@meetless/mla 0.1.5 → 0.1.6

package/dist/lib/analytics/enforcement-classify.js

@@ -0,0 +1,65 @@
+"use strict";
+// Pure, PII-safe classifiers for the enforcement-incident event (the deny tile,
+// notes/20260627-mla-product-health-dashboard-posthog-metrics.md §5.1).
+//
+// Both functions read a tool name / file path ONLY to derive a closed enum; the
+// raw string NEVER leaves the function (INV-POSTHOG-PII-1). Importing this module
+// pulls in no recorder, config, store, or I/O, so the non-deny hot path of the
+// PreToolUse hook can keep it at top level without weight.
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.normalizeEnforcedTool = normalizeEnforcedTool;
+exports.classifyTouchedSurface = classifyTouchedSurface;
+/**
+ * Map a PreToolUse tool name to the closed ENFORCED_TOOLS enum. The notes-location
+ * pilot's admission gate guarantees the deny only fires on {Write, Edit}; anything
+ * else degrades to "unknown" rather than leaking the raw tool string.
+ */
+function normalizeEnforcedTool(toolName) {
+    if (toolName === "Write" || toolName === "Edit")
+        return toolName;
+    return "unknown";
+}
+/**
+ * Classify a file path into the PII-safe touched-surface enum. The path is read only
+ * to derive the enum (extension + a few well-known path segments); the path itself
+ * never enters the returned value. Best-effort: an unrecognized shape degrades to
+ * "unknown" rather than guessing. Order is load-bearing -- a `.spec.ts` is a test
+ * (not code), a `.sql` under migrations is a migration (not config), etc.
+ */
+function classifyTouchedSurface(filePath) {
+    if (!filePath || typeof filePath !== "string")
+        return "unknown";
+    const p = filePath.toLowerCase().replace(/\\/g, "/");
+    const base = p.split("/").pop() ?? p;
+    // tests win over code: a .spec.ts / __tests__/ path is a test surface.
+    if (/\.(test|spec)\.[cm]?[jt]sx?$/.test(base) ||
+        /(^|\/)__tests__\//.test(p) ||
+        /(^|\/)tests?\//.test(p) ||
+        /_test\.(py|go|rb)$/.test(base)) {
+        return "tests";
+    }
+    // migrations win over config/code: a .sql or a migrations/ path is a migration.
+    if (/(^|\/)migrations?\//.test(p) || base.endsWith(".sql"))
+        return "migration";
+    // infra: container/IaC/CI/shell, before the generic config/code buckets.
+    if (base === "dockerfile" ||
+        base.endsWith(".dockerfile") ||
+        base.endsWith(".tf") ||
+        base.endsWith(".sh") ||
+        base.endsWith(".bash") ||
+        /(^|\/)(infra|deploy|\.github|terraform|helm|k8s)\//.test(p)) {
+        return "infra";
+    }
+    if (/\.(md|mdx|markdown|rst|txt|adoc)$/.test(base))
+        return "docs";
+    if (/\.(ya?ml|json|jsonc|toml|ini|cfg|conf|properties|lock)$/.test(base) ||
+        base.startsWith(".env") ||
+        base === ".gitignore" ||
+        base === ".npmrc") {
+        return "config";
+    }
+    if (/\.(ts|tsx|js|jsx|mjs|cjs|py|go|rs|java|rb|php|c|h|cc|cpp|hpp|cs|swift|kt|kts|scala|m|mm|vue|svelte|ex|exs|clj|hs)$/.test(base)) {
+        return "code";
+    }
+    return "unknown";
+}

package/dist/lib/analytics/enforcement-incident.js

@@ -0,0 +1,83 @@
+"use strict";
+// Enforcement-incident emit seam (the deny tile,
+// notes/20260627-mla-product-health-dashboard-posthog-metrics.md §5.1).
