@dropout-ai/runtime 0.3.0 → 0.3.1

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@dropout-ai/runtime",
-  "version": "0.3.0",
+  "version": "0.3.1",
   "description": "Invisible Node.js runtime for capturing AI interactions.",
   "main": "src/index.js",
   "scripts": {

package/src/index.js

@@ -1,34 +1,28 @@
 /**
  * @dropout-ai/runtime
- * Role: Passive observer.
- * Behavior: Fire-and-forget raw JSON to Supabase.
- * Authentication: API Key + Project ID.
+ * Universal AI Interaction Capture for Node.js & Next.js
+ * Patches: fetch, http.request, https.request
+ * Capability: Captures Genkit, OpenAI, LangChain, Axios, and standard fetch.
  */
 
+const https = require('https');
+const http = require('http');
 const crypto = require('crypto');
 
-// --- DEFAULT CONFIGURATION ---
-const SUPABASE_FUNCTION_URL = "https://hipughmjlwmwjxzyxfzs.supabase.co/functions/v1/capture-sealed";
-
-// Global State
-const GLOBAL_OBJ = typeof window !== 'undefined' ? window : global;
-let activeConfig = {
-  projectId: null,
-  apiKey: null,
-  captureEndpoint: SUPABASE_FUNCTION_URL,
-  maxOutputBytes: 32768,
-  privacyMode: (typeof process !== 'undefined' && process.env.DROPOUT_PRIVACY_MODE) || 'full'
-};
-
-let isPatched = false;
-let turnIndex = 0;
-let lastTurnConfirmed = true;
-let lastPromptHash = null;
-let lastResponseHash = null;
-let instance = null;
+// --- CONFIGURATION ---
+const KNOWN_AI_DOMAINS = [
+  'api.openai.com',                  // OpenAI
+  'api.anthropic.com',               // Claude
+  'generativelanguage.googleapis.com', // Gemini
+  'aiplatform.googleapis.com',       // Vertex AI (Genkit often uses this)
+  'api.groq.com',                    // Groq
+  'api.mistral.ai',                  // Mistral
+  'api.cohere.ai'                    // Cohere
+];
 
-// --- UTILS ---
+const DROPOUT_INGEST_URL = "https://hipughmjlwmwjxzyxfzs.supabase.co/functions/v1/capture-sealed";
 
+// --- UTILS ---
 function generateSessionId() {
   try {
     return crypto.randomUUID();
@@ -37,195 +31,208 @@ function generateSessionId() {
   }
 }
 
-function hash(text) {
-  if (!text) return null;
-  try {
-    return crypto.createHash('sha256').update(text.toLowerCase().trim()).digest('hex');
-  } catch (e) { return 'hash_err'; }
-}
-
-function normalize(url, body) {
-  let provider = 'unknown';
-  let model = 'unknown';
-
-  if (url) {
-    const u = url.toLowerCase();
-    if (u.includes('openai.com')) provider = 'openai';
-    else if (u.includes('anthropic.com')) provider = 'anthropic';
-    else if (u.includes('google.com') || u.includes('generative')) provider = 'google';
-    else if (u.includes('groq.com')) provider = 'groq';
-    else if (u.includes('localhost') || u.includes('127.0.0.1')) provider = 'local';
-  }
-
-  if (body) {
-    try {
-      const parsed = typeof body === 'string' ? JSON.parse(body) : body;
-      model = parsed.model || model;
-      if (provider === 'unknown' && (parsed.messages || parsed.prompt || parsed.input)) {
-        provider = 'heuristic';
-      }
-    } catch (e) { }
-  }
-  return { provider, model };
-}
-
-// --- EMITTER (Authenticated) ---
-
-function emit(payload) {
-  // 1. Guard: Do not emit if not initialized
-  if (!activeConfig.apiKey || !activeConfig.projectId) return;
-
-  const fetchFn = GLOBAL_OBJ.__dropout_original_fetch__ || GLOBAL_OBJ.fetch;
-  if (typeof fetchFn !== 'function') return;
-
-  // 2. Attach Project ID to payload
-  const finalPayload = {
-    ...payload,
-    project_id: activeConfig.projectId
-  };
-
-  setTimeout(() => {
-    fetchFn(activeConfig.captureEndpoint, {
-      method: 'POST',
-      headers: {
-        'Content-Type': 'application/json',
-        'x-dropout-key': activeConfig.apiKey // <--- AUTH HEADER
-      },
-      body: JSON.stringify(finalPayload),
-      keepalive: true
-    }).catch(() => { /* Silent Fail */ });
-  }, 0);
-}
-
-// --- MONKEY PATCH ---
-
-function applyPatch() {
-  if (isPatched || !GLOBAL_OBJ.fetch) return;
-
-  GLOBAL_OBJ.__dropout_original_fetch__ = GLOBAL_OBJ.fetch;
+class Dropout {
+  constructor(config = {}) {
+    // 1. Validation
+    if (!config.apiKey || !config.projectId) {
+      console.warn("[Dropout] ⚠️ Initialization Skipped: Missing apiKey or projectId.");
+      return;
+    }
 
