npm - brakit - Versions diffs - 0.10.1 → 0.10.2 - Mend

brakit 0.10.1 → 0.10.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/dist/api.d.ts +41 -14
package/dist/api.js +105 -17
package/dist/bin/brakit.js +307 -37
package/dist/dashboard-client.global.js +204 -191
package/dist/dashboard.html +216 -192
package/dist/mcp/server.js +78 -1
package/dist/runtime/index.js +1330 -1122
package/package.json +1 -1

package/dist/runtime/index.js CHANGED Viewed

@@ -15,7 +15,7 @@ var __export = (target, all) => {
 };
 // src/constants/config.ts
-var MAX_REQUEST_ENTRIES, DEFAULT_MAX_BODY_CAPTURE, DEFAULT_API_LIMIT, MAX_TELEMETRY_ENTRIES, MAX_TAB_NAME_LENGTH, MAX_INGEST_BYTES, TERMINAL_TRUNCATE_LENGTH, SENSITIVE_MASK_MIN_LENGTH, SENSITIVE_MASK_VISIBLE_CHARS, MAX_JSON_BODY_BYTES, ANALYSIS_DEBOUNCE_MS, ISSUE_ID_HASH_LENGTH, ISSUES_DATA_VERSION, SENSITIVE_MASK_PLACEHOLDER, PROJECT_HASH_LENGTH, SECRET_SCAN_ARRAY_LIMIT, PII_SCAN_ARRAY_LIMIT, MIN_SECRET_VALUE_LENGTH, FULL_RECORD_MIN_FIELDS, LIST_PII_MIN_ITEMS, MAX_API_LIMIT, MAX_OBJECT_SCAN_DEPTH, MAX_UNIQUE_ENDPOINTS, MAX_ACCUMULATOR_ENTRIES, ISSUE_PRUNE_TTL_MS, FLOW_GAP_MS, SLOW_REQUEST_THRESHOLD_MS, MIN_POLLING_SEQUENCE, ENDPOINT_TRUNCATE_LENGTH, N1_QUERY_THRESHOLD, ERROR_RATE_THRESHOLD_PCT, MIN_REQUESTS_FOR_INSIGHT, HIGH_QUERY_COUNT_PER_REQ, CROSS_ENDPOINT_MIN_ENDPOINTS, CROSS_ENDPOINT_PCT, CROSS_ENDPOINT_MIN_OCCURRENCES, REDUNDANT_QUERY_MIN_COUNT, LARGE_RESPONSE_BYTES, HIGH_ROW_COUNT, OVERFETCH_MIN_REQUESTS, OVERFETCH_MIN_FIELDS, OVERFETCH_MIN_INTERNAL_IDS, OVERFETCH_NULL_RATIO, REGRESSION_PCT_THRESHOLD, REGRESSION_MIN_INCREASE_MS, REGRESSION_MIN_REQUESTS, QUERY_COUNT_REGRESSION_RATIO, OVERFETCH_MANY_FIELDS, OVERFETCH_UNWRAP_MIN_SIZE, MAX_DUPLICATE_INSIGHTS, INSIGHT_WINDOW_PER_ENDPOINT, CLEAN_HITS_FOR_RESOLUTION, STALE_ISSUE_TTL_MS, STRICT_MODE_MAX_GAP_MS, BASELINE_MIN_SESSIONS, BASELINE_MIN_REQUESTS_PER_SESSION, BASELINE_PENDING_POINTS_MIN, METRICS_DIR, METRICS_FILE, PORT_FILE, ISSUES_FILE, METRICS_FLUSH_INTERVAL_MS, METRICS_MAX_SESSIONS, METRICS_MAX_DATA_POINTS, ISSUES_FLUSH_INTERVAL_MS, SSE_HEARTBEAT_INTERVAL_MS, NOISE_HOSTS, NOISE_PATH_PATTERNS, VALID_ISSUE_STATES, VALID_ISSUE_CATEGORIES, VALID_AI_FIX_STATUSES, TELEMETRY_EVENT_SETUP_COMPLETED, TELEMETRY_EVENT_FIRST_REQUEST, TELEMETRY_EVENT_DASHBOARD_VIEWED, TELEMETRY_EVENT_SESSION, TELEMETRY_EVENT_GRAPH_FEATURE, EXIT_REASON_CLEAN, EXIT_REASON_SIGINT, EXIT_REASON_SIGTERM, DETAIL_PREVIEW_LENGTH, KNOWN_DEPENDENCY_NAMES;
+var MAX_REQUEST_ENTRIES, DEFAULT_MAX_BODY_CAPTURE, DEFAULT_API_LIMIT, MAX_TELEMETRY_ENTRIES, MAX_TAB_NAME_LENGTH, MAX_INGEST_BYTES, SENSITIVE_MASK_MIN_LENGTH, SENSITIVE_MASK_VISIBLE_CHARS, MAX_JSON_BODY_BYTES, ANALYSIS_DEBOUNCE_MS, ISSUE_ID_HASH_LENGTH, ISSUES_DATA_VERSION, SENSITIVE_MASK_PLACEHOLDER, PROJECT_HASH_LENGTH, SECRET_SCAN_ARRAY_LIMIT, PII_SCAN_ARRAY_LIMIT, MIN_SECRET_VALUE_LENGTH, FULL_RECORD_MIN_FIELDS, LIST_PII_MIN_ITEMS, MAX_API_LIMIT, MAX_OBJECT_SCAN_DEPTH, MAX_UNIQUE_ENDPOINTS, MAX_ACCUMULATOR_ENTRIES, ISSUE_PRUNE_TTL_MS, FLOW_GAP_MS, SLOW_REQUEST_THRESHOLD_MS, MIN_POLLING_SEQUENCE, ENDPOINT_TRUNCATE_LENGTH, N1_QUERY_THRESHOLD, ERROR_RATE_THRESHOLD_PCT, MIN_REQUESTS_FOR_INSIGHT, HIGH_QUERY_COUNT_PER_REQ, CROSS_ENDPOINT_MIN_ENDPOINTS, CROSS_ENDPOINT_PCT, CROSS_ENDPOINT_MIN_OCCURRENCES, REDUNDANT_QUERY_MIN_COUNT, LARGE_RESPONSE_BYTES, HIGH_ROW_COUNT, OVERFETCH_MIN_REQUESTS, OVERFETCH_MIN_FIELDS, OVERFETCH_MIN_INTERNAL_IDS, OVERFETCH_NULL_RATIO, REGRESSION_PCT_THRESHOLD, REGRESSION_MIN_INCREASE_MS, REGRESSION_MIN_REQUESTS, QUERY_COUNT_REGRESSION_RATIO, OVERFETCH_MANY_FIELDS, OVERFETCH_UNWRAP_MIN_SIZE, MAX_DUPLICATE_INSIGHTS, INSIGHT_WINDOW_PER_ENDPOINT, CLEAN_HITS_FOR_RESOLUTION, STALE_ISSUE_TTL_MS, STRICT_MODE_MAX_GAP_MS, BASELINE_MIN_SESSIONS, BASELINE_MIN_REQUESTS_PER_SESSION, BASELINE_PENDING_POINTS_MIN, METRICS_DIR, METRICS_FILE, PORT_FILE, ISSUES_FILE, METRICS_FLUSH_INTERVAL_MS, METRICS_MAX_SESSIONS, METRICS_MAX_DATA_POINTS, ISSUES_FLUSH_INTERVAL_MS, SSE_HEARTBEAT_INTERVAL_MS, NOISE_HOSTS, NOISE_PATH_PATTERNS, VALID_ISSUE_STATES, VALID_ISSUE_CATEGORIES, VALID_AI_FIX_STATUSES, DETAIL_PREVIEW_LENGTH;
 var init_config = __esm({
   "src/constants/config.ts"() {
     "use strict";
@@ -25,7 +25,6 @@ var init_config = __esm({
     MAX_TELEMETRY_ENTRIES = 1e3;
     MAX_TAB_NAME_LENGTH = 32;
     MAX_INGEST_BYTES = 10485760;
-    TERMINAL_TRUNCATE_LENGTH = 80;
     SENSITIVE_MASK_MIN_LENGTH = 8;
     SENSITIVE_MASK_VISIBLE_CHARS = 4;
     MAX_JSON_BODY_BYTES = 65536;
@@ -90,21 +89,24 @@ var init_config = __esm({
     VALID_ISSUE_STATES = /* @__PURE__ */ new Set(["open", "fixing", "resolved", "stale", "regressed"]);
     VALID_ISSUE_CATEGORIES = /* @__PURE__ */ new Set(["security", "performance", "reliability"]);
     VALID_AI_FIX_STATUSES = /* @__PURE__ */ new Set(["fixed", "wont_fix"]);
-    TELEMETRY_EVENT_SETUP_COMPLETED = "setup_completed";
-    TELEMETRY_EVENT_FIRST_REQUEST = "first_request";
-    TELEMETRY_EVENT_DASHBOARD_VIEWED = "dashboard_viewed";
-    TELEMETRY_EVENT_SESSION = "session";
-    TELEMETRY_EVENT_GRAPH_FEATURE = "graph_feature";
-    EXIT_REASON_CLEAN = "clean";
-    EXIT_REASON_SIGINT = "sigint";
-    EXIT_REASON_SIGTERM = "sigterm";
     DETAIL_PREVIEW_LENGTH = 120;
+  }
+});
+// src/constants/detection.ts
+var NODE_MODULES_SEGMENT, INSTALLED_HOOKS, KNOWN_DEPENDENCY_NAMES, KNOWN_CONFIG_FILES, KNOWN_DEPENDENCY_SET;
+var init_detection = __esm({
+  "src/constants/detection.ts"() {
+    "use strict";
+    NODE_MODULES_SEGMENT = "/node_modules/";
+    INSTALLED_HOOKS = ["fetch", "console", "error"];
     KNOWN_DEPENDENCY_NAMES = [
+      // -- Frameworks (meta) --
       "next",
       "@remix-run/dev",
       "nuxt",
-      "vite",
       "astro",
+      // -- Frameworks (backend) --
       "@nestjs/core",
       "@adonisjs/core",
       "sails",
@@ -113,16 +115,91 @@ var init_config = __esm({
       "hono",
       "koa",
       "@hapi/hapi",
+      "elysia",
+      "h3",
+      "nitro",
+      "@trpc/server",
+      // -- Bundlers --
+      "vite",
+      // -- ORM / query builders --
       "prisma",
+      "@prisma/client",
       "drizzle-orm",
       "typeorm",
-      "sequelize"
+      "sequelize",
+      "mongoose",
+      "kysely",
+      "knex",
+      "@mikro-orm/core",
+      "objection",
+      // -- DB drivers --
+      "pg",
+      "mysql2",
+      "mongodb",
+      "better-sqlite3",
+      "@libsql/client",
+      "@planetscale/database",
+      "ioredis",
+      "redis",
+      // -- Auth --
+      "lucia",
+      "next-auth",
+      "@auth/core",
+      "passport",
+      // -- Queues / messaging --
+      "bullmq",
+      "amqplib",
+      "kafkajs",
+      // -- Validation --
+      "zod",
+      "joi",
+      "yup",
+      "arktype",
+      "valibot",
+      // -- HTTP clients --
+      "axios",
+      "got",
+      "ky",
+      "undici",
+      // -- Realtime --
+      "socket.io",
+      "ws",
+      // -- CSS / styling --
+      "tailwindcss",
+      // -- Testing --
+      "vitest",
+      "jest",
+      "mocha",
+      // -- Runtime indicators --
+      "bun-types",
+      "@types/bun"
     ];
+    KNOWN_CONFIG_FILES = {
+      "next.config.js": "nextjs",
+      "next.config.mjs": "nextjs",
+      "next.config.ts": "nextjs",
+      "nuxt.config.ts": "nuxt",
+      "nuxt.config.js": "nuxt",
+      "astro.config.mjs": "astro",
+      "astro.config.ts": "astro",
+      "vite.config.ts": "vite",
+      "vite.config.js": "vite",
+      "drizzle.config.ts": "drizzle-orm",
+      "drizzle.config.js": "drizzle-orm",
+      "prisma/schema.prisma": "prisma",
+      "knexfile.js": "knex",
+      "knexfile.ts": "knex",
+      "mikro-orm.config.ts": "@mikro-orm/core",
+      "nest-cli.json": "@nestjs/core",
+      "tailwind.config.js": "tailwindcss",
+      "tailwind.config.ts": "tailwindcss"
+    };
+    KNOWN_DEPENDENCY_SET = new Set(KNOWN_DEPENDENCY_NAMES);
   }
 });
 // src/constants/labels.ts
-var DASHBOARD_PREFIX, DASHBOARD_API_REQUESTS, DASHBOARD_API_EVENTS, DASHBOARD_API_FLOWS, DASHBOARD_API_CLEAR, DASHBOARD_API_LOGS, DASHBOARD_API_FETCHES, DASHBOARD_API_ERRORS, DASHBOARD_API_QUERIES, DASHBOARD_API_INGEST, DASHBOARD_API_METRICS, DASHBOARD_API_ACTIVITY, DASHBOARD_API_METRICS_LIVE, DASHBOARD_API_INSIGHTS, DASHBOARD_API_SECURITY, DASHBOARD_API_TAB, DASHBOARD_API_FINDINGS, DASHBOARD_API_FINDINGS_REPORT, DASHBOARD_API_GRAPH, VALID_TABS_TUPLE, VALID_TABS, BRAKIT_REQUEST_ID_HEADER, BRAKIT_FETCH_ID_HEADER, SENSITIVE_HEADER_NAMES, HTTP_OK, HTTP_NO_CONTENT, HTTP_BAD_REQUEST, HTTP_NOT_FOUND, HTTP_METHOD_NOT_ALLOWED, HTTP_PAYLOAD_TOO_LARGE, HTTP_INTERNAL_ERROR, SECURITY_HEADERS, CONTENT_ENCODING_GZIP, CONTENT_ENCODING_BR, CONTENT_ENCODING_DEFLATE, SEVERITY_ICON, SSE_EVENT_FETCH, SSE_EVENT_LOG, SSE_EVENT_ERROR, SSE_EVENT_QUERY, SSE_EVENT_ISSUES, SDK_EVENT_REQUEST, SDK_EVENT_DB_QUERY, SDK_EVENT_FETCH, SDK_EVENT_LOG, SDK_EVENT_ERROR, SDK_EVENT_AUTH_CHECK, POSTHOG_HOST, POSTHOG_CAPTURE_PATH, POSTHOG_REQUEST_TIMEOUT_MS, SPEED_BUCKET_THRESHOLDS, TIMELINE_FETCH, TIMELINE_LOG, TIMELINE_ERROR, TIMELINE_QUERY;
+var DASHBOARD_PREFIX, DASHBOARD_API_REQUESTS, DASHBOARD_API_EVENTS, DASHBOARD_API_FLOWS, DASHBOARD_API_CLEAR, DASHBOARD_API_LOGS, DASHBOARD_API_FETCHES, DASHBOARD_API_ERRORS, DASHBOARD_API_QUERIES, DASHBOARD_API_INGEST, DASHBOARD_API_METRICS, DASHBOARD_API_ACTIVITY, DASHBOARD_API_METRICS_LIVE, DASHBOARD_API_INSIGHTS, DASHBOARD_API_SECURITY, DASHBOARD_API_TAB, DASHBOARD_API_FINDINGS, DASHBOARD_API_FINDINGS_REPORT, DASHBOARD_API_GRAPH, VALID_TABS_TUPLE, VALID_TABS, BRAKIT_REQUEST_ID_HEADER, BRAKIT_FETCH_ID_HEADER, SENSITIVE_HEADER_NAMES, HTTP_OK, HTTP_NO_CONTENT, HTTP_BAD_REQUEST, HTTP_NOT_FOUND, HTTP_METHOD_NOT_ALLOWED, HTTP_PAYLOAD_TOO_LARGE, HTTP_INTERNAL_ERROR, SECURITY_HEADERS, CONTENT_ENCODING_GZIP, CONTENT_ENCODING_BR, CONTENT_ENCODING_DEFLATE, SSE_EVENT_FETCH, SSE_EVENT_LOG, SSE_EVENT_ERROR, SSE_EVENT_QUERY, SSE_EVENT_ISSUES, SDK_EVENT_REQUEST, SDK_EVENT_DB_QUERY, SDK_EVENT_FETCH, SDK_EVENT_LOG, SDK_EVENT_ERROR, SDK_EVENT_AUTH_CHECK, SDK_EVENT_HELLO, TIMELINE_FETCH, TIMELINE_LOG, TIMELINE_ERROR, TIMELINE_QUERY, UNICODE_ARROW, UNICODE_EM_DASH, UNICODE_CHECK_MARK;
 var init_labels = __esm({
   "src/constants/labels.ts"() {
     "use strict";
@@ -180,11 +257,6 @@ var init_labels = __esm({
     CONTENT_ENCODING_GZIP = "gzip";
     CONTENT_ENCODING_BR = "br";
     CONTENT_ENCODING_DEFLATE = "deflate";
-    SEVERITY_ICON = {
-      critical: "\u2717",
-      warning: "\u26A0",
-      info: "\u2139"
-    };
     SSE_EVENT_FETCH = "fetch";
     SSE_EVENT_LOG = "log";
     SSE_EVENT_ERROR = "error_event";
@@ -196,14 +268,14 @@ var init_labels = __esm({
     SDK_EVENT_LOG = "log";
     SDK_EVENT_ERROR = "error";
     SDK_EVENT_AUTH_CHECK = "auth.check";
-    POSTHOG_HOST = "https://us.i.posthog.com";
-    POSTHOG_CAPTURE_PATH = "/i/v0/e/";
-    POSTHOG_REQUEST_TIMEOUT_MS = 3e3;
-    SPEED_BUCKET_THRESHOLDS = [200, 500, 1e3, 2e3, 5e3];
+    SDK_EVENT_HELLO = "sdk.hello";
     TIMELINE_FETCH = "fetch";
     TIMELINE_LOG = "log";
     TIMELINE_ERROR = "error";
     TIMELINE_QUERY = "query";
+    UNICODE_ARROW = "\u2192";
+    UNICODE_EM_DASH = "\u2014";
+    UNICODE_CHECK_MARK = "\u2713";
   }
 });
@@ -243,13 +315,36 @@ var init_features = __esm({
   }
 });
+// src/constants/telemetry.ts
+var POSTHOG_HOST, POSTHOG_CAPTURE_PATH, POSTHOG_REQUEST_TIMEOUT_MS, TELEMETRY_EVENT_SETUP_COMPLETED, TELEMETRY_EVENT_FIRST_REQUEST, TELEMETRY_EVENT_DASHBOARD_VIEWED, TELEMETRY_EVENT_SESSION, TELEMETRY_EVENT_GRAPH_FEATURE, TELEMETRY_SDK_NAME, EXIT_REASON_CLEAN, EXIT_REASON_SIGINT, EXIT_REASON_SIGTERM, SPEED_BUCKET_THRESHOLDS;
+var init_telemetry = __esm({
+  "src/constants/telemetry.ts"() {
+    "use strict";
+    POSTHOG_HOST = "https://us.i.posthog.com";
+    POSTHOG_CAPTURE_PATH = "/i/v0/e/";
+    POSTHOG_REQUEST_TIMEOUT_MS = 3e3;
+    TELEMETRY_EVENT_SETUP_COMPLETED = "setup_completed";
+    TELEMETRY_EVENT_FIRST_REQUEST = "first_request";
+    TELEMETRY_EVENT_DASHBOARD_VIEWED = "dashboard_viewed";
+    TELEMETRY_EVENT_SESSION = "session";
+    TELEMETRY_EVENT_GRAPH_FEATURE = "graph_feature";
+    TELEMETRY_SDK_NAME = "node";
+    EXIT_REASON_CLEAN = "clean";
+    EXIT_REASON_SIGINT = "sigint";
+    EXIT_REASON_SIGTERM = "sigterm";
+    SPEED_BUCKET_THRESHOLDS = [200, 500, 1e3, 2e3, 5e3];
+  }
+});
 // src/constants/index.ts
 var init_constants = __esm({
   "src/constants/index.ts"() {
     "use strict";
     init_config();
+    init_detection();
     init_labels();
     init_features();
+    init_telemetry();
   }
 });
@@ -1972,550 +2067,219 @@ var init_sdk_event_parser = __esm({
   }
 });
-// src/dashboard/api/ingest.ts
-function isBrakitBatch(msg) {
-  return typeof msg === "object" && msg !== null && "_brakit" in msg && msg._brakit === true && !("version" in msg);
+// src/telemetry/config.ts
+import { homedir, platform } from "os";
+import { join } from "path";
+import { existsSync, readFileSync, writeFileSync, mkdirSync } from "fs";
+import { randomUUID as randomUUID5 } from "crypto";
+function isValidTelemetryConfig(value) {
+  return typeof value === "object" && value !== null && typeof value.telemetry === "boolean" && typeof value.anonymousId === "string" && value.anonymousId.length > 0;
 }