+//
+// The fail-soft, local-append-only bridge between the PreToolUse deny branch and the
+// generic analytics spool. It mirrors ce0-emit.ts and upholds the same two invariants:
+//
+//   - Local-append-only: the hook NEVER makes a synchronous network call. recordAnalyticsEvent
+//     appends to the local jsonl and buffers for the existing detached forward; remote
+//     delivery is that path's job.
+//   - Fail-soft: any fault (no config, a spool append fault, a build throw) is swallowed and
+//     never escalates into the blocked turn. The durable EnforcementAttempt row already
+//     recorded the deny; this telemetry is strictly best-effort on top of it.
+//
+// Difference from ce0-emit: where CE0 SKIPS when there is no ambient run/trace (a CE0 line
+// that cannot join the enrichment is worse than none), a deny is rare and high-value and
+// SELF-JOINS to its durable audit row via incident_id, so we MINT a run/trace when the fast
+// path did not bootstrap one rather than drop the event.
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.emitEnforcementIncident = emitEnforcementIncident;
+const config_1 = require("../config");
+const store_1 = require("./store");
+const observability_1 = require("../observability");
+const event_id_1 = require("./event-id");
+const recorder_1 = require("./recorder");
+/**
+ * Append one enforcement-incident event to the local analytics spool under a "hook"
+ * run-context envelope. Fail-soft and local-append-only: any fault is swallowed so a
+ * telemetry failure never disturbs the deny. The event_id is deterministic on the
+ * incident id so a re-fired hook dedups instead of double-counting the deny.
+ */
+function emitEnforcementIncident(input, coords, deps = {}) {
+    try {
+        // A deny self-joins via incident_id, so mint a run/trace when absent rather than drop.
+        const traceId = deps.traceId ?? (0, observability_1.getRunTraceId)() ?? (0, observability_1.mintTraceId)();
+        const runId = deps.runId ?? (0, observability_1.getRunId)() ?? (0, observability_1.mintRunId)();
+        const readCfg = deps.readCfg ??
+            (() => {
+                try {
+                    return (0, config_1.readConfig)();
+                }
+                catch {
+                    return null;
+                }
+            });
+        const cfg = readCfg();
+        const mId = (deps.machineId ?? store_1.machineId)();
+        const ctx = {
+            workspaceId: coords.workspaceId,
+            sessionId: coords.sessionId,
+            // Prefer the configured actor; else the hashed machine id (workspace-scoped
+            // anonymous, never end-user PII).
+            distinctId: cfg?.actorUserId ?? mId,
+            runId,
+            traceId,
+            source: "hook",
+            actorWorkspaceUserId: cfg?.actorUserId ?? null,
+            repoFingerprint: deps.repoFingerprint ?? (0, observability_1.getRepoFingerprint)(),
+            now: new Date(coords.nowMs).toISOString(),
+        };
+        const payload = {
+            incident_id: input.incidentId,
+            decision: input.decision,
+            tool: input.tool,
+            touched_surface: input.touchedSurface,
+            rule_version_id: input.ruleVersionId,
+            // Born unreviewed; an offline labeler supersedes (deterministic id keyed at v0,
+            // a re-label emits v1+).
+            review_status: "unreviewed",
+        };
+        const record = deps.record ?? recorder_1.recordAnalyticsEvent;
+        record(ctx, {
+            eventType: "mla_enforcement_incident",
+            payload: payload,
+            eventId: (0, event_id_1.deterministicEventId)(input.incidentId, 0),
+        }, deps.env ?? process.env, () => {
+            /* fail-soft: an enforcement-telemetry append must never escalate into a blocking hook. */
+        });
+    }
+    catch {
+        // Fail-soft: enforcement telemetry must never disturb the turn it observed.
+    }
+}

package/dist/lib/analytics/envelope.js

@@ -8,7 +8,7 @@
 // envelope fields and the payload fields sit at the same top level (matching
 // the local jsonl examples in section 7.4).
