@glasstrace/sdk 0.4.1 → 0.7.0

package/dist/cli/mcp-add.js

@@ -6,10 +6,10 @@ import {
   scaffoldMcpMarker,
   updateGitignore,
   writeMcpConfig
-} from "../chunk-STECO33B.js";
+} from "../chunk-PLJVIWHN.js";
 import {
   readAnonKey
-} from "../chunk-EC5IINUT.js";
+} from "../chunk-QW6W4CSA.js";
 import "../chunk-PZ5AY32C.js";
 
 // src/cli/mcp-add.ts

package/dist/index.cjs

@@ -1617,6 +1617,7 @@ var src_exports = {};
 __export(src_exports, {
   GlasstraceExporter: () => GlasstraceExporter,
   GlasstraceSpanProcessor: () => GlasstraceSpanProcessor,
+  PRESIGNED_THRESHOLD_BYTES: () => PRESIGNED_THRESHOLD_BYTES,
   SdkError: () => SdkError,
   SessionManager: () => SessionManager,
   buildImportGraph: () => buildImportGraph,
@@ -1644,6 +1645,8 @@ __export(src_exports, {
   saveCachedConfig: () => saveCachedConfig,
   sendInitRequest: () => sendInitRequest,
   uploadSourceMaps: () => uploadSourceMaps,
+  uploadSourceMapsAuto: () => uploadSourceMapsAuto,
+  uploadSourceMapsPresigned: () => uploadSourceMapsPresigned,
   withGlasstraceConfig: () => withGlasstraceConfig
 });
 module.exports = __toCommonJS(src_exports);
@@ -15556,7 +15559,12 @@ var SdkInitResponseSchema = external_exports.object({
   linkedAccountId: external_exports.string().uuid().optional(),
   minimumSdkVersion: external_exports.string(),
   apiVersion: external_exports.string(),
-  tierLimits: TierLimitsSchema
+  tierLimits: TierLimitsSchema,
+  claimResult: external_exports.object({
+    newApiKey: DevApiKeySchema,
+    accountId: external_exports.string().uuid(),
+    graceExpiresAt: external_exports.number().int().positive()
+  }).optional()
 });
 var DiscoveryResponseSchema = external_exports.object({
   key: AnonApiKeySchema,
@@ -15568,6 +15576,45 @@ var SourceMapUploadResponseSchema = external_exports.object({
   fileCount: external_exports.number().int().nonnegative(),
   totalSizeBytes: external_exports.number().int().nonnegative()
 });
+var PresignedUploadRequestSchema = external_exports.object({
+  buildHash: BuildHashSchema,
+  files: external_exports.array(
+    external_exports.object({
+      filePath: external_exports.string().min(1),
+      sizeBytes: external_exports.number().int().positive()
+    })
+  ).min(1).max(100)
+});
+var PresignedUploadResponseSchema = external_exports.object({
+  uploadId: external_exports.string().uuid(),
+  expiresAt: external_exports.number().int().positive(),
+  files: external_exports.array(
+    external_exports.object({
+      filePath: external_exports.string().min(1),
+      clientToken: external_exports.string().min(1),
+      pathname: external_exports.string().min(1),
+      maxBytes: external_exports.number().int().positive()
+    })
+  ).min(1).max(100)
+});
+var SourceMapManifestRequestSchema = external_exports.object({
+  uploadId: external_exports.string().uuid(),
+  buildHash: BuildHashSchema,
+  files: external_exports.array(
+    external_exports.object({
+      filePath: external_exports.string().min(1),
+      sizeBytes: external_exports.number().int().positive(),
+      blobUrl: external_exports.string().url()
+    })
+  ).min(1).max(100)
+});
+var SourceMapManifestResponseSchema = external_exports.object({
+  success: external_exports.literal(true),
+  buildHash: BuildHashSchema,
+  fileCount: external_exports.number().int().nonnegative(),
+  totalSizeBytes: external_exports.number().int().nonnegative(),
+  activatedAt: external_exports.number().int().positive()
+});
 var GLASSTRACE_ATTRIBUTE_NAMES = {
   // Server-side attributes
   TRACE_TYPE: "glasstrace.trace.type",
@@ -15741,15 +15788,28 @@ async function getOrCreateAnonKey(projectRoot) {
   const newKey = createAnonApiKey();
   try {
     await (0, import_promises.mkdir)(dirPath, { recursive: true, mode: 448 });
-    await (0, import_promises.writeFile)(keyPath, newKey, "utf-8");
