@dropout-ai/runtime 0.3.2 → 0.3.3

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@dropout-ai/runtime",
-  "version": "0.3.2",
+  "version": "0.3.3",
   "description": "Invisible Node.js runtime for capturing AI interactions.",
   "main": "src/index.js",
   "scripts": {

package/src/index.js

@@ -1,7 +1,8 @@
 /**
  * @dropout-ai/runtime
  * Universal AI Interaction Capture for Node.js & Next.js
- * Patches: fetch, http.request, https.request
+ * Role: Passive observer.
+ * Behavior: Fire-and-forget raw JSON to Supabase.
  * Capability: Captures Genkit, OpenAI, LangChain, Axios, and standard fetch.
  */
 
@@ -9,20 +10,39 @@ const https = require('https');
 const http = require('http');
 const crypto = require('crypto');
 
-// --- CONFIGURATION ---
+// --- DEFAULT CONFIGURATION ---
+const SUPABASE_FUNCTION_URL = "https://hipughmjlwmwjxzyxfzs.supabase.co/functions/v1/capture-sealed";
+
+// Known AI Domains for Auto-Detection
 const KNOWN_AI_DOMAINS = [
-  'api.openai.com',                  // OpenAI
-  'api.anthropic.com',               // Claude
-  'generativelanguage.googleapis.com', // Gemini
-  'aiplatform.googleapis.com',       // Vertex AI (Genkit often uses this)
-  'api.groq.com',                    // Groq
-  'api.mistral.ai',                  // Mistral
-  'api.cohere.ai'                    // Cohere
+  'api.openai.com', 'api.anthropic.com', 'generativelanguage.googleapis.com',
+  'aiplatform.googleapis.com', 'api.groq.com', 'api.mistral.ai', 'api.cohere.ai'
 ];
 
-const DROPOUT_INGEST_URL = "https://hipughmjlwmwjxzyxfzs.supabase.co/functions/v1/capture-sealed";
+// Global State
+const GLOBAL_OBJ = typeof window !== 'undefined' ? window : global;
+let activeConfig = {
+  projectId: null,
+  apiKey: null,
+  captureEndpoint: SUPABASE_FUNCTION_URL,
+  maxOutputBytes: 32768,
+  privacyMode: (typeof process !== 'undefined' && process.env.DROPOUT_PRIVACY_MODE) || 'full',
+  debug: false // Added debug flag
+};
+
+let isPatched = false;
+let turnIndex = 0;
+let lastTurnConfirmed = true;
+let lastPromptHash = null;
+let lastResponseHash = null;
+let instance = null;
 
 // --- UTILS ---
+
+function log(msg, ...args) {
+  if (activeConfig.debug) console.log(`[Dropout] ${msg}`, ...args);
+}
+
 function generateSessionId() {
   try {
     return crypto.randomUUID();
@@ -31,210 +51,329 @@ function generateSessionId() {
   }
 }
 
-class Dropout {
-  constructor(config = {}) {
-    // 1. Validation
-    if (!config.apiKey || !config.projectId) {
-      console.warn("[Dropout] ⚠️ Initialization Skipped: Missing apiKey or projectId.");
-      return;
-    }
+function hash(text) {
+  if (!text) return null;
+  try {
+    return crypto.createHash('sha256').update(text.toLowerCase().trim()).digest('hex');
+  } catch (e) { return 'hash_err'; }
+}
 
-    // 2. Config Setup
-    this.config = config;
-    this.projectId = config.projectId;
-    this.apiKey = config.apiKey;
-    this.debug = config.debug || false; // Toggle this to see logs
-    this.privacy = config.privacy || 'full';
+function normalize(url, body) {
+  let provider = 'custom';
+  let model = 'unknown';
+
+  if (url) {
+    const u = url.toLowerCase();
+    if (u.includes('openai')) provider = 'openai';
+    else if (u.includes('anthropic')) provider = 'anthropic';
+    else if (u.includes('google') || u.includes('generative') || u.includes('aiplatform')) provider = 'google';
+    else if (u.includes('groq')) provider = 'groq';
+    else if (u.includes('mistral')) provider = 'mistral';
+    else if (u.includes('cohere')) provider = 'cohere';
+    else if (u.includes('localhost') || u.includes('127.0.0.1')) provider = 'local';
+  }
 
