autokap 1.9.0 → 1.9.1

package/dist/analytics-blocklist.d.ts

@@ -0,0 +1,85 @@
+import type { BrowserContext } from 'playwright';
+/**
+ * Privacy-signal request headers attached to every capture context.
+ *
+ * These are standard, widely-sent browser headers (Firefox sends `DNT`, Brave
+ * sends `Sec-GPC`), so they're invisible to origin anti-bot defenses — they
+ * only ever observe a normal first-party page load. Privacy-first analytics
+ * (Plausible, Fathom, …) honor them and suppress the pageview, which
+ * complements the network-level blocking below for the providers that respect
+ * the signal. Free, zero-risk belt-and-suspenders.
+ */
+export declare const PRIVACY_HEADERS: Record<string, string>;
+/**
+ * Hostnames of DEDICATED web-analytics / product-telemetry / session-replay
+ * endpoints. These domains serve ONLY analytics, so aborting requests to them
+ * during a capture has zero functional impact on the page being screenshotted —
+ * it only prevents AutoKap's automated visit from registering as a phantom
+ * "visitor" in the site owner's analytics (AUT-234).
+ *
+ * Matched by exact host OR sub-domain suffix
+ * (`host === h || host.endsWith('.' + h)`), so regional shards
+ * (`eu.i.posthog.com`, `region1.google-analytics.com`, `*.matomo.cloud`, …) are
+ * covered without enumerating each one.
+ *
+ * Deliberately ABSENT: `googletagmanager.com`. GTM can inject functional tags,
+ * and loading `gtm.js` does NOT itself record a visit — the GA *beacon* to
+ * `google-analytics.com` does, and that host IS blocked. So we neutralize the
+ * GA visit without risking a broken page.
+ *
+ * Self-hosted / first-party-proxied analytics (e.g. Plausible reverse-proxied
+ * on the site's own domain) is intentionally NOT covered: it reads as
+ * first-party (see the `isFirstPartyUrl` guard in {@link installAnalyticsBlock})
+ * and is impossible to detect universally. That edge case is out of scope by
+ * design — catching it would depend on per-site configuration.
+ */
+export declare const ANALYTICS_HOSTS: readonly string[];
+/**
+ * True when `url` targets a dedicated web-analytics *ingestion* endpoint (see
+ * {@link ANALYTICS_HOSTS}). Host-suffix aware so regional/sub-domain shards
+ * match their parent. Fail-CLOSED on unparseable or non-http(s) URLs (returns
+ * `false`): we never abort a request we can't confidently classify.
+ *
+ * For hosts that co-serve functional config on the same domain as their
+ * analytics (PostHog), only the event-capture paths count — feature-flag /
+ * config / library paths are preserved so the captured UI never changes
+ * (see {@link POSTHOG_FUNCTIONAL_PATH_RE}).
+ */
+export declare function isAnalyticsRequest(url: string): boolean;
+/**
+ * The per-request block decision, factored out of {@link installAnalyticsBlock}
+ * so the guard composition is unit-testable without a real browser context.
+ *
+ * Blocks ONLY a third-party analytics request. A first-party one — analytics
+ * self-hosted or reverse-proxied on the captured site's OWN domain — is
+ * preserved so we can never break the site's own functionality.
+ *
+ * `pageUrl` is the request's frame URL. When it's empty/unknown (a request in
+ * flight before the first navigation commits, a detached/teardown frame, some
+ * worker-originated requests) `isFirstPartyUrl` fail-OPENS to first-party, so
+ * the beacon is NOT aborted. That's the deliberate safe direction — never break
+ * a page — at the cost of a rare phantom-visit leak in that narrow window; real
+ * analytics beacons fire after navigation commits, so the frame URL is present.
+ */
+export declare function shouldBlockAnalyticsRequest(pageUrl: string, requestUrl: string): boolean;
+/**
+ * Install a context-level route that aborts outgoing requests to dedicated
+ * third-party analytics endpoints, so capturing a site never registers a
+ * phantom "visit" in its analytics (AUT-234).
+ *
+ * Only THIRD-party analytics is blocked (the `!isFirstPartyUrl` guard): a
+ * first-party request is never aborted, so we can never break the captured
+ * site's own functionality. Aborting a third-party beacon is invisible to the
+ * origin's anti-bot (it only ever sees a normal first-party page load) — exactly
+ * what an ad-blocker does — so this carries no risk of tripping bot defenses.
+ *
+ * Registered at the CONTEXT level so it (a) covers every page/frame in the
+ * context, (b) survives `page.unrouteAll()` from `clearRouteInterception()`
+ * (which only clears page-level routes), and (c) composes with the page-level
+ * mock routes from `setupRouteInterception()` — page routes run first; this
+ * catch-all `fallback()`s every non-analytics request back to the network (or
+ * the next handler). Aborting also lowers in-flight count, which only helps
+ * `networkidle` settle. The adaptive-wait progress signal already ignores
+ * third-party traffic (AUT-240), so there's no interaction there.
+ */
+export declare function installAnalyticsBlock(context: BrowserContext): Promise<void>;

