kohi-node 0.1.2

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 KohiCorp
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,41 @@
+# kohi-node
+
+Node.js SDK for Kohi.
+
+## Install
+
+```bash
+npm install kohi-node
+```
+
+## Quick Start
+
+```ts
+import kohi from "kohi-node";
+
+const { expressMiddleware } = kohi.init({
+  projectKey: process.env.KOHI_PROJECT_KEY!,
+  secretKey: process.env.KOHI_SECRET_KEY!,
+});
+
+app.use(expressMiddleware());
+```
+
+For Next.js route handlers or the App Router bootstrap:
+
+```ts
+import kohi from "kohi-node";
+
+kohi.init({
+  projectKey: process.env.KOHI_PROJECT_KEY!,
+  secretKey: process.env.KOHI_SECRET_KEY!,
+}).instrumentNextJs();
+```
+
+## Behavior
+
+- Batches events in memory, default `batchSize=100`, `flushIntervalMs=5000`
+- Retries retryable `408`, `429`, and `5xx` responses up to 3 times with backoff
+- Caps the in-memory queue at `5000` events and drops new events when full
+- Redacts common secret fields and masks email addresses before sending
+- Adds `X-Project-Key` and HMAC-SHA256 `X-Signature` over the gzipped payload

package/dist/index.d.ts

@@ -0,0 +1,100 @@
+// Generated by dts-bundle-generator v9.5.1
+
+import { IncomingMessage, ServerResponse } from 'http';
+import { gzip } from 'zlib';
+
+export declare const VERSION = "node:0.1.2";
+export declare const DEFAULT_INGEST_ENDPOINT = "https://kohicorp.com/api/ingest";
+export declare const DEFAULT_MAX_CONCURRENT_SENDS = 5;
+export declare const DEFAULT_QUEUE_SIZE = 5000;
+export declare const DEFAULT_HTTP_TIMEOUT_MS = 10000;
+export declare const SENSITIVE_KEYS: Set<string>;
+export declare const REDACTION_MASK = "[REDACTED]";
+export interface Config {
+	projectKey: string;
+	secretKey: string;
+	enabled?: boolean;
+	endpoint?: string;
+	maxConcurrentSends?: number;
+	queueSize?: number;
+	httpTimeoutMs?: number;
+	batchSize?: number;
+	flushIntervalMs?: number;
+	logger?: Logger;
+}
+export interface Logger {
+	info(msg: string): void;
+	warn(msg: string): void;
+	error(msg: string): void;
+}
+interface Event$1 {
+	url: string;
+	endpoint: string;
+	method: string;
+	status_code: number;
+	request_headers: Record<string, string>;
+	request_body: unknown;
+	response_headers: Record<string, string>;
+	response_body: unknown;
+	duration_ms: number;
+	client_ip?: string;
+}
+export declare const gzipAsync: typeof gzip.__promisify__;
+export declare const sign: (secret: Buffer, body: Buffer) => string;
+export declare const jitter: (base: number) => number;
+export declare const sleep: (ms: number) => Promise<void>;
+export declare const isRetryableStatus: (s: number) => boolean;
+export declare const normalizeIP: (ip: string) => string;
+export declare function validateConfig(pk: string, sk: string): void;
+export declare function canonicalHeaders(h: Record<string, string | string[] | number | undefined>): Record<string, string>;
+export declare function redactValue(v: unknown): unknown;
+export declare function redactHeaders(h: Record<string, string>): Record<string, string>;
+export declare function redactEvent(e: Event$1): Event$1;
+export declare function isValidIP(ip: string): boolean;
+export declare function firstIPFromList(v: string): string;
+export declare function parseForwardedHeader(v: string): string;
+export declare function extractClientIP(h: Record<string, string>, peerIP: string): string;
+export declare function peerIPFromRemoteAddr(addr: string): string;
+export declare function parseJSONBody(raw: string | Buffer): unknown;
+export declare class Monitor {
+	private readonly projectKey;
