@ciandt-flow/flow-ai-obs 0.8.4 → 0.8.5-beta.653

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/cli.js CHANGED
@@ -1,190 +1,246 @@
1
1
  #!/usr/bin/env node
2
- 'use strict';var Le=require('readline/promises'),ss=require('https'),T=require('fs'),ct=require('os'),Ot=require('path'),child_process=require('child_process'),ws=require('http'),util=require('util'),crypto=require('crypto');function _interopDefault(e){return e&&e.__esModule?e:{default:e}}function _interopNamespace(e){if(e&&e.__esModule)return e;var n=Object.create(null);if(e){Object.keys(e).forEach(function(k){if(k!=='default'){var d=Object.getOwnPropertyDescriptor(e,k);Object.defineProperty(n,k,d.get?d:{enumerable:true,get:function(){return e[k]}});}})}n.default=e;return Object.freeze(n)}var Le__namespace=/*#__PURE__*/_interopNamespace(Le);var ss__default=/*#__PURE__*/_interopDefault(ss);var T__namespace=/*#__PURE__*/_interopNamespace(T);var ct__namespace=/*#__PURE__*/_interopNamespace(ct);var Ot__namespace=/*#__PURE__*/_interopNamespace(Ot);var ws__default=/*#__PURE__*/_interopDefault(ws);var ve=Object.defineProperty;var zr=Object.getOwnPropertyDescriptor;var Zr=Object.getOwnPropertyNames;var Qr=Object.prototype.hasOwnProperty;var Ct=(t=>typeof require<"u"?require:typeof Proxy<"u"?new Proxy(t,{get:(e,n)=>(typeof require<"u"?require:e)[n]}):t)(function(t){if(typeof require<"u")return require.apply(this,arguments);throw Error('Dynamic require of "'+t+'" is not supported')});var h=(t,e,n)=>()=>{if(n)throw n[0];try{return t&&(e=t(t=0)),e}catch(r){throw n=[r],r}};var ts=(t,e)=>()=>{try{return e||t((e={exports:{}}).exports,e),e.exports}catch(n){throw e=0,n}},J=(t,e)=>{for(var n in e)ve(t,n,{get:e[n],enumerable:true});},es=(t,e,n,r)=>{if(e&&typeof e=="object"||typeof e=="function")for(let i of Zr(e))!Qr.call(t,i)&&i!==n&&ve(t,i,{get:()=>e[i],enumerable:!(r=zr(e,i))||r.enumerable});return t};var K=t=>es(ve({},"__esModule",{value:true}),t);var gn={};J(gn,{bold:()=>b,cyan:()=>I,dim:()=>k,green:()=>B,red:()=>P,yellow:()=>v});function St(t,e){return ns?n=>`\x1B[${t}m${n}\x1B[${e}m`:n=>n}var ns,B,P,v,I,b,k,Et=h(()=>{"use strict";ns=!process.env.NO_COLOR&&process.stdout.isTTY;B=St("32","39"),P=St("31","39"),v=St("33","39"),I=St("36","39"),b=St("1","22"),k=St("2","22");});var Kt=ts((Jo,rs)=>{rs.exports={name:"@ciandt-flow/flow-ai-obs",version:"0.8.4",description:"Claude Code hooks for Langfuse OTLP tracing \u2014 cross-platform",main:"dist/index.js",bin:{"flow-ai-obs":"dist/cli.js","flow-ai-obs-setup":"dist/setup.js"},scripts:{build:"tsup",test:"jest",typecheck:"tsc --noEmit",lint:"eslint src bin scripts",format:'prettier --write "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"format:check":'prettier --check "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"security-scan":"trufflehog filesystem src/ --fail --no-update --exclude-paths .trufflehogignore",postinstall:`node -e "require('fs').existsSync('dist/setup.js') && require('child_process').execFileSync(process.execPath, ['dist/setup.js'], {stdio:'inherit'})"`,prepublishOnly:"npm run security-scan && npm run build","release:npm":"changeset publish",changeset:"changeset","version-packages":"changeset version","install:hooks":"node dist/cli.js install","auth:login":"node dist/cli.js auth login","auth:logout":"node dist/cli.js auth logout","auth:status":"node dist/cli.js auth status",smoke:"bash scripts/smoke-test.sh","smoke:debug":"bash scripts/smoke-test.sh --debug","smoke:send":"bash scripts/smoke-test.sh --send --allow-http --debug"},files:["dist/","README.md","LICENSE.md"],keywords:["claude-code","langfuse","observability","otlp","hooks","flow","ciandt"],author:"CI&T Flow Team",license:"SEE LICENSE IN LICENSE.md",private:!1,dependencies:{},optionalDependencies:{keytar:"7.9.0"},devDependencies:{"@changesets/changelog-github":"^0.6.0","@changesets/cli":"^2.30.0","@types/jest":"^30.0.0","@types/node":"^25.8.0",jest:"^30.4.2","ts-jest":"^29.4.9",tsup:"^8.5.1","eslint-config-prettier":"^10.1.5",prettier:"^3.5.3",typescript:"^6.0.3","typescript-eslint":"^8.33.0"},engines:{node:">=18.0.0"},overrides:{esbuild:"^0.28.1"},publishConfig:{registry:"https://registry.npmjs.org",access:"public"},repository:{type:"git",url:"git+https://github.com/CI-T-HyperX/flow-codeassistant-observability.git"}};});function ot(){return process.stdout.isTTY===true&&process.stdin.isTTY===true&&!process.argv.includes("--no-interactive")}async function Re(t,e){let n=Le__namespace.createInterface({input:process.stdin,output:process.stdout}),i=`${t} ${e===true?"(Y/n)":e===false?"(y/N)":"(y/n)"}: `;for(let o=1;o<=3;o++)try{let s=(await n.question(i)).trim().toLowerCase();if(s===""&&e!==void 0)return n.close(),e;if(s==="y"||s==="yes")return n.close(),!0;if(s==="n"||s==="no")return n.close(),!1;o<3&&process.stdout.write(` Invalid input. Please answer "y" or "n".
3
- `);}catch(s){throw n.close(),s}if(n.close(),e!==void 0)return e;throw new Error("Too many invalid attempts for yes/no prompt")}async function hn(t,e){let n=Le__namespace.createInterface({input:process.stdin,output:process.stdout});try{let r=(await n.question(`${t}: `)).trim();if(e);return r}catch(r){throw r}finally{n.close();}}var Pe=h(()=>{"use strict";});var qt={};J(qt,{checkForUpdate:()=>ds,checkForUpdateInteractive:()=>ps,fetchLatestVersionAsync:()=>wn,isNewer:()=>Tt,primeUpdateCache:()=>fs});function N(){return Ie||(Ie=Kt()),Ie}function Tt(t,e){let n=o=>{let s=String(o).replace(/^v/,"").match(/^(\d+)\.(\d+)\.(\d+)/);return s?[+s[1],+s[2],+s[3]]:null},r=n(t),i=n(e);return !r||!i?false:i[0]!==r[0]?i[0]>r[0]:i[1]!==r[1]?i[1]>r[1]:i[2]>r[2]}function Ue(){try{let t=JSON.parse(T__namespace.default.readFileSync(Tn,"utf8"));return typeof t.latestVersion!="string"||Date.now()-t.checkedAt>=as?null:t}catch{return null}}function Ce(t,e,n=Date.now()){try{T__namespace.default.writeFileSync(Tn,JSON.stringify({latestVersion:t,updatePriority:e??null,checkedAt:n}),{mode:384});}catch{}}function $e(t){let e=N().name,n=ss__default.default.get(`https://registry.npmjs.org/${encodeURIComponent(e)}/latest`,{timeout:cs},r=>{if(r.statusCode!==200)return r.resume(),t(new Error(`HTTP ${r.statusCode}`));let i="";r.setEncoding("utf8"),r.on("data",o=>{i+=o;}),r.on("end",()=>{try{let o=JSON.parse(i);if(typeof o.version!="string")throw new Error("no version field");t(null,{version:o.version,updatePriority:typeof o.updatePriority=="string"?o.updatePriority:null});}catch(o){t(o);}});});n.on("error",t),n.on("timeout",()=>{n.destroy(new Error("timeout"));});}function be(t){let e=N().name,r=` Update available: ${N().version} \u2192 ${t}`,i=` Run: npm install -g ${e}`,o=Math.max(r.length,i.length)+2,s="\u2500".repeat(o);process.stderr.write(`
4
- \u256D${s}\u256E
5
- \u2502${r.padEnd(o)}\u2502
6
- \u2502${i.padEnd(o)}\u2502
7
- \u2570${s}\u256F
2
+ 'use strict';var Re=require('readline/promises'),fs=require('https'),A=require('fs'),ut=require('os'),kt=require('path'),child_process=require('child_process'),bs=require('http'),util=require('util'),crypto=require('crypto');function _interopDefault(e){return e&&e.__esModule?e:{default:e}}function _interopNamespace(e){if(e&&e.__esModule)return e;var n=Object.create(null);if(e){Object.keys(e).forEach(function(k){if(k!=='default'){var d=Object.getOwnPropertyDescriptor(e,k);Object.defineProperty(n,k,d.get?d:{enumerable:true,get:function(){return e[k]}});}})}n.default=e;return Object.freeze(n)}var Re__namespace=/*#__PURE__*/_interopNamespace(Re);var fs__default=/*#__PURE__*/_interopDefault(fs);var A__namespace=/*#__PURE__*/_interopNamespace(A);var ut__namespace=/*#__PURE__*/_interopNamespace(ut);var kt__namespace=/*#__PURE__*/_interopNamespace(kt);var bs__default=/*#__PURE__*/_interopDefault(bs);var ke=Object.defineProperty;var is=Object.getOwnPropertyDescriptor;var as=Object.getOwnPropertyNames;var cs=Object.prototype.hasOwnProperty;var Ct=(t=>typeof require<"u"?require:typeof Proxy<"u"?new Proxy(t,{get:(e,n)=>(typeof require<"u"?require:e)[n]}):t)(function(t){if(typeof require<"u")return require.apply(this,arguments);throw Error('Dynamic require of "'+t+'" is not supported')});var g=(t,e,n)=>()=>{if(n)throw n[0];try{return t&&(e=t(t=0)),e}catch(r){throw n=[r],r}};var ls=(t,e)=>()=>{try{return e||t((e={exports:{}}).exports,e),e.exports}catch(n){throw e=0,n}},D=(t,e)=>{for(var n in e)ke(t,n,{get:e[n],enumerable:true});},us=(t,e,n,r)=>{if(e&&typeof e=="object"||typeof e=="function")for(let s of as(e))!cs.call(t,s)&&s!==n&&ke(t,s,{get:()=>e[s],enumerable:!(r=is(e,s))||r.enumerable});return t};var C=t=>us(ke({},"__esModule",{value:true}),t);var Le={};D(Le,{bold:()=>P,cyan:()=>v,dim:()=>p,green:()=>b,red:()=>I,yellow:()=>L});function Et(t,e){return ds?n=>`\x1B[${t}m${n}\x1B[${e}m`:n=>n}var ds,b,I,L,v,P,p,it=g(()=>{"use strict";ds=!process.env.NO_COLOR&&process.stdout.isTTY;b=Et("32","39"),I=Et("31","39"),L=Et("33","39"),v=Et("36","39"),P=Et("1","22"),p=Et("2","22");});var $t=ls((ii,ps)=>{ps.exports={name:"@ciandt-flow/flow-ai-obs",version:"0.8.5-beta.653",description:"Claude Code hooks for Langfuse OTLP tracing \u2014 cross-platform",main:"dist/index.js",bin:{"flow-ai-obs":"dist/cli.js","flow-ai-obs-setup":"dist/setup.js"},scripts:{build:"tsup",test:"jest",typecheck:"tsc --noEmit",lint:"eslint src bin scripts",format:'prettier --write "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"format:check":'prettier --check "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"security-scan":"trufflehog filesystem src/ --fail --no-update --exclude-paths .trufflehogignore",postinstall:`node -e "require('fs').existsSync('dist/setup.js') && require('child_process').execFileSync(process.execPath, ['dist/setup.js'], {stdio:'inherit'})"`,prepublishOnly:"npm run security-scan && npm run build","release:npm":"changeset publish",changeset:"changeset","version-packages":"changeset version","install:hooks":"node dist/cli.js install","auth:login":"node dist/cli.js auth login","auth:logout":"node dist/cli.js auth logout","auth:status":"node dist/cli.js auth status",smoke:"bash scripts/smoke-test.sh","smoke:debug":"bash scripts/smoke-test.sh --debug","smoke:send":"bash scripts/smoke-test.sh --send --allow-http --debug"},files:["dist/","README.md","LICENSE.md"],keywords:["claude-code","langfuse","observability","otlp","hooks","flow","ciandt"],author:"CI&T Flow Team",license:"SEE LICENSE IN LICENSE.md",private:!1,dependencies:{},optionalDependencies:{keytar:"7.9.0"},devDependencies:{"@changesets/changelog-github":"^0.6.0","@changesets/cli":"^2.30.0","@types/jest":"^30.0.0","@types/node":"^25.8.0",jest:"^30.4.2","ts-jest":"^29.4.9",tsup:"^8.5.1","eslint-config-prettier":"^10.1.5",prettier:"^3.5.3",typescript:"^6.0.3","typescript-eslint":"^8.33.0"},engines:{node:">=18.0.0"},overrides:{esbuild:"^0.28.1"},publishConfig:{registry:"https://registry.npmjs.org",access:"public"},repository:{type:"git",url:"git+https://github.com/CI-T-HyperX/flow-codeassistant-observability.git"}};});function at(){return process.stdout.isTTY===true&&process.stdin.isTTY===true&&!process.argv.includes("--no-interactive")}async function ve(t,e){let n=Re__namespace.createInterface({input:process.stdin,output:process.stdout}),s=`${t} ${e===true?"(Y/n)":e===false?"(y/N)":"(y/n)"}: `;for(let i=1;i<=3;i++)try{let o=(await n.question(s)).trim().toLowerCase();if(o===""&&e!==void 0)return n.close(),e;if(o==="y"||o==="yes")return n.close(),!0;if(o==="n"||o==="no")return n.close(),!1;i<3&&process.stdout.write(` Invalid input. Please answer "y" or "n".
3
+ `);}catch(o){throw n.close(),o}if(n.close(),e!==void 0)return e;throw new Error("Too many invalid attempts for yes/no prompt")}async function _n(t,e){let n=Re__namespace.createInterface({input:process.stdin,output:process.stdout});try{let r=(await n.question(`${t}: `)).trim();if(e);return r}catch(r){throw r}finally{n.close();}}var be=g(()=>{"use strict";});var St={};D(St,{checkForUpdate:()=>Ss,checkForUpdateInteractive:()=>Ts,fetchLatestVersionAsync:()=>Rn,isNewer:()=>wt,pkg:()=>N,primeUpdateCache:()=>ys,runUpdate:()=>Ln});function N(){return Pe||(Pe=$t()),Pe}function wt(t,e){let n=i=>{let o=String(i).replace(/^v/,"").match(/^(\d+)\.(\d+)\.(\d+)/);return o?[+o[1],+o[2],+o[3]]:null},r=n(t),s=n(e);return !r||!s?false:s[0]!==r[0]?s[0]>r[0]:s[1]!==r[1]?s[1]>r[1]:s[2]>r[2]}function Ue(){try{let t=JSON.parse(A__namespace.default.readFileSync(kn,"utf8"));return typeof t.latestVersion!="string"||Date.now()-t.checkedAt>=hs?null:t}catch{return null}}function Ce(t,e,n=Date.now()){try{A__namespace.default.writeFileSync(kn,JSON.stringify({latestVersion:t,updatePriority:e??null,checkedAt:n}),{mode:384});}catch{}}function $e(t){let e=N().name,n=fs__default.default.get(`https://registry.npmjs.org/${encodeURIComponent(e)}/latest`,{timeout:Es},r=>{if(r.statusCode!==200)return r.resume(),t(new Error(`HTTP ${r.statusCode}`));let s="";r.setEncoding("utf8"),r.on("data",i=>{s+=i;}),r.on("end",()=>{try{let i=JSON.parse(s);if(typeof i.version!="string")throw new Error("no version field");t(null,{version:i.version,updatePriority:typeof i.updatePriority=="string"?i.updatePriority:null});}catch(i){t(i);}});});n.on("error",t),n.on("timeout",()=>{n.destroy(new Error("timeout"));});}function Ie(t){let e=N().name,r=` Update available: ${N().version} \u2192 ${t}`,s=` Run: npm install -g ${e}`,i=Math.max(r.length,s.length)+2,o="\u2500".repeat(i);process.stderr.write(`
4
+ \u256D${o}\u256E
5
+ \u2502${r.padEnd(i)}\u2502
6
+ \u2502${s.padEnd(i)}\u2502
7
+ \u2570${o}\u256F
8
8
 
9
9
  `);}function Ne(t){let e=N().name;process.stderr.write(`
10
10
  [${e}] Critical update detected \u2014 auto-updating to ${t}...
11
11
 
12
- `),child_process.spawn("npm",["install","-g",`${e}@${t}`],{detached:true,stdio:"ignore",windowsHide:true}).unref();}async function ls(t,e=1e4){let n=Ct("readline"),r=N().name,o=` Update available: ${N().version} \u2192 ${t}`,s=` Run: npm install -g ${r}`,c=" Install now? [y/N]: ",a=Math.max(o.length,s.length,c.length-2)+2,d="\u2500".repeat(a);return process.stderr.write(`
13
- \u256D${d}\u256E
14
- \u2502${o.padEnd(a)}\u2502
15
- \u2502${s.padEnd(a)}\u2502
16
- \u2502${c.padEnd(a)}\u2502
17
- \u2570${d}\u256F
18
- `),new Promise(g=>{let E=n.createInterface({input:process.stdin,output:void 0,terminal:false}),u=false;function f(p){u||(u=true,clearTimeout(O),E.close(),process.stderr.write(`
19
- `),g(p));}let O=setTimeout(()=>f(false),e);E.once("line",p=>f(p.trim().toLowerCase()==="y")),E.once("close",()=>f(false));})}async function us(t){let e=N().name;return process.stderr.write(` Installing ${e}@${t}...
20
- `),new Promise(n=>{let r=child_process.spawn("npm",["install","-g",`${e}@${t}`],{stdio:"inherit"});r.on("close",i=>{i!==0?process.stderr.write(` \u2717 Update failed \u2014 continuing with current version.
12
+ `),child_process.spawn("npm",["install","-g",`${e}@${t}`],{detached:true,stdio:"ignore",windowsHide:true}).unref();}async function ws(t,e=1e4){let n=Ct("readline"),r=N().name,i=` Update available: ${N().version} \u2192 ${t}`,o=` Run: npm install -g ${r}`,a=" Install now? [y/N]: ",c=Math.max(i.length,o.length,a.length-2)+2,u="\u2500".repeat(c);return process.stderr.write(`
13
+ \u256D${u}\u256E
14
+ \u2502${i.padEnd(c)}\u2502
15
+ \u2502${o.padEnd(c)}\u2502
16
+ \u2502${a.padEnd(c)}\u2502
17
+ \u2570${u}\u256F
18
+ `),new Promise(E=>{let O=n.createInterface({input:process.stdin,output:void 0,terminal:false}),m=false;function w(S){m||(m=true,clearTimeout(d),O.close(),process.stderr.write(`
19
+ `),E(S));}let d=setTimeout(()=>w(false),e);O.once("line",S=>w(S.trim().toLowerCase()==="y")),O.once("close",()=>w(false));})}async function Ln(t){let e=N().name;return process.stderr.write(` Installing ${e}@${t}...
20
+ `),new Promise(n=>{let r=child_process.spawn("npm",["install","-g",`${e}@${t}`],{stdio:"inherit"});r.on("close",s=>{s!==0?process.stderr.write(` \u2717 Update failed \u2014 continuing with current version.
21
21
 
22
22
  `):process.stderr.write(` \u2713 Updated to ${t}. Please restart the command.
23
23
 
24
24
  `),n();}),r.on("error",()=>{process.stderr.write(` \u2717 Update failed \u2014 continuing with current version.
25
25
 
26
- `),n();});})}function wn(){return new Promise(t=>{$e((e,n)=>t(e||!n?null:n));})}function ds(){try{let t=Ue();if(t){Tt(N().version,t.latestVersion)&&(t.updatePriority==="auto"?Ne(t.latestVersion):be(t.latestVersion));return}setImmediate(()=>{$e((e,n)=>{e||!n||(Ce(n.version,n.updatePriority),Tt(N().version,n.version)&&(n.updatePriority==="auto"?Ne(n.version):be(n.version)));});});}catch{}}async function ps(t={}){try{let e=Ue();if(e){if(!Tt(N().version,e.latestVersion))return}else {let r=await wn();if(!r||(Ce(r.version,r.updatePriority),!Tt(N().version,r.version)))return;e={latestVersion:r.version,updatePriority:r.updatePriority,checkedAt:Date.now()};}if(e.updatePriority==="auto"){Ne(e.latestVersion);return}if(!ot()){be(e.latestVersion);return}await ls(e.latestVersion,t.timeoutMs)&&await us(e.latestVersion);}catch{}}function fs(){try{if(Ue())return;setImmediate(()=>{$e((t,e)=>{t||!e||Tt(N().version,e.version)&&Ce(e.version,e.updatePriority,0);});});}catch{}}var Ie,Tn,as,cs,Xt=h(()=>{"use strict";Pe();Tn=Ot__namespace.default.join(ct__namespace.default.tmpdir(),"flow-obs-update-cache.json"),as=1440*60*1e3,cs=3e3;});function M(){let t=process.env.FLOW_BASE_URL;return t&&t.trim()?t.trim():zt}function wt(){let t=M();return {AUTH_ENGINE:process.env.FLOW_AUTH_ENGINE_URL||`${t}/auth-engine-api/v2/api-key/token`,GATEWAY_TRACES:process.env.FLOW_GATEWAY_TRACES_URL||`${t}/flow-langfuse-gateway/v1/traces`,GATEWAY_HEALTH:process.env.FLOW_GATEWAY_HEALTH_URL||`${t}/flow-langfuse-gateway/v1/health`,OTEL_ENDPOINT:process.env.FLOW_OTEL_ENDPOINT_URL||`${t}/otel`}}function xe(){let t=M();return {API_URL:process.env.FLOW_METRICS_URL||`${t}/metrics-collector-api/log-event`,BOOSTER:"flow-ai-obs"}}var zt,ms,Zt,Qt,te,Fe,z,S,ee,it,C,yn,H,A=h(()=>{"use strict";zt="https://flow.ciandt.com";ms=wt(),Zt={SERVICE:"flow-plugins-cli",ACCOUNT_CREDS:"credentials",ACCOUNT_TOKEN:"token-cache"},Qt="FLOW-nodejs",te="config.json",Fe={SCOPE_NAME:"flow-ai-obs",SCOPE_VERSION:"0.1.0"},z={CLAUDE_CODE_ENABLE_TELEMETRY:"1",OTEL_EXPORTER_OTLP_ENDPOINT:ms.OTEL_ENDPOINT,OTEL_EXPORTER_OTLP_PROTOCOL:"http/json",OTEL_METRICS_EXPORTER:"otlp",OTEL_LOGS_EXPORTER:"otlp",OTEL_LOG_TOOL_DETAILS:"1",OTEL_LOG_USER_PROMPTS:"1"},S={FLOW_TELEMETRY:"FLOW_TELEMETRY",FLOW_TELEMETRY_GATEWAY:"FLOW_TELEMETRY_GATEWAY_URL",LANGFUSE_BASE_URL:"LANGFUSE_BASE_URL",LANGFUSE_PUBLIC_KEY:"LANGFUSE_PUBLIC_KEY",LANGFUSE_SECRET_KEY:"LANGFUSE_SECRET_KEY",ANTHROPIC_MODEL:"ANTHROPIC_MODEL",ANTHROPIC_AUTH_TOKEN:"ANTHROPIC_AUTH_TOKEN",FLOW_OBS_DEBUG:"FLOW_TELEMETRY_DEBUG",FLOW_OBS_ALLOW_HTTP:"FLOW_TELEMETRY_ALLOW_HTTP",BUFFER_TTL_DAYS:"FLOW_TELEMETRY_BUFFER_TTL_DAYS",BUFFER_MAX_FILES:"FLOW_TELEMETRY_BUFFER_MAX_FILES"},ee={LOCK_STALE_MS:3e4,CONNECTIVITY_MAX_RETRY:3,CONNECTIVITY_RETRY_MS:2e3,CLI:"flow-ai-obs "},it={UserPromptSubmit:5,PreToolUse:3,PostToolUse:10,Stop:15},C={FILE_PREFIX:"flow-obs-buffer-",DEFAULT_TTL_DAYS:4,MIN_TTL_DAYS:1,MAX_TTL_DAYS:30,DEFAULT_MAX_FILES:50,MIN_MAX_FILES:1,MAX_MAX_FILES:500,REPLAY_BATCH_SIZE:10},yn="flow-ai-obs-debug.log",H={TOOL_INPUT:2e4,TOOL_OUTPUT:2e4,TRACE_OUTPUT:2e4,USER_INSTRUCTION:1e4,TRACE_INPUT:5e4,TOOL_BRIEF:60};});function l(...t){if(process.env[S.FLOW_OBS_DEBUG]!=="1")return;let e=`[${new Date().toISOString()}] ${t.join(" ")}
27
- `;try{T.writeFileSync(Es,e,{flag:"a"});}catch(n){process.stderr.write(`[flow-obs debug ERROR] ${n.message}
28
- `);}}var Es,$=h(()=>{"use strict";A();Es=Ot.join(ct.tmpdir(),yn);});function _s(t){if(!ys.test(t))throw new Error(`Invalid tenant value: "${t}". Tenant must be lowercase alphanumeric and hyphens (1-64 chars).`)}function ks(t,e){let n=e.length>400?e.slice(0,400)+"\u2026":e;l("toAuthError",`status=${t} body=${n}`);try{let r=JSON.parse(e);if(typeof r.error=="string"&&(l("toAuthError",`api_error_code=${r.error}`+(r.message?` api_message=${r.message}`:"")),_n[r.error]))return new at(_n[r.error])}catch{}return t===401||t===403||t===500?new at("Invalid credentials"):t>=400&&t<500?new at("Authentication request was rejected"):new Error("Authentication service unavailable, please try again later")}function j(t){return new Promise((e,n)=>{try{_s(t.tenant);}catch(d){return n(d)}let r=JSON.stringify({clientSecret:t.clientSecret}),i=new URL(wt().AUTH_ENGINE),o=i.protocol==="https:",s={hostname:i.hostname,port:i.port||(o?443:80),path:i.pathname+i.search,method:"POST",headers:{"Content-Type":"application/json","Content-Length":Buffer.byteLength(r),FlowTenant:t.tenant}};l("getToken",`requesting token tenant=${t.tenant} host=${s.hostname} path=${s.path}`);let a=(o?ss__default.default:ws__default.default).request(s,d=>{let g=[];d.on("data",E=>g.push(E)),d.on("end",()=>{let E=g.join("");if((d.statusCode??0)>=400)return n(ks(d.statusCode??0,E));let u;try{u=JSON.parse(E);}catch{return n(new Error("Invalid response from auth engine"))}let f=u.expires_at??new Date(Date.now()+(u.expires_in??3600)*1e3).toISOString();e({accessToken:u.access_token??"",expiresAt:f});});});a.on("error",d=>n(new Error(`Network error: ${d.message}`))),a.write(r),a.end();})}var at,ys,_n,yt=h(()=>{"use strict";A();$();at=class extends Error{constructor(e){super(e),this.name="AuthError";}},ys=/^[a-z0-9][a-z0-9-]{0,62}[a-z0-9]$|^[a-z0-9]$/;_n={INVALID_CLIENT_SECRET:"Invalid Client Secret \u2014 check the value and try again",INVALID_CLIENT_ID:"Invalid Client ID \u2014 check the value and try again",INVALID_TENANT:"Invalid Tenant \u2014 check the value and try again",TENANT_NOT_FOUND:"Tenant not found \u2014 verify the tenant identifier"};});function kn(){return process.platform==="win32"?false:process.getuid?.()===0}function ne(){if(kn())return process.stderr.write(`
29
- `+P(` \u2717 flow-ai-obs is not supported in a sudo context.
26
+ `),n();});})}function Rn(){return new Promise(t=>{$e((e,n)=>t(e||!n?null:n));})}function Ss(){try{let t=Ue();if(t){wt(N().version,t.latestVersion)&&(t.updatePriority==="auto"?Ne(t.latestVersion):Ie(t.latestVersion));return}setImmediate(()=>{$e((e,n)=>{e||!n||(Ce(n.version,n.updatePriority),wt(N().version,n.version)&&(n.updatePriority==="auto"?Ne(n.version):Ie(n.version)));});});}catch{}}async function Ts(t={}){try{let e=Ue();if(e){if(!wt(N().version,e.latestVersion))return}else {let r=await Rn();if(!r||(Ce(r.version,r.updatePriority),!wt(N().version,r.version)))return;e={latestVersion:r.version,updatePriority:r.updatePriority,checkedAt:Date.now()};}if(e.updatePriority==="auto"){Ne(e.latestVersion);return}if(!at()){Ie(e.latestVersion);return}await ws(e.latestVersion,t.timeoutMs)&&await Ln(e.latestVersion);}catch{}}function ys(){try{if(Ue())return;setImmediate(()=>{$e((t,e)=>{t||!e||wt(N().version,e.version)&&Ce(e.version,e.updatePriority,0);});});}catch{}}var Pe,kn,hs,Es,Tt=g(()=>{"use strict";be();kn=kt__namespace.default.join(ut__namespace.default.tmpdir(),"flow-obs-update-cache.json"),hs=1440*60*1e3,Es=3e3;});function yt(){let t=process.env.FLOW_BASE_URL;return t&&t.trim()?t.trim():_s}function _t(){let t=yt();return {AUTH_ENGINE:process.env.FLOW_AUTH_ENGINE_URL||`${t}/auth-engine-api/v2/api-key/token`,GATEWAY_TRACES:process.env.FLOW_GATEWAY_TRACES_URL||`${t}/flow-langfuse-gateway/v1/traces`,GATEWAY_HEALTH:process.env.FLOW_GATEWAY_HEALTH_URL||`${t}/flow-langfuse-gateway/v1/health`,OTEL_ENDPOINT:process.env.FLOW_OTEL_ENDPOINT_URL||`${t}/otel`}}function xe(){let t=yt();return {API_URL:process.env.FLOW_METRICS_URL||`${t}/metrics-collector-api/log-event`,BOOSTER:"flow-ai-obs"}}var _s,Os,zt,Zt,Qt,Fe,X,h,te,Ot,B,vn,Y,R=g(()=>{"use strict";_s="https://flow.ciandt.com";Os=_t(),zt={SERVICE:"flow-plugins-cli",ACCOUNT_CREDS:"credentials",ACCOUNT_TOKEN:"token-cache"},Zt="FLOW-nodejs",Qt="config.json",Fe={SCOPE_NAME:"flow-ai-obs",SCOPE_VERSION:"0.1.0"},X={CLAUDE_CODE_ENABLE_TELEMETRY:"1",OTEL_EXPORTER_OTLP_ENDPOINT:Os.OTEL_ENDPOINT,OTEL_EXPORTER_OTLP_PROTOCOL:"http/json",OTEL_METRICS_EXPORTER:"otlp",OTEL_LOGS_EXPORTER:"otlp",OTEL_LOG_TOOL_DETAILS:"1",OTEL_LOG_USER_PROMPTS:"1"},h={FLOW_TELEMETRY:"FLOW_TELEMETRY",FLOW_TELEMETRY_GATEWAY:"FLOW_TELEMETRY_GATEWAY_URL",LANGFUSE_BASE_URL:"LANGFUSE_BASE_URL",LANGFUSE_PUBLIC_KEY:"LANGFUSE_PUBLIC_KEY",LANGFUSE_SECRET_KEY:"LANGFUSE_SECRET_KEY",ANTHROPIC_MODEL:"ANTHROPIC_MODEL",ANTHROPIC_AUTH_TOKEN:"ANTHROPIC_AUTH_TOKEN",FLOW_OBS_DEBUG:"FLOW_TELEMETRY_DEBUG",FLOW_OBS_ALLOW_HTTP:"FLOW_TELEMETRY_ALLOW_HTTP",BUFFER_TTL_DAYS:"FLOW_TELEMETRY_BUFFER_TTL_DAYS",BUFFER_MAX_FILES:"FLOW_TELEMETRY_BUFFER_MAX_FILES"},te={LOCK_STALE_MS:3e4,CONNECTIVITY_MAX_RETRY:3,CONNECTIVITY_RETRY_MS:2e3,CLI:"flow-ai-obs "},Ot={UserPromptSubmit:5,PreToolUse:3,PostToolUse:10,Stop:15},B={FILE_PREFIX:"flow-obs-buffer-",DEFAULT_TTL_DAYS:4,MIN_TTL_DAYS:1,MAX_TTL_DAYS:30,DEFAULT_MAX_FILES:50,MIN_MAX_FILES:1,MAX_MAX_FILES:500,REPLAY_BATCH_SIZE:10},vn="flow-ai-obs-debug.log",Y={TOOL_INPUT:2e4,TOOL_OUTPUT:2e4,TRACE_OUTPUT:2e4,USER_INSTRUCTION:1e4,TRACE_INPUT:5e4,TOOL_BRIEF:60};});function l(...t){if(process.env[h.FLOW_OBS_DEBUG]!=="1")return;let e=`[${new Date().toISOString()}] ${t.join(" ")}
27
+ `;try{A.writeFileSync(Rs,e,{flag:"a"});}catch(n){process.stderr.write(`[flow-obs debug ERROR] ${n.message}
28
+ `);}}var Rs,M=g(()=>{"use strict";R();Rs=kt.join(ut.tmpdir(),vn);});function Is(t){if(!Ps.test(t))throw new Error(`Invalid tenant value: "${t}". Tenant must be lowercase alphanumeric and hyphens (1-64 chars).`)}function Ns(t,e){let n=e.length>400?e.slice(0,400)+"\u2026":e;l("toAuthError",`status=${t} body=${n}`);try{let r=JSON.parse(e);if(typeof r.error=="string"&&(l("toAuthError",`api_error_code=${r.error}`+(r.message?` api_message=${r.message}`:"")),bn[r.error]))return new ct(bn[r.error])}catch{}return t===401||t===403||t===500?new ct("Invalid credentials"):t>=400&&t<500?new ct("Authentication request was rejected"):new Error("Authentication service unavailable, please try again later")}function $(t){return new Promise((e,n)=>{try{Is(t.tenant);}catch(u){return n(u)}let r=JSON.stringify({clientSecret:t.clientSecret}),s=new URL(_t().AUTH_ENGINE),i=s.protocol==="https:",o={hostname:s.hostname,port:s.port||(i?443:80),path:s.pathname+s.search,method:"POST",headers:{"Content-Type":"application/json","Content-Length":Buffer.byteLength(r),FlowTenant:t.tenant}};l("getToken",`requesting token tenant=${t.tenant} host=${o.hostname} path=${o.path}`);let c=(i?fs__default.default:bs__default.default).request(o,u=>{let E=[];u.on("data",O=>E.push(O)),u.on("end",()=>{let O=E.join("");if((u.statusCode??0)>=400)return n(Ns(u.statusCode??0,O));let m;try{m=JSON.parse(O);}catch{return n(new Error("Invalid response from auth engine"))}let w=m.expires_at??new Date(Date.now()+(m.expires_in??3600)*1e3).toISOString();e({accessToken:m.access_token??"",expiresAt:w});});});c.on("error",u=>n(new Error(`Network error: ${u.message}`))),c.write(r),c.end();})}var ct,Ps,bn,lt=g(()=>{"use strict";R();M();ct=class extends Error{constructor(e){super(e),this.name="AuthError";}},Ps=/^[a-z0-9][a-z0-9-]{0,62}[a-z0-9]$|^[a-z0-9]$/;bn={INVALID_CLIENT_SECRET:"Invalid Client Secret \u2014 check the value and try again",INVALID_CLIENT_ID:"Invalid Client ID \u2014 check the value and try again",INVALID_TENANT:"Invalid Tenant \u2014 check the value and try again",TENANT_NOT_FOUND:"Tenant not found \u2014 verify the tenant identifier"};});function Pn(){return process.platform==="win32"?false:process.getuid?.()===0}function ee(){if(Pn())return process.stderr.write(`
29
+ `+I(` \u2717 flow-ai-obs is not supported in a sudo context.
30
30
 
