@pinta-ai/pinta-opencode 0.1.0

package/CHANGELOG.md

@@ -0,0 +1,17 @@
+# Changelog
+
+## 0.1.0 (unreleased)
+
+Initial implementation — OTLP forwarder + guard for opencode, as an in-process plugin.
+
+- Plugin entry (`PintaOpencode`) wiring `chat.message` (trace rotation), `event`
+  (lifecycle telemetry + flush on `session.idle`), `tool.execute.before`
+  (guard gate → DENY throws with reason), `tool.execute.after` (tool span).
+- Core (ported from pinta-copilot): `otlp` (Bronze flattening, `ingest.type=opencode`),
+  `redact`, `transport` (in-memory retry), `trace` (in-memory, sessionID-keyed),
+  `guard` (50ms fail-open, decoupled from env).
+- Config resolution: plugin options → `process.env` → `pinta-opencode.env`.
+- Validated end-to-end against opencode 1.15.3 (ALLOW/DENY + OTLP collection).
+  See `HYPOTHESIS_VALIDATION.md` §10–13.
+- Robustness (M2): 40 unit/integration tests incl. a real local collector+guard
+  harness covering ALLOW / DENY / fail-open / session.idle flush.

package/LICENSE

@@ -0,0 +1,136 @@
+# PolyForm Noncommercial License 1.0.0
+
+<https://polyformproject.org/licenses/noncommercial/1.0.0>
+
+## Acceptance
+
+In order to get any license under these terms, you must agree
+to them as both strict obligations and conditions to all
+your licenses.
+
+## Copyright License
+
+The licensor grants you a copyright license for the
+software to do everything you might do with the software
+that would otherwise infringe the licensor's copyright
+in it for any permitted purpose.  However, you may
+only distribute the software according to [Distribution
+License](#distribution-license) and make changes or new works
+based on the software according to [Changes and New Works
+License](#changes-and-new-works-license).
+
+## Distribution License
+
+The licensor grants you an additional copyright license to
+distribute copies of the software.  Your license to distribute
+covers distributing the software with changes and new works
+permitted by [Changes and New Works
+License](#changes-and-new-works-license).
+
+## Notices
+
+You must ensure that anyone who gets a copy of any part of
+the software from you also gets a copy of these terms or the
+URL for them above, as well as copies of any plain-text lines
+beginning with `Required Notice:` that the licensor provided
+with the software.  For example:
+
+> Required Notice: Copyright Pinta AI (https://pinta.sh)
+
+## Changes and New Works License
+
+The licensor grants you an additional copyright license to make
+changes and new works based on the software for any permitted
+purpose.
+
+## Patent License
+
+The licensor grants you a patent license for the software that
+covers patent claims the licensor can license, or becomes able
+to license, that you would infringe by using the software.
+
+## Noncommercial Purposes
+
+Any noncommercial purpose is a permitted purpose.
+
+## Personal Uses
+
+Personal use for research, experiment, and testing for
+the benefit of public knowledge, personal study, private
+entertainment, hobby projects, amateur pursuits, or religious
+observance, without any anticipated commercial application,
+is use for a permitted purpose.
+
+## Noncommercial Organizations
+
+Use by any charitable organization, educational institution,
+public research organization, public safety or health
+organization, environmental protection organization, or
+government institution is use for a permitted purpose
+regardless of the source of funding or obligations resulting
+from the funding.
+
+## Fair Use
+
+You may have "fair use" rights for the software under the
+law.  These terms do not limit them.
+
+## No Other Rights
+
+These terms do not allow you to sublicense or transfer any of
+your licenses to anyone else, or prevent the licensor from
+granting licenses to anyone else.  These terms do not imply
+any other licenses.
+
+## Patent Defense
+
+If you make any written claim that the software infringes or
+contributes to infringement of any patent, your patent license
+for the software granted under these terms ends immediately. If
+your company makes such a claim, your patent license ends
+immediately for work on behalf of your company.
+
+## Violations
+
+The first time you are notified in writing that you have
+violated any of these terms, or done anything with the software
+not covered by your licenses, your licenses can nonetheless
+continue if you come into full compliance with these terms,
+and take practical steps to correct past violations, within
+32 days of receiving notice.  Otherwise, all your licenses
+end immediately.
+
+## No Liability
+
+***As far as the law allows, the software comes as is, without
+any warranty or condition, and the licensor will not be liable
+to you for any damages arising out of these terms or the use
+or nature of the software, under any kind of legal claim.***
+
+## Definitions
+
+The **licensor** is the individual or entity offering these
+terms, and the **software** is the software the licensor makes
+available under these terms.
+
+**You** refers to the individual or entity agreeing to these
+terms.
+
+**Your company** is any legal entity, sole proprietorship,
+or other kind of organization that you work for, plus all
+organizations that have control over, are under the control
+of, or are under common control with that organization.
+**Control** means ownership of substantially all the assets of
+an entity, or the power to direct its management and policies
+by vote, contract, or otherwise.  Control can be direct or
+indirect.
+
+**Your licenses** are all the licenses granted to you for the
+software under these terms.
+
+**Use** means anything you do with the software requiring one
+of your licenses.
+
+---
+
+Required Notice: Copyright (c) 2026 Pinta AI