+	private readonly endpoint;
+	private readonly maxConcurrentSends;
+	private readonly queueSize;
+	private readonly httpTimeoutMs;
+	private readonly batchSize;
+	private readonly flushIntervalMs;
+	private readonly secret;
+	private readonly logger;
+	private readonly queue;
+	private enabled;
+	private closed;
+	private activeSends;
+	constructor(config: Config);
+	static noop(): Monitor;
+	isEnabled(): boolean;
+	addEvent(evt: Event$1): void;
+	shutdown(): Promise<void>;
+	close(): Promise<void>;
+	private startWorker;
+	private sendBatch;
+	private sendBatchAttempt;
+}
+export declare function createMonitor(config: Config): Monitor;
+export declare function expressMiddleware(monitor: Monitor): (req: IncomingMessage, res: ServerResponse, next: () => void) => void;
+export declare function instrumentNextJs(cfg: Config): void;
+export declare function init(cfg: Config): {
+	monitor: Monitor;
+	expressMiddleware: () => (req: import("http").IncomingMessage, res: import("http").ServerResponse, next: () => void) => void;
+	instrumentNextJs: () => void;
+};
+declare const defaultExport: typeof Monitor & {
+	init: typeof init;
+};
+
+export {
+	Event$1 as Event,
+	defaultExport as default,
+};
+
+export {};

package/dist/index.js

@@ -0,0 +1,540 @@
+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/index.ts
+var index_exports = {};
+__export(index_exports, {
+  DEFAULT_HTTP_TIMEOUT_MS: () => DEFAULT_HTTP_TIMEOUT_MS,
+  DEFAULT_INGEST_ENDPOINT: () => DEFAULT_INGEST_ENDPOINT,
+  DEFAULT_MAX_CONCURRENT_SENDS: () => DEFAULT_MAX_CONCURRENT_SENDS,
+  DEFAULT_QUEUE_SIZE: () => DEFAULT_QUEUE_SIZE,
+  Monitor: () => Monitor,
+  REDACTION_MASK: () => REDACTION_MASK,
+  SENSITIVE_KEYS: () => SENSITIVE_KEYS,
+  VERSION: () => VERSION,
+  canonicalHeaders: () => canonicalHeaders,
+  createMonitor: () => createMonitor,
+  default: () => index_default,
+  expressMiddleware: () => expressMiddleware,
+  extractClientIP: () => extractClientIP,
+  firstIPFromList: () => firstIPFromList,
+  gzipAsync: () => gzipAsync,
+  init: () => init,
+  instrumentNextJs: () => instrumentNextJs,
+  isRetryableStatus: () => isRetryableStatus,
+  isValidIP: () => isValidIP,
+  jitter: () => jitter,
+  normalizeIP: () => normalizeIP,
+  parseForwardedHeader: () => parseForwardedHeader,
+  parseJSONBody: () => parseJSONBody,
+  peerIPFromRemoteAddr: () => peerIPFromRemoteAddr,
+  redactEvent: () => redactEvent,
+  redactHeaders: () => redactHeaders,
+  redactValue: () => redactValue,
+  sign: () => sign,
+  sleep: () => sleep,
+  validateConfig: () => validateConfig
+});
+module.exports = __toCommonJS(index_exports);
+
+// src/core.ts
+var import_crypto = require("crypto");
+var import_zlib = require("zlib");
+var import_util = require("util");
+var VERSION = "node:0.1.2";
+var DEFAULT_INGEST_ENDPOINT = "https://kohicorp.com/api/ingest";
+var MAX_RESPONSE_BODY = 64 * 1024;
+var DEFAULT_MAX_CONCURRENT_SENDS = 5;
+var DEFAULT_QUEUE_SIZE = 5e3;
+var DEFAULT_HTTP_TIMEOUT_MS = 1e4;
+var MAX_ATTEMPTS = 3;
+var BASE_BACKOFF_MS = 250;
+var MAX_BACKOFF_MS = 2e3;
+var PROJECT_KEY_PATTERN = /^pk_[A-Za-z0-9_-]{22}$/;
+var SENSITIVE_KEYS = /* @__PURE__ */ new Set(["password", "secret", "token", "authorization", "api_key", "x-api-key", "apikey", "x-auth-token", "x-access-token", "bearer", "private_key", "private-key", "secret_key", "secret-key"]);
+var EMAIL_KEYS = /* @__PURE__ */ new Set(["email", "email_address", "emailaddress"]);
+var REDACTION_MASK = "[REDACTED]";
+var IP_HEADERS = ["cf-connecting-ip", "x-vercel-forwarded-for", "x-forwarded-for", "x-real-ip", "x-cluster-client-ip", "fastly-client-ip"];