-    await (0, import_promises.chmod)(keyPath, 384);
+    await (0, import_promises.writeFile)(keyPath, newKey, { flag: "wx", mode: 384 });
+    return newKey;
   } catch (err) {
+    const code = err.code;
+    if (code === "EEXIST") {
+      const winnerKey = await readAnonKey(root);
+      if (winnerKey !== null) {
+        return winnerKey;
+      }
+      try {
+        await (0, import_promises.writeFile)(keyPath, newKey, { mode: 384 });
+        await (0, import_promises.chmod)(keyPath, 384);
+        return newKey;
+      } catch {
+      }
+    }
     ephemeralKeyCache.set(root, newKey);
     console.warn(
       `[glasstrace] Failed to persist anonymous key to ${keyPath}: ${err instanceof Error ? err.message : String(err)}. Using ephemeral key.`
     );
+    return newKey;
   }
-  return newKey;
 }
 
 // src/init-client.ts
@@ -15851,13 +15911,13 @@ async function sendInitRequest(config2, anonKey, sdkVersion, importGraph, health
 async function performInit(config2, anonKey, sdkVersion) {
   if (rateLimitBackoff) {
     rateLimitBackoff = false;
-    return;
+    return null;
   }
   try {
     const effectiveKey = config2.apiKey || anonKey;
     if (!effectiveKey) {
       console.warn("[glasstrace] No API key available for init request.");
-      return;
+      return null;
     }
     const controller = new AbortController();
     const timeoutId = setTimeout(() => controller.abort(), INIT_TIMEOUT_MS);
@@ -15874,45 +15934,61 @@ async function performInit(config2, anonKey, sdkVersion) {
       clearTimeout(timeoutId);
       currentConfig = result;
       await saveCachedConfig(result);
+      if (result.claimResult) {
+        try {
+          process.stderr.write(
+            `[glasstrace] Account claimed! Update GLASSTRACE_API_KEY=${result.claimResult.newApiKey} in your .env file.
+`
+          );
+        } catch (logErr) {
+          console.warn(
+            `[glasstrace] Failed to write claim migration message: ${logErr instanceof Error ? logErr.message : String(logErr)}`
+          );
+        }
+        return { claimResult: result.claimResult };
+      }
+      return null;
     } catch (err) {
       clearTimeout(timeoutId);
       if (err instanceof DOMException && err.name === "AbortError") {
         console.warn("[glasstrace] ingestion_unreachable: Init request timed out.");
-        return;
+        return null;
       }
       const status = err.status;
       if (status === 401) {
         console.warn(
           "[glasstrace] ingestion_auth_failed: Check your GLASSTRACE_API_KEY."
         );
-        return;
+        return null;
       }
       if (status === 429) {
         console.warn("[glasstrace] ingestion_rate_limited: Backing off.");
         rateLimitBackoff = true;
-        return;
+        return null;
       }
       if (typeof status === "number" && status >= 400) {
         console.warn(
           `[glasstrace] Init request failed with status ${status}. Using cached config.`
         );
-        return;
+        return null;
       }
       if (err instanceof Error && err.name === "ZodError") {
         console.warn(
           "[glasstrace] Init response failed validation (schema version mismatch?). Using cached config."
         );
-        return;
+        return null;
       }
       console.warn(
         `[glasstrace] ingestion_unreachable: ${err instanceof Error ? err.message : String(err)}`
       );
+      return null;
     }
   } catch (err) {
     console.warn(
       `[glasstrace] Unexpected init error: ${err instanceof Error ? err.message : String(err)}`
     );
   }
+  return null;
 }
 function getActiveConfig() {
   if (currentConfig) {
@@ -16023,9 +16099,13 @@ var GlasstraceExporter = class {
    * Enriches a ReadableSpan with all glasstrace.* attributes.