-function isSDKPayload(msg) {
-  return typeof msg === "object" && msg !== null && "_brakit" in msg && "version" in msg && typeof msg.version === "number";
+function readConfig() {
+  try {
+    if (!existsSync(CONFIG_PATH)) return null;
+    const parsed = JSON.parse(readFileSync(CONFIG_PATH, "utf-8"));
+    return isValidTelemetryConfig(parsed) ? parsed : null;
+  } catch {
+    return null;
+  }
 }
-function createIngestHandler(services) {
-  const routeEvent = (event) => {
-    switch (event.type) {
-      case TIMELINE_FETCH:
-        bus.emit("telemetry:fetch", event.data);
-        break;
-      case TIMELINE_LOG:
-        bus.emit("telemetry:log", event.data);
-        break;
-      case TIMELINE_ERROR:
-        bus.emit("telemetry:error", event.data);
-        break;
-      case TIMELINE_QUERY:
-        bus.emit("telemetry:query", event.data);
-        break;
-    }
-  };
-  const { bus, requestStore } = services;
-  const stores = {
-    addQuery: (data) => bus.emit("telemetry:query", data),
-    addFetch: (data) => bus.emit("telemetry:fetch", data),
-    addLog: (data) => bus.emit("telemetry:log", data),
-    addError: (data) => bus.emit("telemetry:error", data),
-    addRequest: (data) => requestStore.add(data)
-  };
-  return (req, res) => {
-    if (req.method !== "POST") {
-      sendJson(req, res, HTTP_METHOD_NOT_ALLOWED, { error: "Method not allowed" });
-      return;
+function writeConfig(config) {
+  try {
+    if (!existsSync(CONFIG_DIR))
+      mkdirSync(CONFIG_DIR, { recursive: true, ...IS_WINDOWS ? {} : { mode: DIR_MODE_OWNER_ONLY } });
+    writeFileSync(
+      CONFIG_PATH,
+      JSON.stringify(config, null, 2) + "\n",
+      IS_WINDOWS ? {} : { mode: FILE_MODE_OWNER_ONLY }
+    );
+  } catch (err) {
+    if (process.env.BRAKIT_DEBUG) {
+      process.stderr.write(`[brakit] config write failed: ${err?.message ?? err}
+`);
     }
-    const chunks = [];
-    let totalSize = 0;
-    req.on("data", (chunk) => {
-      totalSize += chunk.length;
-      if (totalSize > MAX_INGEST_BYTES) {
-        sendJson(req, res, HTTP_PAYLOAD_TOO_LARGE, { error: "Payload too large" });
-        req.destroy();
-        return;
-      }
-      chunks.push(chunk);
-    });
-    req.on("end", () => {
-      if (res.headersSent) return;
-      try {
-        const body = JSON.parse(Buffer.concat(chunks).toString());
-        if (isSDKPayload(body)) {
-          for (const event of body.events) {
-            routeSDKEvent(event, stores);
-          }
-          res.writeHead(HTTP_NO_CONTENT);
-          res.end();
-          return;
-        }
-        if (isBrakitBatch(body)) {
-          for (const event of body.events) {
-            routeEvent(event);
-          }
-          res.writeHead(HTTP_NO_CONTENT);
-          res.end();
-          return;
-        }
-        sendJson(req, res, HTTP_BAD_REQUEST, { error: "Invalid batch" });
-      } catch {
-        sendJson(req, res, HTTP_BAD_REQUEST, { error: "Invalid JSON" });
-      }
-    });
-    req.on("error", () => {
-      if (!res.headersSent) {
-        res.writeHead(HTTP_BAD_REQUEST);
-        res.end();
-      }
-    });
-  };
+  }
 }
-var init_ingest = __esm({
-  "src/dashboard/api/ingest.ts"() {
+function getOrCreateConfig() {
+  const existing = readConfig();
+  if (existing) return existing;
+  const config = { telemetry: true, anonymousId: randomUUID5() };
+  writeConfig(config);
+  return config;
+}
+function isTelemetryEnabled() {
+  if (cachedEnabled !== null) return cachedEnabled;
+  const env = process.env.BRAKIT_TELEMETRY;
+  if (env !== void 0) {
+    const normalized = env.toLowerCase().trim();
+    cachedEnabled = normalized !== "false" && normalized !== "0" && normalized !== "off";
+    return cachedEnabled;
+  }
+  cachedEnabled = readConfig()?.telemetry ?? true;
+  return cachedEnabled;
+}
+var IS_WINDOWS, CONFIG_DIR, CONFIG_PATH, cachedEnabled;
+var init_config2 = __esm({
+  "src/telemetry/config.ts"() {
     "use strict";
-    init_config();
-    init_labels();
-    init_shared2();
-    init_sdk_event_parser();
+    init_features();
+    IS_WINDOWS = platform() === "win32";
+    CONFIG_DIR = join(homedir(), ".brakit");
+    CONFIG_PATH = join(CONFIG_DIR, "config.json");
+    cachedEnabled = null;
   }
 });
-// src/dashboard/api/metrics.ts
-function createMetricsHandler(metricsStore) {
-  return (req, res) => {
-    if (!requireGet(req, res)) return;
-    const url = parseRequestUrl(req);
-    const endpoint = url.searchParams.get("endpoint");
-    if (endpoint) {
-      const ep = metricsStore.getEndpoint(endpoint);
-      sendJson(req, res, HTTP_OK, { endpoints: ep ? [ep] : [] });
-      return;
+// src/utils/fs.ts
+import { access, readFile, writeFile } from "fs/promises";
+import { existsSync as existsSync2, readFileSync as readFileSync2, writeFileSync as writeFileSync2 } from "fs";
+import { createHash } from "crypto";
+import { homedir as homedir2 } from "os";
+import { resolve, join as join2 } from "path";
+function getProjectDataDir(projectRoot) {
+  const absolute = resolve(projectRoot);
+  const hash = createHash("sha256").update(absolute).digest("hex").slice(0, PROJECT_HASH_LENGTH);
+  return join2(homedir2(), ".brakit", "projects", hash);
+}
+async function fileExists(path) {
+  try {
+    await access(path);
+    return true;
+  } catch {
+    return false;
+  }
+}
+function ensureGitignore(dir, entry) {
+  try {
+    const gitignorePath = resolve(dir, "../.gitignore");
+    if (existsSync2(gitignorePath)) {
+      const content = readFileSync2(gitignorePath, "utf-8");
+      if (content.split("\n").some((l) => l.trim() === entry)) return;
+      writeFileSync2(gitignorePath, content.trimEnd() + "\n" + entry + "\n");
+    } else {
+      writeFileSync2(gitignorePath, entry + "\n");
     }
-    sendJson(req, res, HTTP_OK, { endpoints: metricsStore.getAll() });
-  };
+  } catch (err) {
+    brakitDebug(`ensureGitignore failed: ${getErrorMessage(err)}`);
+  }
 }
-var init_metrics = __esm({
-  "src/dashboard/api/metrics.ts"() {
-    "use strict";
-    init_shared2();
-    init_labels();
+async function ensureGitignoreAsync(dir, entry) {
+  try {
+    const gitignorePath = resolve(dir, "../.gitignore");
+    if (await fileExists(gitignorePath)) {
+      const content = await readFile(gitignorePath, "utf-8");
+      if (content.split("\n").some((l) => l.trim() === entry)) return;
+      await writeFile(gitignorePath, content.trimEnd() + "\n" + entry + "\n");
+    } else {
+      await writeFile(gitignorePath, entry + "\n");
+    }
+  } catch (err) {
+    brakitDebug(`ensureGitignoreAsync failed: ${getErrorMessage(err)}`);
   }
-});
-// src/dashboard/api/metrics-live.ts
-function createLiveMetricsHandler(metricsStore) {
-  return (req, res) => {
-    if (!requireGet(req, res)) return;
-    sendJson(req, res, 200, { endpoints: metricsStore.getLiveEndpoints() });
-  };
 }
-var init_metrics_live = __esm({
-  "src/dashboard/api/metrics-live.ts"() {
+var init_fs = __esm({
+  "src/utils/fs.ts"() {
     "use strict";
-    init_shared2();
+    init_config();
+    init_log();
+    init_type_guards();
   }
 });
-// src/dashboard/api/activity.ts
-function buildTimeline(services, requestId) {
-  const fetches = services.fetchStore.getByRequest(requestId);
-  const logs = services.logStore.getByRequest(requestId);
-  const errors = services.errorStore.getByRequest(requestId);
-  const queries = services.queryStore.getByRequest(requestId);
-  const timeline = [];
-  for (const fetch of fetches)
-    timeline.push({ type: TIMELINE_FETCH, timestamp: fetch.timestamp, data: fetch });
-  for (const log of logs)
-    timeline.push({ type: TIMELINE_LOG, timestamp: log.timestamp, data: log });
-  for (const error of errors)
-    timeline.push({ type: TIMELINE_ERROR, timestamp: error.timestamp, data: error });
-  for (const query of queries)
-    timeline.push({ type: TIMELINE_QUERY, timestamp: query.timestamp, data: query });
-  timeline.sort((a, b) => a.timestamp - b.timestamp);
-  return {
-    total: timeline.length,
-    timeline,
-    counts: {
-      fetches: fetches.length,
-      logs: logs.length,
-      errors: errors.length,
-      queries: queries.length
-    }
-  };
-}
-function createActivityHandler(services) {
-  return (req, res) => {
-    if (!requireGet(req, res)) return;
-    try {
-      const url = parseRequestUrl(req);
-      const requestId = url.searchParams.get("requestId");
-      const requestIds = url.searchParams.get("requestIds");
-      if (!requestId && !requestIds) {
-        sendJson(req, res, HTTP_BAD_REQUEST, { error: "requestId or requestIds parameter required" });
-        return;
+// src/utils/atomic-writer.ts
+import {
+  writeFileSync as writeFileSync3,
+  existsSync as existsSync3,
+  mkdirSync as mkdirSync3,
+  renameSync
+} from "fs";
+import { writeFile as writeFile2, mkdir, rename } from "fs/promises";
+var AtomicWriter;
+var init_atomic_writer = __esm({
+  "src/utils/atomic-writer.ts"() {
+    "use strict";
+    init_fs();
+    init_log();
+    init_type_guards();
+    AtomicWriter = class {
+      constructor(opts) {
+        this.opts = opts;
+        this.writing = false;
+        this.pendingContent = null;
+        this.tmpPath = opts.filePath + ".tmp";
       }
-      if (requestId) {
-        const result = buildTimeline(services, requestId);
-        sendJson(req, res, HTTP_OK, { requestId, ...result });
-        return;
+      writeSync(content) {
+        try {
+          this.ensureDir();
+          writeFileSync3(this.tmpPath, content);
+          renameSync(this.tmpPath, this.opts.filePath);
+        } catch (err) {
+          brakitWarn(`failed to save ${this.opts.label}: ${getErrorMessage(err)}`);
+        }
       }
-      const ids = (requestIds || "").split(",").filter(Boolean).slice(0, MAX_BATCH_IDS);
-      const activities = {};
-      for (const id of ids) {
-        activities[id] = buildTimeline(services, id);
+      async writeAsync(content) {
+        if (this.writing) {
+          this.pendingContent = content;
+          return;
+        }
+        this.writing = true;
+        try {
+          await this.ensureDirAsync();
+          await writeFile2(this.tmpPath, content);
+          await rename(this.tmpPath, this.opts.filePath);
+        } catch (err) {
+          brakitWarn(`failed to save ${this.opts.label}: ${getErrorMessage(err)}`);
+        } finally {
+          this.writing = false;
+          if (this.pendingContent !== null) {
+            const next = this.pendingContent;
+            this.pendingContent = null;
+            this.writeAsync(next).catch(() => {
+            });
+          }
+        }
       }
-      sendJson(req, res, HTTP_OK, { requestIds: ids, activities });
-    } catch (err) {
-      brakitDebug(`activity handler error: ${err}`);
-      if (!res.headersSent) {
-        sendJson(req, res, HTTP_INTERNAL_ERROR, { error: "Internal error" });
+      ensureDir() {
+        if (!existsSync3(this.opts.dir)) {
+          mkdirSync3(this.opts.dir, { recursive: true });
+          if (this.opts.gitignoreEntry) {
+            ensureGitignore(this.opts.dir, this.opts.gitignoreEntry);
+          }
+        }
       }
-    }
-  };
-}
-var MAX_BATCH_IDS;
-var init_activity = __esm({
-  "src/dashboard/api/activity.ts"() {
-    "use strict";
-    init_shared2();
-    init_labels();
-    init_log();
-    MAX_BATCH_IDS = 50;
-  }
-});
-// src/dashboard/api/index.ts
-var init_api = __esm({
-  "src/dashboard/api/index.ts"() {
-    "use strict";
-    init_handlers();
-    init_ingest();
-    init_metrics();
-    init_metrics_live();
-    init_activity();
+      async ensureDirAsync() {
+        if (!await fileExists(this.opts.dir)) {
+          await mkdir(this.opts.dir, { recursive: true });
+          if (this.opts.gitignoreEntry) {
+            await ensureGitignoreAsync(this.opts.dir, this.opts.gitignoreEntry);
+          }
+        }
+      }
+    };
   }
 });
-// src/dashboard/api/issues.ts
-function createIssuesHandler(issueStore) {
-  return (req, res) => {
-    if (!requireGet(req, res)) return;
-    const url = parseRequestUrl(req);
-    const stateParam = url.searchParams.get("state");
-    const categoryParam = url.searchParams.get("category");
-    let issues;
-    if (stateParam && isValidIssueState(stateParam)) {
-      issues = issueStore.getByState(stateParam);
-    } else if (categoryParam && isValidIssueCategory(categoryParam)) {
-      issues = issueStore.getByCategory(categoryParam);
-    } else {
-      issues = issueStore.getAll();
-    }
-    sendJson(req, res, HTTP_OK, { issues });
-  };
-}
-function createFindingsHandler(issueStore) {
-  return (req, res) => {
-    if (!requireGet(req, res)) return;
-    const url = parseRequestUrl(req);
-    const stateParam = url.searchParams.get("state");
-    let issues;
-    if (stateParam && isValidIssueState(stateParam)) {
-      issues = issueStore.getByState(stateParam);
-    } else {
-      issues = issueStore.getAll();
-    }
-    sendJson(req, res, HTTP_OK, {
-      total: issues.length,
-      findings: issues
-    });
-  };
-}
-function createIssuesReportHandler(issueStore, eventBus) {