+var DEFAULT_BATCH_SIZE = 100;
+var DEFAULT_FLUSH_INTERVAL_MS = 5e3;
+var noopLogger = { info: () => {
+}, warn: () => {
+}, error: () => {
+} };
+var gzipAsync = (0, import_util.promisify)(import_zlib.gzip);
+var sign = (secret, body) => (0, import_crypto.createHmac)("sha256", secret).update(body).digest("hex");
+var jitter = (base) => Math.floor(base * (0.8 + 0.4 * Math.random()));
+var sleep = (ms) => new Promise((r) => setTimeout(r, ms));
+var isRetryableStatus = (s) => s === 408 || s === 429 || s >= 500 && s < 600;
+var normalizeIP = (ip) => ip.trim().replace(/^\[|\]$/g, "");
+function validateConfig(pk, sk) {
+  if (!PROJECT_KEY_PATTERN.test(pk)) throw new Error("projectKey must start with 'pk_' followed by 22 base64url characters");
+  if (sk.length !== 43) throw new Error("secretKey must be exactly 43 base64url characters");
+}
+function canonicalHeaders(h) {
+  const out = {};
+  for (const [k, v] of Object.entries(h)) if (v != null) out[k.toLowerCase()] = Array.isArray(v) ? v.join(", ") : String(v);
+  return out;
+}
+function maskEmail(e) {
+  if (typeof e !== "string") return REDACTION_MASK;
+  const at = e.indexOf("@");
+  if (at < 1) return REDACTION_MASK;
+  return e.slice(0, Math.min(2, at)) + "***" + e.slice(at);
+}
+function redactValue(v) {
+  if (v == null) return v;
+  if (Array.isArray(v)) return v.map(redactValue);
+  if (typeof v === "object") {
+    const out = {};
+    for (const [k, val] of Object.entries(v)) {
+      const key = k.toLowerCase();
+      out[k] = SENSITIVE_KEYS.has(key) ? REDACTION_MASK : EMAIL_KEYS.has(key) ? maskEmail(val) : redactValue(val);
+    }
+    return out;
+  }
+  return v;
+}
+function redactHeaders(h) {
+  const out = {};
+  for (const [k, v] of Object.entries(h)) out[k] = SENSITIVE_KEYS.has(k.toLowerCase()) ? REDACTION_MASK : v;
+  return out;
+}
+function redactEvent(e) {
+  return { ...e, request_headers: redactHeaders(e.request_headers), request_body: redactValue(e.request_body), response_headers: redactHeaders(e.response_headers), response_body: redactValue(e.response_body) };
+}
+function isValidIP(ip) {
+  if (!ip) return false;
+  const s = normalizeIP(ip);
+  if (/^(\d{1,3}\.){3}\d{1,3}$/.test(s)) return s.split(".").every((p) => +p >= 0 && +p <= 255);
+  if (!/^[0-9a-fA-F:.]+$/.test(s) || !s.includes(":")) return false;
+  const parts = s.split("::");
+  if (parts.length > 2) return false;
+  return s.replace(/::/g, ":").split(":").filter(Boolean).length <= 8;
+}
+function firstIPFromList(v) {
+  for (const p of v.split(",")) {
+    const t = p.trim().replace(/"/g, "");
+    if (isValidIP(t)) return normalizeIP(t);
+  }
+  return "";
+}
+function parseForwardedHeader(v) {
+  for (const seg of v.split(";")) for (const item of seg.split(",")) {
+    if (!item.toLowerCase().includes("for=")) continue;
+    const parts = item.split("=");
+    if (parts.length === 2) {
+      const c = parts[1].trim().replace(/"/g, "");
+      if (isValidIP(c)) return normalizeIP(c);
+    }
+  }
+  return "";
+}
+function extractClientIP(h, peerIP) {
+  for (const name of IP_HEADERS) {
+    const v = h[name];
+    if (v) {
+      const ip = firstIPFromList(v);
+      if (ip) return ip;
+    }
+  }
+  const fwd = h["forwarded"];
+  if (fwd) {
+    const ip = parseForwardedHeader(fwd);
+    if (ip) return ip;
+  }
+  return peerIP && isValidIP(peerIP) ? normalizeIP(peerIP) : "";
+}
+function peerIPFromRemoteAddr(addr) {
+  if (!addr) return "";
+  const m = addr.match(/^\[([^\]]+)\]:(\d+)$/);
+  if (m) return normalizeIP(m[1]);
