@rulemetric/cli 0.6.9 → 0.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (280) hide show
  1. package/dist/base-command.js +4 -3
  2. package/dist/{chunk-SZ7VDCD6.js → chunk-2HK7RGZB.js} +22 -3
  3. package/dist/chunk-2HK7RGZB.js.map +7 -0
  4. package/dist/{chunk-RUCSRN7F.js → chunk-2ORJWTNZ.js} +2 -2
  5. package/dist/{chunk-SLL3OBKN.js → chunk-37LN5O7M.js} +2 -2
  6. package/dist/{chunk-RCMXTLQF.js → chunk-3LKVS6W5.js} +5 -5
  7. package/dist/{chunk-XN23W5HL.js → chunk-4KRMZLQV.js} +91 -7
  8. package/dist/chunk-4KRMZLQV.js.map +7 -0
  9. package/dist/{chunk-DAJNO4OI.js → chunk-4LYCDS2N.js} +28 -16
  10. package/dist/chunk-4LYCDS2N.js.map +7 -0
  11. package/dist/{chunk-UPXIO7CG.js → chunk-4XAWK6S2.js} +8 -8
  12. package/dist/{chunk-N5A2IQAK.js → chunk-4YAP7RT7.js} +5 -5
  13. package/dist/{chunk-QD6X4L4L.js → chunk-5BAOGNUH.js} +4 -4
  14. package/dist/chunk-5EDMGK3W.js +39 -0
  15. package/dist/chunk-5EDMGK3W.js.map +7 -0
  16. package/dist/{chunk-5ADHO5QF.js → chunk-6NBS5XFS.js} +6 -6
  17. package/dist/chunk-7LVVKQMZ.js +98 -0
  18. package/dist/chunk-7LVVKQMZ.js.map +7 -0
  19. package/dist/{chunk-PXVQLD7S.js → chunk-7NNFYWKK.js} +48 -1
  20. package/dist/chunk-7NNFYWKK.js.map +7 -0
  21. package/dist/{chunk-BBLTN35F.js → chunk-7UDETV3P.js} +49 -20
  22. package/dist/chunk-7UDETV3P.js.map +7 -0
  23. package/dist/{chunk-DTFXCHHI.js → chunk-DNKSVWMD.js} +4 -4
  24. package/dist/{chunk-6EMZI4Y3.js → chunk-EI5BHWXA.js} +437 -401
  25. package/dist/chunk-EI5BHWXA.js.map +7 -0
  26. package/dist/{chunk-HNZLEEG2.js → chunk-EJ3YAFDP.js} +4 -4
  27. package/dist/{chunk-HNZLEEG2.js.map → chunk-EJ3YAFDP.js.map} +2 -2
  28. package/dist/{chunk-YSEQWCN4.js → chunk-EYPAAGN5.js} +2 -2
  29. package/dist/{chunk-JEJ3J5J6.js → chunk-GIUBARWS.js} +2 -2
  30. package/dist/chunk-GQNJO2P2.js +102 -0
  31. package/dist/chunk-GQNJO2P2.js.map +7 -0
  32. package/dist/{chunk-CNMWYYSV.js → chunk-HZK43UCF.js} +6 -6
  33. package/dist/chunk-ILYDELUE.js +46 -0
  34. package/dist/chunk-ILYDELUE.js.map +7 -0
  35. package/dist/chunk-J6QFW4LD.js +55 -0
  36. package/dist/chunk-J6QFW4LD.js.map +7 -0
  37. package/dist/{chunk-OTOWLUOJ.js → chunk-JULOLTZS.js} +2 -2
  38. package/dist/{chunk-DR5WLIOU.js → chunk-KJKBDQ4D.js} +2 -2
  39. package/dist/{chunk-AHDRN6NE.js → chunk-OO7JDFS4.js} +5 -5
  40. package/dist/{chunk-N2X35ITW.js → chunk-OQBBVTDG.js} +11 -1
  41. package/dist/{chunk-N2X35ITW.js.map → chunk-OQBBVTDG.js.map} +2 -2
  42. package/dist/{chunk-3QH73QOQ.js → chunk-PED7L5GX.js} +2 -2
  43. package/dist/{chunk-VBGUNFKY.js → chunk-PMI56ED5.js} +5 -5
  44. package/dist/{chunk-XNNOXGP6.js → chunk-POFTPB33.js} +38 -19
  45. package/dist/chunk-POFTPB33.js.map +7 -0
  46. package/dist/{chunk-W4MZXKZ2.js → chunk-UKMLICWS.js} +2 -2
  47. package/dist/{chunk-3POYC5NA.js → chunk-XK42ZBDE.js} +3 -3
  48. package/dist/{chunk-ZSGKRCKD.js → chunk-XUV6DDBF.js} +2 -2
  49. package/dist/{chunk-LAKZUE35.js → chunk-Y3WD5CSW.js} +2 -2
  50. package/dist/{chunk-3QVMIJUL.js → chunk-YOBA3NAM.js} +5 -5
  51. package/dist/{chunk-ZRLYHBPN.js → chunk-ZUJBM6HE.js} +20 -2
  52. package/dist/chunk-ZUJBM6HE.js.map +7 -0
  53. package/dist/commands/antigravity/backfill.js +5 -4
  54. package/dist/commands/antigravity/backfill.js.map +1 -1
  55. package/dist/commands/auth/create-key.js +4 -3
  56. package/dist/commands/auth/create-key.js.map +1 -1
  57. package/dist/commands/auth/login.js +13 -9
  58. package/dist/commands/auth/login.js.map +2 -2
  59. package/dist/commands/auth/logout.js +4 -3
  60. package/dist/commands/auth/logout.js.map +1 -1
  61. package/dist/commands/auth/revoke-key.js +4 -3
  62. package/dist/commands/auth/revoke-key.js.map +1 -1
  63. package/dist/commands/auth/signup.js +13 -9
  64. package/dist/commands/auth/signup.js.map +2 -2
  65. package/dist/commands/auth/status.js +4 -3
  66. package/dist/commands/auth/status.js.map +1 -1
  67. package/dist/commands/catalog/index.js +4 -3
  68. package/dist/commands/catalog/index.js.map +1 -1
  69. package/dist/commands/catalog/recommend.js +4 -3
  70. package/dist/commands/catalog/recommend.js.map +1 -1
  71. package/dist/commands/convert.js +4 -3
  72. package/dist/commands/convert.js.map +1 -1
  73. package/dist/commands/converters.js +4 -3
  74. package/dist/commands/converters.js.map +1 -1
  75. package/dist/commands/crons/list.js +4 -3
  76. package/dist/commands/crons/list.js.map +1 -1
  77. package/dist/commands/crons/run.js +4 -3
  78. package/dist/commands/crons/run.js.map +1 -1
  79. package/dist/commands/dashboard.js +4 -3
  80. package/dist/commands/dashboard.js.map +1 -1
  81. package/dist/commands/diagnostics.js +117 -0
  82. package/dist/commands/diagnostics.js.map +7 -0
  83. package/dist/commands/eval-targets/create.js +4 -3
  84. package/dist/commands/eval-targets/create.js.map +1 -1
  85. package/dist/commands/eval-targets/list.js +4 -3
  86. package/dist/commands/eval-targets/list.js.map +1 -1
  87. package/dist/commands/evals/agent.js +44 -23
  88. package/dist/commands/evals/agent.js.map +2 -2
  89. package/dist/commands/evals/benchmark.js +5 -4
  90. package/dist/commands/evals/benchmark.js.map +1 -1
  91. package/dist/commands/evals/compare.js +4 -3
  92. package/dist/commands/evals/compare.js.map +1 -1
  93. package/dist/commands/evals/create.js +4 -3
  94. package/dist/commands/evals/create.js.map +1 -1
  95. package/dist/commands/evals/optimize-description.js +4 -3
  96. package/dist/commands/evals/optimize-description.js.map +1 -1
  97. package/dist/commands/evals/optimize.js +4 -3
  98. package/dist/commands/evals/optimize.js.map +1 -1
  99. package/dist/commands/evals/run.js +4 -3
  100. package/dist/commands/evals/run.js.map +1 -1
  101. package/dist/commands/gateway/ensure.js +58 -5
  102. package/dist/commands/gateway/ensure.js.map +2 -2
  103. package/dist/commands/hooks/install.js +76 -23
  104. package/dist/commands/hooks/install.js.map +2 -2
  105. package/dist/commands/hooks/run.js +4 -3
  106. package/dist/commands/hooks/run.js.map +1 -1
  107. package/dist/commands/hooks/uninstall.js +31 -40
  108. package/dist/commands/hooks/uninstall.js.map +2 -2
  109. package/dist/commands/import.js +4 -3
  110. package/dist/commands/import.js.map +1 -1
  111. package/dist/commands/instructions/create.js +4 -3
  112. package/dist/commands/instructions/create.js.map +1 -1
  113. package/dist/commands/instructions/delete.js +4 -3
  114. package/dist/commands/instructions/delete.js.map +1 -1
  115. package/dist/commands/instructions/fork.js +4 -3
  116. package/dist/commands/instructions/fork.js.map +1 -1
  117. package/dist/commands/instructions/get.js +4 -3
  118. package/dist/commands/instructions/get.js.map +1 -1
  119. package/dist/commands/instructions/list.js +4 -3
  120. package/dist/commands/instructions/list.js.map +1 -1
  121. package/dist/commands/instructions/promote.js +4 -3
  122. package/dist/commands/instructions/promote.js.map +1 -1
  123. package/dist/commands/instructions/pull.js +4 -3
  124. package/dist/commands/instructions/pull.js.map +1 -1
  125. package/dist/commands/instructions/upstream.js +4 -3
  126. package/dist/commands/instructions/upstream.js.map +1 -1
  127. package/dist/commands/instructions/versions.js +4 -3
  128. package/dist/commands/instructions/versions.js.map +1 -1
  129. package/dist/commands/launcher.js +4 -3
  130. package/dist/commands/launcher.js.map +1 -1
  131. package/dist/commands/org/current.js +4 -3
  132. package/dist/commands/org/current.js.map +1 -1
  133. package/dist/commands/org/list.js +4 -3
  134. package/dist/commands/org/list.js.map +1 -1
  135. package/dist/commands/org/switch.js +4 -3
  136. package/dist/commands/org/switch.js.map +1 -1
  137. package/dist/commands/packs/add-instruction.js +4 -3
  138. package/dist/commands/packs/add-instruction.js.map +1 -1
  139. package/dist/commands/packs/apply.js +4 -3
  140. package/dist/commands/packs/apply.js.map +1 -1
  141. package/dist/commands/packs/create.js +4 -3
  142. package/dist/commands/packs/create.js.map +1 -1
  143. package/dist/commands/packs/fork.js +4 -3
  144. package/dist/commands/packs/fork.js.map +1 -1
  145. package/dist/commands/packs/get.js +4 -3
  146. package/dist/commands/packs/get.js.map +1 -1
  147. package/dist/commands/packs/list.js +4 -3
  148. package/dist/commands/packs/list.js.map +1 -1
  149. package/dist/commands/packs/remove-instruction.js +4 -3
  150. package/dist/commands/packs/remove-instruction.js.map +1 -1
  151. package/dist/commands/proxy/env.js +7 -4
  152. package/dist/commands/proxy/env.js.map +1 -1
  153. package/dist/commands/proxy/logs.js +4 -3
  154. package/dist/commands/proxy/logs.js.map +1 -1
  155. package/dist/commands/proxy/restart.js +4 -3
  156. package/dist/commands/proxy/restart.js.map +1 -1
  157. package/dist/commands/proxy/setup.js +20 -14
  158. package/dist/commands/proxy/setup.js.map +2 -2
  159. package/dist/commands/proxy/start.js +18 -14
  160. package/dist/commands/proxy/start.js.map +2 -2
  161. package/dist/commands/proxy/status.js +16 -13
  162. package/dist/commands/proxy/status.js.map +2 -2
  163. package/dist/commands/proxy/stop.js +21 -12
  164. package/dist/commands/proxy/stop.js.map +2 -2
  165. package/dist/commands/research/backfill.js +5 -4
  166. package/dist/commands/research/backfill.js.map +1 -1
  167. package/dist/commands/research/tail-transcript.js +5 -4
  168. package/dist/commands/research/tail-transcript.js.map +1 -1
  169. package/dist/commands/service/install.js +6 -6
  170. package/dist/commands/service/status.js +4 -3
  171. package/dist/commands/service/status.js.map +1 -1
  172. package/dist/commands/service/uninstall.js +4 -3
  173. package/dist/commands/service/uninstall.js.map +1 -1
  174. package/dist/commands/sessions/analyze.js +4 -3
  175. package/dist/commands/sessions/analyze.js.map +1 -1
  176. package/dist/commands/sessions/end.js +4 -3
  177. package/dist/commands/sessions/end.js.map +1 -1
  178. package/dist/commands/sessions/import.js +4 -3
  179. package/dist/commands/sessions/import.js.map +1 -1
  180. package/dist/commands/sessions/list.js +4 -3
  181. package/dist/commands/sessions/list.js.map +1 -1
  182. package/dist/commands/sessions/start.js +4 -3
  183. package/dist/commands/sessions/start.js.map +1 -1
  184. package/dist/commands/setup.js +10 -6
  185. package/dist/commands/setup.js.map +1 -1
  186. package/dist/commands/skills/export-approved.js +4 -3
  187. package/dist/commands/skills/export-approved.js.map +1 -1
  188. package/dist/commands/skills/install.js +4 -3
  189. package/dist/commands/skills/install.js.map +1 -1
  190. package/dist/commands/skills/list.js +4 -3
  191. package/dist/commands/skills/list.js.map +1 -1
  192. package/dist/commands/skills/publish.js +4 -3
  193. package/dist/commands/skills/publish.js.map +1 -1
  194. package/dist/commands/skills/search.js +4 -3
  195. package/dist/commands/skills/search.js.map +1 -1
  196. package/dist/commands/skills/update.js +4 -3
  197. package/dist/commands/skills/update.js.map +1 -1
  198. package/dist/commands/suggestions/accept.js +4 -3
  199. package/dist/commands/suggestions/accept.js.map +1 -1
  200. package/dist/commands/suggestions/dismiss.js +4 -3
  201. package/dist/commands/suggestions/dismiss.js.map +1 -1
  202. package/dist/commands/suggestions/list.js +4 -3
  203. package/dist/commands/suggestions/list.js.map +1 -1
  204. package/dist/commands/suggestions/refresh.js +4 -3
  205. package/dist/commands/suggestions/refresh.js.map +1 -1
  206. package/dist/dashboard/Dashboard.js +16 -16
  207. package/dist/dashboard/data.js +2 -2
  208. package/dist/dashboard/launcher/ActiveJobsList.js +2 -2
  209. package/dist/dashboard/launcher/LauncherOverlay.js +7 -7
  210. package/dist/dashboard/launcher/NewLaunchForm.js +2 -2
  211. package/dist/dashboard/launcher/api.js +2 -2
  212. package/dist/dashboard/launcher/useLaunchJobs.js +3 -3
  213. package/dist/lib/active-org-refresh.js +2 -2
  214. package/dist/lib/agent-loop.js +20 -18
  215. package/dist/lib/antigravity-transcript.js +2 -2
  216. package/dist/lib/api-client.js +1 -1
  217. package/dist/lib/diagnostics.js +12 -0
  218. package/dist/lib/diagnostics.js.map +7 -0
  219. package/dist/lib/ensure-api-key.js +3 -3
  220. package/dist/lib/eval-benchmark.js +2 -2
  221. package/dist/lib/eval-conversation-handler.js +2 -2
  222. package/dist/lib/gateway-entry.js +39 -1
  223. package/dist/lib/gateway-entry.js.map +2 -2
  224. package/dist/lib/gateway-identity.js +16 -0
  225. package/dist/lib/gateway-identity.js.map +7 -0
  226. package/dist/lib/gateway-lifecycle.js +9 -3
  227. package/dist/lib/gateway.js +3 -1
  228. package/dist/lib/handlers/cron-suggest-instructions.js +3 -3
  229. package/dist/lib/handlers/process-announcement.js +3 -3
  230. package/dist/lib/handlers/process-changelog.js +3 -3
  231. package/dist/lib/handlers/process-conversation.js +3 -3
  232. package/dist/lib/handlers/process-eval.js +3 -3
  233. package/dist/lib/handlers/process-insights.js +3 -3
  234. package/dist/lib/handlers/process-launch.js +2 -2
  235. package/dist/lib/handlers/process-run-cleanup.js +2 -2