-    // 3. Singleton Guard (Prevent double-patching)
-    if (global.__dropout_initialized__) {
-      if (this.debug) console.log("[Dropout] ℹ️ Already initialized. Skipping patch.");
-      return;
-    }
-    global.__dropout_initialized__ = true;
+  if (body) {
+    try {
+      const parsed = typeof body === 'string' ? JSON.parse(body) : body;
+      if (parsed.model) model = parsed.model;
+    } catch (e) { }
+  }
+  return { provider, model };
+}
 
-    // 4. Initialize Identity
-    if (!global.__dropout_session_id__) {
-      global.__dropout_session_id__ = generateSessionId();
-    }
+function isAiRequest(url, bodyString) {
+  if (!url) return false;
+  // Guard: Infinite Loop Prevention
+  if (url.includes(activeConfig.captureEndpoint)) return false;
 
-    // 5. Start the Wiretap
-    if (this.debug) console.log(`[Dropout] 🟢 Initialized for Project: ${this.projectId}`);
-    this.patchNetwork();
-  }
+  // 1. Check Known Domains
+  if (KNOWN_AI_DOMAINS.some(d => url.includes(d))) return true;
 
-  log(msg, ...args) {
-    if (this.debug) console.log(`[Dropout] ${msg}`, ...args);
+  // 2. Heuristic Check (for custom endpoints)
+  if (bodyString) {
+    return (bodyString.includes('"model"') || bodyString.includes('"messages"')) &&
+      (bodyString.includes('"user"') || bodyString.includes('"prompt"'));
   }
+  return false;
+}
 
-  isAiRequest(url) {
-    if (!url) return false;
-    // Guard: Infinite Loop Prevention (Don't capture our own calls)
-    if (url.includes(DROPOUT_INGEST_URL)) return false;
+// --- EMITTER (Authenticated) ---
 
-    // Check against known AI domains
-    return KNOWN_AI_DOMAINS.some(domain => url.includes(domain));
-  }
+function emit(payload) {
+  // 1. Guard: Do not emit if not initialized
+  if (!activeConfig.apiKey || !activeConfig.projectId) return;
 
-  // --- THE CORE: UNIVERSAL PATCHING ---
-  patchNetwork() {
-    const _this = this;
+  // 2. Construct Final Payload
+  const finalPayload = {
+    ...payload,
+    project_id: activeConfig.projectId,
 
-    // A. Patch Global Fetch (Used by OpenAI v4+, Vercel AI SDK, Next.js)
-    if (global.fetch) {
-      const originalFetch = global.fetch;
-      global.fetch = async function (input, init) {
-        const url = typeof input === 'string' ? input : input?.url;
+    // ✅ Ensure these columns are always populated for the DB
+    content_blob: payload.content, // Map content to blob
+    received_at: new Date().toISOString()
+  };
 
-        // PASSTHROUGH: If not AI, ignore
-        if (!_this.isAiRequest(url)) {
-          return originalFetch.apply(this, arguments);
-        }
+  log(`🚀 Sending Capture (${payload.turn_role})`);
 
-        _this.log(`⚡ [FETCH] Intercepting request to: ${url}`);
+  // 3. Fire and Forget using HTTPS (Bypassing our own patches)
+  const req = https.request(activeConfig.captureEndpoint, {
+    method: 'POST',
+    headers: {
+      'Content-Type': 'application/json',
+      'x-dropout-key': activeConfig.apiKey
+    }
+  });
 
-        // Capture Request Body
-        let reqBody = "";
-        try { if (init && init.body) reqBody = init.body; } catch (e) { }
+  req.on('error', (e) => log("❌ Upload Failed", e.message));
+  req.write(JSON.stringify(finalPayload));
+  req.end();
+}
+
+// --- MONKEY PATCH ---
 
-        const startTime = Date.now();
-        let response;
+function applyPatch() {
+  if (isPatched) return;
 
