@oculum/scanner 1.0.9 → 1.0.11

package/src/layer3/anthropic/providers/openai.ts

@@ -0,0 +1,384 @@
+/**
+ * OpenAI Provider Implementation
+ *
+ * Validation using OpenAI GPT-5-mini model.
+ */
+
+import type { Vulnerability, ScanFile, ValidationStatus } from '../../../types'
+import type { ProjectContext } from '../../../utils/project-context-builder'
+import { buildProjectContext } from '../../../utils/project-context-builder'
+import type { ValidationStats, AIValidationResult, StatsAccumulator } from '../types'
+import { createStatsAccumulator } from '../types'
+import { getOpenAIClient, GPT5_MINI_PRICING, FILES_PER_API_BATCH, PARALLEL_API_BATCHES } from '../clients'
+import { makeOpenAIRequestWithRetry } from '../utils/retry'
+import { parseMultiFileValidationResponse, parseValidationResponse, applyValidationResults } from '../utils/response-parser'
+import { buildMultiFileValidationRequest } from '../request-builder'
+import { HIGH_CONTEXT_VALIDATION_PROMPT } from '../prompts/validation'
+
+// Cache for project context (built once per scan)
+let cachedProjectContext: ProjectContext | null = null
+
+/**
+ * Validate findings using OpenAI GPT-5-mini
+ * This mirrors the Anthropic validation flow but uses OpenAI's API
+ */
+export async function validateWithOpenAI(
+  findings: Vulnerability[],
+  files: ScanFile[],
+  projectContext: ProjectContext | undefined,
+  stats: ValidationStats
+): Promise<AIValidationResult> {
+  const client = getOpenAIClient()
+
+  // Build or use cached project context
+  const context = projectContext || cachedProjectContext || buildProjectContext(files)
+  if (!projectContext && !cachedProjectContext) {
+    cachedProjectContext = context
+    console.log('[OpenAI Validation] Built project context:', {
+      hasAuthMiddleware: context.auth.hasGlobalMiddleware,
+      authProvider: context.auth.authProvider,
+      orm: context.dataAccess.orm,
+      framework: context.frameworks.primary,
+    })
+  }
+
+  // Group findings by file for efficient validation
+  const findingsByFile = new Map<string, Vulnerability[]>()
+  for (const finding of findings) {
+    const existing = findingsByFile.get(finding.filePath) || []
+    existing.push(finding)
+    findingsByFile.set(finding.filePath, existing)
+  }
+
+  const validatedFindings: Vulnerability[] = []
+  const fileEntries = Array.from(findingsByFile.entries())
+
+  // Track metrics (thread-safe accumulator)
+  let totalApiBatches = 0
+  const statsLock: StatsAccumulator = createStatsAccumulator()
+
+  const totalFileBatches = Math.ceil(fileEntries.length / FILES_PER_API_BATCH)
+  console.log(`[OpenAI Validation] Processing ${fileEntries.length} files in ${totalFileBatches} API batch(es) (${PARALLEL_API_BATCHES} parallel)`)
+
+  // Create all batch definitions
+  const allBatches: Array<{
+    batchNum: number
+    fileBatch: Array<[string, Vulnerability[]]>
+  }> = []
+
+  for (let batchStart = 0; batchStart < fileEntries.length; batchStart += FILES_PER_API_BATCH) {
+    const fileBatch = fileEntries.slice(batchStart, batchStart + FILES_PER_API_BATCH)
+    const batchNum = Math.floor(batchStart / FILES_PER_API_BATCH) + 1
+    allBatches.push({ batchNum, fileBatch })
+  }
+
+  // Process a single batch - returns validated findings for that batch
+  const processBatch = async (
+    batchDef: { batchNum: number; fileBatch: Array<[string, Vulnerability[]]> }
+  ): Promise<Vulnerability[]> => {
+    const { batchNum, fileBatch } = batchDef
+    const batchFindings: Vulnerability[] = []
+
+    // Prepare file data for batch request
+    const fileDataList: Array<{ file: ScanFile; findings: Vulnerability[]; filePath: string }> = []
+    const filesWithoutContent: Array<{ filePath: string; findings: Vulnerability[] }> = []
+
+    for (const [filePath, fileFindings] of fileBatch) {
+      const file = files.find(f => f.path === filePath)
+      if (!file) {
+        filesWithoutContent.push({ filePath, findings: fileFindings })
+      } else {
+        fileDataList.push({ file, findings: fileFindings, filePath })
+      }
+    }
+
+    // Handle files without content
+    for (const { findings: fileFindings } of filesWithoutContent) {
+      for (const f of fileFindings) {
+        batchFindings.push({
+          ...f,
+          validatedByAI: false,