-  GLOBAL_OBJ.fetch = async function (input, init) {
-    const url = typeof input === 'string' ? input : (input && input.url);
+    // 2. Config Setup
+    this.config = config;
+    this.projectId = config.projectId;
+    this.apiKey = config.apiKey;
+    this.debug = config.debug || false; // Toggle this to see logs
+    this.privacy = config.privacy || 'full';
 
-    // Guard: Don't track our own calls
-    if (url && url.includes(activeConfig.captureEndpoint)) {
-      return GLOBAL_OBJ.__dropout_original_fetch__(input, init);
+    // 3. Singleton Guard (Prevent double-patching)
+    if (global.__dropout_initialized__) {
+      if (this.debug) console.log("[Dropout] ℹ️ Already initialized. Skipping patch.");
+      return;
     }
+    global.__dropout_initialized__ = true;
 
-    const isAI = url && (
-      url.includes('openai.com') ||
-      url.includes('anthropic.com') ||
-      url.includes('generative') ||
-      url.includes('groq.com') ||
-      (init && init.body && (init.body.includes('"model"') || init.body.includes('"messages"')))
-    );
-
-    if (!isAI) return GLOBAL_OBJ.__dropout_original_fetch__(input, init);
-
-    const start = Date.now();
-    let activeTurn;
-    if (lastTurnConfirmed) {
-      activeTurn = turnIndex++;
-      lastTurnConfirmed = false;
-    } else {
-      activeTurn = turnIndex > 0 ? turnIndex - 1 : 0;
+    // 4. Initialize Identity
+    if (!global.__dropout_session_id__) {
+      global.__dropout_session_id__ = generateSessionId();
     }
 
-    const { provider, model } = normalize(url, init && init.body);
-
-    // Emit Request
-    let pText = "";
-    if (init && init.body) {
-      try { pText = typeof init.body === 'string' ? init.body : JSON.stringify(init.body); } catch (e) { }
-    }
-    const pHash = hash(pText);
-
-    emit({
-      session_id: GLOBAL_OBJ.__dropout_session_id__,
-      turn_index: activeTurn,
-      direction: 'user_to_ai',
-      turn_role: 'user',
-      provider,
-      model,
-      content: activeConfig.privacyMode === 'full' ? pText : null,
-      content_hash: pHash,
-      metadata_flags: { retry_like: pHash === lastPromptHash ? 1 : 0 }
-    });
-    lastPromptHash = pHash;
-
-    // Actual Call
-    let response;
-    let oText = "";
-    try {
-      response = await GLOBAL_OBJ.__dropout_original_fetch__(input, init);
-    } catch (err) { throw err; }
-
-    const latency = Date.now() - start;
-
-    // Emit Response
-    try {
-      const cloned = response.clone();
-      oText = await cloned.text();
-      if (oText && oText.length > activeConfig.maxOutputBytes) {
-        oText = oText.slice(0, activeConfig.maxOutputBytes);
-      }
-    } catch (e) { }
-
-    const oHash = hash(oText);
-
-    emit({
-      session_id: GLOBAL_OBJ.__dropout_session_id__,
-      turn_index: activeTurn,
-      direction: 'ai_to_user',
-      turn_role: 'assistant',
-      latency_ms: latency,
-      provider,
-      model,
-      content: activeConfig.privacyMode === 'full' ? oText : null,
-      content_hash: oHash,
-      metadata_flags: {
-        non_adaptive_response: oHash === lastResponseHash ? 1 : 0,
-        turn_boundary_confirmed: 1
-      }
-    });
+    // 5. Start the Wiretap
+    if (this.debug) console.log(`[Dropout] 🟢 Initialized for Project: ${this.projectId}`);
+    this.patchNetwork();
+  }
 