+  const n = normalizeIP(addr);
+  if (isValidIP(n)) return n;
+  const i = addr.lastIndexOf(":");
+  return i !== -1 ? normalizeIP(addr.substring(0, i)) : n;
+}
+function parseJSONBody(raw) {
+  if (!raw || (Buffer.isBuffer(raw) ? raw.length === 0 : raw.length === 0)) return Buffer.isBuffer(raw) ? {} : null;
+  const str = Buffer.isBuffer(raw) ? raw.toString("utf8") : raw;
+  try {
+    return JSON.parse(str);
+  } catch {
+    return str;
+  }
+}
+
+// src/monitor.ts
+var Monitor = class _Monitor {
+  projectKey;
+  endpoint;
+  maxConcurrentSends;
+  queueSize;
+  httpTimeoutMs;
+  batchSize;
+  flushIntervalMs;
+  secret;
+  logger;
+  queue = [];
+  enabled;
+  closed = false;
+  activeSends = 0;
+  constructor(config) {
+    const enabled = config.enabled ?? true;
+    if (enabled) validateConfig(config.projectKey, config.secretKey);
+    this.projectKey = config.projectKey;
+    this.endpoint = config.endpoint ?? DEFAULT_INGEST_ENDPOINT;
+    this.maxConcurrentSends = config.maxConcurrentSends ?? DEFAULT_MAX_CONCURRENT_SENDS;
+    this.queueSize = config.queueSize ?? DEFAULT_QUEUE_SIZE;
+    this.httpTimeoutMs = config.httpTimeoutMs ?? DEFAULT_HTTP_TIMEOUT_MS;
+    this.batchSize = config.batchSize ?? DEFAULT_BATCH_SIZE;
+    this.flushIntervalMs = config.flushIntervalMs ?? DEFAULT_FLUSH_INTERVAL_MS;
+    this.secret = Buffer.from(config.secretKey, "base64url");
+    this.logger = config.logger ?? noopLogger;
+    this.enabled = enabled;
+    if (this.enabled) this.startWorker();
+  }
+  static noop() {
+    return new _Monitor({ projectKey: "pk_00000000000000000000AA", secretKey: "0000000000000000000000000000000000000000000", enabled: false });
+  }
+  isEnabled() {
+    return this.enabled;
+  }
+  addEvent(evt) {
+    if (!this.enabled || this.closed) return;
+    const normalized = { ...evt, method: evt.method.toUpperCase(), request_headers: canonicalHeaders(evt.request_headers), response_headers: canonicalHeaders(evt.response_headers) };
+    if (this.queue.length >= this.queueSize) {
+      this.logger.warn("kohi monitor queue is full; dropping event");
+      return;
+    }
+    this.queue.push(normalized);
+  }
+  async shutdown() {
+    if (this.closed) return;
+    this.closed = true;
+    const deadline = Date.now() + 3e4;
+    while ((this.queue.length > 0 || this.activeSends > 0) && Date.now() < deadline) await sleep(50);
+  }
+  async close() {
+    return this.shutdown();
+  }
+  startWorker() {
+    const tick = async () => {
+      let lastFlush = Date.now();
+      while (true) {
+        if (this.closed && this.queue.length === 0 && this.activeSends === 0) break;
+        const elapsed = Date.now() - lastFlush;
+        const shouldFlush = this.queue.length >= this.batchSize || this.queue.length > 0 && elapsed >= this.flushIntervalMs;
+        if (shouldFlush && this.activeSends < this.maxConcurrentSends) {
+          const batch = this.queue.splice(0, this.batchSize);
+          if (batch.length > 0) {
+            lastFlush = Date.now();
+            this.activeSends++;
+            this.sendBatch(batch).catch((err) => this.logger.error(`kohi: batch send error: ${err}`)).finally(() => this.activeSends--);
+          }
+        } else {
+          await sleep(this.queue.length === 0 ? 100 : 10);
+        }
+      }
+    };
+    tick().catch((err) => this.logger.error(`kohi: worker fatal: ${err}`));
+  }
+  async sendBatch(events) {
+    const redacted = events.map(redactEvent);
+    let payload;
+    try {
+      payload = await gzipAsync(Buffer.from(JSON.stringify(redacted), "utf8"));