-  return async (req, res) => {
-    if (req.method !== "POST") {
-      sendJson(req, res, HTTP_METHOD_NOT_ALLOWED, { error: "Method not allowed" });
-      return;
-    }
-    const body = await readJsonBody(req, res);
-    if (!body) return;
-    const { findingId, status, notes } = body;
-    if (!findingId || typeof findingId !== "string") {
-      sendJson(req, res, HTTP_BAD_REQUEST, { error: "findingId is required" });
-      return;
-    }
-    if (!isValidAiFixStatus(status)) {
-      sendJson(req, res, HTTP_BAD_REQUEST, { error: "status must be 'fixed' or 'wont_fix'" });
-      return;
-    }
-    if (!notes || typeof notes !== "string") {
-      sendJson(req, res, HTTP_BAD_REQUEST, { error: "notes is required" });
-      return;
-    }
-    if (issueStore.reportFix(findingId, status, notes)) {
-      eventBus.emit("issues:changed", issueStore.getAll());
-      sendJson(req, res, HTTP_OK, { ok: true });
-      return;
-    }
-    sendJson(req, res, HTTP_NOT_FOUND, { error: "Finding not found" });
-  };
+// src/utils/issue-id.ts
+import { createHash as createHash2 } from "crypto";
+function computeIssueId(issue) {
+  const stableDesc = issue.desc.replace(/\d[\d,.]*\s*\w*/g, "#");
+  const key = `${issue.rule}:${issue.endpoint ?? "global"}:${stableDesc}`;
+  return createHash2("sha256").update(key).digest("hex").slice(0, ISSUE_ID_HASH_LENGTH);
 }
-var init_issues = __esm({
-  "src/dashboard/api/issues.ts"() {
+var init_issue_id = __esm({
+  "src/utils/issue-id.ts"() {
     "use strict";
-    init_shared2();
-    init_type_guards();
-    init_labels();
+    init_config();
   }
 });
-// src/dashboard/api/graph.ts
-function createGraphHandler(services) {
-  return (req, res) => {
-    if (!requireGet(req, res)) return;
-    const url = parseRequestUrl(req);
-    const rawCluster = url.searchParams.get("cluster") ?? void 0;
-    const rawNode = url.searchParams.get("node") ?? void 0;
-    const rawLevel = url.searchParams.get("level") ?? void 0;
-    const rawGrouping = url.searchParams.get("grouping") ?? void 0;
-    const cluster = rawCluster && rawCluster.length <= MAX_PARAM_LENGTH ? rawCluster : void 0;
-    const node = rawNode && rawNode.length <= MAX_PARAM_LENGTH ? rawNode : void 0;
-    const level = rawLevel && VALID_LEVELS.has(rawLevel) ? rawLevel : void 0;
-    const grouping = rawGrouping && VALID_GROUPINGS.has(rawGrouping) ? rawGrouping : void 0;
-    const { graphBuilder, metricsStore } = services;
-    graphBuilder.enrichWithMetrics((endpointKey) => {
-      const metrics = metricsStore.getEndpoint(endpointKey);
-      if (!metrics || metrics.sessions.length === 0) return void 0;
-      const latest = metrics.sessions[metrics.sessions.length - 1];
-      return latest.p95DurationMs;
-    });
-    const data = graphBuilder.getApiResponse({ cluster, node, level, grouping });
-    sendJson(req, res, HTTP_OK, data);
-  };
-}
-var VALID_LEVELS, VALID_GROUPINGS, MAX_PARAM_LENGTH;
-var init_graph = __esm({
-  "src/dashboard/api/graph.ts"() {
-    "use strict";
-    init_labels();
-    init_shared2();
-    VALID_LEVELS = /* @__PURE__ */ new Set(["endpoints", "clusters"]);
-    VALID_GROUPINGS = /* @__PURE__ */ new Set(["path", "auth-boundary", "data-domain"]);
-    MAX_PARAM_LENGTH = 200;
-  }
-});
-// src/dashboard/sse.ts
-function createSSEHandler(services) {
-  const clients = /* @__PURE__ */ new Set();
-  function broadcast(eventType, data) {
-    if (clients.size === 0) return;
-    const frame = eventType ? `event: ${eventType}
-data: ${data}
-` : `data: ${data}
-`;
-    for (const client of clients) {
-      if (client.res.destroyed) {
-        clients.delete(client);
-        continue;
-      }
-      try {
-        client.res.write(frame);
-      } catch {
-        clients.delete(client);
-      }
-    }
-  }
-  const bus = services.bus;
-  bus.on("request:completed", (r) => broadcast(null, JSON.stringify(r)));
-  bus.on("telemetry:fetch", (e) => broadcast(SSE_EVENT_FETCH, JSON.stringify(e)));
-  bus.on("telemetry:log", (e) => broadcast(SSE_EVENT_LOG, JSON.stringify(e)));
-  bus.on("telemetry:error", (e) => broadcast(SSE_EVENT_ERROR, JSON.stringify(e)));
-  bus.on("telemetry:query", (e) => broadcast(SSE_EVENT_QUERY, JSON.stringify(e)));
-  bus.on("analysis:updated", ({ issues }) => {
-    broadcast(SSE_EVENT_ISSUES, JSON.stringify(issues));
-  });
-  bus.on("issues:changed", (issues) => {
-    broadcast(SSE_EVENT_ISSUES, JSON.stringify(issues));
-  });
-  return (req, res) => {
-    const headers2 = {
-      "content-type": "text/event-stream",
-      "cache-control": "no-cache",
-      connection: "keep-alive"
-    };
-    const corsOrigin = getCorsOrigin(req);
-    if (corsOrigin) {
-      headers2["access-control-allow-origin"] = corsOrigin;
-    }
-    res.writeHead(HTTP_OK, headers2);
-    res.write(":ok\n\n");
-    const heartbeat = setInterval(() => {
-      if (res.destroyed) {
-        clearInterval(heartbeat);
-        clients.delete(client);
-        return;
-      }
-      try {
-        res.write(":heartbeat\n\n");
-      } catch {
-        clearInterval(heartbeat);
-        clients.delete(client);
-      }
-    }, SSE_HEARTBEAT_INTERVAL_MS);
-    heartbeat.unref();
-    const client = { res, heartbeat };
-    clients.add(client);
-    req.on("close", () => {
-      clearInterval(heartbeat);
-      clients.delete(client);
-    });
-  };
-}
-var init_sse = __esm({
-  "src/dashboard/sse.ts"() {
-    "use strict";
-    init_constants();
-    init_labels();
-    init_shared2();
-  }
-});
-// src/utils/fs.ts
-import { access, readFile, writeFile } from "fs/promises";
-import { existsSync, readFileSync, writeFileSync } from "fs";
-import { createHash } from "crypto";
-import { homedir } from "os";
-import { resolve, join } from "path";
-function getProjectDataDir(projectRoot) {
-  const absolute = resolve(projectRoot);
-  const hash = createHash("sha256").update(absolute).digest("hex").slice(0, PROJECT_HASH_LENGTH);
-  return join(homedir(), ".brakit", "projects", hash);
-}
-async function fileExists(path) {
-  try {
-    await access(path);
-    return true;
-  } catch {
-    return false;
-  }
-}
-function ensureGitignore(dir, entry) {
-  try {
-    const gitignorePath = resolve(dir, "../.gitignore");
-    if (existsSync(gitignorePath)) {
-      const content = readFileSync(gitignorePath, "utf-8");
-      if (content.split("\n").some((l) => l.trim() === entry)) return;
-      writeFileSync(gitignorePath, content.trimEnd() + "\n" + entry + "\n");
-    } else {
-      writeFileSync(gitignorePath, entry + "\n");
-    }
-  } catch (err) {
-    brakitDebug(`ensureGitignore failed: ${getErrorMessage(err)}`);
-  }
-}
-async function ensureGitignoreAsync(dir, entry) {
-  try {
-    const gitignorePath = resolve(dir, "../.gitignore");
-    if (await fileExists(gitignorePath)) {
-      const content = await readFile(gitignorePath, "utf-8");
-      if (content.split("\n").some((l) => l.trim() === entry)) return;
-      await writeFile(gitignorePath, content.trimEnd() + "\n" + entry + "\n");
-    } else {
-      await writeFile(gitignorePath, entry + "\n");
-    }
-  } catch (err) {
-    brakitDebug(`ensureGitignoreAsync failed: ${getErrorMessage(err)}`);
-  }
-}
-var init_fs = __esm({
-  "src/utils/fs.ts"() {
-    "use strict";
-    init_config();
-    init_log();
-    init_type_guards();
-  }
-});
-// src/utils/atomic-writer.ts
-import {
-  writeFileSync as writeFileSync2,
-  existsSync as existsSync2,
-  mkdirSync as mkdirSync2,
-  renameSync
-} from "fs";
-import { writeFile as writeFile2, mkdir, rename } from "fs/promises";
-var AtomicWriter;
-var init_atomic_writer = __esm({
-  "src/utils/atomic-writer.ts"() {
-    "use strict";
-    init_fs();
-    init_log();
-    init_type_guards();
-    AtomicWriter = class {
-      constructor(opts) {
-        this.opts = opts;
-        this.writing = false;
-        this.pendingContent = null;
-        this.tmpPath = opts.filePath + ".tmp";
-      }
-      writeSync(content) {
-        try {
-          this.ensureDir();
-          writeFileSync2(this.tmpPath, content);
-          renameSync(this.tmpPath, this.opts.filePath);
-        } catch (err) {
-          brakitWarn(`failed to save ${this.opts.label}: ${getErrorMessage(err)}`);
-        }
-      }
-      async writeAsync(content) {
-        if (this.writing) {
-          this.pendingContent = content;
-          return;
-        }
-        this.writing = true;
-        try {
-          await this.ensureDirAsync();
-          await writeFile2(this.tmpPath, content);
-          await rename(this.tmpPath, this.opts.filePath);
-        } catch (err) {
-          brakitWarn(`failed to save ${this.opts.label}: ${getErrorMessage(err)}`);
-        } finally {
-          this.writing = false;
-          if (this.pendingContent !== null) {
-            const next = this.pendingContent;
-            this.pendingContent = null;
-            this.writeAsync(next).catch(() => {
-            });
-          }
-        }
-      }
-      ensureDir() {
-        if (!existsSync2(this.opts.dir)) {
-          mkdirSync2(this.opts.dir, { recursive: true });
-          if (this.opts.gitignoreEntry) {
-            ensureGitignore(this.opts.dir, this.opts.gitignoreEntry);
-          }
-        }
-      }
-      async ensureDirAsync() {
-        if (!await fileExists(this.opts.dir)) {
-          await mkdir(this.opts.dir, { recursive: true });
-          if (this.opts.gitignoreEntry) {
-            await ensureGitignoreAsync(this.opts.dir, this.opts.gitignoreEntry);
-          }
-        }
-      }
-    };
-  }
-});
-// src/utils/issue-id.ts
-import { createHash as createHash2 } from "crypto";
-function computeIssueId(issue) {
-  const stableDesc = issue.desc.replace(/\d[\d,.]*\s*\w*/g, "#");
-  const key = `${issue.rule}:${issue.endpoint ?? "global"}:${stableDesc}`;
-  return createHash2("sha256").update(key).digest("hex").slice(0, ISSUE_ID_HASH_LENGTH);
-}
-var init_issue_id = __esm({
-  "src/utils/issue-id.ts"() {
-    "use strict";
-    init_config();
-  }
-});
-// src/store/issue-store.ts
-import { readFile as readFile2 } from "fs/promises";
-import { readFileSync as readFileSync2, existsSync as existsSync3, unlinkSync } from "fs";
-import { resolve as resolve2 } from "path";
-var IssueStore;
-var init_issue_store = __esm({
-  "src/store/issue-store.ts"() {
+// src/store/issue-store.ts
+import { readFile as readFile2 } from "fs/promises";
+import { readFileSync as readFileSync3, existsSync as existsSync4, unlinkSync } from "fs";
+import { resolve as resolve2 } from "path";
+var IssueStore;
+var init_issue_store = __esm({
+  "src/store/issue-store.ts"() {
     "use strict";
     init_fs();
     init_config();
@@ -2658,7 +2422,7 @@ var init_issue_store = __esm({
         this.issues.clear();
         this.dirty = false;
         try {
-          if (existsSync3(this.issuesPath)) {
+          if (existsSync4(this.issuesPath)) {
             unlinkSync(this.issuesPath);
           }
         } catch {
@@ -2680,17 +2444,23 @@ var init_issue_store = __esm({
       /** Sync load for tests only — not used in production paths. */
       loadSync() {
         try {
-          if (existsSync3(this.issuesPath)) {
-            const raw = readFileSync2(this.issuesPath, "utf-8");
+          if (existsSync4(this.issuesPath)) {
+            const raw = readFileSync3(this.issuesPath, "utf-8");
             this.hydrate(raw);
           }
         } catch (err) {
           brakitDebug(`IssueStore: could not load issues file, starting fresh: ${err}`);
         }
       }
-      /** Parse and populate issues from a raw JSON string. */
       hydrate(raw) {
-        const validated = validateIssuesData(JSON.parse(raw));
+        let parsed;
+        try {
+          parsed = JSON.parse(raw);
+        } catch (err) {
+          brakitDebug(`IssueStore: corrupt JSON in issues file, starting fresh: ${err}`);
+          return;
+        }
+        const validated = validateIssuesData(parsed);
         if (!validated) return;
         for (const issue of validated.issues) {
           this.issues.set(issue.issueId, issue);
@@ -2703,8 +2473,12 @@ var init_issue_store = __esm({
       }
       flushSync() {
         if (!this.dirty) return;
-        this.writer.writeSync(this.serialize());
-        this.dirty = false;
+        try {
+          this.writer.writeSync(this.serialize());
+          this.dirty = false;
+        } catch (err) {
+          brakitDebug(`IssueStore: flush failed, will retry: ${err}`);
+        }
       }
       serialize() {
         const data = {
@@ -2719,19 +2493,26 @@ var init_issue_store = __esm({
 // src/detect/project.ts
 import { readFile as readFile3, readdir } from "fs/promises";
-import { existsSync as existsSync4 } from "fs";
-import { join as join2, relative } from "path";
+import { existsSync as existsSync5 } from "fs";
+import { join as join3, relative } from "path";
 function detectFrameworkFromDeps(allDeps) {
   for (const f of FRAMEWORKS) {
     if (allDeps[f.dep]) return f.name;
   }
   return "unknown";
 }
-function detectPackageManagerSync(rootDir) {
-  if (existsSync4(join2(rootDir, "bun.lockb")) || existsSync4(join2(rootDir, "bun.lock"))) return "bun";