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.CE0_HOOKS = exports.OBLIGATION_OUTCOME_LABELS = exports.CONSULTATION_RESULTS = exports.CONSULTATION_EXECUTIONS = exports.MEMORY_REQUIREMENTS = exports.REVIEW_DECISIONS = exports.RELATION_EDGE_TYPES = exports.COMMAND_SCOPES = exports.RETRIEVAL_CONFIDENCES = exports.INJECT_OUTCOMES = exports.WINDOW_CLOSED_REASONS = exports.COVERAGE_GAP_TYPES = exports.QUERY_TOPIC_CATEGORIES = exports.GOVERNED_RELATION_TYPES = exports.TOUCHED_SURFACES = exports.COMMAND_OUTCOMES = exports.SOURCE_SURFACES = exports.EVENT_SOURCES = exports.EVENT_TYPES = exports.SCHEMA_VERSION = void 0;
+exports.CE0_HOOKS = exports.OBLIGATION_OUTCOME_LABELS = exports.CONSULTATION_RESULTS = exports.CONSULTATION_EXECUTIONS = exports.MEMORY_REQUIREMENTS = exports.PILOT_FEEDBACK_VERDICTS = exports.PILOT_FEEDBACK_POINTS = exports.ENFORCEMENT_REVIEW_STATUSES = exports.ENFORCEMENT_DECISIONS = exports.ENFORCED_TOOLS = exports.REVIEW_DECISIONS = exports.RELATION_EDGE_TYPES = exports.COMMAND_SCOPES = exports.RETRIEVAL_CONFIDENCES = exports.INJECT_OUTCOMES = exports.WINDOW_CLOSED_REASONS = exports.COVERAGE_GAP_TYPES = exports.QUERY_TOPIC_CATEGORIES = exports.GOVERNED_RELATION_TYPES = exports.TOUCHED_SURFACES = exports.COMMAND_OUTCOMES = exports.SOURCE_SURFACES = exports.EVENT_SOURCES = exports.EVENT_TYPES = exports.SCHEMA_VERSION = void 0;
 exports.makeEnvelope = makeEnvelope;
 exports.buildAttribution = buildAttribution;
 exports.envelopeMissingKeys = envelopeMissingKeys;
@@ -27,6 +27,12 @@ exports.EVENT_TYPES = [
     "mla_contradiction",
     "mla_review_decision",
     "mla_stats_viewed",
+    // Pilot instrumentation (memo notes/20260624-mla-new-user-value-and-brownfield-proof.md
+    // §6 Phase 3): one explicit human verdict captured at a natural point (a reviewed
+    // candidate, a sampled injection, a fired alert, a blocked tool call). This is the
+    // pilot's primary value signal; the auto-derived inject heuristic band is explicitly
+    // NOT relied on for the pilot. Payload is enums/ids/booleans only (INV-POSTHOG-PII-1).
+    "mla_pilot_feedback",
     // CE0 evidence-consultation telemetry (§6.4). Named per the ratified proposal
     // contract (no `mla_` prefix): these four are the PostHog projection of the
     // obligation lifecycle and the dashboards in §6.4 query them by these names.
@@ -34,6 +40,14 @@ exports.EVENT_TYPES = [
     "evidence_consultation_completed",
     "evidence_obligation_finalized",
     "evidence_hook_health",
+    // Enforcement (PreToolUse deny) telemetry. The one append per fired deny that
+    // the product-health dashboard's deny tile reads
+    // (notes/20260627-mla-product-health-dashboard-posthog-metrics.md §5.1). Before
+    // this event the deny path produced ZERO analytics: the durable EnforcementAttempt
+    // row existed but no metric saw it, so "wrong actions blocked" was un-measurable.
+    // Payload is ids/enums only -- the blocked PATH never leaves the device, only its
+    // surface enum (INV-POSTHOG-PII-1).