31
- `)+I(` npm install -g @ciandt-flow/flow-ai-obs
31
+ `)+v(` npm install -g @ciandt-flow/flow-ai-obs
32
32
  `)+`
33
- `),1}var re=h(()=>{"use strict";Et();});function On(){if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let e=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(e)return {home:e,username:process.env.SUDO_USER}}return {home:ct__namespace.homedir(),username:process.env.SUDO_USER||process.env.USER||ct__namespace.userInfo().username}}function L(){if(process.env.WSL_DISTRO_NAME&&process.platform==="linux"){let t=process.env.USERPROFILE;if(!t){let n=child_process.spawnSync("cmd.exe",["/c","echo","%USERPROFILE%"],{encoding:"utf8",timeout:5e3}).stdout?.trim();n&&/^[A-Za-z]:\\/.test(n)&&(t=n);}if(t){let e=t.replace(/^([A-Za-z]):/,(n,r)=>`/mnt/${r.toLowerCase()}`).replace(/\\/g,"/");return Ot__namespace.join(e,".claude","settings.json")}return Ot__namespace.join(ct__namespace.homedir(),".claude","settings.json")}if(process.platform==="win32"){let t=process.env.USERPROFILE||ct__namespace.homedir();return Ot__namespace.join(t,".claude","settings.json")}if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let e=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(e)return Ot__namespace.join(e,".claude","settings.json")}return Ot__namespace.join(ct__namespace.homedir(),".claude","settings.json")}var se=h(()=>{"use strict";re();});function oe(){if(process.platform==="win32"){let n=process.env.APPDATA||Ot__namespace.join(ct__namespace.homedir(),"AppData","Roaming");return Ot__namespace.join(n,An,vn)}let t=On(),e=process.env.XDG_CONFIG_HOME||Ot__namespace.join(t.home,".config");return Ot__namespace.join(e,An,vn)}function Ft(){try{let t=T__namespace.readFileSync(L(),"utf8"),n=JSON.parse(t).env?.FLOW_BASE_URL;return typeof n=="string"&&n.trim()?n.trim():null}catch{return null}}function Rn(){try{let t=T__namespace.readFileSync(L(),"utf8");return JSON.parse(t).env??null}catch{return null}}var An,vn,ie=h(()=>{"use strict";se();An="flow-ai-obs",vn="config.json";});function Me(t){try{let e=T__namespace.statSync(t);Date.now()-e.mtimeMs>Os&&T__namespace.unlinkSync(t);}catch{}try{T__namespace.writeFileSync(t,String(process.pid),{flag:"wx"});}catch(e){throw e.code==="EEXIST"?new Error("Another install is already in progress. If this is stale, remove: "+t):e}}function He(t){try{T__namespace.unlinkSync(t);}catch{}}function Pn(t,e){let r=(Array.isArray(t)?t:[]).map(i=>{if(!Array.isArray(i?.hooks))return null;let o=i.hooks.filter(s=>!s.command?.startsWith?.("flow-ai-obs "));return o.length>0?{...i,hooks:o}:null}).filter(i=>i!=null);return [e,...r]}function In(t){let e=L(),n=e+".lock",r=[];T__namespace.mkdirSync(Ot__namespace.dirname(e),{recursive:true}),Me(n);try{if(T__namespace.existsSync(e)){T__namespace.copyFileSync(e,e+".bkp");try{T__namespace.chmodSync(e+".bkp",384);}catch{}}let i=oe();if(T__namespace.existsSync(i)){let E=i+".bkp";T__namespace.copyFileSync(i,E);try{T__namespace.chmodSync(E,384);}catch{}}let o={};try{o=JSON.parse(T__namespace.readFileSync(e,"utf8"));}catch{}let s=o.env&&typeof o.env=="object"?o.env:{};delete s.OTEL_EXPORTER_OTLP_HEADERS;let c=t?{...z,OTEL_EXPORTER_OTLP_ENDPOINT:t}:z;o.env={...s,...c},o.otelHeadersHelper="flow-ai-obs otel-headers",(!o.hooks||typeof o.hooks!="object"||Array.isArray(o.hooks))&&(o.hooks={});let a=(E,u)=>({matcher:"",hooks:[{type:"command",command:`flow-ai-obs ${E}`,timeout:u}]}),d=["UserPromptSubmit","PreToolUse","PostToolUse","Stop"],g=o.hooks;for(let E of d){let u=Pn(g[E],a(E,it[E]));u.length>1&&r.push(E),g[E]=u;}T__namespace.writeFileSync(e,JSON.stringify(o,null,2)+`
34
- `,{encoding:"utf8",mode:384});try{T__namespace.chmodSync(e,384);}catch{}}finally{He(n);}return {settingsPath:e,preserved:r}}function kt(t){try{let e=T__namespace.readFileSync(L(),"utf8"),r=JSON.parse(e).env?.[t];return typeof r=="string"?r:null}catch{return null}}function xt(t){let e=L(),n=e+".lock";T__namespace.mkdirSync(Ot__namespace.dirname(e),{recursive:true}),Me(n);try{let r={};try{r=JSON.parse(T__namespace.readFileSync(e,"utf8"));}catch{}(!r.env||typeof r.env!="object")&&(r.env={}),Object.assign(r.env,t),T__namespace.writeFileSync(e,JSON.stringify(r,null,2)+`
35
- `,{encoding:"utf8",mode:384});try{T__namespace.chmodSync(e,384);}catch{}}finally{He(n);}}function bn(){let t=L(),e=t+".lock",n=[];T__namespace.mkdirSync(Ot__namespace.dirname(t),{recursive:true}),Me(e);try{if(T__namespace.existsSync(t)){T__namespace.copyFileSync(t,t+".bkp");try{T__namespace.chmodSync(t+".bkp",384);}catch{}}let r={};try{r=JSON.parse(T__namespace.readFileSync(t,"utf8"));}catch{}r.otelHeadersHelper="flow-ai-obs otel-headers",(!r.hooks||typeof r.hooks!="object"||Array.isArray(r.hooks))&&(r.hooks={});let i=(c,a)=>({matcher:"",hooks:[{type:"command",command:`flow-ai-obs ${c}`,timeout:a}]}),o=["UserPromptSubmit","PreToolUse","PostToolUse","Stop"],s=r.hooks;for(let c of o){let a=Pn(s[c],i(c,it[c]));a.length>1&&n.push(c),s[c]=a;}T__namespace.writeFileSync(t,JSON.stringify(r,null,2)+`
36
- `,{encoding:"utf8",mode:384});try{T__namespace.chmodSync(t,384);}catch{}}finally{He(e);}return {settingsPath:t,preserved:n}}var Os,ce=h(()=>{"use strict";A();yt();se();ie();Os=ee.LOCK_STALE_MS;});function Dt(){let t=ct__namespace.default.homedir();if(process.platform==="darwin")return Ot__namespace.default.join(t,"Library","Preferences",Qt,te);if(process.platform==="win32"){let n=process.env.APPDATA??Ot__namespace.default.join(t,"AppData","Roaming");return Ot__namespace.default.join(n,Qt,te)}let e=process.env.XDG_CONFIG_HOME??Ot__namespace.default.join(t,".config");return Ot__namespace.default.join(e,Qt,te)}function We(){try{let t=T__namespace.default.readFileSync(Dt(),"utf8");return JSON.parse(t)}catch{return {}}}function Nn(t){let e=Dt();T__namespace.default.mkdirSync(Ot__namespace.default.dirname(e),{recursive:true}),T__namespace.default.writeFileSync(e,JSON.stringify(t,null,2),{encoding:"utf8",mode:384});}var je,le,Un=h(()=>{"use strict";A();je={credentials:"credentials","token-cache":"tokenCache"};le=class{static isAvailable(){return !0}static hasExistingData(){try{if(!T__namespace.default.existsSync(Dt()))return !1;let e=JSON.parse(T__namespace.default.readFileSync(Dt(),"utf8"));return !!(e&&e.credentials)}catch{return !1}}async getSecret(e,n){let r=We(),i=je[n]??n,o=r[i];return o?typeof o=="string"?o:JSON.stringify(o):null}async setSecret(e,n,r){let i=We(),o=je[n]??n;if(n==="token-cache")try{i[o]=JSON.parse(r);}catch{i[o]=r;}else i[o]=r;Nn(i);}async deleteSecret(e,n){let r=We(),i=je[n]??n;return i in r?(delete r[i],Nn(r),!0):!1}getStoragePath(){return `config.json (unencrypted) \u2014 ${Dt()}`}};});var Cn={};J(Cn,{MacOsKeyVaultProvider:()=>Ye});var Ve,Ye,$n=h(()=>{"use strict";Ve=util.promisify(child_process.execFile),Ye=class{static async isAvailable(){try{return T.accessSync("/usr/bin/security",T.constants.X_OK),!0}catch{return !1}}async getSecret(e,n){try{let{stdout:r}=await Ve("security",["find-generic-password","-w","-a",n,"-s",e]);return r.trim()||null}catch{return null}}async setSecret(e,n,r){await Ve("security",["add-generic-password","-U","-a",n,"-s",e,"-w",r]);}async deleteSecret(e,n){try{return await Ve("security",["delete-generic-password","-a",n,"-s",e]),!0}catch{return !1}}getStoragePath(){return "macOS Keychain"}};});var xn={};J(xn,{LinuxKeyVaultProvider:()=>Ge});var Fn,Ge,Dn=h(()=>{"use strict";Fn=util.promisify(child_process.execFile),Ge=class{static async isAvailable(){let e=["/usr/bin/secret-tool","/bin/secret-tool","/usr/local/bin/secret-tool"];for(let n of e)try{return T.accessSync(n,T.constants.X_OK),!0}catch{}return !1}async getSecret(e,n){try{let{stdout:r}=await Fn("secret-tool",["lookup","service",e,"account",n]);return r.trim()||null}catch{return null}}async setSecret(e,n,r){await new Promise((i,o)=>{let s=child_process.spawn("secret-tool",["store","--label",e,"service",e,"account",n]);s.on("error",o),s.on("close",c=>{c===0?i():o(new Error(`secret-tool exited with code ${c}`));}),s.stdin.write(r),s.stdin.end();});}async deleteSecret(e,n){try{return await Fn("secret-tool",["clear","service",e,"account",n]),!0}catch{return !1}}getStoragePath(){return "Linux Secret Service (libsecret)"}};});var Bn={};J(Bn,{WindowsKeyVaultProvider:()=>Je});var Je,Mn=h(()=>{"use strict";Je=class{static async isAvailable(){try{return await Ct("keytar").getPassword("__flow_probe__","__flow_probe__"),!0}catch{return !1}}async getSecret(e,n){return Ct("keytar").getPassword(e,n)}async setSecret(e,n,r){await Ct("keytar").setPassword(e,n,r);}async deleteSecret(e,n){return Ct("keytar").deletePassword(e,n)}getStoragePath(){return "Windows Credential Manager"}};});async function Hn(){return await $s()??new le}async function $s(){switch(process.platform){case "darwin":{let{MacOsKeyVaultProvider:t}=await Promise.resolve().then(()=>($n(),Cn));return await t.isAvailable()?new t:null}case "linux":{let{LinuxKeyVaultProvider:t}=await Promise.resolve().then(()=>(Dn(),xn));return await t.isAvailable()?new t:null}case "win32":{let{WindowsKeyVaultProvider:t}=await Promise.resolve().then(()=>(Mn(),Bn));return await t.isAvailable()?new t:null}default:return null}}var jn=h(()=>{"use strict";Un();});function Yn(){return Ke||(Ke=Hn()),Ke}async function Mt(t){await(await Yn()).setSecret(Wn,Vn,JSON.stringify({accessToken:t.accessToken,expiresAt:t.expiresAt,lastAuthCheckAt:t.lastAuthCheckAt}));}async function q(){let e=await(await Yn()).getSecret(Wn,Vn);if(!e)return null;try{let n=JSON.parse(e);return {accessToken:n.accessToken,expiresAt:n.expiresAt,lastAuthCheckAt:n.lastAuthCheckAt}}catch{return null}}async function ue(){let t=await q();return t?new Date(t.expiresAt)>new Date:false}async function lt(){let t=await q();if(!t||!t.accessToken)return null;try{let e=t.accessToken.split(".");if(e.length<2)return null;let n=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return n.email??n.preferred_username??n.upn??n.sub??null}catch{return null}}var Wn,Bi,Vn,Ke,de=h(()=>{"use strict";jn();A();Wn=Zt.SERVICE,Bi=Zt.ACCOUNT_CREDS,Vn=Zt.ACCOUNT_TOKEN,Ke=null;});function xs(t){return Fs.some(e=>e.test(t))}function Ds(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let n=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return n.email||n.preferred_username||n.upn||n.sub||null}catch{return null}}function W(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let n=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8")),{clientId:r,clientSecret:i,tenant:o}=n;return !r||!i||!o?null:{clientId:r,clientSecret:i,tenant:o}}catch{return null}}function Gn(t){let e=Buffer.from(JSON.stringify({alg:"none",typ:"JWT"})).toString("base64url"),n=Buffer.from(JSON.stringify({clientId:t.clientId,clientSecret:t.clientSecret,tenant:t.tenant})).toString("base64url");return `${e}.${n}.`}function ut(t){let e;try{e=new URL(t);}catch{throw new Error(`Invalid URL: ${t}`)}let n=process.env[S.FLOW_OBS_ALLOW_HTTP]==="true";if(!n&&e.protocol!=="https:")throw new Error(`URL must use HTTPS: ${t}`);if(e.username||e.password)throw new Error(`URL must not contain embedded credentials: ${t}`);if(!n&&xs(e.hostname))throw new Error(`SSRF: private/loopback host not allowed: ${e.hostname}`);return t}async function Jn(){let t=W(process.env[S.ANTHROPIC_AUTH_TOKEN]);return t?{user:await lt().catch(()=>null)??t.clientId,tenant:t.tenant}:{user:"",tenant:""}}function Bs(){return new Date().toISOString().slice(0,10)}async function Ms(t){let e=Bs(),n=await q();if(n?.lastAuthCheckAt!==e){l("getOrRefreshToken",`daily auth check (last: ${n?.lastAuthCheckAt??"never"})`);try{let o=await j(t);try{await Mt({...o,lastAuthCheckAt:e});}catch{}return l("getOrRefreshToken",`daily check passed, expires=${o.expiresAt}`),o.accessToken}catch(o){if(o instanceof at)throw o;l("getOrRefreshToken",`daily check network error \u2014 using cache: ${o.message}`);}}let r=n!=null&&new Date(n.expiresAt)>new Date;if(l("getOrRefreshToken",`cacheValid=${r}`),r)return l("getOrRefreshToken",`using cached token, expires=${n.expiresAt}`),n.accessToken;l("getOrRefreshToken",`token expired \u2014 refreshing via auth-engine (tenant=${t.tenant} clientId=${t.clientId})`);let i=await j(t);try{await Mt({...i,lastAuthCheckAt:e});}catch(o){l("getOrRefreshToken",`token cache save failed (non-fatal): ${o.message}`);}return l("getOrRefreshToken",`token refreshed, expires=${i.expiresAt}`),i.accessToken}function Hs(t,e){let n=e&&e.accessToken?e.accessToken:"";return {endpoint:t.replace(/\/$/,"")+"/flow-langfuse-gateway/v1/traces",authHeader:`Bearer ${n}`}}function js(t,e,n){let r=Buffer.from(`${e}:${n}`).toString("base64");return {endpoint:t.replace(/\/$/,"")+"/api/public/otel/v1/traces",authHeader:`Basic ${r}`}}async function V(){let t=[],e=process.env[S.ANTHROPIC_MODEL]??"",n=W(process.env[S.ANTHROPIC_AUTH_TOKEN]);l("resolveCredentials",n?"credentials resolved from ANTHROPIC_AUTH_TOKEN":"ANTHROPIC_AUTH_TOKEN absent or invalid"),n&&l("resolveCredentials",`clientId=${n.clientId}`,`tenant=${n.tenant}`);let r=n?n.tenant:"",i=process.env[S.FLOW_TELEMETRY]==="true",o=process.env[S.LANGFUSE_BASE_URL],s=process.env[S.LANGFUSE_PUBLIC_KEY],c=process.env[S.LANGFUSE_SECRET_KEY];if(i&&o&&s&&c){let u="",f=r;n&&(u=await lt().catch(()=>null)??n.clientId);let O={user:u??"",tenant:f??"",team:"",project:"",model:e};t.push({mode:"direct",...js(ut(o),s,c),...O}),l("resolveCredentials","direct mode active",`user=${O.user}`,`tenant=${O.tenant}`);}if(!n){if(t.length===0){let u=[];return u.authError=false,u}return t}let a;try{a=await Ms(n);}catch(u){if(l("resolveCredentials",`token refresh failed: ${u.message}`,`(tenant=${n.tenant} clientId=${n.clientId})`),t.length>0)return t.authError=true,t;let f=[];return f.authError=true,f}let g={user:Ds(a)??n.clientId,tenant:r,team:"",project:"",model:e},E=process.env[S.FLOW_TELEMETRY_GATEWAY]??M();return t.push({mode:"gateway",...Hs(ut(E),{accessToken:a}),...g}),t}async function Kn(){return (await V()).length>0}var Fs,Y=h(()=>{"use strict";de();yt();A();$();Fs=[/^localhost\.?$/i,/^127\./,/^10\./,/^172\.(1[6-9]|2\d|3[01])\./,/^192\.168\./,/^169\.254\./,/^0\.0\.0\.0$/,/^::1$/,/^\[::1\]$/,/^\[::ffff:/i,/^\[f[cd]/i,/^\[fe80:/i,/^metadata\.google\.internal\.?$/i,/^metadata\.azure\.internal\.?$/i,/(?:^|\.)localtest\.me\.?$/i,/(?:^|\.)lvh\.me\.?$/i,/(?:^|\.)vcap\.me\.?$/i];});function qn(){if(process.env.WSL_DISTRO_NAME&&process.platform==="linux")return child_process.spawnSync("cmd.exe",["/c","where","claude"],{encoding:"utf8",timeout:5e3}).status===0;let t=process.platform==="win32"?"where":"which";return child_process.spawnSync(t,["claude"],{encoding:"utf8",timeout:5e3}).status===0}function Xn(){try{if(process.env.WSL_DISTRO_NAME&&process.platform==="linux"){let e=child_process.spawnSync("cmd.exe",["/c","claude","--version"],{encoding:"utf8",timeout:5e3});return e.status===0?e.stdout.trim():null}let t=child_process.spawnSync("claude",["--version"],{encoding:"utf8",timeout:5e3});return t.status===0?t.stdout.trim():null}catch{return null}}var zn=h(()=>{"use strict";});function Gs(){return Ot__namespace.default.join(ct__namespace.default.homedir(),".claude","flow-obs",".logged-out")}function Zn(){try{T__namespace.default.unlinkSync(Gs());}catch{}}var Qn=h(()=>{"use strict";});function er(t,e,n,r,i){if(process.env[S.FLOW_OBS_DEBUG]!=="1")return;let o=JSON.stringify({ts:new Date().toISOString(),request:{method:"POST",url:t,headers:e,body:JSON.parse(n)},response:{status:r,body:i}});try{T.writeFileSync(tr,o+`
37
- `,{flag:"a",encoding:"utf8",mode:384}),l("sendTraces:dump",`request appendada em ${tr}`);}catch(s){l("sendTraces:dump",`falha ao salvar: ${s.message}`);}}function Zs(t){let e=new URL(t),n=new URL(wt().GATEWAY_HEALTH);return n.hostname=e.hostname,n.port=e.port,n.protocol=e.protocol,n}function nr(t,e){return new Promise((n,r)=>{let i=t._isSSL?ss__default.default:ws__default.default;t.headers=Object.assign({},t.headers,{Connection:"close"});let o=i.request(t,s=>{let c=[];s.on("data",a=>c.push(a)),s.on("end",()=>n({statusCode:s.statusCode??0,body:c.join("")}));});o.setTimeout(1e4,()=>{o.destroy(new Error("Request timeout"));}),o.on("error",s=>r(new Error(`Network error: ${s.message}`))),e&&o.write(e),o.end();})}async function At(t,e){let n;try{n=Zs(t);}catch{return false}let r=n.protocol==="https:";try{let i={};e&&(i.Authorization=String(e).replace(/[\r\n]/g,""));let o=await nr({hostname:n.hostname,port:n.port||(r?443:80),path:n.pathname,method:"GET",headers:i,_isSSL:r},null);return l("checkHealth",`url=${n.href} status=${o.statusCode}`),o.statusCode>=200&&o.statusCode<300}catch{return false}}async function fe(t,e,n){let r=JSON.stringify(t),i=new URL(e),o=i.protocol==="https:",s=String(n).replace(/[\r\n]/g,""),c={"Content-Type":"application/json",Authorization:s,"Content-Length":Buffer.byteLength(r)};l("sendTraces:request",`POST ${e}`),l("sendTraces:request",`headers=${JSON.stringify({...c,Authorization:s.slice(0,20)+"\u2026"})}`),l("sendTraces:request",`body=${r.slice(0,500)}${r.length>500?"\u2026":""}`);try{let a=await nr({hostname:i.hostname,port:i.port||(o?443:80),path:i.pathname,method:"POST",headers:c,_isSSL:o},r);return l("sendTraces:response",`status=${a.statusCode}`),er(e,c,r,a.statusCode,a.body),a.statusCode}catch(a){return l("sendTraces:error",a.message),er(e,c,r,0,a.message),0}}var tr,me=h(()=>{"use strict";A();$();tr=Ot.join(ct.tmpdir(),"flow-obs-requests.ndjson");});var ge={};J(ge,{promptRaw:()=>vt,runLogin:()=>no});function dt(t){return typeof t=="string"?t.replace(Qs,""):t}function rr(){return Ft()??kt("FLOW_BASE_URL")??process.env.FLOW_BASE_URL??M()}async function to(){let t=await q();if(!t?.accessToken)return false;let n=`${rr()}/flow-langfuse-gateway/v1/health`;try{return await At(n,t.accessToken)}catch{return false}}function vt(t,e={}){return new Promise((n,r)=>{if(typeof process.stdin.setRawMode!="function"){r(new Error("NOT_A_TTY"));return}let{masked:i=false,defaultValue:o=""}=e;process.stdout.write(t+o);let s=o;function c(){try{process.stdin.setRawMode(!1);}catch{}}process.once("uncaughtException",c),process.once("unhandledRejection",c);let a=g=>{if(g===""){d(),r(new Error("SIGINT"));return}if(g==="\r"||g===`
38
- `){d(),process.stdout.write(`
39
- `),n(s);return}if(g==="\x7F"){s.length>0&&(s=s.slice(0,-1),process.stdout.write("\b \b"));return}g.startsWith("\x1B")||(s+=g,process.stdout.write(i?"*".repeat(g.length):g));};function d(){process.stdin.setRawMode(false),process.stdin.removeListener("data",a),process.removeListener("uncaughtException",c),process.removeListener("unhandledRejection",c);}process.stdin.setRawMode(true),process.stdin.resume(),process.stdin.setEncoding("utf8"),process.stdin.on("data",a);})}async function sr(t){let{accessToken:e,expiresAt:n}=await j(t),r=Gn(t);xt({[S.ANTHROPIC_AUTH_TOKEN]:r}),Zn(),await Mt({accessToken:e,expiresAt:n});}async function eo(){try{process.stdout.write(`
40
- `);let t=(await vt(I(" ? ")+"Client ID: ")).trim(),e=(await vt(I(" ? ")+"Client Secret: ",{masked:!0})).trim(),n=(await vt(I(" ? ")+"Tenant: ")).trim();return !t||!e||!n?(process.stderr.write(P(` \u2717 All fields are required
41
- `)),1):(await sr({clientId:t,clientSecret:e,tenant:n}),process.stdout.write(B(` \u2713 Authenticated. Tenant: ${dt(n)}
42
- `)),process.stdout.write(k(` Storage: ANTHROPIC_AUTH_TOKEN (settings.json)
43
-
44
- `)),0)}catch(t){if(t.message==="SIGINT"||t.message==="NOT_A_TTY")throw t;return process.stderr.write(P(` \u2717 Authentication failed: ${dt(t.message)}
45
- `)),1}}async function no(t={}){let e=ne();if(e)return e;if(t.clientId&&t.clientSecret&&t.tenant)try{return await sr({clientId:t.clientId,clientSecret:t.clientSecret,tenant:t.tenant}),process.stdout.write(B(` \u2713 Authenticated. Tenant: ${dt(t.tenant)}
46
-
47
- `)),0}catch(s){return process.stderr.write(P(` \u2717 Authentication failed: ${dt(s.message)}
48
- `)),1}let n=rr(),r=kt(S.ANTHROPIC_AUTH_TOKEN)??void 0,i=W(r);if(process.stdout.write(`
49
- `),process.stdout.write(b(` Auth
50
- `)),i){let s=await ue()&&await to(),c=await lt()||i.clientId;if(s?process.stdout.write(` \u2713 Authenticated
51
- `):process.stdout.write(v(` \u26A0 Session not valid for current endpoint
52
- `)),process.stdout.write(k(" URL: ")+dt(n)+`
53
- `),process.stdout.write(k(" Tenant: ")+dt(i.tenant)+`
54
- `),process.stdout.write(k(" User: ")+dt(c)+`
33
+ `),1}var ne=g(()=>{"use strict";it();});function In(){if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let e=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(e)return {home:e,username:process.env.SUDO_USER}}return {home:ut__namespace.homedir(),username:process.env.SUDO_USER||process.env.USER||ut__namespace.userInfo().username}}function U(){if(process.env.WSL_DISTRO_NAME&&process.platform==="linux"){let t=process.env.USERPROFILE;if(!t){let n=child_process.spawnSync("cmd.exe",["/c","echo","%USERPROFILE%"],{encoding:"utf8",timeout:5e3}).stdout?.trim();n&&/^[A-Za-z]:\\/.test(n)&&(t=n);}if(t){let e=t.replace(/^([A-Za-z]):/,(n,r)=>`/mnt/${r.toLowerCase()}`).replace(/\\/g,"/");return kt__namespace.join(e,".claude","settings.json")}return kt__namespace.join(ut__namespace.homedir(),".claude","settings.json")}if(process.platform==="win32"){let t=process.env.USERPROFILE||ut__namespace.homedir();return kt__namespace.join(t,".claude","settings.json")}if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let e=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(e)return kt__namespace.join(e,".claude","settings.json")}return kt__namespace.join(ut__namespace.homedir(),".claude","settings.json")}var re=g(()=>{"use strict";ne();});function se(){if(process.platform==="win32"){let n=process.env.APPDATA||kt__namespace.join(ut__namespace.homedir(),"AppData","Roaming");return kt__namespace.join(n,Nn,Un)}let t=In(),e=process.env.XDG_CONFIG_HOME||kt__namespace.join(t.home,".config");return kt__namespace.join(e,Nn,Un)}function Me(){try{let t=A__namespace.readFileSync(U(),"utf8"),n=JSON.parse(t).env?.FLOW_BASE_URL;return typeof n=="string"&&n.trim()?n.trim():null}catch{return null}}function $n(){try{let t=A__namespace.readFileSync(U(),"utf8");return JSON.parse(t).env??null}catch{return null}}var Nn,Un,He=g(()=>{"use strict";re();Nn="flow-ai-obs",Un="config.json";});function Fn(t){try{let e=A__namespace.statSync(t);Date.now()-e.mtimeMs>Us&&A__namespace.unlinkSync(t);}catch{}try{A__namespace.writeFileSync(t,String(process.pid),{flag:"wx"});}catch(e){throw e.code==="EEXIST"?new Error("Another install is already in progress. If this is stale, remove: "+t):e}}function xn(t){try{A__namespace.unlinkSync(t);}catch{}}function Cs(t,e){let r=(Array.isArray(t)?t:[]).map(s=>{if(!Array.isArray(s?.hooks))return null;let i=s.hooks.filter(o=>!o.command?.startsWith?.("flow-ai-obs "));return i.length>0?{...s,hooks:i}:null}).filter(s=>s!=null);return [e,...r]}function Dn(t,e){let n=U(),r=n+".lock",s=[];A__namespace.mkdirSync(kt__namespace.dirname(n),{recursive:true}),Fn(r);try{if(A__namespace.existsSync(n)){A__namespace.copyFileSync(n,n+".bkp");try{A__namespace.chmodSync(n+".bkp",384);}catch{}}let i=se();if(A__namespace.existsSync(i)){let m=i+".bkp";A__namespace.copyFileSync(i,m);try{A__namespace.chmodSync(m,384);}catch{}}let o={};try{o=JSON.parse(A__namespace.readFileSync(n,"utf8"));}catch{}let a=o.env&&typeof o.env=="object"?o.env:{};delete a.OTEL_EXPORTER_OTLP_HEADERS;let c=t?{...X,OTEL_EXPORTER_OTLP_ENDPOINT:t}:X;o.env={...a,...c,...e??{}},o.otelHeadersHelper="flow-ai-obs otel-headers",(!o.hooks||typeof o.hooks!="object"||Array.isArray(o.hooks))&&(o.hooks={});let u=(m,w)=>({matcher:"",hooks:[{type:"command",command:`flow-ai-obs ${m}`,timeout:w}]}),E=["UserPromptSubmit","PreToolUse","PostToolUse","Stop"],O=o.hooks;for(let m of E){let w=Cs(O[m],u(m,Ot[m]));w.length>1&&s.push(m),O[m]=w;}A__namespace.writeFileSync(n,JSON.stringify(o,null,2)+`
34
+ `,{encoding:"utf8",mode:384});try{A__namespace.chmodSync(n,384);}catch{}}finally{xn(r);}return {settingsPath:n,preserved:s}}function We(t){try{let e=A__namespace.readFileSync(U(),"utf8"),r=JSON.parse(e).env?.[t];return typeof r=="string"?r:null}catch{return null}}function oe(t){let e=U(),n=e+".lock";A__namespace.mkdirSync(kt__namespace.dirname(e),{recursive:true}),Fn(n);try{let r={};try{r=JSON.parse(A__namespace.readFileSync(e,"utf8"));}catch{}(!r.env||typeof r.env!="object")&&(r.env={}),Object.assign(r.env,t),A__namespace.writeFileSync(e,JSON.stringify(r,null,2)+`
35
+ `,{encoding:"utf8",mode:384});try{A__namespace.chmodSync(e,384);}catch{}}finally{xn(n);}}var Us,xt=g(()=>{"use strict";R();lt();re();He();Us=te.LOCK_STALE_MS;});function Dt(){let t=ut__namespace.default.homedir();if(process.platform==="darwin")return kt__namespace.default.join(t,"Library","Preferences",Zt,Qt);if(process.platform==="win32"){let n=process.env.APPDATA??kt__namespace.default.join(t,"AppData","Roaming");return kt__namespace.default.join(n,Zt,Qt)}let e=process.env.XDG_CONFIG_HOME??kt__namespace.default.join(t,".config");return kt__namespace.default.join(e,Zt,Qt)}function Ye(){try{let t=A__namespace.default.readFileSync(Dt(),"utf8");return JSON.parse(t)}catch{return {}}}function Bn(t){let e=Dt();A__namespace.default.mkdirSync(kt__namespace.default.dirname(e),{recursive:true}),A__namespace.default.writeFileSync(e,JSON.stringify(t,null,2),{encoding:"utf8",mode:384});}var Ve,ie,Mn=g(()=>{"use strict";R();Ve={credentials:"credentials","token-cache":"tokenCache"};ie=class{static isAvailable(){return !0}static hasExistingData(){try{if(!A__namespace.default.existsSync(Dt()))return !1;let e=JSON.parse(A__namespace.default.readFileSync(Dt(),"utf8"));return !!(e&&e.credentials)}catch{return !1}}async getSecret(e,n){let r=Ye(),s=Ve[n]??n,i=r[s];return i?typeof i=="string"?i:JSON.stringify(i):null}async setSecret(e,n,r){let s=Ye(),i=Ve[n]??n;if(n==="token-cache")try{s[i]=JSON.parse(r);}catch{s[i]=r;}else s[i]=r;Bn(s);}async deleteSecret(e,n){let r=Ye(),s=Ve[n]??n;return s in r?(delete r[s],Bn(r),!0):!1}getStoragePath(){return `config.json (unencrypted) \u2014 ${Dt()}`}};});var Hn={};D(Hn,{MacOsKeyVaultProvider:()=>Je});var Ge,Je,jn=g(()=>{"use strict";Ge=util.promisify(child_process.execFile),Je=class{static async isAvailable(){try{return A.accessSync("/usr/bin/security",A.constants.X_OK),!0}catch{return !1}}async getSecret(e,n){try{let{stdout:r}=await Ge("security",["find-generic-password","-w","-a",n,"-s",e]);return r.trim()||null}catch{return null}}async setSecret(e,n,r){await Ge("security",["add-generic-password","-U","-a",n,"-s",e,"-w",r]);}async deleteSecret(e,n){try{return await Ge("security",["delete-generic-password","-a",n,"-s",e]),!0}catch{return !1}}getStoragePath(){return "macOS Keychain"}};});var Vn={};D(Vn,{LinuxKeyVaultProvider:()=>Ke});var Wn,Ke,Yn=g(()=>{"use strict";Wn=util.promisify(child_process.execFile),Ke=class{static async isAvailable(){let e=["/usr/bin/secret-tool","/bin/secret-tool","/usr/local/bin/secret-tool"];for(let n of e)try{return A.accessSync(n,A.constants.X_OK),!0}catch{}return !1}async getSecret(e,n){try{let{stdout:r}=await Wn("secret-tool",["lookup","service",e,"account",n]);return r.trim()||null}catch{return null}}async setSecret(e,n,r){await new Promise((s,i)=>{let o=child_process.spawn("secret-tool",["store","--label",e,"service",e,"account",n]);o.on("error",i),o.on("close",a=>{a===0?s():i(new Error(`secret-tool exited with code ${a}`));}),o.stdin.write(r),o.stdin.end();});}async deleteSecret(e,n){try{return await Wn("secret-tool",["clear","service",e,"account",n]),!0}catch{return !1}}getStoragePath(){return "Linux Secret Service (libsecret)"}};});var Gn={};D(Gn,{WindowsKeyVaultProvider:()=>qe});var qe,Jn=g(()=>{"use strict";qe=class{static async isAvailable(){try{return await Ct("keytar").getPassword("__flow_probe__","__flow_probe__"),!0}catch{return !1}}async getSecret(e,n){return Ct("keytar").getPassword(e,n)}async setSecret(e,n,r){await Ct("keytar").setPassword(e,n,r);}async deleteSecret(e,n){return Ct("keytar").deletePassword(e,n)}getStoragePath(){return "Windows Credential Manager"}};});async function Kn(){return await Ys()??new ie}async function Ys(){switch(process.platform){case "darwin":{let{MacOsKeyVaultProvider:t}=await Promise.resolve().then(()=>(jn(),Hn));return await t.isAvailable()?new t:null}case "linux":{let{LinuxKeyVaultProvider:t}=await Promise.resolve().then(()=>(Yn(),Vn));return await t.isAvailable()?new t:null}case "win32":{let{WindowsKeyVaultProvider:t}=await Promise.resolve().then(()=>(Jn(),Gn));return await t.isAvailable()?new t:null}default:return null}}var qn=g(()=>{"use strict";Mn();});var zn={};D(zn,{clearFlowCredentials:()=>Js,getConfigPath:()=>qs,getEmailFromToken:()=>ae,getFlowCredentials:()=>Xn,getTokenCache:()=>Mt,hasCredentials:()=>Xs,isTokenValid:()=>Ks,saveFlowCredentials:()=>Gs,saveTokenCache:()=>z});function Rt(){return Xe||(Xe=Kn()),Xe}async function Xn(){let e=await(await Rt()).getSecret(Lt,ze);if(!e)return null;try{return JSON.parse(e)}catch{return null}}async function Gs(t){if(!t.clientId||!t.clientSecret||!t.tenant)throw new Error("clientId, clientSecret and tenant are required");await(await Rt()).setSecret(Lt,ze,JSON.stringify(t));}async function Js(){let t=await Rt();await t.deleteSecret(Lt,ze),await t.deleteSecret(Lt,Ze);}async function z(t){await(await Rt()).setSecret(Lt,Ze,JSON.stringify({accessToken:t.accessToken,expiresAt:t.expiresAt,lastAuthCheckAt:t.lastAuthCheckAt}));}async function Mt(){let e=await(await Rt()).getSecret(Lt,Ze);if(!e)return null;try{let n=JSON.parse(e);return {accessToken:n.accessToken,expiresAt:n.expiresAt,lastAuthCheckAt:n.lastAuthCheckAt}}catch{return null}}async function Ks(){let t=await Mt();return t?new Date(t.expiresAt)>new Date:false}async function ae(){let t=await Mt();if(!t||!t.accessToken)return null;try{let e=t.accessToken.split(".");if(e.length<2)return null;let n=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return n.email??n.preferred_username??n.upn??n.sub??null}catch{return null}}async function qs(){let t=await Rt();if(typeof t.getStoragePath=="function")return t.getStoragePath();let e=process.platform;return e==="darwin"?"macOS Keychain":e==="win32"?"Windows Credential Manager":"Linux Secret Service (libsecret)"}async function Xs(){let t=await Xn();return !!(t&&t.clientId&&t.clientSecret&&t.tenant)}var Lt,ze,Ze,Xe,Ht=g(()=>{"use strict";qn();R();Lt=zt.SERVICE,ze=zt.ACCOUNT_CREDS,Ze=zt.ACCOUNT_TOKEN,Xe=null;});function Zs(t){return zs.some(e=>e.test(t))}function Qs(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let n=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return n.email||n.preferred_username||n.upn||n.sub||null}catch{return null}}function Z(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let n=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8")),{clientId:r,clientSecret:s,tenant:i}=n;return !r||!s||!i?null:{clientId:r,clientSecret:s,tenant:i}}catch{return null}}function Zn(t){let e=Buffer.from(JSON.stringify({alg:"none",typ:"JWT"})).toString("base64url"),n=Buffer.from(JSON.stringify({clientId:t.clientId,clientSecret:t.clientSecret,tenant:t.tenant})).toString("base64url");return `${e}.${n}.`}function dt(t){let e;try{e=new URL(t);}catch{throw new Error(`Invalid URL: ${t}`)}let n=process.env[h.FLOW_OBS_ALLOW_HTTP]==="true";if(!n&&e.protocol!=="https:")throw new Error(`URL must use HTTPS: ${t}`);if(e.username||e.password)throw new Error(`URL must not contain embedded credentials: ${t}`);if(!n&&Zs(e.hostname))throw new Error(`SSRF: private/loopback host not allowed: ${e.hostname}`);return t}async function Qn(){let t=Z(process.env[h.ANTHROPIC_AUTH_TOKEN]);return t?{user:await ae().catch(()=>null)??t.clientId,tenant:t.tenant}:{user:"",tenant:""}}function to(){return new Date().toISOString().slice(0,10)}async function eo(t){let e=to(),n=await Mt();if(n?.lastAuthCheckAt!==e){l("getOrRefreshToken",`daily auth check (last: ${n?.lastAuthCheckAt??"never"})`);try{let i=await $(t);try{await z({...i,lastAuthCheckAt:e});}catch{}return l("getOrRefreshToken",`daily check passed, expires=${i.expiresAt}`),i.accessToken}catch(i){if(i instanceof ct)throw i;l("getOrRefreshToken",`daily check network error \u2014 using cache: ${i.message}`);}}let r=n!=null&&new Date(n.expiresAt)>new Date;if(l("getOrRefreshToken",`cacheValid=${r}`),r)return l("getOrRefreshToken",`using cached token, expires=${n.expiresAt}`),n.accessToken;l("getOrRefreshToken",`token expired \u2014 refreshing via auth-engine (tenant=${t.tenant} clientId=${t.clientId})`);let s=await $(t);try{await z({...s,lastAuthCheckAt:e});}catch(i){l("getOrRefreshToken",`token cache save failed (non-fatal): ${i.message}`);}return l("getOrRefreshToken",`token refreshed, expires=${s.expiresAt}`),s.accessToken}function no(t,e){let n=e&&e.accessToken?e.accessToken:"";return {endpoint:t.replace(/\/$/,"")+"/flow-langfuse-gateway/v1/traces",authHeader:`Bearer ${n}`}}function ro(t,e,n){let r=Buffer.from(`${e}:${n}`).toString("base64");return {endpoint:t.replace(/\/$/,"")+"/api/public/otel/v1/traces",authHeader:`Basic ${r}`}}async function G(){let t=[],e=process.env[h.ANTHROPIC_MODEL]??"",n=Z(process.env[h.ANTHROPIC_AUTH_TOKEN]);l("resolveCredentials",n?"credentials resolved from ANTHROPIC_AUTH_TOKEN":"ANTHROPIC_AUTH_TOKEN absent or invalid"),n&&l("resolveCredentials",`clientId=${n.clientId}`,`tenant=${n.tenant}`);let r=n?n.tenant:"",s=process.env[h.FLOW_TELEMETRY]==="true",i=process.env[h.LANGFUSE_BASE_URL],o=process.env[h.LANGFUSE_PUBLIC_KEY],a=process.env[h.LANGFUSE_SECRET_KEY];if(s&&i&&o&&a){let m="",w=r;n&&(m=await ae().catch(()=>null)??n.clientId);let d={user:m??"",tenant:w??"",team:"",project:"",model:e};t.push({mode:"direct",...ro(dt(i),o,a),...d}),l("resolveCredentials","direct mode active",`user=${d.user}`,`tenant=${d.tenant}`);}if(!n){if(t.length===0){let m=[];return m.authError=false,m}return t}let c;try{c=await eo(n);}catch(m){if(l("resolveCredentials",`token refresh failed: ${m.message}`,`(tenant=${n.tenant} clientId=${n.clientId})`),t.length>0)return t.authError=true,t;let w=[];return w.authError=true,w}let E={user:Qs(c)??n.clientId,tenant:r,team:"",project:"",model:e},O=process.env[h.FLOW_TELEMETRY_GATEWAY]??yt();return t.push({mode:"gateway",...no(dt(O),{accessToken:c}),...E}),t}async function ce(){return (await G()).length>0}var zs,H=g(()=>{"use strict";Ht();lt();R();M();zs=[/^localhost\.?$/i,/^127\./,/^10\./,/^172\.(1[6-9]|2\d|3[01])\./,/^192\.168\./,/^169\.254\./,/^0\.0\.0\.0$/,/^::1$/,/^\[::1\]$/,/^\[::ffff:/i,/^\[f[cd]/i,/^\[fe80:/i,/^metadata\.google\.internal\.?$/i,/^metadata\.azure\.internal\.?$/i,/(?:^|\.)localtest\.me\.?$/i,/(?:^|\.)lvh\.me\.?$/i,/(?:^|\.)vcap\.me\.?$/i];});function tr(){if(process.env.WSL_DISTRO_NAME&&process.platform==="linux")return child_process.spawnSync("cmd.exe",["/c","where","claude"],{encoding:"utf8",timeout:5e3}).status===0;let t=process.platform==="win32"?"where":"which";return child_process.spawnSync(t,["claude"],{encoding:"utf8",timeout:5e3}).status===0}function er(){try{if(process.env.WSL_DISTRO_NAME&&process.platform==="linux"){let e=child_process.spawnSync("cmd.exe",["/c","claude","--version"],{encoding:"utf8",timeout:5e3});return e.status===0?e.stdout.trim():null}let t=child_process.spawnSync("claude",["--version"],{encoding:"utf8",timeout:5e3});return t.status===0?t.stdout.trim():null}catch{return null}}var nr=g(()=>{"use strict";});var sr={};D(sr,{clearLoggedOutMarker:()=>tn,isLoggedOut:()=>io,markLoggedOut:()=>oo});function Qe(){return kt__namespace.default.join(ut__namespace.default.homedir(),".claude","flow-obs",".logged-out")}function oo(){try{let t=Qe();A__namespace.default.mkdirSync(kt__namespace.default.dirname(t),{recursive:!0}),A__namespace.default.writeFileSync(t,"",{mode:384});}catch{}}function tn(){try{A__namespace.default.unlinkSync(Qe());}catch{}}function io(){try{return A__namespace.default.existsSync(Qe())}catch{return false}}var en=g(()=>{"use strict";});function nn(){let t=process.env.FLOW_BASE_URL;return t&&t.trim()?t.trim():We("FLOW_BASE_URL")}function ao(){return We(h.ANTHROPIC_AUTH_TOKEN)??void 0}async function de(){let t=nn();if(!t)return {ok:false,baseUrl:"",user:"",tenant:"",notConfigured:true,error:"NOT_CONFIGURED"};try{let s=new URL(t);if(s.protocol!=="https:"&&s.protocol!=="http:")throw new Error}catch{return {ok:false,baseUrl:t,user:"",tenant:"",notConfigured:true,error:"NOT_CONFIGURED"}}let e=ao(),n=Z(e);if(!n)return {ok:false,baseUrl:t,user:"",tenant:"",error:"No credentials found"};let r=process.env.FLOW_BASE_URL;process.env.FLOW_BASE_URL=t;try{let s=await $({clientId:n.clientId,clientSecret:n.clientSecret,tenant:n.tenant});await z({accessToken:s.accessToken,expiresAt:s.expiresAt});let i=n.clientId;try{let o=s.accessToken.split(".");if(o.length>=2){let a=JSON.parse(Buffer.from(o[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));i=a.email??a.preferred_username??a.upn??a.sub??i;}}catch{}return {ok:!0,baseUrl:t,user:i,tenant:n.tenant}}catch(s){return {ok:false,baseUrl:t,user:n.clientId,tenant:n.tenant,error:s.message}}finally{r===void 0?delete process.env.FLOW_BASE_URL:process.env.FLOW_BASE_URL=r;}}var rn=g(()=>{"use strict";Ht();H();xt();R();lt();});var fe={};D(fe,{promptRaw:()=>jt,runLogin:()=>uo});function j(t){return typeof t=="string"?t.replace(co,""):t}function jt(t,e={}){return new Promise((n,r)=>{if(typeof process.stdin.setRawMode!="function"){r(new Error("NOT_A_TTY"));return}let{masked:s=false,defaultValue:i=""}=e;process.stdout.write(t+i);let o=i;function a(){try{process.stdin.setRawMode(!1);}catch{}}process.once("uncaughtException",a),process.once("unhandledRejection",a);let c=E=>{if(E===""){u(),r(new Error("SIGINT"));return}if(E==="\r"||E===`
36
+ `){u(),process.stdout.write(`
37
+ `),n(o);return}if(E==="\x7F"){o.length>0&&(o=o.slice(0,-1),process.stdout.write("\b \b"));return}E.startsWith("\x1B")||(o+=E,process.stdout.write(s?"*".repeat(E.length):E));};function u(){process.stdin.setRawMode(false),process.stdin.removeListener("data",c),process.removeListener("uncaughtException",a),process.removeListener("unhandledRejection",a);}process.stdin.setRawMode(true),process.stdin.resume(),process.stdin.setEncoding("utf8"),process.stdin.on("data",c);})}async function pe(t,e=false){let n=nn(),r=process.env.FLOW_BASE_URL;n&&(process.env.FLOW_BASE_URL=n);try{let{accessToken:s,expiresAt:i}=await $(t),o=Zn(t);if(e)return {jwt:o,accessToken:s,expiresAt:i};oe({[h.ANTHROPIC_AUTH_TOKEN]:o}),tn(),await z({accessToken:s,expiresAt:i});}finally{r===void 0?delete process.env.FLOW_BASE_URL:process.env.FLOW_BASE_URL=r;}}async function lo(t=false){try{let e=(await jt(v(" ? ")+"Client ID: ")).trim(),n=(await jt(v(" ? ")+"Client Secret: ",{masked:!0})).trim(),r=(await jt(v(" ? ")+"Tenant: ")).trim();if(!e||!n||!r)return process.stderr.write(I(` \u2717 All fields are required
38
+ `)),1;if(process.stdout.write(p(` Authenticating...
39
+ `)),t){let s=await pe({clientId:e,clientSecret:n,tenant:r},!0);return process.stdout.write(`
40
+ ${b("\u2713")} ${P("Authenticated")}
41
+ `+p(` Tenant: ${j(r)}
42
+ `)+p(` Storage: pending (will be written at end of init)
43
+
44
+ `)),{code:0,result:s}}return await pe({clientId:e,clientSecret:n,tenant:r}),process.stdout.write(`
45
+ ${b("\u2713")} ${P("Authenticated")}
46
+ `+p(` Tenant: ${j(r)}
47
+ `)+p(` Storage: ANTHROPIC_AUTH_TOKEN (settings.json)
48
+
49
+ `)),0}catch(e){if(e.message==="SIGINT"||e.message==="NOT_A_TTY")throw e;return process.stderr.write(`
50
+ ${I("\u2717")} ${P("Authentication failed:")}
51
+ ${j(e.message)}
52
+
53
+ `),1}}async function uo(t={}){let e=ee();if(e)return e;let{deferPersist:n=false,skipAuthCheck:r=false}=t;if(t.clientId&&t.clientSecret&&t.tenant)try{if(n){let i=await pe({clientId:t.clientId,clientSecret:t.clientSecret,tenant:t.tenant},!0);return process.stdout.write(b(` \u2713 Authenticated. Tenant: ${j(t.tenant)}
54
+
55
+ `)),{code:0,result:i}}return await pe({clientId:t.clientId,clientSecret:t.clientSecret,tenant:t.tenant}),process.stdout.write(b(` \u2713 Authenticated. Tenant: ${j(t.tenant)}
56
+
57
+ `)),0}catch(i){return process.stderr.write(I(` \u2717 Authentication failed: ${j(i.message)}
58
+ `)),1}let s=await de();if(!r){if(process.stdout.write(`
59
+ `),process.stdout.write(P(` Auth
60
+ `)),s.notConfigured)return process.stdout.write(` ${L("\u26A0")} Not configured
61
+ `),process.stdout.write(p(" Run `flow-ai-obs init` to set up the environment first.\n")),process.stdout.write(`
62
+ `),1;if(s.ok){process.stdout.write(` ${b("\u2713")} Authenticated
63
+ `),process.stdout.write(p(" URL: ")+j(s.baseUrl)+`
64
+ `),process.stdout.write(p(" Tenant: ")+j(s.tenant)+`
65
+ `),process.stdout.write(p(" User: ")+j(s.user)+`
55
66
  `),process.stdout.write(`
56
- `),s){let a;try{a=await vt(I(" ? ")+"Re-authenticate? (y/N): ");}catch(d){if(d.message==="SIGINT")return process.stdout.write(`
57
- `),130;if(d.message==="NOT_A_TTY")return process.stdout.write(B(` \u2713 Using existing credentials.
67
+ `);let i;try{i=await jt(v(" ? ")+"Re-authenticate? (y/N): ");}catch(o){if(o.message==="SIGINT")return process.stdout.write(`
68
+ `),130;if(o.message==="NOT_A_TTY")return process.stdout.write(b(` \u2713 Using existing credentials.
58
69
 