-  if (existsSync4(join2(rootDir, "pnpm-lock.yaml"))) return "pnpm";
-  if (existsSync4(join2(rootDir, "yarn.lock"))) return "yarn";
-  if (existsSync4(join2(rootDir, "package-lock.json"))) return "npm";
+function detectConfigFiles(rootDir) {
+  const found = /* @__PURE__ */ new Set();
+  for (const [file, label] of Object.entries(KNOWN_CONFIG_FILES)) {
+    if (existsSync5(join3(rootDir, file))) found.add(label);
+  }
+  return [...found];
+}
+function detectPackageManager(rootDir) {
+  if (existsSync5(join3(rootDir, "bun.lockb")) || existsSync5(join3(rootDir, "bun.lock"))) return "bun";
+  if (existsSync5(join3(rootDir, "pnpm-lock.yaml"))) return "pnpm";
+  if (existsSync5(join3(rootDir, "yarn.lock"))) return "yarn";
+  if (existsSync5(join3(rootDir, "package-lock.json"))) return "npm";
   return "unknown";
 }
 var FRAMEWORKS;
@@ -2739,6 +2520,7 @@ var init_project = __esm({
   "src/detect/project.ts"() {
     "use strict";
     init_fs();
+    init_detection();
     FRAMEWORKS = [
       // Meta-frameworks first (they bundle Express/Vite internally)
       { name: "nextjs", dep: "next", devCmd: "next dev", bin: "next", defaultPort: 3e3, devArgs: ["dev", "--port"] },
@@ -3491,14 +3273,14 @@ var init_disposable = __esm({
     "use strict";
     SubscriptionBag = class {
       constructor() {
-        this.items = [];
+        this.items = /* @__PURE__ */ new Set();
       }
       add(teardown) {
-        this.items.push(typeof teardown === "function" ? { dispose: teardown } : teardown);
+        this.items.add(typeof teardown === "function" ? { dispose: teardown } : teardown);
       }
       dispose() {
         for (const d of this.items) d.dispose();
-        this.items.length = 0;
+        this.items.clear();
       }
     };
   }
@@ -4113,275 +3895,936 @@ var init_pattern_rules = __esm({
             hint: "Multiple components independently fetch the same endpoint. Lift the fetch to a parent component, use a data cache, or deduplicate with React Query / SWR."
           });
         }
-        return insights;
+        return insights;
+      }
+    };
+    crossEndpointRule = {
+      id: "cross-endpoint",
+      check(ctx) {
+        const insights = [];
+        const queryMap = /* @__PURE__ */ new Map();
+        const allEndpoints = /* @__PURE__ */ new Set();
+        for (const [reqId, reqQueries] of ctx.queriesByReq) {
+          const req = ctx.reqById.get(reqId);
+          if (!req) continue;
+          const endpoint = getEndpointKey(req.method, req.path);
+          allEndpoints.add(endpoint);
+          const seenInReq = /* @__PURE__ */ new Set();
+          for (const query of reqQueries) {
+            const shape = getQueryShape(query);
+            let entry = queryMap.get(shape);
+            if (!entry) {
+              entry = { endpoints: /* @__PURE__ */ new Set(), count: 0, first: query };
+              queryMap.set(shape, entry);
+            }
+            entry.count++;
+            if (!seenInReq.has(shape)) {
+              seenInReq.add(shape);
+              entry.endpoints.add(endpoint);
+            }
+          }
+        }
+        if (allEndpoints.size >= CROSS_ENDPOINT_MIN_ENDPOINTS) {
+          for (const [, queryMetric] of queryMap) {
+            if (queryMetric.count < CROSS_ENDPOINT_MIN_OCCURRENCES) continue;
+            if (queryMetric.endpoints.size < CROSS_ENDPOINT_MIN_ENDPOINTS) continue;
+            const coveragePct = Math.round(queryMetric.endpoints.size / allEndpoints.size * 100);
+            if (coveragePct < CROSS_ENDPOINT_PCT) continue;
+            const info = getQueryInfo(queryMetric.first);
+            const label = info.op + (info.table ? ` ${info.table}` : "");
+            insights.push({
+              severity: "warning",
+              type: "cross-endpoint",
+              title: "Repeated Query Across Endpoints",
+              desc: `${label} runs on ${queryMetric.endpoints.size} of ${allEndpoints.size} endpoints (${coveragePct}%).`,
+              hint: "This query runs on most of your endpoints. Load it once in middleware or cache the result to avoid redundant database calls.",
+              detail: `Endpoints: ${[...queryMetric.endpoints].slice(0, 5).join(", ")}${queryMetric.endpoints.size > 5 ? ` +${queryMetric.endpoints.size - 5} more` : ""}. Total: ${queryMetric.count} executions.`
+            });
+          }
+        }
+        return insights;
+      }
+    };
+  }
+});
+// src/analysis/insights/rules/security.ts
+var securityRule;
+var init_security = __esm({
+  "src/analysis/insights/rules/security.ts"() {
+    "use strict";
+    securityRule = {
+      id: "security",
+      check(ctx) {
+        if (!ctx.securityFindings) return [];
+        return ctx.securityFindings.map((finding) => ({
+          severity: finding.severity,
+          type: "security",
+          title: finding.title,
+          desc: finding.desc,
+          hint: finding.hint,
+          detail: finding.detail
+        }));
+      }
+    };
+  }
+});
+// src/analysis/insights/rules/index.ts
+var init_rules2 = __esm({
+  "src/analysis/insights/rules/index.ts"() {
+    "use strict";
+    init_query_rules();
+    init_response_rules();
+    init_reliability_rules();
+    init_pattern_rules();
+    init_security();
+  }
+});
+// src/analysis/insights/index.ts
+function createDefaultInsightRunner() {
+  const runner = new InsightRunner();
+  runner.register(n1Rule);
+  runner.register(crossEndpointRule);
+  runner.register(redundantQueryRule);
+  runner.register(errorRule);
+  runner.register(errorHotspotRule);
+  runner.register(duplicateRule);
+  runner.register(slowRule);
+  runner.register(queryHeavyRule);
+  runner.register(selectStarRule);
+  runner.register(highRowsRule);
+  runner.register(responseOverfetchRule);
+  runner.register(largeResponseRule);
+  runner.register(regressionRule);
+  runner.register(securityRule);
+  return runner;
+}
+function computeInsights(ctx) {
+  return createDefaultInsightRunner().run(ctx);
+}
+var init_insights = __esm({
+  "src/analysis/insights/index.ts"() {
+    "use strict";
+    init_runner();
+    init_runner();
+    init_rules2();
+  }
+});
+// src/analysis/insights.ts
+var init_insights2 = __esm({
+  "src/analysis/insights.ts"() {
+    "use strict";
+    init_insights();
+  }
+});
+// src/analysis/issue-mappers.ts
+function categorizeInsight(type) {
+  if (type === "security") return "security";
+  if (type === "error" || type === "error-hotspot") return "reliability";
+  return "performance";
+}
+function insightToIssue(insight) {
+  return {
+    category: categorizeInsight(insight.type),
+    rule: insight.type,
+    severity: insight.severity,
+    title: insight.title,
+    desc: insight.desc,
+    hint: insight.hint,
+    detail: insight.detail,
+    endpoint: extractEndpointFromDesc(insight.desc) ?? void 0
+  };
+}
+function securityFindingToIssue(finding) {
+  return {
+    category: "security",
+    rule: finding.rule,
+    severity: finding.severity,
+    title: finding.title,
+    desc: finding.desc,
+    hint: finding.hint,
+    detail: finding.detail,
+    endpoint: finding.endpoint
+  };
+}
+var init_issue_mappers = __esm({
+  "src/analysis/issue-mappers.ts"() {
+    "use strict";
+    init_endpoint();
+  }
+});
+// src/analysis/engine.ts
+var AnalysisEngine;
+var init_engine = __esm({
+  "src/analysis/engine.ts"() {
+    "use strict";
+    init_config();
+    init_disposable();
+    init_group();
+    init_rules();
+    init_insights2();
+    init_issue_mappers();
+    init_issue_id();
+    init_prepare();
+    AnalysisEngine = class {
+      constructor(services, debounceMs = ANALYSIS_DEBOUNCE_MS) {
+        this.services = services;
+        this.debounceMs = debounceMs;
+        this.cachedInsights = [];
+        this.cachedFindings = [];
+        this.debounceTimer = null;
+        this.subs = new SubscriptionBag();
+        this.scanner = createDefaultScanner();
+      }
+      start() {
+        const bus = this.services.bus;
+        this.subs.add(bus.on("request:completed", () => this.scheduleRecompute()));
+        this.subs.add(bus.on("telemetry:query", () => this.scheduleRecompute()));
+        this.subs.add(bus.on("telemetry:error", () => this.scheduleRecompute()));
+        this.subs.add(bus.on("telemetry:log", () => this.scheduleRecompute()));
+      }
+      stop() {
+        this.subs.dispose();
+        if (this.debounceTimer) {
+          clearTimeout(this.debounceTimer);
+          this.debounceTimer = null;
+        }
+      }
+      getInsights() {
+        return this.cachedInsights;
+      }
+      getFindings() {
+        return this.cachedFindings;
+      }
+      scheduleRecompute() {
+        if (this.debounceTimer) return;
+        this.debounceTimer = setTimeout(() => {
+          this.debounceTimer = null;
+          this.recompute();
+        }, this.debounceMs);
+      }
+      recompute() {
+        const allRequests = this.services.requestStore.getAll();
+        const queries = this.services.queryStore.getAll();
+        const errors = this.services.errorStore.getAll();
+        const logs = this.services.logStore.getAll();
+        const fetches = this.services.fetchStore.getAll();
+        const requests = keepRecentPerEndpoint(allRequests);
+        const flows = groupRequestsIntoFlows(requests);
+        this.cachedFindings = this.scanner.scan({ requests, logs });
+        this.cachedInsights = computeInsights({
+          requests,
+          queries,
+          errors,
+          flows,
+          fetches,
+          previousMetrics: this.services.metricsStore.getAll(),
+          securityFindings: this.cachedFindings
+        });
+        const issueStore = this.services.issueStore;
+        const currentIssueIds = /* @__PURE__ */ new Set();
+        for (const finding of this.cachedFindings) {
+          const issue = securityFindingToIssue(finding);
+          issueStore.upsert(issue, "passive");
+          currentIssueIds.add(computeIssueId(issue));
+        }
+        for (const insight of this.cachedInsights) {
+          const issue = insightToIssue(insight);
+          issueStore.upsert(issue, "passive");
+          currentIssueIds.add(computeIssueId(issue));
+        }
+        const activeEndpoints = extractActiveEndpoints(allRequests);
+        issueStore.reconcile(currentIssueIds, activeEndpoints);
+        const update = {
+          insights: this.cachedInsights,
+          findings: this.cachedFindings,
+          issues: issueStore.getAll()
+        };
+        this.services.bus.emit("analysis:updated", update);
+      }
+    };
+  }
+});
+// src/index.ts
+var VERSION;
+var init_src = __esm({
+  "src/index.ts"() {
+    "use strict";
+    init_issue_store();
+    init_project();
+    init_adapter_registry();
+    init_rules();
+    init_engine();
+    init_insights2();
+    init_insights();
+    VERSION = "0.10.2";
+  }
+});
+// src/telemetry/transport.ts
+import { platform as platform2, release, arch } from "os";
+import { spawn } from "child_process";
+function commonProperties() {
+  return {
+    brakit_version: VERSION,
+    node_version: process.version,
+    os: `${platform2()}-${release()}`,
+    arch: arch(),
+    $lib: "brakit",
+    $process_person_profile: false,
+    $geoip_disable: true
+  };
+}
+function sendToPosthog(event, properties) {
+  if (!isTelemetryEnabled() || !POSTHOG_KEY) return;
+  const config = getOrCreateConfig();
+  const payload = {
+    api_key: POSTHOG_KEY,
+    event,
+    distinct_id: config.anonymousId,
+    timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+    properties: { ...commonProperties(), ...properties }
+  };
+  try {
+    const serializedPayload = JSON.stringify(payload);
+    const url = `${POSTHOG_HOST}${POSTHOG_CAPTURE_PATH}`;
+    const child = spawn(
+      process.execPath,
+      [
+        "-e",
+        `fetch(${JSON.stringify(url)},{method:"POST",headers:{"content-type":"application/json"},body:${JSON.stringify(serializedPayload)},signal:AbortSignal.timeout(${POSTHOG_REQUEST_TIMEOUT_MS})}).catch(()=>{})`
+      ],
+      { detached: true, stdio: "ignore" }
+    );
+    child.unref();
+  } catch (err) {
+    brakitDebug(`telemetry send failed: ${err}`);
+  }
+}
+function trackEvent(event, properties) {
+  sendToPosthog(event, { sdk: TELEMETRY_SDK_NAME, ...properties });
+}
+var POSTHOG_KEY;
+var init_transport = __esm({
+  "src/telemetry/transport.ts"() {
+    "use strict";
+    init_src();
+    init_telemetry();
+    init_config2();
+    init_log();
+    POSTHOG_KEY = "phc_E9TwydCGnSfPLIUhNxChpeg32TSowjk31KiPhnLPP0x";
+  }
+});
+// src/telemetry/session.ts
+function speedBucket(ms) {
+  if (ms === 0) return "none";
+  const t = SPEED_BUCKET_THRESHOLDS;
+  if (ms < t[0]) return `<${t[0]}ms`;
+  for (let i = 1; i < t.length; i++) {
+    if (ms < t[i]) return `${t[i - 1]}-${t[i]}ms`;
+  }
+  return `>${t[t.length - 1]}ms`;
+}
+var defaultTransport, Session;
+var init_session = __esm({
+  "src/telemetry/session.ts"() {
+    "use strict";
+    init_telemetry();
+    init_config2();
+    init_transport();
+    defaultTransport = { send: sendToPosthog, track: trackEvent };