+          validationStatus: 'not_validated' as ValidationStatus,
+          validationNotes: 'File content not available for validation',
+        })
+      }
+    }
+
+    if (fileDataList.length === 0) {
+      return batchFindings
+    }
+
+    try {
+      // Build multi-file validation request
+      const validationRequest = buildMultiFileValidationRequest(
+        fileDataList.map(({ file, findings: fileFindings }) => ({ file, findings: fileFindings })),
+        context
+      )
+
+      // Call OpenAI GPT-5-mini with retry logic
+      const response = await makeOpenAIRequestWithRetry(async () =>
+        client.chat.completions.create({
+          model: 'gpt-5-mini-2025-08-07',
+          messages: [
+            { role: 'system', content: HIGH_CONTEXT_VALIDATION_PROMPT },
+            { role: 'user', content: validationRequest },
+          ],
+          max_completion_tokens: 4096, // Sufficient for larger batches with many findings
+          response_format: {
+            type: 'json_schema',
+            json_schema: {
+              name: 'validation_response',
+              strict: true,
+              schema: {
+                type: 'object',
+                properties: {
+                  validations: {
+                    type: 'array',
+                    items: {
+                      type: 'object',
+                      properties: {
+                        file: { type: 'string' },
+                        validations: {
+                          type: 'array',
+                          items: {
+                            type: 'object',
+                            properties: {
+                              index: { type: 'number' },
+                              keep: { type: 'boolean' },
+                              notes: {
+                                type: ['string', 'null'],
+                                default: null
+                              },
+                              adjustedSeverity: {
+                                type: ['string', 'null'],
+                                enum: ['critical', 'high', 'medium', 'low', 'info', null],
+                                default: null
+                              },
+                              impact: {
+                                type: ['string', 'null'],
+                                description: 'Context-aware explanation of why this matters (1-2 sentences)',
+                                default: null
+                              },
+                              fixSuggestion: {
+                                type: ['string', 'null'],
+                                description: 'Specific, actionable fix for this code context',
+                                default: null
+                              }
+                            },
+                            required: ['index', 'keep', 'notes', 'adjustedSeverity', 'impact', 'fixSuggestion'],
+                            additionalProperties: false
+                          }
+                        }
+                      },
+                      required: ['file', 'validations'],
+                      additionalProperties: false
+                    }
+                  }
+                },
+                required: ['validations'],
+                additionalProperties: false
+              }
+            }
+          }
+        })
+      )
+
+      // Track API call stats (accumulate to shared stats)
+      statsLock.apiCalls++
+
+      // Extract token usage from OpenAI response
+      const usage = response.usage
+      if (usage) {
+        const promptTokens = usage.prompt_tokens || 0
+        const completionTokens = usage.completion_tokens || 0
+        const cachedTokens = (usage as any).prompt_tokens_details?.cached_tokens || 0
+        const freshInputTokens = promptTokens - cachedTokens
+
+        statsLock.estimatedInputTokens += freshInputTokens
+        statsLock.estimatedOutputTokens += completionTokens
+        statsLock.cacheReadTokens += cachedTokens
+
+        console.log(`[OpenAI] Batch ${batchNum} tokens: ${promptTokens} input (${cachedTokens} cached), ${completionTokens} output`)
+
+        const freshCost = (freshInputTokens * GPT5_MINI_PRICING.input) / 1_000_000
+        const cachedCost = (cachedTokens * GPT5_MINI_PRICING.cached) / 1_000_000
