@rulecatch/ai-pooler 0.4.0

package/dist/index.cjs

@@ -0,0 +1,1278 @@
+'use strict';
+
+var crypto = require('crypto');
+var child_process = require('child_process');
+
+/**
+ * Rulecatch AI - MCP Development Analytics Types
+ *
+ * Event types and interfaces for tracking AI-assisted development metrics.
+ */
+/**
+ * Pricing table for cost calculation
+ * Source: Official pricing pages as of January 2026
+ */
+const MODEL_PRICING = {
+    // Claude 4 series (January 2026 pricing)
+    'claude-opus-4-5': {
+        inputPer1M: 15.0,
+        outputPer1M: 75.0,
+        cacheReadPer1M: 1.5,
+        cacheWritePer1M: 18.75,
+        thinkingPer1M: 75.0,
+    },
+    'claude-sonnet-4': {
+        inputPer1M: 3.0,
+        outputPer1M: 15.0,
+        cacheReadPer1M: 0.3,
+        cacheWritePer1M: 3.75,
+        thinkingPer1M: 15.0,
+    },
+    // Claude 3.5 series
+    'claude-3.5-sonnet': {
+        inputPer1M: 3.0,
+        outputPer1M: 15.0,
+        cacheReadPer1M: 0.3,
+        cacheWritePer1M: 3.75,
+    },
+    'claude-3.5-haiku': {
+        inputPer1M: 0.8,
+        outputPer1M: 4.0,
+        cacheReadPer1M: 0.08,
+        cacheWritePer1M: 1.0,
+    },
+    // Claude 3 series
+    'claude-3-opus': {
+        inputPer1M: 15.0,
+        outputPer1M: 75.0,
+        cacheReadPer1M: 1.5,
+        cacheWritePer1M: 18.75,
+    },
+    'claude-3-sonnet': { inputPer1M: 3.0, outputPer1M: 15.0 },
+    'claude-3-haiku': { inputPer1M: 0.25, outputPer1M: 1.25 },
+    // GPT series
+    'gpt-4': { inputPer1M: 30.0, outputPer1M: 60.0 },
+    'gpt-4-turbo': { inputPer1M: 10.0, outputPer1M: 30.0 },
+    'gpt-4o': { inputPer1M: 2.5, outputPer1M: 10.0 },
+    'gpt-4o-mini': { inputPer1M: 0.15, outputPer1M: 0.6 },
+    o1: { inputPer1M: 15.0, outputPer1M: 60.0 },
+    'o1-mini': { inputPer1M: 3.0, outputPer1M: 12.0 },
+    'o1-pro': { inputPer1M: 150.0, outputPer1M: 600.0 },
+    // Gemini
+    'gemini-2.0-flash': { inputPer1M: 0.1, outputPer1M: 0.4 },
+    'gemini-1.5-pro': { inputPer1M: 1.25, outputPer1M: 5.0 },
+    'gemini-1.5-flash': { inputPer1M: 0.075, outputPer1M: 0.3 },
+    // Fallback
+    unknown: { inputPer1M: 5.0, outputPer1M: 15.0 },
+};
+/**
+ * Calculate cost from token usage with caching support
+ */
+function calculateCost(model, inputTokens, outputTokens, options) {
+    const pricing = MODEL_PRICING[model] || MODEL_PRICING.unknown;
+    // Base input/output costs
+    let inputCost = (inputTokens / 1_000_000) * pricing.inputPer1M;
+    const outputCost = (outputTokens / 1_000_000) * pricing.outputPer1M;
+    let totalCost = inputCost + outputCost;
+    // Cache costs (reduces input cost)
+    if (options?.cacheReadTokens && pricing.cacheReadPer1M) {
+        const cacheReadCost = (options.cacheReadTokens / 1_000_000) * pricing.cacheReadPer1M;
+        // Cache reads replace regular input cost for those tokens
+        inputCost -= (options.cacheReadTokens / 1_000_000) * pricing.inputPer1M;
+        totalCost = inputCost + outputCost + cacheReadCost;
+    }
+    if (options?.cacheWriteTokens && pricing.cacheWritePer1M) {
+        const cacheWriteCost = (options.cacheWriteTokens / 1_000_000) * pricing.cacheWritePer1M;
+        totalCost += cacheWriteCost;
+    }
+    // Thinking tokens (additional cost)
+    if (options?.thinkingTokens && pricing.thinkingPer1M) {
+        const thinkingCost = (options.thinkingTokens / 1_000_000) * pricing.thinkingPer1M;
+        totalCost += thinkingCost;
+    }
+    return Math.round(totalCost * 10000) / 10000; // 4 decimal places
+}
+/**
+ * Estimate tokens from character count
+ * Rough approximation: ~4 chars per token for English
+ */
+function estimateTokens(charCount) {
+    return Math.ceil(charCount / 4);
+}
+/**
+ * Format duration in human-readable form
+ */
+function formatDuration(seconds) {
+    const hours = Math.floor(seconds / 3600);
+    const minutes = Math.floor((seconds % 3600) / 60);
+    const secs = Math.floor(seconds % 60);
+    if (hours > 0) {
+        return `${hours}h ${minutes}m ${secs}s`;
+    }
+    if (minutes > 0) {
+        return `${minutes}m ${secs}s`;
+    }
+    return `${secs}s`;
+}
+/**
+ * Format cost in USD
+ */
+function formatCost(cost) {
+    if (cost < 0.01) {
+        return `$${cost.toFixed(4)}`;
+    }
+    if (cost < 1) {
+        return `$${cost.toFixed(3)}`;
+    }
+    return `$${cost.toFixed(2)}`;
+}
+
+/**
+ * Client-side encryption for PII (Zero-Knowledge Architecture)
+ *
+ * All PII (emails, usernames, file paths) is encrypted on the client
+ * before being sent to Rulecatch API. We never see plaintext PII.