+    Session = class {
+      constructor(transport = defaultTransport) {
+        // ── Setup phase ──
+        this.startTime = 0;
+        this.framework = "unknown";
+        this.packageManager = "";
+        this.isCustomCommand = false;
+        this.adapters = [];
+        this.setupDurationMs = 0;
+        this.setupSucceeded = false;
+        // ── Detection ──
+        this.detectedDependencies = [];
+        this.adaptersFailed = [];
+        this.configFilesDetected = [];
+        this.jsRuntime = "node";
+        this.loadedPackages = [];
+        // ── Python SDK ──
+        this.pythonConnected = false;
+        this.pythonFramework = "unknown";
+        this.pythonAdapters = [];
+        this.pythonVersion = "";
+        // ── Runtime accumulation ──
+        this.requestCount = 0;
+        this.insightTypes = /* @__PURE__ */ new Set();
+        this.rulesTriggered = /* @__PURE__ */ new Set();
+        this.tabsViewed = /* @__PURE__ */ new Set();
+        this.dashboardOpened = false;
+        this.explainUsed = false;
+        this.firstRequestAt = 0;
+        this.dashboardOpenedAt = 0;
+        this.exitReason = "unknown";
+        this.transport = transport;
+      }
+      // ── Setup phase ──
+      init(framework, packageManager, isCustomCommand, adapters) {
+        getOrCreateConfig();
+        this.startTime = Date.now();
+        this.framework = framework;
+        this.packageManager = packageManager;
+        this.isCustomCommand = isCustomCommand;
+        this.adapters = adapters;
+      }
+      recordSetup(detection, durationMs) {
+        this.detectedDependencies = detection.detectedDependencies;
+        this.adaptersFailed = detection.adaptersFailed;
+        this.configFilesDetected = detection.configFilesDetected;
+        this.jsRuntime = detection.jsRuntime;
+        this.setupDurationMs = durationMs;
+        this.setupSucceeded = true;
+      }
+      // ── Runtime events ──
+      recordFirstRequest(loadedPackages) {
+        if (!this.firstRequestAt) this.firstRequestAt = Date.now();
+        this.loadedPackages = loadedPackages;
+      }
+      recordPythonStack(info) {
+        this.pythonConnected = true;
+        this.pythonFramework = info.framework;
+        this.pythonAdapters = info.adapters;
+        this.pythonVersion = info.pythonVersion;
+      }
+      recordDashboardOpened() {
+        if (this.dashboardOpened) return;
+        this.dashboardOpened = true;
+        this.dashboardOpenedAt = Date.now();
+        this.transport.track(TELEMETRY_EVENT_DASHBOARD_VIEWED, {
+          time_to_dashboard_ms: this.startTime > 0 ? Date.now() - this.startTime : null,
+          request_count_at_open: this.requestCount
+        });
+      }
+      recordTabViewed(tab) {
+        this.tabsViewed.add(tab);
+      }
+      recordExplainUsed() {
+        this.explainUsed = true;
+      }
+      recordExitReason(reason) {
+        if (this.exitReason === "unknown") this.exitReason = reason;
+      }
+      // ── Pre-flush snapshot from services ──
+      recordCounts(requestCount, insightTypes, rulesTriggered) {
+        this.requestCount = requestCount;
+        for (const t of insightTypes) this.insightTypes.add(t);
+        for (const r of rulesTriggered) this.rulesTriggered.add(r);
+      }
+      // ── Serialization ──
+      /** Build the full PostHog session payload. Single source of truth for all fields. */
+      toPostHogPayload(services) {
+        const metricsStore = services.metricsStore;
+        const analysisEngine = services.analysisEngine;
+        const live = metricsStore.getLiveEndpoints();
+        const insights = analysisEngine.getInsights();
+        const findings = analysisEngine.getFindings();
+        let totalRequests = 0;
+        let totalDuration = 0;
+        let slowestP95 = 0;
+        for (const ep of live) {
+          totalRequests += ep.summary.totalRequests;
+          totalDuration += ep.summary.p95Ms * ep.summary.totalRequests;
+          if (ep.summary.p95Ms > slowestP95) slowestP95 = ep.summary.p95Ms;
+        }
+        const now = Date.now();
+        return {
+          sdk: TELEMETRY_SDK_NAME,
+          // Stack detection
+          framework: this.framework,
+          package_manager: this.packageManager,
+          js_runtime: this.jsRuntime,
+          framework_detection_candidates: this.detectedDependencies,
+          config_files_detected: this.configFilesDetected,
+          loaded_packages: this.loadedPackages,
+          loaded_package_count: this.loadedPackages.length,
+          adapters_detected: this.adapters,
+          adapters_failed: this.adaptersFailed,
+          // Python SDK
+          python_connected: this.pythonConnected,
+          python_framework: this.pythonFramework,
+          python_adapters: this.pythonAdapters,
+          python_version: this.pythonVersion,
+          // Session metadata
+          is_custom_command: this.isCustomCommand,
+          first_session: readConfig() === null,
+          setup_succeeded: this.setupSucceeded,
+          setup_duration_ms: this.setupDurationMs,
+          session_duration_s: Math.ceil((now - this.startTime) / 1e3),
+          session_duration_ms: now - this.startTime,
+          exit_reason: this.exitReason,
+          // Usage
+          request_count: this.requestCount,
+          error_count: services.errorStore.getAll().length,
+          query_count: services.queryStore.getAll().length,
+          fetch_count: services.fetchStore.getAll().length,
+          endpoint_count: live.length,
+          avg_duration_ms: totalRequests > 0 ? Math.round(totalDuration / totalRequests) : 0,
+          slowest_endpoint_bucket: speedBucket(slowestP95),
+          // Analysis
+          insight_count: insights.length,
+          finding_count: findings.length,
+          insight_types: [...this.insightTypes],
+          rules_triggered: [...this.rulesTriggered],
+          // Dashboard engagement
+          tabs_viewed: [...this.tabsViewed],
+          dashboard_opened: this.dashboardOpened,
+          explain_used: this.explainUsed,
+          // Timing
+          time_to_first_request_ms: this.firstRequestAt ? this.firstRequestAt - this.startTime : null,
+          time_to_dashboard_ms: this.dashboardOpenedAt ? this.dashboardOpenedAt - this.startTime : null
+        };
+      }
+      flush(services) {
+        this.transport.send(TELEMETRY_EVENT_SESSION, this.toPostHogPayload(services));
+        getOrCreateConfig();
       }
     };
-    crossEndpointRule = {
-      id: "cross-endpoint",
-      check(ctx) {
-        const insights = [];
-        const queryMap = /* @__PURE__ */ new Map();
-        const allEndpoints = /* @__PURE__ */ new Set();
-        for (const [reqId, reqQueries] of ctx.queriesByReq) {
-          const req = ctx.reqById.get(reqId);
-          if (!req) continue;
-          const endpoint = getEndpointKey(req.method, req.path);
-          allEndpoints.add(endpoint);
-          const seenInReq = /* @__PURE__ */ new Set();
-          for (const query of reqQueries) {
-            const shape = getQueryShape(query);
-            let entry = queryMap.get(shape);
-            if (!entry) {
-              entry = { endpoints: /* @__PURE__ */ new Set(), count: 0, first: query };
-              queryMap.set(shape, entry);
-            }
-            entry.count++;
-            if (!seenInReq.has(shape)) {
-              seenInReq.add(shape);
-              entry.endpoints.add(endpoint);
+  }
+});
+// src/telemetry/index.ts
+function recordGraphFeature(feature, detail) {
+  trackEvent(TELEMETRY_EVENT_GRAPH_FEATURE, {
+    feature,
+    ...detail ? { detail } : {}
+  });
+}
+function flushSession(services) {
+  if (!isTelemetryEnabled()) return;
+  session.flush(services);
+}
+var session;
+var init_telemetry2 = __esm({
+  "src/telemetry/index.ts"() {
+    "use strict";
+    init_config2();
+    init_transport();
+    init_session();
+    init_session();
+    init_telemetry();
+    init_config2();
+    init_transport();
+    session = new Session();
+  }
+});
+// src/dashboard/api/ingest.ts
+function isBrakitBatch(msg) {
+  return typeof msg === "object" && msg !== null && "_brakit" in msg && msg._brakit === true && !("version" in msg);
+}
+function isSDKPayload(msg) {
+  return typeof msg === "object" && msg !== null && "_brakit" in msg && "version" in msg && typeof msg.version === "number";
+}
+function createIngestHandler(services) {
+  const routeEvent = (event) => {
+    switch (event.type) {
+      case TIMELINE_FETCH:
+        bus.emit("telemetry:fetch", event.data);
+        break;
+      case TIMELINE_LOG:
+        bus.emit("telemetry:log", event.data);
+        break;
+      case TIMELINE_ERROR:
+        bus.emit("telemetry:error", event.data);
+        break;
+      case TIMELINE_QUERY:
+        bus.emit("telemetry:query", event.data);
+        break;
+    }
+  };
+  const { bus, requestStore } = services;
+  const stores = {
+    addQuery: (data) => bus.emit("telemetry:query", data),
+    addFetch: (data) => bus.emit("telemetry:fetch", data),
+    addLog: (data) => bus.emit("telemetry:log", data),
+    addError: (data) => bus.emit("telemetry:error", data),
+    addRequest: (data) => requestStore.add(data)
+  };
+  return (req, res) => {
+    if (req.method !== "POST") {
+      sendJson(req, res, HTTP_METHOD_NOT_ALLOWED, { error: "Method not allowed" });
+      return;
+    }
+    const chunks = [];
+    let totalSize = 0;
+    req.on("data", (chunk) => {
+      totalSize += chunk.length;
+      if (totalSize > MAX_INGEST_BYTES) {
+        sendJson(req, res, HTTP_PAYLOAD_TOO_LARGE, { error: "Payload too large" });
+        req.destroy();
+        return;
+      }
+      chunks.push(chunk);
+    });
+    req.on("end", () => {
+      if (res.headersSent) return;
+      try {
+        const body = JSON.parse(Buffer.concat(chunks).toString());
+        if (isSDKPayload(body)) {
+          for (const event of body.events) {
+            if (event.type === SDK_EVENT_HELLO) {
+              const d = event.data;
+              session.recordPythonStack({
+                framework: String(d.framework ?? "unknown"),
+                adapters: Array.isArray(d.adapters) ? d.adapters.map(String) : [],
+                pythonVersion: String(d.pythonVersion ?? "unknown")
+              });
+              continue;
             }
+            routeSDKEvent(event, stores);
           }
+          res.writeHead(HTTP_NO_CONTENT);
+          res.end();
+          return;
         }
-        if (allEndpoints.size >= CROSS_ENDPOINT_MIN_ENDPOINTS) {
-          for (const [, queryMetric] of queryMap) {
-            if (queryMetric.count < CROSS_ENDPOINT_MIN_OCCURRENCES) continue;
-            if (queryMetric.endpoints.size < CROSS_ENDPOINT_MIN_ENDPOINTS) continue;
-            const coveragePct = Math.round(queryMetric.endpoints.size / allEndpoints.size * 100);
-            if (coveragePct < CROSS_ENDPOINT_PCT) continue;
-            const info = getQueryInfo(queryMetric.first);
-            const label = info.op + (info.table ? ` ${info.table}` : "");
-            insights.push({
-              severity: "warning",
-              type: "cross-endpoint",
-              title: "Repeated Query Across Endpoints",
-              desc: `${label} runs on ${queryMetric.endpoints.size} of ${allEndpoints.size} endpoints (${coveragePct}%).`,
-              hint: "This query runs on most of your endpoints. Load it once in middleware or cache the result to avoid redundant database calls.",
-              detail: `Endpoints: ${[...queryMetric.endpoints].slice(0, 5).join(", ")}${queryMetric.endpoints.size > 5 ? ` +${queryMetric.endpoints.size - 5} more` : ""}. Total: ${queryMetric.count} executions.`
-            });
+        if (isBrakitBatch(body)) {
+          for (const event of body.events) {
+            routeEvent(event);
           }
+          res.writeHead(HTTP_NO_CONTENT);
+          res.end();
+          return;
         }
-        return insights;
+        sendJson(req, res, HTTP_BAD_REQUEST, { error: "Invalid batch" });
+      } catch {
+        sendJson(req, res, HTTP_BAD_REQUEST, { error: "Invalid JSON" });
       }
-    };
+    });
+    req.on("error", () => {
+      if (!res.headersSent) {
+        res.writeHead(HTTP_BAD_REQUEST);
+        res.end();
+      }
+    });
+  };
+}
+var init_ingest = __esm({
+  "src/dashboard/api/ingest.ts"() {
+    "use strict";
+    init_config();
+    init_labels();
+    init_shared2();
+    init_sdk_event_parser();
+    init_labels();
+    init_telemetry2();
   }
 });
-// src/analysis/insights/rules/security.ts
-var securityRule;
-var init_security = __esm({
-  "src/analysis/insights/rules/security.ts"() {
+// src/dashboard/api/metrics.ts
+function createMetricsHandler(metricsStore) {
+  return (req, res) => {
+    if (!requireGet(req, res)) return;
+    const url = parseRequestUrl(req);
+    const endpoint = url.searchParams.get("endpoint");
+    if (endpoint) {
+      const ep = metricsStore.getEndpoint(endpoint);
+      sendJson(req, res, HTTP_OK, { endpoints: ep ? [ep] : [] });
+      return;