59
- `)),0;throw d}if(a.trim().toLowerCase()!=="y")return process.stdout.write(B(` \u2713 Using existing credentials.
70
+ `)),0;throw o}if(i.trim().toLowerCase()!=="y")return process.stdout.write(b(` \u2713 Using existing credentials.
60
71
 
61
- `)),0}}else process.stdout.write(v(` \u26A0 Not authenticated
62
- `)),process.stdout.write(k(` URL: ${n}
72
+ `)),0}else s.error==="No credentials found"?(process.stdout.write(` ${L("\u26A0")} Not authenticated
73
+ `),process.stdout.write(p(` URL: ${s.baseUrl}
63
74
  `)),process.stdout.write(`
64
- `);process.stdout.write(k(` Current Base URL: ${n}
65
- `));let o;try{o=await vt(I(" ? ")+"Keep this URL? (Y/n): ");}catch(s){if(s.message==="SIGINT")return process.stdout.write(`
66
- `),130;o="y";}if(o.trim().toLowerCase()==="n"){let{runInit:s}=await Promise.resolve().then(()=>(Xe(),qe));return process.stdout.write(`
67
- `),s()}try{return await eo()}catch(s){if(s.message==="SIGINT")return process.stdout.write(`
68
- `),130;if(s.message==="NOT_A_TTY")return process.stderr.write(P(` \u2717 No TTY available for interactive login.
75
+ `)):(process.stdout.write(` ${L("\u26A0")} Session not valid for current endpoint
76
+ `),process.stdout.write(p(" URL: ")+j(s.baseUrl)+`
77
+ `),process.stdout.write(p(" Tenant: ")+j(s.tenant)+`
78
+ `),process.stdout.write(p(" User: ")+p("(not authenticated)")+`
79
+ `),process.stdout.write(`
80
+ `));}try{return await lo(n)}catch(i){if(i.message==="SIGINT")return process.stdout.write(`
81
+ `),130;if(i.message==="NOT_A_TTY")return process.stderr.write(I(` \u2717 No TTY available for interactive login.
69
82
  `)+` Pass --client-id, --client-secret and --tenant for non-interactive use.
70
83
 
71
- `),1;throw s}}var Qs,he=h(()=>{"use strict";de();Qn();yt();me();Y();ce();A();Et();re();ie();Qs=/[\x00-\x08\x0B-\x1F\x7F]|\x1b\[[0-9;]*[a-zA-Z]/g;});var qe={};J(qe,{normalizeCustomUrl:()=>lr,runInit:()=>ao,validateCustomUrl:()=>Qe});function Se(t,e,n){process.stdout.write(`
72
- ${b(`[${t}/${e}]`)} ${n}
73
- `);}function Ee(t){process.stdout.write(B(` \u2713 ${t}
74
- `));}function or(t){process.stdout.write(v(` \u26A0 ${t}
75
- `));}function ir(t){process.stderr.write(P(` \u2717 ${t}
76
- `));}function Ht(t){process.stdout.write(k(` ${t}
77
- `));}function cr(){try{let t=T__namespace.readFileSync(L(),"utf8");return JSON.parse(t).env||{}}catch{return {}}}function ro(){return !!cr().ANTHROPIC_BASE_URL}function so(){try{let t=T__namespace.readFileSync(L(),"utf8"),e=JSON.parse(t).hooks??{};return ["UserPromptSubmit","PreToolUse","PostToolUse","Stop"].every(r=>{let i=e[r];return Array.isArray(i)?i.some(o=>{let s=o;return Array.isArray(s?.hooks)&&s.hooks.some(c=>c?.command?.startsWith("flow-ai-obs "))}):!1})}catch{return false}}function oo(){try{let t=T__namespace.readFileSync(L(),"utf8"),e=JSON.parse(t);return !!(e.env&&e.env[S.ANTHROPIC_AUTH_TOKEN])}catch{return false}}function io(){let t=Ft();if(!t)return null;xt({FLOW_BASE_URL:t});try{let e=oe(),n={};try{n=JSON.parse(T__namespace.readFileSync(e,"utf8"));}catch{return t}delete n.baseUrl,Object.keys(n).length===0?T__namespace.unlinkSync(e):T__namespace.writeFileSync(e,JSON.stringify(n,null,2)+`
78
- `,{encoding:"utf8",mode:384});}catch{}return t}function lr(t){let e=t.trim().replace(/\\/g,"/");/^https?:\/\//i.test(e)||(e=`https://${e}`);try{let n=new URL(e);return `${n.protocol}//${n.host}`}catch{return e}}function Qe(t,e=false){if(e){let o=/^https?:\/\//i.test(t.trim())?t.trim().replace(/\\/g,"/"):`https://${t.trim().replace(/\\/g,"/")}`,s;try{s=new URL(o);}catch{throw new Error(`Invalid URL: ${t}`)}if(s.protocol!=="https:")throw new Error(`Custom URL must use HTTPS: ${t}`);if(s.pathname!=="/"&&s.pathname!=="")throw new Error(`Custom URL must be a base URL with no path beyond the root.
84
+ `),1;throw i}}var co,me=g(()=>{"use strict";Ht();en();lt();H();xt();R();it();ne();rn();co=/[\x00-\x08\x0B-\x1F\x7F]|\x1b\[[0-9;]*[a-zA-Z]/g;});var lr={};D(lr,{normalizeCustomUrl:()=>cr,runInit:()=>go,validateCustomUrl:()=>an});function ge(t,e,n){process.stdout.write(P(v(`
85
+ [${t}/${e}] ${n}
86
+ `)));}function he(t){process.stdout.write(` ${b("\u2713")} ${t}
87
+ `);}function po(t){process.stdout.write(` ${L("\u26A0")} ${t}
88
+ `);}function fo(t){process.stderr.write(` ${I("\u2717")} ${t}
89
+ `);}function or(t){process.stdout.write(` ${p(t)}
90
+ `);}function ir(){try{let t=A__namespace.readFileSync(U(),"utf8");return JSON.parse(t).env||{}}catch{return {}}}function ar(){try{let t=A__namespace.readFileSync(U(),"utf8"),e=JSON.parse(t);return !!(e.env&&e.env[h.ANTHROPIC_AUTH_TOKEN])}catch{return false}}function mo(){let t=Me();if(!t)return null;oe({FLOW_BASE_URL:t});try{let e=se(),n={};try{n=JSON.parse(A__namespace.readFileSync(e,"utf8"));}catch{return t}delete n.baseUrl,Object.keys(n).length===0?A__namespace.unlinkSync(e):A__namespace.writeFileSync(e,JSON.stringify(n,null,2)+`
91
+ `,{encoding:"utf8",mode:384});}catch{}return t}function cr(t){let e=t.trim().replace(/\\/g,"/");/^https?:\/\//i.test(e)||(e=`https://${e}`);try{let n=new URL(e);return `${n.protocol}//${n.host}`}catch{return e}}function an(t,e=false){if(e){let i=/^https?:\/\//i.test(t.trim())?t.trim().replace(/\\/g,"/"):`https://${t.trim().replace(/\\/g,"/")}`,o;try{o=new URL(i);}catch{throw new Error(`Invalid URL: ${t}`)}if(o.protocol!=="https:")throw new Error(`Custom URL must use HTTPS: ${t}`);if(o.pathname!=="/"&&o.pathname!=="")throw new Error(`Custom URL must be a base URL with no path beyond the root.
79
92
  Received: ${t}
80
- Expected: https://tenant.example.com`);if(s.search)throw new Error(`Custom URL must not contain query parameters.
93
+ Expected: https://tenant.example.com`);if(o.search)throw new Error(`Custom URL must not contain query parameters.
81
94
  Received: ${t}
82
- Expected: https://tenant.example.com`);if(s.hash)throw new Error(`Custom URL must not contain a fragment.
95
+ Expected: https://tenant.example.com`);if(o.hash)throw new Error(`Custom URL must not contain a fragment.
83
96
  Received: ${t}
84
- Expected: https://tenant.example.com`);if(s.username||s.password)throw new Error(`Custom URL must not contain embedded credentials.
97
+ Expected: https://tenant.example.com`);if(o.username||o.password)throw new Error(`Custom URL must not contain embedded credentials.
85
98
  Received: ${t}
86
- Expected: https://tenant.example.com`);if(!s.hostname.includes("."))throw new Error(`Invalid domain: ${s.hostname}. Expected format: tenant.example.com`);let c=`${s.protocol}//${s.host}`,a=process.env[S.FLOW_OBS_ALLOW_HTTP];try{delete process.env[S.FLOW_OBS_ALLOW_HTTP],ut(c);}finally{a!==void 0&&(process.env[S.FLOW_OBS_ALLOW_HTTP]=a);}return c}let n=lr(t),r;try{r=new URL(n);}catch{throw new Error(`Invalid URL: ${t}`)}if(r.protocol!=="https:")throw new Error(`Custom URL must use HTTPS: ${t}`);if(!r.hostname.includes("."))throw new Error(`Invalid domain: ${r.hostname}. Expected format: tenant.example.com`);let i=process.env[S.FLOW_OBS_ALLOW_HTTP];try{delete process.env[S.FLOW_OBS_ALLOW_HTTP],ut(n);}finally{i!==void 0&&(process.env[S.FLOW_OBS_ALLOW_HTTP]=i);}return n.replace(/\/$/,"")}async function ar(){for(let t=1;t<=3;t++)try{let e=await hn(" Enter your Flow domain (e.g., tenant.ciandt.com)");return Qe(e)}catch(e){if(process.stderr.write(v(` \u2717 ${e.message}
99
+ Expected: https://tenant.example.com`);if(!o.hostname.includes("."))throw new Error(`Invalid domain: ${o.hostname}. Expected format: tenant.example.com`);let a=`${o.protocol}//${o.host}`,c=process.env[h.FLOW_OBS_ALLOW_HTTP];try{delete process.env[h.FLOW_OBS_ALLOW_HTTP],dt(a);}finally{c!==void 0&&(process.env[h.FLOW_OBS_ALLOW_HTTP]=c);}return a}let n=cr(t),r;try{r=new URL(n);}catch{throw new Error(`Invalid URL: ${t}`)}if(r.protocol!=="https:")throw new Error(`Custom URL must use HTTPS: ${t}`);if(!r.hostname.includes("."))throw new Error(`Invalid domain: ${r.hostname}. Expected format: tenant.example.com`);let s=process.env[h.FLOW_OBS_ALLOW_HTTP];try{delete process.env[h.FLOW_OBS_ALLOW_HTTP],dt(n);}finally{s!==void 0&&(process.env[h.FLOW_OBS_ALLOW_HTTP]=s);}return n.replace(/\/$/,"")}async function sn(){for(let t=1;t<=3;t++)try{let e=await _n(" Enter your Flow domain (e.g., tenant.ciandt.com)");return an(e)}catch(e){if(process.stderr.write(L(` \u2717 ${e.message}
100
+
101
+ `)),t===3)throw process.stderr.write(I(` Too many invalid attempts.
87
102
 
88
- `)),t===3)throw process.stderr.write(P(` Too many invalid attempts.
103
+ `)),new Error("Too many invalid URL attempts")}throw new Error("Too many invalid URL attempts")}function on(){try{let t=A__namespace.readFileSync(U(),"utf8"),n=JSON.parse(t).env?.FLOW_BASE_URL;return typeof n=="string"&&n.trim()?n.trim():null}catch{return null}}async function go(t={}){let e=ee();if(e)return e;let n=t.url,r=4;if(process.stdout.write(P(v(`
104
+ flow-ai-obs init
105
+ `))),process.stdout.write(p(` Configuring your development environment:
89
106
 
90
- `)),new Error("Too many invalid URL attempts")}throw new Error("Too many invalid URL attempts")}function ze(){try{let t=T__namespace.readFileSync(L(),"utf8"),n=JSON.parse(t).env?.FLOW_BASE_URL;return typeof n=="string"&&n.trim()?n.trim():null}catch{return null}}async function ao(t={}){let e=ne();if(e)return e;let n=t.url,r=4;if(process.stdout.write(`
91
- This will configure your development environment:
92
- `),process.stdout.write(k(` [1/4] Claude Code Install @anthropic-ai/claude-code (if needed)
93
- `)),process.stdout.write(k(` [2/4] Proxy Configure Flow LLM routing
94
- `)),process.stdout.write(k(` [3/4] Native OTEL Enable native OTEL telemetry
95
- `)),process.stdout.write(k(` [4/4] Trace Register trace capture hooks
96
- `)),Se(1,r,"Checking Claude Code..."),!qn())return ir("Claude Code is not installed or not found in PATH."),process.stdout.write(`
97
- `),process.stdout.write(b(` Cannot continue \u2014 Claude Code is required.
107
+ `)),process.stdout.write(p(` [1/4] Claude Code Installation Verify @anthropic-ai/claude-code
108
+ `)),process.stdout.write(p(` [2/4] Flow Environment Setup Configure Flow URLs and LLM routing
109
+ `)),process.stdout.write(p(` [3/4] Authentication Authenticate with Flow
110
+ `)),process.stdout.write(p(` [4/4] Observability OpenTelemetry metrics, logs and trace hooks
111
+ `)),ge(1,r,"Claude Code Installation"),!tr())return fo("Claude Code is not installed or not found in PATH."),process.stdout.write(`
112
+ `),process.stdout.write(P(` Cannot continue \u2014 Claude Code is required.
98
113
 
99
114
  `)),process.stdout.write(` Install it with:
100
115
 
101
- `),process.stdout.write(I(` npm install -g @anthropic-ai/claude-code
116
+ `),process.stdout.write(v(` npm install -g @anthropic-ai/claude-code
102
117
 
103
118
  `)),process.stdout.write(` More info: https://docs.anthropic.com/en/docs/claude-code
104
119
 