+ *
+ * The user's privacy key is derived from their password or a separate
+ * key they set during setup. Without this key, the data is unreadable.
+ */
+const ALGORITHM = 'aes-256-gcm';
+const KEY_LENGTH = 32;
+const IV_LENGTH = 16;
+const PBKDF2_ITERATIONS = 100000;
+/**
+ * Derive an encryption key from a password/passphrase
+ * Uses PBKDF2 with 100k iterations for brute-force resistance
+ */
+function deriveKey(password, salt) {
+    return crypto.pbkdf2Sync(password, salt, PBKDF2_ITERATIONS, KEY_LENGTH, 'sha256');
+}
+/**
+ * Generate a random salt for new users
+ */
+function generateSalt() {
+    return crypto.randomBytes(32).toString('base64');
+}
+/**
+ * Encrypt a PII field (email, username, file path, etc.)
+ * Returns ciphertext + IV + auth tag for storage
+ */
+function encryptPII(plaintext, key) {
+    if (!plaintext) {
+        return { ciphertext: '', iv: '', tag: '' };
+    }
+    const iv = crypto.randomBytes(IV_LENGTH);
+    const cipher = crypto.createCipheriv(ALGORITHM, key, iv);
+    const encrypted = Buffer.concat([
+        cipher.update(plaintext, 'utf8'),
+        cipher.final(),
+    ]);
+    const tag = cipher.getAuthTag();
+    return {
+        ciphertext: encrypted.toString('base64'),
+        iv: iv.toString('base64'),
+        tag: tag.toString('base64'),
+    };
+}
+/**
+ * Decrypt a PII field
+ * Used client-side in the dashboard to show actual values
+ */
+function decryptPII(encrypted, key) {
+    if (!encrypted.ciphertext) {
+        return '';
+    }
+    const decipher = crypto.createDecipheriv(ALGORITHM, key, Buffer.from(encrypted.iv, 'base64'));
+    decipher.setAuthTag(Buffer.from(encrypted.tag, 'base64'));
+    const decrypted = Buffer.concat([
+        decipher.update(Buffer.from(encrypted.ciphertext, 'base64')),
+        decipher.final(),
+    ]);
+    return decrypted.toString('utf8');
+}
+/**
+ * Create a one-way hash for indexing/grouping
+ * Cannot be reversed, but same input = same hash (for deduplication)
+ *
+ * We use a truncated hash (16 chars) to prevent rainbow table attacks
+ * while still allowing grouping by the same identifier.
+ */
+function hashForIndex(plaintext, salt) {
+    if (!plaintext) {
+        return '';
+    }
+    return crypto.createHash('sha256')
+        .update(plaintext + salt)
+        .digest('hex')
+        .slice(0, 16);
+}
+/**
+ * Encrypt all PII fields in an event payload
+ * Non-PII fields are passed through unchanged
+ */
+function encryptEventPII(event, key, salt) {
+    const piiFields = [
+        'accountEmail',
+        'gitEmail',
+        'gitUsername',
+        'filePath',
+        'cwd',
+        'projectId',
+    ];
+    const arrayPiiFields = ['filesModified'];
+    const result = { ...event };
+    // Encrypt single PII fields
+    for (const field of piiFields) {
+        const value = event[field];
+        if (typeof value === 'string' && value) {
+            const encrypted = encryptPII(value, key);
+            result[`${field}_encrypted`] = encrypted.ciphertext;
+            result[`${field}_iv`] = encrypted.iv;
+            result[`${field}_tag`] = encrypted.tag;
+            result[`${field}_hash`] = hashForIndex(value, salt);
+            delete result[field]; // Remove plaintext
+        }
+    }
+    // Encrypt array PII fields
+    for (const field of arrayPiiFields) {
+        const value = event[field];
+        if (Array.isArray(value)) {
+            const encryptedArray = value.map((item) => {
+                if (typeof item === 'string') {
+                    const encrypted = encryptPII(item, key);
+                    return {
+                        encrypted: encrypted.ciphertext,
+                        iv: encrypted.iv,
+                        tag: encrypted.tag,
+                        hash: hashForIndex(item, salt),
+                    };
+                }
+                return item;
+            });
+            result[`${field}_encrypted`] = encryptedArray;
+            result[`${field}_hashes`] = value.map((item) => typeof item === 'string' ? hashForIndex(item, salt) : '');
+            delete result[field]; // Remove plaintext
+        }
+    }
+    return result;
+}
+/**
+ * Decrypt all PII fields in an event payload
+ * Used in the dashboard to display actual values
+ */
+function decryptEventPII(event, key) {
+    const piiFields = [
+        'accountEmail',
+        'gitEmail',
+        'gitUsername',
+        'filePath',
+        'cwd',
+        'projectId',
+    ];
+    const arrayPiiFields = ['filesModified'];
+    const result = { ...event };
+    // Decrypt single PII fields
+    for (const field of piiFields) {
+        const ciphertext = event[`${field}_encrypted`];
+        const iv = event[`${field}_iv`];
+        const tag = event[`${field}_tag`];
+        if (typeof ciphertext === 'string' &&
+            typeof iv === 'string' &&
+            typeof tag === 'string') {
+            try {
+                result[field] = decryptPII({ ciphertext, iv, tag }, key);
+            }
+            catch {
+                result[field] = '[decryption failed]';
+            }
+            // Clean up encrypted fields
+            delete result[`${field}_encrypted`];
+            delete result[`${field}_iv`];
+            delete result[`${field}_tag`];
+            delete result[`${field}_hash`];
+        }
+    }
+    // Decrypt array PII fields
+    for (const field of arrayPiiFields) {
+        const encryptedArray = event[`${field}_encrypted`];
+        if (Array.isArray(encryptedArray)) {
+            result[field] = encryptedArray.map((item) => {
+                if (item &&
+                    typeof item === 'object' &&
+                    'encrypted' in item &&
+                    'iv' in item &&
+                    'tag' in item) {
+                    try {
+                        return decryptPII({
+                            ciphertext: item.encrypted,
+                            iv: item.iv,
+                            tag: item.tag,
+                        }, key);
+                    }
+                    catch {
+                        return '[decryption failed]';
+                    }
+                }
+                return item;
+            });
+            delete result[`${field}_encrypted`];
+            delete result[`${field}_hashes`];
+        }
+    }
+    return result;
+}
+/**
+ * Verify a privacy key is correct by attempting to decrypt a test value
+ */
+function verifyPrivacyKey(testCiphertext, expectedPlaintext, key) {
+    try {
+        const decrypted = decryptPII(testCiphertext, key);
+        return decrypted === expectedPlaintext;
+    }
+    catch {
+        return false;
+    }
+}
+
+/**
+ * Git Context Collection
+ *
+ * Automatically collects git information from the current repository.