+        const outputCost = (completionTokens * GPT5_MINI_PRICING.output) / 1_000_000
+        statsLock.estimatedCost += freshCost + cachedCost + outputCost
+      }
+
+      // Parse response content
+      const content = response.choices[0]?.message?.content
+      if (!content) {
+        for (const { findings: fileFindings } of fileDataList) {
+          for (const f of fileFindings) {
+            batchFindings.push({
+              ...f,
+              validatedByAI: false,
+              validationStatus: 'not_validated' as ValidationStatus,
+              validationNotes: 'No valid response from OpenAI',
+            })
+          }
+        }
+        return batchFindings
+      }
+
+      // Parse structured JSON response (with validations wrapper from response_format)
+      let parsedContent: any
+      try {
+        parsedContent = JSON.parse(content)
+        console.log(`[OpenAI Debug] Raw parsed content keys:`, Object.keys(parsedContent))
+        // Unwrap the validations array if present (from structured output)
+        if (parsedContent.validations && Array.isArray(parsedContent.validations)) {
+          console.log(`[OpenAI Debug] Unwrapping 'validations' array with ${parsedContent.validations.length} items`)
+          parsedContent = parsedContent.validations
+        } else if (Array.isArray(parsedContent)) {
+          console.log(`[OpenAI Debug] Content is already an array with ${parsedContent.length} items`)
+        } else {
+          console.log(`[OpenAI Debug] Content structure:`, typeof parsedContent, Array.isArray(parsedContent))
+        }
+      } catch (e) {
+        console.warn('[OpenAI] Failed to parse JSON response:', e)
+        parsedContent = content
+      }
+
+      // Parse multi-file response
+      const expectedFiles = fileDataList.map(({ filePath }) => filePath)
+      const validationResultsMap = parseMultiFileValidationResponse(
+        typeof parsedContent === 'string' ? parsedContent : JSON.stringify(parsedContent),
+        expectedFiles
+      )
+
+      console.log(`[OpenAI] Batch ${batchNum} parsed ${validationResultsMap.size} file results from ${fileDataList.length} files`)
+      if (validationResultsMap.size === 0) {
+        console.warn(`[OpenAI] WARNING: No file results parsed! Content type: ${typeof parsedContent}, isArray: ${Array.isArray(parsedContent)}`)
+        if (Array.isArray(parsedContent) && parsedContent.length > 0) {
+          console.log(`[OpenAI] First item structure:`, Object.keys(parsedContent[0]))
+        }
+      }
+
+      // Log any missing files from the response (these will be REJECTED)
+      if (validationResultsMap.size !== fileDataList.length) {
+        const missing = fileDataList
+          .filter(({ filePath }) => !validationResultsMap.has(filePath))
+          .map(({ filePath }) => filePath)
+        if (missing.length > 0) {
+          console.warn(`[OpenAI] Missing ${missing.length} files from response (will be REJECTED): ${missing.join(', ')}`)
+        }
+      }
+
+      // Apply results per file
+      for (const { filePath, findings: fileFindings } of fileDataList) {
+        const fileResults = validationResultsMap.get(filePath)
+        console.log(`[OpenAI] File ${filePath}: ${fileResults?.length || 0} validation results for ${fileFindings.length} findings`)
+
+        if (!fileResults || fileResults.length === 0) {
+          const singleFileResults = parseValidationResponse(content)
+          if (singleFileResults.length > 0 && fileDataList.length === 1) {
+            const { processed: processedFindings, dismissedCount } = applyValidationResults(fileFindings, singleFileResults)
+            statsLock.validatedFindings += processedFindings.length + dismissedCount
+            statsLock.dismissedFindings += dismissedCount
+            for (const processed of processedFindings) {
+              if (processed.validationStatus === 'confirmed') statsLock.confirmedFindings++
+              else if (processed.validationStatus === 'downgraded') statsLock.downgradedFindings++
+              batchFindings.push(processed)
+            }
+          } else {
+            // No validation results - REJECT all findings for this file (conservative approach)
+            console.warn(`[OpenAI] No validation results for ${filePath} - REJECTING ${fileFindings.length} findings`)