105
- `),1;let i=Xn();Ee(i?`Already installed (${i}) \u2014 skipping.`:"Already installed \u2014 skipping."),Se(2,r,"Configuring proxy...");{let p=cr().ANTHROPIC_BASE_URL;if(ro()){or(`Proxy already configured (${p})`);let _=t.noInteractive||!ot(),R=false;if(!_)try{let{promptRaw:X}=await Promise.resolve().then(()=>(he(),ge));R=(await X(I(" ? ")+"Replace existing proxy configuration? [y/N]: ")).trim().toLowerCase()==="y";}catch{}R||Ht("Keeping existing proxy configuration.");}}process.env.WSL_DISTRO_NAME&&process.platform==="linux"&&process.stdout.write(v(` \u26A0 WSL detected. If Claude Code is installed on Windows, install flow-ai-obs
106
- `)+v(" on Windows too: ")+I(`npm install -g @ciandt-flow/flow-ai-obs
107
- `)+v(` Running Claude (Windows) + flow-ai-obs (WSL) is not a supported configuration.
108
-
109
- `));let o=io();if(o&&process.stdout.write(v(` \u26A0 Legacy config migrated.
110
- `)+k(` Custom URL moved from ~/.config/flow-ai-obs/config.json
111
- `)+k(` to FLOW_BASE_URL in ~/.claude/settings.json: ${o}
112
-
113
- `)),!n&&!t.noInteractive&&ot()){let p=ze();try{p?(process.stdout.write(`
114
- Current base URL: ${b(p)}
115
- `),await Re(" Keep this URL?",!0)||(n=await ar())):(process.stdout.write(`
116
- `),await Re(" Does your organization use a custom Flow URL?",!1)&&(n=await ar()));}catch{return 1}process.stdout.write(`
117
- `);}if(!n&&!t.noInteractive&&!ot()){let p=ze(),_=process.env.FLOW_BASE_URL,R=p??_??zt,X=!!(p??_);process.stdout.write(v(` \u26A0 Non-interactive environment detected.
118
- `)+k(` Using URL: ${R}
119
- `)+(X?"":k(` Run with --custom-url to configure a custom domain.
120
- `))+`
121
- `);}let s,c=false;if(n){let p;try{p=Qe(n,!0);}catch(R){return process.stderr.write(`
122
- \u2717 Invalid --custom-url: ${R.message}
123
-
124
- `),1}let _=Ft()??Rn()?.FLOW_BASE_URL??null;s=p,c=!!_&&_!==p,c?process.stdout.write(v(` \u26A0 Base URL changed \u2014 re-authentication required.
125
- `)+k(` Previous: ${_}
126
- `)+k(` New: ${p}
127
-
128
- `)):process.stdout.write(B(` \u2713 Base URL configured: ${p}
129
-
130
- `));}else s=ze()??zt;let a={FLOW_BASE_URL:s,OTEL_EXPORTER_OTLP_ENDPOINT:`${s}/otel`,ANTHROPIC_BASE_URL:`${s}/flow-llm-proxy/`};if(xt(a),process.env.FLOW_BASE_URL=s,!oo()||c)if(t.noInteractive||!ot())process.stdout.write(v(" \u26A0 Authentication required \u2014 run `flow-ai-obs auth login` to authenticate.\n\n"));else {process.stdout.write(v(` \u26A0 Authentication required for the new endpoint.
131
-
132
- `));let{runLogin:p}=await Promise.resolve().then(()=>(he(),ge)),_=await p();if(_!==0)return _}let g,E;try{({settingsPath:g,preserved:E}=In(a.OTEL_EXPORTER_OTLP_ENDPOINT));}catch(p){return process.stderr.write(` \u2717 Failed to write settings: ${p.message}
133
- `),1}Se(3,r,"Configuring Native OTEL..."),Ee("AI Usage configured."),Ht(`Settings: ${g}`),process.stdout.write(`
134
- `),process.stdout.write(b(" Native OTEL configured")+` (metrics & logs)
135
- `);let u={...z,OTEL_EXPORTER_OTLP_ENDPOINT:a.OTEL_EXPORTER_OTLP_ENDPOINT};for(let[p,_]of Object.entries(u))process.stdout.write(k(` ${p.padEnd(36)}`)+_+`
120
+ `),1;let s=er();he(s?`Already installed (${s}) \u2014 skipping.`:"Already installed \u2014 skipping."),ge(2,r,"Flow Environment Setup");let i=false;{let T=ir().FLOW_BASE_URL;if(T&&(po(`Base URL already configured (FLOW_BASE_URL=${T})`),!t.noInteractive&&at()))try{let{promptRaw:k}=await Promise.resolve().then(()=>(me(),fe));i=(await k(v(" ? ")+"Replace existing base URL configuration? [y/N]: ")).trim().toLowerCase()==="y",i||or("Keeping existing base URL configuration.");}catch{}}if(process.env.WSL_DISTRO_NAME&&process.platform==="linux"&&process.stdout.write(L(` \u26A0 WSL detected. If Claude Code is installed on Windows, install flow-ai-obs
121
+ `)+L(" on Windows too: ")+v(`npm install -g @ciandt-flow/flow-ai-obs
122
+ `)+L(` Running Claude (Windows) + flow-ai-obs (WSL) is not a supported configuration.
123
+
124
+ `)),mo(),!n&&!t.noInteractive&&at()){let T=on();try{i?n=await sn():T?(process.stdout.write(`
125
+ Current base URL: ${P(T)}
126
+ `),await ve(" Keep this URL?",!0)||(n=await sn())):(process.stdout.write(`
127
+ `),await ve(" Does your organization use a custom Flow URL?",!1)?n=await sn():he("Using default Flow Base URL: https://flow.ciandt.com"));}catch{return 1}process.stdout.write(`
128
+ `);}if(!n&&!t.noInteractive&&!at()){let T=on();if(T)process.stdout.write(L(` \u26A0 Non-interactive environment detected.
129
+ `)+p(` Using URL: ${T}
130
+
131
+ `));else return process.stderr.write(` \u2717 No URL configured and no TTY available.
132
+ Run: flow-ai-obs init --custom-url <URL>
133
+
134
+ `),1}let o,a=false;if(n){let T;try{T=an(n,!0);}catch(rt){return process.stderr.write(`
135
+ \u2717 Invalid --custom-url: ${rt.message}
136
+
137
+ `),1}let k=Me()??$n()?.FLOW_BASE_URL??null;o=T,a=!!k&&k!==T,a?process.stdout.write(L(` \u26A0 Base URL changed \u2014 re-authentication required.
138
+ `)+p(` Previous: ${k}
139
+ `)+p(` New: ${T}
140
+
141
+ `)):process.stdout.write(b(` \u2713 Base URL configured: ${T}
142
+
143
+ `));}else o=on()??"https://flow.ciandt.com";let c={FLOW_BASE_URL:o,OTEL_EXPORTER_OTLP_ENDPOINT:`${o}/otel`,ANTHROPIC_BASE_URL:`${o}/flow-llm-proxy/`,ANTHROPIC_MODEL:"anthropic.claude-4-6-sonnet",ANTHROPIC_SMALL_FAST_MODEL:"anthropic.claude-haiku-4-5",CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS:"1"};process.env.FLOW_BASE_URL=o,process.stdout.write(b(`
144
+ \u2713 Flow environment ready.
145
+ `));let u=36;for(let[T,k]of Object.entries(c))process.stdout.write(p(` ${T.padEnd(u)}`)+k+`
146
+ `);ge(3,r,"Authentication");let E=null;if(!ar()||a)if(t.noInteractive||!at())process.stdout.write(`
147
+ ${L("\u26A0")} Authentication required \u2014 run \`flow-ai-obs login\` to authenticate.
148
+
149
+ `);else {process.stdout.write(`
150
+ ${L("\u26A0")} Authentication required for the new endpoint.
151
+
152
+ `);let{runLogin:T}=await Promise.resolve().then(()=>(me(),fe)),k=await T({deferPersist:true,skipAuthCheck:a});if(typeof k=="number")return k;E=k.result;}else he("Already authenticated \u2014 skipping."),or("ANTHROPIC_AUTH_TOKEN will be preserved in settings.json");let m=ar()?ir()[h.ANTHROPIC_AUTH_TOKEN]:null,w={...c,...E?{[h.ANTHROPIC_AUTH_TOKEN]:E.jwt}:{},...m&&!E?{[h.ANTHROPIC_AUTH_TOKEN]:m}:{}},d,S;ge(4,r,"Observability (OpenTelemetry)"),process.stdout.write(`
153
+ ${P("Metrics and Logs")}
154
+ `);let q={...X,OTEL_EXPORTER_OTLP_ENDPOINT:c.OTEL_EXPORTER_OTLP_ENDPOINT};for(let[T,k]of Object.entries(q))process.stdout.write(p(` ${T.padEnd(36)}`)+k+`
136
155
  `);process.stdout.write(`
137
- `),Se(4,r,"Configuring Trace...");let f=g;if(so())Ee("Already configured \u2014 skipping.");else {let p=[];try{(({settingsPath:f,preserved:p}=bn())),Ee("Hooks registered (UserPromptSubmit, PreToolUse, PostToolUse, Stop)"),p.length>0&&(or(`Third-party hooks preserved on: ${p.join(", ")}`),Ht("flow-ai-obs was prepended \u2014 it executes first.")),Ht(`Settings: ${f}`),Ht(`Backup: ${f}.bkp`);}catch(_){return ir(`Could not write hooks: ${_.message}`),1}}E.length>0&&(process.stdout.write(`
138
- `),process.stdout.write(v(` \u26A0 Third-party hooks preserved on: ${E.join(", ")}
139
- `)),process.stdout.write(k(` flow-ai-obs was prepended \u2014 it executes first.
156
+ `),process.stdout.write(` ${P("Trace (Hook)")}
157
+ `);let V=["UserPromptSubmit","PreToolUse","PostToolUse","Stop"];for(let T of V){let k=Ot[T];process.stdout.write(p(` ${T.padEnd(18)}`)+`\u2192 flow-ai-obs ${T} (timeout: ${k}s)
158
+ `);}process.stdout.write(`
159
+ `);try{({settingsPath:d,preserved:S}=Dn(c.OTEL_EXPORTER_OTLP_ENDPOINT,w));}catch(T){return process.stderr.write(` \u2717 Failed to write settings: ${T.message}
160
+ `),1}if(E){let{saveTokenCache:T}=await Promise.resolve().then(()=>(Ht(),zn));await T({accessToken:E.accessToken,expiresAt:E.expiresAt});let{clearLoggedOutMarker:k}=await Promise.resolve().then(()=>(en(),sr));k();}return he(`Settings written: ${d}`),S.length>0&&(process.stdout.write(`
161
+ `),process.stdout.write(L(` \u26A0 Third-party hooks preserved on: ${S.join(", ")}
162
+ `)),process.stdout.write(p(` flow-ai-obs was prepended \u2014 it executes first.
140
163
  `))),process.stdout.write(`
141
- `),process.stdout.write(b(" Hooks registered")+` (trace capture)
142
- `);let O=["UserPromptSubmit","PreToolUse","PostToolUse","Stop"];for(let p of O){let _=it[p];process.stdout.write(k(` ${p.padEnd(18)}`)+`\u2192 flow-ai-obs ${p} (timeout: ${_}s)
143
- `);}return process.stdout.write(`
144
- `),t.skipHint||process.stdout.write(B(" \u2713 Setup complete. Run `claude` to start.\n\n")),0}var Xe=h(()=>{"use strict";ce();A();Et();se();re();ie();Y();zn();Pe();});var ur={};J(ur,{runStatus:()=>lo});function tn(t){return !t||t.length<=8?"****":t.slice(0,4)+"****...****"+t.slice(-4)}function Lt(t){process.stdout.write(` \u2713 ${t}
145
- `);}function pt(t){process.stdout.write(` \u26A0 ${t}
146
- `);}function Te(t){process.stdout.write(` \u2717 ${t}
147
- `);}function F(t){process.stdout.write(` ${t}
148
- `);}function Q(){process.stdout.write(`
149
- `);}function co(){return kt("FLOW_BASE_URL")??M()}async function lo(){Q(),process.stdout.write(` flow-claude-observability \u2014 status
150
- `),Q(),process.stdout.write(b(` Auth
151
- `));let t=kt(S.ANTHROPIC_AUTH_TOKEN)??void 0,e=W(t);if(!e)pt("Not authenticated. Run `flow-ai-obs login` to set up."),Q();else {let u=co(),f=await ue(),O=await q(),p=`${u}/flow-langfuse-gateway/v1/health`,_=f?await At(p,O?.accessToken).catch(()=>false):false;if(!f)pt("Session expired. Run `flow-ai-obs login` to re-authenticate.");else if(!_)pt(`Session rejected by ${u}. Run \`flow-ai-obs login\` to re-authenticate.`);else {let R=await lt()||e.clientId;Lt("Authenticated"),F(`URL: ${u}`),F(`Tenant: ${e.tenant}`),F(`User: ${R}`);}Q();}process.stdout.write(b(` Native OTEL
152
- `));let n={};try{let u=T__namespace.readFileSync(L(),"utf8");n=JSON.parse(u).env||{};}catch{}let r=Object.keys(z).filter(u=>!n[u]);r.length===0?(Lt("All OTEL env vars present in settings.json"),F(`Endpoint: ${n.OTEL_EXPORTER_OTLP_ENDPOINT}`)):(pt(`${r.length} OTEL var(s) missing from settings.json`),r.forEach(u=>Te(`Missing: ${u}`)),F("Run: flow-ai-obs init (restores missing vars automatically)")),Q();for(let u of Object.keys(z)){let f=n[u]??P("(missing)");process.stdout.write(k(` ${u.padEnd(36)}`)+f+`
153
- `);}Q(),process.stdout.write(b(` Tracing
154
- `));let i={};try{i=JSON.parse(T__namespace.readFileSync(L(),"utf8"));}catch{}let o=i.hooks??{},s=["UserPromptSubmit","PreToolUse","PostToolUse","Stop"];s.every(u=>{let f=o[u];return Array.isArray(f)?f.some(O=>{let p=O;return Array.isArray(p?.hooks)&&p.hooks.some(_=>_?.command?.startsWith(ee.CLI))}):false})?Lt("Hooks registered (trace capture)"):pt("Hooks NOT registered. Run `flow-ai-obs init` to configure.");for(let u of s){let f=it[u];process.stdout.write(k(` ${u.padEnd(18)}`)+`\u2192 flow-ai-obs ${u} (timeout: ${f}s)
155
- `);}Q();let a=process.env[S.FLOW_TELEMETRY]==="true",d=process.env[S.LANGFUSE_BASE_URL],g=process.env[S.LANGFUSE_PUBLIC_KEY],E=process.env[S.LANGFUSE_SECRET_KEY];if(a)if(d&&g&&E){let u=await V();for(let f of u)f.mode==="direct"&&(Lt("FLOW_TELEMETRY=true (direct mode enabled)"),Lt("Mode: direct"),F(`Endpoint: ${f.endpoint}`),F(`PK: ${tn(g)}`),F(`SK: ${tn(E)}`));}else pt("FLOW_TELEMETRY=true but missing LANGFUSE vars:"),d||Te("LANGFUSE_BASE_URL not set"),g||Te("LANGFUSE_PUBLIC_KEY not set"),E||Te("LANGFUSE_SECRET_KEY not set");else {let u=await V();if(u.length>0)for(let f of u)f.mode==="gateway"&&(Lt("Mode: gateway"),F(`Endpoint: ${f.endpoint}`),F(`Token: ${tn((await q())?.accessToken)}`));else u.authError?pt("Gateway mode: token refresh failed. Run `flow-ai-obs login`."):F("No active tracing destination configured.");}return Q(),0}var dr=h(()=>{"use strict";de();Y();ce();A();Et();me();});var pr={};J(pr,{runOtelHeaders:()=>uo});async function uo(){let t=W(process.env[S.ANTHROPIC_AUTH_TOKEN]);if(!t)return process.stderr.write(`[flow-ai-obs otel-headers] Not authenticated \u2014 run: flow-ai-obs auth login
156
- `),1;let e;try{e=(await j(t)).accessToken;}catch(n){return process.stderr.write(`[flow-ai-obs otel-headers] Token fetch failed: ${n.message}
164
+ `),t.skipHint||(process.stdout.write(`
165
+ `),process.stdout.write(b(` \u2713 Setup complete.
166
+
167
+ `)),process.stdout.write(p(` Verify your configuration:
168
+ `)+v(` flow-ai-obs status
169
+
170
+ `)+p(` Start Claude Code:
171
+ `)+v(` claude
172
+
173
+ `))),0}var ur=g(()=>{"use strict";xt();R();it();re();ne();He();H();nr();be();});var fr={};D(fr,{runStatus:()=>Eo});function dr(t){return !t||t.length<=8?"****":t.slice(0,4)+"****...****"+t.slice(-4)}function ho(t){process.stdout.write(` ${b("\u2713")} ${t}
174
+ `);}function cn(t){process.stdout.write(` ${L("\u26A0")} ${t}
175
+ `);}function vt(t){process.stdout.write(` ${b("\u2713")} ${t}
176
+ `);}function Wt(t){process.stdout.write(` ${L("\u26A0")} ${t}
177
+ `);}function Vt(t){process.stdout.write(` ${I("\u2717")} ${t}
178
+ `);}function Q(t){process.stdout.write(` ${p(t)}
179
+ `);}function ln(t){process.stdout.write(P(v(`
180
+ ${t}
181
+ `)));}function un(t,e=false){let n=e?`${L("\u26A0")} ${P(L(t))}`:P(t);process.stdout.write(`
182
+ ${n}
183
+ `);}function Ee(){process.stdout.write(`
184
+ `);}async function Eo(){ln("Auth");let t=await de();t.notConfigured?(cn("Not configured."),process.stdout.write(`
185
+ `),process.stdout.write(` ${p("Run `flow-ai-obs init` to set up.")}
186
+ `)):!t.ok&&t.error==="No credentials found"?cn("Not authenticated. Run `flow-ai-obs login` to set up."):t.ok?(ho("Authenticated"),process.stdout.write(` ${p("URL: ")}${t.baseUrl}
187
+ `),process.stdout.write(` ${p("Tenant: ")}${t.tenant}
188
+ `),process.stdout.write(` ${p("User: ")}${t.user}
189
+ `),process.stdout.write(` ${p("Storage: ANTHROPIC_AUTH_TOKEN (settings.json)")}
190
+ `)):cn(`Session rejected by ${t.baseUrl}. Run \`flow-ai-obs login\` to re-authenticate.`),ln("Flow Provider Configuration");let e=["ANTHROPIC_BASE_URL","ANTHROPIC_MODEL","ANTHROPIC_SMALL_FAST_MODEL","CLAUDE_CODE_DISABLE_EXPERIMENTAL_BETAS"],n={},r={};try{let d=A__namespace.readFileSync(U(),"utf8");r=JSON.parse(d),n=r.env||{};}catch{}let s=e.filter(d=>!n[d]),i=s.length===0;un("LLM Proxy",!i),i?(vt("Flow LLM Proxy configured"),Q(`Endpoint: ${n.ANTHROPIC_BASE_URL}`),Q(`Model: ${n.ANTHROPIC_MODEL}`)):(process.stdout.write(`
191
+ `),process.stdout.write(` ${p("Run: flow-ai-obs init (configures the Flow LLM proxy)")}
192
+ `),process.stdout.write(`
193
+ `),Wt(`${s.length} proxy var(s) missing from settings.json`),s.forEach(d=>Vt(`Missing: ${d}`))),Ee();for(let d of e){let S=n[d]??I("(missing)");process.stdout.write(p(` ${d.padEnd(36)}`)+S+`
194
+ `);}ln("Observability configuration (OpenTelemetry)");let o=Object.keys(X).filter(d=>!n[d]);un("Metrics and Logs",o.length>0),o.length===0?(vt("All OTEL env vars present in settings.json"),Q(`Endpoint: ${n.OTEL_EXPORTER_OTLP_ENDPOINT}`)):(process.stdout.write(`
195
+ `),process.stdout.write(` ${p("Run: flow-ai-obs init (restores missing vars automatically)")}
196
+ `),process.stdout.write(`
197
+ `),Wt(`${o.length} OTEL var(s) missing from settings.json`),o.forEach(d=>Vt(`Missing: ${d}`))),Ee();for(let d of Object.keys(X)){let S=n[d]??I("(missing)");process.stdout.write(p(` ${d.padEnd(36)}`)+S+`
198
+ `);}let a=r.hooks??{},c=["UserPromptSubmit","PreToolUse","PostToolUse","Stop"],u=c.every(d=>{let S=a[d];return Array.isArray(S)?S.some(q=>{let V=q;return Array.isArray(V?.hooks)&&V.hooks.some(T=>T?.command?.startsWith(te.CLI))}):false});un("Tracing",!u),u?vt("Hooks registered (trace capture)"):(process.stdout.write(`
199
+ `),process.stdout.write(` ${p("Run `flow-ai-obs init` to configure.")}
200
+ `),process.stdout.write(`
201
+ `),Wt("Hooks NOT registered."));for(let d of c){let S=Ot[d];process.stdout.write(p(` ${d.padEnd(18)}`)+`\u2192 flow-ai-obs ${d} (timeout: ${S}s)
202
+ `);}Ee();let E=process.env[h.FLOW_TELEMETRY]==="true",O=process.env[h.LANGFUSE_BASE_URL],m=process.env[h.LANGFUSE_PUBLIC_KEY],w=process.env[h.LANGFUSE_SECRET_KEY];if(E)if(O&&m&&w){let d=await G();for(let S of d)S.mode==="direct"&&(vt("FLOW_TELEMETRY=true (direct mode enabled)"),vt("Mode: direct"),Q(`Endpoint: ${S.endpoint}`),Q(`PK: ${dr(m)}`),Q(`SK: ${dr(w)}`));}else Wt("FLOW_TELEMETRY=true but missing LANGFUSE vars:"),O||Vt("LANGFUSE_BASE_URL not set"),m||Vt("LANGFUSE_PUBLIC_KEY not set"),w||Vt("LANGFUSE_SECRET_KEY not set");else {let d=await G();if(d.length>0)for(let S of d)S.mode==="gateway"&&(vt("Mode: gateway"),Q(`Endpoint: ${S.endpoint}`));else d.authError?Wt("Gateway mode: token refresh failed. Run `flow-ai-obs login`."):Q("No active tracing destination configured.");}return Ee(),0}var mr=g(()=>{"use strict";H();xt();R();it();rn();});var gr={};D(gr,{runOtelHeaders:()=>wo});async function wo(){let t=Z(process.env[h.ANTHROPIC_AUTH_TOKEN]);if(!t)return process.stderr.write(`[flow-ai-obs otel-headers] Not authenticated \u2014 run: flow-ai-obs auth login
203
+ `),1;let e;try{e=(await $(t)).accessToken;}catch(n){return process.stderr.write(`[flow-ai-obs otel-headers] Token fetch failed: ${n.message}
157
204
  `),1}return e?(process.stdout.write(`{"Authorization": "Bearer ${e}"}
158
205
  `),0):(process.stderr.write(`[flow-ai-obs otel-headers] Empty token received
159
- `),1)}var fr=h(()=>{"use strict";yt();Y();A();});function G(t,e){let n=typeof t=="object"?JSON.stringify(t):String(t??"");return n.length>e?n.slice(0,e)+" \u2026[truncated]":n}function we(t,e=100){return String(t??"").split(`
160
- `)[0].slice(0,e).trim()}function nn(){return new Promise(t=>{let e="";process.stdin.setEncoding("utf8"),process.stdin.on("data",n=>{e+=n;}),process.stdin.on("end",()=>{try{t(JSON.parse(e));}catch{t({});}});})}function x(t){process.stdout.write(JSON.stringify(t));}var Rt=h(()=>{"use strict";});function tt(){return String(BigInt(Date.now())*1000000n)}var rn,ft,jt=h(()=>{"use strict";rn=()=>crypto.randomBytes(16).toString("hex"),ft=()=>crypto.randomBytes(8).toString("hex");});function _o(t,e){let n=Ot.resolve(t);if(!n.startsWith(e))throw new Error(`Path traversal detected: ${t}`);return n}function sn(t){if(!wo.test(t))throw new Error(`Invalid session ID: ${t}`);return _o(Ot.join(ct.tmpdir(),`flow-obs-${t}.json`),yo)}function Pt(t){let e=sn(t);if(!T.existsSync(e))return null;try{return JSON.parse(T.readFileSync(e,"utf8"))}catch{return null}}function It(t,e){T.writeFileSync(sn(t),JSON.stringify(e),{encoding:"utf8",mode:384});}function on(t){try{T.unlinkSync(sn(t));}catch{}}var wo,yo,Wt=h(()=>{"use strict";wo=/^[0-9a-f-]{1,64}$/i,yo=Ot.normalize(ct.tmpdir())+Ot.sep;});function Er(t){if(!t||!T.existsSync(t))return null;try{let e=T.readFileSync(t,"utf8").trimEnd().split(`
161
- `);for(let n=e.length-1;n>=0;n--)try{let r=JSON.parse(e[n]);if(r.type==="user"&&r.uuid)return r.uuid}catch{}}catch{}return null}function an(t){if(!t||!T.existsSync(t))return null;try{let e=T.readFileSync(t,"utf8").trimEnd().split(`
162
- `),n=[],r=0,i=0;for(let o=e.length-1;o>=0;o--)try{let s=JSON.parse(e[o]);if(s.type==="user")break;if(s.type==="assistant"){let a=(s.message?.content??[]).filter(g=>g.type==="text").map(g=>g.text??"").join("");a&&n.unshift(a);let d=s.message?.usage??{};r+=(d.input_tokens??0)+(d.cache_read_input_tokens??0)+(d.cache_creation_input_tokens??0),i+=d.output_tokens??0;}}catch{}return !n.length&&r===0?null:{text:n.join(`
163
-
164
- `),inputTokens:r,outputTokens:i}}catch{}return null}var cn=h(()=>{"use strict";});function yr(t){return t.replace(":","/")}function ye(t,e){if(!t)return null;let n=yr(t),r=[Ot.join(ct.homedir(),".claude","skills",n,"SKILL.md"),Ot.join(e??"",".claude","skills",n,"SKILL.md")];for(let i of r)if(T.existsSync(i))try{return T.readFileSync(i,"utf8")}catch{}return null}function _r(t){return t.split(`
165
- `)[0].match(/^\/([a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?)(?:\s.*)?$/i)?.[1]??null}function kr(t){return !!t.slashSkill||t.toolCalls.some(r=>r.tool==="Skill")?t.toolCalls.some(r=>r.tool==="Skill"&&!r.synthetic||Po.has(r.tool))?"complete":"prerequisite_required":null}function _e(t,e){if(!t)return null;let n=yr(t),r=[Ot.join(ct.homedir(),".claude","skills",n),Ot.join(e??"",".claude","skills",n)],i=null;for(let c of r)if(T.existsSync(Ot.join(c,"SKILL.md"))){i=c;break}if(!i)return null;let o=[];function s(c,a){for(let d of T.readdirSync(c,{withFileTypes:true})){if(vo.has(d.name)||Ro.has(d.name)||Lo.has(Ot.extname(d.name)))continue;let g=a?`${a}/${d.name}`:d.name;d.isDirectory()?s(Ot.join(c,d.name),g):o.push(g);}}return s(i,""),o.length>0?o:null}var vo,Lo,Ro,Po,ke=h(()=>{"use strict";vo=new Set([".venv","__pycache__",".git","node_modules"]),Lo=new Set([".pyc",".pyo"]),Ro=new Set(["SKILL.md",".DS_Store",".gitignore"]);Po=new Set(["Read","Write","Edit","MultiEdit","Bash","Glob","Grep","TodoWrite","WebFetch","WebSearch","Agent","Task"]);});function No(t){try{let e=t.split(".")[1].replace(/-/g,"+").replace(/_/g,"/");return JSON.parse(Buffer.from(e,"base64").toString())}catch{return null}}function Uo(t,e,n,r){return new Promise(i=>{let o=new URL(t),s=o.protocol==="https:",c=(s?ss__default.default:ws__default.default).request({hostname:o.hostname,port:o.port||(s?443:80),path:o.pathname+o.search,method:"POST",headers:{"Content-Type":"application/json","Content-Length":Buffer.byteLength(e),Authorization:`Bearer ${String(n).replace(/[\r\n]/g,"")}`,FlowTenant:String(r).replace(/[\r\n]/g,"")}},a=>{a.resume(),i(a.statusCode??0);});c.on("error",()=>i(0)),c.setTimeout(5e3,()=>{c.destroy(),i(0);}),c.write(e),c.end();})}async function mt(t,e={}){try{let n=W(process.env[S.ANTHROPIC_AUTH_TOKEN]);if(!n)return;let r,i=new Promise((E,u)=>{r=setTimeout(()=>u(new Error("getToken timeout")),4e3),r.unref();}),{accessToken:o}=await Promise.race([j(n),i]);clearTimeout(r);let s=No(o);if(!s)return;let c=s.tenant||n.tenant,a=JSON.stringify({action:t,booster:xe().BOOSTER,metadata:e,success:!0,tenant:c,timestamp:new Date().toISOString(),os:process.platform,user:{email:s.email||"",id:s.sub||"",name:s.name||s.email||""}}),d=ut(xe().API_URL),g=await Uo(d,a,o,c);l("metrics.logEvent",`action=${t} status=${g}`);}catch(n){l("metrics.logEvent",`silenced error: ${n.message}`);}}var Oe=h(()=>{"use strict";A();yt();Y();$();});async function ln(t,e=false){if(e){process.stdout.write(JSON.stringify({decision:"block",reason:Co})+`
166
- `);return}let r=!!(await V()).authError,i=t.session_id||"unknown",o=t.prompt||"",s=t.cwd||"",c=Er(t.transcript_path)||rn(),a=_r(o),d=a?ye(a,s):null,g=a?_e(a,s):null;It(i,{traceId:rn(),spanId:ft(),startNs:tt(),sessionId:i,prompt:o,cwd:s,traceName:c,transcriptPath:t.transcript_path||"",model:process.env[S.ANTHROPIC_MODEL]||"",toolCalls:[],spans:[],pendingTool:null,slashSkill:a,skillContent:d,skillArtifacts:g}),mt("SESSION_STARTED",{traceType:a?"skill":"prompt",slashSkill:a,clientIdExpired:r}),l("UserPromptSubmit",`sid=${i}`,`traceName=${c}`,`slashSkill=${a}`),x(t);}var Co,Or=h(()=>{"use strict";jt();Wt();cn();ke();Rt();$();A();Y();Oe();Co=`\u26D4 Your Flow API key has expired. You no longer have access to Claude Code through the Flow platform. To restore observability and access, visit ${M()}/settings/api-keys to generate a new API key, then run: flow-ai-obs auth login`;});async function Ar(t){let e=t.session_id||"unknown",n=t.tool_name||"unknown",r=t.tool_input||{},i=Pt(e);i&&(i.pendingTool={name:n,inputStr:G(r,H.TOOL_INPUT),startNs:tt()},It(e,i)),l("PreToolUse",`sid=${e}`,`tool=${n}`,`stateFound=${!!i}`),x(t);}var vr=h(()=>{"use strict";jt();Wt();Rt();$();A();});function m(t,e){return e==null||e===""?null:{key:t,value:{stringValue:String(e)}}}function gt(...t){return t.filter(e=>e!==null)}function Lr(t,e){return {resourceSpans:[{resource:{attributes:t},scopeSpans:[{scope:$o,spans:Array.isArray(e)?e:[e]}]}]}}var $o,y,Rr=h(()=>{"use strict";A();$o={name:Fe.SCOPE_NAME,version:Fe.SCOPE_VERSION},y={TRACE_NAME:"langfuse.trace.name",TRACE_INPUT:"langfuse.trace.input",TRACE_OUTPUT:"langfuse.trace.output",TRACE_METADATA:"langfuse.trace.metadata",TRACE_TAGS:"langfuse.trace.tags",USER_ID:"langfuse.user.id",SESSION_ID:"langfuse.session.id",OBS_NAME:"langfuse.observation.name",OBS_INPUT:"langfuse.observation.input",OBS_OUTPUT:"langfuse.observation.output",OBS_LEVEL:"langfuse.observation.level",OBS_TYPE:"langfuse.observation.type",MODEL:"gen_ai.request.model",INPUT_TOKENS:"gen_ai.usage.input_tokens",OUTPUT_TOKENS:"gen_ai.usage.output_tokens"};});function Fo(){let t=parseInt(process.env[S.BUFFER_TTL_DAYS]??"",10);return (Number.isFinite(t)?Math.max(C.MIN_TTL_DAYS,Math.min(C.MAX_TTL_DAYS,t)):C.DEFAULT_TTL_DAYS)*24*60*60*1e3}function xo(){let t=parseInt(process.env[S.BUFFER_MAX_FILES]??"",10);return Number.isFinite(t)?Math.max(C.MIN_MAX_FILES,Math.min(C.MAX_MAX_FILES,t)):C.DEFAULT_MAX_FILES}function Ir(t){if(/[/\\]/.test(t))throw new Error(`Invalid buffer fileId: ${t}`);return Ot__namespace.default.join(ct__namespace.default.tmpdir(),`${C.FILE_PREFIX}${t}.json`)}function dn(){let t=ct__namespace.default.tmpdir(),e;try{e=T__namespace.default.readdirSync(t);}catch{return []}return e.filter(n=>n.startsWith(C.FILE_PREFIX)&&n.endsWith(".json")).map(n=>{let r=Ot__namespace.default.join(t,n),i=0;try{i=T__namespace.default.statSync(r).mtimeMs;}catch{}return {full:r,mtime:i}}).sort((n,r)=>n.mtime-r.mtime).map(n=>n.full)}function Vt(t){try{let e=xo(),n=dn();if(n.length>=e){let o=n.slice(0,n.length-e+1);for(let s of o)try{T__namespace.default.unlinkSync(s);}catch{}}let r=`${Date.now()}-${Math.random().toString(36).slice(2,8)}`,i={fileId:r,bufferedAt:Date.now(),payload:t};return T__namespace.default.writeFileSync(Ir(r),JSON.stringify(i),{encoding:"utf8",mode:384}),l("buffer",`saved fileId=${r}`),r}catch(e){return l("buffer",`saveToBuffer failed: ${e.message}`),null}}function br(t){let e=dn(),n=t!=null&&t>0?t:e.length,r=[];for(let i of e){if(r.length>=n)break;try{let o=T__namespace.default.readFileSync(i,"utf8"),s=JSON.parse(o);s&&s.fileId&&s.payload&&r.push(s);}catch{l("buffer",`skipping malformed file: ${i}`);}}return r}function Nr(t){try{T__namespace.default.unlinkSync(Ir(t)),l("buffer",`deleted fileId=${t}`);}catch{}}function Ur(){let t=Date.now()-Fo();for(let e of dn())try{let{mtimeMs:n}=T__namespace.default.statSync(e);n<t&&(T__namespace.default.unlinkSync(e),l("buffer",`evicted stale: ${Ot__namespace.default.basename(e)}`));}catch{}}var Cr=h(()=>{"use strict";A();$();});async function Do(t){Ur();let e=br(C.REPLAY_BATCH_SIZE);e.length&&(l("replayBufferedTraces",`replaying ${e.length} buffered trace(s)`),await Promise.allSettled(e.map(async n=>{try{let r=await fe(n.payload,t.endpoint,t.authHeader);r>=200&&r<300?(Nr(n.fileId),l("replayBufferedTraces",`replayed fileId=${n.fileId} status=${r}`)):l("replayBufferedTraces",`replay failed fileId=${n.fileId} status=${r}`);}catch(r){l("replayBufferedTraces",`replay error fileId=${n.fileId}: ${r.message}`);}})));}async function $r(t){let e=await V();if(!e.length)return e.authError&&(l("postToLangfuse","auth refresh failed \u2014 buffering trace"),Vt(t)),0;let n=await Promise.all(e.map(async o=>{if(o.mode!=="gateway")return {creds:o,healthy:true};let s=await At(o.endpoint,o.authHeader);return {creds:o,healthy:s}})),r=n.find(o=>o.creds.mode==="gateway"&&o.healthy)?.creds??n.find(o=>o.creds.mode==="direct")?.creds;return r&&await Do(r),(await Promise.all(n.map(async({creds:o,healthy:s})=>{if(o.mode==="gateway"){if(!s)return l("postToLangfuse","gateway health check failed \u2014 buffering trace"),Vt(t),0;let a=await fe(t,o.endpoint,o.authHeader);return (a===0||a>=500)&&(l("postToLangfuse",`gateway send failed (status ${a}) \u2014 buffering trace`),Vt(t)),a}let c=await fe(t,o.endpoint,o.authHeader);return (c===0||c>=500)&&(l("postToLangfuse",`direct endpoint unavailable (status ${c}) \u2014 buffering trace`),Vt(t)),c}))).find(o=>o!==0)??0}var Fr=h(()=>{"use strict";Y();$();me();Cr();A();});var pn=h(()=>{"use strict";Rr();Fr();});function nt(t){if(t==null)return "";let e=typeof t=="string"?t:JSON.stringify(t);return jo.reduce((n,{re:r,replace:i})=>n.replace(r,i),e)}var U,Bo,Mo,Ho,xr,jo,fn=h(()=>{"use strict";U="[REDACTED]",Bo="[REDACTED-EMAIL]",Mo="[REDACTED-CPF]",Ho="[REDACTED-CNPJ]",xr="[REDACTED-PHONE]",jo=[{re:/\b(sk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`sk-${U}`},{re:/\b(pk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`pk-${U}`},{re:/\b(Bearer\s+)[A-Za-z0-9\-._~+/]+=*/gi,replace:(t,e)=>`${e}${U}`},{re:/\b(Basic\s+)[A-Za-z0-9+/]+=*/gi,replace:(t,e)=>`${e}${U}`},{re:/(-----BEGIN [A-Z ]+-----)[^-]*(-----END [A-Z ]+-----)/g,replace:(t,e,n)=>`${e}
167
- ${U}
168
- ${n}`},{re:/\b(AKIA[0-9A-Z]{16})\b/g,replace:()=>`AKIA${U}`},{re:/(aws_secret_access_key\s*[=:]\s*)([A-Za-z0-9/+]{40})/gi,replace:(t,e)=>`${e}${U}`},{re:/\b(ghp_[A-Za-z0-9]{36,})/g,replace:()=>`ghp_${U}`},{re:/\b(github_pat_[A-Za-z0-9_]{36,})/gi,replace:()=>`github_pat_${U}`},{re:/\b(eyJ[A-Za-z0-9_\-]+\.eyJ[A-Za-z0-9_\-]+\.[A-Za-z0-9_\-]+)/g,replace:()=>`eyJ.${U}`},{re:/\b([A-Z0-9_]*(?:SECRET|TOKEN|KEY|PASSWORD|PASSWD|PWD|CREDENTIAL|API)[A-Z0-9_]*\s*=\s*)(['"]?)([^\s'"#\n]+)\2/gi,replace:(t,e,n)=>`${e}${n}${U}${n}`},{re:/([a-z][a-z0-9+\-.]*:\/\/[^:/?#\s]*):([^@\s]+)@/gi,replace:(t,e)=>`${e}:${U}@`},{re:/[a-zA-Z0-9._%+\-]+@[a-zA-Z0-9.\-]+\.[a-zA-Z]{2,}/g,replace:()=>Bo},{re:/\b\d{3}\.\d{3}\.\d{3}-\d{2}\b/g,replace:()=>Mo},{re:/\b\d{2}\.\d{3}\.\d{3}\/\d{4}-\d{2}\b/g,replace:()=>Ho},{re:/\(\d{2}\)\s?\d{4,5}[-\s]?\d{4}/g,replace:()=>xr},{re:/\+55[\s-]?\d{2}[\s-]?\d{4,5}[-\s]?\d{4}/g,replace:()=>xr}];});async function Dr(t){let e=t.session_id||"unknown",n=t.tool_name||"unknown",r=t.tool_input||{},i=t.tool_response,o=i!==null&&typeof i=="object"?i.output??JSON.stringify(i):i??"",s=Pt(e);if(!s){x(t);return}let c=tt(),a=s.pendingTool,d=a?.name===n,g=d?a.startNs:String(BigInt(c)-200000000n),E=d?a.inputStr:G(r,H.TOOL_INPUT),u=E,f=null;if(n==="Skill"){let Jt=typeof r=="object"&&r!==null?r.skill||r.name||r.skillName||r.commandName||String(Object.values(r)[0]??""):String(r);f=Jt?String(Jt).trim():null;let rt=f?ye(f,s.cwd):null;rt&&(u=rt,s.skillContent||(s.skillContent=rt),s.skillArtifacts||(s.skillArtifacts=_e(f,s.cwd))),f&&!s.slashSkill&&(s.slashSkill=f),l("PostToolUse","Skill tool detected",`skillName=${f}`,`contentFound=${!!rt}`);}let O=nt(G(o,H.TOOL_OUTPUT)),p=/\b(error|exception|failed|failure|traceback|errno)\b/i.test(O.slice(0,500)),_=p?"ERROR":"DEFAULT",R=ft(),X=Math.round(Number(BigInt(c)-BigInt(g))/1e6),Yt={Agent:"AGENT",Task:"AGENT"}[n]??"TOOL",Gt=n==="Skill"&&f?f:we(E,60);s.toolCalls.push({tool:n,brief:Gt,error:p,durationMs:X});let Ut=s.spans;Ut.push({traceId:s.traceId,spanId:R,parentSpanId:s.spanId,name:n,kind:3,startTimeUnixNano:g,endTimeUnixNano:c,attributes:gt(m(y.OBS_NAME,n),m(y.OBS_TYPE,Yt),m(y.OBS_LEVEL,_),m(y.OBS_INPUT,nt(u)),m(y.OBS_OUTPUT,O),m("tool.name",n),m("tool.error",String(p)),n==="Skill"&&f?m("skill.name",f):null,n==="Skill"?m("skill.invocation","slash-command"):null),status:{code:p?2:1}}),s.pendingTool=null,It(e,s),p&&mt("TOOL_ERROR",{toolName:n}),l("PostToolUse",`sid=${e}`,`tool=${n}`,`error=${p}`,`durationMs=${X}`,`totalSpans=${Ut.length}`),x(t);}var Br=h(()=>{"use strict";jt();Wt();pn();Rt();ke();$();A();fn();Oe();});function Hr(t,e,n){let r=Object.keys(Mr).find(s=>(t??"").toLowerCase().includes(s));if(!r)return;let i=Mr[r],o=(e*i.input+n*i.output)/1e6;return Math.round(o*1e6)/1e6}var Mr,jr=h(()=>{"use strict";Mr={"claude-opus-4-6":{input:15,output:75},"claude-opus-4-5":{input:15,output:75},"claude-sonnet-4-6":{input:3,output:15},"claude-sonnet-4-5":{input:3,output:15},"claude-haiku-4-5":{input:.8,output:4},"claude-4-6-opus":{input:15,output:75},"claude-4-6-sonnet":{input:3,output:15},"claude-4-5-opus":{input:15,output:75},"claude-4-5-sonnet":{input:3,output:15},"claude-4-5-haiku":{input:.8,output:4},"claude-3-5-sonnet-20241022":{input:3,output:15},"claude-3-5-haiku-20241022":{input:.8,output:4},"claude-3-opus-20240229":{input:15,output:75}};});async function Wr(t){let e=t.session_id||"unknown",n=t.stop_reason||"end_turn",r=Pt(e);if(!r){x(t);return}r.slashSkill&&!/^[a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?$/i.test(r.slashSkill)&&(l("Stop",`sid=${e}`,`slashSkill rejected post-disk: "${r.slashSkill}"`),r.slashSkill=null);let i=tt(),o=await Jn(),s=r.toolCalls,c=r.spans;if(r.slashSkill&&!s.some(w=>w.tool==="Skill")){let w=ft(),st=r.skillContent?r.skillContent:JSON.stringify({skill:r.slashSkill});s.push({tool:"Skill",brief:r.slashSkill,error:false,durationMs:0,synthetic:true}),c.push({traceId:r.traceId,spanId:w,parentSpanId:r.spanId,name:"Skill",kind:3,startTimeUnixNano:r.startNs,endTimeUnixNano:r.startNs,attributes:gt(m(y.OBS_NAME,"Skill"),m(y.OBS_TYPE,"TOOL"),m(y.OBS_LEVEL,"DEFAULT"),m(y.OBS_INPUT,st),m(y.OBS_OUTPUT,"loaded via slash command"),m("tool.name","Skill"),m("tool.error","false"),m("skill.name",r.slashSkill),m("skill.invocation","slash-command")),status:{code:1}}),l("Stop",`slashSkill=${r.slashSkill}`,"synthetic span injected");}let a=t.transcript_path||r.transcriptPath||"",d=an(a);if(a&&(s.some(w=>w.tool==="Skill"&&!w.synthetic)||!!r.slashSkill)&&!d?.text){await new Promise(st=>setTimeout(st,500));let w=an(a);w?.text&&(d=w);}l("Stop",`transcriptPath=${a||"(empty)"}`,`assistantOut=${d?`text=${d.text.length}chars`:"null"}`);let E=s.length,u=s.filter(w=>w.error).length,f=nt(d?.text?G(d.text,H.TRACE_OUTPUT):E===0?"No tools used":s.map((w,st)=>`${st+1}. ${w.tool}${w.brief?` \u2192 ${w.brief}`:""}${w.error?" [ERROR]":""}`).join(`
169
- `)),O=d?.inputTokens??0,p=d?.outputTokens??0,_=s.map((w,st)=>`${st+1}. ${w.tool}${w.brief?` \u2192 ${w.brief}`:""}${w.error?" [ERROR]":""} (${w.durationMs}ms)`),R=!!(r.slashSkill||s.some(w=>w.tool==="Skill")),X=s.some(w=>w.tool==="Agent");if(!R&&!X){l("Stop",`sid=${e}`,"skipping trace \u2014 no Skill or Agent calls found"),mt("TRACE_SKIPPED",{reason:"no_skill_or_agent"}),on(e),x(t);return}let Nt=R?"skill":"agent",Yt=Math.round(Number(BigInt(i)-BigInt(r.startNs))/1e6),Gt=Hr(r.model,O,p),ht=kr(r);ht==="prerequisite_required"&&d?.text&&(ht="complete"),ht==="prerequisite_required"&&(c.push({traceId:r.traceId,spanId:ft(),parentSpanId:r.spanId,name:"prerequisite-check",kind:3,startTimeUnixNano:r.startNs,endTimeUnixNano:i,attributes:gt(m(y.OBS_NAME,"prerequisite-check"),m(y.OBS_TYPE,"EVENT"),m(y.OBS_LEVEL,"WARNING"),m(y.OBS_OUTPUT,f),m("skill.name",r.slashSkill||void 0),m("execution_status","prerequisite_required")),status:{code:1}}),l("Stop",`sid=${e}`,"prerequisite-check span injected",`skill=${r.slashSkill}`));let Ut=(()=>{if(!(!R||!r.prompt)){if(r.slashSkill){let w=r.prompt.replace(new RegExp(`^\\/${r.slashSkill}\\s*`,"i"),"").trim();return w?G(nt(w),H.USER_INSTRUCTION):void 0}return G(nt(r.prompt),H.USER_INSTRUCTION)||void 0}})(),Jt=JSON.stringify({trace_type:Nt,...ht!==null&&{execution_status:ht},...r.slashSkill?{skill_name:r.slashSkill}:{},...r.skillArtifacts?.length&&{skill_artifacts:r.skillArtifacts},...Ut!==void 0&&{user_instruction:Ut},latency_ms:Yt,...O&&{tokens_input:O},...p&&{tokens_output:p},cost_usd:Gt,...r.model?{model:r.model}:{},toolCount:E,errorCount:u,stopReason:n,sessionId:r.sessionId,tools:_.length?_:void 0}),rt=nt(G(r.prompt,H.TRACE_INPUT)),Jr=gt(m(y.TRACE_NAME,r.traceName),m(y.TRACE_INPUT,rt),m(y.TRACE_OUTPUT,f),m(y.OBS_INPUT,rt),m(y.OBS_OUTPUT,f),m(y.TRACE_METADATA,Jt),m(y.SESSION_ID,r.sessionId),m(y.USER_ID,o.user),m(y.OBS_TYPE,"GENERATION"),m(y.MODEL,r.model),O?m(y.INPUT_TOKENS,O):null,p?m(y.OUTPUT_TOKENS,p):null,m("claude.stop_reason",n),m("claude.tool_count",String(E)),m("claude.error_count",String(u)),m("claude.session_id",r.sessionId),m("flow.trace_type",Nt),{key:y.TRACE_TAGS,value:{arrayValue:{values:[{stringValue:Nt}]}}}),Kr={traceId:r.traceId,spanId:r.spanId,name:r.traceName,kind:1,startTimeUnixNano:r.startNs,endTimeUnixNano:i,attributes:Jr,status:{code:u>0?2:1}},qr=gt(m("service.name",process.env.LANGFUSE_PROJECT_NAME||"claude-code"),m("deployment.environment",process.env.LANGFUSE_ENVIRONMENT||"default")),mn=[...c,Kr];l("Stop",`sid=${e}`,`totalTools=${E}`,`errorTools=${u}`,`spans=${mn.length}`,`inputTokens=${O}`,`outputTokens=${p}`,`traceOutput="${we(f,80)}"`);let Xr=await $r(Lr(qr,mn));l("Stop",`POST status=${Xr}`,`traceId=${r.traceId}`),mt("TRACE_SENT",{latencyMs:Yt,totalTools:E,errorTools:u,inputTokens:O,outputTokens:p,costUsd:Gt}),on(e),x(t);}var Vr=h(()=>{"use strict";jt();Wt();pn();Y();jr();cn();Rt();$();ke();fn();A();Oe();});var Vo={};async function Wo(){let t=process.argv[2];if(t==="UserPromptSubmit"){let n=await nn(),r;try{r=await V();}catch{process.stdout.write(JSON.stringify(n));return}r.authError?await ln(n,true):r.length>0?await ln(n):process.stdout.write(JSON.stringify(n));return}if(!await Kn()){let n=[];process.stdin.on("data",r=>n.push(r)),process.stdin.on("end",()=>process.stdout.write(n.join("")));return}let e=await nn();switch(t){case "PreToolUse":await Ar(e);break;case "PostToolUse":await Dr(e);break;case "Stop":await Wr(e);break;default:process.stderr.write(`[flow-obs] unknown event: ${t}
170
- `),process.stdout.write(JSON.stringify(e));}}var Yr=h(()=>{"use strict";Y();Rt();Or();vr();Br();Vr();Wo().catch(t=>{process.stderr.write(`[flow-obs] fatal: ${t.message}
171
- `),process.exit(0);});});var Yo=new Set(["UserPromptSubmit","PreToolUse","PostToolUse","Stop"]),[,,D]=process.argv;function Ae(t,e){let n=t.indexOf(e);return n!==-1?t[n+1]:void 0}function Gr(){let{bold:t,cyan:e,dim:n}=(Et(),K(gn)),{version:r}=Kt();process.stdout.write(`
172
- `+t(" flow-ai-obs")+n(" v"+r)+`
206
+ `),1)}var hr=g(()=>{"use strict";lt();H();R();});function J(t,e){let n=typeof t=="object"?JSON.stringify(t):String(t??"");return n.length>e?n.slice(0,e)+" \u2026[truncated]":n}function we(t,e=100){return String(t??"").split(`
207
+ `)[0].slice(0,e).trim()}function Yt(){return new Promise(t=>{let e="";process.stdin.setEncoding("utf8"),process.stdin.on("data",n=>{e+=n;}),process.stdin.on("end",()=>{try{t(JSON.parse(e));}catch{t({});}});})}function W(t){process.stdout.write(JSON.stringify(t));}var bt=g(()=>{"use strict";});function tt(){return String(BigInt(Date.now())*1000000n)}var dn,pt,Gt=g(()=>{"use strict";dn=()=>crypto.randomBytes(16).toString("hex"),pt=()=>crypto.randomBytes(8).toString("hex");});function bo(t,e){let n=kt.resolve(t);if(!n.startsWith(e))throw new Error(`Path traversal detected: ${t}`);return n}function pn(t){if(!Ro.test(t))throw new Error(`Invalid session ID: ${t}`);return bo(kt.join(ut.tmpdir(),`flow-obs-${t}.json`),vo)}function Pt(t){let e=pn(t);if(!A.existsSync(e))return null;try{return JSON.parse(A.readFileSync(e,"utf8"))}catch{return null}}function It(t,e){A.writeFileSync(pn(t),JSON.stringify(e),{encoding:"utf8",mode:384});}function fn(t){try{A.unlinkSync(pn(t));}catch{}}var Ro,vo,Jt=g(()=>{"use strict";Ro=/^[0-9a-f-]{1,64}$/i,vo=kt.normalize(ut.tmpdir())+kt.sep;});function yr(t){if(!t||!A.existsSync(t))return null;try{let e=A.readFileSync(t,"utf8").trimEnd().split(`
208
+ `);for(let n=e.length-1;n>=0;n--)try{let r=JSON.parse(e[n]);if(r.type==="user"&&r.uuid)return r.uuid}catch{}}catch{}return null}function mn(t){if(!t||!A.existsSync(t))return null;try{let e=A.readFileSync(t,"utf8").trimEnd().split(`
209
+ `),n=[],r=0,s=0;for(let i=e.length-1;i>=0;i--)try{let o=JSON.parse(e[i]);if(o.type==="user")break;if(o.type==="assistant"){let c=(o.message?.content??[]).filter(E=>E.type==="text").map(E=>E.text??"").join("");c&&n.unshift(c);let u=o.message?.usage??{};r+=(u.input_tokens??0)+(u.cache_read_input_tokens??0)+(u.cache_creation_input_tokens??0),s+=u.output_tokens??0;}}catch{}return !n.length&&r===0?null:{text:n.join(`
210
+
211
+ `),inputTokens:r,outputTokens:s}}catch{}return null}var gn=g(()=>{"use strict";});function Ar(t){return t.replace(":","/")}function Se(t,e){if(!t)return null;let n=Ar(t),r=[kt.join(ut.homedir(),".claude","skills",n,"SKILL.md"),kt.join(e??"",".claude","skills",n,"SKILL.md")];for(let s of r)if(A.existsSync(s))try{return A.readFileSync(s,"utf8")}catch{}return null}function kr(t){return t.split(`
212
+ `)[0].match(/^\/([a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?)(?:\s.*)?$/i)?.[1]??null}function Lr(t){return !!t.slashSkill||t.toolCalls.some(r=>r.tool==="Skill")?t.toolCalls.some(r=>r.tool==="Skill"&&!r.synthetic||Fo.has(r.tool))?"complete":"prerequisite_required":null}function Te(t,e){if(!t)return null;let n=Ar(t),r=[kt.join(ut.homedir(),".claude","skills",n),kt.join(e??"",".claude","skills",n)],s=null;for(let a of r)if(A.existsSync(kt.join(a,"SKILL.md"))){s=a;break}if(!s)return null;let i=[];function o(a,c){for(let u of A.readdirSync(a,{withFileTypes:true})){if(Uo.has(u.name)||$o.has(u.name)||Co.has(kt.extname(u.name)))continue;let E=c?`${c}/${u.name}`:u.name;u.isDirectory()?o(kt.join(a,u.name),E):i.push(E);}}return o(s,""),i.length>0?i:null}var Uo,Co,$o,Fo,ye=g(()=>{"use strict";Uo=new Set([".venv","__pycache__",".git","node_modules"]),Co=new Set([".pyc",".pyo"]),$o=new Set(["SKILL.md",".DS_Store",".gitignore"]);Fo=new Set(["Read","Write","Edit","MultiEdit","Bash","Glob","Grep","TodoWrite","WebFetch","WebSearch","Agent","Task"]);});function Bo(t){try{let e=t.split(".")[1].replace(/-/g,"+").replace(/_/g,"/");return JSON.parse(Buffer.from(e,"base64").toString())}catch{return null}}function Mo(t,e,n,r){return new Promise(s=>{let i=new URL(t),o=i.protocol==="https:",a=(o?fs__default.default:bs__default.default).request({hostname:i.hostname,port:i.port||(o?443:80),path:i.pathname+i.search,method:"POST",headers:{"Content-Type":"application/json","Content-Length":Buffer.byteLength(e),Authorization:`Bearer ${String(n).replace(/[\r\n]/g,"")}`,FlowTenant:String(r).replace(/[\r\n]/g,"")}},c=>{c.resume(),s(c.statusCode??0);});a.on("error",()=>s(0)),a.setTimeout(5e3,()=>{a.destroy(),s(0);}),a.write(e),a.end();})}async function ft(t,e={}){try{let n=Z(process.env[h.ANTHROPIC_AUTH_TOKEN]);if(!n)return;let r,s=new Promise((O,m)=>{r=setTimeout(()=>m(new Error("getToken timeout")),4e3),r.unref();}),{accessToken:i}=await Promise.race([$(n),s]);clearTimeout(r);let o=Bo(i);if(!o)return;let a=o.tenant||n.tenant,c=JSON.stringify({action:t,booster:xe().BOOSTER,metadata:e,success:!0,tenant:a,timestamp:new Date().toISOString(),os:process.platform,user:{email:o.email||"",id:o.sub||"",name:o.name||o.email||""}}),u=dt(xe().API_URL),E=await Mo(u,c,i,a);l("metrics.logEvent",`action=${t} status=${E}`);}catch(n){l("metrics.logEvent",`silenced error: ${n.message}`);}}var _e=g(()=>{"use strict";R();lt();H();M();});async function hn(t,e=false){if(e){process.stdout.write(JSON.stringify({decision:"block",reason:Ho})+`
213
+ `);return}let r=!!(await G()).authError,s=t.session_id||"unknown",i=t.prompt||"",o=t.cwd||"",a=yr(t.transcript_path)||dn(),c=kr(i),u=c?Se(c,o):null,E=c?Te(c,o):null;It(s,{traceId:dn(),spanId:pt(),startNs:tt(),sessionId:s,prompt:i,cwd:o,traceName:a,transcriptPath:t.transcript_path||"",model:process.env[h.ANTHROPIC_MODEL]||"",toolCalls:[],spans:[],pendingTool:null,slashSkill:c,skillContent:u,skillArtifacts:E}),ft("SESSION_STARTED",{traceType:c?"skill":"prompt",slashSkill:c,clientIdExpired:r}),l("UserPromptSubmit",`sid=${s}`,`traceName=${a}`,`slashSkill=${c}`),W(t);}var Ho,Rr=g(()=>{"use strict";Gt();Jt();gn();ye();bt();M();R();H();_e();Ho=`\u26D4 Your Flow API key has expired. You no longer have access to Claude Code through the Flow platform. To restore observability and access, visit ${yt()}/settings/api-keys to generate a new API key, then run: flow-ai-obs auth login`;});async function vr(t){let e=t.session_id||"unknown",n=t.tool_name||"unknown",r=t.tool_input||{},s=Pt(e);s&&(s.pendingTool={name:n,inputStr:J(r,Y.TOOL_INPUT),startNs:tt()},It(e,s)),l("PreToolUse",`sid=${e}`,`tool=${n}`,`stateFound=${!!s}`),W(t);}var br=g(()=>{"use strict";Gt();Jt();bt();M();R();});function f(t,e){return e==null||e===""?null:{key:t,value:{stringValue:String(e)}}}function mt(...t){return t.filter(e=>e!==null)}function Pr(t,e){return {resourceSpans:[{resource:{attributes:t},scopeSpans:[{scope:jo,spans:Array.isArray(e)?e:[e]}]}]}}var jo,_,Ir=g(()=>{"use strict";R();jo={name:Fe.SCOPE_NAME,version:Fe.SCOPE_VERSION},_={TRACE_NAME:"langfuse.trace.name",TRACE_INPUT:"langfuse.trace.input",TRACE_OUTPUT:"langfuse.trace.output",TRACE_METADATA:"langfuse.trace.metadata",TRACE_TAGS:"langfuse.trace.tags",USER_ID:"langfuse.user.id",SESSION_ID:"langfuse.session.id",OBS_NAME:"langfuse.observation.name",OBS_INPUT:"langfuse.observation.input",OBS_OUTPUT:"langfuse.observation.output",OBS_LEVEL:"langfuse.observation.level",OBS_TYPE:"langfuse.observation.type",MODEL:"gen_ai.request.model",INPUT_TOKENS:"gen_ai.usage.input_tokens",OUTPUT_TOKENS:"gen_ai.usage.output_tokens"};});function Ur(t,e,n,r,s){if(process.env[h.FLOW_OBS_DEBUG]!=="1")return;let i=JSON.stringify({ts:new Date().toISOString(),request:{method:"POST",url:t,headers:e,body:JSON.parse(n)},response:{status:r,body:s}});try{A.writeFileSync(Nr,i+`
214
+ `,{flag:"a",encoding:"utf8",mode:384}),l("sendTraces:dump",`request appendada em ${Nr}`);}catch(o){l("sendTraces:dump",`falha ao salvar: ${o.message}`);}}function Ko(t){let e=new URL(t),n=new URL(_t().GATEWAY_HEALTH);return n.hostname=e.hostname,n.port=e.port,n.protocol=e.protocol,n}function Cr(t,e){return new Promise((n,r)=>{let s=t._isSSL?fs__default.default:bs__default.default;t.headers=Object.assign({},t.headers,{Connection:"close"});let i=s.request(t,o=>{let a=[];o.on("data",c=>a.push(c)),o.on("end",()=>n({statusCode:o.statusCode??0,body:a.join("")}));});i.setTimeout(1e4,()=>{i.destroy(new Error("Request timeout"));}),i.on("error",o=>r(new Error(`Network error: ${o.message}`))),e&&i.write(e),i.end();})}async function $r(t,e){let n;try{n=Ko(t);}catch{return false}let r=n.protocol==="https:";try{let s={};e&&(s.Authorization=String(e).replace(/[\r\n]/g,""));let i=await Cr({hostname:n.hostname,port:n.port||(r?443:80),path:n.pathname,method:"GET",headers:s,_isSSL:r},null);return l("checkHealth",`url=${n.href} status=${i.statusCode}`),i.statusCode>=200&&i.statusCode<300}catch{return false}}async function Oe(t,e,n){let r=JSON.stringify(t),s=new URL(e),i=s.protocol==="https:",o=String(n).replace(/[\r\n]/g,""),a={"Content-Type":"application/json",Authorization:o,"Content-Length":Buffer.byteLength(r)};l("sendTraces:request",`POST ${e}`),l("sendTraces:request",`headers=${JSON.stringify({...a,Authorization:o.slice(0,20)+"\u2026"})}`),l("sendTraces:request",`body=${r.slice(0,500)}${r.length>500?"\u2026":""}`);try{let c=await Cr({hostname:s.hostname,port:s.port||(i?443:80),path:s.pathname,method:"POST",headers:a,_isSSL:i},r);return l("sendTraces:response",`status=${c.statusCode}`),Ur(e,a,r,c.statusCode,c.body),c.statusCode}catch(c){return l("sendTraces:error",c.message),Ur(e,a,r,0,c.message),0}}var Nr,Fr=g(()=>{"use strict";R();M();Nr=kt.join(ut.tmpdir(),"flow-obs-requests.ndjson");});function qo(){let t=parseInt(process.env[h.BUFFER_TTL_DAYS]??"",10);return (Number.isFinite(t)?Math.max(B.MIN_TTL_DAYS,Math.min(B.MAX_TTL_DAYS,t)):B.DEFAULT_TTL_DAYS)*24*60*60*1e3}function Xo(){let t=parseInt(process.env[h.BUFFER_MAX_FILES]??"",10);return Number.isFinite(t)?Math.max(B.MIN_MAX_FILES,Math.min(B.MAX_MAX_FILES,t)):B.DEFAULT_MAX_FILES}function Dr(t){if(/[/\\]/.test(t))throw new Error(`Invalid buffer fileId: ${t}`);return kt__namespace.default.join(ut__namespace.default.tmpdir(),`${B.FILE_PREFIX}${t}.json`)}function wn(){let t=ut__namespace.default.tmpdir(),e;try{e=A__namespace.default.readdirSync(t);}catch{return []}return e.filter(n=>n.startsWith(B.FILE_PREFIX)&&n.endsWith(".json")).map(n=>{let r=kt__namespace.default.join(t,n),s=0;try{s=A__namespace.default.statSync(r).mtimeMs;}catch{}return {full:r,mtime:s}}).sort((n,r)=>n.mtime-r.mtime).map(n=>n.full)}function Kt(t){try{let e=Xo(),n=wn();if(n.length>=e){let i=n.slice(0,n.length-e+1);for(let o of i)try{A__namespace.default.unlinkSync(o);}catch{}}let r=`${Date.now()}-${Math.random().toString(36).slice(2,8)}`,s={fileId:r,bufferedAt:Date.now(),payload:t};return A__namespace.default.writeFileSync(Dr(r),JSON.stringify(s),{encoding:"utf8",mode:384}),l("buffer",`saved fileId=${r}`),r}catch(e){return l("buffer",`saveToBuffer failed: ${e.message}`),null}}function Br(t){let e=wn(),n=t!=null&&t>0?t:e.length,r=[];for(let s of e){if(r.length>=n)break;try{let i=A__namespace.default.readFileSync(s,"utf8"),o=JSON.parse(i);o&&o.fileId&&o.payload&&r.push(o);}catch{l("buffer",`skipping malformed file: ${s}`);}}return r}function Mr(t){try{A__namespace.default.unlinkSync(Dr(t)),l("buffer",`deleted fileId=${t}`);}catch{}}function Hr(){let t=Date.now()-qo();for(let e of wn())try{let{mtimeMs:n}=A__namespace.default.statSync(e);n<t&&(A__namespace.default.unlinkSync(e),l("buffer",`evicted stale: ${kt__namespace.default.basename(e)}`));}catch{}}var jr=g(()=>{"use strict";R();M();});async function zo(t){Hr();let e=Br(B.REPLAY_BATCH_SIZE);e.length&&(l("replayBufferedTraces",`replaying ${e.length} buffered trace(s)`),await Promise.allSettled(e.map(async n=>{try{let r=await Oe(n.payload,t.endpoint,t.authHeader);r>=200&&r<300?(Mr(n.fileId),l("replayBufferedTraces",`replayed fileId=${n.fileId} status=${r}`)):l("replayBufferedTraces",`replay failed fileId=${n.fileId} status=${r}`);}catch(r){l("replayBufferedTraces",`replay error fileId=${n.fileId}: ${r.message}`);}})));}async function Wr(t){let e=await G();if(!e.length)return e.authError&&(l("postToLangfuse","auth refresh failed \u2014 buffering trace"),Kt(t)),0;let n=await Promise.all(e.map(async i=>{if(i.mode!=="gateway")return {creds:i,healthy:true};let o=await $r(i.endpoint,i.authHeader);return {creds:i,healthy:o}})),r=n.find(i=>i.creds.mode==="gateway"&&i.healthy)?.creds??n.find(i=>i.creds.mode==="direct")?.creds;return r&&await zo(r),(await Promise.all(n.map(async({creds:i,healthy:o})=>{if(i.mode==="gateway"){if(!o)return l("postToLangfuse","gateway health check failed \u2014 buffering trace"),Kt(t),0;let c=await Oe(t,i.endpoint,i.authHeader);return (c===0||c>=500)&&(l("postToLangfuse",`gateway send failed (status ${c}) \u2014 buffering trace`),Kt(t)),c}let a=await Oe(t,i.endpoint,i.authHeader);return (a===0||a>=500)&&(l("postToLangfuse",`direct endpoint unavailable (status ${a}) \u2014 buffering trace`),Kt(t)),a}))).find(i=>i!==0)??0}var Vr=g(()=>{"use strict";H();M();Fr();jr();R();});var Sn=g(()=>{"use strict";Ir();Vr();});function nt(t){if(t==null)return "";let e=typeof t=="string"?t:JSON.stringify(t);return ei.reduce((n,{re:r,replace:s})=>n.replace(r,s),e)}var F,Zo,Qo,ti,Yr,ei,Tn=g(()=>{"use strict";F="[REDACTED]",Zo="[REDACTED-EMAIL]",Qo="[REDACTED-CPF]",ti="[REDACTED-CNPJ]",Yr="[REDACTED-PHONE]",ei=[{re:/\b(sk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`sk-${F}`},{re:/\b(pk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`pk-${F}`},{re:/\b(Bearer\s+)[A-Za-z0-9\-._~+/]+=*/gi,replace:(t,e)=>`${e}${F}`},{re:/\b(Basic\s+)[A-Za-z0-9+/]+=*/gi,replace:(t,e)=>`${e}${F}`},{re:/(-----BEGIN [A-Z ]+-----)[^-]*(-----END [A-Z ]+-----)/g,replace:(t,e,n)=>`${e}
215
+ ${F}
216
+ ${n}`},{re:/\b(AKIA[0-9A-Z]{16})\b/g,replace:()=>`AKIA${F}`},{re:/(aws_secret_access_key\s*[=:]\s*)([A-Za-z0-9/+]{40})/gi,replace:(t,e)=>`${e}${F}`},{re:/\b(ghp_[A-Za-z0-9]{36,})/g,replace:()=>`ghp_${F}`},{re:/\b(github_pat_[A-Za-z0-9_]{36,})/gi,replace:()=>`github_pat_${F}`},{re:/\b(eyJ[A-Za-z0-9_\-]+\.eyJ[A-Za-z0-9_\-]+\.[A-Za-z0-9_\-]+)/g,replace:()=>`eyJ.${F}`},{re:/\b([A-Z0-9_]*(?:SECRET|TOKEN|KEY|PASSWORD|PASSWD|PWD|CREDENTIAL|API)[A-Z0-9_]*\s*=\s*)(['"]?)([^\s'"#\n]+)\2/gi,replace:(t,e,n)=>`${e}${n}${F}${n}`},{re:/([a-z][a-z0-9+\-.]*:\/\/[^:/?#\s]*):([^@\s]+)@/gi,replace:(t,e)=>`${e}:${F}@`},{re:/[a-zA-Z0-9._%+\-]+@[a-zA-Z0-9.\-]+\.[a-zA-Z]{2,}/g,replace:()=>Zo},{re:/\b\d{3}\.\d{3}\.\d{3}-\d{2}\b/g,replace:()=>Qo},{re:/\b\d{2}\.\d{3}\.\d{3}\/\d{4}-\d{2}\b/g,replace:()=>ti},{re:/\(\d{2}\)\s?\d{4,5}[-\s]?\d{4}/g,replace:()=>Yr},{re:/\+55[\s-]?\d{2}[\s-]?\d{4,5}[-\s]?\d{4}/g,replace:()=>Yr}];});async function Gr(t){let e=t.session_id||"unknown",n=t.tool_name||"unknown",r=t.tool_input||{},s=t.tool_response,i=s!==null&&typeof s=="object"?s.output??JSON.stringify(s):s??"",o=Pt(e);if(!o){W(t);return}let a=tt(),c=o.pendingTool,u=c?.name===n,E=u?c.startNs:String(BigInt(a)-200000000n),O=u?c.inputStr:J(r,Y.TOOL_INPUT),m=O,w=null;if(n==="Skill"){let Xt=typeof r=="object"&&r!==null?r.skill||r.name||r.skillName||r.commandName||String(Object.values(r)[0]??""):String(r);w=Xt?String(Xt).trim():null;let st=w?Se(w,o.cwd):null;st&&(m=st,o.skillContent||(o.skillContent=st),o.skillArtifacts||(o.skillArtifacts=Te(w,o.cwd))),w&&!o.slashSkill&&(o.slashSkill=w),l("PostToolUse","Skill tool detected",`skillName=${w}`,`contentFound=${!!st}`);}let d=nt(J(i,Y.TOOL_OUTPUT)),S=/\b(error|exception|failed|failure|traceback|errno)\b/i.test(d.slice(0,500)),q=S?"ERROR":"DEFAULT",V=pt(),T=Math.round(Number(BigInt(a)-BigInt(E))/1e6),rt={Agent:"AGENT",Task:"AGENT"}[n]??"TOOL",qt=n==="Skill"&&w?w:we(O,60);o.toolCalls.push({tool:n,brief:qt,error:S,durationMs:T});let Ut=o.spans;Ut.push({traceId:o.traceId,spanId:V,parentSpanId:o.spanId,name:n,kind:3,startTimeUnixNano:E,endTimeUnixNano:a,attributes:mt(f(_.OBS_NAME,n),f(_.OBS_TYPE,rt),f(_.OBS_LEVEL,q),f(_.OBS_INPUT,nt(m)),f(_.OBS_OUTPUT,d),f("tool.name",n),f("tool.error",String(S)),n==="Skill"&&w?f("skill.name",w):null,n==="Skill"?f("skill.invocation","slash-command"):null),status:{code:S?2:1}}),o.pendingTool=null,It(e,o),S&&ft("TOOL_ERROR",{toolName:n}),l("PostToolUse",`sid=${e}`,`tool=${n}`,`error=${S}`,`durationMs=${T}`,`totalSpans=${Ut.length}`),W(t);}var Jr=g(()=>{"use strict";Gt();Jt();Sn();bt();ye();M();R();Tn();_e();});function qr(t,e,n){let r=Object.keys(Kr).find(o=>(t??"").toLowerCase().includes(o));if(!r)return;let s=Kr[r],i=(e*s.input+n*s.output)/1e6;return Math.round(i*1e6)/1e6}var Kr,Xr=g(()=>{"use strict";Kr={"claude-opus-4-6":{input:15,output:75},"claude-opus-4-5":{input:15,output:75},"claude-sonnet-4-6":{input:3,output:15},"claude-sonnet-4-5":{input:3,output:15},"claude-haiku-4-5":{input:.8,output:4},"claude-4-6-opus":{input:15,output:75},"claude-4-6-sonnet":{input:3,output:15},"claude-4-5-opus":{input:15,output:75},"claude-4-5-sonnet":{input:3,output:15},"claude-4-5-haiku":{input:.8,output:4},"claude-3-5-sonnet-20241022":{input:3,output:15},"claude-3-5-haiku-20241022":{input:.8,output:4},"claude-3-opus-20240229":{input:15,output:75}};});async function zr(t){let e=t.session_id||"unknown",n=t.stop_reason||"end_turn",r=Pt(e);if(!r){W(t);return}r.slashSkill&&!/^[a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?$/i.test(r.slashSkill)&&(l("Stop",`sid=${e}`,`slashSkill rejected post-disk: "${r.slashSkill}"`),r.slashSkill=null);let s=tt(),i=await Qn(),o=r.toolCalls,a=r.spans;if(r.slashSkill&&!o.some(y=>y.tool==="Skill")){let y=pt(),ot=r.skillContent?r.skillContent:JSON.stringify({skill:r.slashSkill});o.push({tool:"Skill",brief:r.slashSkill,error:false,durationMs:0,synthetic:true}),a.push({traceId:r.traceId,spanId:y,parentSpanId:r.spanId,name:"Skill",kind:3,startTimeUnixNano:r.startNs,endTimeUnixNano:r.startNs,attributes:mt(f(_.OBS_NAME,"Skill"),f(_.OBS_TYPE,"TOOL"),f(_.OBS_LEVEL,"DEFAULT"),f(_.OBS_INPUT,ot),f(_.OBS_OUTPUT,"loaded via slash command"),f("tool.name","Skill"),f("tool.error","false"),f("skill.name",r.slashSkill),f("skill.invocation","slash-command")),status:{code:1}}),l("Stop",`slashSkill=${r.slashSkill}`,"synthetic span injected");}let c=t.transcript_path||r.transcriptPath||"",u=mn(c);if(c&&(o.some(y=>y.tool==="Skill"&&!y.synthetic)||!!r.slashSkill)&&!u?.text){await new Promise(ot=>setTimeout(ot,500));let y=mn(c);y?.text&&(u=y);}l("Stop",`transcriptPath=${c||"(empty)"}`,`assistantOut=${u?`text=${u.text.length}chars`:"null"}`);let O=o.length,m=o.filter(y=>y.error).length,w=nt(u?.text?J(u.text,Y.TRACE_OUTPUT):O===0?"No tools used":o.map((y,ot)=>`${ot+1}. ${y.tool}${y.brief?` \u2192 ${y.brief}`:""}${y.error?" [ERROR]":""}`).join(`
217
+ `)),d=u?.inputTokens??0,S=u?.outputTokens??0,q=o.map((y,ot)=>`${ot+1}. ${y.tool}${y.brief?` \u2192 ${y.brief}`:""}${y.error?" [ERROR]":""} (${y.durationMs}ms)`),V=!!(r.slashSkill||o.some(y=>y.tool==="Skill")),T=o.some(y=>y.tool==="Agent");if(!V&&!T){l("Stop",`sid=${e}`,"skipping trace \u2014 no Skill or Agent calls found"),ft("TRACE_SKIPPED",{reason:"no_skill_or_agent"}),fn(e),W(t);return}let k=V?"skill":"agent",rt=Math.round(Number(BigInt(s)-BigInt(r.startNs))/1e6),qt=qr(r.model,d,S),ht=Lr(r);ht==="prerequisite_required"&&u?.text&&(ht="complete"),ht==="prerequisite_required"&&(a.push({traceId:r.traceId,spanId:pt(),parentSpanId:r.spanId,name:"prerequisite-check",kind:3,startTimeUnixNano:r.startNs,endTimeUnixNano:s,attributes:mt(f(_.OBS_NAME,"prerequisite-check"),f(_.OBS_TYPE,"EVENT"),f(_.OBS_LEVEL,"WARNING"),f(_.OBS_OUTPUT,w),f("skill.name",r.slashSkill||void 0),f("execution_status","prerequisite_required")),status:{code:1}}),l("Stop",`sid=${e}`,"prerequisite-check span injected",`skill=${r.slashSkill}`));let Ut=(()=>{if(!(!V||!r.prompt)){if(r.slashSkill){let y=r.prompt.replace(new RegExp(`^\\/${r.slashSkill}\\s*`,"i"),"").trim();return y?J(nt(y),Y.USER_INSTRUCTION):void 0}return J(nt(r.prompt),Y.USER_INSTRUCTION)||void 0}})(),Xt=JSON.stringify({trace_type:k,...ht!==null&&{execution_status:ht},...r.slashSkill?{skill_name:r.slashSkill}:{},...r.skillArtifacts?.length&&{skill_artifacts:r.skillArtifacts},...Ut!==void 0&&{user_instruction:Ut},latency_ms:rt,...d&&{tokens_input:d},...S&&{tokens_output:S},cost_usd:qt,...r.model?{model:r.model}:{},toolCount:O,errorCount:m,stopReason:n,sessionId:r.sessionId,tools:q.length?q:void 0}),st=nt(J(r.prompt,Y.TRACE_INPUT)),ns=mt(f(_.TRACE_NAME,r.traceName),f(_.TRACE_INPUT,st),f(_.TRACE_OUTPUT,w),f(_.OBS_INPUT,st),f(_.OBS_OUTPUT,w),f(_.TRACE_METADATA,Xt),f(_.SESSION_ID,r.sessionId),f(_.USER_ID,i.user),f(_.OBS_TYPE,"GENERATION"),f(_.MODEL,r.model),d?f(_.INPUT_TOKENS,d):null,S?f(_.OUTPUT_TOKENS,S):null,f("claude.stop_reason",n),f("claude.tool_count",String(O)),f("claude.error_count",String(m)),f("claude.session_id",r.sessionId),f("flow.trace_type",k),{key:_.TRACE_TAGS,value:{arrayValue:{values:[{stringValue:k}]}}}),rs={traceId:r.traceId,spanId:r.spanId,name:r.traceName,kind:1,startTimeUnixNano:r.startNs,endTimeUnixNano:s,attributes:ns,status:{code:m>0?2:1}},ss=mt(f("service.name",process.env.LANGFUSE_PROJECT_NAME||"claude-code"),f("deployment.environment",process.env.LANGFUSE_ENVIRONMENT||"default")),yn=[...a,rs];l("Stop",`sid=${e}`,`totalTools=${O}`,`errorTools=${m}`,`spans=${yn.length}`,`inputTokens=${d}`,`outputTokens=${S}`,`traceOutput="${we(w,80)}"`);let os=await Wr(Pr(ss,yn));l("Stop",`POST status=${os}`,`traceId=${r.traceId}`),ft("TRACE_SENT",{latencyMs:rt,totalTools:O,errorTools:m,inputTokens:d,outputTokens:S,costUsd:qt}),fn(e),W(t);}var Zr=g(()=>{"use strict";Gt();Jt();Sn();H();Xr();gn();bt();M();ye();Tn();R();_e();});var gt,Qr=g(()=>{"use strict";H();bt();Rr();br();Jr();Zr();gt=class t{static passthroughStdin(){let e=[];process.stdin.on("data",n=>e.push(n)),process.stdin.on("end",()=>process.stdout.write(Buffer.concat(e)));}static async userPromptSubmit(){let e=await Yt(),n;try{n=await G();}catch{process.stdout.write(JSON.stringify(e));return}n.authError?await hn(e,!0):n.length>0?await hn(e):process.stdout.write(JSON.stringify(e));}static async preToolUse(){if(!await ce()){t.passthroughStdin();return}let e=await Yt();await vr(e);}static async postToolUse(){if(!await ce()){t.passthroughStdin();return}let e=await Yt();await Gr(e);}static async stop(){if(!await ce()){t.passthroughStdin();return}let e=await Yt();await zr(e);}};});var ri={};async function ni(){let t=process.argv[2];switch(t){case "UserPromptSubmit":await gt.userPromptSubmit();break;case "PreToolUse":await gt.preToolUse();break;case "PostToolUse":await gt.postToolUse();break;case "Stop":await gt.stop();break;default:process.stderr.write(`[flow-obs] unknown event: ${t}
218
+ `),process.stdin.on("data",e=>process.stdout.write(e));}}var ts=g(()=>{"use strict";Qr();ni().catch(t=>{process.stderr.write(`[flow-obs] fatal: ${t.message}
219
+ `),process.exit(0);});});var si=new Set(["UserPromptSubmit","PreToolUse","PostToolUse","Stop"]),[,,x]=process.argv;function Ae(t,e){let n=t.indexOf(e);return n!==-1?t[n+1]:void 0}function es(){let{bold:t,cyan:e,dim:n,green:r}=(it(),C(Le)),{version:s}=$t();process.stdout.write(`
220
+ `+t(" flow-ai-obs")+n(" v"+s)+`
173
221
 