+ * This provides context about the development environment to track
+ * which project/branch/commit is being worked on.
+ */
+/**
+ * Execute a git command and return the output
+ */
+function execGit(args, cwd) {
+    try {
+        const result = child_process.execSync(`git ${args}`, {
+            encoding: 'utf-8',
+            cwd: cwd || process.cwd(),
+            stdio: ['pipe', 'pipe', 'pipe'],
+        });
+        return result.trim();
+    }
+    catch {
+        return null;
+    }
+}
+/**
+ * Check if we're in a git repository
+ */
+function isGitRepo(cwd) {
+    return execGit('rev-parse --is-inside-work-tree', cwd) === 'true';
+}
+/**
+ * Get the root directory of the git repository
+ */
+function getGitRoot(cwd) {
+    return execGit('rev-parse --show-toplevel', cwd);
+}
+/**
+ * Collect git context from the current directory
+ */
+function collectGitContext(cwd) {
+    const context = {};
+    if (!isGitRepo(cwd)) {
+        return context;
+    }
+    // Root directory
+    context.rootDir = getGitRoot(cwd) || undefined;
+    // User info
+    context.username = execGit('config user.name', cwd) || undefined;
+    context.email = execGit('config user.email', cwd) || undefined;
+    // Repository URL
+    const remoteUrl = execGit('config --get remote.origin.url', cwd);
+    if (remoteUrl) {
+        context.repoUrl = remoteUrl;
+        context.repoName = extractRepoName(remoteUrl);
+    }
+    // Branch
+    context.branch = execGit('rev-parse --abbrev-ref HEAD', cwd) || undefined;
+    // Commit info
+    context.commit = execGit('rev-parse --short HEAD', cwd) || undefined;
+    context.commitFull = execGit('rev-parse HEAD', cwd) || undefined;
+    context.commitMessage = execGit('log -1 --format=%s', cwd) || undefined;
+    context.commitAuthor = execGit('log -1 --format=%an', cwd) || undefined;
+    context.commitTimestamp = execGit('log -1 --format=%cI', cwd) || undefined;
+    // Dirty state
+    const status = execGit('status --porcelain', cwd);
+    if (status !== null) {
+        const files = status.split('\n').filter(line => line.trim().length > 0);
+        context.isDirty = files.length > 0;
+        context.uncommittedFiles = files.length;
+    }
+    return context;
+}
+/**
+ * Extract repository name from git URL
+ */
+function extractRepoName(url) {
+    // Handle SSH URLs: git@github.com:user/repo.git
+    const sshMatch = url.match(/[:/]([^/]+\/[^/]+?)(?:\.git)?$/);
+    if (sshMatch) {
+        return sshMatch[1];
+    }
+    // Handle HTTPS URLs: https://github.com/user/repo.git
+    const httpsMatch = url.match(/\/([^/]+\/[^/]+?)(?:\.git)?$/);
+    if (httpsMatch) {
+        return httpsMatch[1];
+    }
+    return undefined;
+}
+/**
+ * Watch for git changes (branch switches, commits, etc.)
+ * Returns a cleanup function to stop watching
+ */
+function watchGitChanges(callback, options) {
+    const cwd = options?.cwd;
+    const pollInterval = options?.pollInterval || 5000;
+    let lastCommit;
+    let lastBranch;
+    const check = () => {
+        if (!isGitRepo(cwd))
+            return;
+        const currentCommit = execGit('rev-parse HEAD', cwd) || undefined;
+        const currentBranch = execGit('rev-parse --abbrev-ref HEAD', cwd) || undefined;
+        // Only trigger callback if something changed
+        if (currentCommit !== lastCommit || currentBranch !== lastBranch) {
+            lastCommit = currentCommit;
+            lastBranch = currentBranch;
+            callback(collectGitContext(cwd));
+        }
+    };
+    // Initial check
+    check();
+    // Poll for changes
+    const intervalId = setInterval(check, pollInterval);
+    // Return cleanup function
+    return () => {
+        clearInterval(intervalId);
+    };
+}
+/**
+ * Get a summary string for the current git context
+ */
+function getGitSummary(context) {
+    const parts = [];
+    if (context.repoName) {
+        parts.push(context.repoName);
+    }
+    if (context.branch) {
+        parts.push(`@${context.branch}`);
+    }
+    if (context.commit) {
+        parts.push(`(${context.commit}${context.isDirty ? '*' : ''})`);
+    }
+    return parts.join(' ') || 'unknown';
+}
+
+/**
+ * @rulecatch/ai-pooler - AI Development Analytics Pooler
+ *
+ * Production-grade tracking for AI-assisted development including:
+ * - Token usage with prompt caching and thinking tokens
+ * - Active time tracking (coding vs idle)
+ * - Per-file and per-language cost breakdown
+ * - Conversation turns and user interventions
+ * - Response latency metrics
+ */
+/**
+ * Event buffer for batching
+ */
+const eventBuffer = [];
+let flushTimeout = null;
+/**
+ * Current git context
+ */
+let gitContext = {};
+let stopGitWatcher = null;
+/**
+ * Current session state with enhanced tracking
+ */
+let currentSession = null;
+/**
+ * Configuration
+ */
+let config = null;
+/**
+ * Initialize the Rulecatch AI MCP server
+ */
+function init(options) {
+    config = {
+        endpoint: 'https://api.rulecatch.ai/ai/ingest',