package/dist/analytics-blocklist.js

@@ -0,0 +1,201 @@
+import { isFirstPartyUrl } from './security.js';
+/**
+ * Privacy-signal request headers attached to every capture context.
+ *
+ * These are standard, widely-sent browser headers (Firefox sends `DNT`, Brave
+ * sends `Sec-GPC`), so they're invisible to origin anti-bot defenses — they
+ * only ever observe a normal first-party page load. Privacy-first analytics
+ * (Plausible, Fathom, …) honor them and suppress the pageview, which
+ * complements the network-level blocking below for the providers that respect
+ * the signal. Free, zero-risk belt-and-suspenders.
+ */
+export const PRIVACY_HEADERS = {
+    DNT: '1',
+    'Sec-GPC': '1',
+};
+/**
+ * Hostnames of DEDICATED web-analytics / product-telemetry / session-replay
+ * endpoints. These domains serve ONLY analytics, so aborting requests to them
+ * during a capture has zero functional impact on the page being screenshotted —
+ * it only prevents AutoKap's automated visit from registering as a phantom
+ * "visitor" in the site owner's analytics (AUT-234).
+ *
+ * Matched by exact host OR sub-domain suffix
+ * (`host === h || host.endsWith('.' + h)`), so regional shards
+ * (`eu.i.posthog.com`, `region1.google-analytics.com`, `*.matomo.cloud`, …) are
+ * covered without enumerating each one.
+ *
+ * Deliberately ABSENT: `googletagmanager.com`. GTM can inject functional tags,
+ * and loading `gtm.js` does NOT itself record a visit — the GA *beacon* to
+ * `google-analytics.com` does, and that host IS blocked. So we neutralize the
+ * GA visit without risking a broken page.
+ *
+ * Self-hosted / first-party-proxied analytics (e.g. Plausible reverse-proxied
+ * on the site's own domain) is intentionally NOT covered: it reads as
+ * first-party (see the `isFirstPartyUrl` guard in {@link installAnalyticsBlock})
+ * and is impossible to detect universally. That edge case is out of scope by
+ * design — catching it would depend on per-site configuration.
+ */
+export const ANALYTICS_HOSTS = [
+    // Google Analytics / GA4 / Universal Analytics collection endpoints
+    'google-analytics.com',
+    'analytics.google.com',
+    'ssl.google-analytics.com',
+    'region1.google-analytics.com',
+    'stats.g.doubleclick.net',
+    // Plausible
+    'plausible.io',
+    // PostHog — only its event-ingestion paths are blocked; feature-flag / config
+    // / library paths (/decide, /flags, /static, /array) are preserved so a
+    // flag-gated app never renders with default flags (see isAnalyticsRequest).
+    'posthog.com',
+    'i.posthog.com',
+    // Matomo / Piwik (cloud)
+    'matomo.cloud',
+    'matomo.org',
+    // Segment
+    'segment.io',
+    'segment.com',
+    // Mixpanel
+    'mixpanel.com',
+    'mxpnl.com',
+    // Amplitude
+    'amplitude.com',
+    // Heap
+    'heapanalytics.com',
+    'heap.io',
+    // Hotjar (heatmaps / session replay)
+    'hotjar.com',
+    'hotjar.io',
+    // Microsoft Clarity (session replay)
+    'clarity.ms',
+    // Cloudflare Web Analytics
+    'cloudflareinsights.com',
+    // Vercel Analytics / Speed Insights
+    'vercel-insights.com',
+    'va.vercel-scripts.com',
+    // Fathom
+    'usefathom.com',
+    // Session replay / heatmaps
+    'fullstory.com',
+    'mouseflow.com',
+    'crazyegg.com',
+    // Yandex Metrica
+    'mc.yandex.ru',
+    // Quantcast
+    'quantserve.com',
+    'quantcount.com',
+    // Adobe Analytics (Omniture)
+    'omtrdc.net',
+    '2o7.net',
+    // Misc product analytics
+    'pendo.io',
+    'woopra.com',
+    'kissmetrics.io',
+];
+const ANALYTICS_HOST_SET = new Set(ANALYTICS_HOSTS.map((h) => h.toLowerCase()));
+/**
+ * Path prefixes on PostHog hosts that are NOT analytics ingestion: feature
+ * flags (`/decide`, `/flags`), the JS library and its remote config
+ * (`/static`, `/array`). PostHog co-serves these from the SAME host as its
+ * event capture, so blocking them would make a flag-gated app render with
+ * default flags during capture — a visible change to the captured UI. We only
+ * block the ingestion paths (`/e/`, `/i/v0/e/`, `/batch/`, `/capture/`, `/s/`),
+ * which is what records the phantom visit.
+ */
+const POSTHOG_FUNCTIONAL_PATH_RE = /^\/(decide|flags|static|array)\b/i;
+function matchesAnalyticsHost(host) {
+    if (ANALYTICS_HOST_SET.has(host))
+        return true;
