autotel 3.3.0 → 3.3.1

package/dist/workflow-distributed.cjs

@@ -2,11 +2,11 @@
 
 var chunk4P6ZOARG_cjs = require('./chunk-4P6ZOARG.cjs');
 var chunkINJD3G4K_cjs = require('./chunk-INJD3G4K.cjs');
-var chunkU72TGONP_cjs = require('./chunk-U72TGONP.cjs');
+var chunkFMTNB27Z_cjs = require('./chunk-FMTNB27Z.cjs');
 require('./chunk-2GIBANLB.cjs');
 require('./chunk-VQTCQKHQ.cjs');
-require('./chunk-DQSVSGK3.cjs');
-require('./chunk-QJYWKAC5.cjs');
+require('./chunk-JAX4LFGG.cjs');
+require('./chunk-RYVFCHSO.cjs');
 require('./chunk-FEEVB2GV.cjs');
 require('./chunk-CEAQK2QY.cjs');
 require('./chunk-ZNMBW67B.cjs');
@@ -58,7 +58,7 @@ var WorkflowBaggage = chunkINJD3G4K_cjs.createSafeBaggageSchema(workflowBaggageF
 function traceDistributedWorkflow(config) {
   const spanName = `workflow.${config.name}`;
   return (fnFactory) => {
-    return chunkU72TGONP_cjs.trace(
+    return chunkFMTNB27Z_cjs.trace(
       { name: spanName, spanKind: api.SpanKind.INTERNAL },
       (baseCtx) => {
         return async (...args) => {
@@ -157,7 +157,7 @@ function traceDistributedWorkflow(config) {
 function traceDistributedStep(config) {
   const spanName = `workflow.step.${config.name}`;
   return (fnFactory) => {
-    return chunkU72TGONP_cjs.trace(
+    return chunkFMTNB27Z_cjs.trace(
       { name: spanName, spanKind: api.SpanKind.INTERNAL },
       (baseCtx) => {
         return async (...args) => {

package/dist/workflow-distributed.js

@@ -1,10 +1,10 @@
 import { emitCorrelatedEvent } from './chunk-KIL5CUN6.js';
 import { createSafeBaggageSchema } from './chunk-4IFSYQVX.js';
-import { trace } from './chunk-U4D5IBSB.js';
+import { trace } from './chunk-55ALGIAR.js';
 import './chunk-HLZ7H3VZ.js';
 import './chunk-SEO6NAQT.js';
-import './chunk-TGV2XF57.js';
-import './chunk-32AXF4MA.js';
+import './chunk-LCXOOJIP.js';
+import './chunk-B4CGFDZQ.js';
 import './chunk-643PQG3Y.js';
 import './chunk-A4E5AQFK.js';
 import './chunk-WGWSHJ2N.js';

package/dist/workflow.cjs

@@ -1,12 +1,12 @@
 'use strict';
 
-var chunk4RA6HIYF_cjs = require('./chunk-4RA6HIYF.cjs');
+var chunkC4JCSBFO_cjs = require('./chunk-C4JCSBFO.cjs');
 require('./chunk-4P6ZOARG.cjs');
-require('./chunk-U72TGONP.cjs');
+require('./chunk-FMTNB27Z.cjs');
 require('./chunk-2GIBANLB.cjs');
 require('./chunk-VQTCQKHQ.cjs');
-require('./chunk-DQSVSGK3.cjs');
-require('./chunk-QJYWKAC5.cjs');
+require('./chunk-JAX4LFGG.cjs');
+require('./chunk-RYVFCHSO.cjs');
 require('./chunk-FEEVB2GV.cjs');
 require('./chunk-CEAQK2QY.cjs');
 require('./chunk-ZNMBW67B.cjs');
@@ -24,19 +24,19 @@ require('./chunk-YREV3LGG.cjs');
 
 Object.defineProperty(exports, "getCurrentWorkflowContext", {
   enumerable: true,
-  get: function () { return chunk4RA6HIYF_cjs.getCurrentWorkflowContext; }
+  get: function () { return chunkC4JCSBFO_cjs.getCurrentWorkflowContext; }
 });
 Object.defineProperty(exports, "isInWorkflow", {
   enumerable: true,
-  get: function () { return chunk4RA6HIYF_cjs.isInWorkflow; }
+  get: function () { return chunkC4JCSBFO_cjs.isInWorkflow; }
 });
 Object.defineProperty(exports, "traceStep", {
   enumerable: true,
-  get: function () { return chunk4RA6HIYF_cjs.traceStep; }
+  get: function () { return chunkC4JCSBFO_cjs.traceStep; }
 });
 Object.defineProperty(exports, "traceWorkflow", {
   enumerable: true,
-  get: function () { return chunk4RA6HIYF_cjs.traceWorkflow; }
+  get: function () { return chunkC4JCSBFO_cjs.traceWorkflow; }
 });
 //# sourceMappingURL=workflow.cjs.map
 //# sourceMappingURL=workflow.cjs.map