+    } catch (err) {
+      this.logger.error(`kohi: failed to encode batch: ${err}`);
+      return;
+    }
+    const signature = sign(this.secret, payload);
+    let backoff = BASE_BACKOFF_MS;
+    for (let attempt = 0; attempt < MAX_ATTEMPTS; attempt++) {
+      const result = await this.sendBatchAttempt(payload, signature, events.length, attempt);
+      if (result.done || !result.shouldRetry) return;
+      await sleep(jitter(backoff));
+      backoff = Math.min(backoff * 2, MAX_BACKOFF_MS);
+    }
+  }
+  async sendBatchAttempt(payload, signature, count, attempt) {
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), this.httpTimeoutMs);
+    const headers = {
+      "Content-Type": "application/json",
+      "Content-Encoding": "gzip",
+      "X-Project-Key": this.projectKey,
+      "X-Signature": signature,
+      "X-Batch-Count": String(count)
+    };
+    try {
+      const response = await fetch(this.endpoint, { method: "POST", headers, body: new Uint8Array(payload), signal: controller.signal });
+      clearTimeout(timeoutId);
+      if (response.status >= 200 && response.status < 300) return { done: true, shouldRetry: false };
+      if (!isRetryableStatus(response.status) || attempt === MAX_ATTEMPTS - 1) {
+        this.logger.warn(`kohi: dropping batch status=${response.status} count=${count} attempt=${attempt + 1}/${MAX_ATTEMPTS}`);
+        return { done: true, shouldRetry: false };
+      }
+      return { done: false, shouldRetry: true };
+    } catch (err) {
+      clearTimeout(timeoutId);
+      this.logger.error(`kohi: fetch error: ${err}`);
+      if (attempt === MAX_ATTEMPTS - 1) {
+        this.logger.warn(`kohi: dropping batch after network errors count=${count}`);
+        return { done: true, shouldRetry: false };
+      }
+      return { done: false, shouldRetry: true };
+    }
+  }
+};
+function createMonitor(config) {
+  return new Monitor(config);
+}
+
+// src/integrations/express.ts
+function expressMiddleware(monitor) {
+  return (req, res, next) => {
+    if (!monitor.isEnabled()) {
+      next();
+      return;
+    }
+    const start = Date.now();
+    const chunks = [], resChunks = [];
+    let reqBodyBuf = Buffer.alloc(0), totalRes = 0, capped = false, reqBodyReady = false, sent = false;
+    req.on("data", (c) => chunks.push(c));
+    req.once("end", () => {
+      reqBodyBuf = Buffer.concat(chunks);
+      reqBodyReady = true;
+    });
+    const origWrite = res.write.bind(res), origEnd = res.end.bind(res);
+    res.write = function(chunk, encOrCb, cb) {
+      if (chunk && !capped) {
+        const buf = Buffer.isBuffer(chunk) ? chunk : Buffer.from(chunk);
+        const rem = MAX_RESPONSE_BODY - totalRes;
+        if (rem > 0) {
+          resChunks.push(buf.subarray(0, Math.min(buf.length, rem)));
+          totalRes += Math.min(buf.length, rem);
+        }
+        if (buf.length > rem) capped = true;
+      }
+      return typeof encOrCb === "function" ? origWrite(chunk, encOrCb) : origWrite(chunk, encOrCb, cb);
+    };
+    res.end = function(chunk, encOrCb, cb) {
+      if (chunk && !capped) {
+        const buf = Buffer.isBuffer(chunk) ? chunk : Buffer.from(chunk);
+        const rem = MAX_RESPONSE_BODY - totalRes;
+        if (rem > 0) resChunks.push(buf.subarray(0, Math.min(buf.length, rem)));
+      }
+      return typeof encOrCb === "function" ? origEnd(chunk, encOrCb) : origEnd(chunk, encOrCb, cb);
+    };
+    const finalize = () => {
+      if (sent) return;
+      sent = true;
+      const reqHeaders = canonicalHeaders(req.headers);
