@venturewild/workspace 0.6.3 → 0.6.5

package/server/src/session-reporter.mjs

@@ -1,201 +1,201 @@
-// SessionReporter — the proactive, consented "is this user okay?" feed.
-//
-// WHY: the get-in path is self-serve, but if a real user gets stuck or their
-// install breaks, we were blind unless they ran `operator enable` and messaged
-// us — which makes us a bottleneck (docs/user-experience.md §5). This forwards a
-// LIVE, REDACTED stream of session events + install health to bmo-sync, keyed by
-// account, established at first load — so a stuck/broken user is never invisible
-// and never has to ask.
-//
-// PRIVACY — the load-bearing boundary: this feed carries WHAT happened (a turn
-// ran, tool X fired, an error, token/cost), NEVER the words. Chat text, tool
-// inputs, file contents, and paths are reduced to lengths/counts before anything
-// leaves the machine. Conversation *content* is a separate, separately-consented
-// channel (transcript.mjs). `redactEvent` is an ALLOWLIST projection — any event
-// type we don't explicitly model forwards only `{type}`, so a new event can
-// never leak by default. The matching test asserts a secret typed into a chat
-// turn never appears in the payload.
-//
-// Modeled on error-reporter.mjs (fire-and-forget, rate-limited, disable-able).
-// Gated by BOTH consent (user toggle) AND the shared WILD_WORKSPACE_NO_TELEMETRY
-// kill switch; inert without an accountToken (can't key it) or on a localhost
-// bmo-sync URL (dev).
-
-import os from 'node:os';
-import { APP_VERSION } from './config.mjs';
-
-function sanitizeUsage(u) {
-  if (!u || typeof u !== 'object') return null;
-  const out = {
-    input_tokens: Number(u.input_tokens) || 0,
-    output_tokens: Number(u.output_tokens) || 0,
-  };
-  if (typeof u.cost_usd === 'number') out.cost_usd = u.cost_usd;
-  return out;
-}
-
-/**
- * Project one ActivityBus event to a SAFE shape. Allowlist by type; anything not
- * listed forwards only {type, ts, id}. NEVER returns chat text, tool inputs,
- * file paths, or file contents.
- */
-export function redactEvent(ev) {
-  if (!ev || typeof ev !== 'object') return null;
-  const base = { type: ev.type, ts: ev.ts, id: ev.id };
-  if (ev.messageId) base.messageId = ev.messageId;
-  switch (ev.type) {
-    case 'chat-user':
-      // The user's prompt — length only, never the words.
-      return { ...base, textLen: typeof ev.text === 'string' ? ev.text.length : 0 };
-    case 'chat-stream': {
-      const c = ev.chunk || {};
-      const safe = { ...base, chunkType: c.type };
-      if (c.type === 'text' && typeof c.text === 'string') safe.textLen = c.text.length;
-      // tool NAME is safe ("Edit", "Bash"); the tool INPUT is not — never forward it.
-      if (c.type === 'tool-use') safe.tool = typeof c.name === 'string' ? c.name : c.tool || null;
-      if (c.type === 'usage' && c.usage) safe.usage = sanitizeUsage(c.usage);
-      if (c.type === 'error') safe.hasError = true; // the flag, not the message
-      return safe;
-    }
-    case 'usage':
-      return { ...base, usage: sanitizeUsage(ev.usage) };
-    case 'chat-end':
-      return { ...base, code: ev.code };
-    case 'identity-changed':
-      return { ...base, tone: ev.tone || null }; // tone only; drop the agent's name
-    case 'onboarded':
-      return { ...base, at: ev.at || null };
-    case 'agent-changed':
-      return { ...base, agentId: ev.agentId || null };
-    case 'daemon-status':
-      return { ...base, status: ev.status || null };
-    case 'operator-action':
-      return { ...base, action: ev.action || null }; // action verb, not its detail
-    case 'inbox-change':
-      return { ...base, count: Array.isArray(ev.snapshot) ? ev.snapshot.length : undefined };
-    case 'presence-join':
-    case 'presence-leave':
-    case 'presence-focus':
-      // sessionId + role are safe; `focus` can be a file path → dropped.
-      return { ...base, sessionId: ev.sessionId, role: ev.role };
-    default:
-      // Unknown event → minimal envelope only. Privacy fails CLOSED.