+    }
+    sendJson(req, res, HTTP_OK, { endpoints: metricsStore.getAll() });
+  };
+}
+var init_metrics = __esm({
+  "src/dashboard/api/metrics.ts"() {
     "use strict";
-    securityRule = {
-      id: "security",
-      check(ctx) {
-        if (!ctx.securityFindings) return [];
-        return ctx.securityFindings.map((finding) => ({
-          severity: finding.severity,
-          type: "security",
-          title: finding.title,
-          desc: finding.desc,
-          hint: finding.hint,
-          detail: finding.detail
-        }));
-      }
-    };
+    init_shared2();
+    init_labels();
   }
 });
-// src/analysis/insights/rules/index.ts
-var init_rules2 = __esm({
-  "src/analysis/insights/rules/index.ts"() {
+// src/dashboard/api/metrics-live.ts
+function createLiveMetricsHandler(metricsStore) {
+  return (req, res) => {
+    if (!requireGet(req, res)) return;
+    sendJson(req, res, 200, { endpoints: metricsStore.getLiveEndpoints() });
+  };
+}
+var init_metrics_live = __esm({
+  "src/dashboard/api/metrics-live.ts"() {
     "use strict";
-    init_query_rules();
-    init_response_rules();
-    init_reliability_rules();
-    init_pattern_rules();
-    init_security();
+    init_shared2();
   }
 });
-// src/analysis/insights/index.ts
-function createDefaultInsightRunner() {
-  const runner = new InsightRunner();
-  runner.register(n1Rule);
-  runner.register(crossEndpointRule);
-  runner.register(redundantQueryRule);
-  runner.register(errorRule);
-  runner.register(errorHotspotRule);
-  runner.register(duplicateRule);
-  runner.register(slowRule);
-  runner.register(queryHeavyRule);
-  runner.register(selectStarRule);
-  runner.register(highRowsRule);
-  runner.register(responseOverfetchRule);
-  runner.register(largeResponseRule);
-  runner.register(regressionRule);
-  runner.register(securityRule);
-  return runner;
+// src/dashboard/api/activity.ts
+function buildTimeline(services, requestId) {
+  const fetches = services.fetchStore.getByRequest(requestId);
+  const logs = services.logStore.getByRequest(requestId);
+  const errors = services.errorStore.getByRequest(requestId);
+  const queries = services.queryStore.getByRequest(requestId);
+  const timeline = [];
+  for (const fetch of fetches)
+    timeline.push({ type: TIMELINE_FETCH, timestamp: fetch.timestamp, data: fetch });
+  for (const log of logs)
+    timeline.push({ type: TIMELINE_LOG, timestamp: log.timestamp, data: log });
+  for (const error of errors)
+    timeline.push({ type: TIMELINE_ERROR, timestamp: error.timestamp, data: error });
+  for (const query of queries)
+    timeline.push({ type: TIMELINE_QUERY, timestamp: query.timestamp, data: query });
+  timeline.sort((a, b) => a.timestamp - b.timestamp);
+  return {
+    total: timeline.length,
+    timeline,
+    counts: {
+      fetches: fetches.length,
+      logs: logs.length,
+      errors: errors.length,
+      queries: queries.length
+    }
+  };
 }
-function computeInsights(ctx) {
-  return createDefaultInsightRunner().run(ctx);
+function createActivityHandler(services) {
+  return (req, res) => {
+    if (!requireGet(req, res)) return;
+    try {
+      const url = parseRequestUrl(req);
+      const requestId = url.searchParams.get("requestId");
+      const requestIds = url.searchParams.get("requestIds");
+      if (!requestId && !requestIds) {
+        sendJson(req, res, HTTP_BAD_REQUEST, { error: "requestId or requestIds parameter required" });
+        return;
+      }
+      if (requestId) {
+        const result = buildTimeline(services, requestId);
+        sendJson(req, res, HTTP_OK, { requestId, ...result });
+        return;
+      }
+      const ids = (requestIds || "").split(",").filter(Boolean).slice(0, MAX_BATCH_IDS);
+      const activities = {};
+      for (const id of ids) {
+        activities[id] = buildTimeline(services, id);
+      }
+      sendJson(req, res, HTTP_OK, { requestIds: ids, activities });
+    } catch (err) {
+      brakitDebug(`activity handler error: ${err}`);
+      if (!res.headersSent) {
+        sendJson(req, res, HTTP_INTERNAL_ERROR, { error: "Internal error" });
+      }
+    }
+  };
 }
-var init_insights = __esm({
-  "src/analysis/insights/index.ts"() {
+var MAX_BATCH_IDS;
+var init_activity = __esm({
+  "src/dashboard/api/activity.ts"() {
     "use strict";
-    init_runner();
-    init_runner();
-    init_rules2();
+    init_shared2();
+    init_labels();
+    init_log();
+    MAX_BATCH_IDS = 50;
   }
 });
-// src/analysis/insights.ts
-var init_insights2 = __esm({
-  "src/analysis/insights.ts"() {
+// src/dashboard/api/index.ts
+var init_api = __esm({
+  "src/dashboard/api/index.ts"() {
     "use strict";
-    init_insights();
+    init_handlers();
+    init_ingest();
+    init_metrics();
+    init_metrics_live();
+    init_activity();
   }
 });
-// src/analysis/issue-mappers.ts
-function categorizeInsight(type) {
-  if (type === "security") return "security";
-  if (type === "error" || type === "error-hotspot") return "reliability";
-  return "performance";
+// src/dashboard/api/issues.ts
+function createIssuesHandler(issueStore) {
+  return (req, res) => {
+    if (!requireGet(req, res)) return;
+    const url = parseRequestUrl(req);
+    const stateParam = url.searchParams.get("state");
+    const categoryParam = url.searchParams.get("category");
+    let issues;
+    if (stateParam && isValidIssueState(stateParam)) {
+      issues = issueStore.getByState(stateParam);
+    } else if (categoryParam && isValidIssueCategory(categoryParam)) {
+      issues = issueStore.getByCategory(categoryParam);
+    } else {
+      issues = issueStore.getAll();
+    }
+    sendJson(req, res, HTTP_OK, { issues });
+  };
 }
-function insightToIssue(insight) {
-  return {
-    category: categorizeInsight(insight.type),
-    rule: insight.type,
-    severity: insight.severity,
-    title: insight.title,
-    desc: insight.desc,
-    hint: insight.hint,
-    detail: insight.detail,
-    endpoint: extractEndpointFromDesc(insight.desc) ?? void 0
+function createFindingsHandler(issueStore) {
+  return (req, res) => {
+    if (!requireGet(req, res)) return;
+    const url = parseRequestUrl(req);
+    const stateParam = url.searchParams.get("state");
+    let issues;
+    if (stateParam && isValidIssueState(stateParam)) {
+      issues = issueStore.getByState(stateParam);
+    } else {
+      issues = issueStore.getAll();
+    }
+    sendJson(req, res, HTTP_OK, {
+      total: issues.length,
+      findings: issues
+    });
   };
 }
-function securityFindingToIssue(finding) {
-  return {
-    category: "security",
-    rule: finding.rule,
-    severity: finding.severity,
-    title: finding.title,
-    desc: finding.desc,
-    hint: finding.hint,
-    detail: finding.detail,
-    endpoint: finding.endpoint
+function createIssuesReportHandler(issueStore, eventBus) {
+  return async (req, res) => {
+    if (req.method !== "POST") {
+      sendJson(req, res, HTTP_METHOD_NOT_ALLOWED, { error: "Method not allowed" });
+      return;
+    }
+    const body = await readJsonBody(req, res);
+    if (!body) return;
+    const { findingId, status, notes } = body;
+    if (!findingId || typeof findingId !== "string") {
+      sendJson(req, res, HTTP_BAD_REQUEST, { error: "findingId is required" });
+      return;
+    }
+    if (!isValidAiFixStatus(status)) {
+      sendJson(req, res, HTTP_BAD_REQUEST, { error: "status must be 'fixed' or 'wont_fix'" });
+      return;
+    }
+    if (!notes || typeof notes !== "string") {
+      sendJson(req, res, HTTP_BAD_REQUEST, { error: "notes is required" });
+      return;
+    }
+    if (issueStore.reportFix(findingId, status, notes)) {
+      eventBus.emit("issues:changed", issueStore.getAll());
+      sendJson(req, res, HTTP_OK, { ok: true });
+      return;
+    }
+    sendJson(req, res, HTTP_NOT_FOUND, { error: "Finding not found" });
   };
 }
-var init_issue_mappers = __esm({
-  "src/analysis/issue-mappers.ts"() {
+var init_issues = __esm({
+  "src/dashboard/api/issues.ts"() {
     "use strict";
-    init_endpoint();
+    init_shared2();
+    init_type_guards();
+    init_labels();
   }
 });
-// src/analysis/engine.ts
-var AnalysisEngine;
-var init_engine = __esm({
-  "src/analysis/engine.ts"() {
-    "use strict";
-    init_config();
-    init_disposable();
-    init_group();
-    init_rules();
-    init_insights2();
-    init_issue_mappers();
-    init_issue_id();
-    init_prepare();
-    AnalysisEngine = class {
-      constructor(services, debounceMs = ANALYSIS_DEBOUNCE_MS) {
-        this.services = services;
-        this.debounceMs = debounceMs;
-        this.cachedInsights = [];
-        this.cachedFindings = [];
-        this.debounceTimer = null;
-        this.subs = new SubscriptionBag();
-        this.scanner = createDefaultScanner();
-      }
-      start() {
-        const bus = this.services.bus;
-        this.subs.add(bus.on("request:completed", () => this.scheduleRecompute()));
-        this.subs.add(bus.on("telemetry:query", () => this.scheduleRecompute()));
-        this.subs.add(bus.on("telemetry:error", () => this.scheduleRecompute()));
-        this.subs.add(bus.on("telemetry:log", () => this.scheduleRecompute()));
-      }
-      stop() {
-        this.subs.dispose();
-        if (this.debounceTimer) {
-          clearTimeout(this.debounceTimer);
-          this.debounceTimer = null;
-        }
-      }
-      getInsights() {
-        return this.cachedInsights;
-      }
-      getFindings() {
-        return this.cachedFindings;
-      }
-      scheduleRecompute() {
-        if (this.debounceTimer) return;
-        this.debounceTimer = setTimeout(() => {
-          this.debounceTimer = null;
-          this.recompute();
-        }, this.debounceMs);
-      }
-      recompute() {
-        const allRequests = this.services.requestStore.getAll();
-        const queries = this.services.queryStore.getAll();
-        const errors = this.services.errorStore.getAll();
-        const logs = this.services.logStore.getAll();
-        const fetches = this.services.fetchStore.getAll();
-        const requests = keepRecentPerEndpoint(allRequests);
-        const flows = groupRequestsIntoFlows(requests);
-        this.cachedFindings = this.scanner.scan({ requests, logs });
-        this.cachedInsights = computeInsights({
-          requests,
-          queries,
-          errors,
-          flows,
-          fetches,
-          previousMetrics: this.services.metricsStore.getAll(),
-          securityFindings: this.cachedFindings
-        });
-        const issueStore = this.services.issueStore;
-        const currentIssueIds = /* @__PURE__ */ new Set();
-        for (const finding of this.cachedFindings) {
-          const issue = securityFindingToIssue(finding);
-          issueStore.upsert(issue, "passive");
-          currentIssueIds.add(computeIssueId(issue));
-        }
-        for (const insight of this.cachedInsights) {
-          const issue = insightToIssue(insight);
-          issueStore.upsert(issue, "passive");
-          currentIssueIds.add(computeIssueId(issue));
-        }
-        const activeEndpoints = extractActiveEndpoints(allRequests);
-        issueStore.reconcile(currentIssueIds, activeEndpoints);
-        const update = {
-          insights: this.cachedInsights,
-          findings: this.cachedFindings,
-          issues: issueStore.getAll()
-        };
-        this.services.bus.emit("analysis:updated", update);
-      }
-    };
+// src/dashboard/api/graph.ts
+function createGraphHandler(services) {
+  return (req, res) => {
+    if (!requireGet(req, res)) return;
+    const url = parseRequestUrl(req);
+    const rawCluster = url.searchParams.get("cluster") ?? void 0;
+    const rawNode = url.searchParams.get("node") ?? void 0;
+    const rawLevel = url.searchParams.get("level") ?? void 0;
+    const rawGrouping = url.searchParams.get("grouping") ?? void 0;
+    const cluster = rawCluster && rawCluster.length <= MAX_PARAM_LENGTH ? rawCluster : void 0;
+    const node = rawNode && rawNode.length <= MAX_PARAM_LENGTH ? rawNode : void 0;
+    const level = rawLevel && VALID_LEVELS.has(rawLevel) ? rawLevel : void 0;
+    const grouping = rawGrouping && VALID_GROUPINGS.has(rawGrouping) ? rawGrouping : void 0;
+    const { graphBuilder, metricsStore } = services;
+    graphBuilder.enrichWithMetrics((endpointKey) => {
+      const metrics = metricsStore.getEndpoint(endpointKey);
+      if (!metrics || metrics.sessions.length === 0) return void 0;
+      const latest = metrics.sessions[metrics.sessions.length - 1];
+      return latest.p95DurationMs;
+    });
+    const data = graphBuilder.getApiResponse({ cluster, node, level, grouping });
+    sendJson(req, res, HTTP_OK, data);
+  };
+}
+var VALID_LEVELS, VALID_GROUPINGS, MAX_PARAM_LENGTH;
+var init_graph = __esm({
+  "src/dashboard/api/graph.ts"() {
+    "use strict";
+    init_labels();
+    init_shared2();
+    VALID_LEVELS = /* @__PURE__ */ new Set(["endpoints", "clusters"]);
+    VALID_GROUPINGS = /* @__PURE__ */ new Set(["path", "auth-boundary", "data-domain"]);
+    MAX_PARAM_LENGTH = 200;
   }
 });
-// src/index.ts
-var VERSION;