+        batchSize: 10,
+        flushInterval: 30000,
+        includeFilePaths: true,
+        trackActiveTime: true,
+        trackGitContext: true,
+        idleTimeout: 5 * 60 * 1000, // 5 minutes
+        debug: false,
+        ...options,
+    };
+    // Collect initial git context
+    if (config.trackGitContext !== false) {
+        gitContext = collectGitContext(config.cwd);
+        if (config.debug) {
+            console.log('[rulecatch-ai] Git context:', getGitSummary(gitContext));
+        }
+        // Watch for git changes (branch switches, commits)
+        stopGitWatcher = watchGitChanges((newContext) => {
+            gitContext = newContext;
+            if (config?.debug) {
+                console.log('[rulecatch-ai] Git context updated:', getGitSummary(newContext));
+            }
+        }, { cwd: config.cwd, pollInterval: 10000 });
+    }
+    if (config.debug) {
+        console.log('[rulecatch-ai] Initialized with config:', {
+            projectId: config.projectId,
+            endpoint: config.endpoint,
+            git: getGitSummary(gitContext),
+        });
+    }
+    // Start session automatically
+    startSession();
+}
+/**
+ * Start a new development session
+ */
+function startSession() {
+    const sessionId = generateSessionId();
+    const now = new Date().toISOString();
+    currentSession = {
+        id: sessionId,
+        startTime: now,
+        events: [],
+        turnNumber: 0,
+        lastActivityTime: Date.now(),
+        activeTimeMs: 0,
+        fileCosts: new Map(),
+        languageCosts: new Map(),
+        fileChanges: new Map(),
+        toolCalls: new Map(),
+        responseTimes: [],
+        timeToFirstTokens: [],
+        contextUsages: [],
+        ruleViolations: new Map(),
+        violationsByCategory: new Map(),
+        violationsBySeverity: new Map(),
+        violationsBySource: new Map(),
+        correctionsCount: 0,
+    };
+    track({
+        type: 'session_start',
+        timestamp: now,
+        sessionId,
+        projectId: config?.projectId || 'unknown',
+    });
+    return sessionId;
+}
+/**
+ * End the current session
+ */
+function endSession() {
+    if (!currentSession)
+        return null;
+    const now = new Date().toISOString();
+    // Update active time for final segment
+    updateActiveTime();
+    track({
+        type: 'session_end',
+        timestamp: now,
+        sessionId: currentSession.id,
+        projectId: config?.projectId || 'unknown',
+    });
+    const metrics = calculateSessionMetrics(currentSession.events);
+    flush(); // Ensure all events are sent
+    // Stop git watcher
+    if (stopGitWatcher) {
+        stopGitWatcher();
+        stopGitWatcher = null;
+    }
+    currentSession = null;
+    return metrics;
+}
+/**
+ * Update active time tracking
+ */
+function updateActiveTime() {
+    if (!currentSession || !config?.trackActiveTime)
+        return;
+    const now = Date.now();
+    const idleTimeout = config.idleTimeout || 5 * 60 * 1000;
+    const timeSinceLastActivity = now - currentSession.lastActivityTime;
+    if (timeSinceLastActivity < idleTimeout) {
+        currentSession.activeTimeMs += timeSinceLastActivity;
+    }
+    currentSession.lastActivityTime = now;
+}
+/**
+ * Track an AI request/response with full metrics
+ */
+function trackAIRequest(params) {
+    updateActiveTime();
+    const cost = calculateCost(params.model, params.inputTokens, params.outputTokens, {
+        cacheReadTokens: params.cacheReadTokens,
+        cacheWriteTokens: params.cacheWriteTokens,
+        thinkingTokens: params.thinkingTokens,
+    });
+    // Track per-file costs
+    if (currentSession && params.filesContext) {
+        const costPerFile = cost / params.filesContext.length;
+        for (const file of params.filesContext) {
+            const current = currentSession.fileCosts.get(file) || 0;
+            currentSession.fileCosts.set(file, current + costPerFile);
+        }
+    }
+    // Track per-language costs
+    if (currentSession && params.language) {
+        const current = currentSession.languageCosts.get(params.language) || 0;
+        currentSession.languageCosts.set(params.language, current + cost);
+    }
+    // Track response times
+    if (currentSession) {
+        if (params.totalResponseTime) {
+            currentSession.responseTimes.push(params.totalResponseTime);
+        }
+        if (params.timeToFirstToken) {
+            currentSession.timeToFirstTokens.push(params.timeToFirstToken);
+        }
+        if (params.contextUsage !== undefined) {
+            currentSession.contextUsages.push(params.contextUsage);
+        }
+    }
+    track({
+        type: 'ai_request',
+        timestamp: new Date().toISOString(),
+        sessionId: currentSession?.id || 'unknown',
+        projectId: config?.projectId || 'unknown',
+        model: params.model,
+        inputTokens: params.inputTokens,
+        outputTokens: params.outputTokens,
+        cacheReadTokens: params.cacheReadTokens,