package/README.md

@@ -0,0 +1,121 @@
+# pinta-opencode — OTLP forwarder + guard for opencode
+
+Converts **opencode** session/tool events into OTLP/HTTP spans and forwards them to any OpenTelemetry-compatible collector, with an optional external **guard** that can allow/deny tool calls and surface a human-readable reason. Vendor-neutral. No Pinta CLI dependency. Identity is attached at the relay layer.
+
+Unlike the Claude Code / Codex / Copilot adapters (which spawn a process per hook and talk over stdin/stdout), opencode loads plugins **in-process**. pinta-opencode is therefore a **single importable plugin module** — installed via `opencode.json` or a plugins-dir drop-in, no opencode source changes.
+
+> Status: spec complete and validated end-to-end against **opencode 1.15.3**. See [`SPEC.md`](./SPEC.md), [`PLAN.md`](./PLAN.md), and the empirical record in [`HYPOTHESIS_VALIDATION.md`](./HYPOTHESIS_VALIDATION.md) (§10–13).
+
+## How it hooks in
+
+opencode fires plugin hooks around every built-in **and** MCP tool. This adapter uses only non-experimental hooks:
+
+| Hook | Adapter does | Verified payload |
+|---|---|---|
+| `chat.message` | start a new trace (turn boundary) | `{ sessionID, agent, model, messageID, variant }` |
+| `event` | lifecycle span (Bronze flatten) + flush on `session.idle` | `{ event: { id, type, properties } }`, every event carries `properties.sessionID` |
+| `tool.execute.before` | query guard → **`throw` on DENY** + emit span | input `{ tool, sessionID, callID }`, output `{ args }` (full tool args, mutable) |
+| `tool.execute.after` | tool-result span (incl. exit code) | output `{ title, output, metadata{ output, exit, truncated, … } }` |
+
+> The `permission.ask` plugin hook is **declared but never triggered** in opencode — do not depend on it. Gating is done in `tool.execute.before` only.
+
+## Install
+
+Add to global `~/.config/opencode/opencode.json` (or a project `opencode.json`):
+
+```jsonc
+{
+  "plugin": [
+    ["@pinta-ai/pinta-opencode", {
+      "endpoint": "https://your-collector.example.com/v1/traces",
+      "guard": "https://your-relay.example.com/guard"
+    }]
+  ]
+}
+```
+
+opencode installs the npm package on demand and checks `engines.opencode` for compatibility. Alternatively drop a single file into `~/.config/opencode/plugins/` (global) or `.opencode/plugins/` (project) — auto-discovered, no config edit.
+
+> Managed installs (Pinta Manager) inject the same `plugin` line via the sidecar enroll module — no manual step.
+
+## Configuration
+
+Resolution order: **plugin options (2nd arg) → `process.env` → `~/.config/opencode/pinta-opencode.env`** (unset-only). Both options and env are visible at runtime (verified).
+
+```env
+# ~/.config/opencode/pinta-opencode.env
+PINTA_OPENCODE_ENDPOINT=https://your-collector.example.com/v1/traces
+PINTA_OPENCODE_TOKEN=YOUR-TOKEN
+# optional: external guard (allow/deny tool calls)
+PINTA_OPENCODE_GUARD=https://your-relay.example.com/guard
+```
+
+| Var (option / env) | Purpose |
+|---|---|
+| `endpoint` / `PINTA_OPENCODE_ENDPOINT` | Full OTLP/HTTP traces URL. Falls back to `OTEL_EXPORTER_OTLP_TRACES_ENDPOINT` → `OTEL_EXPORTER_OTLP_ENDPOINT` (+`/v1/traces`). No endpoint → telemetry disabled. |
+| `headers` / `PINTA_OPENCODE_HEADERS` | `key=val,key=val` request headers (auth). Falls back to `OTEL_EXPORTER_OTLP_HEADERS`. |