+      reqHeaders["x-kohi-version"] = VERSION;
+      const peerIP = peerIPFromRemoteAddr(req.socket?.remoteAddress ?? "");
+      const clientIP = extractClientIP(reqHeaders, peerIP);
+      const status = res.statusCode || 200;
+      let resBody = parseJSONBody(Buffer.concat(resChunks));
+      if (status >= 500 && resChunks.length === 0) resBody = { error: res.statusMessage || "Internal Server Error" };
+      const finalReqBody = reqBodyReady ? reqBodyBuf : Buffer.concat(chunks);
+      const evt = {
+        url: req.url ?? "/",
+        endpoint: req.url ?? "/",
+        method: (req.method ?? "GET").toUpperCase(),
+        status_code: status,
+        request_headers: reqHeaders,
+        request_body: parseJSONBody(finalReqBody),
+        response_headers: canonicalHeaders(res.getHeaders()),
+        response_body: resBody,
+        duration_ms: Date.now() - start,
+        client_ip: clientIP
+      };
+      monitor.addEvent(evt);
+    };
+    const fail = (err) => {
+      if (sent) return;
+      res.statusCode = res.statusCode >= 400 ? res.statusCode : 500;
+      resChunks.length = 0;
+      resChunks.push(Buffer.from(String(err)));
+      finalize();
+    };
+    res.on("finish", finalize);
+    res.on("close", finalize);
+    res.on("error", fail);
+    try {
+      next();
+    } catch (err) {
+      fail(err);
+      throw err;
+    }
+  };
+}
+
+// src/integrations/nextjs.ts
+var http = __toESM(require("http"));
+var MAX_REQUEST_BODY = 64 * 1024;
+var sharedMonitor = null;
+var instrumented = false;
+var requestBodies = /* @__PURE__ */ new WeakMap();
+function appendChunkLimited(chunks, chunk, state, limit) {
+  if (state.capped || chunk == null) return;
+  const buf = Buffer.isBuffer(chunk) ? chunk : Buffer.from(String(chunk));
+  const remaining = limit - state.total;
+  if (remaining <= 0) {
+    state.capped = true;
+    return;
+  }
+  const n = Math.min(buf.length, remaining);
+  chunks.push(buf.subarray(0, n));
+  state.total += n;
+  if (buf.length > remaining) state.capped = true;
+}
+function instrumentNextJs(cfg) {
+  if (instrumented) return;
+  instrumented = true;
+  const enabled = cfg.enabled ?? true;
+  if (!enabled) return;
+  sharedMonitor = new Monitor(cfg);
+  const originalPush = http.IncomingMessage.prototype.push;
+  http.IncomingMessage.prototype.push = function(chunk, encoding) {
+    const url = this.url ?? "";
+    if (url.startsWith("/api/") && !url.startsWith("/_next") && chunk !== null) {
+      let bodyData = requestBodies.get(this);
+      if (!bodyData) {
+        bodyData = { chunks: [], size: 0 };
+        requestBodies.set(this, bodyData);
+      }
+      if (bodyData.size < MAX_REQUEST_BODY) {
+        const buf = Buffer.isBuffer(chunk) ? chunk : Buffer.from(chunk, encoding);
+        const remaining = MAX_REQUEST_BODY - bodyData.size;
+        if (remaining > 0) {
+          bodyData.chunks.push(buf.subarray(0, Math.min(buf.length, remaining)));
+          bodyData.size += Math.min(buf.length, remaining);
+        }
+      }
+    }
+    return originalPush.call(this, chunk, encoding);
+  };
+  const originalEmit = http.Server.prototype.emit;
+  http.Server.prototype.emit = function(event, ...args) {
+    if (event === "request") {
+      const [req, res] = args;
+      instrumentRequest(req, res);
+    }
+    return originalEmit.apply(this, [event, ...args]);
+  };
+}
+function instrumentRequest(req, res) {
+  if (!sharedMonitor) return;
+  const url = req.url ?? "/";
+  if (url.startsWith("/_next") || url.startsWith("/__next") || url.includes("/_next/")) return;