+    for (const h of ANALYTICS_HOST_SET) {
+        if (host.endsWith(`.${h}`))
+            return true;
+    }
+    return false;
+}
+function isPosthogHost(host) {
+    return host === 'posthog.com' || host.endsWith('.posthog.com');
+}
+/**
+ * True when `url` targets a dedicated web-analytics *ingestion* endpoint (see
+ * {@link ANALYTICS_HOSTS}). Host-suffix aware so regional/sub-domain shards
+ * match their parent. Fail-CLOSED on unparseable or non-http(s) URLs (returns
+ * `false`): we never abort a request we can't confidently classify.
+ *
+ * For hosts that co-serve functional config on the same domain as their
+ * analytics (PostHog), only the event-capture paths count — feature-flag /
+ * config / library paths are preserved so the captured UI never changes
+ * (see {@link POSTHOG_FUNCTIONAL_PATH_RE}).
+ */
+export function isAnalyticsRequest(url) {
+    let parsed;
+    try {
+        parsed = new URL(url);
+    }
+    catch {
+        return false;
+    }
+    if (parsed.protocol !== 'http:' && parsed.protocol !== 'https:')
+        return false;
+    const host = parsed.hostname.toLowerCase();
+    if (!matchesAnalyticsHost(host))
+        return false;
+    if (isPosthogHost(host) && POSTHOG_FUNCTIONAL_PATH_RE.test(parsed.pathname)) {
+        return false;
+    }
+    return true;
+}
+/**
+ * The per-request block decision, factored out of {@link installAnalyticsBlock}
+ * so the guard composition is unit-testable without a real browser context.
+ *
+ * Blocks ONLY a third-party analytics request. A first-party one — analytics
+ * self-hosted or reverse-proxied on the captured site's OWN domain — is
+ * preserved so we can never break the site's own functionality.
+ *
+ * `pageUrl` is the request's frame URL. When it's empty/unknown (a request in
+ * flight before the first navigation commits, a detached/teardown frame, some
+ * worker-originated requests) `isFirstPartyUrl` fail-OPENS to first-party, so
+ * the beacon is NOT aborted. That's the deliberate safe direction — never break
+ * a page — at the cost of a rare phantom-visit leak in that narrow window; real
+ * analytics beacons fire after navigation commits, so the frame URL is present.
+ */
+export function shouldBlockAnalyticsRequest(pageUrl, requestUrl) {
+    return isAnalyticsRequest(requestUrl) && !isFirstPartyUrl(pageUrl, requestUrl);
+}
+/**
+ * Install a context-level route that aborts outgoing requests to dedicated
+ * third-party analytics endpoints, so capturing a site never registers a
+ * phantom "visit" in its analytics (AUT-234).
+ *
+ * Only THIRD-party analytics is blocked (the `!isFirstPartyUrl` guard): a
+ * first-party request is never aborted, so we can never break the captured
+ * site's own functionality. Aborting a third-party beacon is invisible to the
+ * origin's anti-bot (it only ever sees a normal first-party page load) — exactly
+ * what an ad-blocker does — so this carries no risk of tripping bot defenses.
+ *
+ * Registered at the CONTEXT level so it (a) covers every page/frame in the
+ * context, (b) survives `page.unrouteAll()` from `clearRouteInterception()`
+ * (which only clears page-level routes), and (c) composes with the page-level
+ * mock routes from `setupRouteInterception()` — page routes run first; this
+ * catch-all `fallback()`s every non-analytics request back to the network (or
+ * the next handler). Aborting also lowers in-flight count, which only helps
+ * `networkidle` settle. The adaptive-wait progress signal already ignores
+ * third-party traffic (AUT-240), so there's no interaction there.
+ */
+export async function installAnalyticsBlock(context) {
+    await context.route('**/*', (route) => {
+        const request = route.request();
+        const url = request.url();
+        // Derive the page origin from the request's own frame so analytics
+        // self-hosted on the captured site's domain reads as first-party and is
+        // left untouched. `'blockedbyclient'` mimics an ad-blocker (the page just
+        // sees a failed beacon, like every uBlock user).
+        const pageUrl = request.frame()?.url() || '';
+        if (shouldBlockAnalyticsRequest(pageUrl, url)) {
+            return route.abort('blockedbyclient').catch(() => undefined);
+        }
+        return route.fallback();
+    });
+}
+//# sourceMappingURL=analytics-blocklist.js.map