-var init_src = __esm({
-  "src/index.ts"() {
+// src/dashboard/sse.ts
+function createSSEHandler(services) {
+  const clients = /* @__PURE__ */ new Set();
+  function broadcast(eventType, data) {
+    if (clients.size === 0) return;
+    const frame = eventType ? `event: ${eventType}
+data: ${data}
+` : `data: ${data}
+`;
+    for (const client of clients) {
+      if (client.res.destroyed) {
+        clients.delete(client);
+        continue;
+      }
+      try {
+        client.res.write(frame);
+      } catch {
+        clients.delete(client);
+      }
+    }
+  }
+  const bus = services.bus;
+  bus.on("request:completed", (r) => broadcast(null, JSON.stringify(r)));
+  bus.on("telemetry:fetch", (e) => broadcast(SSE_EVENT_FETCH, JSON.stringify(e)));
+  bus.on("telemetry:log", (e) => broadcast(SSE_EVENT_LOG, JSON.stringify(e)));
+  bus.on("telemetry:error", (e) => broadcast(SSE_EVENT_ERROR, JSON.stringify(e)));
+  bus.on("telemetry:query", (e) => broadcast(SSE_EVENT_QUERY, JSON.stringify(e)));
+  bus.on("analysis:updated", ({ issues }) => {
+    broadcast(SSE_EVENT_ISSUES, JSON.stringify(issues));
+  });
+  bus.on("issues:changed", (issues) => {
+    broadcast(SSE_EVENT_ISSUES, JSON.stringify(issues));
+  });
+  return (req, res) => {
+    const headers2 = {
+      "content-type": "text/event-stream",
+      "cache-control": "no-cache",
+      connection: "keep-alive"
+    };
+    const corsOrigin = getCorsOrigin(req);
+    if (corsOrigin) {
+      headers2["access-control-allow-origin"] = corsOrigin;
+    }
+    res.writeHead(HTTP_OK, headers2);
+    res.write(":ok\n\n");
+    const heartbeat = setInterval(() => {
+      if (res.destroyed) {
+        clearInterval(heartbeat);
+        clients.delete(client);
+        return;
+      }
+      try {
+        res.write(":heartbeat\n\n");
+      } catch {
+        clearInterval(heartbeat);
+        clients.delete(client);
+      }
+    }, SSE_HEARTBEAT_INTERVAL_MS);
+    heartbeat.unref();
+    const client = { res, heartbeat };
+    clients.add(client);
+    req.on("close", () => {
+      clearInterval(heartbeat);
+      clients.delete(client);
+    });
+  };
+}
+var init_sse = __esm({
+  "src/dashboard/sse.ts"() {
     "use strict";
-    init_issue_store();
-    init_project();
-    init_adapter_registry();
-    init_rules();
-    init_engine();
-    init_insights2();
-    init_insights();
-    VERSION = "0.10.1";
+    init_constants();
+    init_labels();
+    init_shared2();
   }
 });
@@ -5323,13 +5766,24 @@ function getInsightsStyles() {
 .insights-chip-count{font-size:10px;font-family:var(--mono);background:rgba(0,0,0,.08);padding:1px 5px;border-radius:8px}
 .insights-chip.active .insights-chip-count{background:rgba(255,255,255,.25)}
+/* Summary bar */
+.insights-summary{display:flex;gap:14px;padding:10px 28px;font-size:12px;font-weight:500;border-bottom:1px solid var(--border)}
+.insights-summary-stat{display:flex;align-items:center;gap:4px}
+.insights-summary-stat.critical{color:var(--red)}
+.insights-summary-stat.warning{color:var(--amber)}
+.insights-summary-stat.resolved{color:var(--green)}
+/* AI hint */
+.insights-ai-hint{font-size:11px;color:var(--text-muted);padding:0 0 12px}
+.insights-ai-hint code{background:var(--bg-muted);padding:2px 6px;border-radius:4px;font-family:var(--mono);font-size:11px}
 /* Insights card list */
 .insights-list{padding:16px 28px}
 .insights-empty{display:flex;align-items:center;gap:10px;padding:24px;color:var(--green);font-size:14px;font-weight:500}
 .insights-empty-icon{font-size:18px}
-.insights-card{display:flex;align-items:flex-start;gap:12px;padding:14px 18px;background:var(--bg-card);border:1px solid var(--border);border-radius:10px;cursor:pointer;transition:all .15s;margin-bottom:8px}
+.insights-card{display:flex;align-items:flex-start;gap:12px;padding:12px 16px;background:var(--bg-card);border:1px solid var(--border);border-radius:10px;cursor:pointer;transition:all .15s;margin-bottom:6px}
 .insights-card:hover{border-color:var(--border-light);box-shadow:0 2px 8px rgba(0,0,0,.04)}
 .insights-card.expanded{border-color:var(--border-light);box-shadow:0 2px 8px rgba(0,0,0,.04)}
 .insights-card.resolved{opacity:.55}
@@ -5410,13 +5864,13 @@ var init_layout2 = __esm({
 });
 // src/dashboard/page.ts
-import { readFileSync as readFileSync3 } from "fs";
+import { readFileSync as readFileSync4 } from "fs";
 import { resolve as resolve3, dirname } from "path";
 import { fileURLToPath } from "url";
 function getClientBundle() {
   if (clientBundle) return clientBundle;
   const bundlePath = resolve3(__dirname, "../dashboard-client.global.js");
-  clientBundle = readFileSync3(bundlePath, "utf-8");
+  clientBundle = readFileSync4(bundlePath, "utf-8");
   return clientBundle;
 }
 function getDashboardHtml(config) {
@@ -5447,247 +5901,6 @@ var init_page = __esm({
   }
 });
-// src/telemetry/config.ts
-import { homedir as homedir2, platform } from "os";
-import { join as join3 } from "path";
-import { existsSync as existsSync5, readFileSync as readFileSync4, writeFileSync as writeFileSync3, mkdirSync as mkdirSync3 } from "fs";
-import { randomUUID as randomUUID5 } from "crypto";
-function readConfig() {
-  try {
-    if (!existsSync5(CONFIG_PATH)) return null;
-    return JSON.parse(readFileSync4(CONFIG_PATH, "utf-8"));
-  } catch {
-    return null;
-  }
-}
-function writeConfig(config) {
-  try {
-    if (!existsSync5(CONFIG_DIR))
-      mkdirSync3(CONFIG_DIR, { recursive: true, ...IS_WINDOWS ? {} : { mode: DIR_MODE_OWNER_ONLY } });
-    writeFileSync3(
-      CONFIG_PATH,
-      JSON.stringify(config, null, 2) + "\n",
-      IS_WINDOWS ? {} : { mode: FILE_MODE_OWNER_ONLY }
-    );
-  } catch (err) {
-    if (process.env.BRAKIT_DEBUG) {
-      process.stderr.write(`[brakit] config write failed: ${err?.message ?? err}
-`);
-    }
-  }
-}
-function getOrCreateConfig() {
-  const existing = readConfig();
-  if (existing && typeof existing.telemetry === "boolean" && existing.anonymousId) {
-    return existing;
-  }
-  const config = { telemetry: true, anonymousId: randomUUID5() };
-  writeConfig(config);
-  return config;
-}
-function isTelemetryEnabled() {
-  if (cachedEnabled !== null) return cachedEnabled;
-  const env = process.env.BRAKIT_TELEMETRY;
-  if (env !== void 0) {
-    cachedEnabled = env !== "false" && env !== "0" && env !== "off";
-    return cachedEnabled;
-  }
-  cachedEnabled = readConfig()?.telemetry ?? true;
-  return cachedEnabled;
-}
-var IS_WINDOWS, CONFIG_DIR, CONFIG_PATH, cachedEnabled;
-var init_config2 = __esm({
-  "src/telemetry/config.ts"() {
-    "use strict";
-    init_features();
-    IS_WINDOWS = platform() === "win32";
-    CONFIG_DIR = join3(homedir2(), ".brakit");
-    CONFIG_PATH = join3(CONFIG_DIR, "config.json");
-    cachedEnabled = null;
-  }
-});
-// src/telemetry/index.ts
-import { platform as platform2, release, arch } from "os";
-import { spawn } from "child_process";
-function commonProperties() {
-  return {
-    brakit_version: VERSION,
-    node_version: process.version,
-    os: `${platform2()}-${release()}`,
-    arch: arch(),
-    $lib: "brakit",
-    $process_person_profile: false,
-    $geoip_disable: true
-  };
-}
-function sendToPosthog(event, properties) {
-  if (!isTelemetryEnabled()) return;
-  const config = getOrCreateConfig();
-  const payload = {
-    api_key: POSTHOG_KEY,
-    event,
-    distinct_id: config.anonymousId,
-    timestamp: (/* @__PURE__ */ new Date()).toISOString(),
-    properties: { ...commonProperties(), ...properties }
-  };
-  try {
-    const body = JSON.stringify(payload);
-    const url = `${POSTHOG_HOST}${POSTHOG_CAPTURE_PATH}`;
-    const child = spawn(
-      process.execPath,
-      [
-        "-e",
-        `fetch(${JSON.stringify(url)},{method:"POST",headers:{"content-type":"application/json"},body:${JSON.stringify(body)},signal:AbortSignal.timeout(${POSTHOG_REQUEST_TIMEOUT_MS})}).catch(()=>{})`
-      ],
-      { detached: true, stdio: "ignore" }
-    );
-    child.unref();
-  } catch {
-  }
-}
-function trackEvent(event, properties) {
-  sendToPosthog(event, { sdk: "node", ...properties });
-}
-function initSession(framework, packageManager, isCustomCommand, adapters) {
-  getOrCreateConfig();
-  session.startTime = Date.now();
-  session.framework = framework;
-  session.packageManager = packageManager;
-  session.isCustomCommand = isCustomCommand;
-  session.adapters = adapters;
-}
-function recordRequestCount(count) {
-  session.requestCount = count;
-}
-function recordInsightTypes(types) {
-  for (const t of types) session.insightTypes.add(t);
-}
-function recordRulesTriggered(rules) {
-  for (const r of rules) session.rulesTriggered.add(r);
-}
-function recordTabViewed(tab) {
-  session.tabsViewed.add(tab);
-}
-function recordDashboardOpened() {
-  if (session.dashboardOpened) return;
-  session.dashboardOpened = true;
-  session.dashboardOpenedAt = Date.now();
-  trackEvent(TELEMETRY_EVENT_DASHBOARD_VIEWED, {
-    time_to_dashboard_ms: session.startTime > 0 ? Date.now() - session.startTime : null,
-    request_count_at_open: session.requestCount
-  });
-}
-function recordGraphFeature(feature, detail) {
-  trackEvent(TELEMETRY_EVENT_GRAPH_FEATURE, {
-    feature,
-    ...detail ? { detail } : {}
-  });
-}
-function recordSetupCompleted(info) {
-  session.frameworkCandidates = info.frameworkCandidates;
-  session.adaptersFailed = info.adaptersFailed;
-  session.setupDurationMs = info.setupDurationMs;
-  session.setupSucceeded = true;
-}
-function recordFirstRequest() {
-  if (!session.firstRequestAt) session.firstRequestAt = Date.now();
-}
-function recordExitReason(reason) {
-  if (session.exitReason === "unknown") session.exitReason = reason;
-}
-function speedBucket(ms) {
-  if (ms === 0) return "none";
-  const t = SPEED_BUCKET_THRESHOLDS;
-  if (ms < t[0]) return `<${t[0]}ms`;
-  for (let i = 1; i < t.length; i++) {
-    if (ms < t[i]) return `${t[i - 1]}-${t[i]}ms`;
-  }
-  return `>${t[t.length - 1]}ms`;
-}
-function trackSession(services) {
-  if (!isTelemetryEnabled()) return;
-  const isFirstSession = readConfig() === null;
-  const metricsStore = services.metricsStore;
-  const analysisEngine = services.analysisEngine;
-  const live = metricsStore.getLiveEndpoints();
-  const insights = analysisEngine.getInsights();
-  const findings = analysisEngine.getFindings();
-  let totalRequests = 0;
-  let totalDuration = 0;
-  let slowestP95 = 0;
-  for (const ep of live) {
-    totalRequests += ep.summary.totalRequests;
-    totalDuration += ep.summary.p95Ms * ep.summary.totalRequests;
-    if (ep.summary.p95Ms > slowestP95) slowestP95 = ep.summary.p95Ms;
-  }
-  const now = Date.now();
-  sendToPosthog(TELEMETRY_EVENT_SESSION, {
-    sdk: "node",
-    framework: session.framework,
-    package_manager: session.packageManager,
-    is_custom_command: session.isCustomCommand,
-    first_session: isFirstSession,
-    adapters_detected: session.adapters,
-    request_count: session.requestCount,
-    error_count: services.errorStore.getAll().length,
-    query_count: services.queryStore.getAll().length,
-    fetch_count: services.fetchStore.getAll().length,
-    insight_count: insights.length,
-    finding_count: findings.length,
-    insight_types: [...session.insightTypes],
-    rules_triggered: [...session.rulesTriggered],
-    endpoint_count: live.length,
-    avg_duration_ms: totalRequests > 0 ? Math.round(totalDuration / totalRequests) : 0,
-    slowest_endpoint_bucket: speedBucket(slowestP95),
-    tabs_viewed: [...session.tabsViewed],
-    dashboard_opened: session.dashboardOpened,
-    explain_used: session.explainUsed,
-    session_duration_s: Math.ceil((now - session.startTime) / 1e3),
-    session_duration_ms: now - session.startTime,
-    setup_succeeded: session.setupSucceeded,
-    setup_duration_ms: session.setupDurationMs,
-    framework_detection_candidates: session.frameworkCandidates,
-    adapters_failed: session.adaptersFailed,
-    time_to_first_request_ms: session.firstRequestAt ? session.firstRequestAt - session.startTime : null,
-    time_to_dashboard_ms: session.dashboardOpenedAt ? session.dashboardOpenedAt - session.startTime : null,
-    exit_reason: session.exitReason
-  });
-  getOrCreateConfig();
-}
-var POSTHOG_KEY, session;
-var init_telemetry = __esm({
-  "src/telemetry/index.ts"() {
-    "use strict";
-    init_src();
-    init_config2();
-    init_labels();
-    init_config();
-    init_config2();
-    POSTHOG_KEY = "phc_E9TwydCGnSfPLIUhNxChpeg32TSowjk31KiPhnLPP0x";
-    session = {
-      startTime: 0,
-      framework: "",
-      packageManager: "",
-      isCustomCommand: false,
-      adapters: [],
-      requestCount: 0,
-      insightTypes: /* @__PURE__ */ new Set(),
-      rulesTriggered: /* @__PURE__ */ new Set(),
-      tabsViewed: /* @__PURE__ */ new Set(),
-      dashboardOpened: false,
-      explainUsed: false,
-      frameworkCandidates: [],
-      adaptersFailed: [],
-      setupDurationMs: 0,
-      setupSucceeded: false,
-      firstRequestAt: 0,
-      dashboardOpenedAt: 0,
-      exitReason: "unknown"
-    };
-  }
-});
 // src/dashboard/router.ts
 function isDashboardRequest(url) {
