@james-wall/codegov 0.1.0

package/dist/server/otel.js

@@ -0,0 +1,67 @@
+import { insertToolEvent } from "../db/queries.js";
+function getAttr(attrs, key) {
+    const attr = attrs?.find(a => a.key === key);
+    return attr?.value?.stringValue ?? attr?.value?.intValue ?? attr?.value?.doubleValue?.toString();
+}
+function parseTimestamp(nanos) {
+    if (!nanos)
+        return new Date().toISOString();
+    return new Date(Number(BigInt(nanos) / BigInt(1_000_000))).toISOString();
+}
+export function handleOtelTraces(req, res) {
+    const payload = req.body;
+    if (!payload.resourceSpans?.length) {
+        res.status(200).json({ message: "no spans" });
+        return;
+    }
+    let ingested = 0;
+    for (const resourceSpan of payload.resourceSpans) {
+        const resourceAttrs = resourceSpan.resource?.attributes;
+        const tool = getAttr(resourceAttrs, "service.name")
+            ?? getAttr(resourceAttrs, "telemetry.sdk.name")
+            ?? "unknown";
+        for (const scopeSpan of resourceSpan.scopeSpans ?? []) {
+            for (const span of scopeSpan.spans ?? []) {
+                const attrs = span.attributes;
+                const developer = getAttr(attrs, "user.id")
+                    ?? getAttr(attrs, "developer")
+                    ?? getAttr(attrs, "user.name")
+                    ?? "unknown";
+                const filePath = getAttr(attrs, "file.path")
+                    ?? getAttr(attrs, "code.filepath")
+                    ?? undefined;
+                const eventType = getAttr(attrs, "event.type")
+                    ?? span.name
+                    ?? "span";
+                insertToolEvent({
+                    tool: normalizeToolName(tool),
+                    developer,
+                    timestamp: parseTimestamp(span.startTimeUnixNano),
+                    event_type: eventType,
+                    file_path: filePath,
+                    lines_added: parseInt(getAttr(attrs, "lines.added") ?? "0", 10),
+                    lines_removed: parseInt(getAttr(attrs, "lines.removed") ?? "0", 10),
+                    model: getAttr(attrs, "gen_ai.request.model") ?? getAttr(attrs, "model") ?? undefined,
+                    tokens_in: parseInt(getAttr(attrs, "gen_ai.usage.input_tokens") ?? getAttr(attrs, "tokens.input") ?? "0", 10),
+                    tokens_out: parseInt(getAttr(attrs, "gen_ai.usage.output_tokens") ?? getAttr(attrs, "tokens.output") ?? "0", 10),
+                    cost_usd: parseFloat(getAttr(attrs, "cost.usd") ?? "0"),
+                    session_id: getAttr(attrs, "session.id") ?? span.traceId,
+                    raw_span: JSON.stringify(span),
+                });
+                ingested++;
+            }
+        }
+    }
+    res.status(200).json({ ingested });
+}
+function normalizeToolName(raw) {
+    const lower = raw.toLowerCase();
+    if (lower.includes("claude") || lower.includes("anthropic"))
+        return "claude-code";
+    if (lower.includes("cursor"))
+        return "cursor";
+    if (lower.includes("copilot"))
+        return "copilot";
+    return raw;
+}
+//# sourceMappingURL=otel.js.map