+| `guard` / `PINTA_OPENCODE_GUARD` | Optional. POST'd on `tool.execute.before`; a `DENY` blocks the tool. No endpoint → governance disabled. |
+| `token` / `PINTA_OPENCODE_TOKEN` | Sent as `x-pinta-relay-token` on guard + OTLP. |
+| `PINTA_OPENCODE_GUARD_TIMEOUT_MS` | Guard client timeout (default `50`; `300` recommended in production for cold-start). |
+| `PINTA_OPENCODE_GUARD_DISABLED=1` | Force-disable the guard. |
+
+Telemetry and governance are independent — endpoint only, guard only, both, or neither all work.
+
+## Guard (allow / deny + reason)
+
+On `tool.execute.before` the adapter POSTs to the guard endpoint (cc/codex/copilot contract — backend unchanged):
+
+```
+POST {guard}   header: x-pinta-relay-token: {PINTA_RELAY_TOKEN}
+body: { "input": { "spanId", "toolName", "toolInput", "rawTextFields": { "toolInput" } } }
+200: { "decision": "ALLOW"|"DENY"|"REVIEW", "reason", "userMessage?", "durationMs?" }
+```
+
+A `DENY` becomes `throw new Error(userMessage ?? reason ?? "guard_deny")`. Verified effect: **only that tool is blocked** (`tool.execute.after` does not fire), the reason shows as `✗ … failed` + `Error: <reason>` to the model/TUI, and the session stays alive. `ALLOW`/`REVIEW` pass through.
+
+Guard is **fail-open** (no endpoint / `PINTA_GUARD_DISABLED=1` / non-200 / timeout / error → allow), so it never breaks a session. The 50ms inline call does not block tool execution.
+
+## Span conventions
+
+| Attribute | Value |
+|---|---|
+| `ingest.type` | `"opencode"` (aware-backend discriminator) |
+| `opencode.kind` | `event` \| `tool.before` \| `tool.after` |
+| `opencode.event_type` | event type (`message.part.updated`, `session.idle`, …) |
+| `opencode.<key>` | every other field (Bronze flattening, raw key preserved) |
+| `pinta.guard.{decision,duration_ms,matched_rule,fail_open_reason}` | guard result |
+| `service.name` | `"opencode"` · `telemetry.sdk.name` `"pinta-opencode"` |
+
+Tool spans are built from `tool.execute.before/after` (richer: args, output, exit) rather than the event bus; `event` covers lifecycle and turn boundaries.
+
+## Architecture
+
+```
+src/
+├── plugin.ts             # entry: export const PintaOpencode = async (input, options) => Hooks
+├── config.ts             # options → process.env → pinta-opencode.env (unset-only)
+├── telemetry.ts          # event → span (Bronze flatten), tool span from before/after
+├── core/
+│   ├── otlp.ts           # Bronze flattening (opencode.*) + ingest.type + guard attrs
+│   ├── trace.ts          # ULID trace, keyed by sessionID, rotated on chat.message
+│   ├── transport.ts      # POST OTLP/HTTP traces (5s), in-memory retry queue
+│   ├── retry-queue.ts    # batched flush on next event
+│   ├── guard.ts          # POST PINTA_GUARD_ENDPOINT (50ms), fail-open
+│   └── redact.ts         # Tier-1 redaction + Tier-3 truncation
+```
+
+State lives in memory (keyed by `sessionID`) — opencode instantiates the plugin once per instance, so per-event file persistence is unnecessary (optional via `PINTA_PERSIST=1`).
+
+## Development
+
+```bash
+bun install
+bun run build         # → dist/
+bun test
+```
+
+Compatibility: opencode **>= 1.15.0** (`engines.opencode`). Uses only non-experimental hooks.
+
+## License
+
+[PolyForm Noncommercial 1.0.0](https://polyformproject.org/licenses/noncommercial/1.0.0) — see [LICENSE](LICENSE). Commercial use is not permitted; contact Pinta AI for a commercial license.