+        cacheWriteTokens: params.cacheWriteTokens,
+        thinkingTokens: params.thinkingTokens,
+        promptLength: params.promptLength,
+        responseLength: params.responseLength,
+        contextUsage: params.contextUsage,
+        timeToFirstToken: params.timeToFirstToken,
+        totalResponseTime: params.totalResponseTime,
+        estimatedCost: cost,
+        promptCached: (params.cacheReadTokens || 0) > 0,
+        filesModified: params.filesContext,
+        language: params.language,
+        taskContext: params.taskContext,
+        metadata: params.metadata,
+    });
+}
+/**
+ * Track a conversation turn (user message + AI response cycle)
+ */
+function trackConversationTurn(params) {
+    updateActiveTime();
+    if (currentSession) {
+        currentSession.turnNumber++;
+    }
+    track({
+        type: 'conversation_turn',
+        timestamp: new Date().toISOString(),
+        sessionId: currentSession?.id || 'unknown',
+        projectId: config?.projectId || 'unknown',
+        turnNumber: currentSession?.turnNumber || 1,
+        userIntervention: params.userIntervention,
+        taskContext: params.taskContext,
+        metadata: params.metadata,
+    });
+}
+/**
+ * Track a tool call with enhanced metrics
+ */
+function trackToolCall(params) {
+    updateActiveTime();
+    // Track tool success/failure by name
+    if (currentSession) {
+        const stats = currentSession.toolCalls.get(params.toolName) || { success: 0, fail: 0 };
+        if (params.success) {
+            stats.success++;
+        }
+        else {
+            stats.fail++;
+        }
+        currentSession.toolCalls.set(params.toolName, stats);
+        // Track file changes
+        if (params.filesModified) {
+            for (const file of params.filesModified) {
+                const changes = (params.linesAdded || 0) + (params.linesRemoved || 0);
+                const current = currentSession.fileChanges.get(file) || 0;
+                currentSession.fileChanges.set(file, current + changes);
+            }
+        }
+    }
+    track({
+        type: 'tool_call',
+        timestamp: new Date().toISOString(),
+        sessionId: currentSession?.id || 'unknown',
+        projectId: config?.projectId || 'unknown',
+        toolName: params.toolName,
+        toolSuccess: params.success,
+        toolDuration: params.duration,
+        toolInputSize: params.inputSize,
+        toolOutputSize: params.outputSize,
+        linesAdded: params.linesAdded,
+        linesRemoved: params.linesRemoved,
+        filesModified: config?.includeFilePaths ? params.filesModified : undefined,
+        language: params.language,
+        fileOperation: params.fileOperation,
+        retryAttempt: params.retryAttempt,
+        metadata: params.metadata,
+    });
+}
+/**
+ * Track file operation (read/write/edit)
+ */
+function trackFileOperation(params) {
+    updateActiveTime();
+    if (currentSession) {
+        const changes = (params.linesAdded || 0) + (params.linesRemoved || 0);
+        const current = currentSession.fileChanges.get(params.file) || 0;
+        currentSession.fileChanges.set(params.file, current + changes);
+    }
+    track({
+        type: 'file_operation',
+        timestamp: new Date().toISOString(),
+        sessionId: currentSession?.id || 'unknown',
+        projectId: config?.projectId || 'unknown',
+        fileOperation: params.operation,
+        filesModified: [params.file],
+        linesAdded: params.linesAdded,
+        linesRemoved: params.linesRemoved,
+        language: params.language,
+        toolDuration: params.duration,
+    });
+}
+/**
+ * Track code acceptance/rejection with context
+ */
+function trackCodeDecision(params) {
+    updateActiveTime();
+    track({
+        type: params.accepted ? 'code_accept' : 'code_reject',
+        timestamp: new Date().toISOString(),
+        sessionId: currentSession?.id || 'unknown',
+        projectId: config?.projectId || 'unknown',
+        linesAdded: params.linesAdded,
+        linesRemoved: params.linesRemoved,
+        filesModified: config?.includeFilePaths ? params.filesModified : undefined,
+        language: params.language,
+        userIntervention: params.userIntervention,
+        taskContext: params.taskContext,
+    });
+}
+/**
+ * Track an error event
+ */
+function trackError(params) {
+    track({
+        type: 'error',
+        timestamp: new Date().toISOString(),
+        sessionId: currentSession?.id || 'unknown',
+        projectId: config?.projectId || 'unknown',
+        errorMessage: params.message,
+        errorRecovered: params.recovered,
+        retryAttempt: params.retryAttempt,
+        toolName: params.toolName,
+        metadata: params.metadata,
+    });
+}
+/**
+ * Track a rule violation (coding standard violation, pattern anti-pattern, etc.)
+ *
+ * Use this to track when AI-generated code violates established
+ * project rules like those in CLAUDE.md, eslint configs, or architectural patterns.