package/dist/browser-pool.d.ts

@@ -20,6 +20,7 @@ declare class BrowserPool {
         colorScheme?: 'light' | 'dark';
         storageState?: BrowserStorageState;
         extraHttpHeaders?: Record<string, string>;
+        blockAnalytics?: boolean;
     }): Promise<BrowserContext>;
     /**
      * Release a context back to the pool. Closes the context and unblocks

package/dist/browser-pool.js

@@ -1,4 +1,5 @@
 import { chromium } from 'playwright';
+import { installAnalyticsBlock, PRIVACY_HEADERS } from './analytics-blocklist.js';
 /** Chromium flags for server-side headless operation (used by pool and standalone launches). */
 export const CHROMIUM_ARGS = [
     // Linux/Docker-only: required when running Chromium as root or with limited /dev/shm
@@ -74,8 +75,16 @@ class BrowserPool {
             locale: options?.lang ? options.lang : 'en-US',
             colorScheme: options?.colorScheme ?? 'light',
             storageState: options?.storageState,
-            ...(extra && Object.keys(extra).length > 0 ? { extraHTTPHeaders: extra } : {}),
+            // Privacy signals first, then merge user/env auth headers (which win on
+            // any conflict). See PRIVACY_HEADERS / installAnalyticsBlock (AUT-234).
+            extraHTTPHeaders: { ...PRIVACY_HEADERS, ...(extra ?? {}) },
         });
+        // Block third-party analytics so pooled (server-side) captures don't
+        // register a phantom visit in the captured site's analytics (AUT-234).
+        // Skippable per-project via blockAnalytics === false.
+        if (options?.blockAnalytics !== false) {
+            await installAnalyticsBlock(context);
+        }
         this.activeContexts++;
         this.captureCount++;
         return context;

