npm - @glasstrace/sdk - Versions diffs - 1.1.0 → 1.1.1 - Mend

@glasstrace/sdk 1.1.0 → 1.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (59) hide show

package/dist/{chunk-KE7MCPO5.js → chunk-4EZ6JTDG.js} +2 -2
package/dist/{chunk-67RIOAXV.js → chunk-6RNBUUBR.js} +2 -2
package/dist/{chunk-DXRZKKSO.js → chunk-7SZQN6IU.js} +1 -3
package/dist/chunk-7SZQN6IU.js.map +1 -0
package/dist/{chunk-55FBXXER.js → chunk-DIM4JRXM.js} +2 -2
package/dist/{chunk-UGJ3X4CT.js → chunk-DST4UBXU.js} +2 -2
package/dist/{chunk-DO2YPMQ5.js → chunk-MXDZHFJQ.js} +23 -5
package/dist/chunk-MXDZHFJQ.js.map +1 -0
package/dist/chunk-P22UQ2OJ.js +384 -0
package/dist/chunk-P22UQ2OJ.js.map +1 -0
package/dist/{chunk-HAU66QBQ.js → chunk-P4OYPFQ5.js} +9 -9
package/dist/chunk-P4OYPFQ5.js.map +1 -0
package/dist/{chunk-TQ54WLCZ.js → chunk-X5MAXP5T.js} +2 -1
package/dist/{chunk-ZBTC5QIQ.js → chunk-Y26HJUPD.js} +9 -9
package/dist/{chunk-LU3PPAOQ.js → chunk-ZRDQ6ZKI.js} +474 -93
package/dist/chunk-ZRDQ6ZKI.js.map +1 -0
package/dist/cli/init.cjs +1118 -946
package/dist/cli/init.cjs.map +1 -1
package/dist/cli/init.js +42 -29
package/dist/cli/init.js.map +1 -1
package/dist/cli/mcp-add.cjs +243 -83
package/dist/cli/mcp-add.cjs.map +1 -1
package/dist/cli/mcp-add.d.cts +35 -4
package/dist/cli/mcp-add.d.ts +35 -4
package/dist/cli/mcp-add.js +48 -24
package/dist/cli/mcp-add.js.map +1 -1
package/dist/cli/status.cjs.map +1 -1
package/dist/cli/status.js +3 -1
package/dist/cli/status.js.map +1 -1
package/dist/cli/uninit.cjs +4 -4
package/dist/cli/uninit.cjs.map +1 -1
package/dist/cli/uninit.js +4 -4
package/dist/edge-entry.js +2 -2
package/dist/index.cjs +293 -11
package/dist/index.cjs.map +1 -1
package/dist/index.js +5 -5
package/dist/{monorepo-N5Z63XP7.js → monorepo-GSL6JD3G.js} +5 -3
package/dist/node-entry.cjs +293 -11
package/dist/node-entry.cjs.map +1 -1
package/dist/node-entry.js +7 -7
package/dist/node-subpath.js +3 -3
package/dist/{source-map-uploader-BJIXRLJ6.js → source-map-uploader-DPUUCLNW.js} +3 -3
package/package.json +1 -1
package/dist/chunk-DO2YPMQ5.js.map +0 -1
package/dist/chunk-DXRZKKSO.js.map +0 -1
package/dist/chunk-HAU66QBQ.js.map +0 -1
package/dist/chunk-IP4NMDJK.js +0 -98
package/dist/chunk-IP4NMDJK.js.map +0 -1
package/dist/chunk-LU3PPAOQ.js.map +0 -1
package/dist/chunk-O63DJKIJ.js +0 -460
package/dist/chunk-O63DJKIJ.js.map +0 -1
/package/dist/{chunk-KE7MCPO5.js.map → chunk-4EZ6JTDG.js.map} +0 -0
/package/dist/{chunk-67RIOAXV.js.map → chunk-6RNBUUBR.js.map} +0 -0
/package/dist/{chunk-55FBXXER.js.map → chunk-DIM4JRXM.js.map} +0 -0
/package/dist/{chunk-UGJ3X4CT.js.map → chunk-DST4UBXU.js.map} +0 -0
/package/dist/{chunk-TQ54WLCZ.js.map → chunk-X5MAXP5T.js.map} +0 -0
/package/dist/{chunk-ZBTC5QIQ.js.map → chunk-Y26HJUPD.js.map} +0 -0
/package/dist/{monorepo-N5Z63XP7.js.map → monorepo-GSL6JD3G.js.map} +0 -0
/package/dist/{source-map-uploader-BJIXRLJ6.js.map → source-map-uploader-DPUUCLNW.js.map} +0 -0

package/dist/node-entry.js CHANGED Viewed

@@ -12,12 +12,12 @@ import {
   registerGlasstrace,
   waitForReady,
   withGlasstraceConfig
-} from "./chunk-ZBTC5QIQ.js";
+} from "./chunk-Y26HJUPD.js";
 import {
   GlasstraceSpanProcessor,
   SdkError,
   captureCorrelationId
-} from "./chunk-67RIOAXV.js";
+} from "./chunk-6RNBUUBR.js";
 import "./chunk-DQ25VOKK.js";
 import {
   PRESIGNED_THRESHOLD_BYTES,
@@ -27,7 +27,7 @@ import {
   uploadSourceMaps,
   uploadSourceMapsAuto,
   uploadSourceMapsPresigned
-} from "./chunk-KE7MCPO5.js";
+} from "./chunk-4EZ6JTDG.js";
 import "./chunk-3TU62WD6.js";
 import {
   getActiveConfig,
@@ -36,12 +36,12 @@ import {
   performInit,
   saveCachedConfig,
   sendInitRequest
-} from "./chunk-DO2YPMQ5.js";
+} from "./chunk-MXDZHFJQ.js";
 import {
   buildImportGraph,
   discoverTestFiles,
   extractImports
-} from "./chunk-UGJ3X4CT.js";
+} from "./chunk-DST4UBXU.js";
 import {
   isAnonymousMode,
   isProductionDisabled,
@@ -51,10 +51,10 @@ import {
 import {
   getOrCreateAnonKey,
   readAnonKey
-} from "./chunk-IP4NMDJK.js";
+} from "./chunk-P22UQ2OJ.js";
 import {
   deriveSessionId
-} from "./chunk-TQ54WLCZ.js";
+} from "./chunk-X5MAXP5T.js";
 import "./chunk-NSBPE2FW.js";
 export {
   GlasstraceExporter,

package/dist/node-subpath.js CHANGED Viewed

@@ -6,15 +6,15 @@ import {
   uploadSourceMaps,
   uploadSourceMapsAuto,
   uploadSourceMapsPresigned
-} from "./chunk-KE7MCPO5.js";
+} from "./chunk-4EZ6JTDG.js";
 import "./chunk-3TU62WD6.js";
 import {
   buildImportGraph,
   discoverTestFiles,
   extractImports
-} from "./chunk-UGJ3X4CT.js";
+} from "./chunk-DST4UBXU.js";
 import "./chunk-VUZCLMIX.js";
-import "./chunk-TQ54WLCZ.js";
+import "./chunk-X5MAXP5T.js";
 import "./chunk-NSBPE2FW.js";
 export {
   PRESIGNED_THRESHOLD_BYTES,

package/dist/{source-map-uploader-BJIXRLJ6.js → source-map-uploader-DPUUCLNW.js} RENAMED Viewed

@@ -11,10 +11,10 @@ import {
   uploadSourceMapsAuto,
   uploadSourceMapsPresigned,
   uploadToBlob
-} from "./chunk-KE7MCPO5.js";
+} from "./chunk-4EZ6JTDG.js";
 import "./chunk-3TU62WD6.js";
 import "./chunk-VUZCLMIX.js";
-import "./chunk-TQ54WLCZ.js";
+import "./chunk-X5MAXP5T.js";
 import "./chunk-NSBPE2FW.js";
 export {
   PRESIGNED_THRESHOLD_BYTES,
@@ -30,4 +30,4 @@ export {
   uploadSourceMapsPresigned,
   uploadToBlob
 };
-//# sourceMappingURL=source-map-uploader-BJIXRLJ6.js.map
+//# sourceMappingURL=source-map-uploader-DPUUCLNW.js.map

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@glasstrace/sdk",
-  "version": "1.1.0",
+  "version": "1.1.1",
   "description": "Glasstrace server-side debugging SDK for AI coding agents",
   "type": "module",
   "sideEffects": false,

