securenow 5.6.0 → 5.7.0

package/README.md

@@ -1,6 +1,6 @@
 # SecureNow
 
-OpenTelemetry instrumentation for Node.js and Next.js applications - send **traces and logs** to any OTLP-compatible backend (including SecureNow).
+OpenTelemetry instrumentation for Node.js, Next.js, and Nuxt applications - send **traces and logs** to any OTLP-compatible backend (including SecureNow).
 
 **Official npm package:** [securenow](http://securenow.ai/)
 
@@ -8,6 +8,39 @@ OpenTelemetry instrumentation for Node.js and Next.js applications - send **trac
 
 ## 🚀 Quick Start
 
+### For Any Node.js App (Express, Fastify, NestJS, Koa, Hapi, etc.)
+
+```bash
+# 1. Install
+npm install securenow
+
+# 2. Set env vars
+export SECURENOW_APPID=my-app
+export SECURENOW_INSTANCE=https://freetrial.securenow.ai:4318
+
+# 3. Add -r securenow/register to your start command
+node -r securenow/register src/app.js
+```
+
+That's it. One `-r` flag is all you need — ESM and CJS apps are handled automatically (Node >=20.6 auto-registers the ESM loader hook).
+
+> **package.json** example:
+> ```json
+> "scripts": {
+>   "start": "node -r securenow/register src/index.js",
+>   "dev": "node -r securenow/register --watch src/index.js"
+> }
+> ```
+
+You can also use `NODE_OPTIONS` so your existing scripts stay unchanged:
+```bash
+NODE_OPTIONS="-r securenow/register" npm start
+```
+
+See the [All Frameworks Quick Start](./docs/ALL-FRAMEWORKS-QUICKSTART.md) for tested setup guides.
+
+---
+
 ### For Next.js Applications
 