  236. package/dist/lib/handlers/process-session-goal.js +2 -2
  237. package/dist/lib/hooks-config.js +14 -1
  238. package/dist/lib/manual-tasks.js +6 -6
  239. package/dist/lib/pid-identity.js +14 -0
  240. package/dist/lib/pid-identity.js.map +7 -0
  241. package/dist/lib/proxy-respawn.js +12 -0
  242. package/dist/lib/proxy-respawn.js.map +7 -0
  243. package/dist/lib/research-client.js +2 -2
  244. package/dist/lib/setup-steps.js +7 -4
  245. package/dist/lib/statusline-shim.js +3 -1
  246. package/dist/lib/telemetry.js +4 -2
  247. package/dist/lib/terminal-target-heartbeat.js +2 -2
  248. package/oclif.manifest.json +34 -1
  249. package/package.json +6 -6
  250. package/dist/chunk-6EMZI4Y3.js.map +0 -7
  251. package/dist/chunk-BBLTN35F.js.map +0 -7
  252. package/dist/chunk-DAJNO4OI.js.map +0 -7
  253. package/dist/chunk-PXVQLD7S.js.map +0 -7
  254. package/dist/chunk-SZ7VDCD6.js.map +0 -7
  255. package/dist/chunk-TX2HKJLA.js +0 -55
  256. package/dist/chunk-TX2HKJLA.js.map +0 -7
  257. package/dist/chunk-XN23W5HL.js.map +0 -7
  258. package/dist/chunk-XNNOXGP6.js.map +0 -7
  259. package/dist/chunk-ZRLYHBPN.js.map +0 -7
  260. /package/dist/{chunk-RUCSRN7F.js.map → chunk-2ORJWTNZ.js.map} +0 -0
  261. /package/dist/{chunk-SLL3OBKN.js.map → chunk-37LN5O7M.js.map} +0 -0
  262. /package/dist/{chunk-RCMXTLQF.js.map → chunk-3LKVS6W5.js.map} +0 -0
  263. /package/dist/{chunk-UPXIO7CG.js.map → chunk-4XAWK6S2.js.map} +0 -0
  264. /package/dist/{chunk-N5A2IQAK.js.map → chunk-4YAP7RT7.js.map} +0 -0
  265. /package/dist/{chunk-QD6X4L4L.js.map → chunk-5BAOGNUH.js.map} +0 -0
  266. /package/dist/{chunk-5ADHO5QF.js.map → chunk-6NBS5XFS.js.map} +0 -0
  267. /package/dist/{chunk-DTFXCHHI.js.map → chunk-DNKSVWMD.js.map} +0 -0
  268. /package/dist/{chunk-YSEQWCN4.js.map → chunk-EYPAAGN5.js.map} +0 -0
  269. /package/dist/{chunk-JEJ3J5J6.js.map → chunk-GIUBARWS.js.map} +0 -0
  270. /package/dist/{chunk-CNMWYYSV.js.map → chunk-HZK43UCF.js.map} +0 -0
  271. /package/dist/{chunk-OTOWLUOJ.js.map → chunk-JULOLTZS.js.map} +0 -0
  272. /package/dist/{chunk-DR5WLIOU.js.map → chunk-KJKBDQ4D.js.map} +0 -0
  273. /package/dist/{chunk-AHDRN6NE.js.map → chunk-OO7JDFS4.js.map} +0 -0
  274. /package/dist/{chunk-3QH73QOQ.js.map → chunk-PED7L5GX.js.map} +0 -0
  275. /package/dist/{chunk-VBGUNFKY.js.map → chunk-PMI56ED5.js.map} +0 -0
  276. /package/dist/{chunk-W4MZXKZ2.js.map → chunk-UKMLICWS.js.map} +0 -0
  277. /package/dist/{chunk-3POYC5NA.js.map → chunk-XK42ZBDE.js.map} +0 -0
  278. /package/dist/{chunk-ZSGKRCKD.js.map → chunk-XUV6DDBF.js.map} +0 -0
  279. /package/dist/{chunk-LAKZUE35.js.map → chunk-Y3WD5CSW.js.map} +0 -0
  280. /package/dist/{chunk-3QVMIJUL.js.map → chunk-YOBA3NAM.js.map} +0 -0
@@ -0,0 +1,7 @@
1
+ {
2
+ "version": 3,
3
+ "sources": ["../src/lib/telemetry.ts"],
4
+ "sourcesContent": ["import { createHash, randomUUID } from 'node:crypto';\nimport { hostname, platform } from 'node:os';\nimport { existsSync, mkdirSync, readFileSync, writeFileSync } from 'node:fs';\nimport { join } from 'node:path';\nimport { api, DEFAULT_API_URL } from './api-client.js';\nimport { getDefaultConfigDir, loadEnvFileAuth } from './auth.js';\n\n/**\n * CLI onboarding telemetry \u2014 records setup lifecycle events (install \u2192 auth \u2192\n * hooks \u2192 worker \u2192 capture) so a remote machine coming online is VISIBLE\n * without a relayed text report. DISCLOSED (README \"Telemetry\") and OPT-OUTABLE:\n * set RULEMETRIC_NO_TELEMETRY=1 or the cross-tool standard DO_NOT_TRACK=1 and\n * nothing is sent. Best-effort: never throws, never blocks a command.\n *\n * What is sent: a per-machine device id (a random UUID minted once, NOT your\n * hostname), the event name, CLI version, os (`process.platform`), and small\n * non-sensitive flags (e.g. {proxy:true}). No prompts, no code, no file paths.\n */\n\nconst DEVICE_ID_FILE = 'device-id';\n\nexport function telemetryDisabled(): boolean {\n const off = (v: string | undefined) => v === '1' || v === 'true';\n return off(process.env.RULEMETRIC_NO_TELEMETRY) || off(process.env.DO_NOT_TRACK);\n}\n\n/**\n * Stable, non-identifying per-machine id. Minted once and cached in the config\n * dir. Salted-hashed so even the file contents don't reveal the hostname.\n */\nexport function getDeviceId(): string {\n const dir = getDefaultConfigDir();\n const path = join(dir, DEVICE_ID_FILE);\n try {\n if (existsSync(path)) {\n const cached = readFileSync(path, 'utf-8').trim();\n if (cached) return cached;\n }\n } catch {\n /* fall through to mint */\n }\n // Seed from a random UUID (primary) + a hostname hash (stable fallback signal).\n const id = createHash('sha256')\n .update(`${randomUUID()}:${hostname()}`)\n .digest('hex')\n .slice(0, 32);\n try {\n mkdirSync(dir, { recursive: true });\n writeFileSync(path, id, { mode: 0o600 });\n } catch {\n /* non-fatal \u2014 a non-persisted id still lets a single run correlate */\n }\n return id;\n}\n\n/**\n * Fire-and-forget a setup event. Swallows every error (offline, unauth, 4xx) \u2014\n * telemetry must never affect the command the user actually ran.\n */\nexport async function emitSetupEvent(\n event: string,\n props: Record<string, unknown> = {},\n cliVersion?: string,\n): Promise<void> {\n if (telemetryDisabled()) return;\n try {\n // Bounded: without a timeout, a held connection keeps the process alive\n // (and the user waiting at what looks like a finished command) for up to\n // undici's multi-minute default after success was already printed.\n await api('/api/telemetry/cli-events', {\n method: 'POST',\n body: {\n event,\n deviceId: getDeviceId(),\n cliVersion,\n os: platform(),\n props,\n },\n timeoutMs: 5_000,\n });\n } catch {\n /* best-effort */\n }\n}\n\n/**\n * Fire-and-forget an onboarding ERROR beacon (availability failure: 5xx / 502 /\n * client timeout / connection refused). Unlike `emitSetupEvent`, this:\n * 1. is UNAUTHENTICATED \u2014 it hits the public POST /api/telemetry/cli-error, so\n * it works before the user has any credentials (the exact pre-auth failures\n * that authenticated telemetry can never report), and\n * 2. is sent DIRECT, bypassing HTTPS_PROXY \u2014 a broken local gateway\n * (HTTPS_PROXY \u2192 :8787) is itself a prime cause of the 502s this beacon\n * exists to report, so routing the beacon through it would suppress the very\n * signal we need. We record whether a proxy WAS configured (`proxied`).\n * Best-effort: swallows every error, bounded to 4s, never throws or blocks.\n */\nexport async function emitErrorBeacon(fields: {\n command?: string;\n statusCode?: number;\n message?: string;\n cliVersion?: string;\n event?: string;\n props?: Record<string, unknown>;\n}): Promise<void> {\n if (telemetryDisabled()) return;\n\n const base = process.env.RULEMETRIC_API_URL ?? loadEnvFileAuth().apiUrl ?? DEFAULT_API_URL;\n const url = `${base}/api/telemetry/cli-error`;\n\n // Send direct: unset the proxy env for the duration of the request, then\n // restore it so subsequent `claude -p` calls still route through the gateway.\n const savedHttps = process.env.HTTPS_PROXY;\n const savedHttp = process.env.HTTP_PROXY;\n const proxied = savedHttps !== undefined || savedHttp !== undefined;\n delete process.env.HTTPS_PROXY;\n delete process.env.HTTP_PROXY;\n\n const controller = new AbortController();\n const timer = setTimeout(() => controller.abort(), 4000);\n try {\n await globalThis.fetch(url, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n 'User-Agent': `rulemetric-cli/${fields.cliVersion ?? 'unknown'}`,\n },\n // NO Authorization header \u2014 this endpoint is unauthenticated by design.\n body: JSON.stringify({\n event: fields.event ?? 'onboarding_error',\n deviceId: getDeviceId(),\n command: fields.command,\n statusCode: fields.statusCode,\n message: fields.message ? fields.message.slice(0, 500) : undefined,\n cliVersion: fields.cliVersion,\n os: platform(),\n nodeVersion: process.version,\n proxied,\n props: fields.props,\n }),\n signal: controller.signal,\n });\n } catch {\n /* best-effort */\n } finally {\n clearTimeout(timer);\n if (savedHttps !== undefined) process.env.HTTPS_PROXY = savedHttps;\n if (savedHttp !== undefined) process.env.HTTP_PROXY = savedHttp;\n }\n}\n"],
5
+ "mappings": ";;;;;;;;;;AAAA,SAAS,YAAY,kBAAkB;AACvC,SAAS,UAAU,gBAAgB;AACnC,SAAS,YAAY,WAAW,cAAc,qBAAqB;AACnE,SAAS,YAAY;AAgBrB,IAAM,iBAAiB;AAEhB,SAAS,oBAA6B;AAC3C,QAAM,MAAM,CAAC,MAA0B,MAAM,OAAO,MAAM;AAC1D,SAAO,IAAI,QAAQ,IAAI,uBAAuB,KAAK,IAAI,QAAQ,IAAI,YAAY;AACjF;AAMO,SAAS,cAAsB;AACpC,QAAM,MAAM,oBAAoB;AAChC,QAAM,OAAO,KAAK,KAAK,cAAc;AACrC,MAAI;AACF,QAAI,WAAW,IAAI,GAAG;AACpB,YAAM,SAAS,aAAa,MAAM,OAAO,EAAE,KAAK;AAChD,UAAI,OAAQ,QAAO;AAAA,IACrB;AAAA,EACF,QAAQ;AAAA,EAER;AAEA,QAAM,KAAK,WAAW,QAAQ,EAC3B,OAAO,GAAG,WAAW,CAAC,IAAI,SAAS,CAAC,EAAE,EACtC,OAAO,KAAK,EACZ,MAAM,GAAG,EAAE;AACd,MAAI;AACF,cAAU,KAAK,EAAE,WAAW,KAAK,CAAC;AAClC,kBAAc,MAAM,IAAI,EAAE,MAAM,IAAM,CAAC;AAAA,EACzC,QAAQ;AAAA,EAER;AACA,SAAO;AACT;AAMA,eAAsB,eACpB,OACA,QAAiC,CAAC,GAClC,YACe;AACf,MAAI,kBAAkB,EAAG;AACzB,MAAI;AAIF,UAAM,IAAI,6BAA6B;AAAA,MACrC,QAAQ;AAAA,MACR,MAAM;AAAA,QACJ;AAAA,QACA,UAAU,YAAY;AAAA,QACtB;AAAA,QACA,IAAI,SAAS;AAAA,QACb;AAAA,MACF;AAAA,MACA,WAAW;AAAA,IACb,CAAC;AAAA,EACH,QAAQ;AAAA,EAER;AACF;AAcA,eAAsB,gBAAgB,QAOpB;AAChB,MAAI,kBAAkB,EAAG;AAEzB,QAAM,OAAO,QAAQ,IAAI,sBAAsB,gBAAgB,EAAE,UAAU;AAC3E,QAAM,MAAM,GAAG,IAAI;AAInB,QAAM,aAAa,QAAQ,IAAI;AAC/B,QAAM,YAAY,QAAQ,IAAI;AAC9B,QAAM,UAAU,eAAe,UAAa,cAAc;AAC1D,SAAO,QAAQ,IAAI;AACnB,SAAO,QAAQ,IAAI;AAEnB,QAAM,aAAa,IAAI,gBAAgB;AACvC,QAAM,QAAQ,WAAW,MAAM,WAAW,MAAM,GAAG,GAAI;AACvD,MAAI;AACF,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B,QAAQ;AAAA,MACR,SAAS;AAAA,QACP,gBAAgB;AAAA,QAChB,cAAc,kBAAkB,OAAO,cAAc,SAAS;AAAA,MAChE;AAAA;AAAA,MAEA,MAAM,KAAK,UAAU;AAAA,QACnB,OAAO,OAAO,SAAS;AAAA,QACvB,UAAU,YAAY;AAAA,QACtB,SAAS,OAAO;AAAA,QAChB,YAAY,OAAO;AAAA,QACnB,SAAS,OAAO,UAAU,OAAO,QAAQ,MAAM,GAAG,GAAG,IAAI;AAAA,QACzD,YAAY,OAAO;AAAA,QACnB,IAAI,SAAS;AAAA,QACb,aAAa,QAAQ;AAAA,QACrB;AAAA,QACA,OAAO,OAAO;AAAA,MAChB,CAAC;AAAA,MACD,QAAQ,WAAW;AAAA,IACrB,CAAC;AAAA,EACH,QAAQ;AAAA,EAER,UAAE;AACA,iBAAa,KAAK;AAClB,QAAI,eAAe,OAAW,SAAQ,IAAI,cAAc;AACxD,QAAI,cAAc,OAAW,SAAQ,IAAI,aAAa;AAAA,EACxD;AACF;",
6
+ "names": []
7
+ }
@@ -1,14 +1,14 @@
1
- import {
2
- announceableEntries,
3
- parseChangelog
4
- } from "./chunk-E3BIT53W.js";
5
1
  import {
6
2
  renderChangelogAnnouncement
7
3
  } from "./chunk-QSN77T7C.js";
8
4
  import {
9
5
  announcements,
10
6
  getDb
11
- } from "./chunk-6EMZI4Y3.js";
7
+ } from "./chunk-EI5BHWXA.js";
8
+ import {
9
+ announceableEntries,
10
+ parseChangelog
11
+ } from "./chunk-E3BIT53W.js";
12
12
 
13
13
  // src/lib/handlers/process-changelog.ts
14
14
  import * as fs from "node:fs/promises";
@@ -119,4 +119,4 @@ async function processChangelog(deps = {}) {
119
119
  export {
120
120
  processChangelog
121
121
  };
122
- //# sourceMappingURL=chunk-CNMWYYSV.js.map
122
+ //# sourceMappingURL=chunk-HZK43UCF.js.map
@@ -0,0 +1,46 @@
1
+ // src/lib/proxy-respawn.ts
2
+ var DEAD_CHECKS_BEFORE_RESPAWN = 5;
3
+ var RESPAWN_COOLDOWN_MS = 10 * 6e4;
4
+ var MitmproxyRespawnMonitor = class {
5
+ constructor(deps) {
6
+ this.deps = deps;
7
+ }
8
+ deadStreak = 0;
9
+ lastAttemptAt = Number.NEGATIVE_INFINITY;
10
+ skipLoggedThisStreak = false;
11
+ /** Feed one health-check result (true = mitmproxy answered). */
12
+ onHealthCheck(alive) {
13
+ if (alive) {
14
+ this.deadStreak = 0;
15
+ this.skipLoggedThisStreak = false;
16
+ return;
17
+ }
18
+ this.deadStreak++;
19
+ if (this.deadStreak < DEAD_CHECKS_BEFORE_RESPAWN) return;
20
+ const now = (this.deps.now ?? Date.now)();
21
+ if (now - this.lastAttemptAt < RESPAWN_COOLDOWN_MS) return;
22
+ if (!this.deps.hasCrashEvidence()) {
23
+ if (!this.skipLoggedThisStreak) {
24
+ this.skipLoggedThisStreak = true;
25
+ this.deps.log(
26
+ "mitmproxy is down with no crash evidence (no local proxy.pid) \u2014 not auto-restarting (deliberate `proxy stop` or Docker-managed)"
27
+ );
28
+ }
29
+ return;
30
+ }
31
+ this.lastAttemptAt = now;
32
+ this.deps.log(
33
+ `mitmproxy dead for ${this.deadStreak} consecutive checks \u2014 attempting auto-restart (at most once per ${Math.round(RESPAWN_COOLDOWN_MS / 6e4)}min)`
34
+ );
35
+ if (!this.deps.respawn()) {
36
+ this.deps.log("auto-restart unavailable \u2014 run `rulemetric proxy start` to restore deep capture");
37
+ }
38
+ }
39
+ };
40
+
41
+ export {
42
+ DEAD_CHECKS_BEFORE_RESPAWN,
43
+ RESPAWN_COOLDOWN_MS,
44
+ MitmproxyRespawnMonitor
45
+ };
46
+ //# sourceMappingURL=chunk-ILYDELUE.js.map
@@ -0,0 +1,7 @@
1
+ {
2
+ "version": 3,
3
+ "sources": ["../src/lib/proxy-respawn.ts"],
4