+            statsLock.validatedFindings += fileFindings.length
+            statsLock.dismissedFindings += fileFindings.length
+            // Don't add to batchFindings - findings are rejected
+          }
+        } else {
+          const { processed: processedFindings, dismissedCount } = applyValidationResults(fileFindings, fileResults)
+          statsLock.validatedFindings += processedFindings.length + dismissedCount
+          statsLock.dismissedFindings += dismissedCount
+          for (const processed of processedFindings) {
+            if (processed.validationStatus === 'confirmed') statsLock.confirmedFindings++
+            else if (processed.validationStatus === 'downgraded') statsLock.downgradedFindings++
+            batchFindings.push(processed)
+          }
+        }
+      }
+
+    } catch (error) {
+      console.error(`[OpenAI Validation] Error in batch ${batchNum}:`, error)
+      for (const { findings: fileFindings } of fileDataList) {
+        for (const f of fileFindings) {
+          batchFindings.push({
+            ...f,
+            validatedByAI: false,
+            validationStatus: 'not_validated' as ValidationStatus,
+            validationNotes: 'Validation failed due to API error',
+          })
+        }
+      }
+    }
+
+    return batchFindings
+  }
+
+  // Process batches in parallel groups
+  const startTime = Date.now()
+  for (let i = 0; i < allBatches.length; i += PARALLEL_API_BATCHES) {
+    const parallelGroup = allBatches.slice(i, i + PARALLEL_API_BATCHES)
+    const batchNums = parallelGroup.map(b => b.batchNum).join(', ')
+    console.log(`[OpenAI Validation] Processing batches ${batchNums} in parallel`)
+
+    const results = await Promise.all(parallelGroup.map(processBatch))
+    for (const batchResults of results) {
+      validatedFindings.push(...batchResults)
+    }
+    totalApiBatches += parallelGroup.length
+  }
+  const totalDuration = Date.now() - startTime
+
+  // Copy accumulated stats back
+  stats.apiCalls = statsLock.apiCalls
+  stats.estimatedInputTokens = statsLock.estimatedInputTokens
+  stats.estimatedOutputTokens = statsLock.estimatedOutputTokens
+  stats.cacheReadTokens = statsLock.cacheReadTokens
+  stats.estimatedCost = statsLock.estimatedCost
+  stats.validatedFindings = statsLock.validatedFindings
+  stats.confirmedFindings = statsLock.confirmedFindings
+  stats.dismissedFindings = statsLock.dismissedFindings
+  stats.downgradedFindings = statsLock.downgradedFindings
+
+  // Calculate cache hit rate
+  const totalCacheableTokens = stats.cacheCreationTokens + stats.cacheReadTokens
+  stats.cacheHitRate = totalCacheableTokens > 0
+    ? stats.cacheReadTokens / totalCacheableTokens
+    : 0
+
+  // Log validation stats
+  const avgTimePerFileMs = fileEntries.length > 0
+    ? (totalDuration / fileEntries.length).toFixed(0)
+    : '0'
+  const totalDurationSec = (totalDuration / 1000).toFixed(1)
+
+  console.log(`[OpenAI Validation] Stats:`)
+  console.log(`  - Total findings: ${stats.totalFindings}`)
+  console.log(`  - AI validated: ${stats.validatedFindings}`)
+  console.log(`  - Confirmed: ${stats.confirmedFindings}`)
+  console.log(`  - Dismissed: ${stats.dismissedFindings}`)
+  console.log(`  - Downgraded: ${stats.downgradedFindings}`)
+  console.log(`  - API calls: ${stats.apiCalls}`)
+  console.log(`  - Performance:`)
+  console.log(`    - Total duration: ${totalDurationSec}s`)
+  console.log(`    - Total API batches: ${totalApiBatches}`)
+  console.log(`    - Avg time per file: ${avgTimePerFileMs}ms`)
+  console.log(`  - Token usage:`)
+  console.log(`    - Input (fresh): ${stats.estimatedInputTokens} tokens`)
+  console.log(`    - Cached: ${stats.cacheReadTokens} tokens`)
+  console.log(`    - Output: ${stats.estimatedOutputTokens} tokens`)
+  console.log(`  - Estimated cost: $${stats.estimatedCost.toFixed(4)}`)
+
+  return { vulnerabilities: validatedFindings, stats }
+}
+
+/**
+ * Clear cached project context (called after validation complete)
+ */
+export function clearOpenAICache(): void {
+  cachedProjectContext = null
+}

package/src/layer3/anthropic/request-builder.ts

@@ -0,0 +1,150 @@
+/**
+ * Request Builders for AI Validation
+ *
+ * Functions for building validation requests with full file context.