 **The easiest way to add observability to Next.js!**
@@ -40,6 +73,32 @@ npx securenow init
 
 ---
 
+### For Nuxt 3 Applications
+
+```bash
+# 1. Install
+npm install securenow
+```
+
+Add the module to your `nuxt.config.ts`:
+
+```ts
+export default defineNuxtConfig({
+  modules: ['securenow/nuxt'],
+});
+```
+
+Set environment variables in `.env`:
+
+```bash
+SECURENOW_APPID=my-nuxt-app
+SECURENOW_INSTANCE=https://freetrial.securenow.ai:4318
+```
+
+**Done!** All server-side requests are now traced automatically. See the [Nuxt 3 Complete Guide](./docs/NUXT-GUIDE.md) for details.
+
+---
+
 ### CLI — Manage Everything from the Terminal
 
 ```bash
@@ -70,41 +129,6 @@ Run `npx securenow help` for all commands. See the [CLI Reference](#cli-referenc
 
 ---
 
-### For Node.js Applications (Express, Fastify, NestJS, etc.)
-
-#### Tracing Only
-
-```bash
-# 1. Install
-npm install securenow
-
-# 2. Set environment variables
-export SECURENOW_APPID=my-app
-export SECURENOW_INSTANCE=http://your-otlp-collector:4318
-
-# 3. Run with preload
-NODE_OPTIONS="-r securenow/register" node app.js
-# or
-NODE_OPTIONS="-r securenow/register" npm start
-```
-
-#### Tracing + Logging (Recommended)
-
-```bash
-# 1. Install
-npm install securenow
-
-# 2. Set environment variables
-export SECURENOW_APPID=my-app
-export SECURENOW_INSTANCE=http://your-otlp-collector:4318
-export SECURENOW_LOGGING_ENABLED=1
-
-# 3. Run with preload (adds logging)
-NODE_OPTIONS="-r securenow/register -r securenow/console-instrumentation" node app.js
-
-# Now all console.log/info/warn/error automatically go to your OTLP backend (for example SecureNow)!
-```
-
 ---
 
 ## 📦 Installation
@@ -161,6 +185,7 @@ SecureNow automatically instruments:
 
 ### Web Frameworks
 - ✅ Next.js (App Router & Pages Router)
+- ✅ Nuxt 3 (Nitro server)
 - ✅ Express.js
 - ✅ Fastify
 - ✅ NestJS
@@ -191,10 +216,12 @@ SecureNow automatically instruments:
 
 ### Quick Starts
 - **[Next.js Quick Start](./docs/NEXTJS-QUICKSTART.md)** - Get started in 30 seconds
+- **[Nuxt 3 Guide](./docs/NUXT-GUIDE.md)** - One-line Nuxt module setup
 - **[Logging Quick Start](./docs/LOGGING-QUICKSTART.md)** - Add logging in 2 minutes
 
 ### Complete Guides
 - **[Next.js Complete Guide](./docs/NEXTJS-GUIDE.md)** - Full Next.js integration guide
+- **[Nuxt 3 Complete Guide](./docs/NUXT-GUIDE.md)** - Full Nuxt 3 integration guide
 - **[Logging Complete Guide](./docs/LOGGING-GUIDE.md)** - Full logging setup for all frameworks
 - **[📚 Complete Documentation](./docs/INDEX.md)** - All guides and references
 
@@ -207,6 +234,15 @@ SecureNow automatically instruments:
 
 After installing the package, the `securenow` CLI is available via `npx securenow` or globally after `npm install -g securenow`.
 
+### Run (convenience wrapper)
+
+| Command | Description |
+|---------|-------------|
+| `securenow run <script>` | Run a Node.js app with `-r securenow/register` injected |
+| `securenow run --watch <script>` | Same, with Node.js watch mode |
+
+Most users won't need this — just add `-r securenow/register` to your existing start script.
+
 ### Authentication
 
 | Command | Description |

package/cli/monitor.js

@@ -105,7 +105,19 @@ async function tracesAnalyze(args, flags) {
 
   const s = ui.spinner('Analyzing trace with AI');
   try {
-    const result = await api.post('/traces/analyze', { traceId });
+    let result = await api.post('/traces/analyze', { traceId });
+
+    if (result.analysisId && result.status === 'running') {
+      const analysisId = result.analysisId;
+      for (let i = 0; i < 120; i++) {
+        await new Promise(r => setTimeout(r, 3000));
+        result = await api.get(`/traces/analyze/${analysisId}`);
+        if (result.status === 'completed' || result.status === 'failed') break;
+      }
+      if (result.status === 'failed') throw new Error(result.error || 'Analysis failed');
+      if (result.status === 'running') throw new Error('Analysis timed out');
+    }
+
     s.stop('Analysis complete');
 
     if (flags.json) { ui.json(result); return; }

package/cli/run.js

@@ -0,0 +1,133 @@
+'use strict';
+
+const { spawn } = require('child_process');
+const path = require('path');
+const fs = require('fs');
+const ui = require('./ui');
+
+function isESM(scriptPath) {
+  if (scriptPath.endsWith('.mjs')) return true;
+  if (scriptPath.endsWith('.cjs')) return false;
+
+  let dir = path.resolve(path.dirname(scriptPath));
+  while (true) {
+    const pkgPath = path.join(dir, 'package.json');
+    if (fs.existsSync(pkgPath)) {
+      try {
+        const pkg = JSON.parse(fs.readFileSync(pkgPath, 'utf8'));
+        return pkg.type === 'module';
+      } catch { return false; }
+    }
+    const parent = path.dirname(dir);
+    if (parent === dir) break;
+    dir = parent;
+  }
+  return false;
+}
+
+function resolveSecurenowRegister() {
+  // When running from the published package, securenow/register resolves to our own register.js.
+  // When running from the monorepo, resolve relative to this file.
+  try {
+    return require.resolve('securenow/register');
+  } catch {
+    return path.resolve(__dirname, '..', 'register.js');
+  }
+}
+
+function resolveESMHook() {
+  // --import uses ESM resolution which requires file:// URLs for absolute paths
+  // on Windows. Using the bare specifier lets Node's own resolver handle it.
+  try {
+    const resolved = require.resolve('@opentelemetry/instrumentation/hook.mjs');
+    const { pathToFileURL } = require('url');