+ "sourcesContent": ["/**\n * Conservative mitmproxy auto-restart, driven by the gateway's 3s health\n * checks. A mid-session mitmproxy crash otherwise stays silent \u2014 the gateway\n * routes direct by design, so deep capture is simply gone until the next\n * session's session-start hook runs.\n *\n * Guard rails (this must never become a restart loop, and must never fight a\n * deliberate `proxy stop`):\n * - respawn fires only after DEAD_CHECKS_BEFORE_RESPAWN consecutive dead\n * checks (a transient blip never triggers it);\n * - at most one attempt per RESPAWN_COOLDOWN_MS window (in-memory \u2014 a\n * gateway restart resets the window, which is fine: it also resets the\n * dead-streak requirement);\n * - only with crash evidence: a live proxy.pid file. `proxy stop` removes\n * the PID file, so a deliberate stop is never overridden. Docker-managed\n * proxies (pidfile `docker:<name>`) are Docker's to restart.\n *\n * Pure state machine \u2014 time, crash evidence, and the spawn are injected so\n * the transition logic is unit-testable without timers or processes.\n */\n\n/** ~15s of confirmed downtime at the gateway's 3s health cadence. */\nexport const DEAD_CHECKS_BEFORE_RESPAWN = 5;\nexport const RESPAWN_COOLDOWN_MS = 10 * 60_000;\n\nexport interface RespawnMonitorDeps {\n /** Clock override. Used in tests. */\n now?: () => number;\n /** Whether the local proxy.pid file evidences a crash (vs a deliberate stop). */\n hasCrashEvidence: () => boolean;\n /** Fire one detached respawn attempt. Returns false if respawn is unavailable. */\n respawn: () => boolean;\n log: (msg: string) => void;\n}\n\nexport class MitmproxyRespawnMonitor {\n private deadStreak = 0;\n private lastAttemptAt = Number.NEGATIVE_INFINITY;\n private skipLoggedThisStreak = false;\n\n constructor(private readonly deps: RespawnMonitorDeps) {}\n\n /** Feed one health-check result (true = mitmproxy answered). */\n onHealthCheck(alive: boolean): void {\n if (alive) {\n this.deadStreak = 0;\n this.skipLoggedThisStreak = false;\n return;\n }\n\n this.deadStreak++;\n if (this.deadStreak < DEAD_CHECKS_BEFORE_RESPAWN) return;\n\n const now = (this.deps.now ?? Date.now)();\n if (now - this.lastAttemptAt < RESPAWN_COOLDOWN_MS) return;\n\n if (!this.deps.hasCrashEvidence()) {\n if (!this.skipLoggedThisStreak) {\n this.skipLoggedThisStreak = true;\n this.deps.log(\n 'mitmproxy is down with no crash evidence (no local proxy.pid) \u2014 ' +\n 'not auto-restarting (deliberate `proxy stop` or Docker-managed)',\n );\n }\n return;\n }\n\n this.lastAttemptAt = now;\n this.deps.log(\n `mitmproxy dead for ${this.deadStreak} consecutive checks \u2014 attempting auto-restart ` +\n `(at most once per ${Math.round(RESPAWN_COOLDOWN_MS / 60_000)}min)`,\n );\n if (!this.deps.respawn()) {\n this.deps.log('auto-restart unavailable \u2014 run `rulemetric proxy start` to restore deep capture');\n }\n }\n}\n"],
5
+ "mappings": ";AAsBO,IAAM,6BAA6B;AACnC,IAAM,sBAAsB,KAAK;AAYjC,IAAM,0BAAN,MAA8B;AAAA,EAKnC,YAA6B,MAA0B;AAA1B;AAAA,EAA2B;AAAA,EAJhD,aAAa;AAAA,EACb,gBAAgB,OAAO;AAAA,EACvB,uBAAuB;AAAA;AAAA,EAK/B,cAAc,OAAsB;AAClC,QAAI,OAAO;AACT,WAAK,aAAa;AAClB,WAAK,uBAAuB;AAC5B;AAAA,IACF;AAEA,SAAK;AACL,QAAI,KAAK,aAAa,2BAA4B;AAElD,UAAM,OAAO,KAAK,KAAK,OAAO,KAAK,KAAK;AACxC,QAAI,MAAM,KAAK,gBAAgB,oBAAqB;AAEpD,QAAI,CAAC,KAAK,KAAK,iBAAiB,GAAG;AACjC,UAAI,CAAC,KAAK,sBAAsB;AAC9B,aAAK,uBAAuB;AAC5B,aAAK,KAAK;AAAA,UACR;AAAA,QAEF;AAAA,MACF;AACA;AAAA,IACF;AAEA,SAAK,gBAAgB;AACrB,SAAK,KAAK;AAAA,MACR,sBAAsB,KAAK,UAAU,wEACd,KAAK,MAAM,sBAAsB,GAAM,CAAC;AAAA,IACjE;AACA,QAAI,CAAC,KAAK,KAAK,QAAQ,GAAG;AACxB,WAAK,KAAK,IAAI,sFAAiF;AAAA,IACjG;AAAA,EACF;AACF;",
6
+ "names": []
7
+ }
@@ -0,0 +1,55 @@
1
+ // src/lib/diagnostics.ts
2
+ function parseNodeMajorMinor(v) {
3
+ const m = /^v?(\d+)\.(\d+)/.exec(v.trim());
4
+ if (!m) return { major: 0, minor: 0 };
5
+ return { major: Number(m[1]), minor: Number(m[2]) };
6
+ }
7
+ function isProxyBreakingNode(v) {
8
+ const { major, minor } = parseNodeMajorMinor(v);
9
+ if (major === 0) return false;
10
+ return major < 20 || major === 20 && minor < 11;
11
+ }
12
+ function diagnose(input) {
13
+ const oldNode = isProxyBreakingNode(input.nodeVersion);
14
+ if (!input.directApiOk) {
15
+ return {
16
+ severity: "fail",
17
+ headline: "Can't reach the API directly (proxy bypassed).",
18
+ hints: [
19
+ "Check your network/DNS/firewall and that you can reach https://rulemetric.com/health.",
20
+ "If a corporate proxy is required, it must allow rulemetric.com."
21
+ ]
22
+ };
23
+ }
24
+ if (input.httpsProxySet && input.proxyPathOk === false) {
25
+ const hints = [
26
+ "Direct reachability works but requests through your local proxy fail \u2014 your gateway/mitmproxy is the problem, NOT the API.",
27
+ input.gatewayAlive ? "Gateway (:8787) is up but not routing successfully." : "Gateway (:8787) is NOT listening \u2014 Claude Code/CLI traffic pointed at it will 502. Run `rulemetric hooks install` to restore it.",
28
+ input.mitmproxyAlive ? void 0 : "mitmproxy (:8788) is down \u2014 the gateway should route direct, so a 502 here points at the gateway itself.",
29
+ oldNode ? `Node ${input.nodeVersion} is < 20.11, which breaks the bundled proxy \u2014 upgrade Node to \u2265 20.11, or reinstall hooks with --no-proxy.` : void 0,
30
+ "Quick unblock: `rulemetric hooks install --no-proxy` (captures via hooks, no proxy), or `rulemetric proxy restart`."
31
+ ].filter((h) => Boolean(h));
32
+ return { severity: "fail", headline: "Your local proxy/gateway can't reach the API \u2014 this is the 502.", hints };
33
+ }
34
+ if (input.httpsProxySet && oldNode) {
35
+ return {
36
+ severity: "warn",
37
+ headline: `Node ${input.nodeVersion} is < 20.11 with a proxy configured \u2014 the proxy is likely dead.`,
38
+ hints: [
39
+ "Upgrade Node to \u2265 20.11 (older Node breaks the bundled proxy), or run `rulemetric hooks install --no-proxy`."
40
+ ]
41
+ };
42
+ }
43
+ return {
44
+ severity: "ok",
45
+ headline: "Healthy \u2014 the API is reachable" + (input.httpsProxySet ? " directly and through your proxy." : " (no proxy configured)."),
46
+ hints: []
47
+ };
48
+ }
49
+
50
+ export {
51
+ parseNodeMajorMinor,
52
+ isProxyBreakingNode,
53
+ diagnose
54
+ };
55
+ //# sourceMappingURL=chunk-J6QFW4LD.js.map
@@ -0,0 +1,7 @@
1
+ {
2
+ "version": 3,
3
+ "sources": ["../src/lib/diagnostics.ts"],
4
+ "sourcesContent": ["// Pure diagnosis logic for `rulemetric diagnostics` \u2014 kept out of the command so\n// the decision-making (which is the valuable, bug-prone part) is unit-testable\n// without spawning curl or opening sockets. The command does the probing and\n// feeds the raw booleans here.\n\nexport interface DiagnoseInput {\n /** e.g. \"22.17.1\" or \"v22.17.1\" */\n nodeVersion: string;\n /** GET /health succeeded DIRECT (proxy bypassed). */\n directApiOk: boolean;\n /** HTTPS_PROXY is configured in the environment / settings. */\n httpsProxySet: boolean;\n /** The local gateway (:8787) is listening. */\n gatewayAlive: boolean;\n /** mitmproxy (:8788) is listening. */\n mitmproxyAlive: boolean;\n /** GET /health succeeded THROUGH the configured proxy. null when no proxy is set. */\n proxyPathOk: boolean | null;\n}\n\nexport interface Diagnosis {\n severity: 'ok' | 'warn' | 'fail';\n headline: string;\n hints: string[];\n}\n\n/** Parse major/minor from \"22.17.1\" or \"v22.17.1\". Unknown \u2192 {0,0}. */\nexport function parseNodeMajorMinor(v: string): { major: number; minor: number } {\n const m = /^v?(\\d+)\\.(\\d+)/.exec(v.trim());\n if (!m) return { major: 0, minor: 0 };\n return { major: Number(m[1]), minor: Number(m[2]) };\n}\n\n/**\n * Node < 20.11 breaks the bundled proxy (it relies on a module-path API that is\n * undefined on older Node; see the 2026-07-07 field finding). Below 20.11 the\n * proxy is likely dead even\n * though HTTPS_PROXY is set \u2014 a prime cause of a client-side \"502 Bad Gateway\".\n */\nexport function isProxyBreakingNode(v: string): boolean {\n const { major, minor } = parseNodeMajorMinor(v);\n if (major === 0) return false; // couldn't parse \u2014 don't cry wolf\n return major < 20 || (major === 20 && minor < 11);\n}\n\n/**\n * Turn the raw probe results into a single actionable diagnosis. The headline\n * case this exists for: DIRECT reachability works but the PROXY path fails \u2192\n * the user's own local gateway is eating requests and returning 502, even though\n * production is perfectly healthy.\n */\nexport function diagnose(input: DiagnoseInput): Diagnosis {\n const oldNode = isProxyBreakingNode(input.nodeVersion);\n\n // 1. Can't even reach the API directly \u2192 not a proxy problem; network/DNS/down.\n if (!input.directApiOk) {\n return {\n severity: 'fail',\n headline: \"Can't reach the API directly (proxy bypassed).\",\n hints: [\n 'Check your network/DNS/firewall and that you can reach https://rulemetric.com/health.',\n 'If a corporate proxy is required, it must allow rulemetric.com.',\n ],\n };\n }\n\n // 2. Direct works but the PROXY path fails \u2192 the local gateway is the culprit.\n // This is the client-side \"502 Bad Gateway\" class.\n if (input.httpsProxySet && input.proxyPathOk === false) {\n const hints = [\n 'Direct reachability works but requests through your local proxy fail \u2014 your gateway/mitmproxy is the problem, NOT the API.',\n input.gatewayAlive\n ? 'Gateway (:8787) is up but not routing successfully.'\n : 'Gateway (:8787) is NOT listening \u2014 Claude Code/CLI traffic pointed at it will 502. Run `rulemetric hooks install` to restore it.',\n input.mitmproxyAlive ? undefined : 'mitmproxy (:8788) is down \u2014 the gateway should route direct, so a 502 here points at the gateway itself.',\n oldNode\n ? `Node ${input.nodeVersion} is < 20.11, which breaks the bundled proxy \u2014 upgrade Node to \u2265 20.11, or reinstall hooks with --no-proxy.`\n : undefined,\n 'Quick unblock: `rulemetric hooks install --no-proxy` (captures via hooks, no proxy), or `rulemetric proxy restart`.',\n ].filter((h): h is string => Boolean(h));\n return { severity: 'fail', headline: 'Your local proxy/gateway can\\'t reach the API \u2014 this is the 502.', hints };\n }\n\n // 3. Old Node + proxy configured but we couldn't positively confirm the proxy\n // path (e.g. curl unavailable) \u2192 warn, since the proxy is likely dead.\n if (input.httpsProxySet && oldNode) {\n return {\n severity: 'warn',\n headline: `Node ${input.nodeVersion} is < 20.11 with a proxy configured \u2014 the proxy is likely dead.`,\n hints: [\n 'Upgrade Node to \u2265 20.11 (older Node breaks the bundled proxy), or run `rulemetric hooks install --no-proxy`.',\n ],\n };\n }\n\n // 4. Everything reachable.\n return {\n severity: 'ok',\n headline: 'Healthy \u2014 the API is reachable' + (input.httpsProxySet ? ' directly and through your proxy.' : ' (no proxy configured).'),\n hints: [],\n };\n}\n"],
5
+ "mappings": ";AA2BO,SAAS,oBAAoB,GAA6C;AAC/E,QAAM,IAAI,kBAAkB,KAAK,EAAE,KAAK,CAAC;AACzC,MAAI,CAAC,EAAG,QAAO,EAAE,OAAO,GAAG,OAAO,EAAE;AACpC,SAAO,EAAE,OAAO,OAAO,EAAE,CAAC,CAAC,GAAG,OAAO,OAAO,EAAE,CAAC,CAAC,EAAE;AACpD;AAQO,SAAS,oBAAoB,GAAoB;AACtD,QAAM,EAAE,OAAO,MAAM,IAAI,oBAAoB,CAAC;AAC9C,MAAI,UAAU,EAAG,QAAO;AACxB,SAAO,QAAQ,MAAO,UAAU,MAAM,QAAQ;AAChD;AAQO,SAAS,SAAS,OAAiC;AACxD,QAAM,UAAU,oBAAoB,MAAM,WAAW;AAGrD,MAAI,CAAC,MAAM,aAAa;AACtB,WAAO;AAAA,MACL,UAAU;AAAA,MACV,UAAU;AAAA,MACV,OAAO;AAAA,QACL;AAAA,QACA;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAIA,MAAI,MAAM,iBAAiB,MAAM,gBAAgB,OAAO;AACtD,UAAM,QAAQ;AAAA,MACZ;AAAA,MACA,MAAM,eACF,wDACA;AAAA,MACJ,MAAM,iBAAiB,SAAY;AAAA,MACnC,UACI,QAAQ,MAAM,WAAW,yHACzB;AAAA,MACJ;AAAA,IACF,EAAE,OAAO,CAAC,MAAmB,QAAQ,CAAC,CAAC;AACvC,WAAO,EAAE,UAAU,QAAQ,UAAU,wEAAoE,MAAM;AAAA,EACjH;AAIA,MAAI,MAAM,iBAAiB,SAAS;AAClC,WAAO;AAAA,MACL,UAAU;AAAA,MACV,UAAU,QAAQ,MAAM,WAAW;AAAA,MACnC,OAAO;AAAA,QACL;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAGA,SAAO;AAAA,IACL,UAAU;AAAA,IACV,UAAU,yCAAoC,MAAM,gBAAgB,sCAAsC;AAAA,IAC1G,OAAO,CAAC;AAAA,EACV;AACF;",
6
+ "names": []
7
+ }
@@ -6,7 +6,7 @@ import {
6
6
  } from "./chunk-DGHWRQXL.js";
7
7
  import {
8
8
  apiPatch
9
- } from "./chunk-ZRLYHBPN.js";
9
+ } from "./chunk-ZUJBM6HE.js";
10
10
 
11
11
  // src/lib/handlers/process-launch.ts
12
12
  async function resolveWorktreeForLaunch(config) {
@@ -58,4 +58,4 @@ export {
58
58
  resolveWorktreeForLaunch,
59
59
  processLaunch
60
60
  };
61
- //# sourceMappingURL=chunk-OTOWLUOJ.js.map
61
+ //# sourceMappingURL=chunk-JULOLTZS.js.map
@@ -10,7 +10,7 @@ import {
10
10
  import {
11
11
  apiGet,
12
12
  apiPost
13
- } from "./chunk-ZRLYHBPN.js";
13
+ } from "./chunk-ZUJBM6HE.js";
14
14
 
15
15
  // src/lib/eval-conversation-handler.ts
16
16
  async function processConversationJob(jobConfig, evalTargetId, logger) {
@@ -217,4 +217,4 @@ async function handleAnalyzeAndPropose(target, evalCases, messages, userFeedback
217
217
  export {
218
218
  processConversationJob
219
219
  };
220
- //# sourceMappingURL=chunk-DR5WLIOU.js.map
220
+ //# sourceMappingURL=chunk-KJKBDQ4D.js.map
@@ -1,6 +1,3 @@
1
- import {
2
- PermanentJobError
3
- } from "./chunk-DGHWRQXL.js";
4
1
  import {
5
2
  sendEmail
6
3
  } from "./chunk-QSN77T7C.js";
@@ -10,7 +7,10 @@ import {
10
7
  getDb,
11
8
  notificationPreferences,
12
9
  profiles
13
- } from "./chunk-6EMZI4Y3.js";
10
+ } from "./chunk-EI5BHWXA.js";
11
+ import {
12
+ PermanentJobError
13
+ } from "./chunk-DGHWRQXL.js";
14
14
 
15
15
  // src/lib/handlers/process-announcement.ts
16
16
  import { and, asc, eq, gt, isNotNull } from "drizzle-orm";
@@ -154,4 +154,4 @@ async function sendOne(args) {
154
154
  export {
155
155
  processAnnouncement
156
156
  };
157
- //# sourceMappingURL=chunk-AHDRN6NE.js.map
157
