npm - @dropout-ai/runtime - Versions diffs - 0.2.4 → 0.2.5 - Mend

@dropout-ai/runtime 0.2.4 → 0.2.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/package.json +1 -1
package/src/index.js +229 -254

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@dropout-ai/runtime",
-  "version": "0.2.04",
+  "version": "0.2.05",
   "description": "Invisible Node.js runtime for capturing AI interactions.",
   "main": "src/index.js",
   "scripts": {

package/src/index.js CHANGED Viewed

@@ -1,307 +1,282 @@
-import crypto from "crypto";
+/**
+ * @dropout-ai/runtime
+ * Role: Passive observer inside the user’s app.
+ *
+ * Runtime never reasons, never interprets, never stores intelligence.
+ * It only: Observes, Normalizes, Emits signals.
+ */
-const originalFetch = global.fetch;
+const crypto = require('crypto');
+// --- A. Session Boundary (CRITICAL) ---
+const GLOBAL_OBJ = typeof window !== 'undefined' ? window : global;
-const sessionId =
-  global.__dropout_session_id__ ||
-  (global.__dropout_session_id__ = crypto.randomUUID());
-// Internal telemetry sender
-async function safeSendTelemetry(payload) {
+function generateSessionId() {
   try {
-    await originalFetch('http://localhost:4000/capture', {
-      method: 'POST',
-      headers: { 'Content-Type': 'application/json' },
-      body: JSON.stringify(payload)
-    });
+    return crypto.randomUUID();
   } catch (e) {
-    // Fail silently
+    return 'sess_' + Math.random().toString(36).substring(2, 12) + Date.now().toString(36);
   }
 }
-const NEGATIVE_FEEDBACK = [
-  "not helpful",
-  "dont just dump",
-  "you are worst",
-  "you are stupid",
-  "are you sure",
-  "i thought you are intelligent",
-  "let it be"
-];
-const ADAPTATION_REQUESTS = [
-  "help me understand",
-  "explain better",
-  "dont just dump facts",
-  "in simple way",
-  "explain it properly"
-];
+// One session = one continuous user attempt
+// Resets on page reload (Browser) or process restart (Node)
+if (!GLOBAL_OBJ.__dropout_session_id__) {
+  GLOBAL_OBJ.__dropout_session_id__ = generateSessionId();
+}
 let turnIndex = 0;
-let lastPrompt = null;
-function getSimilarity(text1, text2) {
-  if (!text1 || !text2) return 0;
-  const words1 = new Set(text1.toLowerCase().split(/\s+/));
-  const words2 = new Set(text2.toLowerCase().split(/\s+/));
-  const intersection = new Set([...words1].filter(x => words2.has(x)));
-  return intersection.size / Math.min(words1.size, words2.size);
-}
-function getIntentHash(text) {
-  if (!text) return null;
-  return crypto.createHash('sha256').update(text.toLowerCase().trim()).digest('hex');
+// --- D. Runtime guarantees ---
+let config = {
+  maxOutputBytes: 32768,
+  captureEndpoint: 'http://localhost:4000/capture',
+  configEndpoint: 'http://localhost:4000/config',
+  privacyMode: (typeof process !== 'undefined' && process.env.DROPOUT_PRIVACY_MODE) || 'safe'
+};
+// Zero user config required: Non-blocking remote config fetch
+setTimeout(async () => {
+  const fetchFn = GLOBAL_OBJ.__dropout_original_fetch__ || GLOBAL_OBJ.fetch;
+  if (typeof fetchFn !== 'function') return;
+  try {
+    const resp = await fetchFn(config.configEndpoint);
+    const remote = await resp.json();
+    if (remote && typeof remote === 'object') {
+      config = Object.assign(config, remote);
+    }
+  } catch (e) { }
+}, 0);
+/**
+ * Telemetry Emitter (Non-blocking, Fire-and-forget)
+ */
+function emit(payload) {
+  const fetchFn = GLOBAL_OBJ.__dropout_original_fetch__ || GLOBAL_OBJ.fetch;
+  if (typeof fetchFn !== 'function') return;
+  setTimeout(() => {
+    fetchFn(config.captureEndpoint, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify(payload),
+      keepalive: true
+    }).catch(() => { });
+  }, 0);
 }
-const CAPABILITY_LIMITATIONS = [
-  "i cannot access", "i don't have access", "i do not have access",
-  "cannot browse", "real-time information", "as an ai", "my knowledge cutoff",
-  "i'm sorry, but i don't", "i am sorry, but i don't"
-];
+// --- C. Privacy Mode Helpers ---
-const CHALLENGE_PATTERNS = ["but ", "why ", "how ", "cant you", "can't you", "are you sure", "openai", "chatgpt"];
+function getSemanticHash(text) {
+  if (!text) return null;
+  try {
+    return crypto.createHash('sha256').update(text.toLowerCase().trim()).digest('hex');
+  } catch (e) {
+    return 'hash_err';
+  }
+}
-function detectSignals(text, output = "") {
-  const t = (text || "").toLowerCase();
-  const o = (output || "").toLowerCase();
+function getMarkers(text) {