    * Returns a new ReadableSpan wrapper; the original span is not mutated.
    *
-   * External function calls (getSessionId, deriveErrorCategory,
-   * deriveOrmProvider, classifyFetchTarget) are individually guarded so a
-   * failure in one does not prevent the remaining attributes from being set.
+   * Only {@link SessionManager.getSessionId} is individually guarded because
+   * it calls into crypto and schema validation — a session ID failure should
+   * not prevent the rest of enrichment. The other helper calls
+   * ({@link deriveErrorCategory}, {@link deriveOrmProvider},
+   * {@link classifyFetchTarget}) are pure functions on typed string inputs
+   * and rely on the outer catch for any unexpected failure.
+   *
    * On total failure, returns the original span unchanged.
    */
   enrichSpan(span) {
@@ -16068,44 +16148,39 @@ var GlasstraceExporter = class {
         }
       }
       const errorMessage = attrs["exception.message"];
-      if (errorMessage) {
+      if (typeof errorMessage === "string") {
         extra[ATTR.ERROR_MESSAGE] = errorMessage;
       }
-      try {
-        const errorType = attrs["exception.type"];
-        if (errorType) {
-          extra[ATTR.ERROR_CODE] = errorType;
-          extra[ATTR.ERROR_CATEGORY] = deriveErrorCategory(errorType);
-        }
-      } catch {
+      const errorType = attrs["exception.type"];
+      if (typeof errorType === "string") {
+        extra[ATTR.ERROR_CODE] = errorType;
+        extra[ATTR.ERROR_CATEGORY] = deriveErrorCategory(errorType);
       }
       const errorField = attrs["error.field"];
-      if (errorField) {
+      if (typeof errorField === "string") {
         extra[ATTR.ERROR_FIELD] = errorField;
       }
-      try {
-        const spanAny = span;
-        const instrumentationName = spanAny.instrumentationScope?.name ?? spanAny.instrumentationLibrary?.name ?? "";
-        const ormProvider = deriveOrmProvider(instrumentationName);
-        if (ormProvider) {
-          extra[ATTR.ORM_PROVIDER] = ormProvider;
-          const model = attrs["db.sql.table"] ?? attrs["db.prisma.model"];
-          if (model) {
-            extra[ATTR.ORM_MODEL] = model;
-          }
-          const operation = attrs["db.operation"];
-          if (operation) {
-            extra[ATTR.ORM_OPERATION] = operation;
-          }
+      const spanAny = span;
+      const instrumentationName = spanAny.instrumentationScope?.name ?? spanAny.instrumentationLibrary?.name ?? "";
+      const ormProvider = deriveOrmProvider(instrumentationName);
+      if (ormProvider) {
+        extra[ATTR.ORM_PROVIDER] = ormProvider;
+        const table = attrs["db.sql.table"];
+        const prismaModel = attrs["db.prisma.model"];
+        const model = typeof table === "string" ? table : typeof prismaModel === "string" ? prismaModel : void 0;
+        if (model) {
+          extra[ATTR.ORM_MODEL] = model;
         }
-      } catch {
-      }
-      try {
-        const url2 = attrs["http.url"] ?? attrs["url.full"];
-        if (url2 && span.kind === SpanKind.CLIENT) {
-          extra[ATTR.FETCH_TARGET] = classifyFetchTarget(url2);
+        const operation = attrs["db.operation"];
+        if (typeof operation === "string") {
+          extra[ATTR.ORM_OPERATION] = operation;
         }
-      } catch {
+      }
+      const httpUrl2 = attrs["http.url"];
+      const fullUrl = attrs["url.full"];
+      const url2 = typeof httpUrl2 === "string" ? httpUrl2 : typeof fullUrl === "string" ? fullUrl : void 0;
+      if (url2 && span.kind === SpanKind.CLIENT) {
+        extra[ATTR.FETCH_TARGET] = classifyFetchTarget(url2);
       }
       return createEnrichedSpan(span, extra);
     } catch {
@@ -19054,6 +19129,14 @@ async function installConsoleCapture() {
     }
   };
 }
+function sdkLog(level, message) {