package/dist/server/otel.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"otel.js","sourceRoot":"","sources":["../../src/server/otel.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAwBnD,SAAS,OAAO,CAAC,KAA6B,EAAE,GAAW;IACzD,MAAM,IAAI,GAAG,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,CAAC,CAAC;IAC7C,OAAO,IAAI,EAAE,KAAK,EAAE,WAAW,IAAI,IAAI,EAAE,KAAK,EAAE,QAAQ,IAAI,IAAI,EAAE,KAAK,EAAE,WAAW,EAAE,QAAQ,EAAE,CAAC;AACnG,CAAC;AAED,SAAS,cAAc,CAAC,KAAc;IACpC,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC5C,OAAO,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;AAC3E,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,GAAY,EAAE,GAAa;IAC1D,MAAM,OAAO,GAAG,GAAG,CAAC,IAAwB,CAAC;IAE7C,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,MAAM,EAAE,CAAC;QACnC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,UAAU,EAAE,CAAC,CAAC;QAC9C,OAAO;IACT,CAAC;IAED,IAAI,QAAQ,GAAG,CAAC,CAAC;IAEjB,KAAK,MAAM,YAAY,IAAI,OAAO,CAAC,aAAa,EAAE,CAAC;QACjD,MAAM,aAAa,GAAG,YAAY,CAAC,QAAQ,EAAE,UAAU,CAAC;QACxD,MAAM,IAAI,GAAG,OAAO,CAAC,aAAuC,EAAE,cAAc,CAAC;eACxE,OAAO,CAAC,aAAuC,EAAE,oBAAoB,CAAC;eACtE,SAAS,CAAC;QAEf,KAAK,MAAM,SAAS,IAAI,YAAY,CAAC,UAAU,IAAI,EAAE,EAAE,CAAC;YACtD,KAAK,MAAM,IAAI,IAAI,SAAS,CAAC,KAAK,IAAI,EAAE,EAAE,CAAC;gBACzC,MAAM,KAAK,GAAG,IAAI,CAAC,UAAU,CAAC;gBAC9B,MAAM,SAAS,GAAG,OAAO,CAAC,KAAK,EAAE,SAAS,CAAC;uBACtC,OAAO,CAAC,KAAK,EAAE,WAAW,CAAC;uBAC3B,OAAO,CAAC,KAAK,EAAE,WAAW,CAAC;uBAC3B,SAAS,CAAC;gBAEf,MAAM,QAAQ,GAAG,OAAO,CAAC,KAAK,EAAE,WAAW,CAAC;uBACvC,OAAO,CAAC,KAAK,EAAE,eAAe,CAAC;uBAC/B,SAAS,CAAC;gBAEf,MAAM,SAAS,GAAG,OAAO,CAAC,KAAK,EAAE,YAAY,CAAC;uBACzC,IAAI,CAAC,IAAI;uBACT,MAAM,CAAC;gBAEZ,eAAe,CAAC;oBACd,IAAI,EAAE,iBAAiB,CAAC,IAAI,CAAC;oBAC7B,SAAS;oBACT,SAAS,EAAE,cAAc,CAAC,IAAI,CAAC,iBAAiB,CAAC;oBACjD,UAAU,EAAE,SAAS;oBACrB,SAAS,EAAE,QAAQ;oBACnB,WAAW,EAAE,QAAQ,CAAC,OAAO,CAAC,KAAK,EAAE,aAAa,CAAC,IAAI,GAAG,EAAE,EAAE,CAAC;oBAC/D,aAAa,EAAE,QAAQ,CAAC,OAAO,CAAC,KAAK,EAAE,eAAe,CAAC,IAAI,GAAG,EAAE,EAAE,CAAC;oBACnE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,sBAAsB,CAAC,IAAI,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC,IAAI,SAAS;oBACrF,SAAS,EAAE,QAAQ,CAAC,OAAO,CAAC,KAAK,EAAE,2BAA2B,CAAC,IAAI,OAAO,CAAC,KAAK,EAAE,cAAc,CAAC,IAAI,GAAG,EAAE,EAAE,CAAC;oBAC7G,UAAU,EAAE,QAAQ,CAAC,OAAO,CAAC,KAAK,EAAE,4BAA4B,CAAC,IAAI,OAAO,CAAC,KAAK,EAAE,eAAe,CAAC,IAAI,GAAG,EAAE,EAAE,CAAC;oBAChH,QAAQ,EAAE,UAAU,CAAC,OAAO,CAAC,KAAK,EAAE,UAAU,CAAC,IAAI,GAAG,CAAC;oBACvD,UAAU,EAAE,OAAO,CAAC,KAAK,EAAE,YAAY,CAAC,IAAI,IAAI,CAAC,OAAO;oBACxD,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;iBAC/B,CAAC,CAAC;gBAEH,QAAQ,EAAE,CAAC;YACb,CAAC;QACH,CAAC;IACH,CAAC;IAED,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC;AACrC,CAAC;AAED,SAAS,iBAAiB,CAAC,GAAW;IACpC,MAAM,KAAK,GAAG,GAAG,CAAC,WAAW,EAAE,CAAC;IAChC,IAAI,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,WAAW,CAAC;QAAE,OAAO,aAAa,CAAC;IAClF,IAAI,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC;QAAE,OAAO,QAAQ,CAAC;IAC9C,IAAI,KAAK,CAAC,QAAQ,CAAC,SAAS,CAAC;QAAE,OAAO,SAAS,CAAC;IAChD,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/server/webhook.d.ts

@@ -0,0 +1,2 @@
+import type { Request, Response } from "express";
+export declare function handleCommitHook(req: Request, res: Response): void;

package/dist/server/webhook.js

@@ -0,0 +1,22 @@
+import { insertCommit, correlateCommit } from "../db/queries.js";
+export function handleCommitHook(req, res) {
+    const payload = req.body;
+    if (!payload.hash || !payload.author || !payload.timestamp) {
+        res.status(400).json({ error: "Missing required fields: hash, author, timestamp" });
+        return;
+    }
+    insertCommit({
+        hash: payload.hash,
+        author: payload.author,
+        timestamp: payload.timestamp,
+        repo: payload.repo,
+        branch: payload.branch,
+        message: payload.message,
+        total_additions: payload.total_additions,
+        total_deletions: payload.total_deletions,
+        files: payload.files ?? [],
+    });
+    correlateCommit(payload.hash);
+    res.status(200).json({ stored: true, hash: payload.hash });
+}
+//# sourceMappingURL=webhook.js.map