+ */
+
+import type { Vulnerability, ScanFile } from '../../types'
+import type { ProjectContext } from '../../utils/project-context-builder'
+import { getFileValidationContext } from '../../utils/project-context-builder'
+import { getLanguageFromPath } from './utils/path-helpers'
+
+// ============================================================================
+// Single-File Request Builder
+// ============================================================================
+
+/**
+ * Build a high-context validation request with full file content
+ */
+export function buildHighContextValidationRequest(
+  file: ScanFile,
+  findings: Vulnerability[],
+  projectContext: ProjectContext
+): string {
+  // Add line numbers to full file content
+  const numberedContent = file.content
+    .split('\n')
+    .map((line, i) => `${String(i + 1).padStart(4, ' ')} | ${line}`)
+    .join('\n')
+
+  // Build candidate findings list
+  const candidatesText = findings.map((f, idx) => {
+    return `### Candidate ${idx}
+- **Rule**: ${f.title}
+- **Category**: ${f.category}
+- **Original Severity**: ${f.severity}
+- **Line**: ${f.lineNumber}
+- **Detection Layer**: ${f.layer}
+- **Description**: ${f.description}
+- **Flagged Code**: \`${f.lineContent.trim()}\``
+  }).join('\n\n')
+
+  // Get file-specific context
+  const fileContext = getFileValidationContext(file, projectContext)
+
+  return `## Project Context
+${projectContext.summary}
+
+${fileContext}
+
+## Full File Content
+\`\`\`${file.language || getLanguageFromPath(file.path)}
+${numberedContent}
+\`\`\`
+
+## Candidate Findings to Validate (${findings.length} total)
+
+${candidatesText}
+
+---
+
+Please validate each candidate finding. Return a JSON array with your decision for each.
+Remember: Be AGGRESSIVE in rejecting false positives. Use the full file context and project architecture to make informed decisions.`
+}
+
+// ============================================================================
+// Multi-File Request Builder (Phase 2 Optimization)
+// ============================================================================
+
+/**
+ * Build a multi-file validation request (Phase 2 optimization)
+ * Batches multiple files into a single API call to reduce overhead
+ */
+export function buildMultiFileValidationRequest(
+  fileDataList: Array<{ file: ScanFile; findings: Vulnerability[] }>,
+  projectContext: ProjectContext
+): string {
+  const filesContent = fileDataList.map(({ file, findings }, fileIndex) => {
+    // Add line numbers to full file content
+    const numberedContent = file.content
+      .split('\n')
+      .map((line, i) => `${String(i + 1).padStart(4, ' ')} | ${line}`)
+      .join('\n')
+
+    // Build candidate findings list with file-specific indices
+    const candidatesText = findings.map((f, idx) => {
+      return `### Candidate ${idx}
+- **Rule**: ${f.title}
+- **Category**: ${f.category}
+- **Original Severity**: ${f.severity}
+- **Line**: ${f.lineNumber}
+- **Detection Layer**: ${f.layer}
+- **Description**: ${f.description}
+- **Flagged Code**: \`${f.lineContent.trim()}\``
+    }).join('\n\n')
+
+    // Get file-specific context
+    const fileContext = getFileValidationContext(file, projectContext)
+
+    return `
+================================================================================
+FILE ${fileIndex + 1}: ${file.path}
+================================================================================
+
+${fileContext}
+
+### Full File Content
+\`\`\`${file.language || getLanguageFromPath(file.path)}
+${numberedContent}
+\`\`\`
+
+### Candidate Findings to Validate (${findings.length} total)
+
+${candidatesText}`
+  }).join('\n\n')
+
+  return `## Project Context
+${projectContext.summary}
+
+${filesContent}
+
+---
+
+## Response Format
+
+For EACH file, provide a JSON object with the file path and validation results.