-    lastResponseHash = oHash;
-    lastTurnConfirmed = true;
-    return response;
-  };
+  log(msg, ...args) {
+    if (this.debug) console.log(`[Dropout] ${msg}`, ...args);
+  }
 
-  GLOBAL_OBJ.fetch.__dropout_patched__ = true;
-  isPatched = true;
-}
+  isAiRequest(url) {
+    if (!url) return false;
+    // Guard: Infinite Loop Prevention (Don't capture our own calls)
+    if (url.includes(DROPOUT_INGEST_URL)) return false;
 
-// --- MAIN CLASS EXPORT ---
+    // Check against known AI domains
+    return KNOWN_AI_DOMAINS.some(domain => url.includes(domain));
+  }
 
-class Dropout {
-  constructor(config = {}) {
-    if (instance) {
-      return instance;
+  // --- THE CORE: UNIVERSAL PATCHING ---
+  patchNetwork() {
+    const _this = this;
+
+    // A. Patch Global Fetch (Used by OpenAI v4+, Vercel AI SDK, Next.js)
+    if (global.fetch) {
+      const originalFetch = global.fetch;
+      global.fetch = async function (input, init) {
+        const url = typeof input === 'string' ? input : input?.url;
+
+        // PASSTHROUGH: If not AI, ignore
+        if (!_this.isAiRequest(url)) {
+          return originalFetch.apply(this, arguments);
+        }
+
+        _this.log(`⚡ [FETCH] Intercepting request to: ${url}`);
+
+        // Capture Request Body
+        let reqBody = "";
+        try { if (init && init.body) reqBody = init.body; } catch (e) { }
+
+        const startTime = Date.now();
+        let response;
+
+        // Execute Original Call
+        try {
+          response = await originalFetch.apply(this, arguments);
+        } catch (e) { throw e; }
+
+        // Capture Response (Clone response stream)
+        try {
+          const cloned = response.clone();
+          const resBody = await cloned.text();
+
+          _this.emit({
+            url,
+            method: 'FETCH',
+            request: reqBody,
+            response: resBody,
+            latency: Date.now() - startTime,
+            status: response.status
+          });
+        } catch (e) { _this.log("⚠️ Error reading response body", e); }
+
+        return response;
+      };
+      this.log("✅ Patch Applied: global.fetch");
     }
 