+    "mla_enforcement_incident",
 ];
 exports.EVENT_SOURCES = ["cli", "hook", "mcp", "control", "intel"];
 // The emission-surface label carried in the attribution block (spec section 3.7
@@ -116,6 +130,46 @@ exports.RELATION_EDGE_TYPES = [
     "unknown",
 ];
 exports.REVIEW_DECISIONS = ["accept", "reject", "reclassify", "no_relation"];
+// --- enforcement-incident enums (§5.1, the deny tile) -----------------------
+// The closed wire forms for the PreToolUse enforcement event. Every value is a
+// fixed enum so no open string (a tool name, a decision verb, a review verdict)
+// reaches the privacy boundary.
+// The tools the deny pilot is armed for. The notes-location admission gate is
+// exactly {Write, Edit}; "unknown" is a defensive fallback the gate should make
+// unreachable, kept so a future deny rule on another tool still classifies safely.
+exports.ENFORCED_TOOLS = ["Write", "Edit", "unknown"];
+// The enforcement verdict the hook emitted. Only "deny" fires today; "warn" is
+// reserved for the soft-gate path so the tile can later split block vs warn.
+exports.ENFORCEMENT_DECISIONS = ["deny", "warn"];
+// The human-review label dimension the deny tile needs (§5.1: "confirmed /
+// false-positive / unreviewed"). Born "unreviewed" at emit time; an offline
+// labeler supersedes with "confirmed" or "false_positive" (e.g. the known
+// notes-location-v1 vault-own-path false positive).
+exports.ENFORCEMENT_REVIEW_STATUSES = ["unreviewed", "confirmed", "false_positive"];
+// --- pilot feedback enums (memo §6 Phase 3) ---------------------------------
+// The FOUR natural points at which the pilot samples an explicit human verdict
+// (memo lines 551-552: "candidate accept/reject, alert true/false/uncertain, deny
+// correct/incorrect, ordinary injection sampled occasionally"). A closed enum so no
+// open string reaches the privacy boundary.
+exports.PILOT_FEEDBACK_POINTS = ["candidate", "injection", "alert", "deny"];
+// The union of every verdict any point can carry. The point->verdict pairing is
+// validated in lib/analytics/pilot.ts (PILOT_FEEDBACK_POINT_VERDICTS); this tuple is
+// only the closed membership set the boundary checks:
+//   candidate  -> accept | reject
+//   injection  -> useful | noise | uncertain
+//   alert      -> confirmed | disposed | uncertain
+//   deny       -> correct | incorrect
+exports.PILOT_FEEDBACK_VERDICTS = [
+    "accept",
+    "reject",
+    "useful",
+    "noise",
+    "uncertain",
+    "confirmed",
+    "disposed",
+    "correct",
+    "incorrect",
+];
 // --- CE0 evidence-consultation telemetry enums (§6.4) -----------------------
 // The wire forms of the rules-layer CE0 enums. Re-declared here, in the analytics
 // layer, on purpose: the privacy boundary validates membership against THESE closed

package/dist/lib/analytics/pilot.js

@@ -0,0 +1,313 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DEFAULT_INJECTION_SAMPLE_N = exports.PILOT_FEEDBACK_POINT_VERDICTS = void 0;
+exports.validatePilotFeedback = validatePilotFeedback;
+exports.buildPilotFeedbackEvent = buildPilotFeedbackEvent;
+exports.injectionSampleN = injectionSampleN;
+exports.shouldSampleInjection = shouldSampleInjection;
+exports.aggregatePilot = aggregatePilot;
+// Pilot instrumentation helpers (memo notes/20260624-mla-new-user-value-and-brownfield-proof.md
+// §6 Phase 3). Pure + I/O-free so the four-hypothesis report and the sampling gate are
+// directly testable. Three responsibilities:
+//
+//   1. validatePilotFeedback / buildPilotFeedbackEvent -- turn one human verdict at a
+//      natural point into a closed, PII-bounded mla_pilot_feedback RecordInput.
+//   2. shouldSampleInjection -- the deterministic gate that makes injection feedback
+//      OCCASIONAL, never every-injection (memo lines 551-554: prompting on every
+//      injection makes mla itself annoying). Same inject -> same decision, so a hook
+//      never double-prompts and the test can pin the distribution.
