"),u("tool.error","false"),u("skill.name",n.slashSkill),u("skill.invocation","slash-command")),status:{code:1}}),a("Stop",`slashSkill=${n.slashSkill}`,"synthetic span injected");}let c=t.transcript_path||n.transcriptPath||"",p=Ut(c);if(c&&(i.some(d=>d.tool==="Skill"&&!d.synthetic)||!!n.slashSkill)&&!p?.text){await new Promise(P=>setTimeout(P,500));let d=Ut(c);d?.text&&(p=d);}a("Stop",`transcriptPath=${c||"(empty)"}`,`assistantOut=${p?`text=${p.text.length}chars`:"null"}`);let T=i.length,m=i.filter(d=>d.error).length,g=R(p?.text?k(p.text,w.TRACE_OUTPUT):T===0?"No tools used":i.map((d,P)=>`${P+1}. ${d.tool}${d.brief?` \u2192 ${d.brief}`:""}${d.error?" [ERROR]":""}`).join(`
14
- `)),h=p?.inputTokens??0,E=p?.outputTokens??0,z=i.map((d,P)=>`${P+1}. ${d.tool}${d.brief?` \u2192 ${d.brief}`:""}${d.error?" [ERROR]":""} (${d.durationMs}ms)`),Y=!!(n.slashSkill||i.some(d=>d.tool==="Skill")),X=i.some(d=>d.tool==="Agent");if(!Y&&!X){a("Stop",`sid=${e}`,"skipping trace \u2014 no Skill or Agent calls found"),U("TRACE_SKIPPED",{reason:"no_skill_or_agent"}),vt(e),O(t);return}let Z=Y?"skill":"agent",Q=Math.round(Number(BigInt(o)-BigInt(n.startNs))/1e6),tt=we(n.model,h,E),F=ce(n);F==="prerequisite_required"&&p?.text&&(F="complete"),F==="prerequisite_required"&&(l.push({traceId:n.traceId,spanId:v(),parentSpanId:n.spanId,name:"prerequisite-check",kind:3,startTimeUnixNano:n.startNs,endTimeUnixNano:o,attributes:$(u(f.OBS_NAME,"prerequisite-check"),u(f.OBS_TYPE,"EVENT"),u(f.OBS_LEVEL,"WARNING"),u(f.OBS_OUTPUT,g),u("skill.name",n.slashSkill||void 0),u("execution_status","prerequisite_required")),status:{code:1}}),a("Stop",`sid=${e}`,"prerequisite-check span injected",`skill=${n.slashSkill}`));let V=(()=>{if(!(!Y||!n.prompt)){if(n.slashSkill){let d=n.prompt.replace(new RegExp(`^\\/${n.slashSkill}\\s*`,"i"),"").trim();return d?k(R(d),w.USER_INSTRUCTION):void 0}return k(R(n.prompt),w.USER_INSTRUCTION)||void 0}})(),et=JSON.stringify({trace_type:Z,...F!==null&&{execution_status:F},...n.slashSkill?{skill_name:n.slashSkill}:{},...n.skillArtifacts?.length&&{skill_artifacts:n.skillArtifacts},...V!==void 0&&{user_instruction:V},latency_ms:Q,...h&&{tokens_input:h},...E&&{tokens_output:E},cost_usd:tt,...n.model?{model:n.model}:{},toolCount:T,errorCount:m,stopReason:r,sessionId:n.sessionId,tools:z.length?z:void 0}),N=R(k(n.prompt,w.TRACE_INPUT)),Le=$(u(f.TRACE_NAME,n.traceName),u(f.TRACE_INPUT,N),u(f.TRACE_OUTPUT,g),u(f.OBS_INPUT,N),u(f.OBS_OUTPUT,g),u(f.TRACE_METADATA,et),u(f.SESSION_ID,n.sessionId),u(f.USER_ID,s.user),u(f.OBS_TYPE,"GENERATION"),u(f.MODEL,n.model),h?u(f.INPUT_TOKENS,h):null,E?u(f.OUTPUT_TOKENS,E):null,u("claude.stop_reason",r),u("claude.tool_count",String(T)),u("claude.error_count",String(m)),u("claude.session_id",n.sessionId),u("flow.trace_type",Z),{key:f.TRACE_TAGS,value:{arrayValue:{values:[{stringValue:Z}]}}}),Ie={traceId:n.traceId,spanId:n.spanId,name:n.traceName,kind:1,startTimeUnixNano:n.startNs,endTimeUnixNano:o,attributes:Le,status:{code:m>0?2:1}},Re=$(u("service.name",process.env.LANGFUSE_PROJECT_NAME||"claude-code"),u("deployment.environment",process.env.LANGFUSE_ENVIRONMENT||"default")),Bt=[...l,Ie];a("Stop",`sid=${e}`,`totalTools=${T}`,`errorTools=${m}`,`spans=${Bt.length}`,`inputTokens=${h}`,`outputTokens=${E}`,`traceOutput="${pt(g,80)}"`);let Ne=await he(ue(Re,Bt));a("Stop",`POST status=${Ne}`,`traceId=${n.traceId}`),U("TRACE_SENT",{latencyMs:Q,totalTools:T,errorTools:m,inputTokens:h,outputTokens:E,costUsd:tt}),vt(e),O(t);}async function Gr(){let t=process.argv[2];if(t==="UserPromptSubmit"){let r=await Pt(),n;try{n=await C();}catch{process.stdout.write(JSON.stringify(r));return}n.authError?await $t(r,true):n.length>0?await $t(r):process.stdout.write(JSON.stringify(r));return}if(!await Zt()){let r=[];process.stdin.on("data",n=>r.push(n)),process.stdin.on("end",()=>process.stdout.write(r.join("")));return}let e=await Pt();switch(t){case "PreToolUse":await le(e);break;case "PostToolUse":await ye(e);break;case "Stop":await ke(e);break;default:process.stderr.write(`[flow-obs] unknown event: ${t}
15
- `),process.stdout.write(JSON.stringify(e));}}Gr().catch(t=>{process.stderr.write(`[flow-obs] fatal: ${t.message}
8
+ `),inputTokens:n,outputTokens:o}}catch{}return null}var Tr=new Set([".venv","__pycache__",".git","node_modules"]),Er=new Set([".pyc",".pyo"]),hr=new Set(["SKILL.md",".DS_Store",".gitignore"]);function se(t){return t.replace(":","/")}function lt(t,e){if(!t)return null;let r=se(t),n=[x.join(fe.homedir(),".claude","skills",r,"SKILL.md"),x.join(e??"",".claude","skills",r,"SKILL.md")];for(let o of n)if(I.existsSync(o))try{return I.readFileSync(o,"utf8")}catch{}return null}function oe(t){return t.split(`
9
+ `)[0].match(/^\/([a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?)(?:\s.*)?$/i)?.[1]??null}var yr=new Set(["Read","Write","Edit","MultiEdit","Bash","Glob","Grep","TodoWrite","WebFetch","WebSearch","Agent","Task"]);function ie(t){return !!t.slashSkill||t.toolCalls.some(n=>n.tool==="Skill")?t.toolCalls.some(n=>n.tool==="Skill"&&!n.synthetic||yr.has(n.tool))?"complete":"prerequisite_required":null}function ut(t,e){if(!t)return null;let r=se(t),n=[x.join(fe.homedir(),".claude","skills",r),x.join(e??"",".claude","skills",r)],o=null;for(let l of n)if(I.existsSync(x.join(l,"SKILL.md"))){o=l;break}if(!o)return null;let s=[];function i(l,c){for(let p of I.readdirSync(l,{withFileTypes:true})){if(Tr.has(p.name)||hr.has(p.name)||Er.has(x.extname(p.name)))continue;let S=c?`${c}/${p.name}`:p.name;p.isDirectory()?i(x.join(l,p.name),S):s.push(S);}}return i(o,""),s.length>0?s:null}function kr(t){try{let e=t.split(".")[1].replace(/-/g,"+").replace(/_/g,"/");return JSON.parse(Buffer.from(e,"base64").toString())}catch{return null}}function wr(t,e,r,n){return new Promise(o=>{let s=new URL(t),i=s.protocol==="https:",l=(i?Je__default.default:je__default.default).request({hostname:s.hostname,port:s.port||(i?443:80),path:s.pathname+s.search,method:"POST",headers:{"Content-Type":"application/json","Content-Length":Buffer.byteLength(e),Authorization:`Bearer ${String(r).replace(/[\r\n]/g,"")}`,FlowTenant:String(n).replace(/[\r\n]/g,"")}},c=>{c.resume(),o(c.statusCode??0);});l.on("error",()=>o(0)),l.setTimeout(5e3,()=>{l.destroy(),o(0);}),l.write(e),l.end();})}async function U(t,e={}){try{let r=at(process.env[_.ANTHROPIC_AUTH_TOKEN]);if(!r)return;let n,o=new Promise((T,m)=>{n=setTimeout(()=>m(new Error("getToken timeout")),4e3),n.unref();}),{accessToken:s}=await Promise.race([j(r),o]);clearTimeout(n);let i=kr(s);if(!i)return;let l=i.tenant||r.tenant,c=JSON.stringify({action:t,booster:gt().BOOSTER,metadata:e,success:!0,tenant:l,timestamp:new Date().toISOString(),os:process.platform,user:{email:i.email||"",id:i.sub||"",name:i.name||i.email||""}}),p=it(gt().API_URL),S=await wr(p,c,s,l);a("metrics.logEvent",`action=${t} status=${S}`);}catch(r){a("metrics.logEvent",`silenced error: ${r.message}`);}}var Lr=`\u26D4 Your Flow API key has expired. You no longer have access to Claude Code through the Flow platform. To restore observability and access, visit ${D()}/settings/api-keys to generate a new API key, then run: flow-ai-obs auth login`;async function bt(t,e=false){if(e){process.stdout.write(JSON.stringify({decision:"block",reason:Lr})+`