-    if (!config.apiKey || !config.projectId) {
-      console.warn("[Dropout] Missing apiKey or projectId. Tracking disabled.");
-      return;
-    }
+    // B. Patch Node HTTPS/HTTP (Used by Axios, Google Vertex SDK, Legacy LangChain)
+    const patchNodeRequest = (module, moduleName) => {
+      const originalRequest = module.request;
+      module.request = function (...args) {
+        // Resolve URL from varied arguments
+        let url;
+        let options;
+        if (typeof args[0] === 'string') {
+          url = args[0];
+          options = args[1] || {};
+        } else {
+          options = args[0] || {};
+          const protocol = options.protocol || 'https:';
+          const host = options.hostname || options.host || 'localhost';
+          const path = options.path || '/';
+          url = `${protocol}//${host}${path}`;
+        }
+
+        // PASSTHROUGH: If not AI, ignore
+        if (!_this.isAiRequest(url)) {
+          return originalRequest.apply(this, args);
+        }
+
+        _this.log(`⚡ [${moduleName.toUpperCase()}] Intercepting request to: ${url}`);
+
+        const startTime = Date.now();
+        const clientRequest = originalRequest.apply(this, args);
+
+        // Capture Request Body (Chunks)
+        const chunks = [];
+        const originalWrite = clientRequest.write;
+        const originalEnd = clientRequest.end;
+
+        clientRequest.write = function (...writeArgs) {
+          if (writeArgs[0]) chunks.push(Buffer.from(writeArgs[0]));
+          return originalWrite.apply(this, writeArgs);
+        };
+
+        clientRequest.end = function (...endArgs) {
+          if (endArgs[0]) chunks.push(Buffer.from(endArgs[0]));
+          // Store full body on the request object for later
+          clientRequest._fullBody = Buffer.concat(chunks).toString('utf8');
+          return originalEnd.apply(this, endArgs);
+        };
+
+        // Capture Response
+        clientRequest.on('response', (res) => {
+          const resChunks = [];
+          res.on('data', (chunk) => resChunks.push(chunk));
+          res.on('end', () => {
+            const resBody = Buffer.concat(resChunks).toString('utf8');
+            _this.emit({
+              url,
+              method: moduleName.toUpperCase(),
+              request: clientRequest._fullBody,
+              response: resBody,
+              latency: Date.now() - startTime,
+              status: res.statusCode
+            });
+          });
+        });
+
+        return clientRequest;
+      };
+    };
+
+    patchNodeRequest(https, 'https');
+    patchNodeRequest(http, 'http');
+    this.log("✅ Patch Applied: http/https");
+  }
 
-    // Update Global Configuration
-    activeConfig.apiKey = config.apiKey;
-    activeConfig.projectId = config.projectId;
-    if (config.privacyMode) activeConfig.privacyMode = config.privacyMode;
+  // --- EMITTER ---
+  emit(data) {
+    // 1. Construct Payload
+    // We combine Request + Response into a single content blob for simplicity in this universal mode
+    const content = `--- REQUEST ---\n${data.request}\n\n--- RESPONSE ---\n${data.response}`;
+
+    const payload = {
+      project_id: this.projectId,
+      session_id: global.__dropout_session_id__,
+      turn_role: 'assistant', // Default to assistant for system-captured logs
+      turn_index: 0, // In universal mode, we capture raw streams
+      content_blob: this.privacy === 'full' ? content : null,
+      metadata_flags: {
+        latency: data.latency,
+        url: data.url,
+        method: data.method,
+        status: data.status,
+        captured_via: 'universal_interceptor'
+      },
+      received_at: new Date().toISOString()
+    };
 
-    // Initialize Identity
-    if (!GLOBAL_OBJ.__dropout_session_id__) {
-      GLOBAL_OBJ.__dropout_session_id__ = generateSessionId();
-    }
+    this.log(`🚀 Sending Capture to Supabase (${data.latency}ms)`);
 
-    // Apply the patch
-    applyPatch();
+    // 2. Fire and Forget (Using unpatched fetch mechanism)
+    // We use a clean http request to avoid triggering our own hooks if we used global.fetch
+    const req = https.request(DROPOUT_INGEST_URL, {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        'x-dropout-key': this.apiKey
+      }
+    });
 
-    console.log("[Dropout] Initialized for project:", config.projectId);
-    instance = this;
+    req.on('error', (e) => this.log("❌ Upload Failed", e.message));
+    req.write(JSON.stringify(payload));
+    req.end();
   }
 }