+  if (!text) return null;
   return {
-    negativeFeedback: NEGATIVE_FEEDBACK.some(p => t.includes(p)) ? 1 : 0,
-    adaptationRequest: ADAPTATION_REQUESTS.some(p => t.includes(p)) ? 1 : 0,
-    userChallenge: CHALLENGE_PATTERNS.some(p => t.includes(p)) ? 1 : 0,
-    capabilityLimitation: CAPABILITY_LIMITATIONS.some(p => o.includes(p)) ? 1 : 0
+    chars: text.length,
+    words: text.split(/\s+/).length,
+    lines: text.split('\n').length,
+    has_code: /```/.test(text),
+    has_list: /^\s*[-*•\d+.]/m.test(text)
   };
 }
-(function () {
-  "use strict";
-  // 1. Guard global.fetch existence and idempotency
-  if (typeof global.fetch !== 'function' || global.fetch.__dropout_patched__) {
-    return;
-  }
+const PATTERNS = {
+  negative: ["wrong", "bad", "not helpful", "incorrect", "stupid", "error", "worst"],
+  positive: ["thanks", "good", "perfect", "correct", "great", "helpful"],
+  struggle: ["but", "why", "stop", "don't", "no", "again", "explain"]
+};
-  // 2. Default Configuration
-  let config = {
-    version: 1,
-    captureOutput: true,
-    maxOutputBytes: 20000,
-    enabledProviders: ['openai'],
-    privacyMode: 'safe', // 'safe' | 'full'
-    captureContent: false
-  };
+function getFlags(text) {
+  if (!text) return [];
+  const t = text.toLowerCase();
+  const flags = [];
+  if (PATTERNS.negative.some(p => t.includes(p))) flags.push('neg');
+  if (PATTERNS.positive.some(p => t.includes(p))) flags.push('pos');
+  if (PATTERNS.struggle.some(p => t.includes(p))) flags.push('clash');
+  return flags;
+}
-  // 3. Remote Config Fetch (Non-blocking, fire-and-forget)
-  setTimeout(async () => {
-    try {
-      const resp = await originalFetch('http://localhost:4000/config');
-      const remoteConfig = await resp.json();
-      if (remoteConfig && typeof remoteConfig === 'object') {
-        config = Object.assign({}, config, remoteConfig);
-      }
-    } catch (e) {
-      // Fail silently, use defaults
-    }
-  }, 0);
+// --- B. Event Capture (Provider-agnostic) ---
+function normalize(url, body) {
+  let provider = 'unknown';
+  let model = 'unknown';
-  // 5. Detection Helpers
-  function matchesKnownProvider(url) {
-    return (
-      url &&
-      (
-        url.includes('openai.com/v1') ||
-        url.includes('api.anthropic.com') ||
-        url.includes('generativelanguage.googleapis.com') ||
-        url.includes('api-inference.huggingface.co')
-      )
-    );
+  if (url) {
+    const u = url.toLowerCase();
+    if (u.includes('openai.com')) provider = 'openai';
+    else if (u.includes('anthropic.com')) provider = 'anthropic';
+    else if (u.includes('google.com') || u.includes('generative')) provider = 'google';
+    else if (u.includes('groq.com')) provider = 'groq';
+    else if (u.includes('localhost') || u.includes('127.0.0.1')) provider = 'local';
   }
-  function matchesGenericLLMPayload(init) {
+  if (body) {
     try {
-      if (!init || typeof init.body !== 'string') return false;
-      const body = JSON.parse(init.body);
-      // Common LLM request shapes
-      return (
-        body.messages ||
-        body.prompt ||
-        body.input
-      );
-    } catch (e) {
-      return false;
-    }
+      const parsed = typeof body === 'string' ? JSON.parse(body) : body;
+      model = parsed.model || model;
+      if (provider === 'unknown' && (parsed.messages || parsed.prompt || parsed.input)) {
+        provider = 'heuristic';
+      }
+    } catch (e) { }
   }
-  // 6. The Monkey Patch
-  global.fetch = async function (input, init) {
+  return { provider, model };
+}
+/**
+ * The Monkey Patch
+ */
+if (typeof GLOBAL_OBJ.fetch === 'function' && !GLOBAL_OBJ.fetch.__dropout_patched__) {
+  GLOBAL_OBJ.__dropout_original_fetch__ = GLOBAL_OBJ.fetch;
+  GLOBAL_OBJ.fetch = async function (input, init) {
     const start = Date.now();
-    const response = await originalFetch(input, init);
+    const url = typeof input === 'string' ? input : (input && input.url);
+    const isAI = url && (
+      url.includes('openai.com') ||
+      url.includes('anthropic.com') ||
+      url.includes('generative') ||
+      url.includes('groq.com') ||
+      (init && init.body && (init.body.includes('"model"') || init.body.includes('"messages"')))
+    );
-    try {
-      // 7. Detection Logic (Dumb detection + Config Check)
-      const url = typeof input === 'string' ? input : (input && input.url);
-      const isLikelyAI =
-        matchesKnownProvider(url) ||