package/dist/chunk-DO2YPMQ5.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"sources":["../src/health-collector.ts","../src/https-transport.ts","../src/init-client.ts"],"sourcesContent":["import type { SdkHealthReport } from \"@glasstrace/protocol\";\n\n// --- Module-level state (singleton pattern matching init-client.ts) ---\n\n/** Spans successfully forwarded to the delegate exporter since last collect. */\nlet tracesExported = 0;\n\n/** Spans dropped: buffer overflow evictions + spans lost on shutdown. */\nlet tracesDropped = 0;\n\n/** Failed performInit attempts since last collect. */\nlet initFailures = 0;\n\n/** Timestamp (ms) of the last successful config sync (performInit success or cached config load). */\nlet lastConfigSyncAt: number | null = null;\n\n// --- Recording functions (called by other modules) ---\n\n/**\n * Records that spans were submitted to the delegate exporter.\n * Counts submission, not confirmed delivery (DISC-1118).\n * Called by GlasstraceExporter after delegate.export() is invoked.\n */\nexport function recordSpansExported(count: number): void {\n if (!Number.isFinite(count) || count < 0 || !Number.isInteger(count)) return;\n tracesExported += count;\n}\n\n/**\n * Records that spans were dropped (buffer overflow eviction or shutdown loss).\n * Called by GlasstraceExporter on buffer eviction and unresolved-key shutdown.\n */\nexport function recordSpansDropped(count: number): void {\n if (!Number.isFinite(count) || count < 0 || !Number.isInteger(count)) return;\n tracesDropped += count;\n}\n\n/**\n * Records a failed performInit attempt.\n * Called by performInit when the init request fails for any reason.\n */\nexport function recordInitFailure(): void {\n try { initFailures += 1; } catch { /* best-effort */ }\n}\n\n/**\n * Records the timestamp of a successful config sync.\n * Called by performInit on success and by loadCachedConfig when loading a valid cache.\n */\nexport function recordConfigSync(timestamp: number): void {\n try { lastConfigSyncAt = timestamp; } catch { /* best-effort */ }\n}\n\n// --- Collection ---\n\n/**\n * Snapshots the current health metrics into an SdkHealthReport without\n * resetting counters. Counters are only reset when {@link acknowledgeHealthReport}\n * is called after the init request succeeds. This two-phase approach prevents\n * metric loss when `performInit` fails — the counters persist for the next\n * init attempt.\n *\n * On the first init call, all counters will be zero, which is correct.\n *\n * @param sdkVersion - The SDK version string to include in the report.\n * @returns The health report, or null if collection fails unexpectedly.\n */\nexport function collectHealthReport(sdkVersion: string): SdkHealthReport | null {\n try {\n const now = Date.now();\n const configAge = lastConfigSyncAt !== null ? Math.max(0, now - lastConfigSyncAt) : 0;\n\n return {\n tracesExportedSinceLastInit: tracesExported,\n tracesDropped,\n initFailures,\n configAge: Math.round(configAge),\n sdkVersion,\n };\n } catch {\n return null;\n }\n}\n\n/**\n * Subtracts the reported values from the running counters after a health\n * report has been successfully delivered to the backend. Called by\n * `performInit` on the success path. If init fails, counters persist\n * for the next attempt.\n *\n * Uses subtraction instead of zeroing to preserve any increments that\n * occurred between the snapshot (`collectHealthReport`) and delivery\n * (e.g., spans exported during the init HTTP call). Values are clamped\n * to 0 to guard against edge cases.\n *\n * Core invariant (DISC-1123): for any finite counter C and finite reported\n * value, after acknowledge:\n * C_new = max(0, C_before_ack - reported_value)\n * This guarantees:\n * 1. Reported finite, non-negative values are removed exactly once\n * (no double-counting).\n * 2. Activity between snapshot and acknowledge is preserved (not lost).\n * 3. The counter never goes negative (clamp prevents underflow).\n * Corruption vectors guarded: non-finite report fields (NaN/±Infinity)\n * preserve the counter; negative finite report fields are clamped to 0\n * before subtraction.\n *\n * `lastConfigSyncAt` is NOT affected — config age measures time since\n * the last successful sync, not the last acknowledgment.\n */\nexport function acknowledgeHealthReport(report: SdkHealthReport): void {\n const exp = Math.max(0, report.tracesExportedSinceLastInit);\n const expVal = tracesExported - exp;\n tracesExported = Number.isFinite(expVal) ? Math.max(0, expVal) : tracesExported;\n\n const drop = Math.max(0, report.tracesDropped);\n const dropVal = tracesDropped - drop;\n tracesDropped = Number.isFinite(dropVal) ? Math.max(0, dropVal) : tracesDropped;\n\n const fail = Math.max(0, report.initFailures);\n const failVal = initFailures - fail;\n initFailures = Number.isFinite(failVal) ? Math.max(0, failVal) : initFailures;\n}\n\n// --- Test support ---\n\n/**\n * Resets all health metrics to initial state. For testing only.\n */\nexport function _resetHealthForTesting(): void {\n tracesExported = 0;\n tracesDropped = 0;\n initFailures = 0;\n lastConfigSyncAt = null;\n}\n","/**\n * Minimal Node-native HTTPS transport used by the SDK init call.\n *\n * ## Why this exists\n *\n * Next.js 16 patches the global `fetch` to add caching, revalidation,\n * and request deduplication. When the SDK is bundled into a Next.js\n * process (instrumentation.ts path), outbound calls to\n * `api.glasstrace.dev` get intercepted by the patched fetch and can\n * silently hang — the fetch promise never resolves (DISC-493 Issue 3).\n *\n * A silent init hang is catastrophic: the SDK stays in \"pending key\"\n * state forever, enriched spans are buffered without ever being\n * exported, and anonymous keys are never registered server-side\n * (DISC-494).\n *\n * ## Why `node:https`\n *\n * `node:https` is a Node.js core module. It has zero bundle weight\n * (important because the SDK is tsup-inlined into every consumer's\n * bundle) and is always available on Node.js >= 20. Using it directly\n * bypasses the global `fetch` patching entirely — Next.js never sees\n * the request.\n *\n * Alternatives considered and rejected:\n *\n * - **`undici` as a runtime dep** — adds ~400KB inlined into every\n * consumer bundle.\n * - **`fetch(..., { cache: \"no-store\", next: { revalidate: 0 } })`** —\n * bandaid. Couples the SDK to Next.js's fetch-extension API and still\n * relies on Next's patched fetch behaving correctly. Explicitly\n * forbidden by the task brief for this reason.\n * - **Monkey-patch `globalThis.fetch`** — forbidden in the public SDK\n * (`glasstrace-sdk/CLAUDE.md`). Bypassing the patched fetch by\n * calling a different API is avoidance, not patching.\n *\n * ## Structure\n *\n * `httpsPostJson` is the only exported function. It:\n * - Sends a POST to a URL with a JSON body\n * - Applies a per-request timeout (default 10s)\n * - Retries transport-level failures (DNS, TCP, TLS) with backoff\n * - Never retries HTTP status errors — those are surfaced immediately\n * - Distinguishes transport failure, server error, and body-parse error\n * so callers can render actionable messages\n */\nimport {\n request as httpsRequest,\n type RequestOptions as HttpsRequestOptions,\n} from \"node:https\";\nimport {\n request as httpRequest,\n type IncomingMessage,\n} from \"node:http\";\nimport { URL } from \"node:url\";\n\n/** Error thrown when the HTTP request never completed (DNS/TCP/TLS/timeout). */\nexport class HttpsTransportError extends Error {\n readonly kind = \"transport\" as const;\n readonly cause?: unknown;\n constructor(message: string, cause?: unknown) {\n super(message);\n this.name = \"HttpsTransportError\";\n this.cause = cause;\n }\n}\n\n/** Error thrown when the server returned a non-2xx HTTP status. */\nexport class HttpsStatusError extends Error {\n readonly kind = \"status\" as const;\n readonly status: number;\n /** Raw response body text (may be truncated by caller if large). */\n readonly body: string;\n constructor(status: number, body: string) {\n super(`Server returned HTTP ${status}`);\n this.name = \"HttpsStatusError\";\n this.status = status;\n this.body = body;\n }\n}\n\n/** Error thrown when the response body was not parseable JSON. */\nexport class HttpsBodyParseError extends Error {\n readonly kind = \"parse\" as const;\n readonly status: number;\n readonly cause?: unknown;\n constructor(status: number, cause?: unknown) {\n super(`Server returned malformed response (HTTP ${status})`);\n this.name = \"HttpsBodyParseError\";\n this.status = status;\n this.cause = cause;\n }\n}\n\n/** Options controlling timeout and retry behavior. */\nexport interface HttpsPostJsonOptions {\n /** Parsed headers (including Content-Type, Authorization, etc). */\n headers: Record<string, string>;\n /** Per-attempt timeout, ms. Defaults to 10000. */\n timeoutMs?: number;\n /**\n * Total number of attempts INCLUDING the first. Defaults to 3\n * (initial + 2 retries). Only transport errors are retried.\n */\n maxAttempts?: number;\n /**\n * Backoff delays between retries, ms. The array length should be\n * `maxAttempts - 1`. Defaults to [500, 1500].\n */\n retryDelaysMs?: readonly number[];\n /**\n * Total deadline across all attempts, ms. Defaults to 20000.\n * If exceeded, no further retries are attempted and the last error\n * is surfaced. Guards against CLI hang on flaky networks.\n */\n totalDeadlineMs?: number;\n /**\n * Abort signal. When aborted, the in-flight request is terminated and\n * no further retries are attempted.\n */\n signal?: AbortSignal;\n /**\n * Scheduler injection point for tests. Defaults to `setTimeout`.\n * Using fake timers in tests requires the injected scheduler to honor\n * `vi.advanceTimersByTime()` — Node's real setTimeout is fine when no\n * fake timers are installed.\n */\n scheduler?: (fn: () => void, ms: number) => { unref?: () => void };\n /**\n * Alternate HTTPS request function. Injected by tests to simulate\n * Next.js-style fetch patching (assert call count stays zero) or to\n * mock transport behavior without opening real sockets.\n */\n requestImpl?: typeof httpsRequest;\n /**\n * Alternate HTTP request function, used when the URL is `http://`.\n * Splitting http/https lets tests use a local non-TLS mock server.\n */\n httpRequestImpl?: typeof httpRequest;\n}\n\n/** Shape of a successful response. */\nexport interface HttpsPostJsonResult {\n /** HTTP status code. Always in [200, 299] for success. */\n status: number;\n /** Parsed JSON body. May be `undefined` for 204 No Content. */\n body: unknown;\n /** Raw body text for diagnostics. */\n raw: string;\n}\n\n/** Delays so a failing test still completes before the suite's timeout. */\nconst DEFAULT_TIMEOUT_MS = 10_000;\nconst DEFAULT_RETRY_DELAYS_MS = [500, 1500] as const;\nconst DEFAULT_TOTAL_DEADLINE_MS = 20_000;\n\n/**\n * Sends a POST request with a JSON body using `node:https`. Bypasses\n * any `globalThis.fetch` patching (Next.js 16, MSW, etc).\n *\n * @throws {HttpsTransportError} DNS failure, TCP reset, TLS handshake\n * failure, request timeout, or abort.\n * @throws {HttpsStatusError} HTTP response with status >= 400.\n * @throws {HttpsBodyParseError} HTTP 2xx with non-JSON body (status not\n * equal to 204).\n */\nexport async function httpsPostJson(\n url: string,\n jsonBody: unknown,\n options: HttpsPostJsonOptions,\n): Promise<HttpsPostJsonResult> {\n const parsed = new URL(url);\n const isHttps = parsed.protocol === \"https:\";\n const isHttp = parsed.protocol === \"http:\";\n if (!isHttps && !isHttp) {\n throw new HttpsTransportError(\n `Unsupported protocol: ${parsed.protocol} (expected http: or https:)`,\n );\n }\n const timeoutMs = options.timeoutMs ?? DEFAULT_TIMEOUT_MS;\n const maxAttempts = options.maxAttempts ?? 3;\n const retryDelaysMs = options.retryDelaysMs ?? DEFAULT_RETRY_DELAYS_MS;\n const totalDeadlineMs = options.totalDeadlineMs ?? DEFAULT_TOTAL_DEADLINE_MS;\n const scheduler = options.scheduler ?? ((fn, ms) => setTimeout(fn, ms));\n const requestImpl = isHttps\n ? (options.requestImpl ?? httpsRequest)\n : (options.httpRequestImpl ?? httpRequest);\n\n // Serialize once so retries use the exact same bytes.\n let payload: string;\n try {\n payload = JSON.stringify(jsonBody);\n } catch (err) {\n throw new HttpsTransportError(\n `Failed to serialize request body: ${err instanceof Error ? err.message : String(err)}`,\n err,\n );\n }\n const payloadBuffer = Buffer.from(payload, \"utf-8\");\n\n const startedAt = Date.now();\n let lastError: unknown;\n\n for (let attempt = 0; attempt < maxAttempts; attempt += 1) {\n if (options.signal?.aborted) {\n throw new HttpsTransportError(\"Request aborted\");\n }\n // Respect the total deadline — don't start another attempt if we'd\n // blow past it even before issuing the request.\n const elapsed = Date.now() - startedAt;\n if (elapsed >= totalDeadlineMs) {\n break;\n }\n const remainingBudget = totalDeadlineMs - elapsed;\n const attemptTimeoutMs = Math.min(timeoutMs, remainingBudget);\n\n try {\n return await sendSingleRequest(\n parsed,\n payloadBuffer,\n options.headers,\n attemptTimeoutMs,\n options.signal,\n requestImpl,\n );\n } catch (err) {\n lastError = err;\n // Never retry status/parse errors — they're server responses, not\n // transient network failures.\n if (err instanceof HttpsStatusError || err instanceof HttpsBodyParseError) {\n throw err;\n }\n const isLast = attempt === maxAttempts - 1;\n if (isLast) break;\n\n const delayMs = retryDelaysMs[attempt] ?? retryDelaysMs[retryDelaysMs.length - 1] ?? 0;\n const elapsedBeforeSleep = Date.now() - startedAt;\n const remaining = totalDeadlineMs - elapsedBeforeSleep;\n if (remaining <= 0) break;\n const actualDelayMs = Math.min(delayMs, remaining);\n await sleep(actualDelayMs, scheduler, options.signal);\n }\n }\n\n if (lastError instanceof HttpsTransportError) throw lastError;\n throw new HttpsTransportError(\n lastError instanceof Error ? lastError.message : \"Request failed\",\n lastError,\n );\n}\n\n/**\n * Fires a single HTTPS request. Resolves with the parsed result on 2xx,\n * throws the appropriate typed error otherwise. Caller handles retries.\n */\nfunction sendSingleRequest(\n url: URL,\n payload: Buffer,\n headers: Record<string, string>,\n timeoutMs: number,\n signal: AbortSignal | undefined,\n requestImpl: typeof httpsRequest,\n): Promise<HttpsPostJsonResult> {\n return new Promise<HttpsPostJsonResult>((resolve, reject) => {\n // Merge caller headers with Content-Length so Node doesn't chunk\n // the body. Explicit content-length also prevents confusion from\n // servers that reject chunked POSTs.\n const finalHeaders: Record<string, string | number> = {\n ...headers,\n \"Content-Length\": payload.byteLength,\n };\n\n const reqOptions: HttpsRequestOptions = {\n method: \"POST\",\n hostname: url.hostname,\n port: url.port === \"\" ? undefined : Number(url.port),\n path: `${url.pathname}${url.search}`,\n headers: finalHeaders,\n // Explicit timeout at the socket level. Still complemented by a\n // manual timer below because `timeout` only fires when the socket\n // is idle — it does not cover \"TLS handshake hangs forever\".\n timeout: timeoutMs,\n };\n\n let settled = false;\n // Hoisted so every settle path can clear the manual timer and drop\n // the optional abort listener. Assigned below once `req`, `timer`,\n // and `onAbort` exist.\n let cleanup = (): void => {};\n const settle = (fn: () => void): void => {\n if (settled) return;\n settled = true;\n cleanup();\n fn();\n };\n\n const req = requestImpl(reqOptions, (res: IncomingMessage) => {\n const chunks: Buffer[] = [];\n res.on(\"data\", (chunk: Buffer | string) => {\n chunks.push(typeof chunk === \"string\" ? Buffer.from(chunk, \"utf-8\") : chunk);\n });\n res.on(\"end\", () => {\n const raw = Buffer.concat(chunks).toString(\"utf-8\");\n const status = res.statusCode ?? 0;\n if (status < 200 || status >= 300) {\n settle(() => reject(new HttpsStatusError(status, raw)));\n return;\n }\n // HTTP 204: no body is expected; resolve with undefined.\n if (status === 204 || raw.length === 0) {\n settle(() => resolve({ status, body: undefined, raw }));\n return;\n }\n try {\n const parsed = JSON.parse(raw);\n settle(() => resolve({ status, body: parsed, raw }));\n } catch (err) {\n settle(() => reject(new HttpsBodyParseError(status, err)));\n }\n });\n res.on(\"error\", (err) => {\n settle(() => reject(new HttpsTransportError(`Response stream error: ${err.message}`, err)));\n });\n });\n\n // A single manual timeout guards against handshake/DNS hangs that\n // the `timeout` option in `request()` does not cover. We destroy the\n // socket on timeout so the node:https layer doesn't keep it alive.\n const timer = setTimeout(() => {\n settle(() => {\n req.destroy(new Error(\"Request timed out\"));\n reject(new HttpsTransportError(`Request timed out after ${timeoutMs}ms`));\n });\n }, timeoutMs);\n // Don't block process exit while the timer is running.\n if (typeof timer.unref === \"function\") timer.unref();\n\n // Hoisted so `cleanup` can remove it on settle. Only registered\n // on the signal below when `signal !== undefined`.\n const onAbort = (): void => {\n settle(() => {\n req.destroy(new Error(\"Aborted\"));\n reject(new HttpsTransportError(\"Request aborted\"));\n });\n };\n\n // Install cleanup now that `timer` and `onAbort` exist. Invoked by\n // every settle path (success, status-error, parse-error, transport\n // error, timeout, abort) to clear the manual timer and drop the\n // abort listener so long-lived signals don't accumulate listeners.\n cleanup = (): void => {\n clearTimeout(timer);\n if (signal !== undefined) {\n signal.removeEventListener(\"abort\", onAbort);\n }\n };\n\n req.on(\"error\", (err) => {\n settle(() => reject(new HttpsTransportError(`fetch failed: ${err.message}`, err)));\n });\n\n req.on(\"timeout\", () => {\n settle(() => {\n req.destroy(new Error(\"Request timed out\"));\n reject(new HttpsTransportError(`Request timed out after ${timeoutMs}ms`));\n });\n });\n\n if (signal !== undefined) {\n if (signal.aborted) {\n req.destroy(new Error(\"Aborted\"));\n settle(() => reject(new HttpsTransportError(\"Request aborted\")));\n return;\n }\n signal.addEventListener(\"abort\", onAbort, { once: true });\n }\n\n req.end(payload);\n });\n}\n\n/**\n * Delay helper that honors an AbortSignal. We cannot use `setTimeout`'s\n * built-in `signal` option because it is not available in older Node 20\n * patch releases (added in 20.6).\n *\n * Both settle paths (timer fires, signal aborts) clear the pending\n * timer and remove the abort listener so this helper remains leak-free\n * under heavy retry/abort usage.\n */\nfunction sleep(\n ms: number,\n scheduler: (fn: () => void, ms: number) => { unref?: () => void },\n signal: AbortSignal | undefined,\n): Promise<void> {\n return new Promise<void>((resolve, reject) => {\n let settled = false;\n // Forward-declared so `settle` below can reference it. Assigned\n // once `timer` exists.