+//   3. aggregatePilot -- fold the local event jsonl into the memo's FOUR hypotheses.
+//      No dashboard: this is the "simple report" half of "store raw events and generate
+//      a simple report/export" (memo line 553).
+//
+// The auto-derived inject heuristic band (mla_evidence_outcome used/ignored) is
+// deliberately NOT the value signal here; the memo forbids building it for the pilot.
+// This module reads the EXPLICIT mla_pilot_feedback verdicts, and uses mla_command
+// timestamps only for retention + time-to-first-useful.
+const crypto = __importStar(require("crypto"));
+const envelope_1 = require("./envelope");
+const event_id_1 = require("./event-id");
+// The point -> allowed-verdicts pairing (memo lines 551-552). A verdict outside its
+// point's set is a programming/usage error, refused before anything is recorded.
+exports.PILOT_FEEDBACK_POINT_VERDICTS = {
+    candidate: ["accept", "reject"],
+    injection: ["useful", "noise", "uncertain"],
+    alert: ["confirmed", "disposed", "uncertain"],
+    deny: ["correct", "incorrect"],
+};
+// Refuse a malformed verdict whole (the command maps a throw to exit 2). Three checks:
+// the point is known, the verdict is allowed for that point, and prevented_mistake is
+// only ever set on a CONFIRMED alert.
+function validatePilotFeedback(input) {
+    if (!envelope_1.PILOT_FEEDBACK_POINTS.includes(input.point)) {
+        throw new Error(`unknown feedback point "${input.point}" (expected one of: ${envelope_1.PILOT_FEEDBACK_POINTS.join(", ")})`);
+    }
+    if (!envelope_1.PILOT_FEEDBACK_VERDICTS.includes(input.verdict)) {
+        throw new Error(`unknown verdict "${input.verdict}" (expected one of: ${envelope_1.PILOT_FEEDBACK_VERDICTS.join(", ")})`);
+    }
+    const allowed = exports.PILOT_FEEDBACK_POINT_VERDICTS[input.point];
+    if (!allowed.includes(input.verdict)) {
+        throw new Error(`verdict "${input.verdict}" is not valid for point "${input.point}" (allowed: ${allowed.join(", ")})`);
+    }
+    if (input.preventedMistake && !(input.point === "alert" && input.verdict === "confirmed")) {
+        throw new Error('prevented_mistake is a tag on a CONFIRMED alert only (point=alert, verdict=confirmed)');
+    }
+}
+// Build the RecordInput for one pilot verdict. Mints a fresh CLI-origin feedback_id
+// (uuid, not a content hash: two identical verdicts seconds apart are distinct events).
+function buildPilotFeedbackEvent(input) {
+    validatePilotFeedback(input);
+    const payload = {
+        feedback_id: (0, event_id_1.mintEventId)(),
+        feedback_point: input.point,
+        verdict: input.verdict,
+        prevented_mistake: input.preventedMistake === true,
+        sampled: input.sampled === true,
+    };
+    return {
+        eventType: "mla_pilot_feedback",
+        payload: payload,
+    };
+}
+// --- the sampling gate ------------------------------------------------------
+// Default: sample ~1 in 5 injections for relevance feedback. Occasional, not every
+// injection (the memo's explicit anti-annoyance constraint).
+exports.DEFAULT_INJECTION_SAMPLE_N = 5;
+// Resolve the 1-in-N sampling rate from env. 0 disables sampling (never prompt); 1
+// means every injection (opt-in to blanket prompting); >=2 is the occasional band.
+// A malformed/negative value falls back to the default rather than failing a hook.
+function injectionSampleN(env = process.env) {
+    const raw = (env.MEETLESS_PILOT_INJECTION_SAMPLE_N || "").trim();
+    if (!raw)
+        return exports.DEFAULT_INJECTION_SAMPLE_N;
+    const n = Number(raw);
+    if (!Number.isFinite(n) || n < 0)
+        return exports.DEFAULT_INJECTION_SAMPLE_N;
+    return Math.floor(n);
+}
+// Map a stable key (an inject_id) to a 32-bit unsigned int via sha256. Deterministic
+// across processes so the SAME inject yields the SAME sample decision -- a hook that
+// re-evaluates a turn never flips from "prompt" to "don't" and double-asks.
