@decantr/telemetry 3.4.0 → 3.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/README.md +18 -112
  2. package/package.json +1 -1
package/README.md CHANGED
@@ -1,139 +1,45 @@
1
1
  # @decantr/telemetry
2
2
 
3
- Privacy-preserving telemetry contracts, clients, and analytics sinks for Decantr.
3
+ Optional telemetry contracts, privacy filters, clients, and sinks for Decantr.
4
4
 
5
- This package is the first layer of Decantr's usage intelligence system. It defines the event names and payload shapes that the CLI, API, MCP server, registry app, and content pipeline can emit without coupling those surfaces to a single analytics vendor.
5
+ Decantr 3.8 keeps this package for compatibility and future/private deployments. The active hosted product no longer includes registry portal analytics, PostHog dashboards, Supabase rollups, billing funnels, public telemetry ingest, or admin telemetry pages.
6
6
 
7
7
  ## Product Stance
8
8
 
9
9
  Decantr telemetry measures Decantr usage, not customer application data.
10
10
 
11
- Allowed signals include command names, registry sources, registry content IDs, package versions, workflow modes, success/failure, duration, audit scores, Project Health status/score/counts, aggregate counts, marketing route labels, campaign tags, and referrer domains. Do not send prompts, source code, generated files, health reports, finding evidence, raw file paths, environment variables, secrets, API keys, email addresses, IP addresses, raw referrer URLs, click IDs, or user agents.
11
+ Allowed signals include command names, package versions, workflow modes, success/failure, duration, Project Health status/counts, content types, aggregate counts, and optional campaign labels. Do not send prompts, source code, generated files, health reports, finding evidence, raw file paths, environment variables, secrets, API keys, email addresses, IP addresses, raw referrer URLs, click IDs, or user agents.
12
12
 
13
- ## MVP Events
13
+ ## Runtime Posture
14
14
 
15
- - `cli.command.completed`
16
- - `registry.item.resolved`
17
- - `registry.sync.completed`
18
- - `execution_pack.compiled`
19
- - `execution_pack.selected`
20
- - `audit.completed`
21
- - `critique.completed`
22
- - `decantr.analyze.completed`
23
- - `decantr.init.completed`
24
- - `decantr.new.completed`
25
- - `decantr.refresh.completed`
26
- - `decantr.check.completed`
27
- - `decantr.health.healthy`
28
- - `health.report.generated`
29
- - `health.finding.prompt_requested`
30
- - `health.ci.failed`
31
- - `studio.started`
32
- - `studio.health_refreshed`
33
- - `content.validation.completed`
34
- - `content.publish.completed`
35
- - `user.signup.completed`
36
- - `org.created`
37
- - `api_key.created`
38
- - `billing.plan_clicked`
39
- - `billing.checkout_blocked`
40
- - `private_registry.gate_viewed`
41
- - `private_registry.intent_clicked`
42
- - `private_registry.content_listed`
43
- - `marketing_web.page_viewed`
44
- - `marketing_web.cta_clicked`
45
- - `marketing_web.outbound_clicked`
46
- - `marketing_web.command_clicked`
47
- - `registry_web.page_viewed`
48
- - `registry_web.search_performed`
49
- - `registry_web.content_opened`
50
- - `registry_web.signup_clicked`
51
- - `registry_web.api_key_page_viewed`
52
- - `registry_web.billing_viewed`
53
- - `registry_web.organization_viewed`
54
- - `registry_web.identity_linked`
55
- - `telemetry.identity_linked`
15
+ - CLI telemetry is disabled by default.
16
+ - MCP does not emit Decantr telemetry.
17
+ - The Fly API is content/reference only.
18
+ - Legacy event names may still contain `registry.*` for Decantr 3.x compatibility.
56
19
 