+ //# sourceMappingURL=chunk-OO7JDFS4.js.map
@@ -163,6 +163,15 @@ function removeStatuslineShim(settings) {
163
163
  delete settings.statusLine;
164
164
  return true;
165
165
  }
166
+ var STATUSLINE_SHIM_SUFFIX = "/.claude/statusline-rulemetric.sh";
167
+ function removeStatuslineShimAnyHome(settings) {
168
+ const current = settings.statusLine;
169
+ const cmd = typeof current === "string" ? current : typeof current === "object" && current !== null ? current.command : void 0;
170
+ const isShim = typeof cmd === "string" && (cmd === STATUSLINE_SHIM_PATH || cmd.endsWith(STATUSLINE_SHIM_SUFFIX));
171
+ if (!isShim) return false;
172
+ delete settings.statusLine;
173
+ return true;
174
+ }
166
175
  function isStatuslineShimInstalled(settings) {
167
176
  const current = settings.statusLine;
168
177
  if (!current) return false;
@@ -179,6 +188,7 @@ export {
179
188
  STATUSLINE_SETTINGS_VALUE,
180
189
  readCurrentStatusLine,
181
190
  removeStatuslineShim,
191
+ removeStatuslineShimAnyHome,
182
192
  isStatuslineShimInstalled
183
193
  };
184
- //# sourceMappingURL=chunk-N2X35ITW.js.map
194
+ //# sourceMappingURL=chunk-OQBBVTDG.js.map
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
3
  "sources": ["../src/lib/statusline-shim.ts"],
4
- "sourcesContent": ["import { existsSync, readFileSync, writeFileSync, chmodSync } from 'node:fs';\nimport { homedir } from 'node:os';\nimport { join } from 'node:path';\n\n// Path where the shim script lives \u2014 readable by the `statusLine` config key.\nexport const STATUSLINE_SHIM_PATH = join(homedir(), '.claude', 'statusline-rulemetric.sh');\n\n/**\n * Write ~/.claude/statusline-rulemetric.sh.\n *\n * The script is invoked by Claude Code on every statusline refresh cycle.\n * Claude Code feeds a JSON payload on stdin that includes `rate_limits`\n * (same shape as GET /api/oauth/usage) using its own in-memory token \u2014\n * so freshness is tied to the statusline cadence, not the proxy capturing\n * a stale keychain token.\n *\n * The script:\n * 1. Reads stdin once (Claude Code closes it after the payload).\n * 2. If jq is available, extracts each rate_limit window and POSTs it to\n * POST /api/internal/research/observe as an oauth_usage observation.\n * 3. If a `prevCommand` is supplied (the user's original statusLine value),\n * it is executed with the same stdin forwarded so the user's prompt text\n * is still displayed \u2014 we must chain, not replace.\n * 4. Exits 0 regardless so Claude Code always gets a clean statusline.\n *\n * Auth is read from the same priority chain as the hook scripts:\n * ~/.config/rulemetric/env (RULEMETRIC_ACCESS_TOKEN / RULEMETRIC_API_KEY)\n * RULEMETRIC_API_KEY / RULEMETRIC_ACCESS_TOKEN env vars\n *\n * Returns the path written.\n */\nexport function writeStatuslineShim(prevCommand?: string): string {\n const chainBlock = prevCommand\n ? `\n# Chain to the original statusLine command so the user's prompt is preserved.\necho \"$STDIN_PAYLOAD\" | ${prevCommand}`\n : '';\n\n const script = `#!/usr/bin/env bash\n# RuleMetric statusline shim \u2014 auto-generated by \\`rulemetric hooks install --statusline-usage\\`\n# Captures Claude Code rate_limits from statusline stdin and forwards to the research pipeline.\n# DO NOT EDIT \u2014 re-run \\`rulemetric hooks install --statusline-usage\\` to regenerate.\n\nset -euo pipefail\n\n# Read stdin once (Claude Code closes the pipe after the payload).\nSTDIN_PAYLOAD=\"$(cat)\"\n\n# \u2500\u2500 Auth \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nCONFIG_ENV=\"$HOME/.config/rulemetric/env\"\nif [ -f \"$CONFIG_ENV\" ]; then\n # shellcheck source=/dev/null\n source \"$CONFIG_ENV\"\nfi\n\nAPI_URL=\"\\${RULEMETRIC_API_URL:-https://rulemetric.com}\"\nAUTH_TOKEN=\"\\${RULEMETRIC_ACCESS_TOKEN:-\\${RULEMETRIC_API_KEY:-}}\"\n\nif [ -z \"$AUTH_TOKEN\" ]; then\n # No auth \u2014 still chain so the user's statusline works.\n${chainBlock}\n exit 0\nfi\n\n# \u2500\u2500 Extract + POST rate_limit windows \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nif ! command -v jq &>/dev/null; then\n # jq missing \u2014 chain and bail; don't break the user's statusline.\n${chainBlock}\n exit 0\nfi\n\nOBSERVED_AT=\"$(date -u +%Y-%m-%dT%H:%M:%SZ)\"\nCACHE_DIR=\"$HOME/.config/rulemetric\"\nmkdir -p \"$CACHE_DIR\" 2>/dev/null || true\n\nfor WIRE_KEY in five_hour seven_day seven_day_opus; do\n # Map wire key \u2192 limit_type (case statement avoids bash 4 associative arrays).\n case \"$WIRE_KEY\" in\n five_hour) LIMIT_TYPE=\"five_hour_percent\" ;;\n seven_day) LIMIT_TYPE=\"seven_day_percent\" ;;\n seven_day_opus) LIMIT_TYPE=\"seven_day_opus_percent\" ;;\n *) continue ;;\n esac\n\n # Try both wire shapes:\n # Legacy: { \"rate_limits\": { \"five_hour\": { \"used_percentage\": ..., \"resets_at\": ... } } }\n # Current: { \"five_hour\": { \"used_percentage\": ..., \"resets_at\": ... } }\n WINDOW=\"$(echo \"$STDIN_PAYLOAD\" | jq -c \".rate_limits.\\${WIRE_KEY} // .\\${WIRE_KEY} // empty\" 2>/dev/null || true)\"\n\n if [ -z \"$WINDOW\" ] || [ \"$WINDOW\" = \"null\" ]; then\n continue\n fi\n\n USED_PCT=\"$(echo \"$WINDOW\" | jq '.used_percentage // empty' 2>/dev/null || true)\"\n RESETS_AT_EPOCH=\"$(echo \"$WINDOW\" | jq '.resets_at // empty' 2>/dev/null || true)\"\n\n if [ -z \"$USED_PCT\" ] || [ \"$USED_PCT\" = \"null\" ]; then\n continue\n fi\n\n # Convert unix epoch to ISO-8601 if present.\n if [ -n \"$RESETS_AT_EPOCH\" ] && [ \"$RESETS_AT_EPOCH\" != \"null\" ]; then\n RESETS_AT_ISO=\"$(date -u -r \"$RESETS_AT_EPOCH\" +%Y-%m-%dT%H:%M:%SZ 2>/dev/null \\\n || date -u -d \"@$RESETS_AT_EPOCH\" +%Y-%m-%dT%H:%M:%SZ 2>/dev/null \\\n || echo \"\")\"\n else\n RESETS_AT_ISO=\"\"\n fi\n\n # Skip stale windows. Claude Code can keep re-emitting a cached rate_limits\n # block after the reset time has passed; storing those rows floods the DB and\n # corrupts the \"current limits\" view.\n if [ -n \"$RESETS_AT_EPOCH\" ] && [ \"$RESETS_AT_EPOCH\" != \"null\" ]; then\n NOW_EPOCH=\"$(date -u +%s)\"\n if [ \"$RESETS_AT_EPOCH\" -lt \"$NOW_EPOCH\" ] 2>/dev/null; then\n continue\n fi\n else\n NOW_EPOCH=\"$(date -u +%s)\"\n fi\n\n # Local duplicate suppression mirrors the API's 30-minute freshness floor.\n # The statusline refreshes often; if the same window/value/reset is already\n # posted recently, another POST only burns an API request and DB connection.\n CACHE_FILE=\"$CACHE_DIR/statusline-usage-\\${LIMIT_TYPE}.cache\"\n CACHE_KEY=\"\\${LIMIT_TYPE}|\\${USED_PCT}|\\${RESETS_AT_ISO}\"\n if [ -f \"$CACHE_FILE\" ]; then\n read -r CACHED_AT CACHED_KEY < \"$CACHE_FILE\" || true\n if [ \"\\${CACHED_KEY:-}\" = \"$CACHE_KEY\" ] && [ $((NOW_EPOCH - \\${CACHED_AT:-0})) -lt 1800 ] 2>/dev/null; then\n continue\n fi\n fi\n printf '%s %s\\n' \"$NOW_EPOCH\" \"$CACHE_KEY\" > \"$CACHE_FILE.tmp\" 2>/dev/null \\\n && mv \"$CACHE_FILE.tmp\" \"$CACHE_FILE\" 2>/dev/null || true\n\n PAYLOAD=\"$(jq -nc \\\\\n --arg provider \"anthropic\" \\\\\n --arg plan \"unknown\" \\\\\n --argjson value \"$USED_PCT\" \\\\\n --arg limitType \"$LIMIT_TYPE\" \\\\\n --arg observedAt \"$OBSERVED_AT\" \\\\\n --arg resetsAt \"$RESETS_AT_ISO\" \\\\\n '{\n provider: $provider,\n plan: $plan,\n limitType: $limitType,\n value: $value,\n unit: \"percentage\",\n comparator: \"=\",\n sourceType: \"oauth_usage\",\n sourceUrl: null,\n confidence: 1.0,\n observedAt: $observedAt,\n resetsAt: (if $resetsAt == \"\" then null else $resetsAt end)\n }')\"\n\n curl -sf -o /dev/null \\\\\n -X POST \"$API_URL/api/internal/research/observe\" \\\\\n -H \"Content-Type: application/json\" \\\\\n -H \"Authorization: Bearer $AUTH_TOKEN\" \\\\\n --max-time 3 \\\\\n --data \"$PAYLOAD\" >/dev/null 2>&1 &\ndone\n\n${chainBlock}\nexit 0\n`;\n\n writeFileSync(STATUSLINE_SHIM_PATH, script, { encoding: 'utf-8' });\n chmodSync(STATUSLINE_SHIM_PATH, 0o755);\n return STATUSLINE_SHIM_PATH;\n}\n\n// The settings object shape for statusLine (Claude Code v1.x+).\nexport const STATUSLINE_SETTINGS_VALUE = {\n type: 'command' as const,\n command: STATUSLINE_SHIM_PATH,\n refreshInterval: 30,\n};\n\n/**\n * Read the current statusLine command from a settings object, if any.\n * Returns undefined if not set or already points to the shim (idempotent).\n * Handles both the legacy string form and the current object form.\n */\nexport function readCurrentStatusLine(\n settings: Record<string, unknown>,\n): string | undefined {\n const current = settings.statusLine;\n if (!current) return undefined;\n if (typeof current === 'string') {\n if (current === STATUSLINE_SHIM_PATH) return undefined;\n return current;\n }\n if (typeof current === 'object' && current !== null) {\n const cmd = (current as Record<string, unknown>).command;\n if (typeof cmd !== 'string') return undefined;\n if (cmd === STATUSLINE_SHIM_PATH) return undefined; // already installed\n return cmd;\n }\n return undefined;\n}\n\n/**\n * Remove our statusline shim from a settings object (uninstall). Only deletes\n * `settings.statusLine` when it points at OUR shim \u2014 a user-owned statusLine is\n * left untouched. Returns true iff it removed the shim. Without this, `hooks\n * uninstall` leaves Claude Code POSTing usage to rulemetric.com via the shim\n * even after the hooks + CLI are gone.\n */\nexport function removeStatuslineShim(settings: Record<string, unknown>): boolean {\n if (!isStatuslineShimInstalled(settings)) return false;\n delete settings.statusLine;\n return true;\n}\n\n/**\n * Returns true if the settings object already points to the shim.\n */\nexport function isStatuslineShimInstalled(settings: Record<string, unknown>): boolean {\n const current = settings.statusLine;\n if (!current) return false;\n if (typeof current === 'string') return current === STATUSLINE_SHIM_PATH;\n if (typeof current === 'object' && current !== null) {\n return (current as Record<string, unknown>).command === STATUSLINE_SHIM_PATH;\n }\n return false;\n}\n"],
5
- "mappings": ";AAAA,SAAmC,eAAe,iBAAiB;AACnE,SAAS,eAAe;AACxB,SAAS,YAAY;AAGd,IAAM,uBAAuB,KAAK,QAAQ,GAAG,WAAW,0BAA0B;AA0BlF,SAAS,oBAAoB,aAA8B;AAChE,QAAM,aAAa,cACf;AAAA;AAAA,0BAEoB,WAAW,KAC/B;AAEJ,QAAM,SAAS;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAsBf,UAAU;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOV,UAAU;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAiGV,UAAU;AAAA;AAAA;AAIV,gBAAc,sBAAsB,QAAQ,EAAE,UAAU,QAAQ,CAAC;AACjE,YAAU,sBAAsB,GAAK;AACrC,SAAO;AACT;AAGO,IAAM,4BAA4B;AAAA,EACvC,MAAM;AAAA,EACN,SAAS;AAAA,EACT,iBAAiB;AACnB;AAOO,SAAS,sBACd,UACoB;AACpB,QAAM,UAAU,SAAS;AACzB,MAAI,CAAC,QAAS,QAAO;AACrB,MAAI,OAAO,YAAY,UAAU;AAC/B,QAAI,YAAY,qBAAsB,QAAO;AAC7C,WAAO;AAAA,EACT;AACA,MAAI,OAAO,YAAY,YAAY,YAAY,MAAM;AACnD,UAAM,MAAO,QAAoC;AACjD,QAAI,OAAO,QAAQ,SAAU,QAAO;AACpC,QAAI,QAAQ,qBAAsB,QAAO;AACzC,WAAO;AAAA,EACT;AACA,SAAO;AACT;AASO,SAAS,qBAAqB,UAA4C;AAC/E,MAAI,CAAC,0BAA0B,QAAQ,EAAG,QAAO;AACjD,SAAO,SAAS;AAChB,SAAO;AACT;AAKO,SAAS,0BAA0B,UAA4C;AACpF,QAAM,UAAU,SAAS;AACzB,MAAI,CAAC,QAAS,QAAO;AACrB,MAAI,OAAO,YAAY,SAAU,QAAO,YAAY;AACpD,MAAI,OAAO,YAAY,YAAY,YAAY,MAAM;AACnD,WAAQ,QAAoC,YAAY;AAAA,EAC1D;AACA,SAAO;AACT;",
4
+ "sourcesContent": ["import { existsSync, readFileSync, writeFileSync, chmodSync } from 'node:fs';\nimport { homedir } from 'node:os';\nimport { join } from 'node:path';\n\n// Path where the shim script lives \u2014 readable by the `statusLine` config key.\nexport const STATUSLINE_SHIM_PATH = join(homedir(), '.claude', 'statusline-rulemetric.sh');\n\n/**\n * Write ~/.claude/statusline-rulemetric.sh.\n *\n * The script is invoked by Claude Code on every statusline refresh cycle.\n * Claude Code feeds a JSON payload on stdin that includes `rate_limits`\n * (same shape as GET /api/oauth/usage) using its own in-memory token \u2014\n * so freshness is tied to the statusline cadence, not the proxy capturing\n * a stale keychain token.\n *\n * The script:\n * 1. Reads stdin once (Claude Code closes it after the payload).\n * 2. If jq is available, extracts each rate_limit window and POSTs it to\n * POST /api/internal/research/observe as an oauth_usage observation.\n * 3. If a `prevCommand` is supplied (the user's original statusLine value),\n * it is executed with the same stdin forwarded so the user's prompt text\n * is still displayed \u2014 we must chain, not replace.\n * 4. Exits 0 regardless so Claude Code always gets a clean statusline.\n *\n * Auth is read from the same priority chain as the hook scripts:\n * ~/.config/rulemetric/env (RULEMETRIC_ACCESS_TOKEN / RULEMETRIC_API_KEY)\n * RULEMETRIC_API_KEY / RULEMETRIC_ACCESS_TOKEN env vars\n *\n * Returns the path written.\n */\nexport function writeStatuslineShim(prevCommand?: string): string {\n const chainBlock = prevCommand\n ? `\n# Chain to the original statusLine command so the user's prompt is preserved.\necho \"$STDIN_PAYLOAD\" | ${prevCommand}`\n : '';\n\n const script = `#!/usr/bin/env bash\n# RuleMetric statusline shim \u2014 auto-generated by \\`rulemetric hooks install --statusline-usage\\`\n# Captures Claude Code rate_limits from statusline stdin and forwards to the research pipeline.\n# DO NOT EDIT \u2014 re-run \\`rulemetric hooks install --statusline-usage\\` to regenerate.