+function hashToUint(key) {
+    const hex = crypto.createHash("sha256").update(key).digest("hex").slice(0, 8);
+    return parseInt(hex, 16) >>> 0;
+}
+// Should this injection be sampled for explicit relevance feedback? Deterministic in
+// `key`. n<=0 -> never; n===1 -> always; otherwise ~1-in-n by hash bucket. An empty
+// key is never sampled (we cannot key a stable decision on nothing).
+function shouldSampleInjection(key, n = exports.DEFAULT_INJECTION_SAMPLE_N) {
+    if (!key)
+        return false;
+    if (n <= 0)
+        return false;
+    if (n === 1)
+        return true;
+    return hashToUint(key) % n === 0;
+}
+// --- the four-hypothesis report --------------------------------------------
+const DAY_MS = 24 * 60 * 60 * 1000;
+function rate(numer, denom) {
+    return denom > 0 ? numer / denom : null;
+}
+function ms(iso) {
+    if (!iso)
+        return null;
+    const t = Date.parse(iso);
+    return Number.isFinite(t) ? t : null;
+}
+// Fold the raw local events into the four hypotheses. The verdict hypotheses (H1-H3)
+// are scoped to the window; retention (H4) and time-to-first-useful intentionally span
+// the FULL history (a 7/14-day retention question is meaningless inside a 7-day window).
+function aggregatePilot(events, opts) {
+    const windowStart = opts.nowMs - opts.windowDays * DAY_MS;
+    const inWindow = (ev) => {
+        const t = ms(ev.created_at);
+        return t !== null && t >= windowStart;
+    };
+    const report = {
+        window_days: opts.windowDays,
+        generated_at: new Date(opts.nowMs).toISOString(),
+        onboarding: {
+            candidate_accept: 0,
+            candidate_reject: 0,
+            acceptance_rate: null,
+            review_accept: 0,
+            review_reject: 0,
+            time_to_first_useful_ms: null,
+        },
+        injection: {
+            useful: 0,
+            noise: 0,
+            uncertain: 0,
+            usefulness_rate: null,
+            sampled_feedback_count: 0,
+            total_injects: 0,
+            feedback_coverage_rate: null,
+        },
+        coordination: {
+            alert_confirmed: 0,
+            alert_disposed: 0,
+            alert_uncertain: 0,
+            confirmation_rate: null,
+            prevented_mistakes: 0,
+            deny_correct: 0,
+            deny_incorrect: 0,
+            deny_annoyance_rate: null,
+            contradictions_surfaced: 0,
+            contradictions_acted_on: 0,
+        },
+        retention: {
+            first_seen: null,
+            last_seen: null,
+            active_days: 0,
+            used_after_7d: false,
+            used_after_14d: false,
+        },
+        totals: { pilot_feedback_events: 0, events_scanned: events.length },
+    };
+    // Full-history scratch for retention + time-to-first-useful.
+    let onboardingStartMs = null; // first activate (fallback: first command)
+    let firstCommandMs = null;
+    let firstUsefulMs = null;
+    let lastCommandMs = null;
+    const activeDayKeys = new Set();
+    for (const ev of events) {
+        const t = ms(ev.created_at);
+        if (ev.event_type === "mla_command") {
+            const cmd = ev.command;
+            if (t !== null) {
+                if (firstCommandMs === null || t < firstCommandMs)
+                    firstCommandMs = t;
+                if (lastCommandMs === null || t > lastCommandMs)
+                    lastCommandMs = t;
+                activeDayKeys.add(new Date(t).toISOString().slice(0, 10));
+                if (cmd === "activate" && (onboardingStartMs === null || t < onboardingStartMs)) {
+                    onboardingStartMs = t;
+                }
+            }
+            continue;
+        }
+        if (ev.event_type === "mla_pilot_feedback") {
+            const p = ev;
+            // time-to-first-useful spans full history (an early "useful" still counts).