-        // Execute Original Call
-        try {
-          response = await originalFetch.apply(this, arguments);
-        } catch (e) { throw e; }
+  // --- A. PATCH FETCH (Next.js / OpenAI) ---
+  if (GLOBAL_OBJ.fetch) {
+    GLOBAL_OBJ.__dropout_original_fetch__ = GLOBAL_OBJ.fetch;
+    GLOBAL_OBJ.fetch = async function (input, init) {
+      const url = typeof input === 'string' ? input : (input && input.url);
 
-        // Capture Response (Clone response stream)
-        try {
-          const cloned = response.clone();
-          const resBody = await cloned.text();
+      // Check body string safely
+      let bodyStr = "";
+      if (init && init.body) {
+        try { bodyStr = typeof init.body === 'string' ? init.body : JSON.stringify(init.body); } catch (e) { }
+      }
 
-          _this.emit({
-            url,
-            method: 'FETCH',
-            request: reqBody,
-            response: resBody,
-            latency: Date.now() - startTime,
+      // Guard
+      if (!isAiRequest(url, bodyStr)) {
+        return GLOBAL_OBJ.__dropout_original_fetch__(input, init);
+      }
+
+      log(`⚡ [FETCH] Intercepting: ${url}`);
+
+      const start = Date.now();
+
+      // Calculate Turn
+      let activeTurn;
+      if (lastTurnConfirmed) {
+        activeTurn = turnIndex++;
+        lastTurnConfirmed = false;
+      } else {
+        activeTurn = turnIndex > 0 ? turnIndex - 1 : 0;
+      }
+
+      const { provider, model } = normalize(url, bodyStr);
+      const pHash = hash(bodyStr);
+
+      // Emit Request (User)
+      emit({
+        session_id: GLOBAL_OBJ.__dropout_session_id__,
+        turn_index: activeTurn,
+        direction: 'user_to_ai',
+        turn_role: 'user',
+        provider,
+        model,
+        content: activeConfig.privacyMode === 'full' ? bodyStr : null,
+        content_hash: pHash,
+        metadata_flags: {
+          retry_like: pHash === lastPromptHash ? 1 : 0,
+          method: 'FETCH',
+          url: url
+        }
+      });
+      lastPromptHash = pHash;
+
+      // Actual Call
+      let response;
+      try {
+        response = await GLOBAL_OBJ.__dropout_original_fetch__(input, init);
+      } catch (err) { throw err; }
+
+      const latency = Date.now() - start;
+
+      // Emit Response (Assistant)
+      try {
+        const cloned = response.clone();
+        const oText = await cloned.text();
+        const oHash = hash(oText);
+
+        emit({
+          session_id: GLOBAL_OBJ.__dropout_session_id__,
+          turn_index: activeTurn,
+          direction: 'ai_to_user',
+          turn_role: 'assistant',
+          latency_ms: latency,
+          provider,
+          model,
+          content: activeConfig.privacyMode === 'full' ? oText : null,
+          content_hash: oHash,
+          metadata_flags: {
+            non_adaptive_response: oHash === lastResponseHash ? 1 : 0,
+            turn_boundary_confirmed: 1,
             status: response.status
-          });
-        } catch (e) { _this.log("⚠️ Error reading response body", e); }
+          }
+        });
+        lastResponseHash = oHash;
+      } catch (e) { log("⚠️ Failed to read response body"); }
 
-        return response;
+      lastTurnConfirmed = true;
+      return response;
+    };
+    log("✅ Patch Applied: global.fetch");
+  }
+
+  // --- B. PATCH HTTP/HTTPS (Axios / Genkit / Node SDKs) ---
+  const patchNodeRequest = (module, moduleName) => {
+    const originalRequest = module.request;
+    module.request = function (...args) {
+      // Resolve URL
+      let url;
+      let options;
+      if (typeof args[0] === 'string') {
+        url = args[0];
+        options = args[1] || {};
+      } else {
+        options = args[0] || {};
+        const protocol = options.protocol || 'https:';
+        const host = options.hostname || options.host || 'localhost';
+        const path = options.path || '/';
+        url = `${protocol}//${host}${path}`;
+      }
+
+      // We can't check body here yet, so we rely on URL
+      if (!isAiRequest(url, null)) {
+        return originalRequest.apply(this, args);
+      }
+
+      log(`⚡ [${moduleName.toUpperCase()}] Intercepting: ${url}`);
+
+      const start = Date.now();
+      const clientRequest = originalRequest.apply(this, args);
+
+      // Capture Request Body
+      const reqChunks = [];
+      const originalWrite = clientRequest.write;
+      const originalEnd = clientRequest.end;
+
+      clientRequest.write = function (...writeArgs) {
+        if (writeArgs[0]) reqChunks.push(Buffer.from(writeArgs[0]));
+        return originalWrite.apply(this, writeArgs);
       };
-      this.log("✅ Patch Applied: global.fetch");
-    }
 