\n\nset -euo pipefail\n\n# Read stdin once (Claude Code closes the pipe after the payload).\nSTDIN_PAYLOAD=\"$(cat)\"\n\n# \u2500\u2500 Auth \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nCONFIG_ENV=\"$HOME/.config/rulemetric/env\"\nif [ -f \"$CONFIG_ENV\" ]; then\n # shellcheck source=/dev/null\n source \"$CONFIG_ENV\"\nfi\n\nAPI_URL=\"\\${RULEMETRIC_API_URL:-https://rulemetric.com}\"\nAUTH_TOKEN=\"\\${RULEMETRIC_ACCESS_TOKEN:-\\${RULEMETRIC_API_KEY:-}}\"\n\nif [ -z \"$AUTH_TOKEN\" ]; then\n # No auth \u2014 still chain so the user's statusline works.\n${chainBlock}\n exit 0\nfi\n\n# \u2500\u2500 Extract + POST rate_limit windows \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\nif ! command -v jq &>/dev/null; then\n # jq missing \u2014 chain and bail; don't break the user's statusline.\n${chainBlock}\n exit 0\nfi\n\nOBSERVED_AT=\"$(date -u +%Y-%m-%dT%H:%M:%SZ)\"\nCACHE_DIR=\"$HOME/.config/rulemetric\"\nmkdir -p \"$CACHE_DIR\" 2>/dev/null || true\n\nfor WIRE_KEY in five_hour seven_day seven_day_opus; do\n # Map wire key \u2192 limit_type (case statement avoids bash 4 associative arrays).\n case \"$WIRE_KEY\" in\n five_hour) LIMIT_TYPE=\"five_hour_percent\" ;;\n seven_day) LIMIT_TYPE=\"seven_day_percent\" ;;\n seven_day_opus) LIMIT_TYPE=\"seven_day_opus_percent\" ;;\n *) continue ;;\n esac\n\n # Try both wire shapes:\n # Legacy: { \"rate_limits\": { \"five_hour\": { \"used_percentage\": ..., \"resets_at\": ... } } }\n # Current: { \"five_hour\": { \"used_percentage\": ..., \"resets_at\": ... } }\n WINDOW=\"$(echo \"$STDIN_PAYLOAD\" | jq -c \".rate_limits.\\${WIRE_KEY} // .\\${WIRE_KEY} // empty\" 2>/dev/null || true)\"\n\n if [ -z \"$WINDOW\" ] || [ \"$WINDOW\" = \"null\" ]; then\n continue\n fi\n\n USED_PCT=\"$(echo \"$WINDOW\" | jq '.used_percentage // empty' 2>/dev/null || true)\"\n RESETS_AT_EPOCH=\"$(echo \"$WINDOW\" | jq '.resets_at // empty' 2>/dev/null || true)\"\n\n if [ -z \"$USED_PCT\" ] || [ \"$USED_PCT\" = \"null\" ]; then\n continue\n fi\n\n # Convert unix epoch to ISO-8601 if present.\n if [ -n \"$RESETS_AT_EPOCH\" ] && [ \"$RESETS_AT_EPOCH\" != \"null\" ]; then\n RESETS_AT_ISO=\"$(date -u -r \"$RESETS_AT_EPOCH\" +%Y-%m-%dT%H:%M:%SZ 2>/dev/null \\\n || date -u -d \"@$RESETS_AT_EPOCH\" +%Y-%m-%dT%H:%M:%SZ 2>/dev/null \\\n || echo \"\")\"\n else\n RESETS_AT_ISO=\"\"\n fi\n\n # Skip stale windows. Claude Code can keep re-emitting a cached rate_limits\n # block after the reset time has passed; storing those rows floods the DB and\n # corrupts the \"current limits\" view.\n if [ -n \"$RESETS_AT_EPOCH\" ] && [ \"$RESETS_AT_EPOCH\" != \"null\" ]; then\n NOW_EPOCH=\"$(date -u +%s)\"\n if [ \"$RESETS_AT_EPOCH\" -lt \"$NOW_EPOCH\" ] 2>/dev/null; then\n continue\n fi\n else\n NOW_EPOCH=\"$(date -u +%s)\"\n fi\n\n # Local duplicate suppression mirrors the API's 30-minute freshness floor.\n # The statusline refreshes often; if the same window/value/reset is already\n # posted recently, another POST only burns an API request and DB connection.\n CACHE_FILE=\"$CACHE_DIR/statusline-usage-\\${LIMIT_TYPE}.cache\"\n CACHE_KEY=\"\\${LIMIT_TYPE}|\\${USED_PCT}|\\${RESETS_AT_ISO}\"\n if [ -f \"$CACHE_FILE\" ]; then\n read -r CACHED_AT CACHED_KEY < \"$CACHE_FILE\" || true\n if [ \"\\${CACHED_KEY:-}\" = \"$CACHE_KEY\" ] && [ $((NOW_EPOCH - \\${CACHED_AT:-0})) -lt 1800 ] 2>/dev/null; then\n continue\n fi\n fi\n printf '%s %s\\n' \"$NOW_EPOCH\" \"$CACHE_KEY\" > \"$CACHE_FILE.tmp\" 2>/dev/null \\\n && mv \"$CACHE_FILE.tmp\" \"$CACHE_FILE\" 2>/dev/null || true\n\n PAYLOAD=\"$(jq -nc \\\\\n --arg provider \"anthropic\" \\\\\n --arg plan \"unknown\" \\\\\n --argjson value \"$USED_PCT\" \\\\\n --arg limitType \"$LIMIT_TYPE\" \\\\\n --arg observedAt \"$OBSERVED_AT\" \\\\\n --arg resetsAt \"$RESETS_AT_ISO\" \\\\\n '{\n provider: $provider,\n plan: $plan,\n limitType: $limitType,\n value: $value,\n unit: \"percentage\",\n comparator: \"=\",\n sourceType: \"oauth_usage\",\n sourceUrl: null,\n confidence: 1.0,\n observedAt: $observedAt,\n resetsAt: (if $resetsAt == \"\" then null else $resetsAt end)\n }')\"\n\n curl -sf -o /dev/null \\\\\n -X POST \"$API_URL/api/internal/research/observe\" \\\\\n -H \"Content-Type: application/json\" \\\\\n -H \"Authorization: Bearer $AUTH_TOKEN\" \\\\\n --max-time 3 \\\\\n --data \"$PAYLOAD\" >/dev/null 2>&1 &\ndone\n\n${chainBlock}\nexit 0\n`;\n\n writeFileSync(STATUSLINE_SHIM_PATH, script, { encoding: 'utf-8' });\n chmodSync(STATUSLINE_SHIM_PATH, 0o755);\n return STATUSLINE_SHIM_PATH;\n}\n\n// The settings object shape for statusLine (Claude Code v1.x+).\nexport const STATUSLINE_SETTINGS_VALUE = {\n type: 'command' as const,\n command: STATUSLINE_SHIM_PATH,\n refreshInterval: 30,\n};\n\n/**\n * Read the current statusLine command from a settings object, if any.\n * Returns undefined if not set or already points to the shim (idempotent).\n * Handles both the legacy string form and the current object form.\n */\nexport function readCurrentStatusLine(\n settings: Record<string, unknown>,\n): string | undefined {\n const current = settings.statusLine;\n if (!current) return undefined;\n if (typeof current === 'string') {\n if (current === STATUSLINE_SHIM_PATH) return undefined;\n return current;\n }\n if (typeof current === 'object' && current !== null) {\n const cmd = (current as Record<string, unknown>).command;\n if (typeof cmd !== 'string') return undefined;\n if (cmd === STATUSLINE_SHIM_PATH) return undefined; // already installed\n return cmd;\n }\n return undefined;\n}\n\n/**\n * Remove our statusline shim from a settings object (uninstall). Only deletes\n * `settings.statusLine` when it points at OUR shim \u2014 a user-owned statusLine is\n * left untouched. Returns true iff it removed the shim. Without this, `hooks\n * uninstall` leaves Claude Code POSTing usage to rulemetric.com via the shim\n * even after the hooks + CLI are gone.\n */\nexport function removeStatuslineShim(settings: Record<string, unknown>): boolean {\n if (!isStatuslineShimInstalled(settings)) return false;\n delete settings.statusLine;\n return true;\n}\n\n// The shim's path suffix is identical on every machine \u2014 only the $HOME prefix\n// differs. Forward slashes only: settings files are written with POSIX paths\n// on the platforms the shim supports (the shim itself is a bash script).\nconst STATUSLINE_SHIM_SUFFIX = '/.claude/statusline-rulemetric.sh';\n\n/**\n * Like removeStatuslineShim, but also matches a shim written by ANOTHER\n * machine's install: the statusLine path is $HOME-anchored, so a shared\n * `.claude/settings.json` poisoned by a teammate's install carries THEIR home\n * prefix and the exact-path check misses it. Only our fixed shim filename can\n * match \u2014 a user-owned statusLine is never removed. Returns true iff removed.\n */\nexport function removeStatuslineShimAnyHome(settings: Record<string, unknown>): boolean {\n const current = settings.statusLine;\n const cmd =\n typeof current === 'string'\n ? current\n : typeof current === 'object' && current !== null\n ? (current as Record<string, unknown>).command\n : undefined;\n const isShim =\n typeof cmd === 'string' && (cmd === STATUSLINE_SHIM_PATH || cmd.endsWith(STATUSLINE_SHIM_SUFFIX));\n if (!isShim) return false;\n delete settings.statusLine;\n return true;\n}\n\n/**\n * Returns true if the settings object already points to the shim.\n */\nexport function isStatuslineShimInstalled(settings: Record<string, unknown>): boolean {\n const current = settings.statusLine;\n if (!current) return false;\n if (typeof current === 'string') return current === STATUSLINE_SHIM_PATH;\n if (typeof current === 'object' && current !== null) {\n return (current as Record<string, unknown>).command === STATUSLINE_SHIM_PATH;\n }\n return false;\n}\n"],
5
+ "mappings": ";AAAA,SAAmC,eAAe,iBAAiB;AACnE,SAAS,eAAe;AACxB,SAAS,YAAY;AAGd,IAAM,uBAAuB,KAAK,QAAQ,GAAG,WAAW,0BAA0B;AA0BlF,SAAS,oBAAoB,aAA8B;AAChE,QAAM,aAAa,cACf;AAAA;AAAA,0BAEoB,WAAW,KAC/B;AAEJ,QAAM,SAAS;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAsBf,UAAU;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOV,UAAU;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAiGV,UAAU;AAAA;AAAA;AAIV,gBAAc,sBAAsB,QAAQ,EAAE,UAAU,QAAQ,CAAC;AACjE,YAAU,sBAAsB,GAAK;AACrC,SAAO;AACT;AAGO,IAAM,4BAA4B;AAAA,EACvC,MAAM;AAAA,EACN,SAAS;AAAA,EACT,iBAAiB;AACnB;AAOO,SAAS,sBACd,UACoB;AACpB,QAAM,UAAU,SAAS;AACzB,MAAI,CAAC,QAAS,QAAO;AACrB,MAAI,OAAO,YAAY,UAAU;AAC/B,QAAI,YAAY,qBAAsB,QAAO;AAC7C,WAAO;AAAA,EACT;AACA,MAAI,OAAO,YAAY,YAAY,YAAY,MAAM;AACnD,UAAM,MAAO,QAAoC;AACjD,QAAI,OAAO,QAAQ,SAAU,QAAO;AACpC,QAAI,QAAQ,qBAAsB,QAAO;AACzC,WAAO;AAAA,EACT;AACA,SAAO;AACT;AASO,SAAS,qBAAqB,UAA4C;AAC/E,MAAI,CAAC,0BAA0B,QAAQ,EAAG,QAAO;AACjD,SAAO,SAAS;AAChB,SAAO;AACT;AAKA,IAAM,yBAAyB;AASxB,SAAS,4BAA4B,UAA4C;AACtF,QAAM,UAAU,SAAS;AACzB,QAAM,MACJ,OAAO,YAAY,WACf,UACA,OAAO,YAAY,YAAY,YAAY,OACxC,QAAoC,UACrC;AACR,QAAM,SACJ,OAAO,QAAQ,aAAa,QAAQ,wBAAwB,IAAI,SAAS,sBAAsB;AACjG,MAAI,CAAC,OAAQ,QAAO;AACpB,SAAO,SAAS;AAChB,SAAO;AACT;AAKO,SAAS,0BAA0B,UAA4C;AACpF,QAAM,UAAU,SAAS;AACzB,MAAI,CAAC,QAAS,QAAO;AACrB,MAAI,OAAO,YAAY,SAAU,QAAO,YAAY;AACpD,MAAI,OAAO,YAAY,YAAY,YAAY,MAAM;AACnD,WAAQ,QAAoC,YAAY;AAAA,EAC1D;AACA,SAAO;AACT;",
6
6
  "names": []
7
7
  }
@@ -1,7 +1,7 @@
1
1
  import {
2
2
  apiGet,
3
3
  apiPost
4
- } from "./chunk-ZRLYHBPN.js";
4
+ } from "./chunk-ZUJBM6HE.js";
5
5
 
6
6
  // src/lib/eval-benchmark.ts
7
7
  function computeStats(values) {
@@ -89,4 +89,4 @@ export {
89
89
  aggregateBenchmark,
90
90
  postBenchmark
91
91
  };
92
- //# sourceMappingURL=chunk-3QH73QOQ.js.map
92
+ //# sourceMappingURL=chunk-PED7L5GX.js.map
@@ -1,10 +1,10 @@
1
+ import {
2
+ buildRecommendationPrompt
3
+ } from "./chunk-E3BIT53W.js";
1
4
  import {
2
5
  detectLlmBackend,
3
6
  runLlmPrompt
4
7
  } from "./chunk-FZKLLNDS.js";
5
- import {
6
- buildRecommendationPrompt
7
- } from "./chunk-E3BIT53W.js";
8
8
  import {
9
9
  detectLanguages
10
10
  } from "./chunk-OQSQC7VB.js";
@@ -14,7 +14,7 @@ import {
14
14
  import {
15
15
  apiGet,
16
16
  apiPost
17
- } from "./chunk-ZRLYHBPN.js";
17
+ } from "./chunk-ZUJBM6HE.js";
18
18
 
19
19
  // src/lib/handlers/cron-suggest-instructions.ts
20
20
  import { readFileSync } from "node:fs";
@@ -164,4 +164,4 @@ var cronSuggestInstructions = async (_payload, helpers) => {
164
164
  export {
165
165
  cronSuggestInstructions
166
166
  };
167
- //# sourceMappingURL=chunk-VBGUNFKY.js.map
167
+ //# sourceMappingURL=chunk-PMI56ED5.js.map
@@ -1,14 +1,16 @@
1
1
  import {
2
+ RULEMETRIC_NO_PROXY,
2
3
  detectInstalledTools,
3
4
  hasRulemetricClaudeHooks,
4
- mergeClaudeCodeHooks
5
- } from "./chunk-XN23W5HL.js";
5
+ mergeClaudeCodeHooks,
6
+ removeRulemetricMachineState
7
+ } from "./chunk-4KRMZLQV.js";
6
8
  import {
7
9
  GATEWAY_PORT
8
- } from "./chunk-DAJNO4OI.js";
10
+ } from "./chunk-4LYCDS2N.js";
9
11
  import {
10
12
  apiGet
11
- } from "./chunk-ZRLYHBPN.js";
13
+ } from "./chunk-ZUJBM6HE.js";
12
14
  import {
13
15
  getDefaultConfigDir,
14
16
  isAuthenticated
@@ -78,8 +80,8 @@ async function workerActive() {
78
80
  return false;
79
81
  }
80
82
  }
81
- function readProjectSettings(projectPath) {
82
- const settingsPath = join(projectPath, ".claude", "settings.json");
83
+ function readProjectSettings(projectPath, fileName) {
84
+ const settingsPath = join(projectPath, ".claude", fileName);
83
85
  let settings = {};
84
86
  let before = null;
85
87
  if (existsSync(settingsPath)) {
@@ -93,18 +95,25 @@ function readProjectSettings(projectPath) {
93
95
  return { settings, before };
94
96
  }
95
97
  function projectHooksSettings(projectPath) {
96
- const { settings, before } = readProjectSettings(projectPath);
98
+ const { settings, before } = readProjectSettings(projectPath, "settings.local.json");
97
99
  mergeClaudeCodeHooks(settings);
98
100
  return { before, after: JSON.stringify(settings, null, 2) };
99
101
  }
100
102
  function projectProxyEnvSettings(projectPath) {
101
- const { settings, before } = readProjectSettings(projectPath);
103
+ const { settings, before } = readProjectSettings(projectPath, "settings.local.json");
102
104
  const env = { ...settings.env ?? {} };
103
105
  env.HTTPS_PROXY = `http://localhost:${GATEWAY_PORT}`;
104
- env.NO_PROXY = "localhost,127.0.0.1,*.supabase.co,*.supabase.in";
106
+ env.NO_PROXY = RULEMETRIC_NO_PROXY;
105
107
  env.NODE_EXTRA_CA_CERTS = CERT_PATH;
106
108
  return { before, after: JSON.stringify({ ...settings, env }, null, 2) };
107
109
  }
110
+ function projectSharedSettingsMigration(projectPath) {
111
+ const { settings, before } = readProjectSettings(projectPath, "settings.json");
112
+ if (before === null) return null;
113
+ const { removed } = removeRulemetricMachineState(settings, GATEWAY_PORT);
114
+ if (!removed) return null;
115
+ return { before, after: JSON.stringify(settings, null, 2) };
116
+ }
108
117
  var WORKER_PLIST_PATH = join(homedir(), "Library", "LaunchAgents", "com.rulemetric.worker.plist");
109
118
  var WORKER_SYSTEMD_PATH = join(homedir(), ".config", "systemd", "user", "rulemetric-worker.service");
110
119
  function runCommand(cmd) {
@@ -210,17 +219,19 @@ var STEPS = [
210
219
  // user declines the proxy.