10
+ `);return}let n=!!(await v()).authError,o=t.session_id||"unknown",s=t.prompt||"",i=t.cwd||"",l=ee(t.transcript_path)||It(),c=oe(s),p=c?lt(c,i):null,S=c?ut(c,i):null;M(o,{traceId:It(),spanId:C(),startNs:L(),sessionId:o,prompt:s,cwd:i,traceName:l,transcriptPath:t.transcript_path||"",model:process.env[_.ANTHROPIC_MODEL]||"",toolCalls:[],spans:[],pendingTool:null,slashSkill:c,skillContent:p,skillArtifacts:S}),U("SESSION_STARTED",{traceType:c?"skill":"prompt",slashSkill:c,clientIdExpired:n}),a("UserPromptSubmit",`sid=${o}`,`traceName=${l}`,`slashSkill=${c}`),O(t);}async function ae(t){let e=t.session_id||"unknown",r=t.tool_name||"unknown",n=t.tool_input||{},o=B(e);o&&(o.pendingTool={name:r,inputStr:w(n,k.TOOL_INPUT),startNs:L()},M(e,o)),a("PreToolUse",`sid=${e}`,`tool=${r}`,`stateFound=${!!o}`),O(t);}var Ir={name:mt.SCOPE_NAME,version:mt.SCOPE_VERSION},f={TRACE_NAME:"langfuse.trace.name",TRACE_INPUT:"langfuse.trace.input",TRACE_OUTPUT:"langfuse.trace.output",TRACE_METADATA:"langfuse.trace.metadata",TRACE_TAGS:"langfuse.trace.tags",USER_ID:"langfuse.user.id",SESSION_ID:"langfuse.session.id",OBS_NAME:"langfuse.observation.name",OBS_INPUT:"langfuse.observation.input",OBS_OUTPUT:"langfuse.observation.output",OBS_LEVEL:"langfuse.observation.level",OBS_TYPE:"langfuse.observation.type",MODEL:"gen_ai.request.model",INPUT_TOKENS:"gen_ai.usage.input_tokens",OUTPUT_TOKENS:"gen_ai.usage.output_tokens"};function u(t,e){return e==null||e===""?null:{key:t,value:{stringValue:String(e)}}}function $(...t){return t.filter(e=>e!==null)}function ce(t,e){return {resourceSpans:[{resource:{attributes:t},scopeSpans:[{scope:Ir,spans:Array.isArray(e)?e:[e]}]}]}}var le=x.join(fe.tmpdir(),"flow-obs-requests.ndjson");function ue(t,e,r,n,o){if(process.env[_.FLOW_OBS_DEBUG]!=="1")return;let s=JSON.stringify({ts:new Date().toISOString(),request:{method:"POST",url:t,headers:e,body:JSON.parse(r)},response:{status:n,body:o}});try{I.writeFileSync(le,s+`
11
+ `,{flag:"a",encoding:"utf8",mode:384}),a("sendTraces:dump",`request appendada em ${le}`);}catch(i){a("sendTraces:dump",`falha ao salvar: ${i.message}`);}}function Cr(t){let e=new URL(t),r=new URL(G().GATEWAY_HEALTH);return r.hostname=e.hostname,r.port=e.port,r.protocol=e.protocol,r}function pe(t,e){return new Promise((r,n)=>{let o=t._isSSL?Je__default.default:je__default.default;t.headers=Object.assign({},t.headers,{Connection:"close"});let s=o.request(t,i=>{let l=[];i.on("data",c=>l.push(c)),i.on("end",()=>r({statusCode:i.statusCode??0,body:l.join("")}));});s.setTimeout(1e4,()=>{s.destroy(new Error("Request timeout"));}),s.on("error",i=>n(new Error(`Network error: ${i.message}`))),e&&s.write(e),s.end();})}async function de(t,e){let r;try{r=Cr(t);}catch{return false}let n=r.protocol==="https:";try{let o={};e&&(o.Authorization=String(e).replace(/[\r\n]/g,""));let s=await pe({hostname:r.hostname,port:r.port||(n?443:80),path:r.pathname,method:"GET",headers:o,_isSSL:n},null);return a("checkHealth",`url=${r.href} status=${s.statusCode}`),s.statusCode>=200&&s.statusCode<300}catch{return false}}async function pt(t,e,r){let n=JSON.stringify(t),o=new URL(e),s=o.protocol==="https:",i=String(r).replace(/[\r\n]/g,""),l={"Content-Type":"application/json",Authorization:i,"Content-Length":Buffer.byteLength(n)};a("sendTraces:request",`POST ${e}`),a("sendTraces:request",`headers=${JSON.stringify({...l,Authorization:i.slice(0,20)+"\u2026"})}`),a("sendTraces:request",`body=${n.slice(0,500)}${n.length>500?"\u2026":""}`);try{let c=await pe({hostname:o.hostname,port:o.port||(s?443:80),path:o.pathname,method:"POST",headers:l,_isSSL:s},n);return a("sendTraces:response",`status=${c.statusCode}`),ue(e,l,n,c.statusCode,c.body),c.statusCode}catch(c){return a("sendTraces:error",c.message),ue(e,l,n,0,c.message),0}}function Ur(){let t=parseInt(process.env[_.BUFFER_TTL_DAYS]??"",10);return (Number.isFinite(t)?Math.max(A.MIN_TTL_DAYS,Math.min(A.MAX_TTL_DAYS,t)):A.DEFAULT_TTL_DAYS)*24*60*60*1e3}function $r(){let t=parseInt(process.env[_.BUFFER_MAX_FILES]??"",10);return Number.isFinite(t)?Math.max(A.MIN_MAX_FILES,Math.min(A.MAX_MAX_FILES,t)):A.DEFAULT_MAX_FILES}function me(t){if(/[/\\]/.test(t))throw new Error(`Invalid buffer fileId: ${t}`);return x__default.default.join(fe__default.default.tmpdir(),`${A.FILE_PREFIX}${t}.json`)}function Ct(){let t=fe__default.default.tmpdir(),e;try{e=I__default.default.readdirSync(t);}catch{return []}return e.filter(r=>r.startsWith(A.FILE_PREFIX)&&r.endsWith(".json")).map(r=>{let n=x__default.default.join(t,r),o=0;try{o=I__default.default.statSync(n).mtimeMs;}catch{}return {full:n,mtime:o}}).sort((r,n)=>r.mtime-n.mtime).map(r=>r.full)}function K(t){try{let e=$r(),r=Ct();if(r.length>=e){let s=r.slice(0,r.length-e+1);for(let i of s)try{I__default.default.unlinkSync(i);}catch{}}let n=`${Date.now()}-${Math.random().toString(36).slice(2,8)}`,o={fileId:n,bufferedAt:Date.now(),payload:t};return I__default.default.writeFileSync(me(n),JSON.stringify(o),{encoding:"utf8",mode:384}),a("buffer",`saved fileId=${n}`),n}catch(e){return a("buffer",`saveToBuffer failed: ${e.message}`),null}}function ge(t){let e=Ct(),r=t,n=[];for(let o of e){if(n.length>=r)break;try{let s=I__default.default.readFileSync(o,"utf8"),i=JSON.parse(s);i&&i.fileId&&i.payload&&n.push(i);}catch{a("buffer",`skipping malformed file: ${o}`);}}return n}function _e(t){try{I__default.default.unlinkSync(me(t)),a("buffer",`deleted fileId=${t}`);}catch{}}function Se(){let t=Date.now()-Ur();for(let e of Ct())try{let{mtimeMs:r}=I__default.default.statSync(e);r<t&&(I__default.default.unlinkSync(e),a("buffer",`evicted stale: ${x__default.default.basename(e)}`));}catch{}}async function Fr(t){Se();let e=ge(A.REPLAY_BATCH_SIZE);e.length&&(a("replayBufferedTraces",`replaying ${e.length} buffered trace(s)`),await Promise.allSettled(e.map(async r=>{try{let n=await pt(r.payload,t.endpoint,t.authHeader);n>=200&&n<300?(_e(r.fileId),a("replayBufferedTraces",`replayed fileId=${r.fileId} status=${n}`)):a("replayBufferedTraces",`replay failed fileId=${r.fileId} status=${n}`);}catch(n){a("replayBufferedTraces",`replay error fileId=${r.fileId}: ${n.message}`);}})));}async function Te(t){let e=await v();if(!e.length)return e.authError&&(a("postToLangfuse","auth refresh failed \u2014 buffering trace"),K(t)),0;let r=await Promise.all(e.map(async s=>{if(s.mode!