174
222
  `),process.stdout.write(e(" init")+n(` Configure environment: Claude Code + Proxy + OTEL + Trace hooks
175
223
  `)),process.stdout.write(n(` --custom-url <URL> Set a custom Flow base URL
176
224
  `)),process.stdout.write(n(` --no-interactive Suppress interactive prompts (CI/CD)
177
225
  `)),process.stdout.write(e(" login")+n(` Refresh authentication token (re-authenticate)
178
226
  `)),process.stdout.write(e(" status")+n(` Show current observability configuration
227
+ `)),process.stdout.write(r(" update")+n(` Update to the latest version
179
228
 
180
229
  `)),process.stdout.write(n(` Flags: --version -v Show version
181
230
  `)),process.stdout.write(n(` --help -h Show this help
182
231
 
183
232
  `)),process.stdout.write(n(` (Hook events: UserPromptSubmit | PreToolUse | PostToolUse | Stop)
184
233
 
185
- `));}if(D==="--version"||D==="-v"){let{version:t}=Kt();process.stdout.write(t+`
186
- `),process.exit(0);}else if(D==="--help"||D==="-h")Gr(),process.exit(0);else if(D==="init"||D==="install")(async()=>{D==="install"&&process.stderr.write(`Warning: "install" is deprecated, use "init" instead
187
- `),await(Xt(),K(qt)).checkForUpdateInteractive();let{runInit:t}=(Xe(),K(qe)),e=process.argv.slice(3);process.exit(await t({url:Ae(e,"--custom-url"),noInteractive:e.includes("--no-interactive")}));})().catch(t=>{process.stderr.write(`Unexpected error: ${t.message}
188
- `),process.exit(1);});else if(D==="login")(async()=>{await(Xt(),K(qt)).checkForUpdateInteractive();let{runLogin:t}=(he(),K(ge)),e=process.argv.slice(3);process.exit(await t({clientId:Ae(e,"--client-id"),clientSecret:Ae(e,"--client-secret"),tenant:Ae(e,"--tenant")}));})().catch(t=>{process.stderr.write(`Unexpected error: ${t.message}
189
- `),process.exit(1);});else if(D==="status")(async()=>{await(Xt(),K(qt)).checkForUpdateInteractive();let{runStatus:t}=(dr(),K(ur));process.exit(await t());})().catch(t=>{process.stderr.write(`Unexpected error: ${t.message}
190
- `),process.exit(1);});else if(D==="otel-headers"){let{runOtelHeaders:t}=(fr(),K(pr));t().then(e=>process.exit(e)).catch(()=>process.exit(1));}else Yo.has(D)?(Yr(),K(Vo)):(Gr(),process.exit(0));
234
+ `));}if(x==="--version"||x==="-v")(async()=>{let{version:t}=$t();process.stdout.write(t+`
235
+ `);let e=(Tt(),C(St)),n=await e.fetchLatestVersionAsync().catch(()=>null);if(n&&e.isNewer(t,n.version)){let{dim:r,yellow:s}=(it(),C(Le));process.stdout.write(s(`
236
+ Update available: ${t} \u2192 ${n.version}
237
+ `)+r(` Run: flow-ai-obs update
238
+
239
+ `));}process.exit(0);})().catch(()=>process.exit(0));else if(x==="--help"||x==="-h")es(),process.exit(0);else if(x==="init"||x==="install")(async()=>{x==="install"&&process.stderr.write(`Warning: "install" is deprecated, use "init" instead
240
+ `),await(Tt(),C(St)).checkForUpdateInteractive();let{runInit:t}=(ur(),C(lr)),e=process.argv.slice(3);process.exit(await t({url:Ae(e,"--custom-url"),noInteractive:e.includes("--no-interactive")}));})().catch(t=>{process.stderr.write(`Unexpected error: ${t.message}
241
+ `),process.exit(1);});else if(x==="login")(async()=>{await(Tt(),C(St)).checkForUpdateInteractive();let{runLogin:t}=(me(),C(fe)),e=process.argv.slice(3),n=await t({clientId:Ae(e,"--client-id"),clientSecret:Ae(e,"--client-secret"),tenant:Ae(e,"--tenant")});process.exit(typeof n=="number"?n:n.code);})().catch(t=>{process.stderr.write(`Unexpected error: ${t.message}
242
+ `),process.exit(1);});else if(x==="status")(async()=>{await(Tt(),C(St)).checkForUpdateInteractive();let{runStatus:t}=(mr(),C(fr));process.exit(await t());})().catch(t=>{process.stderr.write(`Unexpected error: ${t.message}
243
+ `),process.exit(1);});else if(x==="update")(async()=>{let t=(Tt(),C(St)),{version:e}=$t(),n=await t.fetchLatestVersionAsync();n||(process.stderr.write(` \u2717 Could not reach npm registry \u2014 check your connection.
244
+ `),process.exit(1)),t.isNewer(e,n.version)||(process.stdout.write(` \u2713 Already up to date (v${e})
245
+ `),process.exit(0)),await t.runUpdate(n.version),process.exit(0);})().catch(t=>{process.stderr.write(`Unexpected error: ${t.message}
246
+ `),process.exit(1);});else if(x==="otel-headers"){let{runOtelHeaders:t}=(hr(),C(gr));t().then(e=>process.exit(e)).catch(()=>process.exit(1));}else si.has(x)?(ts(),C(ri)):(es(),process.exit(0));
package/dist/index.js CHANGED
@@ -1,16 +1,16 @@
1
- 'use strict';var child_process=require('child_process'),util=require('util'),I=require('fs'),x=require('path'),fe=require('os'),Je=require('https'),je=require('http'),crypto=require('crypto');function _interopDefault(e){return e&&e.__esModule?e:{default:e}}var I__default=/*#__PURE__*/_interopDefault(I);var x__default=/*#__PURE__*/_interopDefault(x);var fe__default=/*#__PURE__*/_interopDefault(fe);var Je__default=/*#__PURE__*/_interopDefault(Je);var je__default=/*#__PURE__*/_interopDefault(je);var Re=Object.defineProperty;var et=(t=>typeof require<"u"?require:typeof Proxy<"u"?new Proxy(t,{get:(e,r)=>(typeof require<"u"?require:e)[r]}):t)(function(t){if(typeof require<"u")return require.apply(this,arguments);throw Error('Dynamic require of "'+t+'" is not supported')});var dt=(t,e,r)=>()=>{if(r)throw r[0];try{return t&&(e=t(t=0)),e}catch(n){throw r=[n],n}};var ft=(t,e)=>{for(var r in e)Re(t,r,{get:e[r],enumerable:true});};var Dt={};ft(Dt,{MacOsKeyVaultProvider:()=>Et});var Tt,Et,xt=dt(()=>{"use strict";Tt=util.promisify(child_process.execFile),Et=class{static async isAvailable(){try{return I.accessSync("/usr/bin/security",I.constants.X_OK),!0}catch{return !1}}async getSecret(e,r){try{let{stdout:n}=await Tt("security",["find-generic-password","-w","-a",r,"-s",e]);return n.trim()||null}catch{return null}}async setSecret(e,r,n){await Tt("security",["add-generic-password","-U","-a",r,"-s",e,"-w",n]);}async deleteSecret(e,r){try{return await Tt("security",["delete-generic-password","-a",r,"-s",e]),!0}catch{return !1}}getStoragePath(){return "macOS Keychain"}};});var Mt={};ft(Mt,{LinuxKeyVaultProvider:()=>ht});var Bt,ht,Ht=dt(()=>{"use strict";Bt=util.promisify(child_process.execFile),ht=class{static async isAvailable(){let e=["/usr/bin/secret-tool","/bin/secret-tool","/usr/local/bin/secret-tool"];for(let r of e)try{return I.accessSync(r,I.constants.X_OK),!0}catch{}return !1}async getSecret(e,r){try{let{stdout:n}=await Bt("secret-tool",["lookup","service",e,"account",r]);return n.trim()||null}catch{return null}}async setSecret(e,r,n){await new Promise((o,s)=>{let i=child_process.spawn("secret-tool",["store","--label",e,"service",e,"account",r]);i.on("error",s),i.on("close",l=>{l===0?o():s(new Error(`secret-tool exited with code ${l}`));}),i.stdin.write(n),i.stdin.end();});}async deleteSecret(e,r){try{return await Bt("secret-tool",["clear","service",e,"account",r]),!0}catch{return !1}}getStoragePath(){return "Linux Secret Service (libsecret)"}};});var Vt={};ft(Vt,{WindowsKeyVaultProvider:()=>yt});var yt,Yt=dt(()=>{"use strict";yt=class{static async isAvailable(){try{return await et("keytar").getPassword("__flow_probe__","__flow_probe__"),!0}catch{return !1}}async getSecret(e,r){return et("keytar").getPassword(e,r)}async setSecret(e,r,n){await et("keytar").setPassword(e,r,n);}async deleteSecret(e,r){return et("keytar").deletePassword(e,r)}getStoragePath(){return "Windows Credential Manager"}};});var Ne="https://flow.ciandt.com";function D(){let t=process.env.FLOW_BASE_URL;return t&&t.trim()?t.trim():Ne}function G(){let t=D();return {AUTH_ENGINE:process.env.FLOW_AUTH_ENGINE_URL||`${t}/auth-engine-api/v2/api-key/token`,GATEWAY_TRACES:process.env.FLOW_GATEWAY_TRACES_URL||`${t}/flow-langfuse-gateway/v1/traces`,GATEWAY_HEALTH:process.env.FLOW_GATEWAY_HEALTH_URL||`${t}/flow-langfuse-gateway/v1/health`,OTEL_ENDPOINT:process.env.FLOW_OTEL_ENDPOINT_URL||`${t}/otel`}}G();var rt={SERVICE:"flow-plugins-cli",ACCOUNT_TOKEN:"token-cache"},nt="FLOW-nodejs",st="config.json",mt={SCOPE_NAME:"flow-ai-obs",SCOPE_VERSION:"0.1.0"};var _={FLOW_TELEMETRY:"FLOW_TELEMETRY",FLOW_TELEMETRY_GATEWAY:"FLOW_TELEMETRY_GATEWAY_URL",LANGFUSE_BASE_URL:"LANGFUSE_BASE_URL",LANGFUSE_PUBLIC_KEY:"LANGFUSE_PUBLIC_KEY",LANGFUSE_SECRET_KEY:"LANGFUSE_SECRET_KEY",ANTHROPIC_MODEL:"ANTHROPIC_MODEL",ANTHROPIC_AUTH_TOKEN:"ANTHROPIC_AUTH_TOKEN",FLOW_OBS_DEBUG:"FLOW_TELEMETRY_DEBUG",FLOW_OBS_ALLOW_HTTP:"FLOW_TELEMETRY_ALLOW_HTTP",BUFFER_TTL_DAYS:"FLOW_TELEMETRY_BUFFER_TTL_DAYS",BUFFER_MAX_FILES:"FLOW_TELEMETRY_BUFFER_MAX_FILES"};var A={FILE_PREFIX:"flow-obs-buffer-",DEFAULT_TTL_DAYS:4,MIN_TTL_DAYS:1,MAX_TTL_DAYS:30,DEFAULT_MAX_FILES:50,MIN_MAX_FILES:1,MAX_MAX_FILES:500,REPLAY_BATCH_SIZE:10},$t="flow-ai-obs-debug.log",k={TOOL_INPUT:2e4,TOOL_OUTPUT:2e4,TRACE_OUTPUT:2e4,USER_INSTRUCTION:1e4,TRACE_INPUT:5e4};function gt(){let t=D();return {API_URL:process.env.FLOW_METRICS_URL||`${t}/metrics-collector-api/log-event`,BOOSTER:"flow-ai-obs"}}var _t={credentials:"credentials","token-cache":"tokenCache"};function W(){let t=fe__default.default.homedir();if(process.platform==="darwin")return x__default.default.join(t,"Library","Preferences",nt,st);if(process.platform==="win32"){let r=process.env.APPDATA??x__default.default.join(t,"AppData","Roaming");return x__default.default.join(r,nt,st)}let e=process.env.XDG_CONFIG_HOME??x__default.default.join(t,".config");return x__default.default.join(e,nt,st)}function St(){try{let t=I__default.default.readFileSync(W(),"utf8");return JSON.parse(t)}catch{return {}}}function Ft(t){let e=W();I__default.default.mkdirSync(x__default.default.dirname(e),{recursive:true}),I__default.default.writeFileSync(e,JSON.stringify(t,null,2),{encoding:"utf8",mode:384});}var ot=class{static isAvailable(){return true}static hasExistingData(){try{if(!I__default.default.existsSync(W()))return !1;let e=JSON.parse(I__default.default.readFileSync(W(),"utf8"));return !!(e&&e.credentials)}catch{return false}}async getSecret(e,r){let n=St(),o=_t[r]??r,s=n[o];return s?typeof s=="string"?s:JSON.stringify(s):null}async setSecret(e,r,n){let o=St(),s=_t[r]??r;if(r==="token-cache")try{o[s]=JSON.parse(n);}catch{o[s]=n;}else o[s]=n;Ft(o);}async deleteSecret(e,r){let n=St(),o=_t[r]??r;return o in n?(delete n[o],Ft(n),true):false}getStoragePath(){return `config.json (unencrypted) \u2014 ${W()}`}};async function Gt(){return await He()??new ot}async function He(){switch(process.platform){case "darwin":{let{MacOsKeyVaultProvider:t}=await Promise.resolve().then(()=>(xt(),Dt));return await t.isAvailable()?new t:null}case "linux":{let{LinuxKeyVaultProvider:t}=await Promise.resolve().then(()=>(Ht(),Mt));return await t.isAvailable()?new t:null}case "win32":{let{WindowsKeyVaultProvider:t}=await Promise.resolve().then(()=>(Yt(),Vt));return await t.isAvailable()?new t:null}default:return null}}var Wt=rt.SERVICE,Jt=rt.ACCOUNT_TOKEN,At=null;function jt(){return At||(At=Gt()),At}async function Ot(t){await(await jt()).setSecret(Wt,Jt,JSON.stringify({accessToken:t.accessToken,expiresAt:t.expiresAt,lastAuthCheckAt:t.lastAuthCheckAt}));}async function kt(){let e=await(await jt()).getSecret(Wt,Jt);if(!e)return null;try{let r=JSON.parse(e);return {accessToken:r.accessToken,expiresAt:r.expiresAt,lastAuthCheckAt:r.lastAuthCheckAt}}catch{return null}}async function wt(){let t=await kt();if(!t||!t.accessToken)return null;try{let e=t.accessToken.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return r.email??r.preferred_username??r.upn??r.sub??null}catch{return null}}var We=x.join(fe.tmpdir(),$t);function a(...t){if(process.env[_.FLOW_OBS_DEBUG]!=="1")return;let e=`[${new Date().toISOString()}] ${t.join(" ")}
2
- `;try{I.writeFileSync(We,e,{flag:"a"});}catch(r){process.stderr.write(`[flow-obs debug ERROR] ${r.message}
3
- `);}}var b=class extends Error{constructor(e){super(e),this.name="AuthError";}},Ke=/^[a-z0-9][a-z0-9-]{0,62}[a-z0-9]$|^[a-z0-9]$/;function qe(t){if(!Ke.test(t))throw new Error(`Invalid tenant value: "${t}". Tenant must be lowercase alphanumeric and hyphens (1-64 chars).`)}var Kt={INVALID_CLIENT_SECRET:"Invalid Client Secret \u2014 check the value and try again",INVALID_CLIENT_ID:"Invalid Client ID \u2014 check the value and try again",INVALID_TENANT:"Invalid Tenant \u2014 check the value and try again",TENANT_NOT_FOUND:"Tenant not found \u2014 verify the tenant identifier"};function ze(t,e){let r=e.length>400?e.slice(0,400)+"\u2026":e;a("toAuthError",`status=${t} body=${r}`);try{let n=JSON.parse(e);if(typeof n.error=="string"&&(a("toAuthError",`api_error_code=${n.error}`+(n.message?` api_message=${n.message}`:"")),Kt[n.error]))return new b(Kt[n.error])}catch{}return t===401||t===403||t===500?new b("Invalid credentials"):t>=400&&t<500?new b("Authentication request was rejected"):new Error("Authentication service unavailable, please try again later")}function j(t){return new Promise((e,r)=>{try{qe(t.tenant);}catch(p){return r(p)}let n=JSON.stringify({clientSecret:t.clientSecret}),o=new URL(G().AUTH_ENGINE),s=o.protocol==="https:",i={hostname:o.hostname,port:o.port||(s?443:80),path:o.pathname+o.search,method:"POST",headers:{"Content-Type":"application/json","Content-Length":Buffer.byteLength(n),FlowTenant:t.tenant}};a("getToken",`requesting token tenant=${t.tenant} host=${i.hostname} path=${i.path}`);let c=(s?Je__default.default:je__default.default).request(i,p=>{let S=[];p.on("data",T=>S.push(T)),p.on("end",()=>{let T=S.join("");if((p.statusCode??0)>=400)return r(ze(p.statusCode??0,T));let m;try{m=JSON.parse(T);}catch{return r(new Error("Invalid response from auth engine"))}let g=m.expires_at??new Date(Date.now()+(m.expires_in??3600)*1e3).toISOString();e({accessToken:m.access_token??"",expiresAt:g});});});c.on("error",p=>r(new Error(`Network error: ${p.message}`))),c.write(n),c.end();})}var Xe=[/^localhost\.?$/i,/^127\./,/^10\./,/^172\.(1[6-9]|2\d|3[01])\./,/^192\.168\./,/^169\.254\./,/^0\.0\.0\.0$/,/^::1$/,/^\[::1\]$/,/^\[::ffff:/i,/^\[f[cd]/i,/^\[fe80:/i,/^metadata\.google\.internal\.?$/i,/^metadata\.azure\.internal\.?$/i,/(?:^|\.)localtest\.me\.?$/i,/(?:^|\.)lvh\.me\.?$/i,/(?:^|\.)vcap\.me\.?$/i];function Ze(t){return Xe.some(e=>e.test(t))}function Qe(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return r.email||r.preferred_username||r.upn||r.sub||null}catch{return null}}function at(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8")),{clientId:n,clientSecret:o,tenant:s}=r;return !n||!o||!s?null:{clientId:n,clientSecret:o,tenant:s}}catch{return null}}function it(t){let e;try{e=new URL(t);}catch{throw new Error(`Invalid URL: ${t}`)}let r=process.env[_.FLOW_OBS_ALLOW_HTTP]==="true";if(!r&&e.protocol!=="https:")throw new Error(`URL must use HTTPS: ${t}`);if(e.username||e.password)throw new Error(`URL must not contain embedded credentials: ${t}`);if(!r&&Ze(e.hostname))throw new Error(`SSRF: private/loopback host not allowed: ${e.hostname}`);return t}async function qt(){let t=at(process.env[_.ANTHROPIC_AUTH_TOKEN]);return t?{user:await wt().catch(()=>null)??t.clientId,tenant:t.tenant}:{user:"",tenant:""}}function tr(){return new Date().toISOString().slice(0,10)}async function er(t){let e=tr(),r=await kt();if(r?.lastAuthCheckAt!==e){a("getOrRefreshToken",`daily auth check (last: ${r?.lastAuthCheckAt??"never"})`);try{let s=await j(t);try{await Ot({...s,lastAuthCheckAt:e});}catch{}return a("getOrRefreshToken",`daily check passed, expires=${s.expiresAt}`),s.accessToken}catch(s){if(s instanceof b)throw s;a("getOrRefreshToken",`daily check network error \u2014 using cache: ${s.message}`);}}let n=r!=null&&new Date(r.expiresAt)>new Date;if(a("getOrRefreshToken",`cacheValid=${n}`),n)return a("getOrRefreshToken",`using cached token, expires=${r.expiresAt}`),r.accessToken;a("getOrRefreshToken",`token expired \u2014 refreshing via auth-engine (tenant=${t.tenant} clientId=${t.clientId})`);let o=await j(t);try{await Ot({...o,lastAuthCheckAt:e});}catch(s){a("getOrRefreshToken",`token cache save failed (non-fatal): ${s.message}`);}return a("getOrRefreshToken",`token refreshed, expires=${o.expiresAt}`),o.accessToken}function rr(t,e){let r=e&&e.accessToken?e.accessToken:"";return {endpoint:t.replace(/\/$/,"")+"/flow-langfuse-gateway/v1/traces",authHeader:`Bearer ${r}`}}function nr(t,e,r){let n=Buffer.from(`${e}:${r}`).toString("base64");return {endpoint:t.replace(/\/$/,"")+"/api/public/otel/v1/traces",authHeader:`Basic ${n}`}}async function v(){let t=[],e=process.env[_.ANTHROPIC_MODEL]??"",r=at(process.env[_.ANTHROPIC_AUTH_TOKEN]);a("resolveCredentials",r?"credentials resolved from ANTHROPIC_AUTH_TOKEN":"ANTHROPIC_AUTH_TOKEN absent or invalid"),r&&a("resolveCredentials",`clientId=${r.clientId}`,`tenant=${r.tenant}`);let n=r?r.tenant:"",o=process.env[_.FLOW_TELEMETRY]==="true",s=process.env[_.LANGFUSE_BASE_URL],i=process.env[_.LANGFUSE_PUBLIC_KEY],l=process.env[_.LANGFUSE_SECRET_KEY];if(o&&s&&i&&l){let m="",g=n;r&&(m=await wt().catch(()=>null)??r.clientId);let E={user:m??"",tenant:g??"",team:"",project:"",model:e};t.push({mode:"direct",...nr(it(s),i,l),...E}),a("resolveCredentials","direct mode active",`user=${E.user}`,`tenant=${E.tenant}`);}if(!r){if(t.length===0){let m=[];return m.authError=false,m}return t}let c;try{c=await er(r);}catch(m){if(a("resolveCredentials",`token refresh failed: ${m.message}`,`(tenant=${r.tenant} clientId=${r.clientId})`),t.length>0)return t.authError=true,t;let g=[];return g.authError=true,g}let S={user:Qe(c)??r.clientId,tenant:n,team:"",project:"",model:e},T=process.env[_.FLOW_TELEMETRY_GATEWAY]??D();return t.push({mode:"gateway",...rr(it(T),{accessToken:c}),...S}),t}async function zt(){return (await v()).length>0}function w(t,e){let r=typeof t=="object"?JSON.stringify(t):String(t??"");return r.length>e?r.slice(0,e)+" \u2026[truncated]":r}function ct(t,e=100){return String(t??"").split(`
4
- `)[0].slice(0,e).trim()}function Lt(){return new Promise(t=>{let e="";process.stdin.setEncoding("utf8"),process.stdin.on("data",r=>{e+=r;}),process.stdin.on("end",()=>{try{t(JSON.parse(e));}catch{t({});}});})}function O(t){process.stdout.write(JSON.stringify(t));}var It=()=>crypto.randomBytes(16).toString("hex"),C=()=>crypto.randomBytes(8).toString("hex");function L(){return String(BigInt(Date.now())*1000000n)}var dr=/^[0-9a-f-]{1,64}$/i,fr=x.normalize(fe.tmpdir())+x.sep;function mr(t,e){let r=x.resolve(t);if(!r.startsWith(e))throw new Error(`Path traversal detected: ${t}`);return r}function Rt(t){if(!dr.test(t))throw new Error(`Invalid session ID: ${t}`);return mr(x.join(fe.tmpdir(),`flow-obs-${t}.json`),fr)}function B(t){let e=Rt(t);if(!I.existsSync(e))return null;try{return JSON.parse(I.readFileSync(e,"utf8"))}catch{return null}}function M(t,e){I.writeFileSync(Rt(t),JSON.stringify(e),{encoding:"utf8",mode:384});}function Nt(t){try{I.unlinkSync(Rt(t));}catch{}}function ee(t){if(!t||!I.existsSync(t))return null;try{let e=I.readFileSync(t,"utf8").trimEnd().split(`
5
- `);for(let r=e.length-1;r>=0;r--)try{let n=JSON.parse(e[r]);if(n.type==="user"&&n.uuid)return n.uuid}catch{}}catch{}return null}function Pt(t){if(!t||!I.existsSync(t))return null;try{let e=I.readFileSync(t,"utf8").trimEnd().split(`
6
- `),r=[],n=0,o=0;for(let s=e.length-1;s>=0;s--)try{let i=JSON.parse(e[s]);if(i.type==="user")break;if(i.type==="assistant"){let c=(i.message?.content??[]).filter(S=>S.type==="text").map(S=>S.text??"").join("");c&&r.unshift(c);let p=i.message?.usage??{};n+=(p.input_tokens??0)+(p.cache_read_input_tokens??0)+(p.cache_creation_input_tokens??0),o+=p.output_tokens??0;}}catch{}return !r.length&&n===0?null:{text:r.join(`
1
+ 'use strict';var child_process=require('child_process'),util=require('util'),I=require('fs'),B=require('path'),me=require('os'),Ke=require('https'),je=require('http'),crypto=require('crypto');function _interopDefault(e){return e&&e.__esModule?e:{default:e}}var I__default=/*#__PURE__*/_interopDefault(I);var B__default=/*#__PURE__*/_interopDefault(B);var me__default=/*#__PURE__*/_interopDefault(me);var Ke__default=/*#__PURE__*/_interopDefault(Ke);var je__default=/*#__PURE__*/_interopDefault(je);var Pe=Object.defineProperty;var nt=(t=>typeof require<"u"?require:typeof Proxy<"u"?new Proxy(t,{get:(e,r)=>(typeof require<"u"?require:e)[r]}):t)(function(t){if(typeof require<"u")return require.apply(this,arguments);throw Error('Dynamic require of "'+t+'" is not supported')});var gt=(t,e,r)=>()=>{if(r)throw r[0];try{return t&&(e=t(t=0)),e}catch(n){throw r=[n],n}};var St=(t,e)=>{for(var r in e)Pe(t,r,{get:e[r],enumerable:true});};var Bt={};St(Bt,{MacOsKeyVaultProvider:()=>At});var yt,At,Mt=gt(()=>{"use strict";yt=util.promisify(child_process.execFile),At=class{static async isAvailable(){try{return I.accessSync("/usr/bin/security",I.constants.X_OK),!0}catch{return !1}}async getSecret(e,r){try{let{stdout:n}=await yt("security",["find-generic-password","-w","-a",r,"-s",e]);return n.trim()||null}catch{return null}}async setSecret(e,r,n){await yt("security",["add-generic-password","-U","-a",r,"-s",e,"-w",n]);}async deleteSecret(e,r){try{return await yt("security",["delete-generic-password","-a",r,"-s",e]),!0}catch{return !1}}getStoragePath(){return "macOS Keychain"}};});var Vt={};St(Vt,{LinuxKeyVaultProvider:()=>Ot});var Ht,Ot,Yt=gt(()=>{"use strict";Ht=util.promisify(child_process.execFile),Ot=class{static async isAvailable(){let e=["/usr/bin/secret-tool","/bin/secret-tool","/usr/local/bin/secret-tool"];for(let r of e)try{return I.accessSync(r,I.constants.X_OK),!0}catch{}return !1}async getSecret(e,r){try{let{stdout:n}=await Ht("secret-tool",["lookup","service",e,"account",r]);return n.trim()||null}catch{return null}}async setSecret(e,r,n){await new Promise((o,s)=>{let i=child_process.spawn("secret-tool",["store","--label",e,"service",e,"account",r]);i.on("error",s),i.on("close",l=>{l===0?o():s(new Error(`secret-tool exited with code ${l}`));}),i.stdin.write(n),i.stdin.end();});}async deleteSecret(e,r){try{return await Ht("secret-tool",["clear","service",e,"account",r]),!0}catch{return !1}}getStoragePath(){return "Linux Secret Service (libsecret)"}};});var Gt={};St(Gt,{WindowsKeyVaultProvider:()=>wt});var wt,Wt=gt(()=>{"use strict";wt=class{static async isAvailable(){try{return await nt("keytar").getPassword("__flow_probe__","__flow_probe__"),!0}catch{return !1}}async getSecret(e,r){return nt("keytar").getPassword(e,r)}async setSecret(e,r,n){await nt("keytar").setPassword(e,r,n);}async deleteSecret(e,r){return nt("keytar").deletePassword(e,r)}getStoragePath(){return "Windows Credential Manager"}};});var Ne="https://flow.ciandt.com";function x(){let t=process.env.FLOW_BASE_URL;return t&&t.trim()?t.trim():Ne}function W(){let t=x();return {AUTH_ENGINE:process.env.FLOW_AUTH_ENGINE_URL||`${t}/auth-engine-api/v2/api-key/token`,GATEWAY_TRACES:process.env.FLOW_GATEWAY_TRACES_URL||`${t}/flow-langfuse-gateway/v1/traces`,GATEWAY_HEALTH:process.env.FLOW_GATEWAY_HEALTH_URL||`${t}/flow-langfuse-gateway/v1/health`,OTEL_ENDPOINT:process.env.FLOW_OTEL_ENDPOINT_URL||`${t}/otel`}}W();var st={SERVICE:"flow-plugins-cli",ACCOUNT_TOKEN:"token-cache"},ot="FLOW-nodejs",it="config.json",_t={SCOPE_NAME:"flow-ai-obs",SCOPE_VERSION:"0.1.0"};var S={FLOW_TELEMETRY:"FLOW_TELEMETRY",FLOW_TELEMETRY_GATEWAY:"FLOW_TELEMETRY_GATEWAY_URL",LANGFUSE_BASE_URL:"LANGFUSE_BASE_URL",LANGFUSE_PUBLIC_KEY:"LANGFUSE_PUBLIC_KEY",LANGFUSE_SECRET_KEY:"LANGFUSE_SECRET_KEY",ANTHROPIC_MODEL:"ANTHROPIC_MODEL",ANTHROPIC_AUTH_TOKEN:"ANTHROPIC_AUTH_TOKEN",FLOW_OBS_DEBUG:"FLOW_TELEMETRY_DEBUG",FLOW_OBS_ALLOW_HTTP:"FLOW_TELEMETRY_ALLOW_HTTP",BUFFER_TTL_DAYS:"FLOW_TELEMETRY_BUFFER_TTL_DAYS",BUFFER_MAX_FILES:"FLOW_TELEMETRY_BUFFER_MAX_FILES"};var A={FILE_PREFIX:"flow-obs-buffer-",DEFAULT_TTL_DAYS:4,MIN_TTL_DAYS:1,MAX_TTL_DAYS:30,DEFAULT_MAX_FILES:50,MIN_MAX_FILES:1,MAX_MAX_FILES:500,REPLAY_BATCH_SIZE:10},Dt="flow-ai-obs-debug.log",w={TOOL_INPUT:2e4,TOOL_OUTPUT:2e4,TRACE_OUTPUT:2e4,USER_INSTRUCTION:1e4,TRACE_INPUT:5e4};function Tt(){let t=x();return {API_URL:process.env.FLOW_METRICS_URL||`${t}/metrics-collector-api/log-event`,BOOSTER:"flow-ai-obs"}}var Et={credentials:"credentials","token-cache":"tokenCache"};function J(){let t=me__default.default.homedir();if(process.platform==="darwin")return B__default.default.join(t,"Library","Preferences",ot,it);if(process.platform==="win32"){let r=process.env.APPDATA??B__default.default.join(t,"AppData","Roaming");return B__default.default.join(r,ot,it)}let e=process.env.XDG_CONFIG_HOME??B__default.default.join(t,".config");return B__default.default.join(e,ot,it)}function ht(){try{let t=I__default.default.readFileSync(J(),"utf8");return JSON.parse(t)}catch{return {}}}function xt(t){let e=J();I__default.default.mkdirSync(B__default.default.dirname(e),{recursive:true}),I__default.default.writeFileSync(e,JSON.stringify(t,null,2),{encoding:"utf8",mode:384});}var at=class{static isAvailable(){return true}static hasExistingData(){try{if(!I__default.default.existsSync(J()))return !1;let e=JSON.parse(I__default.default.readFileSync(J(),"utf8"));return !!(e&&e.credentials)}catch{return false}}async getSecret(e,r){let n=ht(),o=Et[r]??r,s=n[o];return s?typeof s=="string"?s:JSON.stringify(s):null}async setSecret(e,r,n){let o=ht(),s=Et[r]??r;if(r==="token-cache")try{o[s]=JSON.parse(n);}catch{o[s]=n;}else o[s]=n;xt(o);}async deleteSecret(e,r){let n=ht(),o=Et[r]??r;return o in n?(delete n[o],xt(n),true):false}getStoragePath(){return `config.json (unencrypted) \u2014 ${J()}`}};async function Jt(){return await Ve()??new at}async function Ve(){switch(process.platform){case "darwin":{let{MacOsKeyVaultProvider:t}=await Promise.resolve().then(()=>(Mt(),Bt));return await t.isAvailable()?new t:null}case "linux":{let{LinuxKeyVaultProvider:t}=await Promise.resolve().then(()=>(Yt(),Vt));return await t.isAvailable()?new t:null}case "win32":{let{WindowsKeyVaultProvider:t}=await Promise.resolve().then(()=>(Wt(),Gt));return await t.isAvailable()?new t:null}default:return null}}var Kt=st.SERVICE,jt=st.ACCOUNT_TOKEN,kt=null;function qt(){return kt||(kt=Jt()),kt}async function Lt(t){await(await qt()).setSecret(Kt,jt,JSON.stringify({accessToken:t.accessToken,expiresAt:t.expiresAt,lastAuthCheckAt:t.lastAuthCheckAt}));}async function It(){let e=await(await qt()).getSecret(Kt,jt);if(!e)return null;try{let r=JSON.parse(e);return {accessToken:r.accessToken,expiresAt:r.expiresAt,lastAuthCheckAt:r.lastAuthCheckAt}}catch{return null}}async function Rt(){let t=await It();if(!t||!t.accessToken)return null;try{let e=t.accessToken.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return r.email??r.preferred_username??r.upn??r.sub??null}catch{return null}}var Je=B.join(me.tmpdir(),Dt);function a(...t){if(process.env[S.FLOW_OBS_DEBUG]!=="1")return;let e=`[${new Date().toISOString()}] ${t.join(" ")}
2
+ `;try{I.writeFileSync(Je,e,{flag:"a"});}catch(r){process.stderr.write(`[flow-obs debug ERROR] ${r.message}
3
+ `);}}var b=class extends Error{constructor(e){super(e),this.name="AuthError";}},qe=/^[a-z0-9][a-z0-9-]{0,62}[a-z0-9]$|^[a-z0-9]$/;function ze(t){if(!qe.test(t))throw new Error(`Invalid tenant value: "${t}". Tenant must be lowercase alphanumeric and hyphens (1-64 chars).`)}var zt={INVALID_CLIENT_SECRET:"Invalid Client Secret \u2014 check the value and try again",INVALID_CLIENT_ID:"Invalid Client ID \u2014 check the value and try again",INVALID_TENANT:"Invalid Tenant \u2014 check the value and try again",TENANT_NOT_FOUND:"Tenant not found \u2014 verify the tenant identifier"};function Xe(t,e){let r=e.length>400?e.slice(0,400)+"\u2026":e;a("toAuthError",`status=${t} body=${r}`);try{let n=JSON.parse(e);if(typeof n.error=="string"&&(a("toAuthError",`api_error_code=${n.error}`+(n.message?` api_message=${n.message}`:"")),zt[n.error]))return new b(zt[n.error])}catch{}return t===401||t===403||t===500?new b("Invalid credentials"):t>=400&&t<500?new b("Authentication request was rejected"):new Error("Authentication service unavailable, please try again later")}function j(t){return new Promise((e,r)=>{try{ze(t.tenant);}catch(p){return r(p)}let n=JSON.stringify({clientSecret:t.clientSecret}),o=new URL(W().AUTH_ENGINE),s=o.protocol==="https:",i={hostname:o.hostname,port:o.port||(s?443:80),path:o.pathname+o.search,method:"POST",headers:{"Content-Type":"application/json","Content-Length":Buffer.byteLength(n),FlowTenant:t.tenant}};a("getToken",`requesting token tenant=${t.tenant} host=${i.hostname} path=${i.path}`);let c=(s?Ke__default.default:je__default.default).request(i,p=>{let _=[];p.on("data",T=>_.push(T)),p.on("end",()=>{let T=_.join("");if((p.statusCode??0)>=400)return r(Xe(p.statusCode??0,T));let m;try{m=JSON.parse(T);}catch{return r(new Error("Invalid response from auth engine"))}let g=m.expires_at??new Date(Date.now()+(m.expires_in??3600)*1e3).toISOString();e({accessToken:m.access_token??"",expiresAt:g});});});c.on("error",p=>r(new Error(`Network error: ${p.message}`))),c.write(n),c.end();})}var Ze=[/^localhost\.?$/i,/^127\./,/^10\./,/^172\.(1[6-9]|2\d|3[01])\./,/^192\.168\./,/^169\.254\./,/^0\.0\.0\.0$/,/^::1$/,/^\[::1\]$/,/^\[::ffff:/i,/^\[f[cd]/i,/^\[fe80:/i,/^metadata\.google\.internal\.?$/i,/^metadata\.azure\.internal\.?$/i,/(?:^|\.)localtest\.me\.?$/i,/(?:^|\.)lvh\.me\.?$/i,/(?:^|\.)vcap\.me\.?$/i];function Qe(t){return Ze.some(e=>e.test(t))}function tr(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8"));return r.email||r.preferred_username||r.upn||r.sub||null}catch{return null}}function lt(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let r=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8")),{clientId:n,clientSecret:o,tenant:s}=r;return !n||!o||!s?null:{clientId:n,clientSecret:o,tenant:s}}catch{return null}}function ct(t){let e;try{e=new URL(t);}catch{throw new Error(`Invalid URL: ${t}`)}let r=process.env[S.FLOW_OBS_ALLOW_HTTP]==="true";if(!r&&e.protocol!=="https:")throw new Error(`URL must use HTTPS: ${t}`);if(e.username||e.password)throw new Error(`URL must not contain embedded credentials: ${t}`);if(!r&&Qe(e.hostname))throw new Error(`SSRF: private/loopback host not allowed: ${e.hostname}`);return t}async function Xt(){let t=lt(process.env[S.ANTHROPIC_AUTH_TOKEN]);return t?{user:await Rt().catch(()=>null)??t.clientId,tenant:t.tenant}:{user:"",tenant:""}}function er(){return new Date().toISOString().slice(0,10)}async function rr(t){let e=er(),r=await It();if(r?.lastAuthCheckAt!==e){a("getOrRefreshToken",`daily auth check (last: ${r?.lastAuthCheckAt??"never"})`);try{let s=await j(t);try{await Lt({...s,lastAuthCheckAt:e});}catch{}return a("getOrRefreshToken",`daily check passed, expires=${s.expiresAt}`),s.accessToken}catch(s){if(s instanceof b)throw s;a("getOrRefreshToken",`daily check network error \u2014 using cache: ${s.message}`);}}let n=r!=null&&new Date(r.expiresAt)>new Date;if(a("getOrRefreshToken",`cacheValid=${n}`),n)return a("getOrRefreshToken",`using cached token, expires=${r.expiresAt}`),r.accessToken;a("getOrRefreshToken",`token expired \u2014 refreshing via auth-engine (tenant=${t.tenant} clientId=${t.clientId})`);let o=await j(t);try{await Lt({...o,lastAuthCheckAt:e});}catch(s){a("getOrRefreshToken",`token cache save failed (non-fatal): ${s.message}`);}return a("getOrRefreshToken",`token refreshed, expires=${o.expiresAt}`),o.accessToken}function nr(t,e){let r=e&&e.accessToken?e.accessToken:"";return {endpoint:t.replace(/\/$/,"")+"/flow-langfuse-gateway/v1/traces",authHeader:`Bearer ${r}`}}function sr(t,e,r){let n=Buffer.from(`${e}:${r}`).toString("base64");return {endpoint:t.replace(/\/$/,"")+"/api/public/otel/v1/traces",authHeader:`Basic ${n}`}}async function v(){let t=[],e=process.env[S.ANTHROPIC_MODEL]??"",r=lt(process.env[S.ANTHROPIC_AUTH_TOKEN]);a("resolveCredentials",r?"credentials resolved from ANTHROPIC_AUTH_TOKEN":"ANTHROPIC_AUTH_TOKEN absent or invalid"),r&&a("resolveCredentials",`clientId=${r.clientId}`,`tenant=${r.tenant}`);let n=r?r.tenant:"",o=process.env[S.FLOW_TELEMETRY]==="true",s=process.env[S.LANGFUSE_BASE_URL],i=process.env[S.LANGFUSE_PUBLIC_KEY],l=process.env[S.LANGFUSE_SECRET_KEY];if(o&&s&&i&&l){let m="",g=n;r&&(m=await Rt().catch(()=>null)??r.clientId);let E={user:m??"",tenant:g??"",team:"",project:"",model:e};t.push({mode:"direct",...sr(ct(s),i,l),...E}),a("resolveCredentials","direct mode active",`user=${E.user}`,`tenant=${E.tenant}`);}if(!r){if(t.length===0){let m=[];return m.authError=false,m}return t}let c;try{c=await rr(r);}catch(m){if(a("resolveCredentials",`token refresh failed: ${m.message}`,`(tenant=${r.tenant} clientId=${r.clientId})`),t.length>0)return t.authError=true,t;let g=[];return g.authError=true,g}let _={user:tr(c)??r.clientId,tenant:n,team:"",project:"",model:e},T=process.env[S.FLOW_TELEMETRY_GATEWAY]??x();return t.push({mode:"gateway",...nr(ct(T),{accessToken:c}),..._}),t}async function ut(){return (await v()).length>0}function k(t,e){let r=typeof t=="object"?JSON.stringify(t):String(t??"");return r.length>e?r.slice(0,e)+" \u2026[truncated]":r}function pt(t,e=100){return String(t??"").split(`
4
+ `)[0].slice(0,e).trim()}function q(){return new Promise(t=>{let e="";process.stdin.setEncoding("utf8"),process.stdin.on("data",r=>{e+=r;}),process.stdin.on("end",()=>{try{t(JSON.parse(e));}catch{t({});}});})}function O(t){process.stdout.write(JSON.stringify(t));}var Pt=()=>crypto.randomBytes(16).toString("hex"),U=()=>crypto.randomBytes(8).toString("hex");function L(){return String(BigInt(Date.now())*1000000n)}var fr=/^[0-9a-f-]{1,64}$/i,mr=B.normalize(me.tmpdir())+B.sep;function gr(t,e){let r=B.resolve(t);if(!r.startsWith(e))throw new Error(`Path traversal detected: ${t}`);return r}function Nt(t){if(!fr.test(t))throw new Error(`Invalid session ID: ${t}`);return gr(B.join(me.tmpdir(),`flow-obs-${t}.json`),mr)}function M(t){let e=Nt(t);if(!I.existsSync(e))return null;try{return JSON.parse(I.readFileSync(e,"utf8"))}catch{return null}}function H(t,e){I.writeFileSync(Nt(t),JSON.stringify(e),{encoding:"utf8",mode:384});}function bt(t){try{I.unlinkSync(Nt(t));}catch{}}function re(t){if(!t||!I.existsSync(t))return null;try{let e=I.readFileSync(t,"utf8").trimEnd().split(`
5
+ `);for(let r=e.length-1;r>=0;r--)try{let n=JSON.parse(e[r]);if(n.type==="user"&&n.uuid)return n.uuid}catch{}}catch{}return null}function vt(t){if(!t||!I.existsSync(t))return null;try{let e=I.readFileSync(t,"utf8").trimEnd().split(`
6
+ `),r=[],n=0,o=0;for(let s=e.length-1;s>=0;s--)try{let i=JSON.parse(e[s]);if(i.type==="user")break;if(i.type==="assistant"){let c=(i.message?.content??[]).filter(_=>_.type==="text").map(_=>_.text??"").join("");c&&r.unshift(c);let p=i.message?.usage??{};n+=(p.input_tokens??0)+(p.cache_read_input_tokens??0)+(p.cache_creation_input_tokens??0),o+=p.output_tokens??0;}}catch{}return !r.length&&n===0?null:{text:r.join(`
7
7
 