+  if (!url.startsWith("/api/")) return;
+  const start = Date.now();
+  const method = req.method ?? "GET";
+  const reqHeaders = canonicalHeaders(req.headers);
+  reqHeaders["x-kohi-version"] = VERSION;
+  const peerIP = peerIPFromRemoteAddr(req.socket?.remoteAddress ?? "");
+  const clientIP = extractClientIP(reqHeaders, peerIP);
+  const captureState = { total: 0, capped: false };
+  const resChunks = [];
+  const originalWrite = res.write.bind(res);
+  const originalEnd = res.end.bind(res);
+  res.write = function(chunk, ...args) {
+    appendChunkLimited(resChunks, chunk, captureState, MAX_RESPONSE_BODY);
+    return originalWrite(chunk, ...args);
+  };
+  res.end = function(chunk, ...args) {
+    appendChunkLimited(resChunks, chunk, captureState, MAX_RESPONSE_BODY);
+    const resBody = Buffer.concat(resChunks).toString("utf8");
+    const duration = Date.now() - start;
+    const bodyData = requestBodies.get(req);
+    const reqBodyBuf = bodyData ? Buffer.concat(bodyData.chunks) : Buffer.alloc(0);
+    const reqBody = reqBodyBuf.length > 0 ? parseJSONBody(reqBodyBuf) : {};
+    requestBodies.delete(req);
+    const evt = {
+      url,
+      endpoint: url,
+      method,
+      status_code: res.statusCode,
+      request_headers: reqHeaders,
+      request_body: reqBody,
+      response_headers: canonicalHeaders(res.getHeaders()),
+      response_body: parseJSONBody(resBody),
+      duration_ms: duration,
+      client_ip: clientIP
+    };
+    sharedMonitor.addEvent(evt);
+    return originalEnd(chunk, ...args);
+  };
+}
+
+// src/index.ts
+function init(cfg) {
+  const monitor = new Monitor(cfg);
+  return {
+    monitor,
+    expressMiddleware: () => expressMiddleware(monitor),
+    instrumentNextJs: () => instrumentNextJs(cfg)
+  };
+}
+var defaultExport = Object.assign(Monitor, { init });
+var index_default = defaultExport;
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  DEFAULT_HTTP_TIMEOUT_MS,
+  DEFAULT_INGEST_ENDPOINT,
+  DEFAULT_MAX_CONCURRENT_SENDS,
+  DEFAULT_QUEUE_SIZE,
+  Monitor,
+  REDACTION_MASK,
+  SENSITIVE_KEYS,
+  VERSION,
+  canonicalHeaders,
+  createMonitor,
+  expressMiddleware,
+  extractClientIP,
+  firstIPFromList,
+  gzipAsync,
+  init,
+  instrumentNextJs,
+  isRetryableStatus,
+  isValidIP,
+  jitter,
+  normalizeIP,
+  parseForwardedHeader,
+  parseJSONBody,
+  peerIPFromRemoteAddr,
+  redactEvent,
+  redactHeaders,
+  redactValue,
+  sign,
+  sleep,
+  validateConfig
+});

package/package.json

@@ -0,0 +1,48 @@
+{
+  "name": "kohi-node",
+  "version": "0.1.2",
+  "description": "Kohi API monitoring SDK for Node.js",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "default": "./dist/index.js"
+    }
+  },
+  "files": [
+    "dist",
+    "LICENSE",
+    "README.md"
+  ],
+  "scripts": {
+    "build": "rm -rf dist && esbuild src/index.ts --bundle --platform=node --target=node18 --outfile=dist/index.js && dts-bundle-generator -o dist/index.d.ts src/index.ts --no-check",
+    "test": "npx tsx --test tests/index.test.ts",
+    "prepublishOnly": "npm run build"
+  },
+  "keywords": [
+    "api",
+    "monitoring",
+    "observability",
+    "kohi"
+  ],
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/kohicorp/kohi",
+    "directory": "sdk/node"
+  },
+  "homepage": "https://kohicorp.com",
+  "bugs": {
+    "url": "https://github.com/kohicorp/kohi/issues"
+  },
+  "devDependencies": {
+    "@types/node": "^20.19.30",
+    "dts-bundle-generator": "^9.5.1",
+    "esbuild": "^0.27.2",
+    "typescript": "^5.0.0"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  }
+}