npm - @dropout-ai/runtime - Versions diffs - 0.2.4 → 0.2.6 - Mend

@dropout-ai/runtime 0.2.4 → 0.2.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/package.json +1 -1
package/src/index.js +231 -263

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@dropout-ai/runtime",
-  "version": "0.2.04",
+  "version": "0.2.06",
   "description": "Invisible Node.js runtime for capturing AI interactions.",
   "main": "src/index.js",
   "scripts": {

package/src/index.js CHANGED Viewed

@@ -1,307 +1,275 @@
-import crypto from "crypto";
+/**
+ * @dropout-ai/runtime
+ * Role: Passive observer inside the user’s app.
+ *
+ * Runtime never reasons, never interprets, never stores intelligence.
+ * it only: Observes, Normalizes, Emits signals.
+ */
-const originalFetch = global.fetch;
+const crypto = require('crypto');
+// --- Identity & State ---
+const GLOBAL_OBJ = typeof window !== 'undefined' ? window : global;
-const sessionId =
-  global.__dropout_session_id__ ||
-  (global.__dropout_session_id__ = crypto.randomUUID());
-// Internal telemetry sender
-async function safeSendTelemetry(payload) {
+function generateSessionId() {
   try {
-    await originalFetch('http://localhost:4000/capture', {
-      method: 'POST',
-      headers: { 'Content-Type': 'application/json' },
-      body: JSON.stringify(payload)
-    });
+    return crypto.randomUUID();
   } catch (e) {
-    // Fail silently
+    return 'sess_' + Math.random().toString(36).substring(2, 12) + Date.now().toString(36);
   }
 }
-const NEGATIVE_FEEDBACK = [
-  "not helpful",
-  "dont just dump",
-  "you are worst",
-  "you are stupid",
-  "are you sure",
-  "i thought you are intelligent",
-  "let it be"
-];
-const ADAPTATION_REQUESTS = [
-  "help me understand",
-  "explain better",
-  "dont just dump facts",
-  "in simple way",
-  "explain it properly"
-];
+if (!GLOBAL_OBJ.__dropout_session_id__) {
+  GLOBAL_OBJ.__dropout_session_id__ = generateSessionId();
+}
 let turnIndex = 0;
-let lastPrompt = null;
-function getSimilarity(text1, text2) {
-  if (!text1 || !text2) return 0;
-  const words1 = new Set(text1.toLowerCase().split(/\s+/));
-  const words2 = new Set(text2.toLowerCase().split(/\s+/));
-  const intersection = new Set([...words1].filter(x => words2.has(x)));
-  return intersection.size / Math.min(words1.size, words2.size);
+let lastPromptHash = null;
+let lastResponseHash = null;
+// --- Runtime Guarantees ---
+let config = {
+  maxOutputBytes: 32768,
+  captureEndpoint: 'http://localhost:4000/capture',
+  configEndpoint: 'http://localhost:4000/config',
+  privacyMode: (typeof process !== 'undefined' && process.env.DROPOUT_PRIVACY_MODE) || 'safe'
+};
+// Remote config fetch (Non-blocking)
+setTimeout(async () => {
+  const fetchFn = GLOBAL_OBJ.__dropout_original_fetch__ || GLOBAL_OBJ.fetch;
+  if (typeof fetchFn !== 'function') return;
+  try {
+    const resp = await fetchFn(config.configEndpoint);
+    const remote = await resp.json();
+    if (remote && typeof remote === 'object') {
+      config = Object.assign(config, remote);
+    }
+  } catch (e) { }
+}, 0);
+/**
+ * Telemetry Emitter (Non-blocking, Fire-and-forget)
+ */
+function emit(payload) {
+  const fetchFn = GLOBAL_OBJ.__dropout_original_fetch__ || GLOBAL_OBJ.fetch;
+  if (typeof fetchFn !== 'function') return;
+  setTimeout(() => {
+    fetchFn(config.captureEndpoint, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify(payload),
+      keepalive: true
+    }).catch(() => { });
+  }, 0);
 }
-function getIntentHash(text) {
+// --- Content Utilities ---
+function hash(text) {
   if (!text) return null;
-  return crypto.createHash('sha256').update(text.toLowerCase().trim()).digest('hex');
+  try {
+    return crypto.createHash('sha256').update(text.toLowerCase().trim()).digest('hex');
+  } catch (e) {
+    return 'hash_err';
+  }
 }
-const CAPABILITY_LIMITATIONS = [
-  "i cannot access", "i don't have access", "i do not have access",
-  "cannot browse", "real-time information", "as an ai", "my knowledge cutoff",
-  "i'm sorry, but i don't", "i am sorry, but i don't"
-];
-const CHALLENGE_PATTERNS = ["but ", "why ", "how ", "cant you", "can't you", "are you sure", "openai", "chatgpt"];
-function detectSignals(text, output = "") {
-  const t = (text || "").toLowerCase();
-  const o = (output || "").toLowerCase();
-  return {
-    negativeFeedback: NEGATIVE_FEEDBACK.some(p => t.includes(p)) ? 1 : 0,