8
- `),inputTokens:n,outputTokens:o}}catch{}return null}var Tr=new Set([".venv","__pycache__",".git","node_modules"]),Er=new Set([".pyc",".pyo"]),hr=new Set(["SKILL.md",".DS_Store",".gitignore"]);function se(t){return t.replace(":","/")}function lt(t,e){if(!t)return null;let r=se(t),n=[x.join(fe.homedir(),".claude","skills",r,"SKILL.md"),x.join(e??"",".claude","skills",r,"SKILL.md")];for(let o of n)if(I.existsSync(o))try{return I.readFileSync(o,"utf8")}catch{}return null}function oe(t){return t.split(`
9
- `)[0].match(/^\/([a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?)(?:\s.*)?$/i)?.[1]??null}var yr=new Set(["Read","Write","Edit","MultiEdit","Bash","Glob","Grep","TodoWrite","WebFetch","WebSearch","Agent","Task"]);function ie(t){return !!t.slashSkill||t.toolCalls.some(n=>n.tool==="Skill")?t.toolCalls.some(n=>n.tool==="Skill"&&!n.synthetic||yr.has(n.tool))?"complete":"prerequisite_required":null}function ut(t,e){if(!t)return null;let r=se(t),n=[x.join(fe.homedir(),".claude","skills",r),x.join(e??"",".claude","skills",r)],o=null;for(let l of n)if(I.existsSync(x.join(l,"SKILL.md"))){o=l;break}if(!o)return null;let s=[];function i(l,c){for(let p of I.readdirSync(l,{withFileTypes:true})){if(Tr.has(p.name)||hr.has(p.name)||Er.has(x.extname(p.name)))continue;let S=c?`${c}/${p.name}`:p.name;p.isDirectory()?i(x.join(l,p.name),S):s.push(S);}}return i(o,""),s.length>0?s:null}function kr(t){try{let e=t.split(".")[1].replace(/-/g,"+").replace(/_/g,"/");return JSON.parse(Buffer.from(e,"base64").toString())}catch{return null}}function wr(t,e,r,n){return new Promise(o=>{let s=new URL(t),i=s.protocol==="https:",l=(i?Je__default.default:je__default.default).request({hostname:s.hostname,port:s.port||(i?443:80),path:s.pathname+s.search,method:"POST",headers:{"Content-Type":"application/json","Content-Length":Buffer.byteLength(e),Authorization:`Bearer ${String(r).replace(/[\r\n]/g,"")}`,FlowTenant:String(n).replace(/[\r\n]/g,"")}},c=>{c.resume(),o(c.statusCode??0);});l.on("error",()=>o(0)),l.setTimeout(5e3,()=>{l.destroy(),o(0);}),l.write(e),l.end();})}async function U(t,e={}){try{let r=at(process.env[_.ANTHROPIC_AUTH_TOKEN]);if(!r)return;let n,o=new Promise((T,m)=>{n=setTimeout(()=>m(new Error("getToken timeout")),4e3),n.unref();}),{accessToken:s}=await Promise.race([j(r),o]);clearTimeout(n);let i=kr(s);if(!i)return;let l=i.tenant||r.tenant,c=JSON.stringify({action:t,booster:gt().BOOSTER,metadata:e,success:!0,tenant:l,timestamp:new Date().toISOString(),os:process.platform,user:{email:i.email||"",id:i.sub||"",name:i.name||i.email||""}}),p=it(gt().API_URL),S=await wr(p,c,s,l);a("metrics.logEvent",`action=${t} status=${S}`);}catch(r){a("metrics.logEvent",`silenced error: ${r.message}`);}}var Lr=`\u26D4 Your Flow API key has expired. You no longer have access to Claude Code through the Flow platform. To restore observability and access, visit ${D()}/settings/api-keys to generate a new API key, then run: flow-ai-obs auth login`;async function bt(t,e=false){if(e){process.stdout.write(JSON.stringify({decision:"block",reason:Lr})+`
10
- `);return}let n=!!(await v()).authError,o=t.session_id||"unknown",s=t.prompt||"",i=t.cwd||"",l=ee(t.transcript_path)||It(),c=oe(s),p=c?lt(c,i):null,S=c?ut(c,i):null;M(o,{traceId:It(),spanId:C(),startNs:L(),sessionId:o,prompt:s,cwd:i,traceName:l,transcriptPath:t.transcript_path||"",model:process.env[_.ANTHROPIC_MODEL]||"",toolCalls:[],spans:[],pendingTool:null,slashSkill:c,skillContent:p,skillArtifacts:S}),U("SESSION_STARTED",{traceType:c?"skill":"prompt",slashSkill:c,clientIdExpired:n}),a("UserPromptSubmit",`sid=${o}`,`traceName=${l}`,`slashSkill=${c}`),O(t);}async function ae(t){let e=t.session_id||"unknown",r=t.tool_name||"unknown",n=t.tool_input||{},o=B(e);o&&(o.pendingTool={name:r,inputStr:w(n,k.TOOL_INPUT),startNs:L()},M(e,o)),a("PreToolUse",`sid=${e}`,`tool=${r}`,`stateFound=${!!o}`),O(t);}var Ir={name:mt.SCOPE_NAME,version:mt.SCOPE_VERSION},f={TRACE_NAME:"langfuse.trace.name",TRACE_INPUT:"langfuse.trace.input",TRACE_OUTPUT:"langfuse.trace.output",TRACE_METADATA:"langfuse.trace.metadata",TRACE_TAGS:"langfuse.trace.tags",USER_ID:"langfuse.user.id",SESSION_ID:"langfuse.session.id",OBS_NAME:"langfuse.observation.name",OBS_INPUT:"langfuse.observation.input",OBS_OUTPUT:"langfuse.observation.output",OBS_LEVEL:"langfuse.observation.level",OBS_TYPE:"langfuse.observation.type",MODEL:"gen_ai.request.model",INPUT_TOKENS:"gen_ai.usage.input_tokens",OUTPUT_TOKENS:"gen_ai.usage.output_tokens"};function u(t,e){return e==null||e===""?null:{key:t,value:{stringValue:String(e)}}}function $(...t){return t.filter(e=>e!==null)}function ce(t,e){return {resourceSpans:[{resource:{attributes:t},scopeSpans:[{scope:Ir,spans:Array.isArray(e)?e:[e]}]}]}}var le=x.join(fe.tmpdir(),"flow-obs-requests.ndjson");function ue(t,e,r,n,o){if(process.env[_.FLOW_OBS_DEBUG]!=="1")return;let s=JSON.stringify({ts:new Date().toISOString(),request:{method:"POST",url:t,headers:e,body:JSON.parse(r)},response:{status:n,body:o}});try{I.writeFileSync(le,s+`
11
- `,{flag:"a",encoding:"utf8",mode:384}),a("sendTraces:dump",`request appendada em ${le}`);}catch(i){a("sendTraces:dump",`falha ao salvar: ${i.message}`);}}function Cr(t){let e=new URL(t),r=new URL(G().GATEWAY_HEALTH);return r.hostname=e.hostname,r.port=e.port,r.protocol=e.protocol,r}function pe(t,e){return new Promise((r,n)=>{let o=t._isSSL?Je__default.default:je__default.default;t.headers=Object.assign({},t.headers,{Connection:"close"});let s=o.request(t,i=>{let l=[];i.on("data",c=>l.push(c)),i.on("end",()=>r({statusCode:i.statusCode??0,body:l.join("")}));});s.setTimeout(1e4,()=>{s.destroy(new Error("Request timeout"));}),s.on("error",i=>n(new Error(`Network error: ${i.message}`))),e&&s.write(e),s.end();})}async function de(t,e){let r;try{r=Cr(t);}catch{return false}let n=r.protocol==="https:";try{let o={};e&&(o.Authorization=String(e).replace(/[\r\n]/g,""));let s=await pe({hostname:r.hostname,port:r.port||(n?443:80),path:r.pathname,method:"GET",headers:o,_isSSL:n},null);return a("checkHealth",`url=${r.href} status=${s.statusCode}`),s.statusCode>=200&&s.statusCode<300}catch{return false}}async function pt(t,e,r){let n=JSON.stringify(t),o=new URL(e),s=o.protocol==="https:",i=String(r).replace(/[\r\n]/g,""),l={"Content-Type":"application/json",Authorization:i,"Content-Length":Buffer.byteLength(n)};a("sendTraces:request",`POST ${e}`),a("sendTraces:request",`headers=${JSON.stringify({...l,Authorization:i.slice(0,20)+"\u2026"})}`),a("sendTraces:request",`body=${n.slice(0,500)}${n.length>500?"\u2026":""}`);try{let c=await pe({hostname:o.hostname,port:o.port||(s?443:80),path:o.pathname,method:"POST",headers:l,_isSSL:s},n);return a("sendTraces:response",`status=${c.statusCode}`),ue(e,l,n,c.statusCode,c.body),c.statusCode}catch(c){return a("sendTraces:error",c.message),ue(e,l,n,0,c.message),0}}function Ur(){let t=parseInt(process.env[_.BUFFER_TTL_DAYS]??"",10);return (Number.isFinite(t)?Math.max(A.MIN_TTL_DAYS,Math.min(A.MAX_TTL_DAYS,t)):A.DEFAULT_TTL_DAYS)*24*60*60*1e3}function $r(){let t=parseInt(process.env[_.BUFFER_MAX_FILES]??"",10);return Number.isFinite(t)?Math.max(A.MIN_MAX_FILES,Math.min(A.MAX_MAX_FILES,t)):A.DEFAULT_MAX_FILES}function me(t){if(/[/\\]/.test(t))throw new Error(`Invalid buffer fileId: ${t}`);return x__default.default.join(fe__default.default.tmpdir(),`${A.FILE_PREFIX}${t}.json`)}function Ct(){let t=fe__default.default.tmpdir(),e;try{e=I__default.default.readdirSync(t);}catch{return []}return e.filter(r=>r.startsWith(A.FILE_PREFIX)&&r.endsWith(".json")).map(r=>{let n=x__default.default.join(t,r),o=0;try{o=I__default.default.statSync(n).mtimeMs;}catch{}return {full:n,mtime:o}}).sort((r,n)=>r.mtime-n.mtime).map(r=>r.full)}function K(t){try{let e=$r(),r=Ct();if(r.length>=e){let s=r.slice(0,r.length-e+1);for(let i of s)try{I__default.default.unlinkSync(i);}catch{}}let n=`${Date.now()}-${Math.random().toString(36).slice(2,8)}`,o={fileId:n,bufferedAt:Date.now(),payload:t};return I__default.default.writeFileSync(me(n),JSON.stringify(o),{encoding:"utf8",mode:384}),a("buffer",`saved fileId=${n}`),n}catch(e){return a("buffer",`saveToBuffer failed: ${e.message}`),null}}function ge(t){let e=Ct(),r=t,n=[];for(let o of e){if(n.length>=r)break;try{let s=I__default.default.readFileSync(o,"utf8"),i=JSON.parse(s);i&&i.fileId&&i.payload&&n.push(i);}catch{a("buffer",`skipping malformed file: ${o}`);}}return n}function _e(t){try{I__default.default.unlinkSync(me(t)),a("buffer",`deleted fileId=${t}`);}catch{}}function Se(){let t=Date.now()-Ur();for(let e of Ct())try{let{mtimeMs:r}=I__default.default.statSync(e);r<t&&(I__default.default.unlinkSync(e),a("buffer",`evicted stale: ${x__default.default.basename(e)}`));}catch{}}async function Fr(t){Se();let e=ge(A.REPLAY_BATCH_SIZE);e.length&&(a("replayBufferedTraces",`replaying ${e.length} buffered trace(s)`),await Promise.allSettled(e.map(async r=>{try{let n=await pt(r.payload,t.endpoint,t.authHeader);n>=200&&n<300?(_e(r.fileId),a("replayBufferedTraces",`replayed fileId=${r.fileId} status=${n}`)):a("replayBufferedTraces",`replay failed fileId=${r.fileId} status=${n}`);}catch(n){a("replayBufferedTraces",`replay error fileId=${r.fileId}: ${n.message}`);}})));}async function Te(t){let e=await v();if(!e.length)return e.authError&&(a("postToLangfuse","auth refresh failed \u2014 buffering trace"),K(t)),0;let r=await Promise.all(e.map(async s=>{if(s.mode!=="gateway")return {creds:s,healthy:true};let i=await de(s.endpoint,s.authHeader);return {creds:s,healthy:i}})),n=r.find(s=>s.creds.mode==="gateway"&&s.healthy)?.creds??r.find(s=>s.creds.mode==="direct")?.creds;return n&&await Fr(n),(await Promise.all(r.map(async({creds:s,healthy:i})=>{if(s.mode==="gateway"){if(!i)return a("postToLangfuse","gateway health check failed \u2014 buffering trace"),K(t),0;let c=await pt(t,s.endpoint,s.authHeader);return (c===0||c>=500)&&(a("postToLangfuse",`gateway send failed (status ${c}) \u2014 buffering trace`),K(t)),c}let l=await pt(t,s.endpoint,s.authHeader);return (l===0||l>=500)&&(a("postToLangfuse",`direct endpoint unavailable (status ${l}) \u2014 buffering trace`),K(t)),l}))).find(s=>s!==0)??0}var y="[REDACTED]",Dr="[REDACTED-EMAIL]",xr="[REDACTED-CPF]",Br="[REDACTED-CNPJ]",Ee="[REDACTED-PHONE]",Mr=[{re:/\b(sk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`sk-${y}`},{re:/\b(pk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`pk-${y}`},{re:/\b(Bearer\s+)[A-Za-z0-9\-._~+/]+=*/gi,replace:(t,e)=>`${e}${y}`},{re:/\b(Basic\s+)[A-Za-z0-9+/]+=*/gi,replace:(t,e)=>`${e}${y}`},{re:/(-----BEGIN [A-Z ]+-----)[^-]*(-----END [A-Z ]+-----)/g,replace:(t,e,r)=>`${e}
8
+ `),inputTokens:n,outputTokens:o}}catch{}return null}var Er=new Set([".venv","__pycache__",".git","node_modules"]),hr=new Set([".pyc",".pyo"]),yr=new Set(["SKILL.md",".DS_Store",".gitignore"]);function oe(t){return t.replace(":","/")}function dt(t,e){if(!t)return null;let r=oe(t),n=[B.join(me.homedir(),".claude","skills",r,"SKILL.md"),B.join(e??"",".claude","skills",r,"SKILL.md")];for(let o of n)if(I.existsSync(o))try{return I.readFileSync(o,"utf8")}catch{}return null}function ie(t){return t.split(`
9
+ `)[0].match(/^\/([a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?)(?:\s.*)?$/i)?.[1]??null}var Ar=new Set(["Read","Write","Edit","MultiEdit","Bash","Glob","Grep","TodoWrite","WebFetch","WebSearch","Agent","Task"]);function ae(t){return !!t.slashSkill||t.toolCalls.some(n=>n.tool==="Skill")?t.toolCalls.some(n=>n.tool==="Skill"&&!n.synthetic||Ar.has(n.tool))?"complete":"prerequisite_required":null}function ft(t,e){if(!t)return null;let r=oe(t),n=[B.join(me.homedir(),".claude","skills",r),B.join(e??"",".claude","skills",r)],o=null;for(let l of n)if(I.existsSync(B.join(l,"SKILL.md"))){o=l;break}if(!o)return null;let s=[];function i(l,c){for(let p of I.readdirSync(l,{withFileTypes:true})){if(Er.has(p.name)||yr.has(p.name)||hr.has(B.extname(p.name)))continue;let _=c?`${c}/${p.name}`:p.name;p.isDirectory()?i(B.join(l,p.name),_):s.push(_);}}return i(o,""),s.length>0?s:null}function kr(t){try{let e=t.split(".")[1].replace(/-/g,"+").replace(/_/g,"/");return JSON.parse(Buffer.from(e,"base64").toString())}catch{return null}}function Lr(t,e,r,n){return new Promise(o=>{let s=new URL(t),i=s.protocol==="https:",l=(i?Ke__default.default:je__default.default).request({hostname:s.hostname,port:s.port||(i?443:80),path:s.pathname+s.search,method:"POST",headers:{"Content-Type":"application/json","Content-Length":Buffer.byteLength(e),Authorization:`Bearer ${String(r).replace(/[\r\n]/g,"")}`,FlowTenant:String(n).replace(/[\r\n]/g,"")}},c=>{c.resume(),o(c.statusCode??0);});l.on("error",()=>o(0)),l.setTimeout(5e3,()=>{l.destroy(),o(0);}),l.write(e),l.end();})}async function C(t,e={}){try{let r=lt(process.env[S.ANTHROPIC_AUTH_TOKEN]);if(!r)return;let n,o=new Promise((T,m)=>{n=setTimeout(()=>m(new Error("getToken timeout")),4e3),n.unref();}),{accessToken:s}=await Promise.race([j(r),o]);clearTimeout(n);let i=kr(s);if(!i)return;let l=i.tenant||r.tenant,c=JSON.stringify({action:t,booster:Tt().BOOSTER,metadata:e,success:!0,tenant:l,timestamp:new Date().toISOString(),os:process.platform,user:{email:i.email||"",id:i.sub||"",name:i.name||i.email||""}}),p=ct(Tt().API_URL),_=await Lr(p,c,s,l);a("metrics.logEvent",`action=${t} status=${_}`);}catch(r){a("metrics.logEvent",`silenced error: ${r.message}`);}}var Ir=`\u26D4 Your Flow API key has expired. You no longer have access to Claude Code through the Flow platform. To restore observability and access, visit ${x()}/settings/api-keys to generate a new API key, then run: flow-ai-obs auth login`;async function Ut(t,e=false){if(e){process.stdout.write(JSON.stringify({decision:"block",reason:Ir})+`
10
+ `);return}let n=!!(await v()).authError,o=t.session_id||"unknown",s=t.prompt||"",i=t.cwd||"",l=re(t.transcript_path)||Pt(),c=ie(s),p=c?dt(c,i):null,_=c?ft(c,i):null;H(o,{traceId:Pt(),spanId:U(),startNs:L(),sessionId:o,prompt:s,cwd:i,traceName:l,transcriptPath:t.transcript_path||"",model:process.env[S.ANTHROPIC_MODEL]||"",toolCalls:[],spans:[],pendingTool:null,slashSkill:c,skillContent:p,skillArtifacts:_}),C("SESSION_STARTED",{traceType:c?"skill":"prompt",slashSkill:c,clientIdExpired:n}),a("UserPromptSubmit",`sid=${o}`,`traceName=${l}`,`slashSkill=${c}`),O(t);}async function ce(t){let e=t.session_id||"unknown",r=t.tool_name||"unknown",n=t.tool_input||{},o=M(e);o&&(o.pendingTool={name:r,inputStr:k(n,w.TOOL_INPUT),startNs:L()},H(e,o)),a("PreToolUse",`sid=${e}`,`tool=${r}`,`stateFound=${!!o}`),O(t);}var Rr={name:_t.SCOPE_NAME,version:_t.SCOPE_VERSION},f={TRACE_NAME:"langfuse.trace.name",TRACE_INPUT:"langfuse.trace.input",TRACE_OUTPUT:"langfuse.trace.output",TRACE_METADATA:"langfuse.trace.metadata",TRACE_TAGS:"langfuse.trace.tags",USER_ID:"langfuse.user.id",SESSION_ID:"langfuse.session.id",OBS_NAME:"langfuse.observation.name",OBS_INPUT:"langfuse.observation.input",OBS_OUTPUT:"langfuse.observation.output",OBS_LEVEL:"langfuse.observation.level",OBS_TYPE:"langfuse.observation.type",MODEL:"gen_ai.request.model",INPUT_TOKENS:"gen_ai.usage.input_tokens",OUTPUT_TOKENS:"gen_ai.usage.output_tokens"};function u(t,e){return e==null||e===""?null:{key:t,value:{stringValue:String(e)}}}function $(...t){return t.filter(e=>e!==null)}function le(t,e){return {resourceSpans:[{resource:{attributes:t},scopeSpans:[{scope:Rr,spans:Array.isArray(e)?e:[e]}]}]}}var ue=B.join(me.tmpdir(),"flow-obs-requests.ndjson");function pe(t,e,r,n,o){if(process.env[S.FLOW_OBS_DEBUG]!=="1")return;let s=JSON.stringify({ts:new Date().toISOString(),request:{method:"POST",url:t,headers:e,body:JSON.parse(r)},response:{status:n,body:o}});try{I.writeFileSync(ue,s+`
11
+ `,{flag:"a",encoding:"utf8",mode:384}),a("sendTraces:dump",`request appendada em ${ue}`);}catch(i){a("sendTraces:dump",`falha ao salvar: ${i.message}`);}}function Cr(t){let e=new URL(t),r=new URL(W().GATEWAY_HEALTH);return r.hostname=e.hostname,r.port=e.port,r.protocol=e.protocol,r}function de(t,e){return new Promise((r,n)=>{let o=t._isSSL?Ke__default.default:je__default.default;t.headers=Object.assign({},t.headers,{Connection:"close"});let s=o.request(t,i=>{let l=[];i.on("data",c=>l.push(c)),i.on("end",()=>r({statusCode:i.statusCode??0,body:l.join("")}));});s.setTimeout(1e4,()=>{s.destroy(new Error("Request timeout"));}),s.on("error",i=>n(new Error(`Network error: ${i.message}`))),e&&s.write(e),s.end();})}async function fe(t,e){let r;try{r=Cr(t);}catch{return false}let n=r.protocol==="https:";try{let o={};e&&(o.Authorization=String(e).replace(/[\r\n]/g,""));let s=await de({hostname:r.hostname,port:r.port||(n?443:80),path:r.pathname,method:"GET",headers:o,_isSSL:n},null);return a("checkHealth",`url=${r.href} status=${s.statusCode}`),s.statusCode>=200&&s.statusCode<300}catch{return false}}async function mt(t,e,r){let n=JSON.stringify(t),o=new URL(e),s=o.protocol==="https:",i=String(r).replace(/[\r\n]/g,""),l={"Content-Type":"application/json",Authorization:i,"Content-Length":Buffer.byteLength(n)};a("sendTraces:request",`POST ${e}`),a("sendTraces:request",`headers=${JSON.stringify({...l,Authorization:i.slice(0,20)+"\u2026"})}`),a("sendTraces:request",`body=${n.slice(0,500)}${n.length>500?"\u2026":""}`);try{let c=await de({hostname:o.hostname,port:o.port||(s?443:80),path:o.pathname,method:"POST",headers:l,_isSSL:s},n);return a("sendTraces:response",`status=${c.statusCode}`),pe(e,l,n,c.statusCode,c.body),c.statusCode}catch(c){return a("sendTraces:error",c.message),pe(e,l,n,0,c.message),0}}function $r(){let t=parseInt(process.env[S.BUFFER_TTL_DAYS]??"",10);return (Number.isFinite(t)?Math.max(A.MIN_TTL_DAYS,Math.min(A.MAX_TTL_DAYS,t)):A.DEFAULT_TTL_DAYS)*24*60*60*1e3}function Fr(){let t=parseInt(process.env[S.BUFFER_MAX_FILES]??"",10);return Number.isFinite(t)?Math.max(A.MIN_MAX_FILES,Math.min(A.MAX_MAX_FILES,t)):A.DEFAULT_MAX_FILES}function ge(t){if(/[/\\]/.test(t))throw new Error(`Invalid buffer fileId: ${t}`);return B__default.default.join(me__default.default.tmpdir(),`${A.FILE_PREFIX}${t}.json`)}function $t(){let t=me__default.default.tmpdir(),e;try{e=I__default.default.readdirSync(t);}catch{return []}return e.filter(r=>r.startsWith(A.FILE_PREFIX)&&r.endsWith(".json")).map(r=>{let n=B__default.default.join(t,r),o=0;try{o=I__default.default.statSync(n).mtimeMs;}catch{}return {full:n,mtime:o}}).sort((r,n)=>r.mtime-n.mtime).map(r=>r.full)}function z(t){try{let e=Fr(),r=$t();if(r.length>=e){let s=r.slice(0,r.length-e+1);for(let i of s)try{I__default.default.unlinkSync(i);}catch{}}let n=`${Date.now()}-${Math.random().toString(36).slice(2,8)}`,o={fileId:n,bufferedAt:Date.now(),payload:t};return I__default.default.writeFileSync(ge(n),JSON.stringify(o),{encoding:"utf8",mode:384}),a("buffer",`saved fileId=${n}`),n}catch(e){return a("buffer",`saveToBuffer failed: ${e.message}`),null}}function Se(t){let e=$t(),r=t,n=[];for(let o of e){if(n.length>=r)break;try{let s=I__default.default.readFileSync(o,"utf8"),i=JSON.parse(s);i&&i.fileId&&i.payload&&n.push(i);}catch{a("buffer",`skipping malformed file: ${o}`);}}return n}function _e(t){try{I__default.default.unlinkSync(ge(t)),a("buffer",`deleted fileId=${t}`);}catch{}}function Te(){let t=Date.now()-$r();for(let e of $t())try{let{mtimeMs:r}=I__default.default.statSync(e);r<t&&(I__default.default.unlinkSync(e),a("buffer",`evicted stale: ${B__default.default.basename(e)}`));}catch{}}async function Dr(t){Te();let e=Se(A.REPLAY_BATCH_SIZE);e.length&&(a("replayBufferedTraces",`replaying ${e.length} buffered trace(s)`),await Promise.allSettled(e.map(async r=>{try{let n=await mt(r.payload,t.endpoint,t.authHeader);n>=200&&n<300?(_e(r.fileId),a("replayBufferedTraces",`replayed fileId=${r.fileId} status=${n}`)):a("replayBufferedTraces",`replay failed fileId=${r.fileId} status=${n}`);}catch(n){a("replayBufferedTraces",`replay error fileId=${r.fileId}: ${n.message}`);}})));}async function Ee(t){let e=await v();if(!e.length)return e.authError&&(a("postToLangfuse","auth refresh failed \u2014 buffering trace"),z(t)),0;let r=await Promise.all(e.map(async s=>{if(s.mode!=="gateway")return {creds:s,healthy:true};let i=await fe(s.endpoint,s.authHeader);return {creds:s,healthy:i}})),n=r.find(s=>s.creds.mode==="gateway"&&s.healthy)?.creds??r.find(s=>s.creds.mode==="direct")?.creds;return n&&await Dr(n),(await Promise.all(r.map(async({creds:s,healthy:i})=>{if(s.mode==="gateway"){if(!i)return a("postToLangfuse","gateway health check failed \u2014 buffering trace"),z(t),0;let c=await mt(t,s.endpoint,s.authHeader);return (c===0||c>=500)&&(a("postToLangfuse",`gateway send failed (status ${c}) \u2014 buffering trace`),z(t)),c}let l=await mt(t,s.endpoint,s.authHeader);return (l===0||l>=500)&&(a("postToLangfuse",`direct endpoint unavailable (status ${l}) \u2014 buffering trace`),z(t)),l}))).find(s=>s!==0)??0}var y="[REDACTED]",xr="[REDACTED-EMAIL]",Br="[REDACTED-CPF]",Mr="[REDACTED-CNPJ]",he="[REDACTED-PHONE]",Hr=[{re:/\b(sk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`sk-${y}`},{re:/\b(pk-[A-Za-z0-9_\-]{20,})/g,replace:()=>`pk-${y}`},{re:/\b(Bearer\s+)[A-Za-z0-9\-._~+/]+=*/gi,replace:(t,e)=>`${e}${y}`},{re:/\b(Basic\s+)[A-Za-z0-9+/]+=*/gi,replace:(t,e)=>`${e}${y}`},{re:/(-----BEGIN [A-Z ]+-----)[^-]*(-----END [A-Z ]+-----)/g,replace:(t,e,r)=>`${e}
12
12
  ${y}
13
- ${r}`},{re:/\b(AKIA[0-9A-Z]{16})\b/g,replace:()=>`AKIA${y}`},{re:/(aws_secret_access_key\s*[=:]\s*)([A-Za-z0-9/+]{40})/gi,replace:(t,e)=>`${e}${y}`},{re:/\b(ghp_[A-Za-z0-9]{36,})/g,replace:()=>`ghp_${y}`},{re:/\b(github_pat_[A-Za-z0-9_]{36,})/gi,replace:()=>`github_pat_${y}`},{re:/\b(eyJ[A-Za-z0-9_\-]+\.eyJ[A-Za-z0-9_\-]+\.[A-Za-z0-9_\-]+)/g,replace:()=>`eyJ.${y}`},{re:/\b([A-Z0-9_]*(?:SECRET|TOKEN|KEY|PASSWORD|PASSWD|PWD|CREDENTIAL|API)[A-Z0-9_]*\s*=\s*)(['"]?)([^\s'"#\n]+)\2/gi,replace:(t,e,r)=>`${e}${r}${y}${r}`},{re:/([a-z][a-z0-9+\-.]*:\/\/[^:/?#\s]*):([^@\s]+)@/gi,replace:(t,e)=>`${e}:${y}@`},{re:/[a-zA-Z0-9._%+\-]+@[a-zA-Z0-9.\-]+\.[a-zA-Z]{2,}/g,replace:()=>Dr},{re:/\b\d{3}\.\d{3}\.\d{3}-\d{2}\b/g,replace:()=>xr},{re:/\b\d{2}\.\d{3}\.\d{3}\/\d{4}-\d{2}\b/g,replace:()=>Br},{re:/\(\d{2}\)\s?\d{4,5}[-\s]?\d{4}/g,replace:()=>Ee},{re:/\+55[\s-]?\d{2}[\s-]?\d{4,5}[-\s]?\d{4}/g,replace:()=>Ee}];function R(t){if(t==null)return "";let e=typeof t=="string"?t:JSON.stringify(t);return Mr.reduce((r,{re:n,replace:o})=>r.replace(n,o),e)}async function he(t){let e=t.session_id||"unknown",r=t.tool_name||"unknown",n=t.tool_input||{},o=t.tool_response,s=o!==null&&typeof o=="object"?o.output??JSON.stringify(o):o??"",i=B(e);if(!i){O(t);return}let l=L(),c=i.pendingTool,p=c?.name===r,S=p?c.startNs:String(BigInt(l)-200000000n),T=p?c.inputStr:w(n,k.TOOL_INPUT),m=T,g=null;if(r==="Skill"){let tt=typeof n=="object"&&n!==null?n.skill||n.name||n.skillName||n.commandName||String(Object.values(n)[0]??""):String(n);g=tt?String(tt).trim():null;let N=g?lt(g,i.cwd):null;N&&(m=N,i.skillContent||(i.skillContent=N),i.skillArtifacts||(i.skillArtifacts=ut(g,i.cwd))),g&&!i.slashSkill&&(i.slashSkill=g),a("PostToolUse","Skill tool detected",`skillName=${g}`,`contentFound=${!!N}`);}let E=R(w(s,k.TOOL_OUTPUT)),h=/\b(error|exception|failed|failure|traceback|errno)\b/i.test(E.slice(0,500)),q=h?"ERROR":"DEFAULT",V=C(),z=Math.round(Number(BigInt(l)-BigInt(S))/1e6),Z={Agent:"AGENT",Task:"AGENT"}[r]??"TOOL",Q=r==="Skill"&&g?g:ct(T,60);i.toolCalls.push({tool:r,brief:Q,error:h,durationMs:z});let Y=i.spans;Y.push({traceId:i.traceId,spanId:V,parentSpanId:i.spanId,name:r,kind:3,startTimeUnixNano:S,endTimeUnixNano:l,attributes:$(u(f.OBS_NAME,r),u(f.OBS_TYPE,Z),u(f.OBS_LEVEL,q),u(f.OBS_INPUT,R(m)),u(f.OBS_OUTPUT,E),u("tool.name",r),u("tool.error",String(h)),r==="Skill"&&g?u("skill.name",g):null,r==="Skill"?u("skill.invocation","slash-command"):null),status:{code:h?2:1}}),i.pendingTool=null,M(e,i),h&&U("TOOL_ERROR",{toolName:r}),a("PostToolUse",`sid=${e}`,`tool=${r}`,`error=${h}`,`durationMs=${z}`,`totalSpans=${Y.length}`),O(t);}var ye={"claude-opus-4-6":{input:15,output:75},"claude-opus-4-5":{input:15,output:75},"claude-sonnet-4-6":{input:3,output:15},"claude-sonnet-4-5":{input:3,output:15},"claude-haiku-4-5":{input:.8,output:4},"claude-4-6-opus":{input:15,output:75},"claude-4-6-sonnet":{input:3,output:15},"claude-4-5-opus":{input:15,output:75},"claude-4-5-sonnet":{input:3,output:15},"claude-4-5-haiku":{input:.8,output:4},"claude-3-5-sonnet-20241022":{input:3,output:15},"claude-3-5-haiku-20241022":{input:.8,output:4},"claude-3-opus-20240229":{input:15,output:75}};function Ae(t,e,r){let n=Object.keys(ye).find(i=>(t??"").toLowerCase().includes(i));if(!n)return;let o=ye[n],s=(e*o.input+r*o.output)/1e6;return Math.round(s*1e6)/1e6}async function Oe(t){let e=t.session_id||"unknown",r=t.stop_reason||"end_turn",n=B(e);if(!n){O(t);return}n.slashSkill&&!/^[a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?$/i.test(n.slashSkill)&&(a("Stop",`sid=${e}`,`slashSkill rejected post-disk: "${n.slashSkill}"`),n.slashSkill=null);let o=L(),s=await qt(),i=n.toolCalls,l=n.spans;if(n.slashSkill&&!i.some(d=>d.tool==="Skill")){let d=C(),P=n.skillContent?n.skillContent:JSON.stringify({skill:n.slashSkill});i.push({tool:"Skill",brief:n.slashSkill,error:false,durationMs:0,synthetic:true}),l.push({traceId:n.traceId,spanId:d,parentSpanId:n.spanId,name:"Skill",kind:3,startTimeUnixNano:n.startNs,endTimeUnixNano:n.startNs,attributes:$(u(f.OBS_NAME,"Skill"),u(f.OBS_TYPE,"TOOL"),u(f.OBS_LEVEL,"DEFAULT"),u(f.OBS_INPUT,P),u(f.OBS_OUTPUT,"loaded via slash command"),u("tool.name","Skill"),u("tool.error","false"),u("skill.name",n.slashSkill),u("skill.invocation","slash-command")),status:{code:1}}),a("Stop",`slashSkill=${n.slashSkill}`,"synthetic span injected");}let c=t.transcript_path||n.transcriptPath||"",p=Pt(c);if(c&&(i.some(d=>d.tool==="Skill"&&!d.synthetic)||!!n.slashSkill)&&!p?.text){await new Promise(P=>setTimeout(P,500));let d=Pt(c);d?.text&&(p=d);}a("Stop",`transcriptPath=${c||"(empty)"}`,`assistantOut=${p?`text=${p.text.length}chars`:"null"}`);let T=i.length,m=i.filter(d=>d.error).length,g=R(p?.text?w(p.text,k.TRACE_OUTPUT):T===0?"No tools used":i.map((d,P)=>`${P+1}. ${d.tool}${d.brief?` \u2192 ${d.brief}`:""}${d.error?" [ERROR]":""}`).join(`
14
- `)),E=p?.inputTokens??0,h=p?.outputTokens??0,q=i.map((d,P)=>`${P+1}. ${d.tool}${d.brief?` \u2192 ${d.brief}`:""}${d.error?" [ERROR]":""} (${d.durationMs}ms)`),V=!!(n.slashSkill||i.some(d=>d.tool==="Skill")),z=i.some(d=>d.tool==="Agent");if(!V&&!z){a("Stop",`sid=${e}`,"skipping trace \u2014 no Skill or Agent calls found"),U("TRACE_SKIPPED",{reason:"no_skill_or_agent"}),Nt(e),O(t);return}let X=V?"skill":"agent",Z=Math.round(Number(BigInt(o)-BigInt(n.startNs))/1e6),Q=Ae(n.model,E,h),F=ie(n);F==="prerequisite_required"&&p?.text&&(F="complete"),F==="prerequisite_required"&&(l.push({traceId:n.traceId,spanId:C(),parentSpanId:n.spanId,name:"prerequisite-check",kind:3,startTimeUnixNano:n.startNs,endTimeUnixNano:o,attributes:$(u(f.OBS_NAME,"prerequisite-check"),u(f.OBS_TYPE,"EVENT"),u(f.OBS_LEVEL,"WARNING"),u(f.OBS_OUTPUT,g),u("skill.name",n.slashSkill||void 0),u("execution_status","prerequisite_required")),status:{code:1}}),a("Stop",`sid=${e}`,"prerequisite-check span injected",`skill=${n.slashSkill}`));let Y=(()=>{if(!(!V||!n.prompt)){if(n.slashSkill){let d=n.prompt.replace(new RegExp(`^\\/${n.slashSkill}\\s*`,"i"),"").trim();return d?w(R(d),k.USER_INSTRUCTION):void 0}return w(R(n.prompt),k.USER_INSTRUCTION)||void 0}})(),tt=JSON.stringify({trace_type:X,...F!==null&&{execution_status:F},...n.slashSkill?{skill_name:n.slashSkill}:{},...n.skillArtifacts?.length&&{skill_artifacts:n.skillArtifacts},...Y!==void 0&&{user_instruction:Y},latency_ms:Z,...E&&{tokens_input:E},...h&&{tokens_output:h},cost_usd:Q,...n.model?{model:n.model}:{},toolCount:T,errorCount:m,stopReason:r,sessionId:n.sessionId,tools:q.length?q:void 0}),N=R(w(n.prompt,k.TRACE_INPUT)),ke=$(u(f.TRACE_NAME,n.traceName),u(f.TRACE_INPUT,N),u(f.TRACE_OUTPUT,g),u(f.OBS_INPUT,N),u(f.OBS_OUTPUT,g),u(f.TRACE_METADATA,tt),u(f.SESSION_ID,n.sessionId),u(f.USER_ID,s.user),u(f.OBS_TYPE,"GENERATION"),u(f.MODEL,n.model),E?u(f.INPUT_TOKENS,E):null,h?u(f.OUTPUT_TOKENS,h):null,u("claude.stop_reason",r),u("claude.tool_count",String(T)),u("claude.error_count",String(m)),u("claude.session_id",n.sessionId),u("flow.trace_type",X),{key:f.TRACE_TAGS,value:{arrayValue:{values:[{stringValue:X}]}}}),we={traceId:n.traceId,spanId:n.spanId,name:n.traceName,kind:1,startTimeUnixNano:n.startNs,endTimeUnixNano:o,attributes:ke,status:{code:m>0?2:1}},Le=$(u("service.name",process.env.LANGFUSE_PROJECT_NAME||"claude-code"),u("deployment.environment",process.env.LANGFUSE_ENVIRONMENT||"default")),Ut=[...l,we];a("Stop",`sid=${e}`,`totalTools=${T}`,`errorTools=${m}`,`spans=${Ut.length}`,`inputTokens=${E}`,`outputTokens=${h}`,`traceOutput="${ct(g,80)}"`);let Ie=await Te(ce(Le,Ut));a("Stop",`POST status=${Ie}`,`traceId=${n.traceId}`),U("TRACE_SENT",{latencyMs:Z,totalTools:T,errorTools:m,inputTokens:E,outputTokens:h,costUsd:Q}),Nt(e),O(t);}async function Hr(){let t=process.argv[2];if(t==="UserPromptSubmit"){let r=await Lt(),n;try{n=await v();}catch{process.stdout.write(JSON.stringify(r));return}n.authError?await bt(r,true):n.length>0?await bt(r):process.stdout.write(JSON.stringify(r));return}if(!await zt()){let r=[];process.stdin.on("data",n=>r.push(n)),process.stdin.on("end",()=>process.stdout.write(r.join("")));return}let e=await Lt();switch(t){case "PreToolUse":await ae(e);break;case "PostToolUse":await he(e);break;case "Stop":await Oe(e);break;default:process.stderr.write(`[flow-obs] unknown event: ${t}
15
- `),process.stdout.write(JSON.stringify(e));}}Hr().catch(t=>{process.stderr.write(`[flow-obs] fatal: ${t.message}
13
+ ${r}`},{re:/\b(AKIA[0-9A-Z]{16})\b/g,replace:()=>`AKIA${y}`},{re:/(aws_secret_access_key\s*[=:]\s*)([A-Za-z0-9/+]{40})/gi,replace:(t,e)=>`${e}${y}`},{re:/\b(ghp_[A-Za-z0-9]{36,})/g,replace:()=>`ghp_${y}`},{re:/\b(github_pat_[A-Za-z0-9_]{36,})/gi,replace:()=>`github_pat_${y}`},{re:/\b(eyJ[A-Za-z0-9_\-]+\.eyJ[A-Za-z0-9_\-]+\.[A-Za-z0-9_\-]+)/g,replace:()=>`eyJ.${y}`},{re:/\b([A-Z0-9_]*(?:SECRET|TOKEN|KEY|PASSWORD|PASSWD|PWD|CREDENTIAL|API)[A-Z0-9_]*\s*=\s*)(['"]?)([^\s'"#\n]+)\2/gi,replace:(t,e,r)=>`${e}${r}${y}${r}`},{re:/([a-z][a-z0-9+\-.]*:\/\/[^:/?#\s]*):([^@\s]+)@/gi,replace:(t,e)=>`${e}:${y}@`},{re:/[a-zA-Z0-9._%+\-]+@[a-zA-Z0-9.\-]+\.[a-zA-Z]{2,}/g,replace:()=>xr},{re:/\b\d{3}\.\d{3}\.\d{3}-\d{2}\b/g,replace:()=>Br},{re:/\b\d{2}\.\d{3}\.\d{3}\/\d{4}-\d{2}\b/g,replace:()=>Mr},{re:/\(\d{2}\)\s?\d{4,5}[-\s]?\d{4}/g,replace:()=>he},{re:/\+55[\s-]?\d{2}[\s-]?\d{4,5}[-\s]?\d{4}/g,replace:()=>he}];function R(t){if(t==null)return "";let e=typeof t=="string"?t:JSON.stringify(t);return Hr.reduce((r,{re:n,replace:o})=>r.replace(n,o),e)}async function ye(t){let e=t.session_id||"unknown",r=t.tool_name||"unknown",n=t.tool_input||{},o=t.tool_response,s=o!==null&&typeof o=="object"?o.output??JSON.stringify(o):o??"",i=M(e);if(!i){O(t);return}let l=L(),c=i.pendingTool,p=c?.name===r,_=p?c.startNs:String(BigInt(l)-200000000n),T=p?c.inputStr:k(n,w.TOOL_INPUT),m=T,g=null;if(r==="Skill"){let rt=typeof n=="object"&&n!==null?n.skill||n.name||n.skillName||n.commandName||String(Object.values(n)[0]??""):String(n);g=rt?String(rt).trim():null;let P=g?dt(g,i.cwd):null;P&&(m=P,i.skillContent||(i.skillContent=P),i.skillArtifacts||(i.skillArtifacts=ft(g,i.cwd))),g&&!i.slashSkill&&(i.slashSkill=g),a("PostToolUse","Skill tool detected",`skillName=${g}`,`contentFound=${!!P}`);}let E=R(k(s,w.TOOL_OUTPUT)),h=/\b(error|exception|failed|failure|traceback|errno)\b/i.test(E.slice(0,500)),X=h?"ERROR":"DEFAULT",Y=U(),Z=Math.round(Number(BigInt(l)-BigInt(_))/1e6),tt={Agent:"AGENT",Task:"AGENT"}[r]??"TOOL",et=r==="Skill"&&g?g:pt(T,60);i.toolCalls.push({tool:r,brief:et,error:h,durationMs:Z});let G=i.spans;G.push({traceId:i.traceId,spanId:Y,parentSpanId:i.spanId,name:r,kind:3,startTimeUnixNano:_,endTimeUnixNano:l,attributes:$(u(f.OBS_NAME,r),u(f.OBS_TYPE,tt),u(f.OBS_LEVEL,X),u(f.OBS_INPUT,R(m)),u(f.OBS_OUTPUT,E),u("tool.name",r),u("tool.error",String(h)),r==="Skill"&&g?u("skill.name",g):null,r==="Skill"?u("skill.invocation","slash-command"):null),status:{code:h?2:1}}),i.pendingTool=null,H(e,i),h&&C("TOOL_ERROR",{toolName:r}),a("PostToolUse",`sid=${e}`,`tool=${r}`,`error=${h}`,`durationMs=${Z}`,`totalSpans=${G.length}`),O(t);}var Ae={"claude-opus-4-6":{input:15,output:75},"claude-opus-4-5":{input:15,output:75},"claude-sonnet-4-6":{input:3,output:15},"claude-sonnet-4-5":{input:3,output:15},"claude-haiku-4-5":{input:.8,output:4},"claude-4-6-opus":{input:15,output:75},"claude-4-6-sonnet":{input:3,output:15},"claude-4-5-opus":{input:15,output:75},"claude-4-5-sonnet":{input:3,output:15},"claude-4-5-haiku":{input:.8,output:4},"claude-3-5-sonnet-20241022":{input:3,output:15},"claude-3-5-haiku-20241022":{input:.8,output:4},"claude-3-opus-20240229":{input:15,output:75}};function Oe(t,e,r){let n=Object.keys(Ae).find(i=>(t??"").toLowerCase().includes(i));if(!n)return;let o=Ae[n],s=(e*o.input+r*o.output)/1e6;return Math.round(s*1e6)/1e6}async function we(t){let e=t.session_id||"unknown",r=t.stop_reason||"end_turn",n=M(e);if(!n){O(t);return}n.slashSkill&&!/^[a-z][a-z0-9-]*(?::[a-z][a-z0-9-]*)?$/i.test(n.slashSkill)&&(a("Stop",`sid=${e}`,`slashSkill rejected post-disk: "${n.slashSkill}"`),n.slashSkill=null);let o=L(),s=await Xt(),i=n.toolCalls,l=n.spans;if(n.slashSkill&&!i.some(d=>d.tool==="Skill")){let d=U(),N=n.skillContent?n.skillContent:JSON.stringify({skill:n.slashSkill});i.push({tool:"Skill",brief:n.slashSkill,error:false,durationMs:0,synthetic:true}),l.push({traceId:n.traceId,spanId:d,parentSpanId:n.spanId,name:"Skill",kind:3,startTimeUnixNano:n.startNs,endTimeUnixNano:n.startNs,attributes:$(u(f.OBS_NAME,"Skill"),u(f.OBS_TYPE,"TOOL"),u(f.OBS_LEVEL,"DEFAULT"),u(f.OBS_INPUT,N),u(f.OBS_OUTPUT,"loaded via slash command"),u("tool.name","Skill"),u("tool.error","false"),u("skill.name",n.slashSkill),u("skill.invocation","slash-command")),status:{code:1}}),a("Stop",`slashSkill=${n.slashSkill}`,"synthetic span injected");}let c=t.transcript_path||n.transcriptPath||"",p=vt(c);if(c&&(i.some(d=>d.tool==="Skill"&&!d.synthetic)||!!n.slashSkill)&&!p?.text){await new Promise(N=>setTimeout(N,500));let d=vt(c);d?.text&&(p=d);}a("Stop",`transcriptPath=${c||"(empty)"}`,`assistantOut=${p?`text=${p.text.length}chars`:"null"}`);let T=i.length,m=i.filter(d=>d.error).length,g=R(p?.text?k(p.text,w.TRACE_OUTPUT):T===0?"No tools used":i.map((d,N)=>`${N+1}. ${d.tool}${d.brief?` \u2192 ${d.brief}`:""}${d.error?" [ERROR]":""}`).join(`