-      return { type: ev.type, ts: ev.ts, id: ev.id };
-  }
-}
-
-const FLUSH_INTERVAL_MS = 15_000; // batch window
-const MAX_BATCH = 50; //            flush early once this many buffer
-const MAX_BUFFER = 500; //          hard cap — drop oldest beyond this
-
-export class SessionReporter {
-  constructor({
-    bmoSyncUrl,
-    accountToken,
-    slug = null,
-    workspaceId = 'workspace',
-    sessionId = null,
-    enabled = true,
-    endpointPath = '/api/telemetry',
-    flushIntervalMs = FLUSH_INTERVAL_MS,
-    maxBatch = MAX_BATCH,
-    fetchImpl = (...a) => globalThis.fetch(...a),
-    nowImpl = () => Date.now(),
-  } = {}) {
-    this.bmoSyncUrl = bmoSyncUrl ? bmoSyncUrl.replace(/\/$/, '') : null;
-    this.accountToken = accountToken || null;
-    this.slug = slug;
-    this.workspaceId = workspaceId;
-    this.sessionId = sessionId;
-    this.endpointPath = endpointPath;
-    this.flushIntervalMs = flushIntervalMs;
-    this.maxBatch = maxBatch;
-    this.fetchImpl = fetchImpl;
-    this.nowImpl = nowImpl;
-    this.buffer = [];
-    this.timer = null;
-    // Inert without a token, without a server, or on localhost (dev).
-    this._capable =
-      Boolean(this.accountToken) &&
-      Boolean(this.bmoSyncUrl) &&
-      !this.bmoSyncUrl.startsWith('http://127') &&
-      !this.bmoSyncUrl.startsWith('http://localhost');
-    this.enabled = enabled !== false && this._capable;
-  }
-
-  /** Live consent toggle — no restart needed when the user flips observability. */
-  setEnabled(on) {
-    this.enabled = Boolean(on) && this._capable;
-    if (!this.enabled) this.buffer = [];
-  }
-
-  /** Feed one ActivityBus event. Redacts + buffers; flushes on size. No-op when off. */
-  ingest(ev) {
-    if (!this.enabled) return;
-    const safe = redactEvent(ev);
-    if (!safe) return;
-    this.buffer.push(safe);
-    if (this.buffer.length > MAX_BUFFER) this.buffer.splice(0, this.buffer.length - MAX_BUFFER);
-    if (this.buffer.length >= this.maxBatch) this.flush();
-  }
-
-  /** POST the install-health snapshot alongside events (called by the supervisor path too). */
-  envelope(events, extra = {}) {
-    return {
-      account_token: this.accountToken,
-      slug: this.slug,
-      workspace_id: this.workspaceId,
-      session_id: this.sessionId,
-      app_version: APP_VERSION,
-      os: `${os.platform()}-${os.arch()}`,
-      sent_at: Math.floor(this.nowImpl() / 1000),
-      events,
-      ...extra,
-    };
-  }
-
-  /** Fire-and-forget flush of the current buffer. Never throws. */
-  flush() {
-    if (!this.enabled || !this.buffer.length) return;
-    const events = this.buffer;
-    this.buffer = [];
-    this._post(this.envelope(events));
-  }
-
-  _post(body) {
-    const url = `${this.bmoSyncUrl}${this.endpointPath}`;
-    const ctrl = new AbortController();
-    const timer = setTimeout(() => ctrl.abort(), 5000);
-    if (timer.unref) timer.unref();
-    let p;
-    try {
-      // Call synchronously so the request is observable without awaiting a tick.
-      p = this.fetchImpl(url, {
-        method: 'POST',
-        headers: { 'content-type': 'application/json' },
-        body: JSON.stringify(body),
-        signal: ctrl.signal,
-      });
-    } catch {
-      clearTimeout(timer);
-      return; // telemetry must never break the user's path
-    }
-    Promise.resolve(p)
-      .catch(() => {})
-      .finally(() => clearTimeout(timer));
-  }
-
-  start() {
-    if (this.timer || !this._capable) return;
-    this.timer = setInterval(() => this.flush(), this.flushIntervalMs);
-    if (this.timer.unref) this.timer.unref(); // never keep the process alive
-  }
-
-  stop() {
-    if (this.timer) {
-      clearInterval(this.timer);
-      this.timer = null;
-    }
-    this.flush();
-  }
-}
+// SessionReporter — the proactive, consented "is this user okay?" feed.