\n let cleanup = (): void => {};\n const settle = (fn: () => void): void => {\n if (settled) return;\n settled = true;\n cleanup();\n fn();\n };\n const onAbort = (): void => {\n settle(() => reject(new HttpsTransportError(\"Request aborted\")));\n };\n const timer = scheduler(() => {\n settle(resolve);\n }, ms);\n if (typeof timer.unref === \"function\") timer.unref();\n cleanup = (): void => {\n // `scheduler` returns whatever `setTimeout` returns (NodeJS.Timeout\n // in Node, number in jsdom). Both are accepted by `clearTimeout`.\n clearTimeout(timer as unknown as NodeJS.Timeout);\n if (signal !== undefined) {\n signal.removeEventListener(\"abort\", onAbort);\n }\n };\n if (signal !== undefined) {\n if (signal.aborted) {\n onAbort();\n return;\n }\n signal.addEventListener(\"abort\", onAbort, { once: true });\n }\n });\n}\n","import {\n SdkInitResponseSchema,\n SdkCachedConfigSchema,\n DEFAULT_CAPTURE_CONFIG,\n} from \"@glasstrace/protocol\";\nimport type {\n SdkInitResponse,\n CaptureConfig,\n AnonApiKey,\n ImportGraphPayload,\n SdkHealthReport,\n SdkDiagnosticCode,\n} from \"@glasstrace/protocol\";\nimport type { ResolvedConfig } from \"./env-detection.js\";\nimport { recordInitFailure, recordConfigSync, acknowledgeHealthReport } from \"./health-collector.js\";\nimport {\n httpsPostJson,\n HttpsStatusError,\n HttpsTransportError,\n HttpsBodyParseError,\n} from \"./https-transport.js\";\n\nconst GLASSTRACE_DIR = \".glasstrace\";\nconst CONFIG_FILE = \"config\";\nconst TWENTY_FOUR_HOURS_MS = 24 * 60 * 60 * 1000;\nconst INIT_TIMEOUT_MS = 10_000;\n\n/**\n * Lazily imports `node:fs/promises` and `node:path`. Returns `null` if\n * the modules are unavailable (non-Node environments). Cached after first call.\n */\nlet fsPathAsyncCache: { fs: typeof import(\"node:fs/promises\"); path: typeof import(\"node:path\") } | null | undefined;\n\nasync function loadFsPathAsync(): Promise<{ fs: typeof import(\"node:fs/promises\"); path: typeof import(\"node:path\") } | null> {\n if (fsPathAsyncCache !== undefined) return fsPathAsyncCache;\n try {\n const [fs, path] = await Promise.all([\n import(\"node:fs/promises\"),\n import(\"node:path\"),\n ]);\n fsPathAsyncCache = { fs, path };\n return fsPathAsyncCache;\n } catch {\n fsPathAsyncCache = null;\n return null;\n }\n}\n\n/**\n * Lazily imports synchronous `node:fs` and `node:path` via `require()`.\n * Returns `null` when unavailable. Used by `loadCachedConfig` which is\n * synchronous for startup performance.\n */\nfunction loadFsSyncOrNull(): { readFileSync: typeof import(\"node:fs\").readFileSync; join: typeof import(\"node:path\").join } | null {\n try {\n // eslint-disable-next-line @typescript-eslint/no-require-imports\n const fs = require(\"node:fs\") as typeof import(\"node:fs\");\n // eslint-disable-next-line @typescript-eslint/no-require-imports\n const path = require(\"node:path\") as typeof import(\"node:path\");\n return { readFileSync: fs.readFileSync, join: path.join };\n } catch {\n return null;\n }\n}\n\n/**\n * Test-only transport hook. When set, `sendInitRequest` calls this\n * instead of `httpsPostJson`. Enables unit tests to assert that the\n * SDK never routes through `globalThis.fetch` (Next.js patching) by\n * injecting a pure-function transport that never touches the network.\n *\n * Production code never sets this. Reset via `_resetConfigForTesting()`.\n */\ntype HttpsPostJsonFn = typeof httpsPostJson;\nlet transportOverride: HttpsPostJsonFn | null = null;\n\n/** In-memory config from the latest successful init response. */\nlet currentConfig: SdkInitResponse | null = null;\n\n/** Whether the disk cache has already been checked by getActiveConfig(). */\nlet configCacheChecked = false;\n\n/** Whether the next init call should be skipped (rate-limit backoff). */\nlet rateLimitBackoff = false;\n\n/** Whether the most recent performInit call completed the success path. */\nlet lastInitSucceeded = false;\n\n/**\n * Reads and validates a cached config file from `.glasstrace/config`.\n * Returns the parsed `SdkInitResponse` or `null` on any failure,\n * including when `node:fs` is unavailable (non-Node environments).\n */\nexport function loadCachedConfig(projectRoot?: string): SdkInitResponse | null {\n const modules = loadFsSyncOrNull();\n if (!modules) return null;\n\n const root = projectRoot ?? process.cwd();\n const configPath = modules.join(root, GLASSTRACE_DIR, CONFIG_FILE);\n\n try {\n // Use synchronous read for startup performance (this is called during init)\n const content = modules.readFileSync(configPath, \"utf-8\");\n const parsed = JSON.parse(content);\n const cached = SdkCachedConfigSchema.parse(parsed);\n\n // Warn if cache is stale\n const age = Date.now() - cached.cachedAt;\n if (age > TWENTY_FOUR_HOURS_MS) {\n console.warn(\n `[glasstrace] Cached config is ${Math.round(age / 3600000)}h old. Will refresh on next init.`,\n );\n }\n\n // Parse the response through the schema\n const result = SdkInitResponseSchema.safeParse(cached.response);\n if (result.success) {\n recordConfigSync(cached.cachedAt);\n return result.data;\n }\n\n console.warn(\"[glasstrace] Cached config failed validation. Using defaults.\");\n return null;\n } catch {\n return null;\n }\n}\n\n/**\n * Persists the init response to `.glasstrace/config` using atomic\n * write-temp + rename semantics. Silently skipped when `node:fs` is\n * unavailable (non-Node environments). On I/O failure, logs a warning.\n *\n * Atomicity: the payload is written to `.glasstrace/config.tmp` and then\n * renamed into place. `rename` is atomic on POSIX filesystems, so readers\n * either see the previous valid config or the new valid config — never a\n * truncated or partially-written file (DISC-1247 Scenario 5). If the\n * rename fails, the temp file is cleaned up on a best-effort basis.\n */\nexport async function saveCachedConfig(\n response: SdkInitResponse,\n projectRoot?: string,\n): Promise<void> {\n const modules = await loadFsPathAsync();\n if (!modules) return;\n\n const root = projectRoot ?? process.cwd();\n const dirPath = modules.path.join(root, GLASSTRACE_DIR);\n const configPath = modules.path.join(dirPath, CONFIG_FILE);\n const tmpPath = `${configPath}.tmp`;\n\n try {\n await modules.fs.mkdir(dirPath, { recursive: true, mode: 0o700 });\n await modules.fs.chmod(dirPath, 0o700);\n const cached = {\n response,\n cachedAt: Date.now(),\n };\n // Write to a sibling temp file first, then atomically rename.\n // Using a sibling (same directory) guarantees the rename stays on\n // the same filesystem, which is required for atomicity.\n await modules.fs.writeFile(tmpPath, JSON.stringify(cached), {\n encoding: \"utf-8\",\n mode: 0o600,\n });\n try {\n await modules.fs.chmod(tmpPath, 0o600);\n await modules.fs.rename(tmpPath, configPath);\n } catch (renameErr) {\n // Rename failed — remove the temp file so it doesn't linger.\n try {\n await modules.fs.unlink(tmpPath);\n } catch {\n // Best-effort cleanup; ignore unlink failures.\n }\n throw renameErr;\n }\n // chmod the final path to defend against platforms that don't honor\n // the mode passed to writeFile/rename on first creation.\n await modules.fs.chmod(configPath, 0o600);\n } catch (err) {\n console.warn(\n `[glasstrace] Failed to cache config to ${configPath}: ${err instanceof Error ? err.message : String(err)}`,\n );\n }\n}\n\n/**\n * Sends a POST request to `/v1/sdk/init`.\n * Validates the response against `SdkInitResponseSchema`.\n *\n * Uses `node:https` via {@link httpsPostJson} rather than the global\n * `fetch` because Next.js 16 patches `fetch` for caching/revalidation\n * and can cause the init request to silently hang (DISC-493 Issue 3).\n * Retries transport-level failures (DNS, TCP, TLS) twice with 500ms +\n * 1500ms backoff, capped at a 20-second total deadline. Server responses\n * (HTTP 4xx/5xx) are never retried and are surfaced immediately.\n */\nexport async function sendInitRequest(\n config: ResolvedConfig,\n anonKey: AnonApiKey | null,\n sdkVersion: string,\n importGraph?: ImportGraphPayload,\n healthReport?: SdkHealthReport,\n diagnostics?: Array<{ code: SdkDiagnosticCode; message: string; timestamp: number }>,\n signal?: AbortSignal,\n): Promise<SdkInitResponse> {\n // Determine the API key for auth. Use || (not ??) so empty strings\n // fall through to the anonymous key — defense in depth for DISC-467.\n const effectiveKey = config.apiKey || anonKey;\n if (!effectiveKey) {\n throw new Error(\"No API key available for init request\");\n }\n\n // Build the request payload\n const payload: Record<string, unknown> = {\n sdkVersion,\n };\n\n // Straggler linking: if dev key is set AND anonKey is provided\n if (config.apiKey && anonKey) {\n payload.anonKey = anonKey;\n }\n\n if (config.environment) {\n payload.environment = config.environment;\n }\n if (importGraph) {\n payload.importGraph = importGraph;\n }\n if (healthReport) {\n payload.healthReport = healthReport;\n }\n if (diagnostics) {\n payload.diagnostics = diagnostics;\n }\n\n const url = `${config.endpoint}/v1/sdk/init`;\n\n const transport = transportOverride ?? httpsPostJson;\n let result;\n try {\n result = await transport(url, payload, {\n headers: {\n \"Content-Type\": \"application/json\",\n Authorization: `Bearer ${effectiveKey}`,\n },\n timeoutMs: INIT_TIMEOUT_MS,\n signal,\n });\n } catch (err) {\n if (err instanceof HttpsStatusError) {\n const error = new Error(`Init request failed with status ${err.status}`);\n (error as unknown as Record<string, unknown>).status = err.status;\n throw error;\n }\n if (err instanceof HttpsBodyParseError) {\n // Preserve SyntaxError name so callers can distinguish parse failures\n // (existing test contract uses `name === \"SyntaxError\"`).\n const cause = err.cause;\n if (cause instanceof SyntaxError) throw cause;\n throw err;\n }\n if (err instanceof HttpsTransportError) {\n // Transport error — surface as-is; callers classify via message/name.\n throw err;\n }\n throw err;\n }\n\n return SdkInitResponseSchema.parse(result.body);\n}\n\n/**\n * Result returned by {@link performInit} when the backend reports an\n * account claim transition. `null` means no claim was present.\n */\nexport interface InitClaimResult {\n claimResult: NonNullable<SdkInitResponse[\"claimResult\"]>;\n}\n\n/**\n * Writes a claimed API key to disk using a fallback chain:\n * 1. `.env.local` — update or create with the new key\n * 2. `.glasstrace/claimed-key` — fallback if `.env.local` is not writable\n * 3. Dashboard message — if all file writes fail (key is never logged)\n *\n * The key value MUST NOT appear in any log output or stderr message.\n * In non-Node environments where `node:fs` is unavailable, falls through\n * directly to the dashboard message (step 3).\n */\nexport async function writeClaimedKey(\n newApiKey: string,\n projectRoot?: string,\n): Promise<void> {\n const modules = await loadFsPathAsync();\n\n if (modules) {\n const root = projectRoot ?? process.cwd();\n const envLocalPath = modules.path.join(root, \".env.local\");\n\n // Step 1: Try writing to .env.local\n let envLocalWritten = false;\n try {\n let content: string;\n try {\n content = await modules.fs.readFile(envLocalPath, \"utf-8\");\n // Replace all existing GLASSTRACE_API_KEY lines or append\n if (/^GLASSTRACE_API_KEY=.*/m.test(content)) {\n content = content.replace(\n /^GLASSTRACE_API_KEY=.*$/gm,\n `GLASSTRACE_API_KEY=${newApiKey}`,\n );\n } else {\n // Ensure trailing newline before appending\n if (content.length > 0 && !content.endsWith(\"\\n\")) {\n content += \"\\n\";\n }\n content += `GLASSTRACE_API_KEY=${newApiKey}\\n`;\n }\n } catch (readErr: unknown) {\n // Only create a new file when the file genuinely does not exist.\n // Other read errors (e.g., permission denied) should not silently\n // overwrite an existing .env.local that we cannot read.\n const code = readErr instanceof Error ? (readErr as NodeJS.ErrnoException).code : undefined;\n if (code !== \"ENOENT\") {\n throw readErr;\n }\n content = `GLASSTRACE_API_KEY=${newApiKey}\\n`;\n }\n\n await modules.fs.writeFile(envLocalPath, content, { encoding: \"utf-8\", mode: 0o600 });\n await modules.fs.chmod(envLocalPath, 0o600);\n envLocalWritten = true;\n } catch {\n // .env.local write failed — fall through to step 2\n }\n\n if (envLocalWritten) {\n try {\n process.stderr.write(\n \"[glasstrace] Account claimed! API key written to .env.local. Restart your dev server to use it.\\n\",\n );\n } catch { /* stderr is best-effort */ }\n return;\n }\n\n // Step 2: Try writing to .glasstrace/claimed-key\n let claimedKeyWritten = false;\n try {\n const dirPath = modules.path.join(root, GLASSTRACE_DIR);\n await modules.fs.mkdir(dirPath, { recursive: true, mode: 0o700 });\n await modules.fs.chmod(dirPath, 0o700);\n const claimedKeyPath = modules.path.join(dirPath, \"claimed-key\");\n await modules.fs.writeFile(claimedKeyPath, newApiKey, {\n encoding: \"utf-8\",\n mode: 0o600,\n });\n await modules.fs.chmod(claimedKeyPath, 0o600);\n claimedKeyWritten = true;\n } catch {\n // .glasstrace write also failed — fall through to step 3\n }\n\n if (claimedKeyWritten) {\n try {\n process.stderr.write(\n \"[glasstrace] Account claimed! API key written to .glasstrace/claimed-key. Copy it to your .env.local file.\\n\",\n );\n } catch { /* stderr is best-effort */ }\n return;\n }\n }\n\n // Step 3: All file writes failed (or node:fs unavailable) — log a message WITHOUT the key\n try {\n process.stderr.write(\n \"[glasstrace] Account claimed but could not write key to disk. Visit your dashboard settings to rotate and retrieve a new API key.\\n\",\n );\n } catch { /* stderr is best-effort */ }\n}\n\n/**\n * Orchestrates the full init flow: send request, update config, cache result.\n * This function MUST NOT throw.\n *\n * Returns the claim result when the backend reports an account claim\n * transition, or `null` when no claim result is available (including\n * when init is skipped due to rate-limit backoff, missing API key,\n * or request failure). Callers that do not need claim information\n * can safely ignore the return value.\n */\nexport async function performInit(\n config: ResolvedConfig,\n anonKey: AnonApiKey | null,\n sdkVersion: string,\n healthReport?: SdkHealthReport | null,\n): Promise<InitClaimResult | null> {\n lastInitSucceeded = false;\n\n // Skip if in rate-limit backoff\n if (rateLimitBackoff) {\n rateLimitBackoff = false; // Reset for next call\n return null;\n }\n\n // Guard flag: prevents recordInitFailure() from being called twice if the\n // inner catch body itself throws (e.g., an unexpected error in console.warn\n // or the instanceof checks). Without this flag, the outer safety-net catch\n // would call recordInitFailure() a second time, inflating initFailures in\n // the health report. Fix for DISC-1121.\n let failureRecorded = false;\n\n try {\n const effectiveKey = config.apiKey || anonKey;\n if (!effectiveKey) {\n console.warn(\"[glasstrace] No API key available for init request.\");\n return null;\n }\n\n // No outer AbortController timeout: `httpsPostJson` enforces a\n // per-attempt timeout (INIT_TIMEOUT_MS = 10s) AND a 20s total\n // deadline across retries. An outer 10s abort would race the first\n // attempt's own timeout and prevent the backoff-retry window from\n // ever running, defeating the transport's retry behavior.\n try {\n // Delegate to sendInitRequest to avoid duplicating fetch logic\n const result = await sendInitRequest(\n config,\n anonKey,\n sdkVersion,\n undefined,\n healthReport ?? undefined,\n undefined,\n );\n\n // Update in-memory config\n currentConfig = result;\n recordConfigSync(Date.now());\n if (healthReport) {\n acknowledgeHealthReport(healthReport);\n }\n lastInitSucceeded = true;\n\n // Persist to disk\n await saveCachedConfig(result);\n\n // Handle account claim transition — write key to disk, never to stderr\n if (result.claimResult) {\n try {\n await writeClaimedKey(result.claimResult.newApiKey);\n } catch {\n // writeClaimedKey handles its own errors internally, but guard\n // against unexpected failures to ensure claimResult is never lost\n }\n return { claimResult: result.claimResult };\n }\n\n return null;\n } catch (err) {\n recordInitFailure();\n failureRecorded = true;\n\n // HttpsTransportError covers DNS/TCP/TLS/timeout from the\n // node:https transport itself — `httpsPostJson` raises timeouts\n // via this error class when its internal deadlines expire.\n if (err instanceof HttpsTransportError) {\n if (/timed out|aborted/i.test(err.message)) {\n console.warn(\"[glasstrace] ingestion_unreachable: Init request timed out.\");\n } else {\n console.warn(`[glasstrace] ingestion_unreachable: ${err.message}`);\n }\n return null;\n }\n\n // Check for HTTP status errors attached by sendInitRequest\n const status = (err as Record<string, unknown>).status;\n if (status === 401) {\n console.warn(\n \"[glasstrace] ingestion_auth_failed: Check your GLASSTRACE_API_KEY.\",\n );\n return null;\n }\n\n if (status === 429) {\n console.warn(\"[glasstrace] ingestion_rate_limited: Backing off.\");\n rateLimitBackoff = true;\n return null;\n }\n\n if (typeof status === \"number\" && status >= 400) {\n console.warn(\n `[glasstrace] Init request failed with status ${status}. Using cached config.`,\n );\n return null;\n }\n\n // Schema validation failure from sendInitRequest.parse\n // NOTE: Health report was already sent to the backend (HTTP 200).\n // Not acknowledging here means the next report will double-count\n // these values. This is intentional — over-reporting is preferable\n // to data loss when the response is unparseable (DISC-1120).\n if (err instanceof Error && err.name === \"ZodError\") {\n console.warn(\n \"[glasstrace] Init response failed validation (schema version mismatch?). Using cached config.\",\n );\n return null;\n }\n\n // Network error or other fetch failure\n console.warn(\n `[glasstrace] ingestion_unreachable: ${err instanceof Error ? err.message : String(err)}`,\n );\n return null;\n }\n } catch (err) {\n // Outermost catch — safety net for unexpected throws from the inner catch\n // body itself (e.g., an error in console.warn or instanceof checks).\n // Only record the failure if the inner catch did not already do so (DISC-1121).\n if (!failureRecorded) {\n recordInitFailure();\n }\n // Guard console.warn itself: performInit MUST NOT throw. If console.warn\n // throws here (the same failure mode this catch was added to handle), swallow\n // silently rather than violating the \"never throws\" contract.\n try {\n console.warn(\n `[glasstrace] Unexpected init error: ${err instanceof Error ? err.message : String(err)}`,\n );\n } catch { /* best-effort logging; never propagate */ }\n }\n\n return null;\n}\n\n/**\n * Returns the current capture config from the three-tier fallback chain:\n * 1. In-memory config from latest init response\n * 2. File cache (read at most once per process lifetime)\n * 3. DEFAULT_CAPTURE_CONFIG\n *\n * The disk read is cached via `configCacheChecked` to avoid repeated\n * synchronous I/O on the hot path (called by GlasstraceExporter on\n * every span export batch).\n */\nexport function getActiveConfig(): CaptureConfig {\n // Tier 1: in-memory\n if (currentConfig) {\n return currentConfig.config;\n }\n\n // Tier 2: file cache (only attempt once)\n if (!configCacheChecked) {\n configCacheChecked = true;\n const cached = loadCachedConfig();\n if (cached) {\n currentConfig = cached;\n return cached.config;\n }\n }\n\n // Tier 3: defaults\n return { ...DEFAULT_CAPTURE_CONFIG };\n}\n\n/**\n * Returns the `linkedAccountId` from the current in-memory init response,\n * or `undefined` if no init response is available or no account is linked.