=="gateway")return {creds:s,healthy:true};let i=await de(s.endpoint,s.authHeader);return {creds:s,healthy:i}})),n=r.find(s=>s.creds.mode==="gateway"&&s.healthy)?.creds??r.find(s=>s.creds.mode==="direct")?.creds;return n&&await Fr(n),(await Promise.all(r.map(async({creds:s,healthy:i})=>{if(s.mode==="gateway"){if(!i)return a("postToLangfuse","gateway health check failed \u2014 buffering trace"),K(t),0;let c=await pt(t,s.endpoint,s.authHeader);return (c===0||c>=500)&&(a("postToLangfuse",`gateway send failed (status ${c}) \u2014 buffering trace`),K(t)),c}let l=await pt(t,s.endpoint,s.authHeader);return (l===0||l>=500)&&(a("postToLangfuse",`direct endpoint unavailable (status ${l}) \u2014 buffering trace`),K(t)),l}))).find(s=>s!==0)??0}var y="[REDACTED]",Dr="[REDACTED-EMAIL]",xr="[REDACTED-CPF]",Br="[REDACTED-CNPJ]",Ee="[REDACTED-PHONE]",Mr=[{re:/\b(sk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`sk-${y}`},{re:/\b(pk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`pk-${y}`},{re:/\b(Bearer\s+)[A-Za-z0-9\-._~+/]+=*/gi,replace:(t,e)=>`${e}${y}`},{re:/\b(Basic\s+)[A-Za-z0-9+/]+=*/gi,replace:(t,e)=>`${e}${y}`},{re:/(-----BEGIN [A-Z ]+-----)[^-]*(-----END [A-Z ]+-----)/g,replace:(t,e,r)=>`${e}
12
+ ${y}
13
+ ${r}`},{re:/\b(AKIA[0-9A-Z]{16})\b/g,replace:()=>`AKIA${y}`},{re:/(aws_secret_access_key\s*[=:]\s*)([A-Za-z0-9/+]{40})/gi,replace:(t,e)=>`${e}${y}`},{re:/\b(ghp_[A-Za-z0-9]{36,})/g,replace:()=>`ghp_${y}`},{re:/\b(github_pat_[A-Za-z0-9_]{36,})/gi,replace:()=>`github_pat_${y}`},{re:/\b(eyJ[A-Za-z0-9_\-]+\.eyJ[A-Za-z0-9_\-]+\.[A-Za-z0-9_\-]+)/g,replace:()=>`eyJ.${y}`},{re:/\b([A-Z0-9_]*(?:SECRET|TOKEN|KEY|PASSWORD|PASSWD|PWD|CREDENTIAL|API)[A-Z0-9_]*\s*=\s*)(['"]?)([^\s'"#\n]+)\2/gi,replace:(t,e,r)=>`${e}${r}${y}${r}`},{re:/([a-z][a-z0-9+\-.]*:\/\/[^:/?#\s]*):([^@\s]+)@/gi,replace:(t,e)=>`${e}:${y}@`},{re:/[a-zA-Z0-9._%+\-]+@[a-zA-Z0-9.\-]+\.[a-zA-Z]{2,}/g,replace:()=>Dr},{re:/\b\d{3}\.\d{3}\.\d{3}-\d{2}\b/g,replace:()=>xr},{re:/\b\d{2}\.\d{3}\.\d{3}\/\d{4}-\d{2}\b/g,replace:()=>Br},{re:/\(\d{2}\)\s?\d{4,5}[-\s]?\d{4}/g,replace:()=>Ee},{re:/\+55[\s-]?\d{2}[\s-]?\d{4,5}[-\s]?\d{4}/g,replace:()=>Ee}];function R(t){if(t==null)return "";let e=typeof t=="string"?t:JSON.stringify(t);return Mr.reduce((r,{re:n,replace:o})=>r.replace(n,o),e)}async function he(t){let e=t.session_id||"unknown",r=t.tool_name||"unknown",n=t.tool_input||{},o=t.tool_response,s=o!==null&&typeof o=="object"?o.output??JSON.stringify(o):o??"",i=B(e);if(!i){O(t);return}let l=L(),c=i.pendingTool,p=c?.name===r,S=p?c.startNs:String(BigInt(l)-200000000n),T=p?c.inputStr:w(n,k.TOOL_INPUT),m=T,g=null;if(r==="Skill"){let tt=typeof n=="object"&&n!==null?n.skill||n.name||n.skillName||n.commandName||String(Object.values(n)[0]??""):String(n);g=tt?String(tt).trim():null;let N=g?lt(g,i.cwd):null;N&&(m=N,i.skillContent||(i.skillContent=N),i.skillArtifacts||(i.skillArtifacts=ut(g,i.cwd))),g&&!i.slashSkill&&(i.slashSkill=g),a("PostToolUse","Skill tool detected",`skillName=${g}`,`contentFound=${!!N}`);}let E=R(w(s,k.TOOL_OUTPUT)),h=/\b(error|exception|failed|failure|traceback|errno)\b/i.test(E.slice(0,500)),q=h?"ERROR":"DEFAULT",V=C(),z=Math.round(Number(BigInt(l)-BigInt(S))/1e6),Z={Agent:"AGENT",Task:"AGENT"}[r]??"TOOL",Q=r==="Skill"&&g?g:ct(T,60);i.toolCalls.push({tool:r,brief:Q,error:h,durationMs:z});let Y=i.spans;Y.push({traceId:i.traceId,spanId:V,parentSpanId:i.spanId,name:r,kind:3,startTimeUnixNano:S,endTimeUnixNano:l,attributes:$(u(f.OBS_NAME,r),u(f.OBS_TYPE,Z),u(f.OBS_LEVEL,q),u(f.OBS_INPUT,R(m)),u(f.OBS_OUTPUT,E),u("tool.name",r),u("tool.error",String(h)),r==="Skill"&&g?u("skill.name",g):null,r==="Skill"?u("skill.invocation","slash-command"):null),status:{code:h?2:1}}),i.pendingTool=null,M(e,i),h&&U("TOOL_ERROR",{toolName:r}),a("PostToolUse",`sid=${e}`,`tool=${r}`,`error=${h}`,`durationMs=${z}`,`totalSpans=${Y.length}`),O(t);}var ye={"claude-opus-4-6":{input:15,output:75},"claude-opus-4-5":{input:15,output:75},"claude-sonnet-4-6":{input:3,output:15},"claude-sonnet-4-5":{input:3,output:15},"claude-haiku-4-5":{input:.8,output:4},"claude-4-6-opus":{input:15,output:75},"claude-4-6-sonnet":{input:3,output:15},"claude-4-5-opus":{input:15,output:75},"claude-4-5-sonnet":{input:3,output:15},"claude-4-5-haiku":{input:.8,output:4},"claude-3-5-sonnet-20241022":{input:3,output:15},"claude-3-5-haiku-20241022":{input:.8,output:4},"claude-3-opus-20240229":{input:15,output:75}};function Ae(t,e,r){let n=Object.keys(ye).find(i=>(t??"").toLowerCase().includes(i));if(!n)return;let o=ye[n],s=(e*o.input+r*o.output)/1e6;return Math.round(s*1e6)/1e6}async function Oe(t){let e=t.session_id||"unknown",r=t.stop_reason||"end_turn",n=B(e);if(!n){O(t);return}n.slashSkill&&!/^[a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?$/i.test(n.slashSkill)&&(a("Stop",`sid=${e}`,`slashSkill rejected post-disk: "${n.slashSkill}"`),n.slashSkill=null);let o=L(),s=await qt(),i=n.toolCalls,l=n.spans;if(n.slashSkill&&!i.some(d=>d.tool==="Skill")){let d=C(),P=n.skillContent?n.skillContent:JSON.stringify({skill:n.slashSkill});i.push({tool:"Skill",brief:n.slashSkill,error:false,durationMs:0,synthetic:true}),l.push({traceId:n.traceId,spanId:d,parentSpanId:n.spanId,name:"Skill",kind:3,startTimeUnixNano:n.startNs,endTimeUnixNano:n.startNs,attributes:$(u(f.OBS_NAME,"Skill"),u(f.OBS_TYPE,"TOOL"),u(f.OBS_LEVEL,"DEFAULT"),u(f.OBS_INPUT,P),u(f.OBS_OUTPUT,"loaded via slash command"),u("tool.name","Skill"),u("tool.error","false"),u("skill.name",n.slashSkill),u("skill.invocation","slash-command")),status:{code:1}}),a("Stop",`slashSkill=${n.slashSkill}`,"synthetic span injected");}let c=t.transcript_path||n.transcriptPath||"",p=Pt(c);if(c&&(i.some(d=>d.tool==="Skill"&&!d.synthetic)||!!n.slashSkill)&&!p?.text){await new Promise(P=>setTimeout(P,500));let d=Pt(c);d?.text&&(p=d);}a("Stop",`transcriptPath=${c||"(empty)"}`,`assistantOut=${p?`text=${p.text.length}chars`:"null"}`);let T=i.length,m=i.filter(d=>d.error).length,g=R(p?.text?w(p.text,k.TRACE_OUTPUT):T===0?"No tools used":i.map((d,P)=>`${P+1}. ${d.tool}${d.brief?` \u2192 ${d.brief}`:""}${d.error?" [ERROR]":""}`).join(`
14