211
220
  command: "rulemetric hooks install",
212
221
  async detect(ctx) {
213
- const settingsPath = join(ctx.projectPath, ".claude", "settings.json");
214
- if (!existsSync(settingsPath)) return false;
215
- try {
216
- const settings = JSON.parse(readFileSync(settingsPath, "utf-8"));
217
- return hasRulemetricClaudeHooks(settings);
218
- } catch {
219
- return false;
222
+ for (const fileName of ["settings.local.json", "settings.json"]) {
223
+ const settingsPath = join(ctx.projectPath, ".claude", fileName);
224
+ if (!existsSync(settingsPath)) continue;
225
+ try {
226
+ const settings = JSON.parse(readFileSync(settingsPath, "utf-8"));
227
+ if (hasRulemetricClaudeHooks(settings)) return true;
228
+ } catch {
229
+ }
220
230
  }
231
+ return false;
221
232
  },
222
233
  async plan(ctx) {
223
- const settingsPath = join(ctx.projectPath, ".claude", "settings.json");
234
+ const settingsPath = join(ctx.projectPath, ".claude", "settings.local.json");
224
235
  const { before, after } = projectHooksSettings(ctx.projectPath);
225
236
  const artifacts = [
226
237
  { path: settingsPath, kind: "file", before, after },
@@ -238,7 +249,7 @@ var STEPS = [
238
249
  // CA-trust sudo skips the machine-wide layer and stays hooks-only.
239
250
  {
240
251
  // The proxy env block `hooks install` §2 adds to the SAME
241
- // .claude/settings.json (HTTPS_PROXY / NO_PROXY / NODE_EXTRA_CA_CERTS).
252
+ // .claude/settings.local.json (HTTPS_PROXY / NO_PROXY / NODE_EXTRA_CA_CERTS).
242
253
  path: `${settingsPath} (proxy env block)`,
243
254
  kind: "file",
244
255
  ...projectProxyEnvSettings(ctx.projectPath)
@@ -268,6 +279,14 @@ var STEPS = [
268
279
  after: "started (routes Claude Code \u2192 mitmproxy \u2192 Anthropic; falls back to direct if mitmproxy is down)"
269
280
  }
270
281
  ];
282
+ const sharedMigration = projectSharedSettingsMigration(ctx.projectPath);
283
+ if (sharedMigration) {
284
+ artifacts.push({
285
+ path: `${join(ctx.projectPath, ".claude", "settings.json")} (removes RuleMetric machine-local state left by an older install \u2014 see the local-file artifacts above for where it moves)`,
286
+ kind: "file",
287
+ ...sharedMigration
288
+ });
289
+ }
271
290
  for (const tool of detectInstalledTools(ctx.projectPath).filter((t) => t === "cursor" || t === "copilot_agent")) {
272
291
  artifacts.push({
273
292
  path: `${ctx.projectPath} (${tool} workspace proxy config)`,
@@ -392,4 +411,4 @@ export {
392
411
  isStepId,
393
412
  computeStatus
394
413
  };
395
- //# sourceMappingURL=chunk-XNNOXGP6.js.map
414
+ //# sourceMappingURL=chunk-POFTPB33.js.map
@@ -0,0 +1,7 @@
1
+ {
2
+ "version": 3,
3
+ "sources": ["../src/lib/setup-steps.ts"],
4
+ "sourcesContent": ["import { execSync } from 'node:child_process';\nimport { existsSync, readFileSync } from 'node:fs';\nimport { homedir } from 'node:os';\nimport { join } from 'node:path';\nimport { isAuthenticated, getDefaultConfigDir } from './auth.js';\nimport { apiGet } from './api-client.js';\nimport { GATEWAY_PORT, isGatewayListening } from './gateway-lifecycle.js';\nimport {\n detectInstalledTools,\n mergeClaudeCodeHooks,\n hasRulemetricClaudeHooks,\n removeRulemetricMachineState,\n RULEMETRIC_NO_PROXY,\n} from './hooks-config.js';\n\n/**\n * Data model for the four core onboarding steps, shared (by step-ID list +\n * install-monotonicity) with the web reducer `deriveSetupProgress()`.\n *\n * The two surfaces are separate implementations by necessity, but they no\n * longer read *different sources* for the same fact:\n * - Server-observable signals (cli-worker heartbeat / captured session) are\n * unified through the shared `GET /api/setup/status` endpoint \u2014 the CLI's\n * `workerActive()` and the web's `use-setup-progress.ts` both bottom out on\n * that one server-side authority, so they cannot drift on it.\n * - Local signals (auth = `~/.config/rulemetric` creds via `isAuthenticated()`,\n * hooks = cwd `.claude/settings.local.json`, falling back to the shared\n * `settings.json` for legacy installs) stay machine-local: the browser\n * cannot read the user's filesystem, so these legitimately differ from the\n * web's account-scoped proxies for the same step (see the design doc's\n * \"Shared step model, two implementations\").\n * Each step exposes:\n * - detect(): is it done? (reads a local/remote signal, never mutates)\n * - plan(): what would apply() write? (read-only, returns diffs/artifacts)\n * - apply(): perform the step (thin \u2014 shells out to existing commands)\n */\n\nexport const CORE_STEP_IDS = ['install', 'auth', 'hooks', 'worker'] as const;\n// Optional steps live in the walk (offered, recommended) but do NOT gate\n// `coreComplete` \u2014 declining them still leaves the user fully onboarded. The\n// proxy/CA capture now ships as the DEFAULT of the core `hooks` step (see that\n// step's plan(), which fully discloses the invasive MITM/keychain side effects\n// up front); it is not a separate opt-in step. The mechanism is retained for\n// any future optional step.\nexport const OPTIONAL_STEP_IDS = [] as const;\nexport const ALL_STEP_IDS = [...CORE_STEP_IDS, ...OPTIONAL_STEP_IDS] as const;\nexport type StepId = (typeof ALL_STEP_IDS)[number];\n\nexport type ArtifactKind = 'file' | 'command' | 'service';\n\nexport interface Artifact {\n path: string;\n kind: ArtifactKind;\n before: string | null;\n after: string | null;\n /** True when `after` contains a masked secret (never the raw value). */\n masked?: boolean;\n}\n\nexport interface StepPlan {\n id: StepId;\n title: string;\n command?: string;\n artifacts: Artifact[];\n}\n\nexport interface SetupContext {\n projectPath: string;\n configDir: string;\n}\n\nexport interface SetupStep {\n id: StepId;\n title: string;\n command?: string;\n /** Optional steps are offered in the walk but never gate `coreComplete`. */\n optional?: boolean;\n detect(ctx: SetupContext): Promise<boolean>;\n plan(ctx: SetupContext): Promise<StepPlan>;\n apply(ctx: SetupContext): Promise<void>;\n}\n\nexport interface StepStatus {\n id: StepId;\n done: boolean;\n}\n\nexport interface SetupStatus {\n steps: StepStatus[];\n coreComplete: boolean;\n currentStepId: StepId | null;\n}\n\n/** Build the default context from the current process (cwd + config dir). */\nexport function defaultContext(): SetupContext {\n return {\n projectPath: process.cwd(),\n configDir: getDefaultConfigDir(),\n };\n}\n\nconst CERT_PATH = join(homedir(), '.mitmproxy', 'mitmproxy-ca-cert.pem');\n\n/**\n * Mask a secret: keep the first 4 and last 4 characters, replace the middle\n * with asterisks. Strings too short to reveal safely are fully masked.\n */\nexport function maskToken(s: string): string {\n if (!s) return '';\n if (s.length <= 8) return '*'.repeat(s.length);\n const head = s.slice(0, 4);\n const tail = s.slice(-4);\n return `${head}${'*'.repeat(Math.max(4, s.length - 8))}${tail}`;\n}\n\n/**\n * Simple line-oriented +/- diff for terminal display. Not a real LCS \u2014 good\n * enough to show a human/agent exactly which lines an artifact would change.\n */\nexport function renderDiff(before: string | null, after: string | null): string {\n const beforeLines = before === null ? [] : before.replace(/\\n$/, '').split('\\n');\n const afterLines = after === null ? [] : after.replace(/\\n$/, '').split('\\n');\n const out: string[] = [];\n const max = Math.max(beforeLines.length, afterLines.length);\n for (let i = 0; i < max; i++) {\n const b = beforeLines[i];\n const a = afterLines[i];\n if (b === a) {\n out.push(` ${b}`);\n } else {\n if (b !== undefined) out.push(`-${b}`);\n if (a !== undefined) out.push(`+${a}`);\n }\n }\n return out.join('\\n');\n}\n\n/** Read a single KEY=value from the env file, or null if absent. */\nfunction readEnvValue(configDir: string, key: string): string | null {\n const envPath = join(configDir, 'env');\n if (!existsSync(envPath)) return null;\n try {\n const content = readFileSync(envPath, 'utf-8');\n const match = content.match(new RegExp(`^${key}=(.+)$`, 'm'));\n return match ? match[1] : null;\n } catch {\n return null;\n }\n}\n\n/**\n * Is a CLI worker heartbeat active for the caller? (best-effort, network)\n *\n * Reads the shared `GET /api/setup/status` endpoint's `workerActive` field\n * rather than re-deriving it from `/api/workers/status`. That endpoint computes\n * the cli-worker heartbeat signal server-side using the SAME window +\n * staleness thresholds + `workerType === 'cli-worker'` filter the web strip\n * uses, so the CLI and web can't drift on this fact by construction (they used\n * to each filter/threshold client-side, which is exactly how they could\n * disagree). Fast-fails after 2.5s so `setup --json` / `setup plan` degrade to\n * \"not running\" instead of blocking on a stalled connection \u2014 detection is a\n * UX signal, not a correctness gate; offline \u2192 false.\n */\nasync function workerActive(): Promise<boolean> {\n if (!isAuthenticated()) return false;\n try {\n const status = await Promise.race([\n apiGet<{\n cliEverConnected?: boolean;\n anyCapturedSession?: boolean;\n workerActive?: boolean;\n }>('/api/setup/status'),\n new Promise<never>((_, reject) =>\n setTimeout(() => reject(new Error('setup/status timeout')), 2500),\n ),\n ]);\n return status?.workerActive === true;\n } catch {\n return false;\n }\n}\n\n/** Read a project `.claude/<fileName>` settings file for a read-only preview (no throw). */\nfunction readProjectSettings(\n projectPath: string,\n fileName: string,\n): { settings: Record<string, unknown>; before: string | null } {\n const settingsPath = join(projectPath, '.claude', fileName);\n let settings: Record<string, unknown> = {};\n let before: string | null = null;\n if (existsSync(settingsPath)) {\n try {\n before = readFileSync(settingsPath, 'utf-8').replace(/\\n$/, '');\n settings = JSON.parse(before) as Record<string, unknown>;\n } catch {\n settings = {};\n }\n }\n return { settings, before };\n}\n\n/**\n * Compute the in-memory `.claude/settings.local.json` after the RuleMetric\n * session HOOKS are merged, WITHOUT touching disk. This is the \u00A71 (hooks)\n * portion of the diff; the proxy env block that `hooks install` \u00A72 also writes\n * is disclosed separately via projectProxyEnvSettings so the two changes read\n * distinctly. Machine-local state targets settings.local.json \u2014 the shared\n * settings.json is typically checked into git (see claudeSettingsInstallPath).\n */\nfunction projectHooksSettings(projectPath: string): { before: string | null; after: string } {\n const { settings, before } = readProjectSettings(projectPath, 'settings.local.json');\n mergeClaudeCodeHooks(settings);\n return { before, after: JSON.stringify(settings, null, 2) };\n}\n\n/**\n * The proxy-env addition to `.claude/settings.local.json` that `hooks install`\n * \u00A72 makes on the default path \u2014 for the disclosure diff only. Read-only.\n */\nfunction projectProxyEnvSettings(projectPath: string): { before: string | null; after: string } {\n const { settings, before } = readProjectSettings(projectPath, 'settings.local.json');\n const env = { ...((settings.env as Record<string, string>) ?? {}) };\n env.HTTPS_PROXY = `http://localhost:${GATEWAY_PORT}`;\n env.NO_PROXY = RULEMETRIC_NO_PROXY;\n env.NODE_EXTRA_CA_CERTS = CERT_PATH;\n return { before, after: JSON.stringify({ ...settings, env }, null, 2) };\n}\n\n/**\n * The migration edit `hooks install` makes to the SHARED `.claude/settings.json`\n * when it still carries RuleMetric machine-local state (legacy installs wrote\n * hooks + proxy env there; that state moves to settings.local.json). Returns\n * null when there is nothing of ours to remove \u2014 including when the shared\n * file is absent or unparseable (install skips it then too). Read-only.