+//
+// WHY: the get-in path is self-serve, but if a real user gets stuck or their
+// install breaks, we were blind unless they ran `operator enable` and messaged
+// us — which makes us a bottleneck (docs/user-experience.md §5). This forwards a
+// LIVE, REDACTED stream of session events + install health to bmo-sync, keyed by
+// account, established at first load — so a stuck/broken user is never invisible
+// and never has to ask.
+//
+// PRIVACY — the load-bearing boundary: this feed carries WHAT happened (a turn
+// ran, tool X fired, an error, token/cost), NEVER the words. Chat text, tool
+// inputs, file contents, and paths are reduced to lengths/counts before anything
+// leaves the machine. Conversation *content* is a separate, separately-consented
+// channel (transcript.mjs). `redactEvent` is an ALLOWLIST projection — any event
+// type we don't explicitly model forwards only `{type}`, so a new event can
+// never leak by default. The matching test asserts a secret typed into a chat
+// turn never appears in the payload.
+//
+// Modeled on error-reporter.mjs (fire-and-forget, rate-limited, disable-able).
+// Gated by BOTH consent (user toggle) AND the shared WILD_WORKSPACE_NO_TELEMETRY
+// kill switch; inert without an accountToken (can't key it) or on a localhost
+// bmo-sync URL (dev).
+
+import os from 'node:os';
+import { APP_VERSION } from './config.mjs';
+
+function sanitizeUsage(u) {
+  if (!u || typeof u !== 'object') return null;
+  const out = {
+    input_tokens: Number(u.input_tokens) || 0,
+    output_tokens: Number(u.output_tokens) || 0,
+  };
+  if (typeof u.cost_usd === 'number') out.cost_usd = u.cost_usd;
+  return out;
+}
+
+/**
+ * Project one ActivityBus event to a SAFE shape. Allowlist by type; anything not
+ * listed forwards only {type, ts, id}. NEVER returns chat text, tool inputs,
+ * file paths, or file contents.
+ */
+export function redactEvent(ev) {
+  if (!ev || typeof ev !== 'object') return null;
+  const base = { type: ev.type, ts: ev.ts, id: ev.id };
+  if (ev.messageId) base.messageId = ev.messageId;
+  switch (ev.type) {
+    case 'chat-user':
+      // The user's prompt — length only, never the words.
+      return { ...base, textLen: typeof ev.text === 'string' ? ev.text.length : 0 };
+    case 'chat-stream': {
+      const c = ev.chunk || {};
+      const safe = { ...base, chunkType: c.type };
+      if (c.type === 'text' && typeof c.text === 'string') safe.textLen = c.text.length;
+      // tool NAME is safe ("Edit", "Bash"); the tool INPUT is not — never forward it.
+      if (c.type === 'tool-use') safe.tool = typeof c.name === 'string' ? c.name : c.tool || null;
+      if (c.type === 'usage' && c.usage) safe.usage = sanitizeUsage(c.usage);
+      if (c.type === 'error') safe.hasError = true; // the flag, not the message
+      return safe;
+    }
+    case 'usage':
+      return { ...base, usage: sanitizeUsage(ev.usage) };
+    case 'chat-end':
+      return { ...base, code: ev.code };
+    case 'identity-changed':
+      return { ...base, tone: ev.tone || null }; // tone only; drop the agent's name
+    case 'onboarded':
+      return { ...base, at: ev.at || null };
+    case 'agent-changed':
+      return { ...base, agentId: ev.agentId || null };
+    case 'daemon-status':
+      return { ...base, status: ev.status || null };
+    case 'operator-action':
+      return { ...base, action: ev.action || null }; // action verb, not its detail
+    case 'inbox-change':
+      return { ...base, count: Array.isArray(ev.snapshot) ? ev.snapshot.length : undefined };
+    case 'presence-join':
+    case 'presence-leave':
+    case 'presence-focus':
+      // sessionId + role are safe; `focus` can be a file path → dropped.
+      return { ...base, sessionId: ev.sessionId, role: ev.role };
+    default:
+      // Unknown event → minimal envelope only. Privacy fails CLOSED.