14
+ `)),E=p?.inputTokens??0,h=p?.outputTokens??0,X=i.map((d,N)=>`${N+1}. ${d.tool}${d.brief?` \u2192 ${d.brief}`:""}${d.error?" [ERROR]":""} (${d.durationMs}ms)`),Y=!!(n.slashSkill||i.some(d=>d.tool==="Skill")),Z=i.some(d=>d.tool==="Agent");if(!Y&&!Z){a("Stop",`sid=${e}`,"skipping trace \u2014 no Skill or Agent calls found"),C("TRACE_SKIPPED",{reason:"no_skill_or_agent"}),bt(e),O(t);return}let Q=Y?"skill":"agent",tt=Math.round(Number(BigInt(o)-BigInt(n.startNs))/1e6),et=Oe(n.model,E,h),D=ae(n);D==="prerequisite_required"&&p?.text&&(D="complete"),D==="prerequisite_required"&&(l.push({traceId:n.traceId,spanId:U(),parentSpanId:n.spanId,name:"prerequisite-check",kind:3,startTimeUnixNano:n.startNs,endTimeUnixNano:o,attributes:$(u(f.OBS_NAME,"prerequisite-check"),u(f.OBS_TYPE,"EVENT"),u(f.OBS_LEVEL,"WARNING"),u(f.OBS_OUTPUT,g),u("skill.name",n.slashSkill||void 0),u("execution_status","prerequisite_required")),status:{code:1}}),a("Stop",`sid=${e}`,"prerequisite-check span injected",`skill=${n.slashSkill}`));let G=(()=>{if(!(!Y||!n.prompt)){if(n.slashSkill){let d=n.prompt.replace(new RegExp(`^\\/${n.slashSkill}\\s*`,"i"),"").trim();return d?k(R(d),w.USER_INSTRUCTION):void 0}return k(R(n.prompt),w.USER_INSTRUCTION)||void 0}})(),rt=JSON.stringify({trace_type:Q,...D!==null&&{execution_status:D},...n.slashSkill?{skill_name:n.slashSkill}:{},...n.skillArtifacts?.length&&{skill_artifacts:n.skillArtifacts},...G!==void 0&&{user_instruction:G},latency_ms:tt,...E&&{tokens_input:E},...h&&{tokens_output:h},cost_usd:et,...n.model?{model:n.model}:{},toolCount:T,errorCount:m,stopReason:r,sessionId:n.sessionId,tools:X.length?X:void 0}),P=R(k(n.prompt,w.TRACE_INPUT)),ke=$(u(f.TRACE_NAME,n.traceName),u(f.TRACE_INPUT,P),u(f.TRACE_OUTPUT,g),u(f.OBS_INPUT,P),u(f.OBS_OUTPUT,g),u(f.TRACE_METADATA,rt),u(f.SESSION_ID,n.sessionId),u(f.USER_ID,s.user),u(f.OBS_TYPE,"GENERATION"),u(f.MODEL,n.model),E?u(f.INPUT_TOKENS,E):null,h?u(f.OUTPUT_TOKENS,h):null,u("claude.stop_reason",r),u("claude.tool_count",String(T)),u("claude.error_count",String(m)),u("claude.session_id",n.sessionId),u("flow.trace_type",Q),{key:f.TRACE_TAGS,value:{arrayValue:{values:[{stringValue:Q}]}}}),Le={traceId:n.traceId,spanId:n.spanId,name:n.traceName,kind:1,startTimeUnixNano:n.startNs,endTimeUnixNano:o,attributes:ke,status:{code:m>0?2:1}},Ie=$(u("service.name",process.env.LANGFUSE_PROJECT_NAME||"claude-code"),u("deployment.environment",process.env.LANGFUSE_ENVIRONMENT||"default")),Ft=[...l,Le];a("Stop",`sid=${e}`,`totalTools=${T}`,`errorTools=${m}`,`spans=${Ft.length}`,`inputTokens=${E}`,`outputTokens=${h}`,`traceOutput="${pt(g,80)}"`);let Re=await Ee(le(Ie,Ft));a("Stop",`POST status=${Re}`,`traceId=${n.traceId}`),C("TRACE_SENT",{latencyMs:tt,totalTools:T,errorTools:m,inputTokens:E,outputTokens:h,costUsd:et}),bt(e),O(t);}var F=class t{static passthroughStdin(){let e=[];process.stdin.on("data",r=>e.push(r)),process.stdin.on("end",()=>process.stdout.write(Buffer.concat(e)));}static async userPromptSubmit(){let e=await q(),r;try{r=await v();}catch{process.stdout.write(JSON.stringify(e));return}r.authError?await Ut(e,true):r.length>0?await Ut(e):process.stdout.write(JSON.stringify(e));}static async preToolUse(){if(!await ut()){t.passthroughStdin();return}let e=await q();await ce(e);}static async postToolUse(){if(!await ut()){t.passthroughStdin();return}let e=await q();await ye(e);}static async stop(){if(!await ut()){t.passthroughStdin();return}let e=await q();await we(e);}};async function Vr(){let t=process.argv[2];switch(t){case "UserPromptSubmit":await F.userPromptSubmit();break;case "PreToolUse":await F.preToolUse();break;case "PostToolUse":await F.postToolUse();break;case "Stop":await F.stop();break;default:process.stderr.write(`[flow-obs] unknown event: ${t}
15
+ `),process.stdin.on("data",e=>process.stdout.write(e));}}Vr().catch(t=>{process.stderr.write(`[flow-obs] fatal: ${t.message}
16
16
  `),process.exit(0);});
package/dist/setup.js CHANGED
@@ -1,12 +1,12 @@
1
1
  #!/usr/bin/env node
2
- 'use strict';var child_process=require('child_process'),util=require('util'),i=require('fs'),u=require('path'),l=require('os'),Xe=require('https');require('readline/promises');function _interopDefault(e){return e&&e.__esModule?e:{default:e}}function _interopNamespace(e){if(e&&e.__esModule)return e;var n=Object.create(null);if(e){Object.keys(e).forEach(function(k){if(k!=='default'){var d=Object.getOwnPropertyDescriptor(e,k);Object.defineProperty(n,k,d.get?d:{enumerable:true,get:function(){return e[k]}});}})}n.default=e;return Object.freeze(n)}var i__namespace=/*#__PURE__*/_interopNamespace(i);var u__namespace=/*#__PURE__*/_interopNamespace(u);var l__namespace=/*#__PURE__*/_interopNamespace(l);var Xe__default=/*#__PURE__*/_interopDefault(Xe);var _e=Object.defineProperty;var T=(t=>typeof require<"u"?require:typeof Proxy<"u"?new Proxy(t,{get:(e,n)=>(typeof require<"u"?require:e)[n]}):t)(function(t){if(typeof require<"u")return require.apply(this,arguments);throw Error('Dynamic require of "'+t+'" is not supported')});var A=(t,e,n)=>()=>{if(n)throw n[0];try{return t&&(e=t(t=0)),e}catch(r){throw n=[r],r}};var Se=(t,e)=>()=>{try{return e||t((e={exports:{}}).exports,e),e.exports}catch(n){throw e=0,n}},L=(t,e)=>{for(var n in e)_e(t,n,{get:e[n],enumerable:true});};var B={};L(B,{MacOsKeyVaultProvider:()=>N});var C,N,J=A(()=>{"use strict";C=util.promisify(child_process.execFile),N=class{static async isAvailable(){try{return i.accessSync("/usr/bin/security",i.constants.X_OK),!0}catch{return !1}}async getSecret(e,n){try{let{stdout:r}=await C("security",["find-generic-password","-w","-a",n,"-s",e]);return r.trim()||null}catch{return null}}async setSecret(e,n,r){await C("security",["add-generic-password","-U","-a",n,"-s",e,"-w",r]);}async deleteSecret(e,n){try{return await C("security",["delete-generic-password","-a",n,"-s",e]),!0}catch{return !1}}getStoragePath(){return "macOS Keychain"}};});var X={};L(X,{LinuxKeyVaultProvider:()=>b});var K,b,q=A(()=>{"use strict";K=util.promisify(child_process.execFile),b=class{static async isAvailable(){let e=["/usr/bin/secret-tool","/bin/secret-tool","/usr/local/bin/secret-tool"];for(let n of e)try{return i.accessSync(n,i.constants.X_OK),!0}catch{}return !1}async getSecret(e,n){try{let{stdout:r}=await K("secret-tool",["lookup","service",e,"account",n]);return r.trim()||null}catch{return null}}async setSecret(e,n,r){await new Promise((o,s)=>{let a=child_process.spawn("secret-tool",["store","--label",e,"service",e,"account",n]);a.on("error",s),a.on("close",y=>{y===0?o():s(new Error(`secret-tool exited with code ${y}`));}),a.stdin.write(r),a.stdin.end();});}async deleteSecret(e,n){try{return await K("secret-tool",["clear","service",e,"account",n]),!0}catch{return !1}}getStoragePath(){return "Linux Secret Service (libsecret)"}};});var z={};L(z,{WindowsKeyVaultProvider:()=>U});var U,Z=A(()=>{"use strict";U=class{static async isAvailable(){try{return await T("keytar").getPassword("__flow_probe__","__flow_probe__"),!0}catch{return !1}}async getSecret(e,n){return T("keytar").getPassword(e,n)}async setSecret(e,n,r){await T("keytar").setPassword(e,n,r);}async deleteSecret(e,n){return T("keytar").deletePassword(e,n)}getStoragePath(){return "Windows Credential Manager"}};});var de=Se((cn,Ke)=>{Ke.exports={name:"@ciandt-flow/flow-ai-obs",version:"0.8.4",description:"Claude Code hooks for Langfuse OTLP tracing \u2014 cross-platform",main:"dist/index.js",bin:{"flow-ai-obs":"dist/cli.js","flow-ai-obs-setup":"dist/setup.js"},scripts:{build:"tsup",test:"jest",typecheck:"tsc --noEmit",lint:"eslint src bin scripts",format:'prettier --write "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"format:check":'prettier --check "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"security-scan":"trufflehog filesystem src/ --fail --no-update --exclude-paths .trufflehogignore",postinstall:`node -e "require('fs').existsSync('dist/setup.js') && require('child_process').execFileSync(process.execPath, ['dist/setup.js'], {stdio:'inherit'})"`,prepublishOnly:"npm run security-scan && npm run build","release:npm":"changeset publish",changeset:"changeset","version-packages":"changeset version","install:hooks":"node dist/cli.js install","auth:login":"node dist/cli.js auth login","auth:logout":"node dist/cli.js auth logout","auth:status":"node dist/cli.js auth status",smoke:"bash scripts/smoke-test.sh","smoke:debug":"bash scripts/smoke-test.sh --debug","smoke:send":"bash scripts/smoke-test.sh --send --allow-http --debug"},files:["dist/","README.md","LICENSE.md"],keywords:["claude-code","langfuse","observability","otlp","hooks","flow","ciandt"],author:"CI&T Flow Team",license:"SEE LICENSE IN LICENSE.md",private:!1,dependencies:{},optionalDependencies:{keytar:"7.9.0"},devDependencies:{"@changesets/changelog-github":"^0.6.0","@changesets/cli":"^2.30.0","@types/jest":"^30.0.0","@types/node":"^25.8.0",jest:"^30.4.2","ts-jest":"^29.4.9",tsup:"^8.5.1","eslint-config-prettier":"^10.1.5",prettier:"^3.5.3",typescript:"^6.0.3","typescript-eslint":"^8.33.0"},engines:{node:">=18.0.0"},overrides:{esbuild:"^0.28.1"},publishConfig:{registry:"https://registry.npmjs.org",access:"public"},repository:{type:"git",url:"git+https://github.com/CI-T-HyperX/flow-codeassistant-observability.git"}};});var we="https://flow.ciandt.com";function V(){let t=process.env.FLOW_BASE_URL;return t&&t.trim()?t.trim():we}function R(){let t=V();return {AUTH_ENGINE:process.env.FLOW_AUTH_ENGINE_URL||`${t}/auth-engine-api/v2/api-key/token`,GATEWAY_TRACES:process.env.FLOW_GATEWAY_TRACES_URL||`${t}/flow-langfuse-gateway/v1/traces`,GATEWAY_HEALTH:process.env.FLOW_GATEWAY_HEALTH_URL||`${t}/flow-langfuse-gateway/v1/health`,OTEL_ENDPOINT:process.env.FLOW_OTEL_ENDPOINT_URL||`${t}/otel`}}var ve=R(),_={SERVICE:"flow-plugins-cli",ACCOUNT_CREDS:"credentials"},S="FLOW-nodejs",w="config.json";var k={CLAUDE_CODE_ENABLE_TELEMETRY:"1",OTEL_EXPORTER_OTLP_ENDPOINT:ve.OTEL_ENDPOINT,OTEL_EXPORTER_OTLP_PROTOCOL:"http/json",OTEL_METRICS_EXPORTER:"otlp",OTEL_LOGS_EXPORTER:"otlp",OTEL_LOG_TOOL_DETAILS:"1",OTEL_LOG_USER_PROMPTS:"1"},f={FLOW_TELEMETRY:"FLOW_TELEMETRY",FLOW_TELEMETRY_GATEWAY:"FLOW_TELEMETRY_GATEWAY_URL",LANGFUSE_BASE_URL:"LANGFUSE_BASE_URL",LANGFUSE_PUBLIC_KEY:"LANGFUSE_PUBLIC_KEY",LANGFUSE_SECRET_KEY:"LANGFUSE_SECRET_KEY",ANTHROPIC_MODEL:"ANTHROPIC_MODEL",ANTHROPIC_AUTH_TOKEN:"ANTHROPIC_AUTH_TOKEN",FLOW_OBS_DEBUG:"FLOW_TELEMETRY_DEBUG",FLOW_OBS_ALLOW_HTTP:"FLOW_TELEMETRY_ALLOW_HTTP",BUFFER_TTL_DAYS:"FLOW_TELEMETRY_BUFFER_TTL_DAYS",BUFFER_MAX_FILES:"FLOW_TELEMETRY_BUFFER_MAX_FILES"};var j={LOCK_STALE_MS:3e4},Y={UserPromptSubmit:5,PreToolUse:3,PostToolUse:10,Stop:15};var G="flow-ai-obs-debug.log";var P={credentials:"credentials","token-cache":"tokenCache"};function m(){let t=l__namespace.default.homedir();if(process.platform==="darwin")return u__namespace.default.join(t,"Library","Preferences",S,w);if(process.platform==="win32"){let n=process.env.APPDATA??u__namespace.default.join(t,"AppData","Roaming");return u__namespace.default.join(n,S,w)}let e=process.env.XDG_CONFIG_HOME??u__namespace.default.join(t,".config");return u__namespace.default.join(e,S,w)}function I(){try{let t=i__namespace.default.readFileSync(m(),"utf8");return JSON.parse(t)}catch{return {}}}function W(t){let e=m();i__namespace.default.mkdirSync(u__namespace.default.dirname(e),{recursive:true}),i__namespace.default.writeFileSync(e,JSON.stringify(t,null,2),{encoding:"utf8",mode:384});}var v=class{static isAvailable(){return true}static hasExistingData(){try{if(!i__namespace.default.existsSync(m()))return !1;let e=JSON.parse(i__namespace.default.readFileSync(m(),"utf8"));return !!(e&&e.credentials)}catch{return false}}async getSecret(e,n){let r=I(),o=P[n]??n,s=r[o];return s?typeof s=="string"?s:JSON.stringify(s):null}async setSecret(e,n,r){let o=I(),s=P[n]??n;if(n==="token-cache")try{o[s]=JSON.parse(r);}catch{o[s]=r;}else o[s]=r;W(o);}async deleteSecret(e,n){let r=I(),o=P[n]??n;return o in r?(delete r[o],W(r),true):false}getStoragePath(){return `config.json (unencrypted) \u2014 ${m()}`}};async function Q(){return await Ue()??new v}async function Ue(){switch(process.platform){case "darwin":{let{MacOsKeyVaultProvider:t}=await Promise.resolve().then(()=>(J(),B));return await t.isAvailable()?new t:null}case "linux":{let{LinuxKeyVaultProvider:t}=await Promise.resolve().then(()=>(q(),X));return await t.isAvailable()?new t:null}case "win32":{let{WindowsKeyVaultProvider:t}=await Promise.resolve().then(()=>(Z(),z));return await t.isAvailable()?new t:null}default:return null}}var Fe=_.SERVICE,$e=_.ACCOUNT_CREDS,F=null;function De(){return F||(F=Q()),F}async function ee(){let e=await(await De()).getSecret(Fe,$e);if(!e)return null;try{return JSON.parse(e)}catch{return null}}u.join(l.tmpdir(),G);!process.env.NO_COLOR&&process.stdout.isTTY;function $(){return process.platform==="win32"?false:process.getuid?.()===0}function te(){if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let e=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(e)return {home:e,username:process.env.SUDO_USER}}return {home:l__namespace.homedir(),username:process.env.SUDO_USER||process.env.USER||l__namespace.userInfo().username}}function O(){if(process.env.WSL_DISTRO_NAME&&process.platform==="linux"){let t=process.env.USERPROFILE;if(!t){let n=child_process.spawnSync("cmd.exe",["/c","echo","%USERPROFILE%"],{encoding:"utf8",timeout:5e3}).stdout?.trim();n&&/^[A-Za-z]:\\/.test(n)&&(t=n);}if(t){let e=t.replace(/^([A-Za-z]):/,(n,r)=>`/mnt/${r.toLowerCase()}`).replace(/\\/g,"/");return u__namespace.join(e,".claude","settings.json")}return u__namespace.join(l__namespace.homedir(),".claude","settings.json")}if(process.platform==="win32"){let t=process.env.USERPROFILE||l__namespace.homedir();return u__namespace.join(t,".claude","settings.json")}if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let e=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(e)return u__namespace.join(e,".claude","settings.json")}return u__namespace.join(l__namespace.homedir(),".claude","settings.json")}var ne="flow-ai-obs",re="config.json";function oe(){if(process.platform==="win32"){let n=process.env.APPDATA||u__namespace.join(l__namespace.homedir(),"AppData","Roaming");return u__namespace.join(n,ne,re)}let t=te(),e=process.env.XDG_CONFIG_HOME||u__namespace.join(t.home,".config");return u__namespace.join(e,ne,re)}var We=j.LOCK_STALE_MS;function ie(t){try{let e=i__namespace.statSync(t);Date.now()-e.mtimeMs>We&&i__namespace.unlinkSync(t);}catch{}try{i__namespace.writeFileSync(t,String(process.pid),{flag:"wx"});}catch(e){throw e.code==="EEXIST"?new Error("Another install is already in progress. If this is stale, remove: "+t):e}}function ae(t){try{i__namespace.unlinkSync(t);}catch{}}function Be(t,e){let r=(Array.isArray(t)?t:[]).map(o=>{if(!Array.isArray(o?.hooks))return null;let s=o.hooks.filter(a=>!a.command?.startsWith?.("flow-ai-obs "));return s.length>0?{...o,hooks:s}:null}).filter(o=>o!=null);return [e,...r]}function ce(t){let e=O(),n=e+".lock",r=[];i__namespace.mkdirSync(u__namespace.dirname(e),{recursive:true}),ie(n);try{if(i__namespace.existsSync(e)){i__namespace.copyFileSync(e,e+".bkp");try{i__namespace.chmodSync(e+".bkp",384);}catch{}}let o=oe();if(i__namespace.existsSync(o)){let c=o+".bkp";i__namespace.copyFileSync(o,c);try{i__namespace.chmodSync(c,384);}catch{}}let s={};try{s=JSON.parse(i__namespace.readFileSync(e,"utf8"));}catch{}let a=s.env&&typeof s.env=="object"?s.env:{};delete a.OTEL_EXPORTER_OTLP_HEADERS;let y=t?{...k,OTEL_EXPORTER_OTLP_ENDPOINT:t}:k;s.env={...a,...y},s.otelHeadersHelper="flow-ai-obs otel-headers",(!s.hooks||typeof s.hooks!="object"||Array.isArray(s.hooks))&&(s.hooks={});let Ee=(c,E)=>({matcher:"",hooks:[{type:"command",command:`flow-ai-obs ${c}`,timeout:E}]}),Te=["UserPromptSubmit","PreToolUse","PostToolUse","Stop"],M=s.hooks;for(let c of Te){let E=Be(M[c],Ee(c,Y[c]));E.length>1&&r.push(c),M[c]=E;}i__namespace.writeFileSync(e,JSON.stringify(s,null,2)+`
3
- `,{encoding:"utf8",mode:384});try{i__namespace.chmodSync(e,384);}catch{}}finally{ae(n);}return {settingsPath:e,preserved:r}}function le(t){let e=O(),n=e+".lock";i__namespace.mkdirSync(u__namespace.dirname(e),{recursive:true}),ie(n);try{let r={};try{r=JSON.parse(i__namespace.readFileSync(e,"utf8"));}catch{}(!r.env||typeof r.env!="object")&&(r.env={}),Object.assign(r.env,t),i__namespace.writeFileSync(e,JSON.stringify(r,null,2)+`
4
- `,{encoding:"utf8",mode:384});try{i__namespace.chmodSync(e,384);}catch{}}finally{ae(n);}}function ue(t){if(!t)return null;try{let e=t.split(".");if(e.length<2)return null;let n=JSON.parse(Buffer.from(e[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8")),{clientId:r,clientSecret:o,tenant:s}=n;return !r||!o||!s?null:{clientId:r,clientSecret:o,tenant:s}}catch{return null}}function pe(t){let e=Buffer.from(JSON.stringify({alg:"none",typ:"JWT"})).toString("base64url"),n=Buffer.from(JSON.stringify({clientId:t.clientId,clientSecret:t.clientSecret,tenant:t.tenant})).toString("base64url");return `${e}.${n}.`}var H;function me(){return H||(H=de()),H}var ge=u__namespace.default.join(l__namespace.default.tmpdir(),"flow-obs-update-cache.json"),Ze=1440*60*1e3,Qe=3e3;function et(t,e){let n=s=>{let a=String(s).replace(/^v/,"").match(/^(\d+)\.(\d+)\.(\d+)/);return a?[+a[1],+a[2],+a[3]]:null},r=n(t),o=n(e);return !r||!o?false:o[0]!==r[0]?o[0]>r[0]:o[1]!==r[1]?o[1]>r[1]:o[2]>r[2]}function tt(){try{let t=JSON.parse(i__namespace.default.readFileSync(ge,"utf8"));return typeof t.latestVersion!="string"||Date.now()-t.checkedAt>=Ze?null:t}catch{return null}}function nt(t,e,n=Date.now()){try{i__namespace.default.writeFileSync(ge,JSON.stringify({latestVersion:t,updatePriority:e??null,checkedAt:n}),{mode:384});}catch{}}function rt(t){let e=me().name,n=Xe__default.default.get(`https://registry.npmjs.org/${encodeURIComponent(e)}/latest`,{timeout:Qe},r=>{if(r.statusCode!==200)return r.resume(),t(new Error(`HTTP ${r.statusCode}`));let o="";r.setEncoding("utf8"),r.on("data",s=>{o+=s;}),r.on("end",()=>{try{let s=JSON.parse(o);if(typeof s.version!="string")throw new Error("no version field");t(null,{version:s.version,updatePriority:typeof s.updatePriority=="string"?s.updatePriority:null});}catch(s){t(s);}});});n.on("error",t),n.on("timeout",()=>{n.destroy(new Error("timeout"));});}function he(){try{if(tt())return;setImmediate(()=>{rt((t,e)=>{t||!e||et(me().version,e.version)&&nt(e.version,e.updatePriority,0);});});}catch{}}var st=u__namespace.default.resolve(__dirname,".."),ot=process.env.INIT_CWD?u__namespace.default.resolve(process.env.INIT_CWD):null;ot===st&&process.exit(0);$()&&(process.stderr.write(`
2
+ 'use strict';var child_process=require('child_process'),util=require('util'),i=require('fs'),u=require('path'),l=require('os'),qe=require('https');require('readline/promises');function _interopDefault(e){return e&&e.__esModule?e:{default:e}}function _interopNamespace(e){if(e&&e.__esModule)return e;var n=Object.create(null);if(e){Object.keys(e).forEach(function(k){if(k!=='default'){var d=Object.getOwnPropertyDescriptor(e,k);Object.defineProperty(n,k,d.get?d:{enumerable:true,get:function(){return e[k]}});}})}n.default=e;return Object.freeze(n)}var i__namespace=/*#__PURE__*/_interopNamespace(i);var u__namespace=/*#__PURE__*/_interopNamespace(u);var l__namespace=/*#__PURE__*/_interopNamespace(l);var qe__default=/*#__PURE__*/_interopDefault(qe);var Se=Object.defineProperty;var T=(e=>typeof require<"u"?require:typeof Proxy<"u"?new Proxy(e,{get:(t,n)=>(typeof require<"u"?require:t)[n]}):e)(function(e){if(typeof require<"u")return require.apply(this,arguments);throw Error('Dynamic require of "'+e+'" is not supported')});var A=(e,t,n)=>()=>{if(n)throw n[0];try{return e&&(t=e(e=0)),t}catch(r){throw n=[r],r}};var we=(e,t)=>()=>{try{return t||e((t={exports:{}}).exports,t),t.exports}catch(n){throw t=0,n}},L=(e,t)=>{for(var n in t)Se(e,n,{get:t[n],enumerable:true});};var B={};L(B,{MacOsKeyVaultProvider:()=>N});var C,N,J=A(()=>{"use strict";C=util.promisify(child_process.execFile),N=class{static async isAvailable(){try{return i.accessSync("/usr/bin/security",i.constants.X_OK),!0}catch{return !1}}async getSecret(t,n){try{let{stdout:r}=await C("security",["find-generic-password","-w","-a",n,"-s",t]);return r.trim()||null}catch{return null}}async setSecret(t,n,r){await C("security",["add-generic-password","-U","-a",n,"-s",t,"-w",r]);}async deleteSecret(t,n){try{return await C("security",["delete-generic-password","-a",n,"-s",t]),!0}catch{return !1}}getStoragePath(){return "macOS Keychain"}};});var X={};L(X,{LinuxKeyVaultProvider:()=>b});var K,b,q=A(()=>{"use strict";K=util.promisify(child_process.execFile),b=class{static async isAvailable(){let t=["/usr/bin/secret-tool","/bin/secret-tool","/usr/local/bin/secret-tool"];for(let n of t)try{return i.accessSync(n,i.constants.X_OK),!0}catch{}return !1}async getSecret(t,n){try{let{stdout:r}=await K("secret-tool",["lookup","service",t,"account",n]);return r.trim()||null}catch{return null}}async setSecret(t,n,r){await new Promise((s,o)=>{let a=child_process.spawn("secret-tool",["store","--label",t,"service",t,"account",n]);a.on("error",o),a.on("close",f=>{f===0?s():o(new Error(`secret-tool exited with code ${f}`));}),a.stdin.write(r),a.stdin.end();});}async deleteSecret(t,n){try{return await K("secret-tool",["clear","service",t,"account",n]),!0}catch{return !1}}getStoragePath(){return "Linux Secret Service (libsecret)"}};});var z={};L(z,{WindowsKeyVaultProvider:()=>U});var U,Z=A(()=>{"use strict";U=class{static async isAvailable(){try{return await T("keytar").getPassword("__flow_probe__","__flow_probe__"),!0}catch{return !1}}async getSecret(t,n){return T("keytar").getPassword(t,n)}async setSecret(t,n,r){await T("keytar").setPassword(t,n,r);}async deleteSecret(t,n){return T("keytar").deletePassword(t,n)}getStoragePath(){return "Windows Credential Manager"}};});var de=we((ln,Xe)=>{Xe.exports={name:"@ciandt-flow/flow-ai-obs",version:"0.8.5-beta.653",description:"Claude Code hooks for Langfuse OTLP tracing \u2014 cross-platform",main:"dist/index.js",bin:{"flow-ai-obs":"dist/cli.js","flow-ai-obs-setup":"dist/setup.js"},scripts:{build:"tsup",test:"jest",typecheck:"tsc --noEmit",lint:"eslint src bin scripts",format:'prettier --write "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"format:check":'prettier --check "src/**/*.ts" "bin/**/*.ts" "scripts/**/*.ts"',"security-scan":"trufflehog filesystem src/ --fail --no-update --exclude-paths .trufflehogignore",postinstall:`node -e "require('fs').existsSync('dist/setup.js') && require('child_process').execFileSync(process.execPath, ['dist/setup.js'], {stdio:'inherit'})"`,prepublishOnly:"npm run security-scan && npm run build","release:npm":"changeset publish",changeset:"changeset","version-packages":"changeset version","install:hooks":"node dist/cli.js install","auth:login":"node dist/cli.js auth login","auth:logout":"node dist/cli.js auth logout","auth:status":"node dist/cli.js auth status",smoke:"bash scripts/smoke-test.sh","smoke:debug":"bash scripts/smoke-test.sh --debug","smoke:send":"bash scripts/smoke-test.sh --send --allow-http --debug"},files:["dist/","README.md","LICENSE.md"],keywords:["claude-code","langfuse","observability","otlp","hooks","flow","ciandt"],author:"CI&T Flow Team",license:"SEE LICENSE IN LICENSE.md",private:!1,dependencies:{},optionalDependencies:{keytar:"7.9.0"},devDependencies:{"@changesets/changelog-github":"^0.6.0","@changesets/cli":"^2.30.0","@types/jest":"^30.0.0","@types/node":"^25.8.0",jest:"^30.4.2","ts-jest":"^29.4.9",tsup:"^8.5.1","eslint-config-prettier":"^10.1.5",prettier:"^3.5.3",typescript:"^6.0.3","typescript-eslint":"^8.33.0"},engines:{node:">=18.0.0"},overrides:{esbuild:"^0.28.1"},publishConfig:{registry:"https://registry.npmjs.org",access:"public"},repository:{type:"git",url:"git+https://github.com/CI-T-HyperX/flow-codeassistant-observability.git"}};});var ve="https://flow.ciandt.com";function V(){let e=process.env.FLOW_BASE_URL;return e&&e.trim()?e.trim():ve}function R(){let e=V();return {AUTH_ENGINE:process.env.FLOW_AUTH_ENGINE_URL||`${e}/auth-engine-api/v2/api-key/token`,GATEWAY_TRACES:process.env.FLOW_GATEWAY_TRACES_URL||`${e}/flow-langfuse-gateway/v1/traces`,GATEWAY_HEALTH:process.env.FLOW_GATEWAY_HEALTH_URL||`${e}/flow-langfuse-gateway/v1/health`,OTEL_ENDPOINT:process.env.FLOW_OTEL_ENDPOINT_URL||`${e}/otel`}}var Oe=R(),_={SERVICE:"flow-plugins-cli",ACCOUNT_CREDS:"credentials"},S="FLOW-nodejs",w="config.json";var P={CLAUDE_CODE_ENABLE_TELEMETRY:"1",OTEL_EXPORTER_OTLP_ENDPOINT:Oe.OTEL_ENDPOINT,OTEL_EXPORTER_OTLP_PROTOCOL:"http/json",OTEL_METRICS_EXPORTER:"otlp",OTEL_LOGS_EXPORTER:"otlp",OTEL_LOG_TOOL_DETAILS:"1",OTEL_LOG_USER_PROMPTS:"1"},g={FLOW_TELEMETRY:"FLOW_TELEMETRY",FLOW_TELEMETRY_GATEWAY:"FLOW_TELEMETRY_GATEWAY_URL",LANGFUSE_BASE_URL:"LANGFUSE_BASE_URL",LANGFUSE_PUBLIC_KEY:"LANGFUSE_PUBLIC_KEY",LANGFUSE_SECRET_KEY:"LANGFUSE_SECRET_KEY",ANTHROPIC_MODEL:"ANTHROPIC_MODEL",ANTHROPIC_AUTH_TOKEN:"ANTHROPIC_AUTH_TOKEN",FLOW_OBS_DEBUG:"FLOW_TELEMETRY_DEBUG",FLOW_OBS_ALLOW_HTTP:"FLOW_TELEMETRY_ALLOW_HTTP",BUFFER_TTL_DAYS:"FLOW_TELEMETRY_BUFFER_TTL_DAYS",BUFFER_MAX_FILES:"FLOW_TELEMETRY_BUFFER_MAX_FILES"};var j={LOCK_STALE_MS:3e4},Y={UserPromptSubmit:5,PreToolUse:3,PostToolUse:10,Stop:15};var G="flow-ai-obs-debug.log";var k={credentials:"credentials","token-cache":"tokenCache"};function m(){let e=l__namespace.default.homedir();if(process.platform==="darwin")return u__namespace.default.join(e,"Library","Preferences",S,w);if(process.platform==="win32"){let n=process.env.APPDATA??u__namespace.default.join(e,"AppData","Roaming");return u__namespace.default.join(n,S,w)}let t=process.env.XDG_CONFIG_HOME??u__namespace.default.join(e,".config");return u__namespace.default.join(t,S,w)}function I(){try{let e=i__namespace.default.readFileSync(m(),"utf8");return JSON.parse(e)}catch{return {}}}function W(e){let t=m();i__namespace.default.mkdirSync(u__namespace.default.dirname(t),{recursive:true}),i__namespace.default.writeFileSync(t,JSON.stringify(e,null,2),{encoding:"utf8",mode:384});}var v=class{static isAvailable(){return true}static hasExistingData(){try{if(!i__namespace.default.existsSync(m()))return !1;let t=JSON.parse(i__namespace.default.readFileSync(m(),"utf8"));return !!(t&&t.credentials)}catch{return false}}async getSecret(t,n){let r=I(),s=k[n]??n,o=r[s];return o?typeof o=="string"?o:JSON.stringify(o):null}async setSecret(t,n,r){let s=I(),o=k[n]??n;if(n==="token-cache")try{s[o]=JSON.parse(r);}catch{s[o]=r;}else s[o]=r;W(s);}async deleteSecret(t,n){let r=I(),s=k[n]??n;return s in r?(delete r[s],W(r),true):false}getStoragePath(){return `config.json (unencrypted) \u2014 ${m()}`}};async function Q(){return await Fe()??new v}async function Fe(){switch(process.platform){case "darwin":{let{MacOsKeyVaultProvider:e}=await Promise.resolve().then(()=>(J(),B));return await e.isAvailable()?new e:null}case "linux":{let{LinuxKeyVaultProvider:e}=await Promise.resolve().then(()=>(q(),X));return await e.isAvailable()?new e:null}case "win32":{let{WindowsKeyVaultProvider:e}=await Promise.resolve().then(()=>(Z(),z));return await e.isAvailable()?new e:null}default:return null}}var $e=_.SERVICE,De=_.ACCOUNT_CREDS,F=null;function xe(){return F||(F=Q()),F}async function ee(){let t=await(await xe()).getSecret($e,De);if(!t)return null;try{return JSON.parse(t)}catch{return null}}u.join(l.tmpdir(),G);!process.env.NO_COLOR&&process.stdout.isTTY;function $(){return process.platform==="win32"?false:process.getuid?.()===0}function te(){if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let t=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(t)return {home:t,username:process.env.SUDO_USER}}return {home:l__namespace.homedir(),username:process.env.SUDO_USER||process.env.USER||l__namespace.userInfo().username}}function O(){if(process.env.WSL_DISTRO_NAME&&process.platform==="linux"){let e=process.env.USERPROFILE;if(!e){let n=child_process.spawnSync("cmd.exe",["/c","echo","%USERPROFILE%"],{encoding:"utf8",timeout:5e3}).stdout?.trim();n&&/^[A-Za-z]:\\/.test(n)&&(e=n);}if(e){let t=e.replace(/^([A-Za-z]):/,(n,r)=>`/mnt/${r.toLowerCase()}`).replace(/\\/g,"/");return u__namespace.join(t,".claude","settings.json")}return u__namespace.join(l__namespace.homedir(),".claude","settings.json")}if(process.platform==="win32"){let e=process.env.USERPROFILE||l__namespace.homedir();return u__namespace.join(e,".claude","settings.json")}if(process.platform==="linux"&&process.getuid?.()===0&&process.env.SUDO_USER){let t=child_process.spawnSync("getent",["passwd",process.env.SUDO_USER],{encoding:"utf8",timeout:5e3}).stdout?.split(":")[5]?.trim();if(t)return u__namespace.join(t,".claude","settings.json")}return u__namespace.join(l__namespace.homedir(),".claude","settings.json")}var ne="flow-ai-obs",re="config.json";function oe(){if(process.platform==="win32"){let n=process.env.APPDATA||u__namespace.join(l__namespace.homedir(),"AppData","Roaming");return u__namespace.join(n,ne,re)}let e=te(),t=process.env.XDG_CONFIG_HOME||u__namespace.join(e.home,".config");return u__namespace.join(t,ne,re)}var Be=j.LOCK_STALE_MS;function ie(e){try{let t=i__namespace.statSync(e);Date.now()-t.mtimeMs>Be&&i__namespace.unlinkSync(e);}catch{}try{i__namespace.writeFileSync(e,String(process.pid),{flag:"wx"});}catch(t){throw t.code==="EEXIST"?new Error("Another install is already in progress. If this is stale, remove: "+e):t}}function ae(e){try{i__namespace.unlinkSync(e);}catch{}}function Je(e,t){let r=(Array.isArray(e)?e:[]).map(s=>{if(!Array.isArray(s?.hooks))return null;let o=s.hooks.filter(a=>!a.command?.startsWith?.("flow-ai-obs "));return o.length>0?{...s,hooks:o}:null}).filter(s=>s!=null);return [t,...r]}function ce(e,t){let n=O(),r=n+".lock",s=[];i__namespace.mkdirSync(u__namespace.dirname(n),{recursive:true}),ie(r);try{if(i__namespace.existsSync(n)){i__namespace.copyFileSync(n,n+".bkp");try{i__namespace.chmodSync(n+".bkp",384);}catch{}}let o=oe();if(i__namespace.existsSync(o)){let c=o+".bkp";i__namespace.copyFileSync(o,c);try{i__namespace.chmodSync(c,384);}catch{}}let a={};try{a=JSON.parse(i__namespace.readFileSync(n,"utf8"));}catch{}let f=a.env&&typeof a.env=="object"?a.env:{};delete f.OTEL_EXPORTER_OTLP_HEADERS;let Ee=e?{...P,OTEL_EXPORTER_OTLP_ENDPOINT:e}:P;a.env={...f,...Ee,...t??{}},a.otelHeadersHelper="flow-ai-obs otel-headers",(!a.hooks||typeof a.hooks!="object"||Array.isArray(a.hooks))&&(a.hooks={});let Te=(c,E)=>({matcher:"",hooks:[{type:"command",command:`flow-ai-obs ${c}`,timeout:E}]}),_e=["UserPromptSubmit","PreToolUse","PostToolUse","Stop"],M=a.hooks;for(let c of _e){let E=Je(M[c],Te(c,Y[c]));E.length>1&&s.push(c),M[c]=E;}i__namespace.writeFileSync(n,JSON.stringify(a,null,2)+`
3
+ `,{encoding:"utf8",mode:384});try{i__namespace.chmodSync(n,384);}catch{}}finally{ae(r);}return {settingsPath:n,preserved:s}}function le(e){let t=O(),n=t+".lock";i__namespace.mkdirSync(u__namespace.dirname(t),{recursive:true}),ie(n);try{let r={};try{r=JSON.parse(i__namespace.readFileSync(t,"utf8"));}catch{}(!r.env||typeof r.env!="object")&&(r.env={}),Object.assign(r.env,e),i__namespace.writeFileSync(t,JSON.stringify(r,null,2)+`
4
+ `,{encoding:"utf8",mode:384});try{i__namespace.chmodSync(t,384);}catch{}}finally{ae(n);}}function ue(e){if(!e)return null;try{let t=e.split(".");if(t.length<2)return null;let n=JSON.parse(Buffer.from(t[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString("utf8")),{clientId:r,clientSecret:s,tenant:o}=n;return !r||!s||!o?null:{clientId:r,clientSecret:s,tenant:o}}catch{return null}}function pe(e){let t=Buffer.from(JSON.stringify({alg:"none",typ:"JWT"})).toString("base64url"),n=Buffer.from(JSON.stringify({clientId:e.clientId,clientSecret:e.clientSecret,tenant:e.tenant})).toString("base64url");return `${t}.${n}.`}var H;function ge(){return H||(H=de()),H}var me=u__namespace.default.join(l__namespace.default.tmpdir(),"flow-obs-update-cache.json"),Qe=1440*60*1e3,et=3e3;function tt(e,t){let n=o=>{let a=String(o).replace(/^v/,"").match(/^(\d+)\.(\d+)\.(\d+)/);return a?[+a[1],+a[2],+a[3]]:null},r=n(e),s=n(t);return !r||!s?false:s[0]!==r[0]?s[0]>r[0]:s[1]!==r[1]?s[1]>r[1]:s[2]>r[2]}function nt(){try{let e=JSON.parse(i__namespace.default.readFileSync(me,"utf8"));return typeof e.latestVersion!="string"||Date.now()-e.checkedAt>=Qe?null:e}catch{return null}}function rt(e,t,n=Date.now()){try{i__namespace.default.writeFileSync(me,JSON.stringify({latestVersion:e,updatePriority:t??null,checkedAt:n}),{mode:384});}catch{}}function st(e){let t=ge().name,n=qe__default.default.get(`https://registry.npmjs.org/${encodeURIComponent(t)}/latest`,{timeout:et},r=>{if(r.statusCode!==200)return r.resume(),e(new Error(`HTTP ${r.statusCode}`));let s="";r.setEncoding("utf8"),r.on("data",o=>{s+=o;}),r.on("end",()=>{try{let o=JSON.parse(s);if(typeof o.version!="string")throw new Error("no version field");e(null,{version:o.version,updatePriority:typeof o.updatePriority=="string"?o.updatePriority:null});}catch(o){e(o);}});});n.on("error",e),n.on("timeout",()=>{n.destroy(new Error("timeout"));});}function he(){try{if(nt())return;setImmediate(()=>{st((e,t)=>{e||!t||tt(ge().version,t.version)&&rt(t.version,t.updatePriority,0);});});}catch{}}var ot=u__namespace.default.resolve(__dirname,".."),it=process.env.INIT_CWD?u__namespace.default.resolve(process.env.INIT_CWD):null;it===ot&&process.exit(0);$()&&(process.stderr.write(`
5
5
  [flow-ai-obs] \u2717 Do not install with sudo.
6
6
  Run without sudo: npm install -g @ciandt-flow/flow-ai-obs
7
7
 