-    adaptationRequest: ADAPTATION_REQUESTS.some(p => t.includes(p)) ? 1 : 0,
-    userChallenge: CHALLENGE_PATTERNS.some(p => t.includes(p)) ? 1 : 0,
-    capabilityLimitation: CAPABILITY_LIMITATIONS.some(p => o.includes(p)) ? 1 : 0
-  };
-}
+// --- Provider Normalization ---
-(function () {
-  "use strict";
-  // 1. Guard global.fetch existence and idempotency
-  if (typeof global.fetch !== 'function' || global.fetch.__dropout_patched__) {
-    return;
-  }
+function normalize(url, body) {
+  let provider = 'unknown';
+  let model = 'unknown';
-  // 2. Default Configuration
-  let config = {
-    version: 1,
-    captureOutput: true,
-    maxOutputBytes: 20000,
-    enabledProviders: ['openai'],
-    privacyMode: 'safe', // 'safe' | 'full'
-    captureContent: false
-  };
+  if (url) {
+    const u = url.toLowerCase();
+    if (u.includes('openai.com')) provider = 'openai';
+    else if (u.includes('anthropic.com')) provider = 'anthropic';
+    else if (u.includes('google.com') || u.includes('generative')) provider = 'google';
+    else if (u.includes('groq.com')) provider = 'groq';
+    else if (u.includes('localhost') || u.includes('127.0.0.1')) provider = 'local';
+  }
-  // 3. Remote Config Fetch (Non-blocking, fire-and-forget)
-  setTimeout(async () => {
+  if (body) {
     try {
-      const resp = await originalFetch('http://localhost:4000/config');
-      const remoteConfig = await resp.json();
-      if (remoteConfig && typeof remoteConfig === 'object') {
-        config = Object.assign({}, config, remoteConfig);
+      const parsed = typeof body === 'string' ? JSON.parse(body) : body;
+      model = parsed.model || model;
+      if (provider === 'unknown' && (parsed.messages || parsed.prompt || parsed.input)) {
+        provider = 'heuristic';
       }
-    } catch (e) {
-      // Fail silently, use defaults
-    }
-  }, 0);
+    } catch (e) { }
+  }
+  return { provider, model };
+}
+// --- The Monkey Patch ---
+if (typeof GLOBAL_OBJ.fetch === 'function' && !GLOBAL_OBJ.fetch.__dropout_patched__) {
+  GLOBAL_OBJ.__dropout_original_fetch__ = GLOBAL_OBJ.fetch;
-  // 5. Detection Helpers
-  function matchesKnownProvider(url) {
-    return (
-      url &&
-      (
-        url.includes('openai.com/v1') ||
-        url.includes('api.anthropic.com') ||
-        url.includes('generativelanguage.googleapis.com') ||
-        url.includes('api-inference.huggingface.co')
-      )
+  GLOBAL_OBJ.fetch = async function (input, init) {
+    const url = typeof input === 'string' ? input : (input && input.url);
+    const isAI = url && (
+      url.includes('openai.com') ||
+      url.includes('anthropic.com') ||
+      url.includes('generative') ||
+      url.includes('groq.com') ||
+      (init && init.body && (init.body.includes('"model"') || init.body.includes('"messages"')))
     );
-  }
-  function matchesGenericLLMPayload(init) {
+    if (!isAI) return GLOBAL_OBJ.__dropout_original_fetch__(input, init);
+    const start = Date.now();
+    const turn = turnIndex++;
+    const { provider, model } = normalize(url, init && init.body);
+    // --- 1. Emit Request Event ---
+    let pText = "";
+    if (init && init.body) {
+      try { pText = typeof init.body === 'string' ? init.body : JSON.stringify(init.body); } catch (e) { }
+    }
+    const pHash = hash(pText);
+    const isRetry = pHash && pHash === lastPromptHash;
+    const requestEvent = {
+      identity: {
+        session_id: GLOBAL_OBJ.__dropout_session_id__,
+        turn_index: turn,
+        direction: 'request',
+        turn_role: 'user'
+      },
+      timing: {
+        created_at: Date.now()
+      },
+      provider_context: {
+        provider,
+        model
+      },
+      content: {
+        content_raw: config.privacyMode === 'full' ? pText : null,
+        content_hash: pHash
+      },
+      metadata_flags: {
+        retry_like: isRetry ? 1 : 0
+      }
+    };
+    emit(requestEvent);
+    lastPromptHash = pHash;
+    // Execute actual fetch
+    let response;
+    let oText = "";
     try {
-      if (!init || typeof init.body !== 'string') return false;
-      const body = JSON.parse(init.body);
-      // Common LLM request shapes
-      return (
-        body.messages ||
-        body.prompt ||
-        body.input
-      );
-    } catch (e) {
-      return false;
+      response = await GLOBAL_OBJ.__dropout_original_fetch__(input, init);
+    } catch (err) {