+ `)),E=p?.inputTokens??0,h=p?.outputTokens??0,q=i.map((d,P)=>`${P+1}. ${d.tool}${d.brief?` \u2192 ${d.brief}`:""}${d.error?" [ERROR]":""} (${d.durationMs}ms)`),V=!!(n.slashSkill||i.some(d=>d.tool==="Skill")),z=i.some(d=>d.tool==="Agent");if(!V&&!z){a("Stop",`sid=${e}`,"skipping trace \u2014 no Skill or Agent calls found"),U("TRACE_SKIPPED",{reason:"no_skill_or_agent"}),Nt(e),O(t);return}let X=V?"skill":"agent",Z=Math.round(Number(BigInt(o)-BigInt(n.startNs))/1e6),Q=Ae(n.model,E,h),F=ie(n);F==="prerequisite_required"&&p?.text&&(F="complete"),F==="prerequisite_required"&&(l.push({traceId:n.traceId,spanId:C(),parentSpanId:n.spanId,name:"prerequisite-check",kind:3,startTimeUnixNano:n.startNs,endTimeUnixNano:o,attributes:$(u(f.OBS_NAME,"prerequisite-check"),u(f.OBS_TYPE,"EVENT"),u(f.OBS_LEVEL,"WARNING"),u(f.OBS_OUTPUT,g),u("skill.name",n.slashSkill||void 0),u("execution_status","prerequisite_required")),status:{code:1}}),a("Stop",`sid=${e}`,"prerequisite-check span injected",`skill=${n.slashSkill}`));let Y=(()=>{if(!(!V||!n.prompt)){if(n.slashSkill){let d=n.prompt.replace(new RegExp(`^\\/${n.slashSkill}\\s*`,"i"),"").trim();return d?w(R(d),k.USER_INSTRUCTION):void 0}return w(R(n.prompt),k.USER_INSTRUCTION)||void 0}})(),tt=JSON.stringify({trace_type:X,...F!==null&&{execution_status:F},...n.slashSkill?{skill_name:n.slashSkill}:{},...n.skillArtifacts?.length&&{skill_artifacts:n.skillArtifacts},...Y!==void 0&&{user_instruction:Y},latency_ms:Z,...E&&{tokens_input:E},...h&&{tokens_output:h},cost_usd:Q,...n.model?{model:n.model}:{},toolCount:T,errorCount:m,stopReason:r,sessionId:n.sessionId,tools:q.length?q:void 0}),N=R(w(n.prompt,k.TRACE_INPUT)),ke=$(u(f.TRACE_NAME,n.traceName),u(f.TRACE_INPUT,N),u(f.TRACE_OUTPUT,g),u(f.OBS_INPUT,N),u(f.OBS_OUTPUT,g),u(f.TRACE_METADATA,tt),u(f.SESSION_ID,n.sessionId),u(f.USER_ID,s.user),u(f.OBS_TYPE,"GENERATION"),u(f.MODEL,n.model),E?u(f.INPUT_TOKENS,E):null,h?u(f.OUTPUT_TOKENS,h):null,u("claude.stop_reason",r),u("claude.tool_count",String(T)),u("claude.error_count",String(m)),u("claude.session_id",n.sessionId),u("flow.trace_type",X),{key:f.TRACE_TAGS,value:{arrayValue:{values:[{stringValue:X}]}}}),we={traceId:n.traceId,spanId:n.spanId,name:n.traceName,kind:1,startTimeUnixNano:n.startNs,endTimeUnixNano:o,attributes:ke,status:{code:m>0?2:1}},Le=$(u("service.name",process.env.LANGFUSE_PROJECT_NAME||"claude-code"),u("deployment.environment",process.env.LANGFUSE_ENVIRONMENT||"default")),Ut=[...l,we];a("Stop",`sid=${e}`,`totalTools=${T}`,`errorTools=${m}`,`spans=${Ut.length}`,`inputTokens=${E}`,`outputTokens=${h}`,`traceOutput="${ct(g,80)}"`);let Ie=await Te(ce(Le,Ut));a("Stop",`POST status=${Ie}`,`traceId=${n.traceId}`),U("TRACE_SENT",{latencyMs:Z,totalTools:T,errorTools:m,inputTokens:E,outputTokens:h,costUsd:Q}),Nt(e),O(t);}async function Hr(){let t=process.argv[2];if(t==="UserPromptSubmit"){let r=await Lt(),n;try{n=await v();}catch{process.stdout.write(JSON.stringify(r));return}n.authError?await bt(r,true):n.length>0?await bt(r):process.stdout.write(JSON.stringify(r));return}if(!await zt()){let r=[];process.stdin.on("data",n=>r.push(n)),process.stdin.on("end",()=>process.stdout.write(r.join("")));return}let e=await Lt();switch(t){case "PreToolUse":await ae(e);break;case "PostToolUse":await he(e);break;case "Stop":await Oe(e);break;default:process.stderr.write(`[flow-obs] unknown event: ${t}
15
+ `),process.stdout.write(JSON.stringify(e));}}Hr().catch(t=>{process.stderr.write(`[flow-obs] fatal: ${t.message}
16
16
  `),process.exit(0);});
package/dist/setup.js CHANGED
@@ -1,12 +1,12 @@
1
1
  #!/usr/bin/env node
2
- 'use strict';var child_process=require('child_process'),util=require('util'),i=require('fs'),l=require('path'),h=require('os'),Ve=require('https');require('readline/promises');function _interopDefault(e){return e&&e.__esModule?e:{default:e}}function _interopNamespace(e){if(e&&e.__esModule)return e;var n=Object.create(null);if(e){Object.keys(e).forEach(function(k){if(k!=='default'){var d=Object.getOwnPropertyDescriptor(e,k);Object.defineProperty(n,k,d.get?d:{enumerable:true,get:function(){return e[k]}});}})}n.default=e;return Object.freeze(n)}var i__namespace=/*#__PURE__*/_interopNamespace(i);var l__namespace=/*#__PURE__*/_interopNamespace(l);var h__namespace=/*#__PURE__*/_interopNamespace(h);var Ve__default=/*#__PURE__*/_interopDefault(Ve);var de=Object.defineProperty;var y=(e=>typeof require<"u"?require:typeof Proxy<"u"?new Proxy(e,{get:(t,r)=>(typeof require<"u"?require:t)[r]}):e)(function(e){if(typeof require<"u")return require.apply(this,arguments);throw Error('Dynamic require of "'+e+'" is not supported')});var A=(e,t,r)=>()=>{if(r)throw r[0];try{return e&&(t=e(e=0)),t}catch(n){throw r=[n],n}};var fe=(e,t)=>()=>{try{return t||e((t={exports:{}}).exports,t),t.exports}catch(r){throw t=0,r}},O=(e,t)=>{for(var r in t)de(e,r,{get:t[r],enumerable:true});};var W={};O(W,{MacOsKeyVaultProvider:()=>I});var k,I,B=A(()=>{"use strict";k=util.promisify(child_process.execFile),I=class{static async isAvailable(){try{return i.accessSync("/usr/bin/security",i.constants.X_OK),!0}catch{return !1}}async getSecret(t,r){try{let{stdout:n}=await k("security",["find-generic-password","-w","-a",r,"-s",t]);return n.trim()||null}catch{return null}}async setSecret(t,r,n){await k("security",["add-generic-password","-U","-a",r,"-s",t,"-w",n]);}async deleteSecret(t,r){try{return await k("security",["delete-generic-password","-a",r,"-s",t]),!0}catch{return !1}}getStoragePath(){return "macOS Keychain"}};});var J={};O(J,{LinuxKeyVaultProvider:()=>N});var K,N,X=A(()=>{"use strict";K=util.promisify(child_process.execFile),N=class{static async isAvailable(){let t=["/usr/bin/secret-tool","/bin/secret-tool","/usr/local/bin/secret-tool"];for(let r of t)try{return i.accessSync(r,i.constants.X_OK),!0}catch{}return !1}async getSecret(t,r){try{let{stdout:n}=await K("secret-tool",["lookup","service",t,"account",r]);return n.trim()||null}catch{return null}}async setSecret(t,r,n){await new Promise((o,s)=>{let a=child_process.spawn("secret-tool",["store","--label",t,"service",t,"account",r]);a.on("error",s),a.on("close",d=>{d===0?o():s(new Error(`secret-tool exited with code ${d}`));}),a.stdin.write(n),a.stdin.end();});}async deleteSecret(t,r){try{return await K("secret-tool",["clear","service",t,"account",r]),!0}catch{return !1}}getStoragePath(){return "Linux Secret Service (libsecret)"}};});var q={};O(q,{WindowsKeyVaultProvider:()=>C});var C,z=A(()=>{"use strict";C=class{static async isAvailable(){try{return await y("keytar").getPassword("__flow_probe__","__flow_probe__"),!0}catch{return !1}}async getSecret(t,r){return y("keytar").getPassword(t,r)}async setSecret(t,r,n){await y("keytar").setPassword(t,r,n);}async deleteSecret(t,r){return y("keytar").deletePassword(t,r)}getStoragePath(){return "Windows Credential Manager"}};});var ie=fe((zt,Me)=>{Me.exports={name:"@ciandt-flow/flow-ai-obs",version:"0.7.1-beta.539",description:"Claude Code hooks for Langfuse OTLP tracing \u2014 cross-platform",main:"dist/index.js",bin:{"flow-ai-obs":"dist/cli.js","flow-ai-obs-setup":"dist/setup.js"},scripts:{build:"tsup",test:"jest",typecheck:"tsc --noEmit",lint:"eslint src bin scripts",format:'prettier --write "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"format:check":'prettier --check "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"security-scan":"trufflehog filesystem src/ --fail --no-update --exclude-paths .trufflehogignore",postinstall:`node -e "require('fs').existsSync('dist/setup.js') && require('child_process').execFileSync(process.execPath, ['dist/setup.js'], {stdio:'inherit'})"`,prepublishOnly:"npm run security-scan && npm run build","release:npm":"changeset publish",changeset:"changeset","version-packages":"changeset version","install:hooks":"node dist/cli.js install","auth:login":"node dist/cli.js auth login","auth:logout":"node dist/cli.js auth logout","auth:status":"node dist/cli.js auth status",smoke:"bash scripts/smoke-test.sh","smoke:debug":"bash scripts/smoke-test.sh --debug","smoke:send":"bash scripts/smoke-test.sh --send --allow-http --debug"},files:["dist/","README.md","LICENSE.md"],keywords:["claude-code","langfuse","observability","otlp","hooks","flow","ciandt"],author:"CI&T Flow Team",license:"SEE LICENSE IN LICENSE.md",private:!1,dependencies:{},optionalDependencies:{keytar:"7.9.0"},devDependencies:{"@changesets/changelog-github":"^0.6.0","@changesets/cli":"^2.30.0","@types/jest":"^30.0.0","@types/node":"^25.8.0",jest:"^30.4.2","ts-jest":"^29.4.9",tsup:"^8.5.1","eslint-config-prettier":"^10.1.5",prettier:"^3.5.3",typescript:"^6.0.3","typescript-eslint":"^8.33.0"},engines:{node:">=18.0.0"},overrides:{esbuild:"^0.28.1"},publishConfig:{registry:"https://registry.npmjs.org",access:"public"},repository:{type:"git",url:"git+https://github.com/CI-T-HyperX/flow-codeassistant-observability.git"}};});var me="https://flow.ciandt.com";function v(){let e=process.env.FLOW_BASE_URL;return e&&e.trim()?e.trim():me}function L(){let e=v();return {AUTH_ENGINE:process.env.FLOW_AUTH_ENGINE_URL||`${e}/auth-engine-api/v2/api-key/token`,GATEWAY_TRACES:process.env.FLOW_GATEWAY_TRACES_URL||`${e}/flow-langfuse-gateway/v1/traces`,GATEWAY_HEALTH:process.env.FLOW_GATEWAY_HEALTH_URL||`${e}/flow-langfuse-gateway/v1/health`,OTEL_ENDPOINT:process.env.FLOW_OTEL_ENDPOINT_URL||`${e}/otel`}}var ge=L(),T={SERVICE:"flow-plugins-cli",ACCOUNT_CREDS:"credentials"},_="FLOW-nodejs",S="config.json";function x(){let e=v();return {ANTHROPIC_BASE_URL:process.env.FLOW_LLM_PROXY_URL??`${e}/flow-llm-proxy/`,ANTHROPIC_MODEL:process.env.FLOW_LLM_PROXY_MODEL??"anthropic.claude-4-6-sonnet",ANTHROPIC_SMALL_FAST_MODEL:process.env.FLOW_LLM_PROXY_SMALL_MODEL??"anthropic.claude-4-6-sonnet",CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS:"1"}}var M={CLAUDE_CODE_ENABLE_TELEMETRY:"1",OTEL_EXPORTER_OTLP_ENDPOINT:ge.OTEL_ENDPOINT,OTEL_EXPORTER_OTLP_PROTOCOL:"http/json",OTEL_METRICS_EXPORTER:"otlp",OTEL_LOGS_EXPORTER:"otlp",OTEL_LOG_TOOL_DETAILS:"1",OTEL_LOG_USER_PROMPTS:"1"},f={FLOW_TELEMETRY:"FLOW_TELEMETRY",FLOW_TELEMETRY_GATEWAY:"FLOW_TELEMETRY_GATEWAY_URL",LANGFUSE_BASE_URL:"LANGFUSE_BASE_URL",LANGFUSE_PUBLIC_KEY:"LANGFUSE_PUBLIC_KEY",LANGFUSE_SECRET_KEY:"LANGFUSE_SECRET_KEY",ANTHROPIC_MODEL:"ANTHROPIC_MODEL",ANTHROPIC_AUTH_TOKEN:"ANTHROPIC_AUTH_TOKEN",FLOW_OBS_DEBUG:"FLOW_TELEMETRY_DEBUG",FLOW_OBS_ALLOW_HTTP:"FLOW_TELEMETRY_ALLOW_HTTP",BUFFER_TTL_DAYS:"FLOW_TELEMETRY_BUFFER_TTL_DAYS",BUFFER_MAX_FILES:"FLOW_TELEMETRY_BUFFER_MAX_FILES"};var V={LOCK_STALE_MS:3e4},Y={UserPromptSubmit:5,PreToolUse:3,PostToolUse:10,Stop:15};var j="flow-ai-obs-debug.log";var R={credentials:"credentials","token-cache":"tokenCache"};function m(){let e=h__namespace.default.homedir();if(process.platform==="darwin")return l__namespace.default.join(e,"Library","Preferences",_,S);if(process.platform==="win32"){let r=process.env.APPDATA??l__namespace.default.join(e,"AppData","Roaming");return l__namespace.default.join(r,_,S)}let t=process.env.XDG_CONFIG_HOME??l__namespace.default.join(e,".config");return l__namespace.default.join(t,_,S)}function P(){try{let e=i__namespace.default.readFileSync(m(),"utf8");return JSON.parse(e)}catch{return {}}}function G(e){let t=m();i__namespace.default.mkdirSync(l__namespace.default.dirname(t),{recursive:true}),i__namespace.default.writeFileSync(t,JSON.stringify(e,null,2),{encoding:"utf8",mode:384});}var w=class{static isAvailable(){return true}static hasExistingData(){try{if(!i__namespace.default.existsSync(m()))return !1;let t=JSON.parse(i__namespace.default.readFileSync(m(),"utf8"));return !!(t&&t.credentials)}catch{return false}}async getSecret(t,r){let n=P(),o=R[r]??r,s=n[o];return s?typeof s=="string"?s:JSON.stringify(s):null}async setSecret(t,r,n){let o=P(),s=R[r]??r;if(r==="token-cache")try{o[s]=JSON.parse(n);}catch{o[s]=n;}else o[s]=n;G(o);}async deleteSecret(t,r){let n=P(),o=R[r]??r;return o in n?(delete n[o],G(n),true):false}getStoragePath(){return `config.json (unencrypted) \u2014 ${m()}`}};async function Z(){return await Le()??new w}async function Le(){switch(process.platform){case "darwin":{let{MacOsKeyVaultProvider:e}=await Promise.resolve().then(()=>(B(),W));return await e.isAvailable()?new e:null}case "linux":{let{LinuxKeyVaultProvider:e}=await Promise.resolve().then(()=>(X(),J));return await e.isAvailable()?new e:null}case "win32":{let{WindowsKeyVaultProvider:e}=await Promise.resolve().then(()=>(z(),q));return await e.isAvailable()?new e:null}default:return null}}var Re=T.SERVICE,Pe=T.ACCOUNT_CREDS,b=null;function ke(){return b||(b=Z()),b}async function U(){let t=await(await ke()).getSecret(Re,Pe);if(!t)return null;try{return JSON.parse(t)}catch{return null}}l.join(h.tmpdir(),j);!process.env.NO_COLOR&&process.stdout.isTTY;function F(){return process.platform==="win32"?false:process.getuid?.()===0}function $(){if(process.env.WSL_DISTRO_NAME&&process.platform==="linux"){let e=process.env.USERPROFILE;if(!e){let r=child_process.spawnSync("cmd.exe",["/c","echo","%USERPROFILE%"],{encoding:"utf8",timeout:5e3}).stdout?.trim();r&&/^[A-Za-z]:\\/.test(r)&&(e=r);}if(e){let t=e.replace(/^([A-Za-z]):/,(r,n)=>`/mnt/${n.toLowerCase()}`).replace(/\\/g,"/");return l__namespace.join(t,".claude","settings.json")}return l__namespace.join(h__namespace.homedir(),".claude","settings.json")}if(process.platform==="win32"){let e=process.env.USERPROFILE||h__namespace.homedir();return l__namespace.join(e,".claude","settings.json")}if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let t=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(t)return l__namespace.join(t,".claude","settings.json")}return l__namespace.join(h__namespace.homedir(),".claude","settings.json")}var De=V.LOCK_STALE_MS;function ee(e){try{let t=i__namespace.statSync(e);Date.now()-t.mtimeMs>De&&i__namespace.unlinkSync(e);}catch{}try{i__namespace.writeFileSync(e,String(process.pid),{flag:"wx"});}catch(t){throw t.code==="EEXIST"?new Error("Another install is already in progress. If this is stale, remove: "+e):t}}function te(e){try{i__namespace.unlinkSync(e);}catch{}}function He(e,t){let n=(Array.isArray(e)?e:[]).map(o=>{if(!Array.isArray(o?.hooks))return null;let s=o.hooks.filter(a=>!a.command?.startsWith?.