package/dist/config.d.ts

@@ -0,0 +1,27 @@
+/** Options object passed via `opencode.json` → `plugin:[["@pinta-ai/pinta-opencode", {…}]]`. */
+export interface PintaOptions {
+    /** Full OTLP/HTTP traces URL. */
+    endpoint?: string;
+    /** `key=val,key=val` request headers, or a parsed record. */
+    headers?: string | Record<string, string>;
+    /** Guard policy server URL. */
+    guard?: string;
+    /** Relay token (sent as x-pinta-relay-token). */
+    token?: string;
+    /** Guard client timeout in ms (default 50). */
+    guardTimeoutMs?: number;
+}
+export interface ResolvedConfig {
+    endpoint?: string;
+    headers: Record<string, string>;
+    guardEndpoint?: string;
+    relayToken?: string;
+    guardTimeoutMs: number;
+    guardDisabled: boolean;
+    serviceVersion: string;
+}
+/**
+ * Resolve runtime config. Precedence: plugin options → process.env →
+ * env-file (unset-only). Both options and env are visible at runtime (verified G5).
+ */
+export declare function resolveConfig(options?: PintaOptions): ResolvedConfig;

package/dist/config.js

@@ -0,0 +1,49 @@
+import { loadEnvFile } from "./env-file.js";
+function parseHeaders(raw) {
+    if (!raw)
+        return {};
+    if (typeof raw === "object")
+        return { ...raw };
+    const out = {};
+    for (const pair of raw.split(",")) {
+        const [k, ...rest] = pair.split("=");
+        if (k && rest.length > 0)
+            out[k.trim()] = rest.join("=").trim();
+    }
+    return out;
+}
+function resolveEndpoint(options) {
+    const full = options.endpoint ||
+        process.env.PINTA_OPENCODE_ENDPOINT ||
+        process.env.OTEL_EXPORTER_OTLP_TRACES_ENDPOINT;
+    if (full)
+        return full.replace(/\/+$/, "");
+    const base = process.env.OTEL_EXPORTER_OTLP_ENDPOINT;
+    if (base)
+        return base.replace(/\/+$/, "") + "/v1/traces";
+    return undefined;
+}
+/**
+ * Resolve runtime config. Precedence: plugin options → process.env →
+ * env-file (unset-only). Both options and env are visible at runtime (verified G5).
+ */
+export function resolveConfig(options = {}) {
+    loadEnvFile(); // lowest priority — fills only unset process.env keys
+    const relayToken = options.token || process.env.PINTA_OPENCODE_TOKEN || undefined;
+    const headers = parseHeaders(options.headers ?? process.env.PINTA_OPENCODE_HEADERS ?? process.env.OTEL_EXPORTER_OTLP_HEADERS);
+    // Auto-attach the relay token as a header if one is set and not already present.
+    if (relayToken && !Object.keys(headers).some((k) => k.toLowerCase() === "x-pinta-relay-token")) {
+        headers["x-pinta-relay-token"] = relayToken;
+    }
+    const guardTimeoutMs = options.guardTimeoutMs ?? (Number(process.env.PINTA_OPENCODE_GUARD_TIMEOUT_MS) || 50);
+    return {
+        endpoint: resolveEndpoint(options),
+        headers,
+        guardEndpoint: options.guard || process.env.PINTA_OPENCODE_GUARD || undefined,
+        relayToken,
+        guardTimeoutMs,
+        guardDisabled: process.env.PINTA_OPENCODE_GUARD_DISABLED === "1",
+        serviceVersion: process.env.OPENCODE_VERSION || "unknown",
+    };
+}
+//# sourceMappingURL=config.js.map

package/dist/config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AA0B5C,SAAS,YAAY,CAAC,GAAgD;IACpE,IAAI,CAAC,GAAG;QAAE,OAAO,EAAE,CAAC;IACpB,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,EAAE,GAAG,GAAG,EAAE,CAAC;IAC/C,MAAM,GAAG,GAA2B,EAAE,CAAC;IACvC,KAAK,MAAM,IAAI,IAAI,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;QAClC,MAAM,CAAC,CAAC,EAAE,GAAG,IAAI,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACrC,IAAI,CAAC,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC;YAAE,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;IAClE,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,eAAe,CAAC,OAAqB;IAC5C,MAAM,IAAI,GACR,OAAO,CAAC,QAAQ;QAChB,OAAO,CAAC,GAAG,CAAC,uBAAuB;QACnC,OAAO,CAAC,GAAG,CAAC,kCAAkC,CAAC;IACjD,IAAI,IAAI;QAAE,OAAO,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IAC1C,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC;IACrD,IAAI,IAAI;QAAE,OAAO,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,GAAG,YAAY,CAAC;IACzD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,aAAa,CAAC,UAAwB,EAAE;IACtD,WAAW,EAAE,CAAC,CAAC,sDAAsD;IAErE,MAAM,UAAU,GAAG,OAAO,CAAC,KAAK,IAAI,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,SAAS,CAAC;IAElF,MAAM,OAAO,GAAG,YAAY,CAC1B,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,GAAG,CAAC,sBAAsB,IAAI,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAChG,CAAC;IACF,iFAAiF;IACjF,IAAI,UAAU,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,KAAK,qBAAqB,CAAC,EAAE,CAAC;QAC/F,OAAO,CAAC,qBAAqB,CAAC,GAAG,UAAU,CAAC;IAC9C,CAAC;IAED,MAAM,cAAc,GAClB,OAAO,CAAC,cAAc,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,+BAA+B,CAAC,IAAI,EAAE,CAAC,CAAC;IAExF,OAAO;QACL,QAAQ,EAAE,eAAe,CAAC,OAAO,CAAC;QAClC,OAAO;QACP,aAAa,EAAE,OAAO,CAAC,KAAK,IAAI,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,SAAS;QAC7E,UAAU;QACV,cAAc;QACd,aAAa,EAAE,OAAO,CAAC,GAAG,CAAC,6BAA6B,KAAK,GAAG;QAChE,cAAc,EAAE,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,SAAS;KAC1D,CAAC;AACJ,CAAC"}

package/dist/core/guard.d.ts

@@ -0,0 +1,29 @@
+export interface GuardInput {
+    spanId: string;
+    toolName?: string;
+    toolInput?: unknown;
+    rawTextFields?: Record<string, string>;
+}
+export interface GuardResult {
+    decision: "ALLOW" | "DENY" | "REVIEW";
+    reason: string | null;
+    userMessage: string | null;
+    durationMs: number;
+    failOpenReason?: "timeout" | "refused" | "error";
+}
+export interface GuardOptions {
+    /** Hard timeout. 50ms default keeps the hook snappy; 300ms recommended in prod. */
+    timeoutMs?: number;
+    /** Sent as x-pinta-relay-token. */
+    token?: string;
+    /** Force-disable even if an endpoint is configured. */
+    disabled?: boolean;
+}
+/**
+ * Query the external guard policy server. Fail-open on every error path
+ * (no endpoint / disabled / non-200 / timeout / throw → ALLOW). Options are
+ * passed explicitly (not read from process.env) because the opencode plugin
+ * is a long-lived in-process module whose config is resolved at init, after
+ * this module is already imported.
+ */
+export declare function evaluateGuard(input: GuardInput, endpoint: string | undefined, opts?: GuardOptions): Promise<GuardResult | null>;