package/dist/browser.js

@@ -6,6 +6,7 @@ import { join } from 'path';
 import { DOM_QUIET_WINDOW_MS, GLOBAL_WAIT_CAP_MS, PIXEL_FALLBACK_DIFF_THRESHOLD, PIXEL_FALLBACK_MAX_PASSES, } from './wait-contract.js';
 import { buildAKNodeRuntimeIndex, deriveInteractiveElementsFromAKTree, disambiguateFingerprint, focusAKTree, fingerprintAKNode, serializeAKTree, } from './ak-tree.js';
 import { isFirstPartyUrl } from './security.js';
+import { installAnalyticsBlock, PRIVACY_HEADERS } from './analytics-blocklist.js';
 /**
  * Set-of-Marks (SoM) annotation: overlays colored [N] badges on each visible
  * interactive element so the vision model can reference elements by their badge index.
@@ -949,6 +950,7 @@ export class Browser {
             colorScheme: options.colorScheme ?? 'light',
             storageState: options.storageState,
             extraHttpHeaders: options.extraHttpHeaders,
+            blockAnalytics: options.blockAnalytics,
         });
         instance.page = await instance.context.newPage();
         instance.poolContext = true;
@@ -1068,9 +1070,9 @@ export class Browser {
             locale: langToLocale(options.lang ?? 'en'),
             colorScheme: options.colorScheme ?? 'light',
             storageState: options.storageState,
-            ...(options.extraHttpHeaders && Object.keys(options.extraHttpHeaders).length > 0
-                ? { extraHTTPHeaders: options.extraHttpHeaders }
-                : {}),
+            // Privacy signals first, then merge user/env auth headers (which win on
+            // any conflict). See PRIVACY_HEADERS / installAnalyticsBlock (AUT-234).
+            extraHTTPHeaders: { ...PRIVACY_HEADERS, ...(options.extraHttpHeaders ?? {}) },
         };
         // Dedicated browser process for clip capture. Not pooled because clip
         // capture installs context-level init scripts (cursor overlay). Cloud Run
@@ -1109,6 +1111,13 @@ export class Browser {
             });
             instance.context = await instance.browser.newContext(contextOptions);
         }
+        // Block third-party analytics beacons so clip/video capture doesn't
+        // register a phantom visit either (AUT-234). Context-level so it covers
+        // every page in both the persistent (cloud) and incognito (local) paths.
+        // Skippable per-project via blockAnalytics === false.
+        if (options.blockAnalytics !== false) {
+            await installAnalyticsBlock(instance.context);
+        }
         // Cloud Run only: inject the notranslate meta on every navigation so
         // Chromium's translate UI never prompts. The --disable-features=Translate*
         // launch flags are unreliable across Chromium versions (some translate
@@ -1244,6 +1253,9 @@ export class Browser {
             args: CHROMIUM_ARGS,
         });
         this.context = await this.browser.newContext(this.buildContextOptions());
+        if (this.options.blockAnalytics !== false) {
+            await installAnalyticsBlock(this.context);
+        }
         this.page = await this.context.newPage();
         this.attachDebugLifecycleListeners();
     }
@@ -1333,6 +1345,9 @@ export class Browser {
             this.context = null;
         }
         this.context = await this.browser.newContext(this.buildContextOptions());
+        if (this.options.blockAnalytics !== false) {
+            await installAnalyticsBlock(this.context);
+        }
         this.page = await this.context.newPage();
         this.elementMap.clear();
         this.attachDebugLifecycleListeners();
@@ -5631,10 +5646,11 @@ export class Browser {
     async setLanguage(lang) {
         const context = this.ensureContext();
         const page = this.ensurePage();
-        // `setExtraHTTPHeaders` REPLACES the header map — merge with the
-        // environment-level auth headers so a SET_LOCALE opcode doesn't strip
-        // them mid-run.
+        // `setExtraHTTPHeaders` REPLACES the header map — merge with the privacy
+        // signals and the environment-level auth headers so a SET_LOCALE opcode
+        // doesn't strip them mid-run.
         await context.setExtraHTTPHeaders({
+            ...PRIVACY_HEADERS,
             ...(this.options.extraHttpHeaders ?? {}),
             'Accept-Language': lang,
         });
@@ -5761,7 +5777,9 @@ export class Browser {
             locale: langToLocale(this.options.lang ?? 'en'),
             colorScheme: this.options.colorScheme ?? 'light',
             storageState: this.options.storageState,
-            ...(extra && Object.keys(extra).length > 0 ? { extraHTTPHeaders: extra } : {}),
+            // Privacy signals first, then merge user/env auth headers (which win on
+            // any conflict). See PRIVACY_HEADERS / installAnalyticsBlock (AUT-234).
+            extraHTTPHeaders: { ...PRIVACY_HEADERS, ...(extra ?? {}) },
         };
     }
 }

package/dist/cli-runner.js

@@ -258,6 +258,7 @@ export async function runCapture(options) {
             colorScheme: variant.theme,
             storageState: program.preconditions.storageState,
             extraHttpHeaders: program.environmentHttpHeaders,
+            blockAnalytics: program.blockAnalytics,
         };
         let recordingDir;
         let browser;