\n */\nfunction projectSharedSettingsMigration(projectPath: string): { before: string | null; after: string } | null {\n const { settings, before } = readProjectSettings(projectPath, 'settings.json');\n if (before === null) return null;\n const { removed } = removeRulemetricMachineState(settings, GATEWAY_PORT);\n if (!removed) return null;\n return { before, after: JSON.stringify(settings, null, 2) };\n}\n\nconst WORKER_PLIST_PATH = join(homedir(), 'Library', 'LaunchAgents', 'com.rulemetric.worker.plist');\nconst WORKER_SYSTEMD_PATH = join(homedir(), '.config', 'systemd', 'user', 'rulemetric-worker.service');\n\n/** Run a command with inherited stdio (interactive-friendly). Thin apply(). */\nfunction runCommand(cmd: string): void {\n execSync(cmd, { stdio: 'inherit' });\n}\n\nexport const STEPS: SetupStep[] = [\n {\n id: 'install',\n title: 'Install the CLI',\n command: 'npm install -g @rulemetric/cli',\n // Monotonic: the CLI must exist to produce any downstream signal, so it\n // greens off auth or worker presence (nothing local phones home before).\n async detect(): Promise<boolean> {\n return isAuthenticated() || (await workerActive());\n },\n async plan(): Promise<StepPlan> {\n return {\n id: 'install',\n title: 'Install the CLI',\n command: 'npm install -g @rulemetric/cli',\n artifacts: [\n {\n path: 'npm install -g @rulemetric/cli',\n kind: 'command',\n before: null,\n after: 'rulemetric --version # verifies the binary is on PATH',\n },\n ],\n };\n },\n async apply(): Promise<void> {\n runCommand('npm install -g @rulemetric/cli');\n },\n },\n {\n id: 'auth',\n title: 'Authenticate',\n command: 'rulemetric auth login',\n async detect(): Promise<boolean> {\n return isAuthenticated();\n },\n async plan(ctx): Promise<StepPlan> {\n const envPath = join(ctx.configDir, 'env');\n // Guard the read like the sibling helpers (readEnvValue /\n // projectHooksSettings) do: a TOCTOU race or permission error between\n // existsSync and readFileSync must NOT throw out of plan(). Fall back to\n // a secret-free marker rather than crashing `setup plan`/`--show`.\n let before: string | null = null;\n if (existsSync(envPath)) {\n try {\n before = maskEnvFile(readFileSync(envPath, 'utf-8'));\n } catch {\n before = '(unreadable)';\n }\n }\n const rawToken = readEnvValue(ctx.configDir, 'RULEMETRIC_ACCESS_TOKEN');\n const tokenDisplay = rawToken ? maskToken(rawToken) : maskToken('<token-from-login>');\n // Reconstruct EXACTLY what `auth login`'s saveEnvFile writes so the diff\n // doesn't show phantom changes: line order [TOKEN, KEY?, URL?], the key\n // preserved (masked) when present, and the URL sourced from\n // process.env.RULEMETRIC_API_URL \u2014 the same value login passes \u2014 and OMITTED\n // when unset (login writes no URL line then). All masking preserved; the raw\n // token/key are never emitted.\n const afterLines = [`RULEMETRIC_ACCESS_TOKEN=${tokenDisplay}`];\n const rawApiKey = readEnvValue(ctx.configDir, 'RULEMETRIC_API_KEY');\n if (rawApiKey) {\n afterLines.push(`RULEMETRIC_API_KEY=${maskToken(rawApiKey)}`);\n }\n const loginUrl = process.env.RULEMETRIC_API_URL;\n if (loginUrl) {\n afterLines.push(`RULEMETRIC_API_URL=${loginUrl}`);\n }\n const after = afterLines.join('\\n');\n return {\n id: 'auth',\n title: 'Authenticate',\n command: 'rulemetric auth login',\n artifacts: [\n {\n path: envPath,\n kind: 'file',\n before,\n after,\n masked: true,\n },\n // `auth login` (saveToken) also writes auth.json \u2014 disclose it so the\n // plan matches every file apply() touches.\n {\n path: join(ctx.configDir, 'auth.json'),\n kind: 'file',\n before: existsSync(join(ctx.configDir, 'auth.json')) ? '(existing session tokens)' : null,\n after: '{ accessToken, refreshToken, expiresAt, email } \u2014 OAuth session tokens (secret)',\n masked: true,\n },\n ],\n };\n },\n async apply(): Promise<void> {\n runCommand('rulemetric auth login');\n },\n },\n {\n id: 'hooks',\n title: 'Install hooks + capture proxy',\n // Default onboarding installs the FULL capture path: session hooks PLUS the\n // MITM proxy (rendered-system-prompt / instruction linking + cross-tool\n // capture). Every invasive side effect is disclosed up front in plan()\n // below \u2014 nothing is silent. `hooks install` fails SAFE: if the CA sudo\n // trust is declined it degrades to hooks-only (no machine-wide proxy pin),\n // and HTTPS_PROXY is only pinned once the gateway actually answers on\n // :8787 \u2014 so the default never bricks Claude Code. detect() greens on the\n // capture hooks being present, so `coreComplete` is reachable even when the\n // user declines the proxy.\n command: 'rulemetric hooks install',\n async detect(ctx): Promise<boolean> {\n // Current installs write machine-local hooks to settings.local.json;\n // legacy installs wrote the shared settings.json. Claude Code merges and\n // runs hooks from both, so presence in EITHER file means capture is wired\n // up. Ready when capture hooks are actually present \u2014 NOT when a proxy\n // env var was written (that greened even against a dead proxy port). The\n // proxy is a best-effort upgrade layered on top; hooks presence is the\n // honest \"capture is working\" signal.\n for (const fileName of ['settings.local.json', 'settings.json']) {\n const settingsPath = join(ctx.projectPath, '.claude', fileName);\n if (!existsSync(settingsPath)) continue;\n try {\n const settings = JSON.parse(readFileSync(settingsPath, 'utf-8')) as Record<string, unknown>;\n if (hasRulemetricClaudeHooks(settings)) return true;\n } catch {\n /* unparseable \u2014 treat as absent */\n }\n }\n return false;\n },\n async plan(ctx): Promise<StepPlan> {\n const settingsPath = join(ctx.projectPath, '.claude', 'settings.local.json');\n const { before, after } = projectHooksSettings(ctx.projectPath);\n const artifacts: Artifact[] = [\n { path: settingsPath, kind: 'file', before, after },\n // Disclose what the hooks DO, not just that they're registered \u2014 these\n // are the privacy-relevant behaviors a user is consenting to.\n {\n path: 'what these hooks capture',\n kind: 'service',\n before: null,\n after:\n 'session-end reimports the FULL transcript to the API; post-tool-use records each ' +\n 'tool call and snapshots the working tree to a LOCAL shadow git ref (paper-trail, ' +\n 'never pushed); user-prompt posts prompt text. All scoped to sessions in this project.',\n },\n // FULL DISCLOSURE of the proxy layer \u2014 every invasive side effect of\n // `hooks install` \u00A72 is enumerated here so the default path hides\n // nothing. Each degrades gracefully (see the step comment): a declined\n // CA-trust sudo skips the machine-wide layer and stays hooks-only.\n {\n // The proxy env block `hooks install` \u00A72 adds to the SAME\n // .claude/settings.local.json (HTTPS_PROXY / NO_PROXY / NODE_EXTRA_CA_CERTS).\n path: `${settingsPath} (proxy env block)`,\n kind: 'file',\n ...projectProxyEnvSettings(ctx.projectPath),\n },\n {\n path: 'system keychain \u2014 mitmproxy root CA',\n kind: 'service',\n before: existsSync(CERT_PATH) ? '(CA generated; trust state unchanged)' : '(no CA yet)',\n after:\n 'Installs + trusts the mitmproxy CA (requires sudo). This lets the ' +\n 'proxy DECRYPT Claude Code HTTPS request/response bodies \u2014 the ' +\n 'capability that powers rendered-system-prompt / instruction linking. ' +\n 'Decline the sudo prompt and setup stays hooks-only (still fully onboarded).',\n },\n {\n path: 'launchctl setenv HTTPS_PROXY (machine-wide, all GUI apps)',\n kind: 'command',\n before: null,\n after: `http://localhost:${GATEWAY_PORT} \u2014 routes every GUI app's HTTPS through the local gateway (only when the CA is trusted AND :${GATEWAY_PORT} is live)`,\n },\n {\n path: 'VS Code + Cursor user settings (http.proxy)',\n kind: 'file',\n before: null,\n after: `http.proxy \u2192 http://localhost:${GATEWAY_PORT} (+ http.proxyStrictSSL=false)`,\n },\n {\n path: `gateway process on :${GATEWAY_PORT}`,\n kind: 'service',\n before: null,\n after: 'started (routes Claude Code \u2192 mitmproxy \u2192 Anthropic; falls back to direct if mitmproxy is down)',\n },\n ];\n // Migration disclosure: when a legacy/poisoned shared settings.json still\n // carries RuleMetric machine-local state, install strips it (the state\n // moves to settings.local.json above). That is a write to a typically\n // checked-in file, so the plan must name it.\n const sharedMigration = projectSharedSettingsMigration(ctx.projectPath);\n if (sharedMigration) {\n artifacts.push({\n path: `${join(ctx.projectPath, '.claude', 'settings.json')} (removes RuleMetric machine-local state left by an older install \u2014 see the local-file artifacts above for where it moves)`,\n kind: 'file',\n ...sharedMigration,\n });\n }\n // Workspace-level editor configs, only if those dirs exist here.\n for (const tool of detectInstalledTools(ctx.projectPath).filter((t) => t === 'cursor' || t === 'copilot_agent')) {\n artifacts.push({\n path: `${ctx.projectPath} (${tool} workspace proxy config)`,\n kind: 'file',\n before: null,\n after: `proxy \u2192 http://localhost:${GATEWAY_PORT}`,\n });\n }\n // Cross-tool USER-level hooks \u2014 disclosed here, and (post-F2) written ONLY\n // when the tool is already present so we never manufacture config for a\n // tool the user doesn't have.\n for (const [tool, home, file] of [\n ['Cursor', join(homedir(), '.cursor'), join(homedir(), '.cursor', 'hooks.json')],\n ['Antigravity/Gemini', join(homedir(), '.gemini'), join(homedir(), '.gemini', 'config', 'hooks.json')],\n ] as const) {\n if (existsSync(home)) {\n artifacts.push({\n path: `${file} (${tool} user hooks)`,\n kind: 'file',\n before: existsSync(file) ? '(existing config)' : null,\n after: 'adds RuleMetric session-capture hooks for this tool',\n });\n }\n }\n return {\n id: 'hooks',\n title: 'Install hooks + capture proxy',\n command: 'rulemetric hooks install',\n artifacts,\n };\n },\n async apply(): Promise<void> {\n runCommand('rulemetric hooks install');\n },\n },\n {\n id: 'worker',\n title: 'Run the worker',\n command: 'rulemetric service install --worker-only',\n async detect(): Promise<boolean> {\n return workerActive();\n },\n async plan(): Promise<StepPlan> {\n const isMac = process.platform === 'darwin';\n const servicePath = isMac ? WORKER_PLIST_PATH : WORKER_SYSTEMD_PATH;\n // SECURITY: never read the installed plist/systemd unit into `before` \u2014\n // those files embed RULEMETRIC_ACCESS_TOKEN / RULEMETRIC_API_KEY verbatim\n // (service/install.ts writes them from ALLOWED_ENV_VARS), so echoing the\n // file contents would leak the raw secret through `plan`, `--show`, and\n // `--json`. Use a synthetic, secret-free marker for the current state.\n const before = existsSync(servicePath)\n ? `(service already installed at ${servicePath})`\n : null;\n // Concise representation (path + ExecStart node/cli invocation) rather\n // than reconstructing the full plist \u2014 keep read-only + legible.\n const after = isMac\n ? [\n `Label: com.rulemetric.worker`,\n `ProgramArguments: <node> <cli>/bin/run.js evals agent`,\n `RunAtLoad: true, KeepAlive: true`,\n ].join('\\n')\n : [\n `[Service]`,\n `ExecStart=<node> <cli>/bin/run.js evals agent`,\n `Restart=on-failure`,\n ].join('\\n');\n return {\n id: 'worker',\n title: 'Run the worker',\n command: 'rulemetric service install --worker-only',\n artifacts: [\n { path: servicePath, kind: 'service', before, after },\n ],\n };\n },\n async apply(): Promise<void> {\n runCommand('rulemetric service install --worker-only');\n },\n },\n];\n\nconst STEP_BY_ID = new Map<StepId, SetupStep>(STEPS.map((s) => [s.id, s]));\n\nexport function getStep(id: StepId): SetupStep {\n const step = STEP_BY_ID.get(id);\n if (!step) throw new Error(`Unknown setup step: ${id}`);\n return step;\n}\n\nexport function isStepId(value: string): value is StepId {\n return (ALL_STEP_IDS as readonly string[]).includes(value);\n}\n\n/**\n * Keys whose values are safe to show verbatim in the env-file diff. Everything\n * NOT in this set is masked. Deny-by-default is deliberate: `~/.config/rulemetric/env`\n * can legitimately hold DATABASE_URL, SUPABASE_SERVICE_ROLE_KEY, SUPABASE_JWT_SECRET,\n * GITHUB_TOKEN, RESEND_API_KEY, etc. (see ALLOWED_ENV_VARS in service/install.ts),\n * so an allowlist-to-hide would leak any secret we forgot to enumerate. Revealing\n * only known-safe keys means a future secret added to the file is masked automatically.