package/dist/core/guard.js

@@ -0,0 +1,50 @@
+function sleep(ms) {
+    return new Promise((_, reject) => setTimeout(() => {
+        const err = new Error("Guard request timed out");
+        err.name = "TimeoutError";
+        reject(err);
+    }, ms));
+}
+/**
+ * Query the external guard policy server. Fail-open on every error path
+ * (no endpoint / disabled / non-200 / timeout / throw → ALLOW). Options are
+ * passed explicitly (not read from process.env) because the opencode plugin
+ * is a long-lived in-process module whose config is resolved at init, after
+ * this module is already imported.
+ */
+export async function evaluateGuard(input, endpoint, opts = {}) {
+    if (!endpoint)
+        return null;
+    if (opts.disabled)
+        return null;
+    const timeoutMs = opts.timeoutMs ?? 50;
+    const start = Date.now();
+    try {
+        const res = await Promise.race([
+            fetch(endpoint, {
+                method: "POST",
+                headers: {
+                    "content-type": "application/json",
+                    "x-pinta-relay-token": opts.token ?? "",
+                },
+                body: JSON.stringify({ input }),
+            }),
+            sleep(timeoutMs),
+        ]);
+        if (res.status !== 200) {
+            return { decision: "ALLOW", reason: null, userMessage: null, durationMs: Date.now() - start, failOpenReason: "error" };
+        }
+        const body = (await res.json());
+        return {
+            decision: body.decision,
+            reason: body.reason,
+            userMessage: body.userMessage ?? null,
+            durationMs: body.durationMs ?? Date.now() - start,
+        };
+    }
+    catch (err) {
+        const reason = err.name === "TimeoutError" ? "timeout" : "error";
+        return { decision: "ALLOW", reason: null, userMessage: null, durationMs: Date.now() - start, failOpenReason: reason };
+    }
+}
+//# sourceMappingURL=guard.js.map

package/dist/core/guard.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"guard.js","sourceRoot":"","sources":["../../src/core/guard.ts"],"names":[],"mappings":"AA2BA,SAAS,KAAK,CAAC,EAAU;IACvB,OAAO,IAAI,OAAO,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE,CAC/B,UAAU,CAAC,GAAG,EAAE;QACd,MAAM,GAAG,GAAG,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QACjD,GAAG,CAAC,IAAI,GAAG,cAAc,CAAC;QAC1B,MAAM,CAAC,GAAG,CAAC,CAAC;IACd,CAAC,EAAE,EAAE,CAAC,CACP,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,KAAiB,EACjB,QAA4B,EAC5B,OAAqB,EAAE;IAEvB,IAAI,CAAC,QAAQ;QAAE,OAAO,IAAI,CAAC;IAC3B,IAAI,IAAI,CAAC,QAAQ;QAAE,OAAO,IAAI,CAAC;IAC/B,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,IAAI,EAAE,CAAC;IACvC,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACzB,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC;YAC7B,KAAK,CAAC,QAAQ,EAAE;gBACd,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;oBAClC,qBAAqB,EAAE,IAAI,CAAC,KAAK,IAAI,EAAE;iBACxC;gBACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,CAAC;aAChC,CAAC;YACF,KAAK,CAAC,SAAS,CAAC;SACjB,CAAC,CAAC;QACH,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YACvB,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,EAAE,cAAc,EAAE,OAAO,EAAE,CAAC;QACzH,CAAC;QACD,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAK7B,CAAC;QACF,OAAO;YACL,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,WAAW,EAAE,IAAI,CAAC,WAAW,IAAI,IAAI;YACrC,UAAU,EAAE,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;SAClD,CAAC;IACJ,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,MAAM,GAAmC,GAAa,CAAC,IAAI,KAAK,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC;QAC3G,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,EAAE,cAAc,EAAE,MAAM,EAAE,CAAC;IACxH,CAAC;AACH,CAAC"}

