ai-lens 0.8.62 → 0.8.66

package/.commithash

@@ -1 +1 @@
-ee4f839
+695b8c8

package/CHANGELOG.md

@@ -0,0 +1,29 @@
+# Changelog
+
+History of changes to the `ai-lens` CLI package on npm. New entries go on top. Format: `## X.Y.Z — YYYY-MM-DD`, followed by user-facing bullets.
+
+## 0.8.66 — 2026-05-26
+- chore: republish — the npm registry was stuck on 0.8.63 while two patch releases (0.8.64 Codex `apply_patch` multi-file fix and 0.8.65 raw-field preservation on large events) were tagged but never published. Anyone running `npx -y ai-lens init --yes` will now actually receive those fixes.
+- chore: `CHANGELOG.md` now ships inside the published npm package, so it's visible on the npm registry page alongside the README.
+
+## 0.8.65 — 2026-05-26
+- fix: events larger than 10 KB no longer lose their `raw` field. The sender used to silently strip `raw` from any event that didn't fit a 10 KB POST — this hit 17–19% of PostToolUse for active developers, up to 85% of MCPExecution on Cursor, and 61% of UserPromptSubmit on bots with large system prompts. The sender now bundles small events into ~64 KB POSTs and ships any single large event in its own request, untouched. Only `client/sender.js` changed — server limits stay as they were.
+
+## 0.8.64 — 2026-04-29
+- fix: Codex `apply_patch` now persists ALL touched files, not just the first one. Multi-file patches (the common refactor pattern) used to be truncated — `files_modified`, `file_paths_mentioned` on the stats card, and scope/owner attribution all showed only the first file from the patch.
+
+## 0.8.63 — 2026-04-28
+- fix: Codex `exec_command` now records `exit_code` on the `ShellExecution` event. Without it, analysis systematically missed failed tests, builds, and CLI commands — the stats card believed there were no shell errors.
+
+## 0.8.62 — 2026-04-24
+- fix: sessions inside a git worktree are now attributed to the main repository name instead of the worktree branch (names like `agent-a8d9bb19`, `ANL-689` no longer appear as separate "projects"). Regression ANL-729, fixed for Claude Code, Cursor, and Codex.
+- fix: sessions inside a git submodule stay attached to the submodule itself and no longer collapse into the super-project.
+
+## 0.8.61 — 2026-04-14
+- fix: codex-watcher no longer leaks CPU/memory on long-running sessions (ANL-595)
+- perf: new Codex events are read via byte offset instead of re-reading the whole file
+- fix: watcher state is now persisted across restarts — the synthetic SessionEnd is not lost when the process dies mid-rotation
+- fix: the watcher shuts down cleanly when `codexEnabled` is turned off in config
+
+## 0.8.60 and earlier
+Entries were not kept — history can be reconstructed from `git log` and `npm view ai-lens time`.

package/client/codex.js

@@ -305,6 +305,10 @@ function buildSpecificToolEvent(stream, tool, input, parsedOutput, timestamp, ra
       {
         command: input?.cmd || input?.command || null,
         result: parsedOutput.result,
+        // parseToolOutput already extracts exit_code from parsed.metadata —
+        // include it so build-session-stats can detect failed shell commands
+        // by exact signal rather than falling back to the output-text heuristic.
+        exit_code: parsedOutput.exitCode ?? null,
       },
       raw,
     );
@@ -326,15 +330,20 @@ function buildSpecificToolEvent(stream, tool, input, parsedOutput, timestamp, ra
   }
 
   if (tool === 'apply_patch' && wasSuccessful) {
-    const file = extractPatchFiles(input)[0] || null;
-    if (!file) return null;
+    const files = extractPatchFiles(input);
+    if (files.length === 0) return null;
     return buildUnifiedEvent(
       stream,
       'FileEdit',
       timestamp,
       {
-        file,
-        file_path: file,
+        // Legacy single-file aliases (file, file_path) — kept so any consumer
+        // that only reads the first path still works on the new event shape.
+        file: files[0],
+        file_path: files[0],
+        // Full deduplicated array of every file mentioned in the patch.
+        // extractPatchFiles already returns >=1 entry by this branch.
+        file_paths: files,
       },
       raw,
     );

package/client/redact.js

@@ -50,7 +50,9 @@ const PATTERNS = [
   },
 
   // Generic sk- key (must come after sk-ant- and sk-proj-)
-  { type: 'API_KEY', re: /sk-[A-Za-z0-9_-]{32,}/g },
+  // 16+ chars catches LiteLLM virtual keys (22 chars) and most other sk-
+  // formats; OpenAI 48-char keys still match. Lowered from 32 after leak.
+  { type: 'API_KEY', re: /sk-[A-Za-z0-9_-]{16,}/g },
 
   // Stripe secret key (live only — test keys intentionally not redacted)
   { type: 'STRIPE_SECRET', re: /sk_live_[A-Za-z0-9]{24,}/g },
@@ -120,6 +122,17 @@ const PATTERNS = [
     replacer: (m, prefix, _val) => `${prefix}[REDACTED:KEY_VALUE]`,
   },
 