("flow-ai-obs "));return s.length>0?{...o,hooks:s}:null}).filter(o=>o!=null);return [t,...n]}function re(){let e=$(),t=e+".lock",r=[];i__namespace.mkdirSync(l__namespace.dirname(e),{recursive:true}),ee(t);try{if(i__namespace.existsSync(e)){i__namespace.copyFileSync(e,e+".bkp");try{i__namespace.chmodSync(e+".bkp",384);}catch{}}let n={};try{n=JSON.parse(i__namespace.readFileSync(e,"utf8"));}catch{}let o=n.env&&typeof n.env=="object"?n.env:{};delete o.OTEL_EXPORTER_OTLP_HEADERS,n.env={...o,...M,...x()},n.otelHeadersHelper="flow-ai-obs otel-headers",(!n.hooks||typeof n.hooks!="object"||Array.isArray(n.hooks))&&(n.hooks={});let s=(c,E)=>({matcher:"",hooks:[{type:"command",command:`flow-ai-obs ${c}`,timeout:E}]}),a=["UserPromptSubmit","PreToolUse","PostToolUse","Stop"],d=n.hooks;for(let c of a){let E=He(d[c],s(c,Y[c]));E.length>1&&r.push(c),d[c]=E;}i__namespace.writeFileSync(e,JSON.stringify(n,null,2)+`
3
- `,{encoding:"utf8",mode:384});try{i__namespace.chmodSync(e,384);}catch{}}finally{te(t);}return {settingsPath:e,preserved:r}}function ne(e){let t=$(),r=t+".lock";i__namespace.mkdirSync(l__namespace.dirname(t),{recursive:true}),ee(r);try{let n={};try{n=JSON.parse(i__namespace.readFileSync(t,"utf8"));}catch{}(!n.env||typeof n.env!="object")&&(n.env={}),Object.assign(n.env,e),i__namespace.writeFileSync(t,JSON.stringify(n,null,2)+`
4
- `,{encoding:"utf8",mode:384});try{i__namespace.chmodSync(t,384);}catch{}}finally{te(r);}}function oe(e){if(!e)return null;try{let t=e.split(".");if(t.length<2)return null;let r=JSON.parse(Buffer.from(t[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8")),{clientId:n,clientSecret:o,tenant:s}=r;return !n||!o||!s?null:{clientId:n,clientSecret:o,tenant:s}}catch{return null}}function se(e){let t=Buffer.from(JSON.stringify({alg:"none",typ:"JWT"})).toString("base64url"),r=Buffer.from(JSON.stringify({clientId:e.clientId,clientSecret:e.clientSecret,tenant:e.tenant})).toString("base64url");return `${t}.${r}.`}var H;function ce(){return H||(H=ie()),H}var le=l__namespace.default.join(h__namespace.default.tmpdir(),"flow-obs-update-cache.json"),Ge=1440*60*1e3,We=3e3;function Be(e,t){let r=s=>{let a=String(s).replace(/^v/,"").match(/^(\d+)\.(\d+)\.(\d+)/);return a?[+a[1],+a[2],+a[3]]:null},n=r(e),o=r(t);return !n||!o?false:o[0]!==n[0]?o[0]>n[0]:o[1]!==n[1]?o[1]>n[1]:o[2]>n[2]}function Ke(){try{let e=JSON.parse(i__namespace.default.readFileSync(le,"utf8"));return typeof e.latestVersion!="string"||Date.now()-e.checkedAt>=Ge?null:e}catch{return null}}function Je(e,t,r=Date.now()){try{i__namespace.default.writeFileSync(le,JSON.stringify({latestVersion:e,updatePriority:t??null,checkedAt:r}),{mode:384});}catch{}}function Xe(e){let t=ce().name,r=Ve__default.default.get(`https://registry.npmjs.org/${encodeURIComponent(t)}/latest`,{timeout:We},n=>{if(n.statusCode!==200)return n.resume(),e(new Error(`HTTP ${n.statusCode}`));let o="";n.setEncoding("utf8"),n.on("data",s=>{o+=s;}),n.on("end",()=>{try{let s=JSON.parse(o);if(typeof s.version!="string")throw new Error("no version field");e(null,{version:s.version,updatePriority:typeof s.updatePriority=="string"?s.updatePriority:null});}catch(s){e(s);}});});r.on("error",e),r.on("timeout",()=>{r.destroy(new Error("timeout"));});}function ue(){try{if(Ke())return;setImmediate(()=>{Xe((e,t)=>{e||!t||Be(ce().version,t.version)&&Je(t.version,t.updatePriority,0);});});}catch{}}var qe=l__namespace.default.resolve(__dirname,".."),ze=process.env.INIT_CWD?l__namespace.default.resolve(process.env.INIT_CWD):null;ze===qe&&process.exit(0);F()&&(process.stderr.write(`
2
+ 'use strict';var child_process=require('child_process'),util=require('util'),i=require('fs'),u=require('path'),l=require('os'),Ke=require('https');require('readline/promises');function _interopDefault(e){return e&&e.__esModule?e:{default:e}}function _interopNamespace(e){if(e&&e.__esModule)return e;var n=Object.create(null);if(e){Object.keys(e).forEach(function(k){if(k!=='default'){var d=Object.getOwnPropertyDescriptor(e,k);Object.defineProperty(n,k,d.get?d:{enumerable:true,get:function(){return e[k]}});}})}n.default=e;return Object.freeze(n)}var i__namespace=/*#__PURE__*/_interopNamespace(i);var u__namespace=/*#__PURE__*/_interopNamespace(u);var l__namespace=/*#__PURE__*/_interopNamespace(l);var Ke__default=/*#__PURE__*/_interopDefault(Ke);var Te=Object.defineProperty;var T=(e=>typeof require<"u"?require:typeof Proxy<"u"?new Proxy(e,{get:(t,n)=>(typeof require<"u"?require:t)[n]}):e)(function(e){if(typeof require<"u")return require.apply(this,arguments);throw Error('Dynamic require of "'+e+'" is not supported')});var A=(e,t,n)=>()=>{if(n)throw n[0];try{return e&&(t=e(e=0)),t}catch(r){throw n=[r],r}};var _e=(e,t)=>()=>{try{return t||e((t={exports:{}}).exports,t),t.exports}catch(n){throw t=0,n}},L=(e,t)=>{for(var n in t)Te(e,n,{get:t[n],enumerable:true});};var J={};L(J,{MacOsKeyVaultProvider:()=>N});var C,N,K=A(()=>{"use strict";C=util.promisify(child_process.execFile),N=class{static async isAvailable(){try{return i.accessSync("/usr/bin/security",i.constants.X_OK),!0}catch{return !1}}async getSecret(t,n){try{let{stdout:r}=await C("security",["find-generic-password","-w","-a",n,"-s",t]);return r.trim()||null}catch{return null}}async setSecret(t,n,r){await C("security",["add-generic-password","-U","-a",n,"-s",t,"-w",r]);}async deleteSecret(t,n){try{return await C("security",["delete-generic-password","-a",n,"-s",t]),!0}catch{return !1}}getStoragePath(){return "macOS Keychain"}};});var q={};L(q,{LinuxKeyVaultProvider:()=>b});var X,b,z=A(()=>{"use strict";X=util.promisify(child_process.execFile),b=class{static async isAvailable(){let t=["/usr/bin/secret-tool","/bin/secret-tool","/usr/local/bin/secret-tool"];for(let n of t)try{return i.accessSync(n,i.constants.X_OK),!0}catch{}return !1}async getSecret(t,n){try{let{stdout:r}=await X("secret-tool",["lookup","service",t,"account",n]);return r.trim()||null}catch{return null}}async setSecret(t,n,r){await new Promise((s,o)=>{let a=child_process.spawn("secret-tool",["store","--label",t,"service",t,"account",n]);a.on("error",o),a.on("close",y=>{y===0?s():o(new Error(`secret-tool exited with code ${y}`));}),a.stdin.write(r),a.stdin.end();});}async deleteSecret(t,n){try{return await X("secret-tool",["clear","service",t,"account",n]),!0}catch{return !1}}getStoragePath(){return "Linux Secret Service (libsecret)"}};});var Z={};L(Z,{WindowsKeyVaultProvider:()=>U});var U,Q=A(()=>{"use strict";U=class{static async isAvailable(){try{return await T("keytar").getPassword("__flow_probe__","__flow_probe__"),!0}catch{return !1}}async getSecret(t,n){return T("keytar").getPassword(t,n)}async setSecret(t,n,r){await T("keytar").setPassword(t,n,r);}async deleteSecret(t,n){return T("keytar").deletePassword(t,n)}getStoragePath(){return "Windows Credential Manager"}};});var fe=_e((an,Je)=>{Je.exports={name:"@ciandt-flow/flow-ai-obs",version:"0.7.1-beta.547",description:"Claude Code hooks for Langfuse OTLP tracing \u2014 cross-platform",main:"dist/index.js",bin:{"flow-ai-obs":"dist/cli.js","flow-ai-obs-setup":"dist/setup.js"},scripts:{build:"tsup",test:"jest",typecheck:"tsc --noEmit",lint:"eslint src bin scripts",format:'prettier --write "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"format:check":'prettier --check "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"security-scan":"trufflehog filesystem src/ --fail --no-update --exclude-paths .trufflehogignore",postinstall:`node -e "require('fs').existsSync('dist/setup.js') && require('child_process').execFileSync(process.execPath, ['dist/setup.js'], {stdio:'inherit'})"`,prepublishOnly:"npm run security-scan && npm run build","release:npm":"changeset publish",changeset:"changeset","version-packages":"changeset version","install:hooks":"node dist/cli.js install","auth:login":"node dist/cli.js auth login","auth:logout":"node dist/cli.js auth logout","auth:status":"node dist/cli.js auth status",smoke:"bash scripts/smoke-test.sh","smoke:debug":"bash scripts/smoke-test.sh --debug","smoke:send":"bash scripts/smoke-test.sh --send --allow-http --debug"},files:["dist/","README.md","LICENSE.md"],keywords:["claude-code","langfuse","observability","otlp","hooks","flow","ciandt"],author:"CI&T Flow Team",license:"SEE LICENSE IN LICENSE.md",private:!1,dependencies:{},optionalDependencies:{keytar:"7.9.0"},devDependencies:{"@changesets/changelog-github":"^0.6.0","@changesets/cli":"^2.30.0","@types/jest":"^30.0.0","@types/node":"^25.8.0",jest:"^30.4.2","ts-jest":"^29.4.9",tsup:"^8.5.1","eslint-config-prettier":"^10.1.5",prettier:"^3.5.3",typescript:"^6.0.3","typescript-eslint":"^8.33.0"},engines:{node:">=18.0.0"},overrides:{esbuild:"^0.28.1"},publishConfig:{registry:"https://registry.npmjs.org",access:"public"},repository:{type:"git",url:"git+https://github.com/CI-T-HyperX/flow-codeassistant-observability.git"}};});var Se="https://flow.ciandt.com";function R(){let e=process.env.FLOW_BASE_URL;return e&&e.trim()?e.trim():Se}function k(){let e=R();return {AUTH_ENGINE:process.env.FLOW_AUTH_ENGINE_URL||`${e}/auth-engine-api/v2/api-key/token`,GATEWAY_TRACES:process.env.FLOW_GATEWAY_TRACES_URL||`${e}/flow-langfuse-gateway/v1/traces`,GATEWAY_HEALTH:process.env.FLOW_GATEWAY_HEALTH_URL||`${e}/flow-langfuse-gateway/v1/health`,OTEL_ENDPOINT:process.env.FLOW_OTEL_ENDPOINT_URL||`${e}/otel`}}var we=k(),_={SERVICE:"flow-plugins-cli",ACCOUNT_CREDS:"credentials"},S="FLOW-nodejs",w="config.json";function V(){let e=R();return {ANTHROPIC_BASE_URL:process.env.FLOW_LLM_PROXY_URL??`${e}/flow-llm-proxy/`,ANTHROPIC_MODEL:process.env.FLOW_LLM_PROXY_MODEL??"anthropic.claude-4-6-sonnet",ANTHROPIC_SMALL_FAST_MODEL:process.env.FLOW_LLM_PROXY_SMALL_MODEL??"anthropic.claude-4-6-sonnet",CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS:"1"}}var j={CLAUDE_CODE_ENABLE_TELEMETRY:"1",OTEL_EXPORTER_OTLP_ENDPOINT:we.OTEL_ENDPOINT,OTEL_EXPORTER_OTLP_PROTOCOL:"http/json",OTEL_METRICS_EXPORTER:"otlp",OTEL_LOGS_EXPORTER:"otlp",OTEL_LOG_TOOL_DETAILS:"1",OTEL_LOG_USER_PROMPTS:"1"},f={FLOW_TELEMETRY:"FLOW_TELEMETRY",FLOW_TELEMETRY_GATEWAY:"FLOW_TELEMETRY_GATEWAY_URL",LANGFUSE_BASE_URL:"LANGFUSE_BASE_URL",LANGFUSE_PUBLIC_KEY:"LANGFUSE_PUBLIC_KEY",LANGFUSE_SECRET_KEY:"LANGFUSE_SECRET_KEY",ANTHROPIC_MODEL:"ANTHROPIC_MODEL",ANTHROPIC_AUTH_TOKEN:"ANTHROPIC_AUTH_TOKEN",FLOW_OBS_DEBUG:"FLOW_TELEMETRY_DEBUG",FLOW_OBS_ALLOW_HTTP:"FLOW_TELEMETRY_ALLOW_HTTP",BUFFER_TTL_DAYS:"FLOW_TELEMETRY_BUFFER_TTL_DAYS",BUFFER_MAX_FILES:"FLOW_TELEMETRY_BUFFER_MAX_FILES"};var Y={LOCK_STALE_MS:3e4},G={UserPromptSubmit:5,PreToolUse:3,PostToolUse:10,Stop:15};var W="flow-ai-obs-debug.log";var P={credentials:"credentials","token-cache":"tokenCache"};function m(){let e=l__namespace.default.homedir();if(process.platform==="darwin")return u__namespace.default.join(e,"Library","Preferences",S,w);if(process.platform==="win32"){let n=process.env.APPDATA??u__namespace.default.join(e,"AppData","Roaming");return u__namespace.default.join(n,S,w)}let t=process.env.XDG_CONFIG_HOME??u__namespace.default.join(e,".config");return u__namespace.default.join(t,S,w)}function I(){try{let e=i__namespace.default.readFileSync(m(),"utf8");return JSON.parse(e)}catch{return {}}}function B(e){let t=m();i__namespace.default.mkdirSync(u__namespace.default.dirname(t),{recursive:true}),i__namespace.default.writeFileSync(t,JSON.stringify(e,null,2),{encoding:"utf8",mode:384});}var v=class{static isAvailable(){return true}static hasExistingData(){try{if(!i__namespace.default.existsSync(m()))return !1;let t=JSON.parse(i__namespace.default.readFileSync(m(),"utf8"));return !!(t&&t.credentials)}catch{return false}}async getSecret(t,n){let r=I(),s=P[n]??n,o=r[s];return o?typeof o=="string"?o:JSON.stringify(o):null}async setSecret(t,n,r){let s=I(),o=P[n]??n;if(n==="token-cache")try{s[o]=JSON.parse(r);}catch{s[o]=r;}else s[o]=r;B(s);}async deleteSecret(t,n){let r=I(),s=P[n]??n;return s in r?(delete r[s],B(r),true):false}getStoragePath(){return `config.json (unencrypted) \u2014 ${m()}`}};async function ee(){return await be()??new v}async function be(){switch(process.platform){case "darwin":{let{MacOsKeyVaultProvider:e}=await Promise.resolve().then(()=>(K(),J));return await e.isAvailable()?new e:null}case "linux":{let{LinuxKeyVaultProvider:e}=await Promise.resolve().then(()=>(z(),q));return await e.isAvailable()?new e:null}case "win32":{let{WindowsKeyVaultProvider:e}=await Promise.resolve().then(()=>(Q(),Z));return await e.isAvailable()?new e:null}default:return null}}var Ue=_.SERVICE,Fe=_.ACCOUNT_CREDS,F=null;function $e(){return F||(F=ee()),F}async function te(){let t=await(await $e()).getSecret(Ue,Fe);if(!t)return null;try{return JSON.parse(t)}catch{return null}}u.join(l.tmpdir(),W);!process.env.NO_COLOR&&process.stdout.isTTY;function $(){return process.platform==="win32"?false:process.getuid?.