\n *\n * Used by the discovery endpoint to determine whether `claimed: true`\n * should be included in the response.\n */\nexport function getLinkedAccountId(): string | undefined {\n return currentConfig?.linkedAccountId;\n}\n\n/**\n * Returns the `claimResult` from the current in-memory init response,\n * or `undefined` if no init response is available or no claim occurred.\n *\n * Used by the discovery endpoint to detect in-flight claims: a valid\n * init response can include `claimResult` (claim happening NOW) without\n * `linkedAccountId` being set yet.\n */\nexport function getClaimResult(): SdkInitResponse[\"claimResult\"] {\n return currentConfig?.claimResult;\n}\n\n/**\n * Resets the in-memory config store. For testing only.\n */\nexport function _resetConfigForTesting(): void {\n currentConfig = null;\n configCacheChecked = false;\n rateLimitBackoff = false;\n lastInitSucceeded = false;\n transportOverride = null;\n}\n\n/**\n * Installs a test-only transport that replaces the `node:https` path\n * used by `sendInitRequest` and `performInit`. Tests use this to avoid\n * opening real sockets and to assert the SDK never routes through\n * `globalThis.fetch`. Pass `null` to restore the default transport.\n *\n * @internal Test-only. Never called from production code paths.\n */\nexport function _setTransportForTesting(fn: HttpsPostJsonFn | null): void {\n transportOverride = fn;\n}\n\n/**\n * Sets the in-memory config directly. Used by performInit and the orchestrator.\n */\nexport function _setCurrentConfig(config: SdkInitResponse): void {\n currentConfig = config;\n}\n\n/**\n * Returns whether rate-limit backoff is active. For testing only.\n */\nexport function _isRateLimitBackoff(): boolean {\n return rateLimitBackoff;\n}\n\n/**\n * Reads and clears the rate-limit backoff flag.\n * Called by the heartbeat after performInit returns null to detect 429 responses.\n * Returns true if a 429 occurred, false otherwise.\n */\nexport function consumeRateLimitFlag(): boolean {\n if (rateLimitBackoff) {\n rateLimitBackoff = false;\n return true;\n }\n return false;\n}\n\n/**\n * Returns true if the most recent performInit call completed the success path\n * (recordConfigSync + acknowledgeHealthReport were called).\n * Used by backgroundInit to decide whether to start the heartbeat.\n */\nexport function didLastInitSucceed(): boolean {\n return lastInitSucceeded;\n}\n\n/**\n * Result of {@link verifyInitReachable}.\n *\n * - `ok: true` — server acknowledged the init call with a valid, schema-\n * compliant payload. The anon key (if any) is registered server-side.\n * - `ok: false` with `reason: \"transport\"` — DNS/TCP/TLS/timeout failure.\n * No response reached the server (or couldn't be parsed off the wire).\n * `detail` is the raw cause (e.g. \"ECONNREFUSED\") with any leading\n * `fetch failed: ` prefix stripped; callers that render to the user\n * should add the prefix themselves to avoid doubling it.\n * - `ok: false` with `reason: \"rejected\"` — HTTP 4xx/5xx status. The\n * server received the call but declined it. `status` is set.\n * - `ok: false` with `reason: \"malformed\"` — HTTP 2xx but the body was\n * not valid JSON or did not match the protocol schema.\n */\nexport type VerifyInitResult =\n | { ok: true; response: SdkInitResponse }\n | { ok: false; reason: \"transport\"; detail: string }\n | { ok: false; reason: \"rejected\"; status: number; detail: string }\n | { ok: false; reason: \"malformed\"; detail: string };\n\n/**\n * Synchronously verifies that `/v1/sdk/init` is reachable and that the\n * provided anon key (if any) is registered server-side. Unlike\n * {@link performInit}, this function does NOT swallow errors — it\n * classifies them into the three user-actionable categories and\n * returns them.\n *\n * Used by the CLI `init` command to fail loudly when the init request\n * fails (DISC-493 Issue 3, DISC-494), rather than relying on the\n * runtime fire-and-forget call which can silently fail inside a\n * Next.js 16 process.\n *\n * The anon key is NEVER logged by this function. Error `detail`\n * strings are sanitized to the failure class only — the key does not\n * appear in transport, rejection, or malformed messages.\n */\nexport async function verifyInitReachable(\n config: ResolvedConfig,\n anonKey: AnonApiKey | null,\n sdkVersion: string,\n): Promise<VerifyInitResult> {\n try {\n const response = await sendInitRequest(config, anonKey, sdkVersion);\n return { ok: true, response };\n } catch (err) {\n // HTTP status error — server rejected the key.\n const status = (err as Record<string, unknown>).status;\n if (typeof status === \"number\") {\n return {\n ok: false,\n reason: \"rejected\",\n status,\n detail: `server returned HTTP ${status}`,\n };\n }\n\n // Schema validation failure (ZodError) or JSON parse error\n // (SyntaxError). Both mean the server responded but the body is\n // not a shape we can use.\n if (err instanceof Error && (err.name === \"ZodError\" || err.name === \"SyntaxError\")) {\n return {\n ok: false,\n reason: \"malformed\",\n detail: \"server returned malformed response\",\n };\n }\n\n // Everything else (transport errors, timeouts, abort, unknown) is\n // classified as transport. `detail` is the raw cause without a\n // `fetch failed:` prefix so the CLI (the only caller that renders\n // this) can format it as `fetch failed: <detail>` without risking\n // the double-prefix that would occur when the underlying error\n // already starts with `fetch failed:` (e.g., `HttpsTransportError`\n // from `sendSingleRequest`).\n const rawMessage = err instanceof Error ? err.message : String(err);\n const detail = rawMessage.startsWith(\"fetch failed: \")\n ? rawMessage.slice(\"fetch failed: \".length)\n : rawMessage;\n return { ok: false, reason: \"transport\", detail };\n }\n}\n"],"mappings":";;;;;;;;;;AAKA,IAAI,iBAAiB;AAGrB,IAAI,gBAAgB;AAGpB,IAAI,eAAe;AAGnB,IAAI,mBAAkC;AAS/B,SAAS,oBAAoB,OAAqB;AACvD,MAAI,CAAC,OAAO,SAAS,KAAK,KAAK,QAAQ,KAAK,CAAC,OAAO,UAAU,KAAK,EAAG;AACtE,oBAAkB;AACpB;AAMO,SAAS,mBAAmB,OAAqB;AACtD,MAAI,CAAC,OAAO,SAAS,KAAK,KAAK,QAAQ,KAAK,CAAC,OAAO,UAAU,KAAK,EAAG;AACtE,mBAAiB;AACnB;AAMO,SAAS,oBAA0B;AACxC,MAAI;AAAE,oBAAgB;AAAA,EAAG,QAAQ;AAAA,EAAoB;AACvD;AAMO,SAAS,iBAAiB,WAAyB;AACxD,MAAI;AAAE,uBAAmB;AAAA,EAAW,QAAQ;AAAA,EAAoB;AAClE;AAgBO,SAAS,oBAAoB,YAA4C;AAC9E,MAAI;AACF,UAAM,MAAM,KAAK,IAAI;AACrB,UAAM,YAAY,qBAAqB,OAAO,KAAK,IAAI,GAAG,MAAM,gBAAgB,IAAI;AAEpF,WAAO;AAAA,MACL,6BAA6B;AAAA,MAC7B;AAAA,MACA;AAAA,MACA,WAAW,KAAK,MAAM,SAAS;AAAA,MAC/B;AAAA,IACF;AAAA,EACF,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AA4BO,SAAS,wBAAwB,QAA+B;AACrE,QAAM,MAAM,KAAK,IAAI,GAAG,OAAO,2BAA2B;AAC1D,QAAM,SAAS,iBAAiB;AAChC,mBAAiB,OAAO,SAAS,MAAM,IAAI,KAAK,IAAI,GAAG,MAAM,IAAI;AAEjE,QAAM,OAAO,KAAK,IAAI,GAAG,OAAO,aAAa;AAC7C,QAAM,UAAU,gBAAgB;AAChC,kBAAgB,OAAO,SAAS,OAAO,IAAI,KAAK,IAAI,GAAG,OAAO,IAAI;AAElE,QAAM,OAAO,KAAK,IAAI,GAAG,OAAO,YAAY;AAC5C,QAAM,UAAU,eAAe;AAC/B,iBAAe,OAAO,SAAS,OAAO,IAAI,KAAK,IAAI,GAAG,OAAO,IAAI;AACnE;;;AC5EA;AAAA,EACE,WAAW;AAAA,OAEN;AACP;AAAA,EACE,WAAW;AAAA,OAEN;AACP,SAAS,WAAW;AAGb,IAAM,sBAAN,cAAkC,MAAM;AAAA,EACpC,OAAO;AAAA,EACP;AAAA,EACT,YAAY,SAAiB,OAAiB;AAC5C,UAAM,OAAO;AACb,SAAK,OAAO;AACZ,SAAK,QAAQ;AAAA,EACf;AACF;AAGO,IAAM,mBAAN,cAA+B,MAAM;AAAA,EACjC,OAAO;AAAA,EACP;AAAA;AAAA,EAEA;AAAA,EACT,YAAY,QAAgB,MAAc;AACxC,UAAM,wBAAwB,MAAM,EAAE;AACtC,SAAK,OAAO;AACZ,SAAK,SAAS;AACd,SAAK,OAAO;AAAA,EACd;AACF;AAGO,IAAM,sBAAN,cAAkC,MAAM;AAAA,EACpC,OAAO;AAAA,EACP;AAAA,EACA;AAAA,EACT,YAAY,QAAgB,OAAiB;AAC3C,UAAM,4CAA4C,MAAM,GAAG;AAC3D,SAAK,OAAO;AACZ,SAAK,SAAS;AACd,SAAK,QAAQ;AAAA,EACf;AACF;AA4DA,IAAM,qBAAqB;AAC3B,IAAM,0BAA0B,CAAC,KAAK,IAAI;AAC1C,IAAM,4BAA4B;AAYlC,eAAsB,cACpB,KACA,UACA,SAC8B;AAC9B,QAAM,SAAS,IAAI,IAAI,GAAG;AAC1B,QAAM,UAAU,OAAO,aAAa;AACpC,QAAM,SAAS,OAAO,aAAa;AACnC,MAAI,CAAC,WAAW,CAAC,QAAQ;AACvB,UAAM,IAAI;AAAA,MACR,yBAAyB,OAAO,QAAQ;AAAA,IAC1C;AAAA,EACF;AACA,QAAM,YAAY,QAAQ,aAAa;AACvC,QAAM,cAAc,QAAQ,eAAe;AAC3C,QAAM,gBAAgB,QAAQ,iBAAiB;AAC/C,QAAM,kBAAkB,QAAQ,mBAAmB;AACnD,QAAM,YAAY,QAAQ,cAAc,CAAC,IAAI,OAAO,WAAW,IAAI,EAAE;AACrE,QAAM,cAAc,UACf,QAAQ,eAAe,eACvB,QAAQ,mBAAmB;AAGhC,MAAI;AACJ,MAAI;AACF,cAAU,KAAK,UAAU,QAAQ;AAAA,EACnC,SAAS,KAAK;AACZ,UAAM,IAAI;AAAA,MACR,qCAAqC,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG,CAAC;AAAA,MACrF;AAAA,IACF;AAAA,EACF;AACA,QAAM,gBAAgB,OAAO,KAAK,SAAS,OAAO;AAElD,QAAM,YAAY,KAAK,IAAI;AAC3B,MAAI;AAEJ,WAAS,UAAU,GAAG,UAAU,aAAa,WAAW,GAAG;AACzD,QAAI,QAAQ,QAAQ,SAAS;AAC3B,YAAM,IAAI,oBAAoB,iBAAiB;AAAA,IACjD;AAGA,UAAM,UAAU,KAAK,IAAI,IAAI;AAC7B,QAAI,WAAW,iBAAiB;AAC9B;AAAA,IACF;AACA,UAAM,kBAAkB,kBAAkB;AAC1C,UAAM,mBAAmB,KAAK,IAAI,WAAW,eAAe;AAE5D,QAAI;AACF,aAAO,MAAM;AAAA,QACX;AAAA,QACA;AAAA,QACA,QAAQ;AAAA,QACR;AAAA,QACA,QAAQ;AAAA,QACR;AAAA,MACF;AAAA,IACF,SAAS,KAAK;AACZ,kBAAY;AAGZ,UAAI,eAAe,oBAAoB,eAAe,qBAAqB;AACzE,cAAM;AAAA,MACR;AACA,YAAM,SAAS,YAAY,cAAc;AACzC,UAAI,OAAQ;AAEZ,YAAM,UAAU,cAAc,OAAO,KAAK,cAAc,cAAc,SAAS,CAAC,KAAK;AACrF,YAAM,qBAAqB,KAAK,IAAI,IAAI;AACxC,YAAM,YAAY,kBAAkB;AACpC,UAAI,aAAa,EAAG;AACpB,YAAM,gBAAgB,KAAK,IAAI,SAAS,SAAS;AACjD,YAAM,MAAM,eAAe,WAAW,QAAQ,MAAM;AAAA,IACtD;AAAA,EACF;AAEA,MAAI,qBAAqB,oBAAqB,OAAM;AACpD,QAAM,IAAI;AAAA,IACR,qBAAqB,QAAQ,UAAU,UAAU;AAAA,IACjD;AAAA,EACF;AACF;AAMA,SAAS,kBACP,KACA,SACA,SACA,WACA,QACA,aAC8B;AAC9B,SAAO,IAAI,QAA6B,CAAC,SAAS,WAAW;AAI3D,UAAM,eAAgD;AAAA,MACpD,GAAG;AAAA,MACH,kBAAkB,QAAQ;AAAA,IAC5B;AAEA,UAAM,aAAkC;AAAA,MACtC,QAAQ;AAAA,MACR,UAAU,IAAI;AAAA,MACd,MAAM,IAAI,SAAS,KAAK,SAAY,OAAO,IAAI,IAAI;AAAA,MACnD,MAAM,GAAG,IAAI,QAAQ,GAAG,IAAI,MAAM;AAAA,MAClC,SAAS;AAAA;AAAA;AAAA;AAAA,MAIT,SAAS;AAAA,IACX;AAEA,QAAI,UAAU;AAId,QAAI,UAAU,MAAY;AAAA,IAAC;AAC3B,UAAM,SAAS,CAAC,OAAyB;AACvC,UAAI,QAAS;AACb,gBAAU;AACV,cAAQ;AACR,SAAG;AAAA,IACL;AAEA,UAAM,MAAM,YAAY,YAAY,CAAC,QAAyB;AAC5D,YAAM,SAAmB,CAAC;AAC1B,UAAI,GAAG,QAAQ,CAAC,UAA2B;AACzC,eAAO,KAAK,OAAO,UAAU,WAAW,OAAO,KAAK,OAAO,OAAO,IAAI,KAAK;AAAA,MAC7E,CAAC;AACD,UAAI,GAAG,OAAO,MAAM;AAClB,cAAM,MAAM,OAAO,OAAO,MAAM,EAAE,SAAS,OAAO;AAClD,cAAM,SAAS,IAAI,cAAc;AACjC,YAAI,SAAS,OAAO,UAAU,KAAK;AACjC,iBAAO,MAAM,OAAO,IAAI,iBAAiB,QAAQ,GAAG,CAAC,CAAC;AACtD;AAAA,QACF;AAEA,YAAI,WAAW,OAAO,IAAI,WAAW,GAAG;AACtC,iBAAO,MAAM,QAAQ,EAAE,QAAQ,MAAM,QAAW,IAAI,CAAC,CAAC;AACtD;AAAA,QACF;AACA,YAAI;AACF,gBAAM,SAAS,KAAK,MAAM,GAAG;AAC7B,iBAAO,MAAM,QAAQ,EAAE,QAAQ,MAAM,QAAQ,IAAI,CAAC,CAAC;AAAA,QACrD,SAAS,KAAK;AACZ,iBAAO,MAAM,OAAO,IAAI,oBAAoB,QAAQ,GAAG,CAAC,CAAC;AAAA,QAC3D;AAAA,MACF,CAAC;AACD,UAAI,GAAG,SAAS,CAAC,QAAQ;AACvB,eAAO,MAAM,OAAO,IAAI,oBAAoB,0BAA0B,IAAI,OAAO,IAAI,GAAG,CAAC,CAAC;AAAA,MAC5F,CAAC;AAAA,IACH,CAAC;AAKD,UAAM,QAAQ,WAAW,MAAM;AAC7B,aAAO,MAAM;AACX,YAAI,QAAQ,IAAI,MAAM,mBAAmB,CAAC;AAC1C,eAAO,IAAI,oBAAoB,2BAA2B,SAAS,IAAI,CAAC;AAAA,MAC1E,CAAC;AAAA,IACH,GAAG,SAAS;AAEZ,QAAI,OAAO,MAAM,UAAU,WAAY,OAAM,MAAM;AAInD,UAAM,UAAU,MAAY;AAC1B,aAAO,MAAM;AACX,YAAI,QAAQ,IAAI,MAAM,SAAS,CAAC;AAChC,eAAO,IAAI,oBAAoB,iBAAiB,CAAC;AAAA,MACnD,CAAC;AAAA,IACH;AAMA,cAAU,MAAY;AACpB,mBAAa,KAAK;AAClB,UAAI,WAAW,QAAW;AACxB,eAAO,oBAAoB,SAAS,OAAO;AAAA,MAC7C;AAAA,IACF;AAEA,QAAI,GAAG,SAAS,CAAC,QAAQ;AACvB,aAAO,MAAM,OAAO,IAAI,oBAAoB,iBAAiB,IAAI,OAAO,IAAI,GAAG,CAAC,CAAC;AAAA,IACnF,CAAC;AAED,QAAI,GAAG,WAAW,MAAM;AACtB,aAAO,MAAM;AACX,YAAI,QAAQ,IAAI,MAAM,mBAAmB,CAAC;AAC1C,eAAO,IAAI,oBAAoB,2BAA2B,SAAS,IAAI,CAAC;AAAA,MAC1E,CAAC;AAAA,IACH,CAAC;AAED,QAAI,WAAW,QAAW;AACxB,UAAI,OAAO,SAAS;AAClB,YAAI,QAAQ,IAAI,MAAM,SAAS,CAAC;AAChC,eAAO,MAAM,OAAO,IAAI,oBAAoB,iBAAiB,CAAC,CAAC;AAC/D;AAAA,MACF;AACA,aAAO,iBAAiB,SAAS,SAAS,EAAE,MAAM,KAAK,CAAC;AAAA,IAC1D;AAEA,QAAI,IAAI,OAAO;AAAA,EACjB,CAAC;AACH;AAWA,SAAS,MACP,IACA,WACA,QACe;AACf,SAAO,IAAI,QAAc,CAAC,SAAS,WAAW;AAC5C,QAAI,UAAU;AAGd,QAAI,UAAU,MAAY;AAAA,IAAC;AAC3B,UAAM,SAAS,CAAC,OAAyB;AACvC,UAAI,QAAS;AACb,gBAAU;AACV,cAAQ;AACR,SAAG;AAAA,IACL;AACA,UAAM,UAAU,MAAY;AAC1B,aAAO,MAAM,OAAO,IAAI,oBAAoB,iBAAiB,CAAC,CAAC;AAAA,IACjE;AACA,UAAM,QAAQ,UAAU,MAAM;AAC5B,aAAO,OAAO;AAAA,IAChB,GAAG,EAAE;AACL,QAAI,OAAO,MAAM,UAAU,WAAY,OAAM,MAAM;AACnD,cAAU,MAAY;AAGpB,mBAAa,KAAkC;AAC/C,UAAI,WAAW,QAAW;AACxB,eAAO,oBAAoB,SAAS,OAAO;AAAA,MAC7C;AAAA,IACF;AACA,QAAI,WAAW,QAAW;AACxB,UAAI,OAAO,SAAS;AAClB,gBAAQ;AACR;AAAA,MACF;AACA,aAAO,iBAAiB,SAAS,SAAS,EAAE,MAAM,KAAK,CAAC;AAAA,IAC1D;AAAA,EACF,CAAC;AACH;;;ACvZA,IAAM,iBAAiB;AACvB,IAAM,cAAc;AACpB,IAAM,uBAAuB,KAAK,KAAK,KAAK;AAC5C,IAAM,kBAAkB;AAMxB,IAAI;AAEJ,eAAe,kBAA+G;AAC5H,MAAI,qBAAqB,OAAW,QAAO;AAC3C,MAAI;AACF,UAAM,CAAC,IAAI,IAAI,IAAI,MAAM,QAAQ,IAAI;AAAA,MACnC,OAAO,kBAAkB;AAAA,MACzB,OAAO,WAAW;AAAA,IACpB,CAAC;AACD,uBAAmB,EAAE,IAAI,KAAK;AAC9B,WAAO;AAAA,EACT,QAAQ;AACN,uBAAmB;AACnB,WAAO;AAAA,EACT;AACF;AAOA,SAAS,mBAA0H;AACjI,MAAI;AAEF,UAAM,KAAK,UAAQ,SAAS;AAE5B,UAAM,OAAO,UAAQ,WAAW;AAChC,WAAO,EAAE,cAAc,GAAG,cAAc,MAAM,KAAK,KAAK;AAAA,EAC1D,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAWA,IAAI,oBAA4C;AAGhD,IAAI,gBAAwC;AAG5C,IAAI,qBAAqB;AAGzB,IAAI,mBAAmB;AAGvB,IAAI,oBAAoB;AAOjB,SAAS,iBAAiB,aAA8C;AAC7E,QAAM,UAAU,iBAAiB;AACjC,MAAI,CAAC,QAAS,QAAO;AAErB,QAAM,OAAO,eAAe,QAAQ,IAAI;AACxC,QAAM,aAAa,QAAQ,KAAK,MAAM,gBAAgB,WAAW;AAEjE,MAAI;AAEF,UAAM,UAAU,QAAQ,aAAa,YAAY,OAAO;AACxD,UAAM,SAAS,KAAK,MAAM,OAAO;AACjC,UAAM,SAAS,sBAAsB,MAAM,MAAM;AAGjD,UAAM,MAAM,KAAK,IAAI,IAAI,OAAO;AAChC,QAAI,MAAM,sBAAsB;AAC9B,cAAQ;AAAA,QACN,iCAAiC,KAAK,MAAM,MAAM,IAAO,CAAC;AAAA,MAC5D;AAAA,IACF;AAGA,UAAM,SAAS,sBAAsB,UAAU,OAAO,QAAQ;AAC9D,QAAI,OAAO,SAAS;AAClB,uBAAiB,OAAO,QAAQ;AAChC,aAAO,OAAO;AAAA,IAChB;AAEA,YAAQ,KAAK,+DAA+D;AAC5E,WAAO;AAAA,EACT,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAaA,eAAsB,iBACpB,UACA,aACe;AACf,QAAM,UAAU,MAAM,gBAAgB;AACtC,MAAI,CAAC,QAAS;AAEd,QAAM,OAAO,eAAe,QAAQ,IAAI;AACxC,QAAM,UAAU,QAAQ,KAAK,KAAK,MAAM,cAAc;AACtD,QAAM,aAAa,QAAQ,KAAK,KAAK,SAAS,WAAW;AACzD,QAAM,UAAU,GAAG,UAAU;AAE7B,MAAI;AACF,UAAM,QAAQ,GAAG,MAAM,SAAS,EAAE,WAAW,MAAM,MAAM,IAAM,CAAC;AAChE,UAAM,QAAQ,GAAG,MAAM,SAAS,GAAK;AACrC,UAAM,SAAS;AAAA,MACb;AAAA,MACA,UAAU,KAAK,IAAI;AAAA,IACrB;AAIA,UAAM,QAAQ,GAAG,UAAU,SAAS,KAAK,UAAU,MAAM,GAAG;AAAA,MAC1D,UAAU;AAAA,MACV,MAAM;AAAA,IACR,CAAC;AACD,QAAI;AACF,YAAM,QAAQ,GAAG,MAAM,SAAS,GAAK;AACrC,YAAM,QAAQ,GAAG,OAAO,SAAS,UAAU;AAAA,IAC7C,SAAS,WAAW;AAElB,UAAI;AACF,cAAM,QAAQ,GAAG,OAAO,OAAO;AAAA,MACjC,QAAQ;AAAA,MAER;AACA,YAAM;AAAA,IACR;AAGA,UAAM,QAAQ,GAAG,MAAM,YAAY,GAAK;AAAA,EAC1C,SAAS,KAAK;AACZ,YAAQ;AAAA,MACN,0CAA0C,UAAU,KAAK,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG,CAAC;AAAA,IAC3G;AAAA,EACF;AACF;AAaA,eAAsB,gBACpB,QACA,SACA,YACA,aACA,cACA,aACA,QAC0B;AAG1B,QAAM,eAAe,OAAO,UAAU;AACtC,MAAI,CAAC,cAAc;AACjB,UAAM,IAAI,MAAM,uCAAuC;AAAA,EACzD;AAGA,QAAM,UAAmC;AAAA,IACvC;AAAA,EACF;AAGA,MAAI,OAAO,UAAU,SAAS;AAC5B,YAAQ,UAAU;AAAA,EACpB;AAEA,MAAI,OAAO,aAAa;AACtB,YAAQ,cAAc,OAAO;AAAA,EAC/B;AACA,MAAI,aAAa;AACf,YAAQ,cAAc;AAAA,EACxB;AACA,MAAI,cAAc;AAChB,YAAQ,eAAe;AAAA,EACzB;AACA,MAAI,aAAa;AACf,YAAQ,cAAc;AAAA,EACxB;AAEA,QAAM,MAAM,GAAG,OAAO,QAAQ;AAE9B,QAAM,YAAY,qBAAqB;AACvC,MAAI;AACJ,MAAI;AACF,aAAS,MAAM,UAAU,KAAK,SAAS;AAAA,MACrC,SAAS;AAAA,QACP,gBAAgB;AAAA,QAChB,eAAe,UAAU,YAAY;AAAA,MACvC;AAAA,MACA,WAAW;AAAA,MACX;AAAA,IACF,CAAC;AAAA,EACH,SAAS,KAAK;AACZ,QAAI,eAAe,kBAAkB;AACnC,YAAM,QAAQ,IAAI,MAAM,mCAAmC,IAAI,MAAM,EAAE;AACvE,MAAC,MAA6C,SAAS,IAAI;AAC3D,YAAM;AAAA,IACR;AACA,QAAI,eAAe,qBAAqB;AAGtC,YAAM,QAAQ,IAAI;AAClB,UAAI,iBAAiB,YAAa,OAAM;AACxC,YAAM;AAAA,IACR;AACA,QAAI,eAAe,qBAAqB;AAEtC,YAAM;AAAA,IACR;AACA,UAAM;AAAA,EACR;AAEA,SAAO,sBAAsB,MAAM,OAAO,IAAI;AAChD;AAoBA,eAAsB,gBACpB,WACA,aACe;AACf,QAAM,UAAU,MAAM,gBAAgB;AAEtC,MAAI,SAAS;AACX,UAAM,OAAO,eAAe,QAAQ,IAAI;AACxC,UAAM,eAAe,QAAQ,KAAK,KAAK,MAAM,YAAY;AAGzD,QAAI,kBAAkB;AACtB,QAAI;AACF,UAAI;AACJ,UAAI;AACF,kBAAU,MAAM,QAAQ,GAAG,SAAS,cAAc,OAAO;AAEzD,YAAI,0BAA0B,KAAK,OAAO,GAAG;AAC3C,oBAAU,QAAQ;AAAA,YAChB;AAAA,YACA,sBAAsB,SAAS;AAAA,UACjC;AAAA,QACF,OAAO;AAEL,cAAI,QAAQ,SAAS,KAAK,CAAC,QAAQ,SAAS,IAAI,GAAG;AACjD,uBAAW;AAAA,UACb;AACA,qBAAW,sBAAsB,SAAS;AAAA;AAAA,QAC5C;AAAA,MACF,SAAS,SAAkB;AAIzB,cAAM,OAAO,mBAAmB,QAAS,QAAkC,OAAO;AAClF,YAAI,SAAS,UAAU;AACrB,gBAAM;AAAA,QACR;AACA,kBAAU,sBAAsB,SAAS;AAAA;AAAA,MAC3C;AAEA,YAAM,QAAQ,GAAG,UAAU,cAAc,SAAS,EAAE,UAAU,SAAS,MAAM,IAAM,CAAC;AACpF,YAAM,QAAQ,GAAG,MAAM,cAAc,GAAK;AAC1C,wBAAkB;AAAA,IACpB,QAAQ;AAAA,IAER;AAEA,QAAI,iBAAiB;AACnB,UAAI;AACF,gBAAQ,OAAO;AAAA,UACb;AAAA,QACF;AAAA,MACF,QAAQ;AAAA,MAA8B;AACtC;AAAA,IACF;AAGA,QAAI,oBAAoB;AACxB,QAAI;AACF,YAAM,UAAU,QAAQ,KAAK,KAAK,MAAM,cAAc;AACtD,YAAM,QAAQ,GAAG,MAAM,SAAS,EAAE,WAAW,MAAM,MAAM,IAAM,CAAC;AAChE,YAAM,QAAQ,GAAG,MAAM,SAAS,GAAK;AACrC,YAAM,iBAAiB,QAAQ,KAAK,KAAK,SAAS,aAAa;AAC/D,YAAM,QAAQ,GAAG,UAAU,gBAAgB,WAAW;AAAA,QACpD,UAAU;AAAA,QACV,MAAM;AAAA,MACR,CAAC;AACD,YAAM,QAAQ,GAAG,MAAM,gBAAgB,GAAK;AAC5C,0BAAoB;AAAA,IACtB,QAAQ;AAAA,IAER;AAEA,QAAI,mBAAmB;AACrB,UAAI;AACF,gBAAQ,OAAO;AAAA,UACb;AAAA,QACF;AAAA,MACF,QAAQ;AAAA,MAA8B;AACtC;AAAA,IACF;AAAA,EACF;AAGA,MAAI;AACF,YAAQ,OAAO;AAAA,MACb;AAAA,IACF;AAAA,EACF,QAAQ;AAAA,EAA8B;AACxC;AAYA,eAAsB,YACpB,QACA,SACA,YACA,cACiC;AACjC,sBAAoB;AAGpB,MAAI,kBAAkB;AACpB,uBAAmB;AACnB,WAAO;AAAA,EACT;AAOA,MAAI,kBAAkB;AAEtB,MAAI;AACF,UAAM,eAAe,OAAO,UAAU;AACtC,QAAI,CAAC,cAAc;AACjB,cAAQ,KAAK,qDAAqD;AAClE,aAAO;AAAA,IACT;AAOA,QAAI;AAEF,YAAM,SAAS,MAAM;AAAA,QACnB;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA,gBAAgB;AAAA,QAChB;AAAA,MACF;AAGA,sBAAgB;AAChB,uBAAiB,KAAK,IAAI,CAAC;AAC3B,UAAI,cAAc;AAChB,gCAAwB,YAAY;AAAA,MACtC;AACA,0BAAoB;AAGpB,YAAM,iBAAiB,MAAM;AAG7B,UAAI,OAAO,aAAa;AACtB,YAAI;AACF,gBAAM,gBAAgB,OAAO,YAAY,SAAS;AAAA,QACpD,QAAQ;AAAA,QAGR;AACA,eAAO,EAAE,aAAa,OAAO,YAAY;AAAA,MAC3C;AAEA,aAAO;AAAA,IACT,SAAS,KAAK;AACZ,wBAAkB;AAClB,wBAAkB;AAKlB,UAAI,eAAe,qBAAqB;AACtC,YAAI,qBAAqB,KAAK,IAAI,OAAO,GAAG;AAC1C,kBAAQ,KAAK,6DAA6D;AAAA,QAC5E,OAAO;AACL,kBAAQ,KAAK,uCAAuC,IAAI,OAAO,EAAE;AAAA,QACnE;AACA,eAAO;AAAA,MACT;AAGA,YAAM,SAAU,IAAgC;AAChD,UAAI,WAAW,KAAK;AAClB,gBAAQ;AAAA,UACN;AAAA,QACF;AACA,eAAO;AAAA,MACT;AAEA,UAAI,WAAW,KAAK;AAClB,gBAAQ,KAAK,mDAAmD;AAChE,2BAAmB;AACnB,eAAO;AAAA,MACT;AAEA,UAAI,OAAO,WAAW,YAAY,UAAU,KAAK;AAC/C,gBAAQ;AAAA,UACN,gDAAgD,MAAM;AAAA,QACxD;AACA,eAAO;AAAA,MACT;AAOA,UAAI,eAAe,SAAS,IAAI,SAAS,YAAY;AACnD,gBAAQ;AAAA,UACN;AAAA,QACF;AACA,eAAO;AAAA,MACT;AAGA,cAAQ;AAAA,QACN,uCAAuC,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG,CAAC;AAAA,MACzF;AACA,aAAO;AAAA,IACT;AAAA,EACF,SAAS,KAAK;AAIZ,QAAI,CAAC,iBAAiB;AACpB,wBAAkB;AAAA,IACpB;AAIA,QAAI;AACF,cAAQ;AAAA,QACN,uCAAuC,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG,CAAC;AAAA,MACzF;AAAA,IACF,QAAQ;AAAA,IAA6C;AAAA,EACvD;AAEA,SAAO;AACT;AAYO,SAAS,kBAAiC;AAE/C,MAAI,eAAe;AACjB,WAAO,cAAc;AAAA,EACvB;AAGA,MAAI,CAAC,oBAAoB;AACvB,yBAAqB;AACrB,UAAM,SAAS,iBAAiB;AAChC,QAAI,QAAQ;AACV,sBAAgB;AAChB,aAAO,OAAO;AAAA,IAChB;AAAA,EACF;AAGA,SAAO,EAAE,GAAG,uBAAuB;AACrC;AASO,SAAS,qBAAyC;AACvD,SAAO,eAAe;AACxB;AAUO,SAAS,iBAAiD;AAC/D,SAAO,eAAe;AACxB;AA4BO,SAAS,kBAAkB,QAA+B;AAC/D,kBAAgB;AAClB;AAcO,SAAS,uBAAgC;AAC9C,MAAI,kBAAkB;AACpB,uBAAmB;AACnB,WAAO;AAAA,EACT;AACA,SAAO;AACT;AAOO,SAAS,qBAA8B;AAC5C,SAAO;AACT;AAuCA,eAAsB,oBACpB,QACA,SACA,YAC2B;AAC3B,MAAI;AACF,UAAM,WAAW,MAAM,gBAAgB,QAAQ,SAAS,UAAU;AAClE,WAAO,EAAE,IAAI,MAAM,SAAS;AAAA,EAC9B,SAAS,KAAK;AAEZ,UAAM,SAAU,IAAgC;AAChD,QAAI,OAAO,WAAW,UAAU;AAC9B,aAAO;AAAA,QACL,IAAI;AAAA,QACJ,QAAQ;AAAA,QACR;AAAA,QACA,QAAQ,wBAAwB,MAAM;AAAA,MACxC;AAAA,IACF;AAKA,QAAI,eAAe,UAAU,IAAI,SAAS,cAAc,IAAI,SAAS,gBAAgB;AACnF,aAAO;AAAA,QACL,IAAI;AAAA,QACJ,QAAQ;AAAA,QACR,QAAQ;AAAA,MACV;AAAA,IACF;AASA,UAAM,aAAa,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG;AAClE,UAAM,SAAS,WAAW,WAAW,gBAAgB,IACjD,WAAW,MAAM,iBAAiB,MAAM,IACxC;AACJ,WAAO,EAAE,IAAI,OAAO,QAAQ,aAAa,OAAO;AAAA,EAClD;AACF;","names":[]}