package/dist/core/otlp.d.ts

@@ -0,0 +1,51 @@
+import type { GuardResult } from "./guard.js";
+export interface OtlpAttribute {
+    key: string;
+    value: {
+        stringValue: string;
+    } | {
+        intValue: number;
+    } | {
+        doubleValue: number;
+    } | {
+        boolValue: boolean;
+    };
+}
+export interface OtlpSpan {
+    traceId: string;
+    spanId: string;
+    name: string;
+    kind: number;
+    startTimeUnixNano: string;
+    endTimeUnixNano: string;
+    attributes: OtlpAttribute[];
+}
+export interface ResourceSpans {
+    resource: {
+        attributes: OtlpAttribute[];
+    };
+    scopeSpans: Array<{
+        scope: {
+            name: string;
+            version: string;
+        };
+        spans: OtlpSpan[];
+    }>;
+}
+export interface OtlpPayload {
+    resourceSpans: ResourceSpans[];
+}
+/** Convert a 26-char Crockford ULID into 32 lowercase hex chars for an OTLP traceId. */
+export declare function ulidToTraceId(ulid: string): string;
+/** Generate a fresh 16-hex-char (8-byte) span ID. */
+export declare function newSpanId(): string;
+export declare function buildOtlpPayload(args: {
+    name: string;
+    traceId: string;
+    fields: Record<string, unknown>;
+    serviceVersion: string;
+    now?: number;
+    guard?: GuardResult | null;
+}): OtlpPayload;
+/** Concatenate per-event payloads' resourceSpans into one OTLP payload. */
+export declare function mergeBatch(payloads: OtlpPayload[]): OtlpPayload;

package/dist/core/otlp.js

@@ -0,0 +1,135 @@
+import crypto from "crypto";
+import os from "os";
+import { redact, truncate } from "./redact.js";
+const SDK_VERSION = "0.1.0"; // keep in sync with package.json
+const CROCKFORD = "0123456789ABCDEFGHJKMNPQRSTVWXYZ";
+/** Convert a 26-char Crockford ULID into 32 lowercase hex chars for an OTLP traceId. */
+export function ulidToTraceId(ulid) {
+    if (ulid.length !== 26)
+        throw new Error(`ulidToTraceId: expected 26 chars, got ${ulid.length}`);
+    let n = 0n;
+    for (const ch of ulid) {
+        const idx = CROCKFORD.indexOf(ch);
+        if (idx < 0)
+            throw new Error(`ulidToTraceId: invalid Crockford char "${ch}"`);
+        n = (n << 5n) | BigInt(idx);
+    }
+    n &= (1n << 128n) - 1n;
+    return n.toString(16).padStart(32, "0");
+}
+/** Generate a fresh 16-hex-char (8-byte) span ID. */
+export function newSpanId() {
+    return crypto.randomBytes(8).toString("hex");
+}
+/** Identifier/enum keys for which redaction is skipped (truncation still applies). */
+const SKIP_REDACT_KEYS = new Set([
+    "opencode.kind",
+    "opencode.event_type",
+    "opencode.tool",
+    "opencode.session_id", "opencode.sessionID",
+    "opencode.call_id", "opencode.callID",
+    "opencode.agent",
+    "opencode.model",
+    "opencode.exit",
+    "opencode.truncated",
+    "opencode.title",
+]);
+/** Keys that may carry shell command / tool payload text → bash redaction context. */
+const BASH_CONTEXT_KEYS = new Set([
+    "opencode.args",
+    "opencode.input",
+    "opencode.output",
+    "opencode.tool_input",
+]);
+function maybeRedactString(key, raw) {
+    const truncated = truncate(raw);
+    if (SKIP_REDACT_KEYS.has(key))
+        return truncated;
+    const context = BASH_CONTEXT_KEYS.has(key) ? "bash" : undefined;
+    return redact(truncated, { context });
+}
+/** Convert a JS value into an OTLP attribute value. Returns null to omit. */
+function toOtlpValue(key, v) {
+    if (v === null || v === undefined)
+        return null;
+    switch (typeof v) {
+        case "string":
+            return { stringValue: maybeRedactString(key, v) };
+        case "boolean":
+            return { boolValue: v };
+        case "number":
+            return Number.isInteger(v) ? { intValue: v } : { doubleValue: v };
+        case "object":
+            try {
+                return { stringValue: maybeRedactString(key, JSON.stringify(v)) };
+            }
+            catch {
+                return { stringValue: maybeRedactString(key, String(v)) };
+            }
+        default:
+            return { stringValue: maybeRedactString(key, String(v)) };
+    }
+}
+/** Bronze flattening: every field becomes an `opencode.<key>` attribute, losslessly. */
+function flattenFields(fields) {
+    // Discriminator first so aware-backend's detectIngestType hits it cheaply.
+    const out = [{ key: "ingest.type", value: { stringValue: "opencode" } }];
+    for (const [k, v] of Object.entries(fields)) {
+        const key = `opencode.${k}`;
+        const value = toOtlpValue(key, v);
+        if (value === null)
+            continue;
+        out.push({ key, value });
+    }
+    return out;
+}
+function resourceAttrs(serviceVersion) {
+    return [
+        { key: "service.name", value: { stringValue: "opencode" } },
+        { key: "service.version", value: { stringValue: serviceVersion } },
+        { key: "telemetry.sdk.name", value: { stringValue: "pinta-opencode" } },
+        { key: "telemetry.sdk.language", value: { stringValue: "nodejs" } },
+        { key: "telemetry.sdk.version", value: { stringValue: SDK_VERSION } },
+        { key: "process.pid", value: { intValue: process.pid } },
+        { key: "process.owner", value: { stringValue: os.userInfo().username } },
+        { key: "host.name", value: { stringValue: os.hostname() } },
+        { key: "host.arch", value: { stringValue: os.arch() } },
+    ];
+}
+export function buildOtlpPayload(args) {
+    const ts = args.now ?? Date.now();
+    const tsNano = (BigInt(ts) * 1000000n).toString();
+    const attrs = flattenFields(args.fields);
+    if (args.guard) {
+        attrs.push({ key: "pinta.guard.decision", value: { stringValue: args.guard.decision.toLowerCase() } }, { key: "pinta.guard.duration_ms", value: { intValue: args.guard.durationMs } });
+        if (args.guard.reason)
+            attrs.push({ key: "pinta.guard.matched_rule", value: { stringValue: args.guard.reason } });
+        if (args.guard.failOpenReason)
+            attrs.push({ key: "pinta.guard.fail_open_reason", value: { stringValue: args.guard.failOpenReason } });
+    }
+    const span = {
+        traceId: ulidToTraceId(args.traceId),
+        spanId: newSpanId(),
+        name: args.name,
+        kind: 1, // SPAN_KIND_INTERNAL
+        startTimeUnixNano: tsNano,
+        endTimeUnixNano: tsNano,
+        attributes: attrs,
+    };
+    return {
+        resourceSpans: [
+            {
+                resource: { attributes: resourceAttrs(args.serviceVersion) },
+                scopeSpans: [{ scope: { name: "pinta-opencode", version: SDK_VERSION }, spans: [span] }],
+            },
+        ],
+    };
+}
+/** Concatenate per-event payloads' resourceSpans into one OTLP payload. */
+export function mergeBatch(payloads) {
+    const out = [];
+    for (const p of payloads)
+        out.push(...p.resourceSpans);
+    return { resourceSpans: out };
+}
+//# sourceMappingURL=otlp.js.map