+  isGlasstraceLog = true;
+  try {
+    console[level](message);
+  } finally {
+    isGlasstraceLog = false;
+  }
+}
 
 // src/register.ts
 var consoleCaptureInstalled = false;
@@ -19143,7 +19226,11 @@ function registerGlasstrace(options) {
             if (config2.verbose) {
               console.info("[glasstrace] Background init firing.");
             }
-            await performInit(config2, anonKey, "0.4.1");
+            const initResult = await performInit(config2, anonKey, "0.7.0");
+            if (initResult?.claimResult) {
+              setResolvedApiKey(initResult.claimResult.newApiKey);
+              notifyApiKeyResolved();
+            }
             maybeInstallConsoleCapture();
           } catch (err) {
             console.warn(
@@ -19163,7 +19250,11 @@ function registerGlasstrace(options) {
             if (config2.verbose) {
               console.info("[glasstrace] Background init firing.");
             }
-            await performInit(config2, anonKey, "0.4.1");
+            const initResult = await performInit(config2, anonKey, "0.7.0");
+            if (initResult?.claimResult) {
+              setResolvedApiKey(initResult.claimResult.newApiKey);
+              notifyApiKeyResolved();
+            }
             maybeInstallConsoleCapture();
           } catch (err) {
             console.warn(
@@ -19185,7 +19276,7 @@ function registerGlasstrace(options) {
           if (config2.verbose) {
             console.info("[glasstrace] Background init firing.");
           }
-          await performInit(config2, anonKeyForInit, "0.4.1");
+          await performInit(config2, anonKeyForInit, "0.7.0");
           maybeInstallConsoleCapture();
         } catch (err) {
           console.warn(
@@ -19284,10 +19375,7 @@ async function uploadSourceMaps(apiKey, endpoint, buildHash, maps) {
       sourceMap: m.content
     }))
   };
-  let baseUrl = endpoint;
-  while (baseUrl.endsWith("/")) {
-    baseUrl = baseUrl.slice(0, -1);
-  }
+  const baseUrl = stripTrailingSlashes(endpoint);
   const response = await fetch(`${baseUrl}/v1/source-maps`, {
     method: "POST",
     headers: {
@@ -19308,6 +19396,155 @@ async function uploadSourceMaps(apiKey, endpoint, buildHash, maps) {
   const json2 = await response.json();
   return SourceMapUploadResponseSchema.parse(json2);
 }
+var PRESIGNED_THRESHOLD_BYTES = 45e5;
+function stripTrailingSlashes(url2) {
+  let result = url2;
+  while (result.endsWith("/")) {
+    result = result.slice(0, -1);
+  }
+  return result;
+}
+async function requestPresignedTokens(apiKey, endpoint, buildHash, files) {
+  const baseUrl = stripTrailingSlashes(endpoint);
+  const response = await fetch(`${baseUrl}/v1/source-maps/presign`, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json",
+      Authorization: `Bearer ${apiKey}`
+    },
+    body: JSON.stringify({ buildHash, files })
+  });
+  if (!response.ok) {
+    try {
+      await response.text();
+    } catch {
+    }
+    throw new Error(
+      `Presigned token request failed: ${String(response.status)} ${response.statusText}`
+    );
+  }
+  const json2 = await response.json();
+  return PresignedUploadResponseSchema.parse(json2);
+}
+async function uploadToBlob(clientToken, pathname, content) {
+  let mod;
+  try {
+    mod = await import("@vercel/blob/client");
+  } catch (err) {
+    const code = err.code;
+    if (code === "ERR_MODULE_NOT_FOUND" || code === "MODULE_NOT_FOUND") {
+      throw new Error(
+        "Presigned upload requires @vercel/blob. Install it: npm install @vercel/blob"
+      );
+    }
+    throw err;
+  }
+  const result = await mod.put(pathname, new Blob([content]), {
+    access: "public",
+    token: clientToken
+  });
+  return { url: result.url, size: Buffer.byteLength(content, "utf-8") };
+}