package/dist/chunk-DXRZKKSO.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"sources":["../src/cli/constants.ts"],"sourcesContent":["import type { DetectedAgent } from \"../agent-detection/detect.js\";\n\n/** Glasstrace MCP endpoint for agent configuration. */\nexport const MCP_ENDPOINT = \"https://api.glasstrace.dev/mcp\";\n\n/** Next.js config file names in priority order. */\nexport const NEXT_CONFIG_NAMES = [\"next.config.ts\", \"next.config.js\", \"next.config.mjs\"] as const;\n\n/** Maps internal agent name to a human-readable display name. */\nexport function formatAgentName(name: DetectedAgent[\"name\"]): string {\n const displayNames: Record<DetectedAgent[\"name\"], string> = {\n claude: \"Claude Code\",\n codex: \"Codex\",\n gemini: \"Gemini\",\n cursor: \"Cursor\",\n windsurf: \"Windsurf\",\n generic: \"Generic\",\n };\n return displayNames[name];\n}\n"],"mappings":";AAGO,IAAM,eAAe;AAGrB,IAAM,oBAAoB,CAAC,kBAAkB,kBAAkB,iBAAiB;AAGhF,SAAS,gBAAgB,MAAqC;AACnE,QAAM,eAAsD;AAAA,IAC1D,QAAQ;AAAA,IACR,OAAO;AAAA,IACP,QAAQ;AAAA,IACR,QAAQ;AAAA,IACR,UAAU;AAAA,IACV,SAAS;AAAA,EACX;AACA,SAAO,aAAa,IAAI;AAC1B;","names":[]}