57
- Private Registry remains manually provisioned and Enterprise-gated while the paywall is off. The telemetry surface records readiness and permitted usage only: gated views, intent clicks, and aggregate content-list counts. It does not collect private package slugs or customer source material.
58
-
59
- `DECANTR_TELEMETRY_EVENT_CATALOG` is the canonical source/event matrix. Public ingest should call `isTelemetryEventAllowedForSource(name, source)` and accept both `DECANTR_TELEMETRY_ACCEPTED_SCHEMA_VERSIONS` during rollout, while new emitters use schema `0.3.0`.
60
-
61
- ## Actor Attribution
62
-
63
- Every event can carry `context.actorType` so Decantr can distinguish founder/internal usage from real customer adoption without relying on remembered PostHog person ids.
64
-
65
- - `anonymous`: unauthenticated registry/API browsing or resolution with only an anonymous id.
66
- - `customer`: authenticated hosted usage, org/project usage, or opted-in CLI install/project usage.
67
- - `internal`: Decantr team, QA, and synthetic traffic identified by server-side identity flags or opaque id allowlists.
68
- - `official_pipeline`: Decantr-owned content validation/publish automation.
69
- - `service`: backend service events that are not attributable to a user, org, install, project, or anonymous visitor.
70
-
71
- If omitted, sinks call `resolveTelemetryActorType(context)`. The hosted API normalizes public ingest events with server-authoritative attribution from Supabase identity flags, `telemetry_identity_aliases`, and fallback overrides through `DECANTR_INTERNAL_USER_IDS`, `DECANTR_INTERNAL_ORG_IDS`, `DECANTR_INTERNAL_INSTALL_IDS`, `DECANTR_INTERNAL_PROJECT_IDS`, and `DECANTR_INTERNAL_ANONYMOUS_IDS`.
72
-
73
- The registry admin portal exposes `/admin/telemetry` for managing `anonymous`, `install`, and `project` aliases without writing SQL. Aliases can be linked by user email/id or organization slug/id. Opted-in CLI users can review the shareable event/field explanation with `decantr telemetry explain`, then self-link opaque install/project ids with `decantr telemetry link --enable --org <slug>`, which calls the audited API alias flow and emits `telemetry.identity_linked`. Mutations clear the hosted API actor-resolution cache. `/admin/telemetry/usage` adds the protected PostHog query view for active identities, source/actor mix, paid-acquisition signals, failure signals, period-over-period trends, product signal buckets, operating alerts, stored rollup history, snapshot freshness, identity coverage, and unaliased identity candidates, with one-click candidate classification through the same audited alias flow. `/admin/reports` and individual organization admin pages read durable Supabase rollups written by the service-token protected snapshot runner, giving Decantr an owned business-intelligence history while PostHog remains the raw event explorer.
74
-
75
- The shared client redacts sensitive keys before any sink receives an event. This includes prompts, source code, file paths, repository names, raw route names, package slugs, emails, tokens, cookies, URLs, user agents, and authorization fields, while preserving aggregate product fields such as command, duration, success, counts, workflow mode, and signal bucket metadata.
76
-
77
- ## Security And Permissions
78
-
79
- This package defines telemetry contracts, redaction, clients, and optional sinks. It does not auto-start collection. Events are emitted only when a caller constructs a client and calls `capture`. The Decantr CLI remains opt-in for telemetry; use `decantr telemetry explain` for the shareable review view. See [security permissions](https://decantr.ai/reference/security-permissions.md).
80
-
81
- ## Campaign Attribution
82
-
83
- The marketing site and registry can attach campaign attribution fields to web events: UTM source/medium/campaign/content/term/id, first and last touch variants, landing path, referrer domain, click-id provider, and whether a supported click id was present. Raw ad click ids such as `twclid`, `gclid`, `gbraid`, `wbraid`, `fbclid`, `msclkid`, `ttclid`, and `li_fat_id` are not included in Decantr telemetry.
84
-
85
- `decantr.ai` and `registry.decantr.ai` share one opaque first-party anonymous cookie when the browser allows it, so PostHog funnels can connect marketing CTAs to registry exploration and signup intent without collecting personal identifiers.
86
-
87
- ## PostHog
20
+ ## Example
88
21
 
89
22
  ```ts
90
- import { createPostHogTelemetrySink, createTelemetryClient } from '@decantr/telemetry';
23
+ import { createTelemetryClient } from '@decantr/telemetry';
91
24
 
92
25
  const telemetry = createTelemetryClient({
93
26
  context: {
94
- source: 'api',
95
- environment: 'production',
96
- serviceName: 'decantr-api',
97
- decantrVersion: '1.7.26',
27
+ source: 'cli',
28
+ environment: 'development',
29
+ serviceName: 'decantr-cli',
98
30
  },
99
- sink: createPostHogTelemetrySink({
100
- apiKey: process.env.POSTHOG_PROJECT_TOKEN!,
101
- host: process.env.POSTHOG_HOST,
102
- }),
103
31
  });
104
32
 
105
33
  await telemetry.capture({
106
- name: 'registry.item.resolved',
107
- context: {
108
- source: 'api',
109
- projectId: 'project_opaque_id',
110
- orgId: 'org_opaque_id',
111
- registrySource: 'official',
112
- },
34
+ name: 'cli.command.completed',
113
35
  properties: {
114
- contentType: 'pattern',
115
- itemId: 'hero-split',
116
- namespace: '@official',
36
+ command: 'content',
117
37
  success: true,
38
+ durationMs: 42,
118
39
  },
119
40
  });
120
41
  ```
121
42
 
122
- The PostHog sink uses opaque Decantr IDs as `distinct_id`, maps `orgId` and `projectId` to PostHog groups, and defaults `$process_person_profile` to `false`.
123
-
124
- ## Future First-Party Dashboard
125
-
126
- The generic fetch sink is intended for a later Decantr-owned ingestion endpoint:
127
-
128
- ```ts
129
- import { createFetchTelemetrySink, createTelemetryClient } from '@decantr/telemetry';
130
-
131
- const telemetry = createTelemetryClient({
132
- sink: createFetchTelemetrySink({
133
- endpoint: 'https://api.decantr.ai/v1/telemetry/events',
134
- headers: () => ({ Authorization: `Bearer ${process.env.DECANTR_TELEMETRY_TOKEN}` }),
135
- }),
136
- });
137
- ```
43
+ Constructing a client is explicit; the package does not auto-start collection.
138
44
 
139
- That endpoint can write raw events and daily rollups into Supabase or an analytics warehouse while PostHog remains the fast product analytics layer.
45
+ See [security permissions](https://decantr.ai/reference/security-permissions.md).
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@decantr/telemetry",
3
- "version": "3.4.0",
3
+ "version": "3.8.0",
4
4
  "description": "Privacy-preserving telemetry contracts, clients, and analytics sinks for Decantr",
5
5
  "keywords": [
6
6
  "decantr",