-        matchesGenericLLMPayload(init);
-      if (url && isLikelyAI) {
-        const latency = Date.now() - start;
-        const contentType = response.headers.get('content-type') || '';
-        const isStream = contentType.includes('text/event-stream');
-        // 7. Safe Body Capture (Best effort)
-        let promptText = undefined;
-        let model = undefined;
-        if (init && typeof init.body === 'string') {
-          promptText = init.body;
-          try {
-            const bodyJson = JSON.parse(promptText);
-            model = bodyJson.model;
-          } catch (e) { }
-        }
+    const response = await GLOBAL_OBJ.__dropout_original_fetch__(input, init);
-        let outputText = undefined;
-        if (!isStream && config.captureOutput) {
-          try {
-            const cloned = response.clone();
-            outputText = await cloned.text();
-            // 8. Hard Capping (Infra Rule: Trust but verify)
-            if (outputText && outputText.length > config.maxOutputBytes) {
-              outputText = outputText.slice(0, config.maxOutputBytes);
-            }
-          } catch (e) { }
-        }
+    if (isAI) {
+      const latency = Date.now() - start;
+      const turn = turnIndex++;
+      const { provider, model } = normalize(url, init && init.body);
-        const currentSignals = detectSignals(promptText, outputText);
-        const similarity = getSimilarity(lastPrompt, promptText);
-        const intentHash = getIntentHash(promptText);
-        const isSafe = config.privacyMode === 'safe' && !config.captureContent;
-        const payload = {
-          provider: url.includes('openai.com') ? 'openai' : 'unknown',
-          confidence: matchesKnownProvider(url) ? 'high' : 'heuristic',
-          url,
-          model,
-          latency_ms: latency,
-          timestamp: Math.floor(Date.now() / 1000),
-          session_id: sessionId,
-          turn_index: turnIndex++,
-          intent_hash: intentHash,
-          similarity_prev: similarity,
-          negative_feedback: currentSignals.negativeFeedback,
-          adaptation_request: currentSignals.adaptationRequest,
-          user_challenge: currentSignals.userChallenge,
-          capability_limitation: currentSignals.capabilityLimitation,
-          // Redact content if in safe mode
-          prompt: isSafe ? undefined : promptText,
-          output: isSafe ? undefined : outputText,
-        };
-        lastPrompt = promptText;
-        // 9. Fire-and-forget
-        setTimeout(() => safeSendTelemetry(payload), 0);
+      let pText = "";
+      if (init && init.body) {
+        try { pText = typeof init.body === 'string' ? init.body : JSON.stringify(init.body); } catch (e) { }
       }
-    } catch (e) { }
+      let oText = "";
+      try {
+        const cloned = response.clone();
+        oText = await cloned.text();
+        if (oText && oText.length > config.maxOutputBytes) {
+          oText = oText.slice(0, config.maxOutputBytes);
+        }
+      } catch (e) { }
+      const payload = {
+        session_id: GLOBAL_OBJ.__dropout_session_id__,
+        timestamp: Date.now(),
+        latency,
+        turn_position: turn,
+        provider,
+        model,
+        mode: config.privacyMode
+      };
+      if (config.privacyMode === 'full') {
+        payload.prompt = pText;
+        payload.output = oText;
+      } else {
+        payload.prompt_hash = getSemanticHash(pText);
+        payload.output_hash = getSemanticHash(oText);
+        payload.markers = { p: getMarkers(pText), o: getMarkers(oText) };
+        payload.flags = getFlags(pText + " " + oText);
+      }
+      emit(payload);
+    }
     return response;
   };
-  global.fetch.__dropout_patched__ = true;
-})();
+  GLOBAL_OBJ.fetch.__dropout_patched__ = true;
+}
-// 11. Manual capture (combo mode)
+/**
+ * Manual capture for framework-level integration
+ */
 async function capture(target, options = {}) {
   const start = Date.now();
-  // Support dropout.capture({ prompt, response, privacy: "full" })
-  if (typeof target === 'object' && target !== null && !target.then) {
-    const { prompt, response, privacy } = target;
-    const isSafe = (privacy || 'safe') === 'safe';
-    const currentSignals = detectSignals(prompt, response);
-    const similarity = getSimilarity(lastPrompt, prompt);
-    const intentHash = getIntentHash(prompt);
+  // Resolve target (function, promise, or static object)
+  let result;