package/dist/chunk-HAU66QBQ.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"sources":["../src/agent-detection/detect.ts","../src/agent-detection/configs.ts","../src/agent-detection/inject.ts"],"sourcesContent":["import { execFile } from \"node:child_process\";\nimport { access, stat } from \"node:fs/promises\";\nimport { dirname, join, resolve } from \"node:path\";\nimport { homedir } from \"node:os\";\nimport { constants } from \"node:fs\";\n\n/**\n * Describes an AI coding agent detected in a project.\n */\nexport interface DetectedAgent {\n name: \"claude\" | \"codex\" | \"gemini\" | \"cursor\" | \"windsurf\" | \"generic\";\n mcpConfigPath: string | null;\n infoFilePath: string | null;\n cliAvailable: boolean;\n registrationCommand: string | null;\n}\n\ntype AgentName = DetectedAgent[\"name\"];\n\ninterface AgentRule {\n name: AgentName;\n /** Paths relative to a search directory that indicate this agent is present. */\n markers: string[];\n /** Function to compute the MCP config path given the directory where markers were found. */\n mcpConfigPath: (markerDir: string) => string;\n /** Function to compute the info file path, or null. */\n infoFilePath: (markerDir: string) => string | null;\n /** CLI binary name to check in PATH, or null if no CLI exists. */\n cliBinary: string | null;\n /** Registration command template, or null. */\n registrationCommand: string | null;\n}\n\nconst AGENT_RULES: AgentRule[] = [\n {\n name: \"claude\",\n markers: [\".claude\", \"CLAUDE.md\"],\n mcpConfigPath: (dir) => join(dir, \".mcp.json\"),\n infoFilePath: (dir) => join(dir, \"CLAUDE.md\"),\n cliBinary: \"claude\",\n registrationCommand: \"npx glasstrace mcp add --agent claude\",\n },\n {\n name: \"codex\",\n markers: [\"codex.md\", \".codex\"],\n mcpConfigPath: (dir) => join(dir, \".codex\", \"config.toml\"),\n infoFilePath: (dir) => join(dir, \"codex.md\"),\n cliBinary: \"codex\",\n registrationCommand: \"npx glasstrace mcp add --agent codex\",\n },\n {\n name: \"gemini\",\n markers: [\".gemini\"],\n mcpConfigPath: (dir) => join(dir, \".gemini\", \"settings.json\"),\n infoFilePath: () => null,\n cliBinary: \"gemini\",\n registrationCommand: \"npx glasstrace mcp add --agent gemini\",\n },\n {\n name: \"cursor\",\n markers: [\".cursor\", \".cursorrules\"],\n mcpConfigPath: (dir) => join(dir, \".cursor\", \"mcp.json\"),\n infoFilePath: (dir) => join(dir, \".cursorrules\"),\n cliBinary: null,\n registrationCommand: \"npx glasstrace mcp add --agent cursor\",\n },\n {\n name: \"windsurf\",\n markers: [\".windsurfrules\", \".windsurf\"],\n mcpConfigPath: () =>\n join(homedir(), \".codeium\", \"windsurf\", \"mcp_config.json\"),\n infoFilePath: (dir) => join(dir, \".windsurfrules\"),\n cliBinary: null,\n registrationCommand: \"npx glasstrace mcp add --agent windsurf\",\n },\n];\n\n/**\n * Checks whether a path exists and is accessible, following symlinks.\n * Returns false on permission errors or missing paths.\n *\n * @param mode - The access mode to check (defaults to R_OK for marker detection).\n */\nasync function pathExists(\n path: string,\n mode: number = constants.R_OK,\n): Promise<boolean> {\n try {\n await access(path, mode);\n return true;\n } catch {\n return false;\n }\n}\n\n/**\n * Finds the git root directory by walking up from the given path.\n * Returns the starting directory if no `.git` is found.\n */\nasync function findGitRoot(startDir: string): Promise<string> {\n let current = resolve(startDir);\n\n while (true) {\n if (await pathExists(join(current, \".git\"), constants.F_OK)) {\n return current;\n }\n const parent = dirname(current);\n if (parent === current) {\n // Reached filesystem root without finding .git\n break;\n }\n current = parent;\n }\n\n return resolve(startDir);\n}\n\n/**\n * Returns true if a CLI binary is available on PATH.\n * Uses `which` on Unix and `where` on Windows, via execFile (no shell injection).\n */\nfunction isCliAvailable(binary: string): Promise<boolean> {\n return new Promise((resolve) => {\n const command = process.platform === \"win32\" ? \"where\" : \"which\";\n execFile(command, [binary], (error) => {\n resolve(error === null);\n });\n });\n}\n\n/**\n * Detects AI coding agents present in a project by scanning for marker\n * files and directories. Walks up from projectRoot to the git root to\n * support monorepo layouts.\n *\n * Always includes a \"generic\" fallback entry.\n *\n * @param projectRoot - Absolute or relative path to the project directory.\n * @returns Array of detected agents, with generic always last.\n * @throws If projectRoot does not exist or is not a directory.\n */\nexport async function detectAgents(\n projectRoot: string,\n): Promise<DetectedAgent[]> {\n const resolvedRoot = resolve(projectRoot);\n\n // Validate projectRoot exists and is a directory\n let rootStat;\n try {\n rootStat = await stat(resolvedRoot);\n } catch (err) {\n const code = (err as NodeJS.ErrnoException).code;\n throw new Error(\n `projectRoot does not exist: ${resolvedRoot}` +\n (code ? ` (${code})` : \"\"),\n );\n }\n\n if (!rootStat.isDirectory()) {\n throw new Error(`projectRoot is not a directory: ${resolvedRoot}`);\n }\n\n const gitRoot = await findGitRoot(resolvedRoot);\n\n // Collect unique directories to search: projectRoot and every ancestor up to gitRoot\n const searchDirs: string[] = [];\n let current = resolvedRoot;\n while (true) {\n searchDirs.push(current);\n if (current === gitRoot) {\n break;\n }\n const parent = dirname(current);\n if (parent === current) {\n break;\n }\n current = parent;\n }\n\n const detected: DetectedAgent[] = [];\n const seenAgents = new Set<AgentName>();\n\n for (const rule of AGENT_RULES) {\n let foundDir: string | null = null;\n\n // Check each search directory for markers\n for (const dir of searchDirs) {\n let markerFound = false;\n for (const marker of rule.markers) {\n if (await pathExists(join(dir, marker))) {\n markerFound = true;\n break;\n }\n }\n if (markerFound) {\n foundDir = dir;\n break;\n }\n }\n\n if (foundDir === null) {\n continue;\n }\n\n if (seenAgents.has(rule.name)) {\n continue;\n }\n seenAgents.add(rule.name);\n\n // Determine info file path — only include if the file actually exists\n let infoFilePath = rule.infoFilePath(foundDir);\n if (infoFilePath !== null && !(await pathExists(infoFilePath))) {\n infoFilePath = null;\n }\n\n const cliAvailable = rule.cliBinary\n ? await isCliAvailable(rule.cliBinary)\n : false;\n\n detected.push({\n name: rule.name,\n mcpConfigPath: rule.mcpConfigPath(foundDir),\n infoFilePath,\n cliAvailable,\n registrationCommand: rule.registrationCommand,\n });\n }\n\n // Always include generic fallback\n detected.push({\n name: \"generic\",\n mcpConfigPath: join(resolvedRoot, \".glasstrace\", \"mcp.json\"),\n infoFilePath: null,\n cliAvailable: false,\n registrationCommand: null,\n });\n\n return detected;\n}\n","import type { DetectedAgent } from \"./detect.js\";\n\n/**\n * Generates the MCP server configuration content for a given agent.\n *\n * The output is the full file content suitable for writing to the agent's\n * MCP config file. Auth tokens are intentionally included here because\n * MCP config files are local-only and required for server authentication.\n *\n * @param agent - The detected agent to generate config for.\n * @param endpoint - The Glasstrace MCP endpoint URL.\n * @param anonKey - The anonymous API key for authentication.\n * @returns The formatted configuration string.\n * @throws If endpoint or anonKey is empty.\n */\nexport function generateMcpConfig(\n agent: DetectedAgent,\n endpoint: string,\n anonKey: string,\n): string {\n if (!endpoint || endpoint.trim() === \"\") {\n throw new Error(\"endpoint must not be empty\");\n }\n if (!anonKey || anonKey.trim() === \"\") {\n throw new Error(\"anonKey must not be empty\");\n }\n\n switch (agent.name) {\n case \"claude\":\n return JSON.stringify(\n {\n mcpServers: {\n glasstrace: {\n type: \"http\",\n url: endpoint,\n headers: {\n Authorization: `Bearer ${anonKey}`,\n },\n },\n },\n },\n null,\n 2,\n );\n\n case \"codex\": {\n // Escape TOML basic string special characters in the endpoint value.\n // TOML requires backslashes, quotes, and control characters to be escaped.\n const safeEndpoint = endpoint\n .replace(/\\\\/g, \"\\\\\\\\\")\n .replace(/\"/g, '\\\\\"')\n .replace(/\\n/g, \"\\\\n\")\n .replace(/\\r/g, \"\\\\r\")\n .replace(/\\t/g, \"\\\\t\");\n return [\n \"[mcp_servers.glasstrace]\",\n `url = \"${safeEndpoint}\"`,\n `bearer_token_env_var = \"GLASSTRACE_API_KEY\"`,\n \"\",\n ].join(\"\\n\");\n }\n\n case \"gemini\":\n return JSON.stringify(\n {\n mcpServers: {\n glasstrace: {\n httpUrl: endpoint,\n headers: {\n Authorization: `Bearer ${anonKey}`,\n },\n },\n },\n },\n null,\n 2,\n );\n\n case \"cursor\":\n return JSON.stringify(\n {\n mcpServers: {\n glasstrace: {\n url: endpoint,\n headers: {\n Authorization: `Bearer ${anonKey}`,\n },\n },\n },\n },\n null,\n 2,\n );\n\n case \"windsurf\":\n return JSON.stringify(\n {\n mcpServers: {\n glasstrace: {\n serverUrl: endpoint,\n headers: {\n Authorization: `Bearer ${anonKey}`,\n },\n },\n },\n },\n null,\n 2,\n );\n\n case \"generic\":\n return JSON.stringify(\n {\n mcpServers: {\n glasstrace: {\n url: endpoint,\n headers: {\n Authorization: `Bearer ${anonKey}`,\n },\n },\n },\n },\n null,\n 2,\n );\n\n default: {\n const _exhaustive: never = agent.name;\n throw new Error(`Unknown agent: ${_exhaustive}`);\n }\n }\n}\n\n/**\n * Marker pair used to delimit the Glasstrace section in agent info files.\n */\ninterface MarkerPair {\n start: string;\n end: string;\n}\n\nfunction htmlMarkers(): MarkerPair {\n return {\n start: \"\",\n end: \"\",\n };\n}\n\nfunction hashMarkers(): MarkerPair {\n return {\n start: \"# glasstrace:mcp:start\",\n end: \"# glasstrace:mcp:end\",\n };\n}\n\n/**\n * Generates informational content for an agent's instruction file.\n *\n * This content is designed to be appended to or inserted into agent-specific\n * instruction files (CLAUDE.md, .cursorrules, codex.md). It contains ONLY\n * the endpoint URL, tool descriptions, and setup instructions. Auth tokens\n * are NEVER included in this output.\n *\n * @param agent - The detected agent to generate info for.\n * @param endpoint - The Glasstrace MCP endpoint URL.\n * @returns The formatted info section string, or empty string for agents without a supported info file format.\n * @throws If endpoint is empty.\n */\nexport function generateInfoSection(\n agent: DetectedAgent,\n endpoint: string,\n): string {\n if (!endpoint || endpoint.trim() === \"\") {\n throw new Error(\"endpoint must not be empty\");\n }\n\n const content = [\n \"\",\n \"## Glasstrace MCP Integration\",\n \"\",\n `Glasstrace is configured as an MCP server at: ${endpoint}`,\n \"\",\n \"Available tools:\",\n \"- `get_latest_error` - Get the most recent error trace from the current session\",\n \"- `get_error_list` - List recent errors with filtering and pagination\",\n \"- `get_trace` - Get a specific trace by ID or URL pattern\",\n \"- `get_root_cause` - Get the full span tree and root cause analysis for an error\",\n \"- `get_test_suggestions` - Get test suggestions based on recent errors\",\n \"- `get_session_timeline` - Get the timeline of all traces in the current session\",\n \"\",\n \"To reconfigure, run: `npx glasstrace mcp add`\",\n \"\",\n ].join(\"\\n\");\n\n switch (agent.name) {\n case \"claude\": {\n const m = htmlMarkers();\n return `${m.start}\\n${content}${m.end}\\n`;\n }\n\n case \"codex\": {\n const m = htmlMarkers();\n return `${m.start}\\n${content}${m.end}\\n`;\n }\n\n case \"cursor\": {\n const m = hashMarkers();\n return `${m.start}\\n${content}${m.end}\\n`;\n }\n\n case \"gemini\":\n case \"windsurf\":\n case \"generic\":\n return \"\";\n\n default: {\n const _exhaustive: never = agent.name;\n throw new Error(`Unknown agent: ${_exhaustive}`);\n }\n }\n}\n","import { chmod, mkdir, readFile, writeFile } from \"node:fs/promises\";\nimport { dirname, isAbsolute, join } from \"node:path\";\nimport type { DetectedAgent } from \"./detect.js\";\n\n/** HTML comment markers used in markdown files (.md). */\nconst HTML_START = \"\";\nconst HTML_END = \"\";\n\n/** Hash-prefixed markers used in plain text files (.cursorrules). */\nconst HASH_START = \"# glasstrace:mcp:start\";\nconst HASH_END = \"# glasstrace:mcp:end\";\n\n/**\n * Determines whether an error is a filesystem permission or read-only error.\n * Covers EACCES (permission denied), EPERM (operation not permitted), and\n * EROFS (read-only filesystem) to handle containerized/mounted environments.\n */\nfunction isPermissionError(err: unknown): boolean {\n const code = (err as NodeJS.ErrnoException).code;\n return code === \"EACCES\" || code === \"EPERM\" || code === \"EROFS\";\n}\n\n/**\n * Writes MCP configuration content to an agent's config file path.\n *\n * Creates parent directories as needed and sets file permissions to 0o600\n * (owner read/write only) since config files may contain auth tokens.\n *\n * Fails gracefully: logs a warning to stderr on permission errors instead\n * of throwing.\n *\n * @param agent - The detected agent whose config path to write to.\n * @param content - The full configuration file content.\n * @param projectRoot - The project root (reserved for future use).\n */\nexport async function writeMcpConfig(\n agent: DetectedAgent,\n content: string,\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n projectRoot: string,\n): Promise<void> {\n if (agent.mcpConfigPath === null) {\n return;\n }\n\n const configPath = agent.mcpConfigPath;\n const parentDir = dirname(configPath);\n\n try {\n await mkdir(parentDir, { recursive: true });\n } catch (err: unknown) {\n if (isPermissionError(err)) {\n process.stderr.write(\n `Warning: cannot create directory ${parentDir}: permission denied\\n`,\n );\n return;\n }\n throw err;\n }\n\n try {\n await writeFile(configPath, content, { mode: 0o600 });\n } catch (err: unknown) {\n if (isPermissionError(err)) {\n process.stderr.write(\n `Warning: cannot write config file ${configPath}: permission denied\\n`,\n );\n return;\n }\n throw err;\n }\n\n // Ensure permissions are set even if the file already existed\n // (writeFile mode only applies to newly created files on some platforms)\n try {\n await chmod(configPath, 0o600);\n } catch {\n // Best-effort; the writeFile mode should have handled this\n }\n}\n\n/**\n * Finds existing marker boundaries in file content.\n *\n * Searches for both HTML comment and hash-prefixed marker formats,\n * since an existing file might use either convention.\n *\n * @returns The start and end indices (line-level) and the matched markers,\n * or null if no complete marker pair is found.