package/dist/server/webhook.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"webhook.js","sourceRoot":"","sources":["../../src/server/webhook.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAkBjE,MAAM,UAAU,gBAAgB,CAAC,GAAY,EAAE,GAAa;IAC1D,MAAM,OAAO,GAAG,GAAG,CAAC,IAAqB,CAAC;IAE1C,IAAI,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;QAC3D,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,kDAAkD,EAAE,CAAC,CAAC;QACpF,OAAO;IACT,CAAC;IAED,YAAY,CAAC;QACX,IAAI,EAAE,OAAO,CAAC,IAAI;QAClB,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,SAAS,EAAE,OAAO,CAAC,SAAS;QAC5B,IAAI,EAAE,OAAO,CAAC,IAAI;QAClB,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,eAAe,EAAE,OAAO,CAAC,eAAe;QACxC,eAAe,EAAE,OAAO,CAAC,eAAe;QACxC,KAAK,EAAE,OAAO,CAAC,KAAK,IAAI,EAAE;KAC3B,CAAC,CAAC;IAEH,eAAe,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IAE9B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;AAC7D,CAAC"}

package/dist/types.d.ts

@@ -0,0 +1,86 @@
+export type AgentId = "claude-code" | "cursor" | "copilot" | "devin" | "aider" | "unknown-ai" | "human";
+export type ReviewStatus = "unreviewed" | "approved" | "modified";
+export interface ProvenanceRecord {
+    commitHash: string;
+    timestamp: string;
+    agentId: AgentId;
+    modelVersion: string | null;
+    promptSummary: string | null;
+    filesChanged: string[];
+    linesAdded: number;
+    linesRemoved: number;
+    reviewStatus: ReviewStatus;
+    reviewer: string | null;
+    confidence: number;
+    signals: string[];
+}
+export interface ScanResult {
+    totalCommits: number;
+    aiCommits: number;
+    newRecords: number;
+    records: ProvenanceRecord[];
+}
+export interface StatsResult {
+    totalCommits: number;
+    aiCommits: number;
+    aiPercentage: number;
+    byAgent: Record<string, number>;
+    byMonth: Record<string, {
+        total: number;
+        ai: number;
+    }>;
+}
+export type Tool = "copilot" | "cursor" | "claude-code";
+export interface ToolUsageRecord {
+    developer: string;
+    tool: Tool;
+    date: string;
+    suggestions: number;
+    acceptedLines: number;
+    rejectedLines: number;
+    costUsd: number;
+}
+export interface TeamMapping {
+    [team: string]: string[];
+}
+export interface DevMetrics {
+    developer: string;
+    tool: string;
+    totalSpend: number;
+    totalSuggestions: number;
+    totalAcceptedLines: number;
+    totalRejectedLines: number;
+    acceptanceRate: number;
+    days: number;
+}
+export interface ToolComparison {
+    tool: Tool;
+    totalSpend: number;
+    totalAcceptedLines: number;
+    costPerLine: number;
+    acceptanceRate: number;
+    devCount: number;
+}
+export interface TeamMetrics {
+    team: string;
+    totalSpend: number;
+    totalAcceptedLines: number;
+    totalRejectedLines: number;
+    acceptanceRate: number;
+    avgSpendPerDev: number;
+    devCount: number;
+}
+export interface Anomaly {
+    developer: string;
+    team: string;
+    tool: string;
+    spend: number;
+    teamMean: number;
+    teamStdDev: number;
+    deviations: number;
+}
+export interface PRRecord {
+    number: number;
+    author: string;
+    mergedAt: string | null;
+}

package/dist/types.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=types.js.map

package/dist/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":""}

package/package.json

@@ -0,0 +1,54 @@
+{
+  "name": "@james-wall/codegov",
+  "version": "0.1.0",
+  "description": "AI code governance — attribution, telemetry, and ROI for AI-assisted development",
+  "type": "module",
+  "main": "dist/cli.js",
+  "bin": {
+    "codegov": "dist/cli.js"
+  },
+  "scripts": {
+    "build": "tsc",
+    "dev": "tsc --watch",
+    "start": "node dist/cli.js",
+    "test": "vitest run",
+    "prepublishOnly": "tsc"
+  },
+  "keywords": [
+    "ai",
+    "governance",
+    "provenance",
+    "telemetry",
+    "copilot",
+    "cursor",
+    "claude"
+  ],
+  "author": "James Wall",
+  "license": "MIT",
+  "dependencies": {
+    "commander": "^14.0.3"
+  },
+  "optionalDependencies": {
+    "better-sqlite3": "^12.9.0",
+    "express": "^5.2.1"
+  },
+  "devDependencies": {
+    "@types/better-sqlite3": "^7.6.13",
+    "@types/express": "^5.0.6",
+    "@types/node": "^22.0.0",
+    "typescript": "^5.7.0",
+    "vitest": "^3.2.1"
+  },
+  "files": [
+    "dist",
+    "README.md",
+    "LICENSE"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/james-wall/codegov"
+  },
+  "engines": {
+    "node": ">=18"
+  }
+}