package/dist/core/otlp.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"otlp.js","sourceRoot":"","sources":["../../src/core/otlp.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAG/C,MAAM,WAAW,GAAG,OAAO,CAAC,CAAC,iCAAiC;AA0B9D,MAAM,SAAS,GAAG,kCAAkC,CAAC;AAErD,wFAAwF;AACxF,MAAM,UAAU,aAAa,CAAC,IAAY;IACxC,IAAI,IAAI,CAAC,MAAM,KAAK,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,yCAAyC,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;IAChG,IAAI,CAAC,GAAG,EAAE,CAAC;IACX,KAAK,MAAM,EAAE,IAAI,IAAI,EAAE,CAAC;QACtB,MAAM,GAAG,GAAG,SAAS,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QAClC,IAAI,GAAG,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,0CAA0C,EAAE,GAAG,CAAC,CAAC;QAC9E,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;IAC9B,CAAC;IACD,CAAC,IAAI,CAAC,EAAE,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,OAAO,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;AAC1C,CAAC;AAED,qDAAqD;AACrD,MAAM,UAAU,SAAS;IACvB,OAAO,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AAC/C,CAAC;AAED,sFAAsF;AACtF,MAAM,gBAAgB,GAAwB,IAAI,GAAG,CAAC;IACpD,eAAe;IACf,qBAAqB;IACrB,eAAe;IACf,qBAAqB,EAAE,oBAAoB;IAC3C,kBAAkB,EAAE,iBAAiB;IACrC,gBAAgB;IAChB,gBAAgB;IAChB,eAAe;IACf,oBAAoB;IACpB,gBAAgB;CACjB,CAAC,CAAC;AAEH,sFAAsF;AACtF,MAAM,iBAAiB,GAAwB,IAAI,GAAG,CAAC;IACrD,eAAe;IACf,gBAAgB;IAChB,iBAAiB;IACjB,qBAAqB;CACtB,CAAC,CAAC;AAEH,SAAS,iBAAiB,CAAC,GAAW,EAAE,GAAW;IACjD,MAAM,SAAS,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC;IAChC,IAAI,gBAAgB,CAAC,GAAG,CAAC,GAAG,CAAC;QAAE,OAAO,SAAS,CAAC;IAChD,MAAM,OAAO,GAAG,iBAAiB,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAE,MAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;IAC3E,OAAO,MAAM,CAAC,SAAS,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC;AACxC,CAAC;AAED,6EAA6E;AAC7E,SAAS,WAAW,CAAC,GAAW,EAAE,CAAU;IAC1C,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,SAAS;QAAE,OAAO,IAAI,CAAC;IAC/C,QAAQ,OAAO,CAAC,EAAE,CAAC;QACjB,KAAK,QAAQ;YACX,OAAO,EAAE,WAAW,EAAE,iBAAiB,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC;QACpD,KAAK,SAAS;YACZ,OAAO,EAAE,SAAS,EAAE,CAAC,EAAE,CAAC;QAC1B,KAAK,QAAQ;YACX,OAAO,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,CAAC,EAAE,CAAC;QACpE,KAAK,QAAQ;YACX,IAAI,CAAC;gBACH,OAAO,EAAE,WAAW,EAAE,iBAAiB,CAAC,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACpE,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,EAAE,WAAW,EAAE,iBAAiB,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAC5D,CAAC;QACH;YACE,OAAO,EAAE,WAAW,EAAE,iBAAiB,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAC9D,CAAC;AACH,CAAC;AAED,wFAAwF;AACxF,SAAS,aAAa,CAAC,MAA+B;IACpD,2EAA2E;IAC3E,MAAM,GAAG,GAAoB,CAAC,EAAE,GAAG,EAAE,aAAa,EAAE,KAAK,EAAE,EAAE,WAAW,EAAE,UAAU,EAAE,EAAE,CAAC,CAAC;IAC1F,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAC5C,MAAM,GAAG,GAAG,YAAY,CAAC,EAAE,CAAC;QAC5B,MAAM,KAAK,