\n */\nfunction findMarkerBoundaries(\n lines: string[],\n): { startIdx: number; endIdx: number } | null {\n let startIdx = -1;\n let endIdx = -1;\n\n for (let i = 0; i < lines.length; i++) {\n const trimmed = lines[i].trim();\n if (trimmed === HTML_START || trimmed === HASH_START) {\n startIdx = i;\n } else if (trimmed === HTML_END || trimmed === HASH_END) {\n if (startIdx !== -1) {\n endIdx = i;\n break;\n }\n }\n }\n\n if (startIdx === -1 || endIdx === -1) {\n return null;\n }\n\n return { startIdx, endIdx };\n}\n\n/**\n * Injects an informational section into an agent's instruction file.\n *\n * Uses marker comments to enable idempotent updates:\n * - If the file contains marker pairs, replaces content between them.\n * - If the file exists but has no markers, appends the section.\n * - If the file does not exist, creates it with the section content.\n *\n * Fails gracefully: logs a warning to stderr on read-only files instead\n * of throwing.\n *\n * @param agent - The detected agent whose info file to update.\n * @param content - The section content (including markers).\n * @param projectRoot - The project root (reserved for future use).\n */\nexport async function injectInfoSection(\n agent: DetectedAgent,\n content: string,\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n projectRoot: string,\n): Promise<void> {\n if (agent.infoFilePath === null) {\n return;\n }\n\n // Empty content means nothing to inject (e.g., agents without info sections)\n if (content === \"\") {\n return;\n }\n\n const filePath = agent.infoFilePath;\n\n let existingContent: string | null = null;\n try {\n existingContent = await readFile(filePath, \"utf-8\");\n } catch (err: unknown) {\n const code = (err as NodeJS.ErrnoException).code;\n if (code !== \"ENOENT\") {\n if (isPermissionError(err)) {\n process.stderr.write(\n `Warning: cannot read info file ${filePath}: permission denied\\n`,\n );\n return;\n }\n throw err;\n }\n }\n\n // File does not exist — create with section content\n if (existingContent === null) {\n try {\n await mkdir(dirname(filePath), { recursive: true });\n await writeFile(filePath, content, \"utf-8\");\n } catch (err: unknown) {\n if (isPermissionError(err)) {\n process.stderr.write(\n `Warning: cannot write info file ${filePath}: permission denied\\n`,\n );\n return;\n }\n throw err;\n }\n return;\n }\n\n // File exists — check for markers\n const lines = existingContent.split(\"\\n\");\n const boundaries = findMarkerBoundaries(lines);\n\n let newContent: string;\n if (boundaries !== null) {\n // Replace everything from start marker through end marker (inclusive)\n const before = lines.slice(0, boundaries.startIdx);\n const after = lines.slice(boundaries.endIdx + 1);\n // content already includes markers and trailing newline\n const contentWithoutTrailingNewline = content.endsWith(\"\\n\")\n ? content.slice(0, -1)\n : content;\n newContent = [...before, contentWithoutTrailingNewline, ...after].join(\"\\n\");\n } else {\n // No markers found — append with a blank line separator\n const separator = existingContent.endsWith(\"\\n\") ? \"\\n\" : \"\\n\\n\";\n newContent = existingContent + separator + content;\n }\n\n try {\n await writeFile(filePath, newContent, \"utf-8\");\n } catch (err: unknown) {\n if (isPermissionError(err)) {\n process.stderr.write(\n `Warning: cannot write info file ${filePath}: permission denied\\n`,\n );\n return;\n }\n throw err;\n }\n}\n\n/**\n * Ensures that the given paths are listed in the project's `.gitignore`.\n *\n * Only adds entries for paths that are not already present. Creates the\n * `.gitignore` file if it does not exist. Skips absolute paths (e.g.,\n * Windsurf's global config) since those are outside the project tree.\n *\n * Fails gracefully: logs a warning to stderr on permission errors.\n *\n * @param paths - Relative paths to ensure are gitignored.\n * @param projectRoot - The project root directory.\n */\nexport async function updateGitignore(\n paths: string[],\n projectRoot: string,\n): Promise<void> {\n const gitignorePath = join(projectRoot, \".gitignore\");\n\n // Filter out absolute paths — they reference locations outside the project\n // Uses isAbsolute() to handle both POSIX and Windows path formats\n const relativePaths = paths.filter((p) => !isAbsolute(p));\n\n if (relativePaths.length === 0) {\n return;\n }\n\n let existingContent = \"\";\n try {\n existingContent = await readFile(gitignorePath, \"utf-8\");\n } catch (err: unknown) {\n const code = (err as NodeJS.ErrnoException).code;\n if (code !== \"ENOENT\") {\n if (isPermissionError(err)) {\n process.stderr.write(\n `Warning: cannot read .gitignore: permission denied\\n`,\n );\n return;\n }\n throw err;\n }\n }\n\n // Parse existing entries, trimming whitespace for comparison\n const existingLines = existingContent\n .split(\"\\n\")\n .map((line) => line.trim())\n .filter((line) => line !== \"\");\n\n const existingSet = new Set(existingLines);\n\n // Normalize entries: trim whitespace, convert backslashes to forward slashes\n // (git ignore patterns use / as separator; backslash is an escape character),\n // drop empties, and deduplicate against existing entries.\n const toAdd = relativePaths\n .map((p) => p.trim().replace(/\\\\/g, \"/\"))\n .filter((p) => p !== \"\" && !existingSet.has(p));\n\n if (toAdd.length === 0) {\n return;\n }\n\n // Ensure file ends with newline before appending\n let updatedContent = existingContent;\n if (updatedContent.length > 0 && !updatedContent.endsWith(\"\\n\")) {\n updatedContent += \"\\n\";\n }\n\n updatedContent += toAdd.join(\"\\n\") + \"\\n\";\n\n try {\n await writeFile(gitignorePath, updatedContent, \"utf-8\");\n } catch (err: unknown) {\n if (isPermissionError(err)) {\n process.stderr.write(\n `Warning: cannot write .gitignore: permission denied\\n`,\n );\n return;\n }\n throw err;\n }\n}\n"],"mappings":";AAAA,SAAS,gBAAgB;AACzB,SAAS,QAAQ,YAAY;AAC7B,SAAS,SAAS,MAAM,eAAe;AACvC,SAAS,eAAe;AACxB,SAAS,iBAAiB;AA6B1B,IAAM,cAA2B;AAAA,EAC/B;AAAA,IACE,MAAM;AAAA,IACN,SAAS,CAAC,WAAW,WAAW;AAAA,IAChC,eAAe,CAAC,QAAQ,KAAK,KAAK,WAAW;AAAA,IAC7C,cAAc,CAAC,QAAQ,KAAK,KAAK,WAAW;AAAA,IAC5C,WAAW;AAAA,IACX,qBAAqB;AAAA,EACvB;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,SAAS,CAAC,YAAY,QAAQ;AAAA,IAC9B,eAAe,CAAC,QAAQ,KAAK,KAAK,UAAU,aAAa;AAAA,IACzD,cAAc,CAAC,QAAQ,KAAK,KAAK,UAAU;AAAA,IAC3C,WAAW;AAAA,IACX,qBAAqB;AAAA,EACvB;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,SAAS,CAAC,SAAS;AAAA,IACnB,eAAe,CAAC,QAAQ,KAAK,KAAK,WAAW,eAAe;AAAA,IAC5D,cAAc,MAAM;AAAA,IACpB,WAAW;AAAA,IACX,qBAAqB;AAAA,EACvB;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,SAAS,CAAC,WAAW,cAAc;AAAA,IACnC,eAAe,CAAC,QAAQ,KAAK,KAAK,WAAW,UAAU;AAAA,IACvD,cAAc,CAAC,QAAQ,KAAK,KAAK,cAAc;AAAA,IAC/C,WAAW;AAAA,IACX,qBAAqB;AAAA,EACvB;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,SAAS,CAAC,kBAAkB,WAAW;AAAA,IACvC,eAAe,MACb,KAAK,QAAQ,GAAG,YAAY,YAAY,iBAAiB;AAAA,IAC3D,cAAc,CAAC,QAAQ,KAAK,KAAK,gBAAgB;AAAA,IACjD,WAAW;AAAA,IACX,qBAAqB;AAAA,EACvB;AACF;AAQA,eAAe,WACb,MACA,OAAe,UAAU,MACP;AAClB,MAAI;AACF,UAAM,OAAO,MAAM,IAAI;AACvB,WAAO;AAAA,EACT,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAMA,eAAe,YAAY,UAAmC;AAC5D,MAAI,UAAU,QAAQ,QAAQ;AAE9B,SAAO,MAAM;AACX,QAAI,MAAM,WAAW,KAAK,SAAS,MAAM,GAAG,UAAU,IAAI,GAAG;AAC3D,aAAO;AAAA,IACT;AACA,UAAM,SAAS,QAAQ,OAAO;AAC9B,QAAI,WAAW,SAAS;AAEtB;AAAA,IACF;AACA,cAAU;AAAA,EACZ;AAEA,SAAO,QAAQ,QAAQ;AACzB;AAMA,SAAS,eAAe,QAAkC;AACxD,SAAO,IAAI,QAAQ,CAACA,aAAY;AAC9B,UAAM,UAAU,QAAQ,aAAa,UAAU,UAAU;AACzD,aAAS,SAAS,CAAC,MAAM,GAAG,CAAC,UAAU;AACrC,MAAAA,SAAQ,UAAU,IAAI;AAAA,IACxB,CAAC;AAAA,EACH,CAAC;AACH;AAaA,eAAsB,aACpB,aAC0B;AAC1B,QAAM,eAAe,QAAQ,WAAW;AAGxC,MAAI;AACJ,MAAI;AACF,eAAW,MAAM,KAAK,YAAY;AAAA,EACpC,SAAS,KAAK;AACZ,UAAM,OAAQ,IAA8B;AAC5C,UAAM,IAAI;AAAA,MACR,+BAA+B,YAAY,MACxC,OAAO,KAAK,IAAI,MAAM;AAAA,IAC3B;AAAA,EACF;AAEA,MAAI,CAAC,SAAS,YAAY,GAAG;AAC3B,UAAM,IAAI,MAAM,mCAAmC,YAAY,EAAE;AAAA,EACnE;AAEA,QAAM,UAAU,MAAM,YAAY,YAAY;AAG9C,QAAM,aAAuB,CAAC;AAC9B,MAAI,UAAU;AACd,SAAO,MAAM;AACX,eAAW,KAAK,OAAO;AACvB,QAAI,YAAY,SAAS;AACvB;AAAA,IACF;AACA,UAAM,SAAS,QAAQ,OAAO;AAC9B,QAAI,WAAW,SAAS;AACtB;AAAA,IACF;AACA,cAAU;AAAA,EACZ;AAEA,QAAM,WAA4B,CAAC;AACnC,QAAM,aAAa,oBAAI,IAAe;AAEtC,aAAW,QAAQ,aAAa;AAC9B,QAAI,WAA0B;AAG9B,eAAW,OAAO,YAAY;AAC5B,UAAI,cAAc;AAClB,iBAAW,UAAU,KAAK,SAAS;AACjC,YAAI,MAAM,WAAW,KAAK,KAAK,MAAM,CAAC,GAAG;AACvC,wBAAc;AACd;AAAA,QACF;AAAA,MACF;AACA,UAAI,aAAa;AACf,mBAAW;AACX;AAAA,MACF;AAAA,IACF;AAEA,QAAI,aAAa,MAAM;AACrB;AAAA,IACF;AAEA,QAAI,WAAW,IAAI,KAAK,IAAI,GAAG;AAC7B;AAAA,IACF;AACA,eAAW,IAAI,KAAK,IAAI;AAGxB,QAAI,eAAe,KAAK,aAAa,QAAQ;AAC7C,QAAI,iBAAiB,QAAQ,CAAE,MAAM,WAAW,YAAY,GAAI;AAC9D,qBAAe;AAAA,IACjB;AAEA,UAAM,eAAe,KAAK,YACtB,MAAM,eAAe,KAAK,SAAS,IACnC;AAEJ,aAAS,KAAK;AAAA,MACZ,MAAM,KAAK;AAAA,MACX,eAAe,KAAK,cAAc,QAAQ;AAAA,MAC1C;AAAA,MACA;AAAA,MACA,qBAAqB,KAAK;AAAA,IAC5B,CAAC;AAAA,EACH;AAGA,WAAS,KAAK;AAAA,IACZ,MAAM;AAAA,IACN,eAAe,KAAK,cAAc,eAAe,UAAU;AAAA,IAC3D,cAAc;AAAA,IACd,cAAc;AAAA,IACd,qBAAqB;AAAA,EACvB,CAAC;AAED,SAAO;AACT;;;AC/NO,SAAS,kBACd,OACA,UACA,SACQ;AACR,MAAI,CAAC,YAAY,SAAS,KAAK,MAAM,IAAI;AACvC,UAAM,IAAI,MAAM,4BAA4B;AAAA,EAC9C;AACA,MAAI,CAAC,WAAW,QAAQ,KAAK,MAAM,IAAI;AACrC,UAAM,IAAI,MAAM,2BAA2B;AAAA,EAC7C;AAEA,UAAQ,MAAM,MAAM;AAAA,IAClB,KAAK;AACH,aAAO,KAAK;AAAA,QACV;AAAA,UACE,YAAY;AAAA,YACV,YAAY;AAAA,cACV,MAAM;AAAA,cACN,KAAK;AAAA,cACL,SAAS;AAAA,gBACP,eAAe,UAAU,OAAO;AAAA,cAClC;AAAA,YACF;AAAA,UACF;AAAA,QACF;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAAA,IAEF,KAAK,SAAS;AAGZ,YAAM,eAAe,SAClB,QAAQ,OAAO,MAAM,EACrB,QAAQ,MAAM,KAAK,EACnB,QAAQ,OAAO,KAAK,EACpB,QAAQ,OAAO,KAAK,EACpB,QAAQ,OAAO,KAAK;AACvB,aAAO;AAAA,QACL;AAAA,QACA,UAAU,YAAY;AAAA,QACtB;AAAA,QACA;AAAA,MACF,EAAE,KAAK,IAAI;AAAA,IACb;AAAA,IAEA,KAAK;AACH,aAAO,KAAK;AAAA,QACV;AAAA,UACE,YAAY;AAAA,YACV,YAAY;AAAA,cACV,SAAS;AAAA,cACT,SAAS;AAAA,gBACP,eAAe,UAAU,OAAO;AAAA,cAClC;AAAA,YACF;AAAA,UACF;AAAA,QACF;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAAA,IAEF,KAAK;AACH,aAAO,KAAK;AAAA,QACV;AAAA,UACE,YAAY;AAAA,YACV,YAAY;AAAA,cACV,KAAK;AAAA,cACL,SAAS;AAAA,gBACP,eAAe,UAAU,OAAO;AAAA,cAClC;AAAA,YACF;AAAA,UACF;AAAA,QACF;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAAA,IAEF,KAAK;AACH,aAAO,KAAK;AAAA,QACV;AAAA,UACE,YAAY;AAAA,YACV,YAAY;AAAA,cACV,WAAW;AAAA,cACX,SAAS;AAAA,gBACP,eAAe,UAAU,OAAO;AAAA,cAClC;AAAA,YACF;AAAA,UACF;AAAA,QACF;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAAA,IAEF,KAAK;AACH,aAAO,KAAK;AAAA,QACV;AAAA,UACE,YAAY;AAAA,YACV,YAAY;AAAA,cACV,KAAK;AAAA,cACL,SAAS;AAAA,gBACP,eAAe,UAAU,OAAO;AAAA,cAClC;AAAA,YACF;AAAA,UACF;AAAA,QACF;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAAA,IAEF,SAAS;AACP,YAAM,cAAqB,MAAM;AACjC,YAAM,IAAI,MAAM,kBAAkB,WAAW,EAAE;AAAA,IACjD;AAAA,EACF;AACF;AAUA,SAAS,cAA0B;AACjC,SAAO;AAAA,IACL,OAAO;AAAA,IACP,KAAK;AAAA,EACP;AACF;AAEA,SAAS,cAA0B;AACjC,SAAO;AAAA,IACL,OAAO;AAAA,IACP,KAAK;AAAA,EACP;AACF;AAeO,SAAS,oBACd,OACA,UACQ;AACR,MAAI,CAAC,YAAY,SAAS,KAAK,MAAM,IAAI;AACvC,UAAM,IAAI,MAAM,4BAA4B;AAAA,EAC9C;AAEA,QAAM,UAAU;AAAA,IACd;AAAA,IACA;AAAA,IACA;AAAA,IACA,iDAAiD,QAAQ;AAAA,IACzD;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,EAAE,KAAK,IAAI;AAEX,UAAQ,MAAM,MAAM;AAAA,IAClB,KAAK,UAAU;AACb,YAAM,IAAI,YAAY;AACtB,aAAO,GAAG,EAAE,KAAK;AAAA,EAAK,OAAO,GAAG,EAAE,GAAG;AAAA;AAAA,IACvC;AAAA,IAEA,KAAK,SAAS;AACZ,YAAM,IAAI,YAAY;AACtB,aAAO,GAAG,EAAE,KAAK;AAAA,EAAK,OAAO,GAAG,EAAE,GAAG;AAAA;AAAA,IACvC;AAAA,IAEA,KAAK,UAAU;AACb,YAAM,IAAI,YAAY;AACtB,aAAO,GAAG,EAAE,KAAK;AAAA,EAAK,OAAO,GAAG,EAAE,GAAG;AAAA;AAAA,IACvC;AAAA,IAEA,KAAK;AAAA,IACL,KAAK;AAAA,IACL,KAAK;AACH,aAAO;AAAA,IAET,SAAS;AACP,YAAM,cAAqB,MAAM;AACjC,YAAM,IAAI,MAAM,kBAAkB,WAAW,EAAE;AAAA,IACjD;AAAA,EACF;AACF;;;AC5NA,SAAS,OAAO,OAAO,UAAU,iBAAiB;AAClD,SAAS,WAAAC,UAAS,YAAY,QAAAC,aAAY;AAI1C,IAAM,aAAa;AACnB,IAAM,WAAW;AAGjB,IAAM,aAAa;AACnB,IAAM,WAAW;AAOjB,SAAS,kBAAkB,KAAuB;AAChD,QAAM,OAAQ,IAA8B;AAC5C,SAAO,SAAS,YAAY,SAAS,WAAW,SAAS;AAC3D;AAeA,eAAsB,eACpB,OACA,SAEA,aACe;AACf,MAAI,MAAM,kBAAkB,MAAM;AAChC;AAAA,EACF;AAEA,QAAM,aAAa,MAAM;AACzB,QAAM,YAAYD,SAAQ,UAAU;AAEpC,MAAI;AACF,UAAM,MAAM,WAAW,EAAE,WAAW,KAAK,CAAC;AAAA,EAC5C,SAAS,KAAc;AACrB,QAAI,kBAAkB,GAAG,GAAG;AAC1B,cAAQ,OAAO;AAAA,QACb,oCAAoC,SAAS;AAAA;AAAA,MAC/C;AACA;AAAA,IACF;AACA,UAAM;AAAA,EACR;AAEA,MAAI;AACF,UAAM,UAAU,YAAY,SAAS,EAAE,MAAM,IAAM,CAAC;AAAA,EACtD,SAAS,KAAc;AACrB,QAAI,kBAAkB,GAAG,GAAG;AAC1B,cAAQ,OAAO;AAAA,QACb,qCAAqC,UAAU;AAAA;AAAA,MACjD;AACA;AAAA,IACF;AACA,UAAM;AAAA,EACR;AAIA,MAAI;AACF,UAAM,MAAM,YAAY,GAAK;AAAA,EAC/B,QAAQ;AAAA,EAER;AACF;AAWA,SAAS,qBACP,OAC6C;AAC7C,MAAI,WAAW;AACf,MAAI,SAAS;AAEb,WAAS,IAAI,GAAG,IAAI,MAAM,QAAQ,KAAK;AACrC,UAAM,UAAU,MAAM,CAAC,EAAE,KAAK;AAC9B,QAAI,YAAY,cAAc,YAAY,YAAY;AACpD,iBAAW;AAAA,IACb,WAAW,YAAY,YAAY,YAAY,UAAU;AACvD,UAAI,aAAa,IAAI;AACnB,iBAAS;AACT;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAEA,MAAI,aAAa,MAAM,WAAW,IAAI;AACpC,WAAO;AAAA,EACT;AAEA,SAAO,EAAE,UAAU,OAAO;AAC5B;AAiBA,eAAsB,kBACpB,OACA,SAEA,aACe;AACf,MAAI,MAAM,iBAAiB,MAAM;AAC/B;AAAA,EACF;AAGA,MAAI,YAAY,IAAI;AAClB;AAAA,EACF;AAEA,QAAM,WAAW,MAAM;AAEvB,MAAI,kBAAiC;AACrC,MAAI;AACF,sBAAkB,MAAM,SAAS,UAAU,OAAO;AAAA,EACpD,SAAS,KAAc;AACrB,UAAM,OAAQ,IAA8B;AAC5C,QAAI,SAAS,UAAU;AACrB,UAAI,kBAAkB,GAAG,GAAG;AAC1B,gBAAQ,OAAO;AAAA,UACb,kCAAkC,QAAQ;AAAA;AAAA,QAC5C;AACA;AAAA,MACF;AACA,YAAM;AAAA,IACR;AAAA,EACF;AAGA,MAAI,oBAAoB,MAAM;AAC5B,QAAI;AACF,YAAM,MAAMA,SAAQ,QAAQ,GAAG,EAAE,WAAW,KAAK,CAAC;AAClD,YAAM,UAAU,UAAU,SAAS,OAAO;AAAA,IAC5C,SAAS,KAAc;AACrB,UAAI,kBAAkB,GAAG,GAAG;AAC1B,gBAAQ,OAAO;AAAA,UACb,mCAAmC,QAAQ;AAAA;AAAA,QAC7C;AACA;AAAA,MACF;AACA,YAAM;AAAA,IACR;AACA;AAAA,EACF;AAGA,QAAM,QAAQ,gBAAgB,MAAM,IAAI;AACxC,QAAM,aAAa,qBAAqB,KAAK;AAE7C,MAAI;AACJ,MAAI,eAAe,MAAM;AAEvB,UAAM,SAAS,MAAM,MAAM,GAAG,WAAW,QAAQ;AACjD,UAAM,QAAQ,MAAM,MAAM,WAAW,SAAS,CAAC;AAE/C,UAAM,gCAAgC,QAAQ,SAAS,IAAI,IACvD,QAAQ,MAAM,GAAG,EAAE,IACnB;AACJ,iBAAa,CAAC,GAAG,QAAQ,+BAA+B,GAAG,KAAK,EAAE,KAAK,IAAI;AAAA,EAC7E,OAAO;AAEL,UAAM,YAAY,gBAAgB,SAAS,IAAI,IAAI,OAAO;AAC1D,iBAAa,kBAAkB,YAAY;AAAA,EAC7C;AAEA,MAAI;AACF,UAAM,UAAU,UAAU,YAAY,OAAO;AAAA,EAC/C,SAAS,KAAc;AACrB,QAAI,kBAAkB,GAAG,GAAG;AAC1B,cAAQ,OAAO;AAAA,QACb,mCAAmC,QAAQ;AAAA;AAAA,MAC7C;AACA;AAAA,IACF;AACA,UAAM;AAAA,EACR;AACF;AAcA,eAAsB,gBACpB,OACA,aACe;AACf,QAAM,gBAAgBC,MAAK,aAAa,YAAY;AAIpD,QAAM,gBAAgB,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;AAExD,MAAI,cAAc,WAAW,GAAG;AAC9B;AAAA,EACF;AAEA,MAAI,kBAAkB;AACtB,MAAI;AACF,sBAAkB,MAAM,SAAS,eAAe,OAAO;AAAA,EACzD,SAAS,KAAc;AACrB,UAAM,OAAQ,IAA8B;AAC5C,QAAI,SAAS,UAAU;AACrB,UAAI,kBAAkB,GAAG,GAAG;AAC1B,gBAAQ,OAAO;AAAA,UACb;AAAA;AAAA,QACF;AACA;AAAA,MACF;AACA,YAAM;AAAA,IACR;AAAA,EACF;AAGA,QAAM,gBAAgB,gBACnB,MAAM,IAAI,EACV,IAAI,CAAC,SAAS,KAAK,KAAK,CAAC,EACzB,OAAO,CAAC,SAAS,SAAS,EAAE;AAE/B,QAAM,cAAc,IAAI,IAAI,aAAa;AAKzC,QAAM,QAAQ,cACX,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,QAAQ,OAAO,GAAG,CAAC,EACvC,OAAO,CAAC,MAAM,MAAM,MAAM,CAAC,YAAY,IAAI,CAAC,CAAC;AAEhD,MAAI,MAAM,WAAW,GAAG;AACtB;AAAA,EACF;AAGA,MAAI,iBAAiB;AACrB,MAAI,eAAe,SAAS,KAAK,CAAC,eAAe,SAAS,IAAI,GAAG;AAC/D,sBAAkB;AAAA,EACpB;AAEA,oBAAkB,MAAM,KAAK,IAAI,IAAI;AAErC,MAAI;AACF,UAAM,UAAU,eAAe,gBAAgB,OAAO;AAAA,EACxD,SAAS,KAAc;AACrB,QAAI,kBAAkB,GAAG,GAAG;AAC1B,cAAQ,OAAO;AAAA,QACb;AAAA;AAAA,MACF;AACA;AAAA,IACF;AACA,UAAM;AAAA,EACR;AACF;","names":["resolve","dirname","join"]}