+Return a JSON array where each element has:
+- "file": the file path (e.g., "${fileDataList[0]?.file.path || 'path/to/file.ts'}")
+- "validations": array of validation results for that file's candidates
+
+Example response format:
+\`\`\`json
+[
+  {
+    "file": "src/auth.ts",
+    "validations": [
+      { "index": 0, "keep": true, "adjustedSeverity": "medium", "notes": "Protected by middleware" },
+      { "index": 1, "keep": false }
+    ]
+  },
+  {
+    "file": "src/api.ts",
+    "validations": [
+      { "index": 0, "keep": true, "notes": "User input flows to SQL query" }
+    ]
+  }
+]
+\`\`\`
+
+Remember: Be AGGRESSIVE in rejecting false positives. Use the full file context and project architecture to make informed decisions.`
+}

package/src/layer3/anthropic/types.ts

@@ -0,0 +1,148 @@
+/**
+ * Type definitions for AI validation module
+ */
+
+import type { Vulnerability, VulnerabilitySeverity, VulnerabilityCategory, ValidationStatus } from '../../types'
+
+// ============================================================================
+// Cost Monitoring Types
+// ============================================================================
+
+export interface ValidationStats {
+  /** Total findings processed (input) */
+  totalFindings: number
+  /** Findings that went through AI validation */
+  validatedFindings: number
+  /** Findings confirmed as true positives */
+  confirmedFindings: number
+  /** Findings dismissed as false positives */
+  dismissedFindings: number
+  /** Findings with severity adjusted down */
+  downgradedFindings: number
+  /** Findings auto-dismissed before AI (test files, etc.) */
+  autoDismissedFindings: number
+  /** Estimated input tokens used */
+  estimatedInputTokens: number
+  /** Estimated output tokens used */
+  estimatedOutputTokens: number
+  /** Estimated cost in USD (based on Haiku pricing) */
+  estimatedCost: number
+  /** Number of API calls made */
+  apiCalls: number
+  /** Cache creation tokens (first write to cache) */
+  cacheCreationTokens: number
+  /** Cache read tokens (subsequent reads from cache) */
+  cacheReadTokens: number
+  /** Cache hit rate (0-1) */
+  cacheHitRate: number
+}
+
+export interface AIValidationResult {
+  vulnerabilities: Vulnerability[]
+  stats: ValidationStats
+}
+
+// ============================================================================
+// Validation Types
+// ============================================================================
+
+export interface ValidationResult {
+  index: number
+  keep: boolean
+  // Optimized format: single notes field (replaces reason + validationNotes)
+  notes?: string  // Only for keep=true, concise explanation
+  adjustedSeverity?: VulnerabilitySeverity | null
+  // Legacy fields for backward compatibility during parsing
+  reason?: string
+  validationNotes?: string
+  // Actionable output fields (PRO-82) - only for kept findings
+  impact?: string  // Context-aware explanation of why this matters
+  fixSuggestion?: string  // Specific fix recommendation for this code context
+}
+
+export interface AIFinding {
+  lineNumber: number
+  severity: VulnerabilitySeverity
+  category: VulnerabilityCategory
+  title: string
+  description: string
+  suggestedFix: string
+}
+
+// ============================================================================
+// Context Types
+// ============================================================================
+
+export interface Layer3Context {
+  /** Middleware configuration from project scan */
+  middlewareConfig?: {
+    hasAuthMiddleware: boolean
+    authType?: string
+    protectedPaths: string[]
+  }
+  /** Auth helper context */
+  authHelpers?: {
+    hasThrowingHelpers: boolean
+    summary: string
+  }
+  /** Additional context string */
+  additionalContext?: string
+}
+
+// ============================================================================
+// Auto-Dismiss Types
+// ============================================================================
+
+export interface AutoDismissRule {
+  name: string
+  check: (finding: Vulnerability, fileContent?: string) => boolean
+  reason: string
+}
+
+// ============================================================================
+// Stats Accumulator (for thread-safe parallel processing)
+// ============================================================================
+
+export interface StatsAccumulator {
+  apiCalls: number
+  estimatedInputTokens: number
+  estimatedOutputTokens: number
+  cacheReadTokens: number
+  estimatedCost: number
+  validatedFindings: number
+  confirmedFindings: number
+  dismissedFindings: number
+  downgradedFindings: number
+}
+
+export function createStatsAccumulator(): StatsAccumulator {
+  return {
+    apiCalls: 0,
+    estimatedInputTokens: 0,
+    estimatedOutputTokens: 0,
+    cacheReadTokens: 0,
+    estimatedCost: 0,
+    validatedFindings: 0,
+    confirmedFindings: 0,
+    dismissedFindings: 0,
+    downgradedFindings: 0,
+  }
+}
+
+export function createInitialStats(totalFindings: number): ValidationStats {
+  return {
+    totalFindings,
+    validatedFindings: 0,
+    confirmedFindings: 0,
+    dismissedFindings: 0,
+    downgradedFindings: 0,
+    autoDismissedFindings: 0,
+    estimatedInputTokens: 0,
+    estimatedOutputTokens: 0,
+    estimatedCost: 0,
+    apiCalls: 0,
+    cacheCreationTokens: 0,
+    cacheReadTokens: 0,
+    cacheHitRate: 0,
+  }
+}