+  // Form-input "value" fields next to a "Password" / "Token" / "API Key" /
+  // "Secret" field name. Catches browser_fill_form / form_input MCP payloads
+  // where the literal password sits in `value`, not `password`:
+  //   {"name":"Password","value":"<password>"}
+  //   {"fields":[{"name":"Password","type":"textbox","value":"…"}]}
+  {
+    type: 'FORM_VALUE',
+    re: /("name"\s*:\s*"(?:[Pp]assword|[Tt]oken|[Ss]ecret|API\s?Key)[^"]{0,40}"[^}]{0,200}?"value"\s*:\s*")([^"]{4,})/g,
+    replacer: (m, prefix, _val) => `${prefix}[REDACTED:FORM_VALUE]`,
+  },
+
   // Russian key-value pairs: пароль=..., секрет: ..., токен: ..., ключ: ...
   // Separate pattern because \b does not work with Cyrillic (\w is ASCII-only)
   {

package/client/sender.js

@@ -61,7 +61,13 @@ export function rotateLog(logPath = LOG_PATH, maxAgeDays = LOG_MAX_AGE_DAYS) {
 }
 
 export const MAX_QUEUE_SIZE  = 10_000;
-export const MAX_CHUNK_BYTES = 10 * 1024; // 10 KB per POST — small enough to retry cheaply on flaky networks
+// Bundling threshold only — when we have many small events, pack them into
+// POSTs of roughly this size. A single event larger than the target is sent
+// as its own chunk untouched (see chunkEvents). The earlier 10 KB cap
+// silently stripped `raw` from any event over the limit (PostToolUse with
+// large MCP outputs, UserPromptSubmit with bot system prompts), which broke
+// downstream analysis. Server accepts up to express.json's 50 MB anyway.
+export const BATCH_TARGET_BYTES = 64 * 1024;
 export const LOCK_MAX_AGE_MS = 5 * 60 * 1000;   // 5 minutes
 export const SENDER_BACKOFF_MS = 30_000;
 
@@ -546,13 +552,15 @@ export function groupByDeveloper(events, hasAuthToken = false) {
 }
 
 // =============================================================================
-// chunkEvents (unchanged)
+// chunkEvents
 // =============================================================================
 
 /**
- * Split an array of events into chunks that fit within MAX_CHUNK_BYTES.
+ * Bundle events into POSTs targeting `maxBytes`. A single event larger than
+ * the target gets its own chunk — we never split or strip it. The server
+ * accepts up to 50 MB and rejects events > 4 MB on its own.
  */
-export function chunkEvents(events, maxBytes = MAX_CHUNK_BYTES) {
+export function chunkEvents(events, maxBytes = BATCH_TARGET_BYTES) {
   const chunks = [];
   let chunk = [];
   let chunkSize = 2; // opening '[' + closing ']'
@@ -576,38 +584,6 @@ export function chunkEvents(events, maxBytes = MAX_CHUNK_BYTES) {
   return chunks;
 }
 
-// =============================================================================
-// filterOversized (unchanged)
-// =============================================================================
-
-/**
- * Filter out oversized events, salvaging those with a `raw` field by stripping it.
- */
-export function filterOversized(batch, maxBytes = MAX_CHUNK_BYTES) {
-  const sendable = [];
-  const droppedIds = new Set();
-  for (const evt of batch) {
-    let evtBytes = Buffer.byteLength(JSON.stringify(evt));
-    // Work on a shallow copy — never mutate the input array element.
-    // The original object in pending/ must not be modified.
-    let candidate = evt;
-    if (evtBytes > maxBytes && evt.raw !== undefined) {
-      const originalBytes = evtBytes;
-      candidate = { ...evt };
-      delete candidate.raw;
-      evtBytes = Buffer.byteLength(JSON.stringify(candidate));
-      log({ msg: 'stripped-raw-oversized', event_id: evt.event_id, type: evt.type, original_bytes: originalBytes, stripped_bytes: evtBytes });
-    }
-    if (evtBytes > maxBytes) {
-      log({ msg: 'skip-oversized', event_id: evt.event_id, type: evt.type, bytes: evtBytes, limit: maxBytes });
-      if (evt.event_id) droppedIds.add(evt.event_id);
-    } else {
-      sendable.push(candidate);
-    }
-  }
-  return { sendable, droppedIds };
-}
-
 // =============================================================================
 // HTTP
 // =============================================================================
@@ -797,9 +773,7 @@ async function main() {
 
   try {
     for (const { identity, events: batch } of byDeveloper.values()) {
-      const { sendable, droppedIds } = filterOversized(batch);
-      for (const id of droppedIds) sentEventIds.add(id);
-      const chunks = chunkEvents(sendable);
+      const chunks = chunkEvents(batch);
       let totalReceived = 0;
       for (const chunk of chunks) {
         const result = await postEvents(serverUrl, chunk, identity, hasAuthToken ? authToken : null, { lockPath });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "ai-lens",
-  "version": "0.8.62",
+  "version": "0.8.66",
   "type": "module",
   "description": "Centralized session analytics for AI coding tools",
   "bin": {
@@ -11,7 +11,8 @@
     "cli/",
     "client/",
     ".commithash",
-    "README.md"
+    "README.md",
+    "CHANGELOG.md"
   ],
   "scripts": {
     "prepare": "git rev-parse --short HEAD > .commithash 2>/dev/null || true; git config core.hooksPath .githooks 2>/dev/null || true",