()===0}function ne(){if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let t=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(t)return {home:t,username:process.env.SUDO_USER}}return {home:l__namespace.homedir(),username:process.env.SUDO_USER||process.env.USER||l__namespace.userInfo().username}}function O(){if(process.env.WSL_DISTRO_NAME&&process.platform==="linux"){let e=process.env.USERPROFILE;if(!e){let n=child_process.spawnSync("cmd.exe",["/c","echo","%USERPROFILE%"],{encoding:"utf8",timeout:5e3}).stdout?.trim();n&&/^[A-Za-z]:\\/.test(n)&&(e=n);}if(e){let t=e.replace(/^([A-Za-z]):/,(n,r)=>`/mnt/${r.toLowerCase()}`).replace(/\\/g,"/");return u__namespace.join(t,".claude","settings.json")}return u__namespace.join(l__namespace.homedir(),".claude","settings.json")}if(process.platform==="win32"){let e=process.env.USERPROFILE||l__namespace.homedir();return u__namespace.join(e,".claude","settings.json")}if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let t=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(t)return u__namespace.join(t,".claude","settings.json")}return u__namespace.join(l__namespace.homedir(),".claude","settings.json")}var re="flow-ai-obs",se="config.json";function ie(){if(process.platform==="win32"){let n=process.env.APPDATA||u__namespace.join(l__namespace.homedir(),"AppData","Roaming");return u__namespace.join(n,re,se)}let e=ne(),t=process.env.XDG_CONFIG_HOME||u__namespace.join(e.home,".config");return u__namespace.join(t,re,se)}var Ge=Y.LOCK_STALE_MS;function ae(e){try{let t=i__namespace.statSync(e);Date.now()-t.mtimeMs>Ge&&i__namespace.unlinkSync(e);}catch{}try{i__namespace.writeFileSync(e,String(process.pid),{flag:"wx"});}catch(t){throw t.code==="EEXIST"?new Error("Another install is already in progress. If this is stale, remove: "+e):t}}function ce(e){try{i__namespace.unlinkSync(e);}catch{}}function We(e,t){let r=(Array.isArray(e)?e:[]).map(s=>{if(!Array.isArray(s?.hooks))return null;let o=s.hooks.filter(a=>!a.command?.startsWith?.("flow-ai-obs "));return o.length>0?{...s,hooks:o}:null}).filter(s=>s!=null);return [t,...r]}function le(){let e=O(),t=e+".lock",n=[];i__namespace.mkdirSync(u__namespace.dirname(e),{recursive:true}),ae(t);try{if(i__namespace.existsSync(e)){i__namespace.copyFileSync(e,e+".bkp");try{i__namespace.chmodSync(e+".bkp",384);}catch{}}let r=ie();if(i__namespace.existsSync(r)){let c=r+".bkp";i__namespace.copyFileSync(r,c);try{i__namespace.chmodSync(c,384);}catch{}}let s={};try{s=JSON.parse(i__namespace.readFileSync(e,"utf8"));}catch{}let o=s.env&&typeof s.env=="object"?s.env:{};delete o.OTEL_EXPORTER_OTLP_HEADERS,s.env={...o,...j,...V()},s.otelHeadersHelper="flow-ai-obs otel-headers",(!s.hooks||typeof s.hooks!="object"||Array.isArray(s.hooks))&&(s.hooks={});let a=(c,E)=>({matcher:"",hooks:[{type:"command",command:`flow-ai-obs ${c}`,timeout:E}]}),y=["UserPromptSubmit","PreToolUse","PostToolUse","Stop"],M=s.hooks;for(let c of y){let E=We(M[c],a(c,G[c]));E.length>1&&n.push(c),M[c]=E;}i__namespace.writeFileSync(e,JSON.stringify(s,null,2)+`
3
+ `,{encoding:"utf8",mode:384});try{i__namespace.chmodSync(e,384);}catch{}}finally{ce(t);}return {settingsPath:e,preserved:n}}function ue(e){let t=O(),n=t+".lock";i__namespace.mkdirSync(u__namespace.dirname(t),{recursive:true}),ae(n);try{let r={};try{r=JSON.parse(i__namespace.readFileSync(t,"utf8"));}catch{}(!r.env||typeof r.env!="object")&&(r.env={}),Object.assign(r.env,e),i__namespace.writeFileSync(t,JSON.stringify(r,null,2)+`
4
+ `,{encoding:"utf8",mode:384});try{i__namespace.chmodSync(t,384);}catch{}}finally{ce(n);}}function pe(e){if(!e)return null;try{let t=e.split(".");if(t.length<2)return null;let n=JSON.parse(Buffer.from(t[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8")),{clientId:r,clientSecret:s,tenant:o}=n;return !r||!s||!o?null:{clientId:r,clientSecret:s,tenant:o}}catch{return null}}function de(e){let t=Buffer.from(JSON.stringify({alg:"none",typ:"JWT"})).toString("base64url"),n=Buffer.from(JSON.stringify({clientId:e.clientId,clientSecret:e.clientSecret,tenant:e.tenant})).toString("base64url");return `${t}.${n}.`}var H;function ge(){return H||(H=fe()),H}var he=u__namespace.default.join(l__namespace.default.tmpdir(),"flow-obs-update-cache.json"),ze=1440*60*1e3,Ze=3e3;function Qe(e,t){let n=o=>{let a=String(o).replace(/^v/,"").match(/^(\d+)\.(\d+)\.(\d+)/);return a?[+a[1],+a[2],+a[3]]:null},r=n(e),s=n(t);return !r||!s?false:s[0]!==r[0]?s[0]>r[0]:s[1]!==r[1]?s[1]>r[1]:s[2]>r[2]}function et(){try{let e=JSON.parse(i__namespace.default.readFileSync(he,"utf8"));return typeof e.latestVersion!="string"||Date.now()-e.checkedAt>=ze?null:e}catch{return null}}function tt(e,t,n=Date.now()){try{i__namespace.default.writeFileSync(he,JSON.stringify({latestVersion:e,updatePriority:t??null,checkedAt:n}),{mode:384});}catch{}}function nt(e){let t=ge().name,n=Ke__default.default.get(`https://registry.npmjs.org/${encodeURIComponent(t)}/latest`,{timeout:Ze},r=>{if(r.statusCode!==200)return r.resume(),e(new Error(`HTTP ${r.statusCode}`));let s="";r.setEncoding("utf8"),r.on("data",o=>{s+=o;}),r.on("end",()=>{try{let o=JSON.parse(s);if(typeof o.version!="string")throw new Error("no version field");e(null,{version:o.version,updatePriority:typeof o.updatePriority=="string"?o.updatePriority:null});}catch(o){e(o);}});});n.on("error",e),n.on("timeout",()=>{n.destroy(new Error("timeout"));});}function ye(){try{if(et())return;setImmediate(()=>{nt((e,t)=>{e||!t||Qe(ge().version,t.version)&&tt(t.version,t.updatePriority,0);});});}catch{}}var rt=u__namespace.default.resolve(__dirname,".."),st=process.env.INIT_CWD?u__namespace.default.resolve(process.env.INIT_CWD):null;st===rt&&process.exit(0);$()&&(process.stderr.write(`
5
5
  [flow-ai-obs] \u2717 Do not install with sudo.
6
6
  Run without sudo: npm install -g @ciandt-flow/flow-ai-obs
7
7
 
8
- `),process.exit(1));async function Ze(){try{re();}catch{}let e=await U();if(!e){process.stderr.write(`
8
+ `),process.exit(1));async function ot(){try{le();}catch{}let e=await te();if(!e){process.stderr.write(`
9
9
  [flow-ai-obs] No credentials found.
10
10
  Run \`flow-ai-obs auth login\` to authenticate and enable telemetry.
11
11
 
12
- `);return}let t=oe(process.env[f.ANTHROPIC_AUTH_TOKEN]);if(!t||t.clientId!==e.clientId||t.clientSecret!==e.clientSecret||t.tenant!==e.tenant)try{let n=se(e);ne({[f.ANTHROPIC_AUTH_TOKEN]:n});}catch{}}Ze().catch(()=>{}).finally(()=>ue());
12
+ `);return}let t=pe(process.env[f.ANTHROPIC_AUTH_TOKEN]);if(!t||t.clientId!==e.clientId||t.clientSecret!==e.clientSecret||t.tenant!==e.tenant)try{let r=de(e);ue({[f.ANTHROPIC_AUTH_TOKEN]:r});}catch{}}ot().catch(()=>{}).finally(()=>ye());
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@ciandt-flow/flow-ai-obs",
3
- "version": "0.7.1-beta.539",
3
+ "version": "0.7.1-beta.547",
4
4
  "description": "Claude Code hooks for Langfuse OTLP tracing — cross-platform",
5
5
  "main": "dist/index.js",
6
6
  "bin": {