package/dist/workflow.js

@@ -1,10 +1,10 @@
-export { getCurrentWorkflowContext, isInWorkflow, traceStep, traceWorkflow } from './chunk-FZROHTZZ.js';
+export { getCurrentWorkflowContext, isInWorkflow, traceStep, traceWorkflow } from './chunk-4EXFRREO.js';
 import './chunk-KIL5CUN6.js';
-import './chunk-U4D5IBSB.js';
+import './chunk-55ALGIAR.js';
 import './chunk-HLZ7H3VZ.js';
 import './chunk-SEO6NAQT.js';
-import './chunk-TGV2XF57.js';
-import './chunk-32AXF4MA.js';
+import './chunk-LCXOOJIP.js';
+import './chunk-B4CGFDZQ.js';
 import './chunk-643PQG3Y.js';
 import './chunk-A4E5AQFK.js';
 import './chunk-WGWSHJ2N.js';

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "autotel",
-  "version": "3.3.0",
+  "version": "3.3.1",
   "description": "Write Once, Observe Anywhere",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -317,7 +317,7 @@
     }
   },
   "devDependencies": {
-    "@arethetypeswrong/cli": "^0.18.2",
+    "@arethetypeswrong/cli": "^0.18.3",
     "@edge-runtime/vm": "^5.0.0",
     "@opentelemetry/auto-instrumentations-node": "^0.76.0",
     "@opentelemetry/context-async-hooks": "^2.7.1",
@@ -328,25 +328,25 @@
     "@opentelemetry/resource-detector-container": "^0.8.9",
     "@opentelemetry/resource-detector-gcp": "^0.53.0",
     "@opentelemetry/sdk-trace-node": "^2.7.1",
-    "@swc/core": "^1.15.33",
+    "@swc/core": "^1.15.40",
     "@total-typescript/ts-reset": "^0.6.1",
     "@total-typescript/tsconfig": "^1.0.4",
     "@types/eslint-config-prettier": "^6.11.3",
-    "@types/node": "^25.7.0",
-    "@typescript-eslint/eslint-plugin": "^8.59.3",
-    "@typescript-eslint/parser": "^8.59.3",
+    "@types/node": "^25.9.1",
+    "@typescript-eslint/eslint-plugin": "^8.60.0",
+    "@typescript-eslint/parser": "^8.60.0",
     "eslint-config-prettier": "^10.1.8",
     "eslint-plugin-unicorn": "^64.0.0",
     "pino": "^10.3.1",
     "prettier": "^3.8.3",
     "rimraf": "^6.1.3",
     "tsup": "^8.5.1",
-    "tsx": "^4.21.0",
+    "tsx": "^4.22.3",
     "typescript": "^6.0.3",
-    "typescript-eslint": "^8.59.3",
+    "typescript-eslint": "^8.60.0",
     "unplugin-swc": "^1.5.9",
     "vite-tsconfig-paths": "^6.1.1",
-    "vitest": "^4.1.6",
+    "vitest": "^4.1.7",
     "vitest-mock-extended": "^4.0.0",
     "winston": "^3.19.0",
     "yaml": "^2.9.0"

package/skills/build-audit-trails/SKILL.md

@@ -31,17 +31,17 @@ autotel lets you express both with the same primitive — a span — but you sho
 
 ## Quick reference
 
-| Situation                                                | Use                                                              |
-| -------------------------------------------------------- | ---------------------------------------------------------------- |
-| Wrap an action so success/failure is audited + kept      | `withAudit(metadata, fn)` from `autotel-audit`                   |
-| Tag the active span with `audit.*` attributes only       | `setAuditAttributes(metadata)`                                   |
-| Make sure an audit span survives tail sampling           | `forceKeepAuditEvent()`                                          |
-| Record an authorization denial                           | `audit({ …, outcome: 'deny', reason })` (Step 1 helper)          |
-| Full control / framework-agnostic span helper            | hand-rolled `audit()` (Step 1)                                   |
-| Keep audit data off ops dashboards                       | `FilteringSpanProcessor` split (Step 3)                          |
-| Prove a record was not altered                           | HMAC or hash-chain signature (Step 4)                            |
-| Honor a GDPR erasure request on an append-only log       | crypto-shredding (Step 6.5)                                      |
-| Assert the trail in tests                                | `createTraceCollector()` from `autotel/testing` (Step 8)         |
+| Situation                                           | Use                                                      |
+| --------------------------------------------------- | -------------------------------------------------------- |
+| Wrap an action so success/failure is audited + kept | `withAudit(metadata, fn)` from `autotel-audit`           |
+| Tag the active span with `audit.*` attributes only  | `setAuditAttributes(metadata)`                           |
+| Make sure an audit span survives tail sampling      | `forceKeepAuditEvent()`                                  |
+| Record an authorization denial                      | `audit({ …, outcome: 'deny', reason })` (Step 1 helper)  |
+| Full control / framework-agnostic span helper       | hand-rolled `audit()` (Step 1)                           |
+| Keep audit data off ops dashboards                  | `FilteringSpanProcessor` split (Step 3)                  |
+| Prove a record was not altered                      | HMAC or hash-chain signature (Step 4)                    |
+| Honor a GDPR erasure request on an append-only log  | crypto-shredding (Step 6.5)                              |
+| Assert the trail in tests                           | `createTraceCollector()` from `autotel/testing` (Step 8) |
 