-    // B. Patch Node HTTPS/HTTP (Used by Axios, Google Vertex SDK, Legacy LangChain)
-    const patchNodeRequest = (module, moduleName) => {
-      const originalRequest = module.request;
-      module.request = function (...args) {
-        // Resolve URL from varied arguments
-        let url;
-        let options;
-        if (typeof args[0] === 'string') {
-          url = args[0];
-          options = args[1] || {};
+      clientRequest.end = function (...endArgs) {
+        if (endArgs[0]) reqChunks.push(Buffer.from(endArgs[0]));
+
+        // Request Complete - Emit User Turn
+        const reqBody = Buffer.concat(reqChunks).toString('utf8');
+        const { provider, model } = normalize(url, reqBody);
+        const pHash = hash(reqBody);
+
+        let activeTurn;
+        if (lastTurnConfirmed) {
+          activeTurn = turnIndex++;
+          lastTurnConfirmed = false;
         } else {
-          options = args[0] || {};
-          const protocol = options.protocol || 'https:';
-          const host = options.hostname || options.host || 'localhost';
-          const path = options.path || '/';
-          url = `${protocol}//${host}${path}`;
+          activeTurn = turnIndex > 0 ? turnIndex - 1 : 0;
         }
 
-        // PASSTHROUGH: If not AI, ignore
-        if (!_this.isAiRequest(url)) {
-          return originalRequest.apply(this, args);
-        }
+        // Save state on request object for response handler
+        clientRequest._dropout_turn = activeTurn;
+        clientRequest._dropout_provider = provider;
+        clientRequest._dropout_model = model;
+
+        emit({
+          session_id: GLOBAL_OBJ.__dropout_session_id__,
+          turn_index: activeTurn,
+          direction: 'user_to_ai',
+          turn_role: 'user',
+          provider,
+          model,
+          content: activeConfig.privacyMode === 'full' ? reqBody : null,
+          content_hash: pHash,
+          metadata_flags: { method: moduleName.toUpperCase(), url: url }
+        });
+        lastPromptHash = pHash;
+
+        return originalEnd.apply(this, endArgs);
+      };
 
-        _this.log(`⚡ [${moduleName.toUpperCase()}] Intercepting request to: ${url}`);
-
-        const startTime = Date.now();
-        const clientRequest = originalRequest.apply(this, args);
-
-        // Capture Request Body (Chunks)
-        const chunks = [];
-        const originalWrite = clientRequest.write;
-        const originalEnd = clientRequest.end;
-
-        clientRequest.write = function (...writeArgs) {
-          if (writeArgs[0]) chunks.push(Buffer.from(writeArgs[0]));
-          return originalWrite.apply(this, writeArgs);
-        };
-
-        clientRequest.end = function (...endArgs) {
-          if (endArgs[0]) chunks.push(Buffer.from(endArgs[0]));
-          // Store full body on the request object for later
-          clientRequest._fullBody = Buffer.concat(chunks).toString('utf8');
-          return originalEnd.apply(this, endArgs);
-        };
-
-        // Capture Response
-        clientRequest.on('response', (res) => {
-          const resChunks = [];
-          res.on('data', (chunk) => resChunks.push(chunk));
-          res.on('end', () => {
-            const resBody = Buffer.concat(resChunks).toString('utf8');
-            _this.emit({
-              url,
-              method: moduleName.toUpperCase(),
-              request: clientRequest._fullBody,
-              response: resBody,
-              latency: Date.now() - startTime,
-              status: res.statusCode
-            });
+      // Capture Response
+      clientRequest.on('response', (res) => {
+        const resChunks = [];
+        res.on('data', (chunk) => resChunks.push(chunk));
+        res.on('end', () => {
+          const resBody = Buffer.concat(resChunks).toString('utf8');
+          const latency = Date.now() - start;
+          const oHash = hash(resBody);
+
+          emit({
+            session_id: GLOBAL_OBJ.__dropout_session_id__,
+            turn_index: clientRequest._dropout_turn || 0,
+            direction: 'ai_to_user',
+            turn_role: 'assistant',
+            latency_ms: latency,
+            provider: clientRequest._dropout_provider,
+            model: clientRequest._dropout_model,
+            content: activeConfig.privacyMode === 'full' ? resBody : null,
+            content_hash: oHash,
+            metadata_flags: { status: res.statusCode }
           });
+
+          lastResponseHash = oHash;
+          lastTurnConfirmed = true;
         });
+      });
 