+ *
+ * @example
+ * trackRuleDeviation({
+ *   ruleName: 'use-bulkwrite',
+ *   ruleSource: 'CLAUDE.md',
+ *   category: 'db_pattern',
+ *   severity: 'warning',
+ *   description: 'MongoDB writes should use bulkWrite instead of individual operations',
+ *   violatingCode: 'await collection.updateOne(...)',
+ *   suggestedFix: 'Use collection.bulkWrite([{ updateOne: {...} }])',
+ *   file: 'src/api/ingest.ts',
+ *   line: 238,
+ *   corrected: true,
+ *   confidence: 0.95,
+ * });
+ */
+function trackRuleDeviation(params) {
+    const category = params.category || 'custom';
+    const severity = params.severity || 'warning';
+    const source = params.ruleSource || 'unknown';
+    // Update session tracking
+    if (currentSession) {
+        // Track by rule name
+        const existing = currentSession.ruleViolations.get(params.ruleName);
+        if (existing) {
+            existing.count++;
+        }
+        else {
+            currentSession.ruleViolations.set(params.ruleName, { count: 1, severity });
+        }
+        // Track by category
+        const categoryCount = currentSession.violationsByCategory.get(category) || 0;
+        currentSession.violationsByCategory.set(category, categoryCount + 1);
+        // Track by severity
+        const severityCount = currentSession.violationsBySeverity.get(severity) || 0;
+        currentSession.violationsBySeverity.set(severity, severityCount + 1);
+        // Track by source
+        const sourceCount = currentSession.violationsBySource.get(source) || 0;
+        currentSession.violationsBySource.set(source, sourceCount + 1);
+        // Track corrections
+        if (params.corrected) {
+            currentSession.correctionsCount++;
+        }
+    }
+    track({
+        type: 'rule_deviation',
+        timestamp: new Date().toISOString(),
+        sessionId: currentSession?.id || 'unknown',
+        projectId: config?.projectId || 'unknown',
+        ruleName: params.ruleName,
+        ruleSource: source,
+        ruleCategory: category,
+        ruleSeverity: severity,
+        ruleDescription: params.description,
+        violatingCode: params.violatingCode,
+        suggestedFix: params.suggestedFix,
+        violationFile: params.file,
+        violationLine: params.line,
+        corrected: params.corrected,
+        violationConfidence: params.confidence,
+        metadata: params.metadata,
+    });
+}
+/**
+ * Track a generic event
+ */
+function track(event) {
+    // Add version info from config (customer-defined via env vars)
+    if (config?.version) {
+        event.version = config.version;
+    }
+    if (config?.commit) {
+        event.configCommit = config.commit;
+    }
+    // Automatically add git context to all events
+    if (config?.trackGitContext !== false && gitContext) {
+        event.gitUsername = gitContext.username;
+        event.gitEmail = gitContext.email;
+        event.gitRepo = gitContext.repoName;
+        event.gitBranch = gitContext.branch;
+        event.gitCommit = gitContext.commit;
+        event.gitDirty = gitContext.isDirty;
+    }
+    if (currentSession) {
+        currentSession.events.push(event);
+    }
+    eventBuffer.push(event);
+    if (config?.debug) {
+        console.log('[rulecatch-ai] Event:', event.type, event);
+    }
+    // Check if we should flush
+    if (eventBuffer.length >= (config?.batchSize || 10)) {
+        flush();
+    }
+    else if (!flushTimeout && config?.flushInterval) {
+        flushTimeout = setTimeout(flush, config.flushInterval);
+    }
+}
+/**
+ * Flush events to Rulecatch API
+ */
+async function flush() {
+    if (flushTimeout) {
+        clearTimeout(flushTimeout);
+        flushTimeout = null;
+    }
+    if (eventBuffer.length === 0)
+        return;
+    const events = [...eventBuffer];
+    eventBuffer.length = 0;
+    if (!config?.licenseKey || !config?.endpoint) {
+        if (config?.debug) {
+            console.log('[rulecatch-ai] No license key or endpoint configured, skipping flush');
+        }
+        return;
+    }
+    try {
+        const response = await fetch(config.endpoint, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+                Authorization: `Bearer ${config.licenseKey}`,
+            },
+            body: JSON.stringify({
+                projectId: config.projectId,
+                events,
+                gitContext: config.trackGitContext !== false ? {
+                    username: gitContext.username,
+                    email: gitContext.email,
+                    repo: gitContext.repoName,
+                    branch: gitContext.branch,
+                    commit: gitContext.commit,
+                    isDirty: gitContext.isDirty,
+                } : undefined,
+            }),
+        });
+        if (!response.ok) {
+            throw new Error(`HTTP ${response.status}: ${response.statusText}`);
+        }
+        if (config.debug) {
+            console.log(`[rulecatch-ai] Flushed ${events.length} events`);
+        }
+    }
+    catch (error) {
+        if (config?.debug) {
+            console.error('[rulecatch-ai] Failed to flush events:', error);
+        }
+        // Re-add events to buffer for retry
+        eventBuffer.unshift(...events);
+    }
+}
+/**
+ * Calculate comprehensive session metrics from events
+ */
+function calculateSessionMetrics(events) {
+    const sessionStart = events.find((e) => e.type === 'session_start');
+    const sessionEnd = events.find((e) => e.type === 'session_end');
+    const startTime = sessionStart?.timestamp || new Date().toISOString();
+    const endTime = sessionEnd?.timestamp;
+    const duration = endTime
+        ? (new Date(endTime).getTime() - new Date(startTime).getTime()) / 1000
+        : 0;
+    const activeDuration = currentSession
+        ? currentSession.activeTimeMs / 1000
+        : duration;
+    const aiRequests = events.filter((e) => e.type === 'ai_request');
+    const toolCalls = events.filter((e) => e.type === 'tool_call');