package/dist/execution-schema.d.ts

@@ -2233,6 +2233,7 @@ export declare const ExecutionProgramSchema: z.ZodObject<{
     deviceConfigs: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodRecord<z.ZodString, z.ZodUnknown>>>;
     publicUrl: z.ZodOptional<z.ZodString>;
     environmentHttpHeaders: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
+    blockAnalytics: z.ZodOptional<z.ZodBoolean>;
 }, z.core.$strict>;
 export declare const HealerPatchSchema: z.ZodObject<{
     opcodeIndex: z.ZodNumber;
@@ -4936,6 +4937,7 @@ export declare function safeParseProgramResult(data: unknown): z.ZodSafeParseRes
     deviceConfigs?: Record<string, Record<string, unknown>> | undefined;
     publicUrl?: string | undefined;
     environmentHttpHeaders?: Record<string, string> | undefined;
+    blockAnalytics?: boolean | undefined;
 }>;
 export interface ClipNavigationViolation {
     /** Index of the offending NAVIGATE opcode in `program.steps`. */

package/dist/execution-schema.js

@@ -682,6 +682,12 @@ export const ExecutionProgramSchema = z.object({
     // pairs that Playwright will inject as `extraHTTPHeaders` on the
     // BrowserContext so protected staging/preview URLs load successfully.
     environmentHttpHeaders: z.record(z.string().min(1), z.string().min(1)).optional(),
+    // Per-project opt-out for analytics blocking (AUT-234). Optional and WITHOUT a
+    // Zod default for the same signing reason as `programSchemaVersion` above:
+    // this schema is reused in signature verification, so a default would mutate
+    // the signed payload and break symmetry for programs signed without the field.
+    // Absent / true ⇒ block (engine default); only an explicit false disables.
+    blockAnalytics: z.boolean().optional(),
 }).strict().superRefine((value, ctx) => {
     if (value.mediaMode !== value.artifactPlan.mediaMode) {
         ctx.addIssue({

package/dist/execution-types.d.ts

@@ -614,6 +614,14 @@ export interface ExecutionProgram {
      * and embedded in the signed program envelope.
      */
     environmentHttpHeaders?: Record<string, string>;
+    /**
+     * Per-project opt-out for third-party analytics blocking (AUT-234). Default
+     * behavior (field absent / `true`) blocks analytics beacons during capture so
+     * a run never registers a phantom "visit". Set to `false` only when the
+     * project disabled it (`projects.block_analytics_enabled = false`). Server-set
+     * BEFORE signing, so it lives inside the signed envelope.
+     */
+    blockAnalytics?: boolean;
 }
 export interface CircuitBreakerConfig {
     /** Max recovery attempts per opcode. Default: 3 */

package/dist/program-signing.d.ts

@@ -1139,6 +1139,7 @@ export declare const SignedExecutionProgramEnvelopeSchema: z.ZodObject<{
         deviceConfigs: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodRecord<z.ZodString, z.ZodUnknown>>>;
         publicUrl: z.ZodOptional<z.ZodString>;
         environmentHttpHeaders: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
+        blockAnalytics: z.ZodOptional<z.ZodBoolean>;
     }, z.core.$strict>;
     signature: z.ZodString;
     meta: z.ZodOptional<z.ZodObject<{

package/dist/types.d.ts

@@ -257,6 +257,13 @@ export interface BrowserOptions {
      * secrets here.
      */
     extraHttpHeaders?: Record<string, string>;
+    /**
+     * When `false`, the engine does NOT block third-party web-analytics beacons
+     * during capture (AUT-234). Default behavior (`undefined` / `true`) blocks
+     * them so a capture never registers a phantom "visit" in the site's
+     * analytics. Opt-out is a per-project setting (`projects.block_analytics_enabled`).
+     */
+    blockAnalytics?: boolean;
 }
 export interface OutscaleConfig {
     /** Uniform padding on all 4 sides (pixels). */

package/dist/video-narration-schema.d.ts

@@ -1158,6 +1158,7 @@ export declare const VideoIngestPayloadSchema: z.ZodObject<{
         deviceConfigs: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodRecord<z.ZodString, z.ZodUnknown>>>;
         publicUrl: z.ZodOptional<z.ZodString>;
         environmentHttpHeaders: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
+        blockAnalytics: z.ZodOptional<z.ZodBoolean>;
     }, z.core.$strict>;
     narration: z.ZodOptional<z.ZodObject<{
         voice: z.ZodString;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "autokap",
-  "version": "1.9.0",
+  "version": "1.9.1",
   "description": "AI-powered CLI tool for capturing clean screenshots of websites",
   "type": "module",
   "main": "./dist/index.js",