+      // Re-throw after giving it a chance to be reported if needed (though runtime usually silent)
+      throw err;
     }
-  }
-  // 6. The Monkey Patch
-  global.fetch = async function (input, init) {
-    const start = Date.now();
-    const response = await originalFetch(input, init);
+    const latency = Date.now() - start;
+    // --- 2. Emit Response Event ---
     try {
-      // 7. Detection Logic (Dumb detection + Config Check)
-      const url = typeof input === 'string' ? input : (input && input.url);
-      const isLikelyAI =
-        matchesKnownProvider(url) ||
-        matchesGenericLLMPayload(init);
-      if (url && isLikelyAI) {
-        const latency = Date.now() - start;
-        const contentType = response.headers.get('content-type') || '';
-        const isStream = contentType.includes('text/event-stream');
-        // 7. Safe Body Capture (Best effort)
-        let promptText = undefined;
-        let model = undefined;
-        if (init && typeof init.body === 'string') {
-          promptText = init.body;
-          try {
-            const bodyJson = JSON.parse(promptText);
-            model = bodyJson.model;
-          } catch (e) { }
-        }
-        let outputText = undefined;
-        if (!isStream && config.captureOutput) {
-          try {
-            const cloned = response.clone();
-            outputText = await cloned.text();
-            // 8. Hard Capping (Infra Rule: Trust but verify)
-            if (outputText && outputText.length > config.maxOutputBytes) {
-              outputText = outputText.slice(0, config.maxOutputBytes);
-            }
-          } catch (e) { }
-        }
-        const currentSignals = detectSignals(promptText, outputText);
-        const similarity = getSimilarity(lastPrompt, promptText);
-        const intentHash = getIntentHash(promptText);
-        const isSafe = config.privacyMode === 'safe' && !config.captureContent;
-        const payload = {
-          provider: url.includes('openai.com') ? 'openai' : 'unknown',
-          confidence: matchesKnownProvider(url) ? 'high' : 'heuristic',
-          url,
-          model,
-          latency_ms: latency,
-          timestamp: Math.floor(Date.now() / 1000),
-          session_id: sessionId,
-          turn_index: turnIndex++,
-          intent_hash: intentHash,
-          similarity_prev: similarity,
-          negative_feedback: currentSignals.negativeFeedback,
-          adaptation_request: currentSignals.adaptationRequest,
-          user_challenge: currentSignals.userChallenge,
-          capability_limitation: currentSignals.capabilityLimitation,
-          // Redact content if in safe mode
-          prompt: isSafe ? undefined : promptText,
-          output: isSafe ? undefined : outputText,
-        };
-        lastPrompt = promptText;
-        // 9. Fire-and-forget
-        setTimeout(() => safeSendTelemetry(payload), 0);
+      const cloned = response.clone();
+      oText = await cloned.text();
+      if (oText && oText.length > config.maxOutputBytes) {
+        oText = oText.slice(0, config.maxOutputBytes);
       }
     } catch (e) { }
+    const oHash = hash(oText);
+    const isNonAdaptive = oHash && oHash === lastResponseHash;
+    const responseEvent = {
+      identity: {
+        session_id: GLOBAL_OBJ.__dropout_session_id__,
+        turn_index: turn,
+        direction: 'response',
+        turn_role: 'assistant'
+      },
+      timing: {
+        created_at: Date.now(),
+        latency_ms: latency
+      },
+      provider_context: {
+        provider,
+        model
+      },
+      content: {
+        content_raw: config.privacyMode === 'full' ? oText : null,
+        content_hash: oHash
+      },
+      metadata_flags: {
+        non_adaptive_response: isNonAdaptive ? 1 : 0,
+        turn_boundary_confirmed: 1
+      }
+    };
+    emit(responseEvent);
+    lastResponseHash = oHash;
     return response;
   };
-  global.fetch.__dropout_patched__ = true;
-})();
+  GLOBAL_OBJ.fetch.__dropout_patched__ = true;
+}
-// 11. Manual capture (combo mode)
+/**
+ * Manual capture for framework-level integration
+ */
 async function capture(target, options = {}) {
   const start = Date.now();
-  // Support dropout.capture({ prompt, response, privacy: "full" })
-  if (typeof target === 'object' && target !== null && !target.then) {
-    const { prompt, response, privacy } = target;
-    const isSafe = (privacy || 'safe') === 'safe';