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;QAClC,IAAI,KAAK,KAAK,IAAI;YAAE,SAAS;QAC7B,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC,CAAC;IAC3B,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,aAAa,CAAC,cAAsB;IAC3C,OAAO;QACL,EAAE,GAAG,EAAE,cAAc,EAAE,KAAK,EAAE,EAAE,WAAW,EAAE,UAAU,EAAE,EAAE;QAC3D,EAAE,GAAG,EAAE,iBAAiB,EAAE,KAAK,EAAE,EAAE,WAAW,EAAE,cAAc,EAAE,EAAE;QAClE,EAAE,GAAG,EAAE,oBAAoB,EAAE,KAAK,EAAE,EAAE,WAAW,EAAE,gBAAgB,EAAE,EAAE;QACvE,EAAE,GAAG,EAAE,wBAAwB,EAAE,KAAK,EAAE,EAAE,WAAW,EAAE,QAAQ,EAAE,EAAE;QACnE,EAAE,GAAG,EAAE,uBAAuB,EAAE,KAAK,EAAE,EAAE,WAAW,EAAE,WAAW,EAAE,EAAE;QACrE,EAAE,GAAG,EAAE,aAAa,EAAE,KAAK,EAAE,EAAE,QAAQ,EAAE,OAAO,CAAC,GAAG,EAAE,EAAE;QACxD,EAAE,GAAG,EAAE,eAAe,EAAE,KAAK,EAAE,EAAE,WAAW,EAAE,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE,EAAE;QACxE,EAAE,GAAG,EAAE,WAAW,EAAE,KAAK,EAAE,EAAE,WAAW,EAAE,EAAE,CAAC,QAAQ,EAAE,EAAE,EAAE;QAC3D,EAAE,GAAG,EAAE,WAAW,EAAE,KAAK,EAAE,EAAE,WAAW,EAAE,EAAE,CAAC,IAAI,EAAE,EAAE,EAAE;KACxD,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,IAOhC;IACC,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;IAClC,MAAM,MAAM,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,GAAG,QAAU,CAAC,CAAC,QAAQ,EAAE,CAAC;IACpD,MAAM,KAAK,GAAG,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACzC,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;QACf,KAAK,CAAC,IAAI,CACR,EAAE,GAAG,EAAE,sBAAsB,EAAE,KAAK,EAAE,EAAE,WAAW,EAAE,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,WAAW,EAAE,EAAE,EAAE,EAC1F,EAAE,GAAG,EAAE,yBAAyB,EAAE,KAAK,EAAE,EAAE,QAAQ,EAAE,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,EAAE,CAC/E,CAAC;QACF,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM;YAAE,KAAK,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,0BAA0B,EAAE,KAAK,EAAE,EAAE,WAAW,EAAE,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;QAClH,IAAI,IAAI,CAAC,KAAK,CAAC,cAAc;YAC3B,KAAK,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,8BAA8B,EAAE,KAAK,EAAE,EAAE,WAAW,EAAE,IAAI,CAAC,KAAK,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC;IAC3G,CAAC;IACD,MAAM,IAAI,GAAa;QACrB,OAAO,EAAE,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC;QACpC,MAAM,EAAE,SAAS,EAAE;QACnB,IAAI,EAAE,IAAI,CAAC,IAAI;QACf,IAAI,EAAE,CAAC,EAAE,qBAAqB;QAC9B,iBAAiB,EAAE,MAAM;QACzB,eAAe,EAAE,MAAM;QACvB,UAAU,EAAE,KAAK;KAClB,CAAC;IACF,OAAO;QACL,aAAa,EAAE;YACb;gBACE,QAAQ,EAAE,EAAE,UAAU,EAAE,aAAa,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE;gBAC5D,UAAU,EAAE,CAAC,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,WAAW,EAAE,EAAE,KAAK,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;aACzF;SACF;KACF,CAAC;AACJ,CAAC;AAED,2EAA2E;AAC3E,MAAM,UAAU,UAAU,CAAC,QAAuB;IAChD,MAAM,GAAG,GAAoB,EAAE,CAAC;IAChC,KAAK,MAAM,CAAC,IAAI,QAAQ;QAAE,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,aAAa,CAAC,CAAC;IACvD,OAAO,EAAE,aAAa,EAAE,GAAG,EAAE,CAAC;AAChC,CAAC"}