 ## The shortest path: the `autotel-audit` package
 
@@ -57,12 +57,21 @@ import {
 // Wrap the action: sets audit.* attributes, force-keeps past tail sampling,
 // and tags outcome 'success' / 'failure' automatically.
 await withAudit(
-  { action: 'user.delete', resource: 'user', actorId: 'usr_42', category: 'admin' },
+  {
+    action: 'user.delete',
+    resource: 'user',
+    actorId: 'usr_42',
+    category: 'admin',
+  },
   async () => db.user.delete({ where: { id } }),
 );
 
 // Or tag the current span yourself and opt out of sampling:
-setAuditAttributes({ action: 'secret.read', resource: 'sec_abc', actorId: 'usr_42' });
+setAuditAttributes({
+  action: 'secret.read',
+  resource: 'sec_abc',
+  actorId: 'usr_42',
+});
 forceKeepAuditEvent();
 ```
 
@@ -381,7 +390,9 @@ describe('audit trail', () => {
   });
 
   it('records a denial with reason and actor', async () => {
-    await expect(deleteUser(forbiddenReq)).rejects.toMatchObject({ status: 403 });
+    await expect(deleteUser(forbiddenReq)).rejects.toMatchObject({
+      status: 403,
+    });
 
     const [span] = collector.getSpansByAttributes({ 'audit.outcome': 'deny' });
     expect(span).toBeDefined();
@@ -392,7 +403,9 @@ describe('audit trail', () => {
 
   it('records the success path on allow', async () => {
     await deleteUser(allowedReq);
-    expect(collector.getSpansByAttributes({ 'audit.outcome': 'allow' })).toHaveLength(1);
+    expect(
+      collector.getSpansByAttributes({ 'audit.outcome': 'allow' }),
+    ).toHaveLength(1);
   });
 });
 ```

package/skills/build-audit-trails/references/framework-wiring.md

@@ -10,7 +10,10 @@ The rule across every framework is the same: wrap the authorization decision so
 // app/admin/users/[id]/route.ts
 import { withAuthz } from '@/lib/audit';
 
-export async function DELETE(req: Request, { params }: { params: { id: string } }) {
+export async function DELETE(
+  req: Request,
+  { params }: { params: { id: string } },
+) {
   return withAuthz(
     {
       action: 'user.delete',
@@ -101,7 +104,8 @@ fastify.delete('/admin/users/:id', async (request, reply) => {
       actor: { id: request.user.id, role: request.user.role },
     },
     async () => ({ allow: request.user.role === 'admin' }),
-    async () => db.user.delete({ where: { id: (request.params as { id: string }).id } }),
+    async () =>
+      db.user.delete({ where: { id: (request.params as { id: string }).id } }),
   );
   return { ok: true };
 });
@@ -180,7 +184,12 @@ import { withAudit } from 'autotel-audit';
 
 export const nightlyPurge = trace(async function nightlyPurge() {
   await withAudit(
-    { action: 'data.purge', resource: 'expired-sessions', actorId: 'system:cron', category: 'maintenance' },
+    {
+      action: 'data.purge',
+      resource: 'expired-sessions',
+      actorId: 'system:cron',
+      category: 'maintenance',
+    },
     async () => sessions.purgeExpired(),
   );
 });

package/skills/review-otel-patterns/SKILL.md

@@ -237,11 +237,11 @@ All options work with `init()`, framework adapters, and `wrapModule` / `defineWo
 
 Enrichers turn raw request data into standard, low-cardinality span attributes. Import the helpers from `autotel/enrichers` and spread their output onto the active span or request logger. Each returns `undefined` when there is nothing to add, so spreading is safe.
 