\n */\nconst SAFE_ENV_KEYS = new Set([\n 'RULEMETRIC_API_URL',\n 'RULEMETRIC_USER_ID',\n 'RULEMETRIC_CLIENT_NAME',\n 'RESEND_FROM_EMAIL',\n 'SENTRY_DSN', // a DSN is not a secret\n 'PG_POOL_MAX',\n 'PG_IDLE_TIMEOUT',\n 'PG_STATEMENT_TIMEOUT_MS',\n 'NODE_ENV',\n]);\n\n/**\n * Mask secret-bearing lines in a raw env file for display. Deny-by-default:\n * every `KEY=value` line has its value masked unless KEY is in SAFE_ENV_KEYS.\n * Non-assignment lines (comments, blanks) pass through untouched.\n */\nfunction maskEnvFile(content: string): string {\n return content\n .replace(/\\n$/, '')\n .split('\\n')\n .map((line) => {\n const match = line.match(/^([A-Z0-9_]+)=(.+)$/);\n if (!match) return line; // comment / blank / non-assignment\n const [, key, value] = match;\n return SAFE_ENV_KEYS.has(key) ? line : `${key}=${maskToken(value)}`;\n })\n .join('\\n');\n}\n\n/**\n * Run every step's detect() and derive the overall status. `currentStepId` is\n * the first incomplete step in core order (mirrors the web reducer).\n */\nexport async function computeStatus(ctx: SetupContext = defaultContext()): Promise<SetupStatus> {\n const steps: StepStatus[] = [];\n for (const step of STEPS) {\n // Sequential: detect() may hit the network; order is stable + cheap.\n // eslint-disable-next-line no-await-in-loop\n const done = await step.detect(ctx);\n steps.push({ id: step.id, done });\n }\n // Monotonicity (mirrors the web reducer's `cliDetected`): the CLI binary must\n // exist to produce ANY downstream signal, so `install` greens whenever auth,\n // hooks, or worker is detected \u2014 even if `install.detect()` alone (which only\n // sees auth/worker, not hooks) came back false. Without this, a user with\n // hooks installed but no live worker sees \"Install the CLI: waiting\" while\n // \"Install hooks: done\" \u2014 a contradiction.\n const install = steps.find((s) => s.id === 'install');\n if (install && !install.done) {\n install.done = steps.some((s) => s.id !== 'install' && s.done);\n }\n\n // coreComplete + currentStepId are derived from CORE steps only. The proxy now\n // ships inside the `hooks` step (whose detect() greens on hooks-presence, so a\n // declined CA still completes it); any future OPTIONAL_STEP_IDS never block\n // \"done\" or steal the cursor. Mirrors the web reducer's optional-step handling.\n const coreIds = new Set<string>(CORE_STEP_IDS);\n const coreSteps = steps.filter((s) => coreIds.has(s.id));\n const currentStepId = coreSteps.find((s) => !s.done)?.id ?? null;\n const coreComplete = coreSteps.every((s) => s.done);\n return { steps, coreComplete, currentStepId };\n}\n"],
5
+ "mappings": ";;;;;;;;;;;;;;;;;;;AAAA,SAAS,gBAAgB;AACzB,SAAS,YAAY,oBAAoB;AACzC,SAAS,eAAe;AACxB,SAAS,YAAY;AAkCd,IAAM,gBAAgB,CAAC,WAAW,QAAQ,SAAS,QAAQ;AAO3D,IAAM,oBAAoB,CAAC;AAC3B,IAAM,eAAe,CAAC,GAAG,eAAe,GAAG,iBAAiB;AAiD5D,SAAS,iBAA+B;AAC7C,SAAO;AAAA,IACL,aAAa,QAAQ,IAAI;AAAA,IACzB,WAAW,oBAAoB;AAAA,EACjC;AACF;AAEA,IAAM,YAAY,KAAK,QAAQ,GAAG,cAAc,uBAAuB;AAMhE,SAAS,UAAU,GAAmB;AAC3C,MAAI,CAAC,EAAG,QAAO;AACf,MAAI,EAAE,UAAU,EAAG,QAAO,IAAI,OAAO,EAAE,MAAM;AAC7C,QAAM,OAAO,EAAE,MAAM,GAAG,CAAC;AACzB,QAAM,OAAO,EAAE,MAAM,EAAE;AACvB,SAAO,GAAG,IAAI,GAAG,IAAI,OAAO,KAAK,IAAI,GAAG,EAAE,SAAS,CAAC,CAAC,CAAC,GAAG,IAAI;AAC/D;AAMO,SAAS,WAAW,QAAuB,OAA8B;AAC9E,QAAM,cAAc,WAAW,OAAO,CAAC,IAAI,OAAO,QAAQ,OAAO,EAAE,EAAE,MAAM,IAAI;AAC/E,QAAM,aAAa,UAAU,OAAO,CAAC,IAAI,MAAM,QAAQ,OAAO,EAAE,EAAE,MAAM,IAAI;AAC5E,QAAM,MAAgB,CAAC;AACvB,QAAM,MAAM,KAAK,IAAI,YAAY,QAAQ,WAAW,MAAM;AAC1D,WAAS,IAAI,GAAG,IAAI,KAAK,KAAK;AAC5B,UAAM,IAAI,YAAY,CAAC;AACvB,UAAM,IAAI,WAAW,CAAC;AACtB,QAAI,MAAM,GAAG;AACX,UAAI,KAAK,IAAI,CAAC,EAAE;AAAA,IAClB,OAAO;AACL,UAAI,MAAM,OAAW,KAAI,KAAK,IAAI,CAAC,EAAE;AACrC,UAAI,MAAM,OAAW,KAAI,KAAK,IAAI,CAAC,EAAE;AAAA,IACvC;AAAA,EACF;AACA,SAAO,IAAI,KAAK,IAAI;AACtB;AAGA,SAAS,aAAa,WAAmB,KAA4B;AACnE,QAAM,UAAU,KAAK,WAAW,KAAK;AACrC,MAAI,CAAC,WAAW,OAAO,EAAG,QAAO;AACjC,MAAI;AACF,UAAM,UAAU,aAAa,SAAS,OAAO;AAC7C,UAAM,QAAQ,QAAQ,MAAM,IAAI,OAAO,IAAI,GAAG,UAAU,GAAG,CAAC;AAC5D,WAAO,QAAQ,MAAM,CAAC,IAAI;AAAA,EAC5B,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAeA,eAAe,eAAiC;AAC9C,MAAI,CAAC,gBAAgB,EAAG,QAAO;AAC/B,MAAI;AACF,UAAM,SAAS,MAAM,QAAQ,KAAK;AAAA,MAChC,OAIG,mBAAmB;AAAA,MACtB,IAAI;AAAA,QAAe,CAAC,GAAG,WACrB,WAAW,MAAM,OAAO,IAAI,MAAM,sBAAsB,CAAC,GAAG,IAAI;AAAA,MAClE;AAAA,IACF,CAAC;AACD,WAAO,QAAQ,iBAAiB;AAAA,EAClC,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAGA,SAAS,oBACP,aACA,UAC8D;AAC9D,QAAM,eAAe,KAAK,aAAa,WAAW,QAAQ;AAC1D,MAAI,WAAoC,CAAC;AACzC,MAAI,SAAwB;AAC5B,MAAI,WAAW,YAAY,GAAG;AAC5B,QAAI;AACF,eAAS,aAAa,cAAc,OAAO,EAAE,QAAQ,OAAO,EAAE;AAC9D,iBAAW,KAAK,MAAM,MAAM;AAAA,IAC9B,QAAQ;AACN,iBAAW,CAAC;AAAA,IACd;AAAA,EACF;AACA,SAAO,EAAE,UAAU,OAAO;AAC5B;AAUA,SAAS,qBAAqB,aAA+D;AAC3F,QAAM,EAAE,UAAU,OAAO,IAAI,oBAAoB,aAAa,qBAAqB;AACnF,uBAAqB,QAAQ;AAC7B,SAAO,EAAE,QAAQ,OAAO,KAAK,UAAU,UAAU,MAAM,CAAC,EAAE;AAC5D;AAMA,SAAS,wBAAwB,aAA+D;AAC9F,QAAM,EAAE,UAAU,OAAO,IAAI,oBAAoB,aAAa,qBAAqB;AACnF,QAAM,MAAM,EAAE,GAAK,SAAS,OAAkC,CAAC,EAAG;AAClE,MAAI,cAAc,oBAAoB,YAAY;AAClD,MAAI,WAAW;AACf,MAAI,sBAAsB;AAC1B,SAAO,EAAE,QAAQ,OAAO,KAAK,UAAU,EAAE,GAAG,UAAU,IAAI,GAAG,MAAM,CAAC,EAAE;AACxE;AASA,SAAS,+BAA+B,aAAsE;AAC5G,QAAM,EAAE,UAAU,OAAO,IAAI,oBAAoB,aAAa,eAAe;AAC7E,MAAI,WAAW,KAAM,QAAO;AAC5B,QAAM,EAAE,QAAQ,IAAI,6BAA6B,UAAU,YAAY;AACvE,MAAI,CAAC,QAAS,QAAO;AACrB,SAAO,EAAE,QAAQ,OAAO,KAAK,UAAU,UAAU,MAAM,CAAC,EAAE;AAC5D;AAEA,IAAM,oBAAoB,KAAK,QAAQ,GAAG,WAAW,gBAAgB,6BAA6B;AAClG,IAAM,sBAAsB,KAAK,QAAQ,GAAG,WAAW,WAAW,QAAQ,2BAA2B;AAGrG,SAAS,WAAW,KAAmB;AACrC,WAAS,KAAK,EAAE,OAAO,UAAU,CAAC;AACpC;AAEO,IAAM,QAAqB;AAAA,EAChC;AAAA,IACE,IAAI;AAAA,IACJ,OAAO;AAAA,IACP,SAAS;AAAA;AAAA;AAAA,IAGT,MAAM,SAA2B;AAC/B,aAAO,gBAAgB,KAAM,MAAM,aAAa;AAAA,IAClD;AAAA,IACA,MAAM,OAA0B;AAC9B,aAAO;AAAA,QACL,IAAI;AAAA,QACJ,OAAO;AAAA,QACP,SAAS;AAAA,QACT,WAAW;AAAA,UACT;AAAA,YACE,MAAM;AAAA,YACN,MAAM;AAAA,YACN,QAAQ;AAAA,YACR,OAAO;AAAA,UACT;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA,IACA,MAAM,QAAuB;AAC3B,iBAAW,gCAAgC;AAAA,IAC7C;AAAA,EACF;AAAA,EACA;AAAA,IACE,IAAI;AAAA,IACJ,OAAO;AAAA,IACP,SAAS;AAAA,IACT,MAAM,SAA2B;AAC/B,aAAO,gBAAgB;AAAA,IACzB;AAAA,IACA,MAAM,KAAK,KAAwB;AACjC,YAAM,UAAU,KAAK,IAAI,WAAW,KAAK;AAKzC,UAAI,SAAwB;AAC5B,UAAI,WAAW,OAAO,GAAG;AACvB,YAAI;AACF,mBAAS,YAAY,aAAa,SAAS,OAAO,CAAC;AAAA,QACrD,QAAQ;AACN,mBAAS;AAAA,QACX;AAAA,MACF;AACA,YAAM,WAAW,aAAa,IAAI,WAAW,yBAAyB;AACtE,YAAM,eAAe,WAAW,UAAU,QAAQ,IAAI,UAAU,oBAAoB;AAOpF,YAAM,aAAa,CAAC,2BAA2B,YAAY,EAAE;AAC7D,YAAM,YAAY,aAAa,IAAI,WAAW,oBAAoB;AAClE,UAAI,WAAW;AACb,mBAAW,KAAK,sBAAsB,UAAU,SAAS,CAAC,EAAE;AAAA,MAC9D;AACA,YAAM,WAAW,QAAQ,IAAI;AAC7B,UAAI,UAAU;AACZ,mBAAW,KAAK,sBAAsB,QAAQ,EAAE;AAAA,MAClD;AACA,YAAM,QAAQ,WAAW,KAAK,IAAI;AAClC,aAAO;AAAA,QACL,IAAI;AAAA,QACJ,OAAO;AAAA,QACP,SAAS;AAAA,QACT,WAAW;AAAA,UACT;AAAA,YACE,MAAM;AAAA,YACN,MAAM;AAAA,YACN;AAAA,YACA;AAAA,YACA,QAAQ;AAAA,UACV;AAAA;AAAA;AAAA,UAGA;AAAA,YACE,MAAM,KAAK,IAAI,WAAW,WAAW;AAAA,YACrC,MAAM;AAAA,YACN,QAAQ,WAAW,KAAK,IAAI,WAAW,WAAW,CAAC,IAAI,8BAA8B;AAAA,YACrF,OAAO;AAAA,YACP,QAAQ;AAAA,UACV;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA,IACA,MAAM,QAAuB;AAC3B,iBAAW,uBAAuB;AAAA,IACpC;AAAA,EACF;AAAA,EACA;AAAA,IACE,IAAI;AAAA,IACJ,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUP,SAAS;AAAA,IACT,MAAM,OAAO,KAAuB;AAQlC,iBAAW,YAAY,CAAC,uBAAuB,eAAe,GAAG;AAC/D,cAAM,eAAe,KAAK,IAAI,aAAa,WAAW,QAAQ;AAC9D,YAAI,CAAC,WAAW,YAAY,EAAG;AAC/B,YAAI;AACF,gBAAM,WAAW,KAAK,MAAM,aAAa,cAAc,OAAO,CAAC;AAC/D,cAAI,yBAAyB,QAAQ,EAAG,QAAO;AAAA,QACjD,QAAQ;AAAA,QAER;AAAA,MACF;AACA,aAAO;AAAA,IACT;AAAA,IACA,MAAM,KAAK,KAAwB;AACjC,YAAM,eAAe,KAAK,IAAI,aAAa,WAAW,qBAAqB;AAC3E,YAAM,EAAE,QAAQ,MAAM,IAAI,qBAAqB,IAAI,WAAW;AAC9D,YAAM,YAAwB;AAAA,QAC5B,EAAE,MAAM,cAAc,MAAM,QAAQ,QAAQ,MAAM;AAAA;AAAA;AAAA,QAGlD;AAAA,UACE,MAAM;AAAA,UACN,MAAM;AAAA,UACN,QAAQ;AAAA,UACR,OACE;AAAA,QAGJ;AAAA;AAAA;AAAA;AAAA;AAAA,QAKA;AAAA;AAAA;AAAA,UAGE,MAAM,GAAG,YAAY;AAAA,UACrB,MAAM;AAAA,UACN,GAAG,wBAAwB,IAAI,WAAW;AAAA,QAC5C;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,MAAM;AAAA,UACN,QAAQ,WAAW,SAAS,IAAI,0CAA0C;AAAA,UAC1E,OACE;AAAA,QAIJ;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,MAAM;AAAA,UACN,QAAQ;AAAA,UACR,OAAO,oBAAoB,YAAY,qGAAgG,YAAY;AAAA,QACrJ;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,MAAM;AAAA,UACN,QAAQ;AAAA,UACR,OAAO,sCAAiC,YAAY;AAAA,QACtD;AAAA,QACA;AAAA,UACE,MAAM,uBAAuB,YAAY;AAAA,UACzC,MAAM;AAAA,UACN,QAAQ;AAAA,UACR,OAAO;AAAA,QACT;AAAA,MACF;AAKA,YAAM,kBAAkB,+BAA+B,IAAI,WAAW;AACtE,UAAI,iBAAiB;AACnB,kBAAU,KAAK;AAAA,UACb,MAAM,GAAG,KAAK,IAAI,aAAa,WAAW,eAAe,CAAC;AAAA,UAC1D,MAAM;AAAA,UACN,GAAG;AAAA,QACL,CAAC;AAAA,MACH;AAEA,iBAAW,QAAQ,qBAAqB,IAAI,WAAW,EAAE,OAAO,CAAC,MAAM,MAAM,YAAY,MAAM,eAAe,GAAG;AAC/G,kBAAU,KAAK;AAAA,UACb,MAAM,GAAG,IAAI,WAAW,KAAK,IAAI;AAAA,UACjC,MAAM;AAAA,UACN,QAAQ;AAAA,UACR,OAAO,iCAA4B,YAAY;AAAA,QACjD,CAAC;AAAA,MACH;AAIA,iBAAW,CAAC,MAAM,MAAM,IAAI,KAAK;AAAA,QAC/B,CAAC,UAAU,KAAK,QAAQ,GAAG,SAAS,GAAG,KAAK,QAAQ,GAAG,WAAW,YAAY,CAAC;AAAA,QAC/E,CAAC,sBAAsB,KAAK,QAAQ,GAAG,SAAS,GAAG,KAAK,QAAQ,GAAG,WAAW,UAAU,YAAY,CAAC;AAAA,MACvG,GAAY;AACV,YAAI,WAAW,IAAI,GAAG;AACpB,oBAAU,KAAK;AAAA,YACb,MAAM,GAAG,IAAI,KAAK,IAAI;AAAA,YACtB,MAAM;AAAA,YACN,QAAQ,WAAW,IAAI,IAAI,sBAAsB;AAAA,YACjD,OAAO;AAAA,UACT,CAAC;AAAA,QACH;AAAA,MACF;AACA,aAAO;AAAA,QACL,IAAI;AAAA,QACJ,OAAO;AAAA,QACP,SAAS;AAAA,QACT;AAAA,MACF;AAAA,IACF;AAAA,IACA,MAAM,QAAuB;AAC3B,iBAAW,0BAA0B;AAAA,IACvC;AAAA,EACF;AAAA,EACA;AAAA,IACE,IAAI;AAAA,IACJ,OAAO;AAAA,IACP,SAAS;AAAA,IACT,MAAM,SAA2B;AAC/B,aAAO,aAAa;AAAA,IACtB;AAAA,IACA,MAAM,OAA0B;AAC9B,YAAM,QAAQ,QAAQ,aAAa;AACnC,YAAM,cAAc,QAAQ,oBAAoB;AAMhD,YAAM,SAAS,WAAW,WAAW,IACjC,iCAAiC,WAAW,MAC5C;AAGJ,YAAM,QAAQ,QACV;AAAA,QACE;AAAA,QACA;AAAA,QACA;AAAA,MACF,EAAE,KAAK,IAAI,IACX;AAAA,QACE;AAAA,QACA;AAAA,QACA;AAAA,MACF,EAAE,KAAK,IAAI;AACf,aAAO;AAAA,QACL,IAAI;AAAA,QACJ,OAAO;AAAA,QACP,SAAS;AAAA,QACT,WAAW;AAAA,UACT,EAAE,MAAM,aAAa,MAAM,WAAW,QAAQ,MAAM;AAAA,QACtD;AAAA,MACF;AAAA,IACF;AAAA,IACA,MAAM,QAAuB;AAC3B,iBAAW,0CAA0C;AAAA,IACvD;AAAA,EACF;AACF;AAEA,IAAM,aAAa,IAAI,IAAuB,MAAM,IAAI,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC;AAElE,SAAS,QAAQ,IAAuB;AAC7C,QAAM,OAAO,WAAW,IAAI,EAAE;AAC9B,MAAI,CAAC,KAAM,OAAM,IAAI,MAAM,uBAAuB,EAAE,EAAE;AACtD,SAAO;AACT;AAEO,SAAS,SAAS,OAAgC;AACvD,SAAQ,aAAmC,SAAS,KAAK;AAC3D;AAUA,IAAM,gBAAgB,oBAAI,IAAI;AAAA,EAC5B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,CAAC;AAOD,SAAS,YAAY,SAAyB;AAC5C,SAAO,QACJ,QAAQ,OAAO,EAAE,EACjB,MAAM,IAAI,EACV,IAAI,CAAC,SAAS;AACb,UAAM,QAAQ,KAAK,MAAM,qBAAqB;AAC9C,QAAI,CAAC,MAAO,QAAO;AACnB,UAAM,CAAC,EAAE,KAAK,KAAK,IAAI;AACvB,WAAO,cAAc,IAAI,GAAG,IAAI,OAAO,GAAG,GAAG,IAAI,UAAU,KAAK,CAAC;AAAA,EACnE,CAAC,EACA,KAAK,IAAI;AACd;AAMA,eAAsB,cAAc,MAAoB,eAAe,GAAyB;AAC9F,QAAM,QAAsB,CAAC;AAC7B,aAAW,QAAQ,OAAO;AAGxB,UAAM,OAAO,MAAM,KAAK,OAAO,GAAG;AAClC,UAAM,KAAK,EAAE,IAAI,KAAK,IAAI,KAAK,CAAC;AAAA,EAClC;AAOA,QAAM,UAAU,MAAM,KAAK,CAAC,MAAM,EAAE,OAAO,SAAS;AACpD,MAAI,WAAW,CAAC,QAAQ,MAAM;AAC5B,YAAQ,OAAO,MAAM,KAAK,CAAC,MAAM,EAAE,OAAO,aAAa,EAAE,IAAI;AAAA,EAC/D;AAMA,QAAM,UAAU,IAAI,IAAY,aAAa;AAC7C,QAAM,YAAY,MAAM,OAAO,CAAC,MAAM,QAAQ,IAAI,EAAE,EAAE,CAAC;AACvD,QAAM,gBAAgB,UAAU,KAAK,CAAC,MAAM,CAAC,EAAE,IAAI,GAAG,MAAM;AAC5D,QAAM,eAAe,UAAU,MAAM,CAAC,MAAM,EAAE,IAAI;AAClD,SAAO,EAAE,OAAO,cAAc,cAAc;AAC9C;",
6
+ "names": []
7
+ }
@@ -1,6 +1,6 @@
1
1
  import {
2
2
  DEFAULT_API_URL
3
- } from "./chunk-ZRLYHBPN.js";
3
+ } from "./chunk-ZUJBM6HE.js";
4
4
 
5
5
  // src/dashboard/launcher/api.ts
6
6
  function apiUrl() {
@@ -48,4 +48,4 @@ export {
48
48
  cancelLaunchJob,
49
49
  listLaunchers
50
50
  };
51
- //# sourceMappingURL=chunk-W4MZXKZ2.js.map
51
+ //# sourceMappingURL=chunk-UKMLICWS.js.map
@@ -1,9 +1,9 @@
1
1
  import {
2
2
  processConversationJob
3
- } from "./chunk-DR5WLIOU.js";
3
+ } from "./chunk-KJKBDQ4D.js";
4
4
  import {
5
5
  apiPatch
6
- } from "./chunk-ZRLYHBPN.js";
6
+ } from "./chunk-ZUJBM6HE.js";
7
7
 
8
8
  // src/lib/handlers/process-conversation.ts
9
9
  async function processConversation(payload, helpers) {
@@ -20,4 +20,4 @@ async function processConversation(payload, helpers) {
20
20
  export {
21
21
  processConversation
22
22
  };
23
- //# sourceMappingURL=chunk-3POYC5NA.js.map
23
+ //# sourceMappingURL=chunk-XK42ZBDE.js.map