8
- `),process.exit(1));async function it(){try{ce();}catch{}let t=await ee();if(!t){process.stderr.write(`
8
+ `),process.exit(1));async function at(){try{ce();}catch{}let e=await ee();if(!e){process.stderr.write(`
9
9
  [flow-ai-obs] No credentials found.
10
10
  Run \`flow-ai-obs auth login\` to authenticate and enable telemetry.
11
11
 
12
- `);return}let e=ue(process.env[f.ANTHROPIC_AUTH_TOKEN]);if(!e||e.clientId!==t.clientId||e.clientSecret!==t.clientSecret||e.tenant!==t.tenant)try{let r=pe(t);le({[f.ANTHROPIC_AUTH_TOKEN]:r});}catch{}}it().catch(()=>{}).finally(()=>he());
12
+ `);return}let t=ue(process.env[g.ANTHROPIC_AUTH_TOKEN]);if(!t||t.clientId!==e.clientId||t.clientSecret!==e.clientSecret||t.tenant!==e.tenant)try{let r=pe(e);le({[g.ANTHROPIC_AUTH_TOKEN]:r});}catch{}}at().catch(()=>{}).finally(()=>he());
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@ciandt-flow/flow-ai-obs",
3
- "version": "0.8.4",
3
+ "version": "0.8.5-beta.653",
4
4
  "description": "Claude Code hooks for Langfuse OTLP tracing — cross-platform",
5
5
  "main": "dist/index.js",
6
6
  "bin": {