+    const codeAccepts = events.filter((e) => e.type === 'code_accept');
+    const codeRejects = events.filter((e) => e.type === 'code_reject');
+    const turns = events.filter((e) => e.type === 'conversation_turn');
+    const errors = events.filter((e) => e.type === 'error');
+    const interventions = events.filter((e) => e.userIntervention);
+    // Token metrics
+    const totalInputTokens = aiRequests.reduce((sum, e) => sum + (e.inputTokens || 0), 0);
+    const totalOutputTokens = aiRequests.reduce((sum, e) => sum + (e.outputTokens || 0), 0);
+    const totalThinkingTokens = aiRequests.reduce((sum, e) => sum + (e.thinkingTokens || 0), 0);
+    const totalCacheReadTokens = aiRequests.reduce((sum, e) => sum + (e.cacheReadTokens || 0), 0);
+    const totalCost = aiRequests.reduce((sum, e) => sum + (e.estimatedCost || 0), 0);
+    // Cache hit rate
+    const cachedRequests = aiRequests.filter((e) => e.promptCached);
+    const cacheHitRate = aiRequests.length > 0 ? cachedRequests.length / aiRequests.length : 0;
+    // Context usage
+    const contextUsages = aiRequests.map((e) => e.contextUsage).filter((c) => c !== undefined);
+    const avgContextUsage = contextUsages.length > 0
+        ? contextUsages.reduce((a, b) => a + b, 0) / contextUsages.length
+        : 0;
+    // Response times
+    const responseTimes = currentSession?.responseTimes || [];
+    const avgResponseTime = responseTimes.length > 0
+        ? responseTimes.reduce((a, b) => a + b, 0) / responseTimes.length
+        : 0;
+    const timeToFirstTokens = currentSession?.timeToFirstTokens || [];
+    const avgTimeToFirstToken = timeToFirstTokens.length > 0
+        ? timeToFirstTokens.reduce((a, b) => a + b, 0) / timeToFirstTokens.length
+        : 0;
+    // Tool metrics
+    const successfulTools = toolCalls.filter((e) => e.toolSuccess);
+    const toolSuccessRate = toolCalls.length > 0 ? successfulTools.length / toolCalls.length : 1;
+    const toolCallsByName = {};
+    const toolFailuresByName = {};
+    if (currentSession) {
+        for (const [name, stats] of currentSession.toolCalls) {
+            toolCallsByName[name] = stats.success + stats.fail;
+            if (stats.fail > 0) {
+                toolFailuresByName[name] = stats.fail;
+            }
+        }
+    }
+    // Code metrics
+    const allLinesAdded = events.reduce((sum, e) => sum + (e.linesAdded || 0), 0);
+    const allLinesRemoved = events.reduce((sum, e) => sum + (e.linesRemoved || 0), 0);
+    const allFiles = new Set();
+    events.forEach((e) => e.filesModified?.forEach((f) => allFiles.add(f)));
+    // Top modified files
+    const topModifiedFiles = [];
+    if (currentSession) {
+        const sorted = [...currentSession.fileChanges.entries()]
+            .sort((a, b) => b[1] - a[1])
+            .slice(0, 10);
+        for (const [file, changes] of sorted) {
+            topModifiedFiles.push({ file, changes });
+        }
+    }
+    // Cost breakdowns
+    const costByFile = {};
+    const costByLanguage = {};
+    if (currentSession) {
+        for (const [file, cost] of currentSession.fileCosts) {
+            costByFile[file] = Math.round(cost * 10000) / 10000;
+        }
+        for (const [lang, cost] of currentSession.languageCosts) {
+            costByLanguage[lang] = Math.round(cost * 10000) / 10000;
+        }
+    }
+    // Acceptance and intervention rates
+    const codeDecisions = codeAccepts.length + codeRejects.length;
+    const codeAcceptanceRate = codeDecisions > 0 ? codeAccepts.length / codeDecisions : 1;
+    const userInterventionRate = turns.length > 0 ? interventions.length / turns.length : 0;
+    // Model usage
+    const modelCounts = {};
+    aiRequests.forEach((e) => {
+        const model = e.model || 'unknown';
+        modelCounts[model] = (modelCounts[model] || 0) + 1;
+    });
+    const primaryModel = Object.entries(modelCounts).sort((a, b) => b[1] - a[1])[0]?.[0] || 'unknown';
+    const languages = [...new Set(events.map((e) => e.language).filter(Boolean))];
+    // Productivity metrics
+    const activeMinutes = activeDuration / 60;
+    const tokensPerMinute = activeMinutes > 0 ? (totalInputTokens + totalOutputTokens) / activeMinutes : 0;
+    const activeHours = activeDuration / 3600;
+    const linesPerHour = activeHours > 0 ? allLinesAdded / activeHours : 0;
+    const costPerLine = allLinesAdded > 0 ? totalCost / allLinesAdded : 0;
+    // Error metrics
+    const recoveredErrors = errors.filter((e) => e.errorRecovered);
+    const errorRecoveryRate = errors.length > 0 ? recoveredErrors.length / errors.length : 1;
+    // Rule violation metrics
+    const ruleViolationEvents = events.filter((e) => e.type === 'rule_deviation');
+    const totalRuleViolations = ruleViolationEvents.length;
+    const violationsByCategory = {
+        coding_standard: 0,
+        db_pattern: 0,
+        security: 0,
+        performance: 0,
+        architecture: 0,
+        documentation: 0,
+        testing: 0,
+        custom: 0,
+    };
+    const violationsBySeverity = {
+        info: 0,
+        warning: 0,
+        error: 0,
+    };
+    const violationsBySource = {};
+    const ruleViolationCounts = {};
+    const fileViolationCounts = {};
+    let correctedCount = 0;
+    // Process violation events
+    ruleViolationEvents.forEach((d) => {
+        if (d.ruleCategory) {
+            violationsByCategory[d.ruleCategory] = (violationsByCategory[d.ruleCategory] || 0) + 1;
+        }
+        if (d.ruleSeverity) {
+            violationsBySeverity[d.ruleSeverity] = (violationsBySeverity[d.ruleSeverity] || 0) + 1;
+        }
+        if (d.ruleSource) {
+            violationsBySource[d.ruleSource] = (violationsBySource[d.ruleSource] || 0) + 1;
+        }
+        if (d.ruleName) {
+            if (!ruleViolationCounts[d.ruleName]) {
+                ruleViolationCounts[d.ruleName] = { count: 0, severity: d.ruleSeverity || 'warning' };
+            }
+            ruleViolationCounts[d.ruleName].count++;
+        }
+        if (d.violationFile) {