package/dist/chunk-IP4NMDJK.js DELETED Viewed

@@ -1,98 +0,0 @@
-import {
-  AnonApiKeySchema,
-  createAnonApiKey
-} from "./chunk-TQ54WLCZ.js";
-// src/anon-key.ts
-var GLASSTRACE_DIR = ".glasstrace";
-var ANON_KEY_FILE = "anon_key";
-var fsPathCache;
-async function loadFsPath() {
-  if (fsPathCache !== void 0) return fsPathCache;
-  try {
-    const [fs, path] = await Promise.all([
-      import("node:fs/promises"),
-      import("node:path")
-    ]);
-    fsPathCache = { fs, path };
-    return fsPathCache;
-  } catch {
-    fsPathCache = null;
-    return null;
-  }
-}
-var ephemeralKeyCache = /* @__PURE__ */ new Map();
-async function readAnonKey(projectRoot) {
-  const root = projectRoot ?? process.cwd();
-  const modules = await loadFsPath();
-  if (modules) {
-    const keyPath = modules.path.join(root, GLASSTRACE_DIR, ANON_KEY_FILE);
-    try {
-      const content = await modules.fs.readFile(keyPath, "utf-8");
-      const result = AnonApiKeySchema.safeParse(content);
-      if (result.success) {
-        return result.data;
-      }
-    } catch {
-    }
-  }
-  const cached = ephemeralKeyCache.get(root);
-  if (cached !== void 0) {
-    return cached;
-  }
-  return null;
-}
-async function getOrCreateAnonKey(projectRoot) {
-  const root = projectRoot ?? process.cwd();
-  const existingKey = await readAnonKey(root);
-  if (existingKey !== null) {
-    return existingKey;
-  }
-  const cached = ephemeralKeyCache.get(root);
-  if (cached !== void 0) {
-    return cached;
-  }
-  const newKey = createAnonApiKey();
-  const modules = await loadFsPath();
-  if (!modules) {
-    ephemeralKeyCache.set(root, newKey);
-    return newKey;
-  }
-  const dirPath = modules.path.join(root, GLASSTRACE_DIR);
-  const keyPath = modules.path.join(dirPath, ANON_KEY_FILE);
-  try {
-    await modules.fs.mkdir(dirPath, { recursive: true, mode: 448 });
-    await modules.fs.writeFile(keyPath, newKey, { flag: "wx", mode: 384 });
-    return newKey;
-  } catch (err) {
-    const code = err.code;
-    if (code === "EEXIST") {
-      for (let attempt = 0; attempt < 3; attempt++) {
-        const winnerKey = await readAnonKey(root);
-        if (winnerKey !== null) {
-          return winnerKey;
-        }
-        if (attempt < 2) {
-          await new Promise((resolve) => setTimeout(resolve, 50));
-        }
-      }
-      try {
-        await modules.fs.writeFile(keyPath, newKey, { mode: 384 });
-        await modules.fs.chmod(keyPath, 384);
-        return newKey;
-      } catch {
-      }
-    }
-    ephemeralKeyCache.set(root, newKey);
-    console.warn(
-      `[glasstrace] Failed to persist anonymous key to ${keyPath}: ${err instanceof Error ? err.message : String(err)}. Using ephemeral key.`
-    );
-    return newKey;
-  }
-}
-export {
-  readAnonKey,
-  getOrCreateAnonKey
-};
-//# sourceMappingURL=chunk-IP4NMDJK.js.map

package/dist/chunk-IP4NMDJK.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"sources":["../src/anon-key.ts"],"sourcesContent":["import { AnonApiKeySchema, createAnonApiKey } from \"@glasstrace/protocol\";\nimport type { AnonApiKey } from \"@glasstrace/protocol\";\n\nconst GLASSTRACE_DIR = \".glasstrace\";\nconst ANON_KEY_FILE = \"anon_key\";\n\n/**\n * Lazily imports `node:fs/promises` and `node:path`. Returns `null` if\n * the modules are unavailable (non-Node environments). The result is\n * cached after first resolution.\n */\nlet fsPathCache: { fs: typeof import(\"node:fs/promises\"); path: typeof import(\"node:path\") } | null | undefined;\n\nasync function loadFsPath(): Promise<{ fs: typeof import(\"node:fs/promises\"); path: typeof import(\"node:path\") } | null> {\n if (fsPathCache !== undefined) return fsPathCache;\n try {\n const [fs, path] = await Promise.all([\n import(\"node:fs/promises\"),\n import(\"node:path\"),\n ]);\n fsPathCache = { fs, path };\n return fsPathCache;\n } catch {\n fsPathCache = null;\n return null;\n }\n}\n\n/**\n * In-memory cache for ephemeral keys when filesystem persistence fails.\n * Keyed by resolved project root to support multiple roots in tests.\n */\nconst ephemeralKeyCache = new Map<string, AnonApiKey>();\n\n/**\n * Reads an existing anonymous key from the filesystem.\n * Returns the key if valid, or null if:\n * - The file does not exist\n * - The file content is invalid\n * - An I/O error occurs\n * - `node:fs` is unavailable (non-Node environment)\n */\nexport async function readAnonKey(projectRoot?: string): Promise<AnonApiKey | null> {\n const root = projectRoot ?? process.cwd();\n\n const modules = await loadFsPath();\n if (modules) {\n const keyPath = modules.path.join(root, GLASSTRACE_DIR, ANON_KEY_FILE);\n try {\n const content = await modules.fs.readFile(keyPath, \"utf-8\");\n const result = AnonApiKeySchema.safeParse(content);\n if (result.success) {\n return result.data;\n }\n } catch {\n // Fall through to check ephemeral cache\n }\n }\n\n // Check in-memory cache (used when filesystem persistence failed\n // or when node:fs is unavailable)\n const cached = ephemeralKeyCache.get(root);\n if (cached !== undefined) {\n return cached;\n }\n\n return null;\n}\n\n/**\n * Gets an existing anonymous key from the filesystem, or creates a new one.\n *\n * - If file exists and contains a valid key, returns it\n * - If file does not exist or content is invalid, generates a new key via createAnonApiKey()\n * - Writes the new key to `.glasstrace/anon_key`, creating the directory if needed\n * - On file write failure: logs a warning, caches an ephemeral in-memory key so\n * repeated calls in the same process return the same key\n * - In non-Node environments: returns an ephemeral in-memory key\n */\nexport async function getOrCreateAnonKey(projectRoot?: string): Promise<AnonApiKey> {\n const root = projectRoot ?? process.cwd();\n\n // Try reading existing key from filesystem\n const existingKey = await readAnonKey(root);\n if (existingKey !== null) {\n return existingKey;\n }\n\n // Check in-memory cache (used when filesystem is unavailable)\n const cached = ephemeralKeyCache.get(root);\n if (cached !== undefined) {\n return cached;\n }\n\n // Generate a new key\n const newKey = createAnonApiKey();\n\n // Attempt filesystem persistence (only in Node.js environments)\n const modules = await loadFsPath();\n if (!modules) {\n // No filesystem access — cache in memory\n ephemeralKeyCache.set(root, newKey);\n return newKey;\n }\n\n const dirPath = modules.path.join(root, GLASSTRACE_DIR);\n const keyPath = modules.path.join(dirPath, ANON_KEY_FILE);\n\n // Persist to filesystem using atomic create-or-fail (O_CREAT | O_EXCL)\n // to prevent TOCTOU races where concurrent cold starts both generate keys.\n try {\n await modules.fs.mkdir(dirPath, { recursive: true, mode: 0o700 });\n await modules.fs.writeFile(keyPath, newKey, { flag: \"wx\", mode: 0o600 });\n return newKey;\n } catch (err) {\n const code = (err as NodeJS.ErrnoException).code;\n if (code === \"EEXIST\") {\n // Another process won the race. Retry reading their key with\n // short delays — the winner's writeFile is atomic for small\n // payloads but the filesystem may not have flushed yet.\n for (let attempt = 0; attempt < 3; attempt++) {\n const winnerKey = await readAnonKey(root);\n if (winnerKey !== null) {\n return winnerKey;\n }\n // Short delay before next retry (50ms), skip after final attempt\n if (attempt < 2) {\n await new Promise((resolve) => setTimeout(resolve, 50));\n }\n }\n // All retries exhausted — overwrite as last resort.\n // Use explicit chmod after overwrite since writeFile mode only\n // applies on creation on some platforms.\n try {\n await modules.fs.writeFile(keyPath, newKey, { mode: 0o600 });\n await modules.fs.chmod(keyPath, 0o600);\n return newKey;\n } catch {\n // Overwrite failed — fall through to ephemeral cache\n }\n }\n\n // Non-EEXIST error (EACCES, ENOTDIR, etc.) — cache in memory so\n // repeated calls get the same ephemeral key within this process.\n ephemeralKeyCache.set(root, newKey);\n console.warn(\n `[glasstrace] Failed to persist anonymous key to ${keyPath}: ${err instanceof Error ? err.message : String(err)}. Using ephemeral key.`,\n );\n return newKey;\n }\n}\n"],"mappings":";;;;;;AAGA,IAAM,iBAAiB;AACvB,IAAM,gBAAgB;AAOtB,IAAI;AAEJ,eAAe,aAA0G;AACvH,MAAI,gBAAgB,OAAW,QAAO;AACtC,MAAI;AACF,UAAM,CAAC,IAAI,IAAI,IAAI,MAAM,QAAQ,IAAI;AAAA,MACnC,OAAO,kBAAkB;AAAA,MACzB,OAAO,WAAW;AAAA,IACpB,CAAC;AACD,kBAAc,EAAE,IAAI,KAAK;AACzB,WAAO;AAAA,EACT,QAAQ;AACN,kBAAc;AACd,WAAO;AAAA,EACT;AACF;AAMA,IAAM,oBAAoB,oBAAI,IAAwB;AAUtD,eAAsB,YAAY,aAAkD;AAClF,QAAM,OAAO,eAAe,QAAQ,IAAI;AAExC,QAAM,UAAU,MAAM,WAAW;AACjC,MAAI,SAAS;AACX,UAAM,UAAU,QAAQ,KAAK,KAAK,MAAM,gBAAgB,aAAa;AACrE,QAAI;AACF,YAAM,UAAU,MAAM,QAAQ,GAAG,SAAS,SAAS,OAAO;AAC1D,YAAM,SAAS,iBAAiB,UAAU,OAAO;AACjD,UAAI,OAAO,SAAS;AAClB,eAAO,OAAO;AAAA,MAChB;AAAA,IACF,QAAQ;AAAA,IAER;AAAA,EACF;AAIA,QAAM,SAAS,kBAAkB,IAAI,IAAI;AACzC,MAAI,WAAW,QAAW;AACxB,WAAO;AAAA,EACT;AAEA,SAAO;AACT;AAYA,eAAsB,mBAAmB,aAA2C;AAClF,QAAM,OAAO,eAAe,QAAQ,IAAI;AAGxC,QAAM,cAAc,MAAM,YAAY,IAAI;AAC1C,MAAI,gBAAgB,MAAM;AACxB,WAAO;AAAA,EACT;AAGA,QAAM,SAAS,kBAAkB,IAAI,IAAI;AACzC,MAAI,WAAW,QAAW;AACxB,WAAO;AAAA,EACT;AAGA,QAAM,SAAS,iBAAiB;AAGhC,QAAM,UAAU,MAAM,WAAW;AACjC,MAAI,CAAC,SAAS;AAEZ,sBAAkB,IAAI,MAAM,MAAM;AAClC,WAAO;AAAA,EACT;AAEA,QAAM,UAAU,QAAQ,KAAK,KAAK,MAAM,cAAc;AACtD,QAAM,UAAU,QAAQ,KAAK,KAAK,SAAS,aAAa;AAIxD,MAAI;AACF,UAAM,QAAQ,GAAG,MAAM,SAAS,EAAE,WAAW,MAAM,MAAM,IAAM,CAAC;AAChE,UAAM,QAAQ,GAAG,UAAU,SAAS,QAAQ,EAAE,MAAM,MAAM,MAAM,IAAM,CAAC;AACvE,WAAO;AAAA,EACT,SAAS,KAAK;AACZ,UAAM,OAAQ,IAA8B;AAC5C,QAAI,SAAS,UAAU;AAIrB,eAAS,UAAU,GAAG,UAAU,GAAG,WAAW;AAC5C,cAAM,YAAY,MAAM,YAAY,IAAI;AACxC,YAAI,cAAc,MAAM;AACtB,iBAAO;AAAA,QACT;AAEA,YAAI,UAAU,GAAG;AACf,gBAAM,IAAI,QAAQ,CAAC,YAAY,WAAW,SAAS,EAAE,CAAC;AAAA,QACxD;AAAA,MACF;AAIA,UAAI;AACF,cAAM,QAAQ,GAAG,UAAU,SAAS,QAAQ,EAAE,MAAM,IAAM,CAAC;AAC3D,cAAM,QAAQ,GAAG,MAAM,SAAS,GAAK;AACrC,eAAO;AAAA,MACT,QAAQ;AAAA,MAER;AAAA,IACF;AAIA,sBAAkB,IAAI,MAAM,MAAM;AAClC,YAAQ;AAAA,MACN,mDAAmD,OAAO,KAAK,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG,CAAC;AAAA,IACjH;AACA,WAAO;AAAA,EACT;AACF;","names":[]}