+            if (t !== null &&
+                ((p.feedback_point === "candidate" && p.verdict === "accept") ||
+                    (p.feedback_point === "injection" && p.verdict === "useful"))) {
+                if (firstUsefulMs === null || t < firstUsefulMs)
+                    firstUsefulMs = t;
+            }
+            if (!inWindow(ev))
+                continue;
+            report.totals.pilot_feedback_events++;
+            switch (p.feedback_point) {
+                case "candidate":
+                    if (p.verdict === "accept")
+                        report.onboarding.candidate_accept++;
+                    else if (p.verdict === "reject")
+                        report.onboarding.candidate_reject++;
+                    break;
+                case "injection":
+                    if (p.verdict === "useful")
+                        report.injection.useful++;
+                    else if (p.verdict === "noise")
+                        report.injection.noise++;
+                    else if (p.verdict === "uncertain")
+                        report.injection.uncertain++;
+                    if (p.sampled)
+                        report.injection.sampled_feedback_count++;
+                    break;
+                case "alert":
+                    if (p.verdict === "confirmed")
+                        report.coordination.alert_confirmed++;
+                    else if (p.verdict === "disposed")
+                        report.coordination.alert_disposed++;
+                    else if (p.verdict === "uncertain")
+                        report.coordination.alert_uncertain++;
+                    if (p.prevented_mistake)
+                        report.coordination.prevented_mistakes++;
+                    break;
+                case "deny":
+                    if (p.verdict === "correct")
+                        report.coordination.deny_correct++;
+                    else if (p.verdict === "incorrect")
+                        report.coordination.deny_incorrect++;
+                    break;
+            }
+            continue;
+        }
+        if (!inWindow(ev))
+            continue;
+        if (ev.event_type === "mla_evidence_inject") {
+            report.injection.total_injects++;
+        }
+        else if (ev.event_type === "mla_review_decision") {
+            const d = ev.decision;
+            if (d === "accept")
+                report.onboarding.review_accept++;
+            else if (d === "reject")
+                report.onboarding.review_reject++;
+        }
+        else if (ev.event_type === "mla_contradiction") {
+            const c = ev;
+            if (c.contradiction_surfaced)
+                report.coordination.contradictions_surfaced++;
+            if (c.contradiction_acted_on)
+                report.coordination.contradictions_acted_on++;
+        }
+    }
+    // Derived rates.
+    const o = report.onboarding;
+    o.acceptance_rate = rate(o.candidate_accept, o.candidate_accept + o.candidate_reject);
+    const start = onboardingStartMs ?? firstCommandMs;
+    if (start !== null && firstUsefulMs !== null && firstUsefulMs >= start) {
+        o.time_to_first_useful_ms = firstUsefulMs - start;
+    }
+    const inj = report.injection;
+    inj.usefulness_rate = rate(inj.useful, inj.useful + inj.noise);
+    inj.feedback_coverage_rate = rate(inj.sampled_feedback_count, inj.total_injects);
+    const co = report.coordination;
+    co.confirmation_rate = rate(co.alert_confirmed, co.alert_confirmed + co.alert_disposed);
+    co.deny_annoyance_rate = rate(co.deny_incorrect, co.deny_correct + co.deny_incorrect);
+    const r = report.retention;
+    r.first_seen = firstCommandMs !== null ? new Date(firstCommandMs).toISOString() : null;
+    r.last_seen = lastCommandMs !== null ? new Date(lastCommandMs).toISOString() : null;
+    r.active_days = activeDayKeys.size;
+    if (firstCommandMs !== null && lastCommandMs !== null) {
+        r.used_after_7d = lastCommandMs - firstCommandMs >= 7 * DAY_MS;
+        r.used_after_14d = lastCommandMs - firstCommandMs >= 14 * DAY_MS;
+    }
+    return report;
+}