+            fileViolationCounts[d.violationFile] = (fileViolationCounts[d.violationFile] || 0) + 1;
+        }
+        if (d.corrected) {
+            correctedCount++;
+        }
+    });
+    // Use session data if available (more accurate)
+    if (currentSession) {
+        for (const [category, count] of currentSession.violationsByCategory) {
+            violationsByCategory[category] = count;
+        }
+        for (const [severity, count] of currentSession.violationsBySeverity) {
+            violationsBySeverity[severity] = count;
+        }
+        for (const [source, count] of currentSession.violationsBySource) {
+            violationsBySource[source] = count;
+        }
+        correctedCount = currentSession.correctionsCount;
+    }
+    // Top rule violations
+    const topRuleViolations = Object.entries(ruleViolationCounts)
+        .map(([rule, { count, severity }]) => ({ rule, count, severity }))
+        .sort((a, b) => b.count - a.count)
+        .slice(0, 10);
+    // Files with most violations
+    const filesWithMostViolations = Object.entries(fileViolationCounts)
+        .map(([file, count]) => ({ file, count }))
+        .sort((a, b) => b.count - a.count)
+        .slice(0, 10);
+    const violationCorrectionRate = totalRuleViolations > 0
+        ? correctedCount / totalRuleViolations
+        : 1;
+    return {
+        sessionId: currentSession?.id || 'unknown',
+        startTime,
+        endTime,
+        duration,
+        activeDuration,
+        totalInputTokens,
+        totalOutputTokens,
+        totalThinkingTokens,
+        totalCacheReadTokens,
+        cacheHitRate,
+        avgContextUsage,
+        totalCost,
+        costByFile,
+        costByLanguage,
+        requestCount: aiRequests.length,
+        conversationTurns: turns.length,
+        avgResponseTime,
+        avgTimeToFirstToken,
+        toolCallCount: toolCalls.length,
+        toolSuccessRate,
+        toolCallsByName,
+        toolFailuresByName,
+        totalLinesAdded: allLinesAdded,
+        totalLinesRemoved: allLinesRemoved,
+        netLinesChanged: allLinesAdded - allLinesRemoved,
+        uniqueFilesModified: allFiles.size,
+        topModifiedFiles,
+        codeAcceptanceRate,
+        userInterventionRate,
+        primaryModel,
+        modelUsage: modelCounts,
+        languages,
+        tokensPerMinute: Math.round(tokensPerMinute),
+        linesPerHour: Math.round(linesPerHour * 10) / 10,
+        costPerLine: Math.round(costPerLine * 10000) / 10000,
+        errorCount: errors.length,
+        errorRecoveryRate,
+        // Rule violation metrics
+        totalRuleViolations,
+        violationsByCategory,
+        violationsBySeverity,
+        violationsBySource,
+        topRuleViolations,
+        violationCorrectionRate,
+        filesWithMostViolations,
+    };
+}
+/**
+ * Generate a unique session ID
+ */
+function generateSessionId() {
+    const timestamp = Date.now().toString(36);
+    const random = Math.random().toString(36).substring(2, 10);
+    return `ai_${timestamp}_${random}`;
+}
+/**
+ * Get current session metrics
+ */
+function getSessionMetrics() {
+    if (!currentSession)
+        return null;
+    updateActiveTime();
+    return calculateSessionMetrics(currentSession.events);
+}
+/**
+ * Check if a session is active
+ */
+function isSessionActive() {
+    return currentSession !== null;
+}
+/**
+ * Get current session ID
+ */
+function getSessionId() {
+    return currentSession?.id || null;
+}
+/**
+ * Pause session (marks idle period)
+ */
+function pauseSession() {
+    if (!currentSession)
+        return;
+    updateActiveTime();
+    track({
+        type: 'session_pause',
+        timestamp: new Date().toISOString(),
+        sessionId: currentSession.id,
+        projectId: config?.projectId || 'unknown',
+        activeTime: currentSession.activeTimeMs,
+    });
+}
+/**
+ * Resume session
+ */
+function resumeSession() {
+    if (!currentSession)
+        return;
+    currentSession.lastActivityTime = Date.now();
+    track({
+        type: 'session_resume',
+        timestamp: new Date().toISOString(),
+        sessionId: currentSession.id,
+        projectId: config?.projectId || 'unknown',
+    });
+}
+/**
+ * Get current git context
+ */
+function getGitContext() {
+    return { ...gitContext };
+}
+/**
+ * Manually refresh git context
+ */
+function refreshGitContext() {
+    gitContext = collectGitContext(config?.cwd);
+    return { ...gitContext };
+}
+
+exports.MODEL_PRICING = MODEL_PRICING;
+exports.calculateCost = calculateCost;
+exports.collectGitContext = collectGitContext;
+exports.decryptEventPII = decryptEventPII;
+exports.decryptPII = decryptPII;
+exports.deriveKey = deriveKey;
+exports.encryptEventPII = encryptEventPII;
+exports.encryptPII = encryptPII;
+exports.endSession = endSession;
+exports.estimateTokens = estimateTokens;
+exports.flush = flush;
+exports.formatCost = formatCost;
+exports.formatDuration = formatDuration;
+exports.generateSalt = generateSalt;
+exports.getGitContext = getGitContext;
+exports.getGitRoot = getGitRoot;
+exports.getGitSummary = getGitSummary;
+exports.getSessionId = getSessionId;
+exports.getSessionMetrics = getSessionMetrics;
+exports.hashForIndex = hashForIndex;
+exports.init = init;
+exports.isGitRepo = isGitRepo;
+exports.isSessionActive = isSessionActive;
+exports.pauseSession = pauseSession;
+exports.refreshGitContext = refreshGitContext;
+exports.resumeSession = resumeSession;
+exports.startSession = startSession;
+exports.track = track;
+exports.trackAIRequest = trackAIRequest;
+exports.trackCodeDecision = trackCodeDecision;
+exports.trackConversationTurn = trackConversationTurn;
+exports.trackError = trackError;
+exports.trackFileOperation = trackFileOperation;
+exports.trackRuleDeviation = trackRuleDeviation;
+exports.trackToolCall = trackToolCall;
+exports.verifyPrivacyKey = verifyPrivacyKey;
+exports.watchGitChanges = watchGitChanges;
+//# sourceMappingURL=index.cjs.map