-| Helper                                       | Returns attributes                                                   | Source                                  |
-| -------------------------------------------- | -------------------------------------------------------------------- | --------------------------------------- |
-| `userAgent(headers)`                         | `user_agent.raw`, `user_agent.browser`, `user_agent.os`, `user_agent.device` | `user-agent` request header     |
-| `geo(headers)`                               | `geo.country`, `geo.region`, `geo.city`, `geo.latitude`, `geo.longitude`     | Vercel / Cloudflare geo headers |
-| `requestSize(reqHeaders, resHeaders?)`       | `http.request.body.size`, `http.response.body.size`                  | `content-length` headers                |
+| Helper                                 | Returns attributes                                                           | Source                          |
+| -------------------------------------- | ---------------------------------------------------------------------------- | ------------------------------- |
+| `userAgent(headers)`                   | `user_agent.raw`, `user_agent.browser`, `user_agent.os`, `user_agent.device` | `user-agent` request header     |
+| `geo(headers)`                         | `geo.country`, `geo.region`, `geo.city`, `geo.latitude`, `geo.longitude`     | Vercel / Cloudflare geo headers |
+| `requestSize(reqHeaders, resHeaders?)` | `http.request.body.size`, `http.response.body.size`                          | `content-length` headers        |
 
 ```typescript
 import { userAgent, geo, requestSize } from 'autotel/enrichers';
@@ -262,7 +262,10 @@ For your own derived fields on a request's wide event, build a reusable enricher
 import { defineEnricher } from 'autotel';
 
 // Merge a derived, low-cardinality object into event.user on each request.
-const enrichTier = defineEnricher<{ user?: { plan?: string } }, { tier: string }>({
+const enrichTier = defineEnricher<
+  { user?: { plan?: string } },
+  { tier: string }
+>({
   name: 'user-tier',
   field: 'user',
   compute: ({ event }) => ({ tier: event.user?.plan ?? 'anonymous' }),

package/src/error-catalog.test.ts

@@ -17,8 +17,13 @@ describe('defineErrorCatalog', () => {
     },
     INSUFFICIENT_FUNDS: {
       status: 402,
-      message: ({ available, required }: { available: number; required: number }) =>
-        `Insufficient funds: $${available} of $${required}`,
+      message: ({
+        available,
+        required,
+      }: {
+        available: number;
+        required: number;
+      }) => `Insufficient funds: $${available} of $${required}`,
       why: ({ required }: { available: number; required: number }) =>
         `Needs $${required}`,
     },

package/src/error-catalog.ts

@@ -30,7 +30,10 @@
  * ```
  */
 
-import { createStructuredError, type StructuredError } from './structured-error';
+import {
+  createStructuredError,
+  type StructuredError,
+} from './structured-error';
 
 const catalogCodeKey = Symbol.for('autotel.catalog.code');
 
@@ -69,9 +72,10 @@ type ParamsOf<E> = E extends { message: (params: infer P) => string }
     ? P
     : void;
 
-type BuilderArgs<E extends ErrorCatalogEntry> = ParamsOf<E> extends void
-  ? [options?: ErrorBuildOptions]
-  : [params: ParamsOf<E>, options?: ErrorBuildOptions];
+type BuilderArgs<E extends ErrorCatalogEntry> =
+  ParamsOf<E> extends void
+    ? [options?: ErrorBuildOptions]
+    : [params: ParamsOf<E>, options?: ErrorBuildOptions];
 
 /** A callable error factory produced by {@link defineErrorCatalog}. */
 export interface ErrorBuilder<E extends ErrorCatalogEntry> {
@@ -127,9 +131,9 @@ export function defineErrorCatalog<
       maybeOptions?: ErrorBuildOptions,
     ): StructuredError => {
       const params = usesParams ? paramsOrOptions : undefined;
-      const options = (
-        usesParams ? maybeOptions : paramsOrOptions
-      ) as ErrorBuildOptions | undefined;
+      const options = (usesParams ? maybeOptions : paramsOrOptions) as
+        | ErrorBuildOptions
+        | undefined;
 
       const message =
         typeof entry.message === 'function'
@@ -200,9 +204,8 @@ export interface AuditAction {
   readonly message?: string;
 }
 
-type AuditDescriptorArgs<E extends AuditCatalogEntry> = ParamsOf<E> extends void
-  ? []
-  : [params: ParamsOf<E>];
+type AuditDescriptorArgs<E extends AuditCatalogEntry> =
+  ParamsOf<E> extends void ? [] : [params: ParamsOf<E>];
 
 /** A callable audit-action descriptor produced by {@link defineAuditCatalog}. */
 export interface AuditDescriptor<E extends AuditCatalogEntry> {

package/src/init.ts

@@ -1275,7 +1275,11 @@ function wrapLogger(
  * final default PII redaction is auto-enabled in production.
  */
 export function resolveAttributeRedactor(
-  explicit: AttributeRedactorConfig | AttributeRedactorPreset | false | undefined,
+  explicit:
+    | AttributeRedactorConfig
+    | AttributeRedactorPreset
+    | false
+    | undefined,
   environment: string,
 ): AttributeRedactorConfig | AttributeRedactorPreset | undefined {
   if (explicit === false) return undefined;