   return url === DASHBOARD_PREFIX || url.startsWith(DASHBOARD_PREFIX + "/");
@@ -5722,7 +5935,7 @@ function createDashboardHandler(services) {
       const url = new URL(req.url ?? "/", "http://localhost");
       const tab = url.searchParams.get("tab");
       if (tab && tab.length <= MAX_TAB_NAME_LENGTH && VALID_TABS.has(tab)) {
-        recordTabViewed(tab);
+        session.recordTabViewed(tab);
       }
       const event = url.searchParams.get("event");
       if (event && event.length <= MAX_TAB_NAME_LENGTH) {
@@ -5740,7 +5953,7 @@ function createDashboardHandler(services) {
       handler(req, res);
       return;
     }
-    if (isTelemetryEnabled()) recordDashboardOpened();
+    if (isTelemetryEnabled()) session.recordDashboardOpened();
     res.writeHead(HTTP_OK, {
       "content-type": "text/html; charset=utf-8",
       "cache-control": "no-cache",
@@ -5760,7 +5973,7 @@ var init_router = __esm({
     init_graph();
     init_sse();
     init_page();
-    init_telemetry();
+    init_telemetry2();
   }
 });
@@ -5899,7 +6112,7 @@ var init_telemetry_store = __esm({
       constructor(maxEntries = MAX_TELEMETRY_ENTRIES) {
         this.maxEntries = maxEntries;
         this.entries = [];
-        this.listeners = [];
+        this.listeners = /* @__PURE__ */ new Set();
       }
       add(data) {
         const entry = { id: randomUUID6(), ...data };
@@ -5918,11 +6131,10 @@ var init_telemetry_store = __esm({
         this.entries.length = 0;
       }
       onEntry(fn) {
-        this.listeners.push(fn);
+        this.listeners.add(fn);
       }
       offEntry(fn) {
-        const idx = this.listeners.indexOf(fn);
-        if (idx !== -1) this.listeners.splice(idx, 1);
+        this.listeners.delete(fn);
       }
     };
   }
@@ -6905,55 +7117,34 @@ import pc from "picocolors";
 function print(line) {
   process.stdout.write(line + "\n");
 }
-function severityIcon(severity) {
-  return SEVERITY_COLOR[severity](SEVERITY_ICON[severity]);
-}
-function colorTitle(severity, text) {
-  const color = SEVERITY_COLOR[severity];
-  return severity === "info" ? color(text) : color(pc.bold(text));
-}
-function truncate(s, max = TERMINAL_TRUNCATE_LENGTH) {
-  return s.length <= max ? s : s.slice(0, max - 1) + "\u2026";
-}
-function formatConsoleLine(issue, suffix) {
-  const icon = severityIcon(issue.severity);
-  const title = colorTitle(issue.severity, issue.title);
-  const desc = pc.dim(truncate(issue.desc) + (suffix ?? ""));
-  let line = `  ${icon} ${title} \u2014 ${desc}`;
-  if (issue.detail) {
-    line += `
-    ${pc.dim("\u2514 " + issue.detail)}`;
-  }
-  return line;
+function pluralize(n, word) {
+  return n === 1 ? `${n} ${word}` : `${n} ${word}s`;
 }
 function startTerminalInsights(services, proxyPort) {
   const bus = services.bus;
-  const metricsStore = services.metricsStore;
   const printedKeys = /* @__PURE__ */ new Set();
   const resolvedKeys = /* @__PURE__ */ new Set();
-  const dashUrl = `localhost:${proxyPort}${DASHBOARD_PREFIX}`;
+  const dashUrl = `http://localhost:${proxyPort}${DASHBOARD_PREFIX}`;
+  const prefix = `  ${pc.magenta(pc.bold("brakit"))} ${pc.dim(UNICODE_ARROW)}`;
+  const actionHint = `${pc.underline(dashUrl)} ${pc.dim("or run")} ${pc.bold('"Fix brakit findings"')} ${pc.dim("in your AI tool")}`;
   return bus.on("analysis:updated", ({ issues }) => {
-    const newLines = [];
-    const resolvedLines = [];
-    const regressedLines = [];
+    let newCount = 0;
+    let resolvedCount = 0;
+    let regressedCount = 0;
     for (const si of issues) {
       if (si.aiStatus === "wont_fix") continue;
       if (si.state === "resolved") {
         if (resolvedKeys.has(si.issueId)) continue;
         resolvedKeys.add(si.issueId);
         printedKeys.delete(si.issueId);
-        const title = pc.green(pc.bold(`\u2713 ${si.issue.title}`));
-        const desc = pc.dim(truncate(si.issue.desc));
-        resolvedLines.push(`  ${title} \u2014 ${desc} ${pc.green("resolved")}`);
+        resolvedCount++;
         continue;
       }
       if (si.state === "regressed") {
         if (!printedKeys.has(si.issueId)) {
           printedKeys.add(si.issueId);
           resolvedKeys.delete(si.issueId);
-          const title = pc.red(pc.bold(`\u26A0 ${si.issue.title}`));
-          const desc = pc.dim(truncate(si.issue.desc));
-          regressedLines.push(`  ${title} \u2014 ${desc} ${pc.red("regressed")}`);
+          regressedCount++;
         }
         continue;
       }
@@ -6961,52 +7152,27 @@ function startTerminalInsights(services, proxyPort) {
       if (si.issue.severity === "info") continue;
       if (printedKeys.has(si.issueId)) continue;
       printedKeys.add(si.issueId);
-      let suffix;
-      if (si.issue.rule === "slow") {
-        const endpoint = si.issue.endpoint;
-        if (endpoint) {
-          const ep = metricsStore.getEndpoint(endpoint);
-          if (ep && ep.sessions.length > 1) {
-            const prev = ep.sessions[ep.sessions.length - 2];
-            suffix = ` (\u2191 from ${prev.p95DurationMs < 1e3 ? prev.p95DurationMs + "ms" : (prev.p95DurationMs / 1e3).toFixed(1) + "s"})`;
-          }
-        }
-      }
-      newLines.push(formatConsoleLine(si.issue, suffix));
+      newCount++;
     }
-    if (newLines.length > 0) {
-      print("");
-      for (const line of newLines) print(line);
+    if (newCount > 0) {
       print("");
-      print(`  ${pc.magenta(pc.bold("brakit"))} ${pc.dim("\u2192")} ${pc.dim("Dashboard:")} ${pc.underline(`http://${dashUrl}`)}  ${pc.dim("or ask your AI:")} ${pc.bold('"Fix brakit findings"')}`);
+      print(`${prefix} ${pc.yellow(pluralize(newCount, "new issue"))} ${pc.dim(UNICODE_EM_DASH)} ${actionHint}`);
     }
-    if (regressedLines.length > 0) {
+    if (regressedCount > 0) {
       print("");
-      for (const line of regressedLines) print(line);
-      print("");
-      print(`  ${pc.magenta(pc.bold("brakit"))} ${pc.dim("\u2192")} ${pc.red("Issues came back after being resolved!")}`);
+      print(`${prefix} ${pc.red(pluralize(regressedCount, "issue") + " regressed")} ${pc.dim(UNICODE_EM_DASH)} ${actionHint}`);
     }
-    if (resolvedLines.length > 0) {
-      print("");
-      for (const line of resolvedLines) print(line);
+    if (resolvedCount > 0) {
       print("");
-      print(`  ${pc.magenta(pc.bold("brakit"))} ${pc.dim("\u2192")} ${pc.green("Issues fixed!")}`);
+      print(`${prefix} ${pc.green(pluralize(resolvedCount, "issue") + " resolved " + UNICODE_CHECK_MARK)}`);
     }
   });
 }
-var SEVERITY_COLOR;
 var init_terminal = __esm({
   "src/output/terminal.ts"() {
     "use strict";
     init_src();
     init_constants();
-    init_config();
-    init_labels();
-    SEVERITY_COLOR = {
-      critical: pc.red,
-      warning: pc.yellow,
-      info: pc.dim
-    };
   }
 });
@@ -7154,13 +7320,46 @@ var init_interceptor = __esm({
   }
 });
+// src/detect/runtime.ts
+function detectJsRuntime() {
+  if (globalThis.Bun) return "bun";
+  if (globalThis.Deno) return "deno";
+  return "node";
+}
+function extractLoadedPackages() {
+  try {
+    const cache = __require.cache;
+    if (!cache) return [];
+    const seen = /* @__PURE__ */ new Set();
+    const segment = NODE_MODULES_SEGMENT;
+    const segmentWin = segment.replaceAll("/", "\\");
+    for (const key of Object.keys(cache)) {
+      const nm = Math.max(key.lastIndexOf(segment), key.lastIndexOf(segmentWin));
+      if (nm === -1) continue;
+      const after = key.slice(nm + segment.length);
+      const parts = after.split(/[/\\]/);
+      const pkgName = parts[0].startsWith("@") ? `${parts[0]}/${parts[1]}` : parts[0];
+      if (KNOWN_DEPENDENCY_SET.has(pkgName)) seen.add(pkgName);
+    }
+    return [...seen];
+  } catch {
+    return [];
+  }
+}
+var init_runtime = __esm({
+  "src/detect/runtime.ts"() {
+    "use strict";
+    init_detection();
+  }
+});
 // src/runtime/setup.ts
 var setup_exports = {};
 __export(setup_exports, {
   setup: () => setup
 });
 import { readFile as readFile5, mkdir as mkdir2, writeFile as writeFile3 } from "fs/promises";
-import { existsSync as existsSync7, unlinkSync as unlinkSync3 } from "fs";
+import { existsSync as existsSync7, unlinkSync as unlinkSync3, readFileSync as readFileSync6 } from "fs";
 import { resolve as resolve5 } from "path";
 function setup() {
   if (initPromise) return initPromise;
@@ -7192,21 +7391,25 @@ function installHooks(bus) {
   adapterRegistry.patchAll(telemetryEmit);
   const cwd = process.cwd();
   let framework = "unknown";
-  let frameworkCandidates = [];
+  let detectedDependencies = [];
+  let configFilesDetected = [];
   try {
     const pkg = JSON.parse(
-      __require("fs").readFileSync(resolve5(cwd, "package.json"), "utf-8")
+      readFileSync6(resolve5(cwd, "package.json"), "utf-8")
     );
     const allDeps = { ...pkg.dependencies, ...pkg.devDependencies };
     framework = detectFrameworkFromDeps(allDeps);
-    frameworkCandidates = KNOWN_DEPENDENCY_NAMES.filter((dep) => dep in allDeps);
+    detectedDependencies = KNOWN_DEPENDENCY_NAMES.filter((dep) => dep in allDeps);
+    configFilesDetected = detectConfigFiles(cwd);
   } catch {
   }
   return {
     framework,
     adapterNames: adapterRegistry.getActive().map((a) => a.name),
     adaptersFailed: [...adapterRegistry.getFailed()],
-    frameworkCandidates
+    detectedDependencies,
+    configFilesDetected,
+    jsRuntime: detectJsRuntime()
   };
 }
 function startAnalysis(bus, stores, dataDir, services) {
@@ -7235,14 +7438,12 @@ function registerLifecycle(allServices, stores, services, cwd) {
   const sendTelemetry = () => {
     if (telemetrySent) return;
     telemetrySent = true;
-    recordRequestCount(stores.requestStore.getAll().length);
-    recordInsightTypes(
-      services.analysisEngine.getInsights().map((i) => i.type)
-    );
-    recordRulesTriggered(
+    session.recordCounts(
+      stores.requestStore.getAll().length,
+      services.analysisEngine.getInsights().map((i) => i.type),
       services.analysisEngine.getFindings().map((f) => f.rule)
     );
-    trackSession(allServices);
+    flushSession(allServices);
   };
   let teardownCalled = false;
   const runTeardown = () => {
@@ -7262,14 +7463,14 @@ function registerLifecycle(allServices, stores, services, cwd) {
   };
   health.setTeardown(runTeardown);
   process.on("SIGINT", () => {
-    recordExitReason(EXIT_REASON_SIGINT);
+    session.recordExitReason(EXIT_REASON_SIGINT);
   });
   process.on("SIGTERM", () => {
-    recordExitReason(EXIT_REASON_SIGTERM);
+    session.recordExitReason(EXIT_REASON_SIGTERM);
   });
   process.on("beforeExit", async () => {
     await drainPendingCaptures();
-    recordExitReason(EXIT_REASON_CLEAN);
+    session.recordExitReason(EXIT_REASON_CLEAN);
     sendTelemetry();
   });
   process.on("exit", () => {
@@ -7286,17 +7487,19 @@ async function doSetup() {
     bus,
     ...stores
   };
-  const { framework, adapterNames, adaptersFailed, frameworkCandidates } = installHooks(bus);
-  initSession(framework, detectPackageManagerSync(cwd), false, adapterNames);
+  const detection = installHooks(bus);
+  session.init(detection.framework, detectPackageManager(cwd), false, detection.adapterNames);
   const setupDurationMs = Date.now() - setupStart;
-  recordSetupCompleted({ frameworkCandidates, adaptersFailed, setupDurationMs });
+  session.recordSetup(detection, setupDurationMs);
   trackEvent(TELEMETRY_EVENT_SETUP_COMPLETED, {
-    framework,
-    framework_detection_candidates: frameworkCandidates,
-    adapters_detected: adapterNames,
-    adapters_failed: adaptersFailed,
-    hooks_installed: ["fetch", "console", "error"],
-    setup_duration_ms: setupDurationMs
+    framework: detection.framework,
+    framework_detection_candidates: detection.detectedDependencies,
+    adapters_detected: detection.adapterNames,
+    adapters_failed: detection.adaptersFailed,
+    hooks_installed: [...INSTALLED_HOOKS],
+    setup_duration_ms: setupDurationMs,
+    config_files_detected: detection.configFilesDetected,
+    js_runtime: detection.jsRuntime
   });
   const graphBuilder = new GraphBuilder(bus, stores.requestStore);
   graphBuilder.start();
@@ -7317,10 +7520,13 @@ async function doSetup() {
     onFirstRequest(port) {
       setBrakitPort(port);
       brakitDebug(`[setup] onFirstRequest fired, port=${port}`);
-      recordFirstRequest();
+      const loadedPackages = extractLoadedPackages();
+      session.recordFirstRequest(loadedPackages);
       trackEvent(TELEMETRY_EVENT_FIRST_REQUEST, {
         port,
-        time_to_first_request_ms: Date.now() - setupStart
+        time_to_first_request_ms: Date.now() - setupStart,
+        loaded_packages: loadedPackages,
+        loaded_package_count: loadedPackages.length
       });
       void (async () => {
         try {
@@ -7376,13 +7582,15 @@ var init_setup = __esm({
     init_terminal();
     init_src();
     init_constants();
+    init_detection();
     init_health();
     init_interceptor();
     init_log();
     init_type_guards();
     init_fs();
     init_project();
-    init_telemetry();
+    init_runtime();
+    init_telemetry2();
     initPromise = null;
   }
 });