+async function submitManifest(apiKey, endpoint, uploadId, buildHash, files) {
+  const baseUrl = stripTrailingSlashes(endpoint);
+  const response = await fetch(`${baseUrl}/v1/source-maps/manifest`, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json",
+      Authorization: `Bearer ${apiKey}`
+    },
+    body: JSON.stringify({ uploadId, buildHash, files })
+  });
+  if (!response.ok) {
+    try {
+      await response.text();
+    } catch {
+    }
+    throw new Error(
+      `Source map manifest submission failed: ${String(response.status)} ${response.statusText}`
+    );
+  }
+  const json2 = await response.json();
+  return SourceMapManifestResponseSchema.parse(json2);
+}
+async function uploadSourceMapsPresigned(apiKey, endpoint, buildHash, maps, blobUploader = uploadToBlob) {
+  if (maps.length === 0) {
+    throw new Error("No source maps to upload");
+  }
+  const presigned = await requestPresignedTokens(
+    apiKey,
+    endpoint,
+    buildHash,
+    maps.map((m) => ({
+      filePath: m.filePath,
+      sizeBytes: Buffer.byteLength(m.content, "utf-8")
+    }))
+  );
+  const mapsByPath = new Map(maps.map((m) => [m.filePath, m]));
+  if (mapsByPath.size !== maps.length) {
+    throw new Error("Duplicate filePath entries in source maps");
+  }
+  for (const token of presigned.files) {
+    if (!mapsByPath.has(token.filePath)) {
+      throw new Error(
+        `Presigned token for "${token.filePath}" has no matching source map entry`
+      );
+    }
+  }
+  const CONCURRENCY = 5;
+  const uploadResults = [];
+  for (let i = 0; i < presigned.files.length; i += CONCURRENCY) {
+    const chunk = presigned.files.slice(i, i + CONCURRENCY);
+    const chunkResults = await Promise.all(
+      chunk.map(async (token) => {
+        const entry = mapsByPath.get(token.filePath);
+        const result = await blobUploader(token.clientToken, token.pathname, entry.content);
+        return {
+          filePath: token.filePath,
+          sizeBytes: result.size,
+          blobUrl: result.url
+        };
+      })
+    );
+    uploadResults.push(...chunkResults);
+  }
+  return submitManifest(apiKey, endpoint, presigned.uploadId, buildHash, uploadResults);
+}
+async function uploadSourceMapsAuto(apiKey, endpoint, buildHash, maps, options) {
+  if (maps.length === 0) {
+    throw new Error("No source maps to upload");
+  }
+  const totalBytes = maps.reduce(
+    (sum, m) => sum + Buffer.byteLength(m.content, "utf-8"),
+    0
+  );
+  if (totalBytes < PRESIGNED_THRESHOLD_BYTES) {
+    return uploadSourceMaps(apiKey, endpoint, buildHash, maps);
+  }
+  const checkAvailable = options?.checkBlobAvailable ?? (async () => {
+    try {
+      await import("@vercel/blob/client");
+      return true;
+    } catch {
+      return false;
+    }
+  });
+  const blobAvailable = await checkAvailable();
+  if (blobAvailable) {
+    return uploadSourceMapsPresigned(
+      apiKey,
+      endpoint,
+      buildHash,
+      maps,
+      options?.blobUploader
+    );
+  }
+  sdkLog(
+    "warn",
+    `[glasstrace] Build exceeds 4.5MB (${totalBytes} bytes). Install @vercel/blob for presigned uploads to avoid serverless body size limits. Falling back to legacy upload.`
+  );
+  return uploadSourceMaps(apiKey, endpoint, buildHash, maps);
+}
 
 // src/config-wrapper.ts
 function withGlasstraceConfig(nextConfig) {
@@ -19597,6 +19834,7 @@ async function buildImportGraph(projectRoot) {
 0 && (module.exports = {
   GlasstraceExporter,
   GlasstraceSpanProcessor,
+  PRESIGNED_THRESHOLD_BYTES,
   SdkError,
   SessionManager,
   buildImportGraph,
@@ -19624,6 +19862,8 @@ async function buildImportGraph(projectRoot) {
   saveCachedConfig,
   sendInitRequest,
   uploadSourceMaps,
+  uploadSourceMapsAuto,
+  uploadSourceMapsPresigned,
   withGlasstraceConfig
 });
 //# sourceMappingURL=index.cjs.map