+    return pathToFileURL(resolved).href;
+  } catch {
+    return '@opentelemetry/instrumentation/hook.mjs';
+  }
+}
+
+/**
+ * securenow run [node-flags...] <script> [app-args...]
+ *
+ * Spawns node with the correct OTel preload flags.
+ * Passes through Node flags (--watch, --inspect, etc.) and app arguments.
+ *
+ * We re-parse from process.argv directly so that flags like --watch and
+ * --inspect are forwarded to node verbatim (the CLI's own arg parser
+ * would otherwise consume them).
+ */
+function run(rawArgs) {
+  // rawArgs comes directly from process.argv, everything after `run` (or the file path)
+  if (!rawArgs || rawArgs.length === 0) {
+    ui.error('Missing script path.');
+    console.log('');
+    console.log(`  ${ui.c.bold('Usage:')} securenow run [node-flags] <script> [app-args]`);
+    console.log('');
+    console.log(`  ${ui.c.bold('Examples:')}`);
+    console.log(`    securenow run src/index.js`);
+    console.log(`    securenow run --watch src/index.js`);
+    console.log(`    securenow run --inspect src/server.js --port 3000`);
+    console.log('');
+    process.exit(1);
+  }
+
+  const args = rawArgs;
+
+  // Split into: node flags (before the script), script path, and app args (after)
+  const nodeFlags = [];
+  let scriptIdx = -1;
+
+  for (let i = 0; i < args.length; i++) {
+    if (args[i].startsWith('-')) {
+      nodeFlags.push(args[i]);
+    } else {
+      scriptIdx = i;
+      break;
+    }
+  }
+
+  if (scriptIdx === -1) {
+    ui.error('No script path found. Provide a .js/.mjs/.ts file to run.');
+    process.exit(1);
+  }
+
+  const scriptPath = args[scriptIdx];
+  const appArgs = args.slice(scriptIdx + 1);
+
+  const esm = isESM(scriptPath);
+  const registerPath = resolveSecurenowRegister();
+
+  const otelFlags = [];
+  if (esm) {
+    otelFlags.push('--import', resolveESMHook());
+  }
+  otelFlags.push('--require', registerPath);
+
+  const finalArgs = [...otelFlags, ...nodeFlags, scriptPath, ...appArgs];
+
+  const nodeExe = process.execPath;
+
+  if (process.env.SECURENOW_DEBUG) {
+    console.log(`[securenow] ${ui.c.dim('exec:')} ${nodeExe} ${finalArgs.join(' ')}`);
+  }
+
+  const child = spawn(nodeExe, finalArgs, {
+    stdio: 'inherit',
+    env: process.env,
+    cwd: process.cwd(),
+  });
+
+  child.on('close', (code) => process.exit(code ?? 1));
+  child.on('error', (err) => {
+    ui.error(`Failed to start: ${err.message}`);
+    process.exit(1);
+  });
+
+  // Forward termination signals to the child
+  for (const sig of ['SIGINT', 'SIGTERM', 'SIGHUP']) {
+    process.on(sig, () => child.kill(sig));
+  }
+}
+
+module.exports = { run };

package/cli.js

@@ -1,4 +1,4 @@
-#!/usr/bin/env node
+#!/usr/bin/env node
 'use strict';
 
 const ui = require('./cli/ui');
@@ -235,6 +235,13 @@ const COMMANDS = {
     flags: { typescript: 'Force TypeScript', javascript: 'Force JavaScript', src: 'Create in src/', root: 'Create in root', force: 'Overwrite existing' },
     run: (a, f) => require('./cli/init').init(a, f),
   },
+  run: {
+    desc: 'Run a Node.js app with automatic OTel instrumentation',
+    usage: 'securenow run [node-flags] <script> [app-args]',
+    flags: { watch: 'Enable Node.js watch mode', inspect: 'Enable Node.js inspector' },
+    rawArgv: true,
+    run: (rawArgs) => require('./cli/run').run(rawArgs),
+  },
   version: {
     desc: 'Show CLI version',
     run: () => {
@@ -293,6 +300,7 @@ function showHelp(commandName) {
   showBanner();
 
   const groups = {
+    'Run': ['run'],
     'Authentication': ['login', 'logout', 'whoami'],
     'Applications': ['apps', 'init', 'status'],
     'Observe': ['traces', 'logs', 'analytics'],
@@ -334,11 +342,24 @@ async function main() {
 
   const cmd = COMMANDS[cmdName];
   if (!cmd) {
+    // Auto-detect: if the first arg looks like a file path, treat it as `securenow run <file>`
+    if (/\.(m?[jt]sx?|cjs)$/.test(cmdName) || cmdName.includes('/') || cmdName.includes('\\')) {
+      return COMMANDS.run.run(process.argv.slice(2));
+    }
     ui.error(`Unknown command: ${cmdName}`);
     ui.info('Run `securenow help` for a list of commands.');
     process.exit(1);
   }
 
+  if (cmd.rawArgv) {
+    // Pass raw argv (everything after the command name) so the command can
+    // forward flags like --watch, --inspect verbatim to child processes.
+    const cmdIdx = process.argv.indexOf(cmdName);
+    const rawArgs = cmdIdx !== -1 ? process.argv.slice(cmdIdx + 1) : positional.slice(1);
+    await cmd.run(rawArgs);
+    return;
+  }
+
   if (cmd.run && !cmd.sub) {
     await cmd.run(positional.slice(1), flags);
     return;

package/console-instrumentation.js

@@ -71,13 +71,17 @@ function formatMessage(args) {
     .join(' ');
 }
 
+const { context, trace } = require('@opentelemetry/api');
+
 /**
- * Emit a log record
+ * Emit a log record, correlating with the active trace/span when available
  */
 function emitLog(severityNumber, severityText, args) {
   const message = formatMessage(args);
   
   try {
+    const activeCtx = context.active();
+    const spanCtx = trace.getSpanContext(activeCtx);
     logger.emit({
       severityNumber,
       severityText,
@@ -86,6 +90,7 @@ function emitLog(severityNumber, severityText, args) {
         'log.source': 'console',
         'log.method': severityText.toLowerCase(),
       },
+      ...(spanCtx && { context: activeCtx }),
     });
   } catch (e) {
     // Silently fail to avoid breaking the application