+      return { type: ev.type, ts: ev.ts, id: ev.id };
+  }
+}
+
+const FLUSH_INTERVAL_MS = 15_000; // batch window
+const MAX_BATCH = 50; //            flush early once this many buffer
+const MAX_BUFFER = 500; //          hard cap — drop oldest beyond this
+
+export class SessionReporter {
+  constructor({
+    bmoSyncUrl,
+    accountToken,
+    slug = null,
+    workspaceId = 'workspace',
+    sessionId = null,
+    enabled = true,
+    endpointPath = '/api/telemetry',
+    flushIntervalMs = FLUSH_INTERVAL_MS,
+    maxBatch = MAX_BATCH,
+    fetchImpl = (...a) => globalThis.fetch(...a),
+    nowImpl = () => Date.now(),
+  } = {}) {
+    this.bmoSyncUrl = bmoSyncUrl ? bmoSyncUrl.replace(/\/$/, '') : null;
+    this.accountToken = accountToken || null;
+    this.slug = slug;
+    this.workspaceId = workspaceId;
+    this.sessionId = sessionId;
+    this.endpointPath = endpointPath;
+    this.flushIntervalMs = flushIntervalMs;
+    this.maxBatch = maxBatch;
+    this.fetchImpl = fetchImpl;
+    this.nowImpl = nowImpl;
+    this.buffer = [];
+    this.timer = null;
+    // Inert without a token, without a server, or on localhost (dev).
+    this._capable =
+      Boolean(this.accountToken) &&
+      Boolean(this.bmoSyncUrl) &&
+      !this.bmoSyncUrl.startsWith('http://127') &&
+      !this.bmoSyncUrl.startsWith('http://localhost');
+    this.enabled = enabled !== false && this._capable;
+  }
+
+  /** Live consent toggle — no restart needed when the user flips observability. */
+  setEnabled(on) {
+    this.enabled = Boolean(on) && this._capable;
+    if (!this.enabled) this.buffer = [];
+  }
+
+  /** Feed one ActivityBus event. Redacts + buffers; flushes on size. No-op when off. */
+  ingest(ev) {
+    if (!this.enabled) return;
+    const safe = redactEvent(ev);
+    if (!safe) return;
+    this.buffer.push(safe);
+    if (this.buffer.length > MAX_BUFFER) this.buffer.splice(0, this.buffer.length - MAX_BUFFER);
+    if (this.buffer.length >= this.maxBatch) this.flush();
+  }
+
+  /** POST the install-health snapshot alongside events (called by the supervisor path too). */
+  envelope(events, extra = {}) {
+    return {
+      account_token: this.accountToken,
+      slug: this.slug,
+      workspace_id: this.workspaceId,
+      session_id: this.sessionId,
+      app_version: APP_VERSION,
+      os: `${os.platform()}-${os.arch()}`,
+      sent_at: Math.floor(this.nowImpl() / 1000),
+      events,
+      ...extra,
+    };
+  }
+
+  /** Fire-and-forget flush of the current buffer. Never throws. */
+  flush() {
+    if (!this.enabled || !this.buffer.length) return;
+    const events = this.buffer;
+    this.buffer = [];
+    this._post(this.envelope(events));
+  }
+
+  _post(body) {
+    const url = `${this.bmoSyncUrl}${this.endpointPath}`;
+    const ctrl = new AbortController();
+    const timer = setTimeout(() => ctrl.abort(), 5000);
+    if (timer.unref) timer.unref();
+    let p;
+    try {
+      // Call synchronously so the request is observable without awaiting a tick.
+      p = this.fetchImpl(url, {
+        method: 'POST',
+        headers: { 'content-type': 'application/json' },
+        body: JSON.stringify(body),
+        signal: ctrl.signal,
+      });
+    } catch {
+      clearTimeout(timer);
+      return; // telemetry must never break the user's path
+    }
+    Promise.resolve(p)
+      .catch(() => {})
+      .finally(() => clearTimeout(timer));
+  }
+
+  start() {
+    if (this.timer || !this._capable) return;
+    this.timer = setInterval(() => this.flush(), this.flushIntervalMs);
+    if (this.timer.unref) this.timer.unref(); // never keep the process alive
+  }
+
+  stop() {
+    if (this.timer) {
+      clearInterval(this.timer);
+      this.timer = null;
+    }
+    this.flush();
+  }
+}