-    const currentSignals = detectSignals(prompt, response);
-    const similarity = getSimilarity(lastPrompt, prompt);
-    const intentHash = getIntentHash(prompt);
-    const payload = {
-      provider: 'manual-opt-in',
-      prompt: isSafe ? undefined : prompt,
-      output: isSafe ? undefined : response,
-      latency_ms: 0,
-      timestamp: Math.floor(Date.now() / 1000),
-      session_id: sessionId,
-      turn_index: turnIndex++,
-      intent_hash: intentHash,
-      similarity_prev: similarity,
-      negative_feedback: currentSignals.negativeFeedback,
-      adaptation_request: currentSignals.adaptationRequest,
-      user_challenge: currentSignals.userChallenge,
-      capability_limitation: currentSignals.capabilityLimitation,
-      mode: 'manual'
-    };
-    lastPrompt = prompt;
-    setTimeout(() => safeSendTelemetry(payload), 0);
-    return response;
+  const turn = turnIndex++;
+  const mode = options.privacy || config.privacyMode;
+  let prompt, output, latency_ms = options.latency || 0;
+  if (typeof target === 'function' || (target && typeof target.then === 'function')) {
+    prompt = options.prompt;
+    const result = typeof target === 'function' ? await target() : await target;
+    output = typeof result === 'string' ? result : JSON.stringify(result);
+    latency_ms = Date.now() - start;
+  } else {
+    prompt = target.prompt;
+    output = target.output;
   }
-  try {
-    const result =
-      typeof target === 'function'
-        ? await target()
-        : await Promise.resolve(target);
-    const isSafe = options.privacy !== 'full';
-    const promptText = options.prompt;
-    const resultText = typeof result === 'string'
-      ? result
-      : JSON.stringify(result).slice(0, 20000);
-    const currentSignals = detectSignals(promptText, resultText);
-    const similarity = getSimilarity(lastPrompt, promptText);
-    const intentHash = getIntentHash(promptText);
-    const payload = {
-      provider: options.provider || 'manual',
-      model: options.model,
-      prompt: isSafe ? undefined : promptText,
-      output: isSafe ? undefined : resultText,
-      latency_ms: Date.now() - start,
-      timestamp: Math.floor(Date.now() / 1000),
-      session_id: sessionId,
-      turn_index: turnIndex++,
-      intent_hash: intentHash,
-      similarity_prev: similarity,
-      negative_feedback: currentSignals.negativeFeedback,
-      adaptation_request: currentSignals.adaptationRequest,
-      user_challenge: currentSignals.userChallenge,
-      capability_limitation: currentSignals.capabilityLimitation,
-      mode: 'manual'
-    };
-    lastPrompt = promptText;
-    setTimeout(() => safeSendTelemetry(payload), 0);
-    return result;
-  } catch (error) {
-    const payload = {
-      provider: options.provider || 'manual',
-      error: error?.message || String(error),
-      latency_ms: Date.now() - start,
-      timestamp: Math.floor(Date.now() / 1000),
-      mode: 'manual',
-      session_id: sessionId,
-      turn_index: turnIndex++
-    };
-    setTimeout(() => safeSendTelemetry(payload), 0);
-    throw error;
-  }
+  const pHash = hash(prompt);
+  const oHash = hash(output);
+  // Emit Request
+  emit({
+    identity: { session_id: GLOBAL_OBJ.__dropout_session_id__, turn_index: turn, direction: 'request', turn_role: 'user' },
+    timing: { created_at: Date.now() },
+    provider_context: { provider: options.provider || 'manual', model: options.model || 'unknown' },
+    content: { content_raw: mode === 'full' ? prompt : null, content_hash: pHash },
+    metadata_flags: { retry_like: pHash === lastPromptHash ? 1 : 0 }
+  });
+  // Emit Response
+  emit({
+    identity: { session_id: GLOBAL_OBJ.__dropout_session_id__, turn_index: turn, direction: 'response', turn_role: 'assistant' },
+    timing: { created_at: Date.now(), latency_ms },
+    provider_context: { provider: options.provider || 'manual', model: options.model || 'unknown' },
+    content: { content_raw: mode === 'full' ? output : null, content_hash: oHash },
+    metadata_flags: { non_adaptive_response: oHash === lastResponseHash ? 1 : 0, turn_boundary_confirmed: 1 }
+  });
+  lastPromptHash = pHash;
+  lastResponseHash = oHash;
+  return output;
 }
 module.exports = {
-  capture
+  capture,
+  reset: () => {
+    GLOBAL_OBJ.__dropout_session_id__ = generateSessionId();
+    turnIndex = 0;
+    lastPromptHash = null;
+    lastResponseHash = null;
+  }
 };