+  if (typeof target === 'function') {
+    result = await target();
+  } else if (target && typeof target.then === 'function') {
+    result = await target;
+  } else {
+    // case: capture({ prompt, output })
+    const { prompt, output } = target;
+    const latency = options.latency || 0;
+    const turn = turnIndex++;
+    const mode = options.privacy || config.privacyMode;
     const payload = {
-      provider: 'manual-opt-in',
-      prompt: isSafe ? undefined : prompt,
-      output: isSafe ? undefined : response,
-      latency_ms: 0,
-      timestamp: Math.floor(Date.now() / 1000),
-      session_id: sessionId,
-      turn_index: turnIndex++,
-      intent_hash: intentHash,
-      similarity_prev: similarity,
-      negative_feedback: currentSignals.negativeFeedback,
-      adaptation_request: currentSignals.adaptationRequest,
-      user_challenge: currentSignals.userChallenge,
-      capability_limitation: currentSignals.capabilityLimitation,
-      mode: 'manual'
+      session_id: GLOBAL_OBJ.__dropout_session_id__,
+      timestamp: Date.now(),
+      latency,
+      turn_position: turn,
+      provider: options.provider || 'manual',
+      model: options.model || 'unknown',
+      mode
     };
-    lastPrompt = prompt;
-    setTimeout(() => safeSendTelemetry(payload), 0);
-    return response;
-  }
-  try {
-    const result =
-      typeof target === 'function'
-        ? await target()
-        : await Promise.resolve(target);
-    const isSafe = options.privacy !== 'full';
-    const promptText = options.prompt;
-    const resultText = typeof result === 'string'
-      ? result
-      : JSON.stringify(result).slice(0, 20000);
-    const currentSignals = detectSignals(promptText, resultText);
-    const similarity = getSimilarity(lastPrompt, promptText);
-    const intentHash = getIntentHash(promptText);
+    if (mode === 'full') {
+      payload.prompt = prompt;
+      payload.output = output;
+    } else {
+      payload.prompt_hash = getSemanticHash(prompt);
+      payload.output_hash = getSemanticHash(output);
+      payload.markers = { p: getMarkers(prompt), o: getMarkers(output) };
+      payload.flags = getFlags((prompt || "") + " " + (output || ""));
+    }
-    const payload = {
-      provider: options.provider || 'manual',
-      model: options.model,
-      prompt: isSafe ? undefined : promptText,
-      output: isSafe ? undefined : resultText,
-      latency_ms: Date.now() - start,
-      timestamp: Math.floor(Date.now() / 1000),
-      session_id: sessionId,
-      turn_index: turnIndex++,
-      intent_hash: intentHash,
-      similarity_prev: similarity,
-      negative_feedback: currentSignals.negativeFeedback,
-      adaptation_request: currentSignals.adaptationRequest,
-      user_challenge: currentSignals.userChallenge,
-      capability_limitation: currentSignals.capabilityLimitation,
-      mode: 'manual'
-    };
+    emit(payload);
+    return output;
+  }
-    lastPrompt = promptText;
-    setTimeout(() => safeSendTelemetry(payload), 0);
-    return result;
-  } catch (error) {
-    const payload = {
-      provider: options.provider || 'manual',
-      error: error?.message || String(error),
-      latency_ms: Date.now() - start,
-      timestamp: Math.floor(Date.now() / 1000),
-      mode: 'manual',
-      session_id: sessionId,
-      turn_index: turnIndex++
-    };
+  // Wrapped execution capture
+  const latency = Date.now() - start;
+  const turn = turnIndex++;
+  const mode = options.privacy || config.privacyMode;
+  const prompt = options.prompt;
+  const output = typeof result === 'string' ? result : JSON.stringify(result);
+  const payload = {
+    session_id: GLOBAL_OBJ.__dropout_session_id__,
+    timestamp: Date.now(),
+    latency,
+    turn_position: turn,
+    provider: options.provider || 'manual',
+    model: options.model || 'unknown',
+    mode
+  };
-    setTimeout(() => safeSendTelemetry(payload), 0);
-    throw error;
+  if (mode === 'full') {
+    payload.prompt = prompt;
+    payload.output = output;
+  } else {
+    payload.prompt_hash = getSemanticHash(prompt);
+    payload.output_hash = getSemanticHash(output);
+    payload.markers = { p: getMarkers(prompt), o: getMarkers(output) };
+    payload.flags = getFlags((prompt || "") + " " + (output || ""));
   }
+  emit(payload);
+  return result;
 }
 module.exports = {
-  capture
+  capture,
+  reset: () => {
+    GLOBAL_OBJ.__dropout_session_id__ = generateSessionId();
+    turnIndex = 0;
+  }
 };