-        return clientRequest;
-      };
+      return clientRequest;
     };
+  };
 
-    patchNodeRequest(https, 'https');
-    patchNodeRequest(http, 'http');
-    this.log("✅ Patch Applied: http/https");
-  }
+  patchNodeRequest(https, 'https');
+  patchNodeRequest(http, 'http');
+  log("✅ Patch Applied: http/https");
 
-  // --- EMITTER ---
-  emit(data) {
-    // 1. Construct Payload
-    // We combine Request + Response into a single content blob for simplicity in this universal mode
-    const content = `--- REQUEST ---\n${data.request}\n\n--- RESPONSE ---\n${data.response}`;
-
-    const payload = {
-      project_id: this.projectId,
-      session_id: global.__dropout_session_id__,
-      turn_role: 'assistant', // Default to assistant for system-captured logs
-      turn_index: 0, // In universal mode, we capture raw streams
-      //content_blob: this.privacy === 'full' ? content : null,
-      content: this.privacy === 'full' ? content : null,
-      metadata_flags: {
-        latency: data.latency,
-        url: data.url,
-        method: data.method,
-        status: data.status,
-        captured_via: 'universal_interceptor'
-      },
-      received_at: new Date().toISOString()
-    };
+  isPatched = true;
+}
 
-    this.log(`🚀 Sending Capture to Supabase (${data.latency}ms)`);
+// --- MAIN CLASS EXPORT ---
 
-    // 2. Fire and Forget (Using unpatched fetch mechanism)
-    // We use a clean http request to avoid triggering our own hooks if we used global.fetch
-    const req = https.request(DROPOUT_INGEST_URL, {
-      method: 'POST',
-      headers: {
-        'Content-Type': 'application/json',
-        'x-dropout-key': this.apiKey
-      }
-    });
+class Dropout {
+  constructor(config = {}) {
+    if (instance) return instance;
 
-    req.on('error', (e) => this.log("❌ Upload Failed", e.message));
-    req.write(JSON.stringify(payload));
-    req.end();
+    if (!config.apiKey || !config.projectId) {
+      console.warn("[Dropout] Missing apiKey or projectId. Tracking disabled.");
+      return;
+    }
+
+    // Update Global Configuration
+    activeConfig.apiKey = config.apiKey;
+    activeConfig.projectId = config.projectId;
+    if (config.privacyMode) activeConfig.privacyMode = config.privacyMode;
+    activeConfig.debug = config.debug || false;
+
+    // Initialize Identity
+    if (!GLOBAL_OBJ.__dropout_session_id__) {
+      GLOBAL_OBJ.__dropout_session_id__ = generateSessionId();
+    }
+
+    // Apply the patch
+    if (activeConfig.debug) console.log(`[Dropout] 🟢 Initialized for Project: ${config.projectId}`);
+    applyPatch();
+    instance = this;
   }
 }
 
+// Auto-Start
+if (process.env.DROPOUT_PROJECT_ID && process.env.DROPOUT_API_KEY) {
+  new Dropout({
+    projectId: process.env.DROPOUT_PROJECT_ID,
+    apiKey: process.env.DROPOUT_API_KEY,
+    debug: process.env.DROPOUT_DEBUG === 'true'
+  });
+}
+
 module.exports = Dropout;