sentinelayer-cli 0.1.1 → 0.3.0

package/src/telemetry/session-tracker.js

@@ -0,0 +1,118 @@
+import pc from "picocolors";
+
+/**
+ * Session Tracker — tracks tokens, tool calls, cost, and time per CLI run.
+ *
+ * Inspired by src/bootstrap/state.ts and src/cost-tracker.ts patterns:
+ * - Single global session state initialized once
+ * - Accumulator functions for each metric
+ * - Summary getter for final report
+ * - Print summary on completion
+ */
+
+let SESSION = null;
+
+/**
+ * Initialize a new tracking session.
+ * Call this at the start of any auditable command.
+ */
+export function startSession(command) {
+  SESSION = {
+    command: command || "unknown",
+    startedAt: Date.now(),
+    inputTokens: 0,
+    outputTokens: 0,
+    costUsd: 0,
+    toolCalls: 0,
+    llmCalls: 0,
+    findings: { P0: 0, P1: 0, P2: 0, P3: 0 },
+  };
+  return SESSION;
+}
+
+/**
+ * Record token usage from an LLM call.
+ */
+export function recordLlmUsage({ inputTokens = 0, outputTokens = 0, costUsd = 0 } = {}) {
+  if (!SESSION) return;
+  SESSION.inputTokens += inputTokens;
+  SESSION.outputTokens += outputTokens;
+  SESSION.costUsd += costUsd;
+  SESSION.llmCalls += 1;
+}
+
+/**
+ * Record a tool call.
+ */
+export function recordToolCall() {
+  if (!SESSION) return;
+  SESSION.toolCalls += 1;
+}
+
+/**
+ * Record findings.
+ */
+export function recordFindings(summary) {
+  if (!SESSION) return;
+  if (summary?.P0) SESSION.findings.P0 += summary.P0;
+  if (summary?.P1) SESSION.findings.P1 += summary.P1;
+  if (summary?.P2) SESSION.findings.P2 += summary.P2;
+  if (summary?.P3) SESSION.findings.P3 += summary.P3;
+}
+
+/**
+ * Get the current session summary.
+ */
+export function getSessionSummary() {
+  if (!SESSION) return null;
+  const durationMs = Date.now() - SESSION.startedAt;
+  return {
+    command: SESSION.command,
+    durationMs,
+    inputTokens: SESSION.inputTokens,
+    outputTokens: SESSION.outputTokens,
+    totalTokens: SESSION.inputTokens + SESSION.outputTokens,
+    costUsd: SESSION.costUsd,
+    toolCalls: SESSION.toolCalls,
+    llmCalls: SESSION.llmCalls,
+    findings: { ...SESSION.findings },
+  };
+}
+
+/**
+ * Print the session summary to stderr.
+ * Called at the end of any auditable command.
+ */
+export function printSessionSummary() {
+  const summary = getSessionSummary();
+  if (!summary) return;
+
+  const duration = summary.durationMs < 60000
+    ? (summary.durationMs / 1000).toFixed(1) + "s"
+    : (summary.durationMs / 60000).toFixed(1) + "m";
+
+  const tokens = summary.totalTokens > 1000
+    ? (summary.totalTokens / 1000).toFixed(1) + "K"
+    : String(summary.totalTokens);
+
+  const parts = [];
+  parts.push(pc.gray("Run complete:"));
+  parts.push(pc.white(tokens + " tokens"));
+  parts.push(pc.white(summary.toolCalls + " tools"));
+  if (summary.costUsd > 0) parts.push(pc.white("$" + summary.costUsd.toFixed(2)));
+  parts.push(pc.white(duration));
+
+  const findingParts = [];
+  if (summary.findings.P0 > 0) findingParts.push(pc.red("P0=" + summary.findings.P0));
+  if (summary.findings.P1 > 0) findingParts.push(pc.yellow("P1=" + summary.findings.P1));
+  if (summary.findings.P2 > 0) findingParts.push(pc.cyan("P2=" + summary.findings.P2));
+  if (summary.findings.P3 > 0) findingParts.push(pc.gray("P3=" + summary.findings.P3));
+
+  process.stderr.write("\n" + parts.join(" · "));
+  if (findingParts.length > 0) {
+    process.stderr.write(" | " + findingParts.join(" "));
+  }
+  process.stderr.write("\n");
+
+  return summary;
+}

package/src/telemetry/sync.js

@@ -0,0 +1,190 @@
+import { execFileSync } from "node:child_process";
+import { randomUUID } from "node:crypto";
+import { readFileSync } from "node:fs";
+import { fileURLToPath } from "node:url";
+import { dirname, resolve } from "node:path";
+import { readStoredSession } from "../auth/session-store.js";
+
+// Read CLI version from package.json at module load
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = dirname(__filename);
+const pkgPath = resolve(__dirname, "../../package.json");
+let CLI_VERSION = "0.0.0";
+try {
+  CLI_VERSION = JSON.parse(readFileSync(pkgPath, "utf-8")).version;
+} catch { /* fallback */ }
+
+// Simple circuit breaker: skip sync after 3 consecutive failures
+let consecutiveFailures = 0;
+const MAX_CONSECUTIVE_FAILURES = 3;
+
+/**
+ * Telemetry Sync — uploads CLI run results to sentinelayer-api.
+ *
+ * Called after audit, review, omargate commands complete.
+ * Fire-and-forget: never blocks the CLI, never crashes on failure.
+ * The API stores this data and the web dashboard renders it.
+ *
+ * What syncs:
+ * - Run metadata (command, persona, mode, framework detected)
+ * - Findings summary (P0/P1/P2/P3 counts, blocking status)
+ * - Usage telemetry (tokens, cost, duration, tool calls)
+ * - Stop reason (budget exhausted, max turns, completed, etc.)
+ *
+ * What stays local:
+ * - Full finding details (file:line evidence) — too large for sync
+ * - Ingest artifacts — regenerated locally
+ * - Spec/prompt/guide files — project artifacts
+ */
+
+const SYNC_TIMEOUT_MS = 10000;
+
+/**
+ * Sync a CLI run to the user's sentinelayer dashboard.
+ *
+ * @param {object} runData
+ * @param {string} runData.command - e.g., "audit frontend", "omargate deep", "review scan"
+ * @param {string} [runData.persona] - e.g., "Jules Tanaka"
+ * @param {string} [runData.mode] - e.g., "primary", "deep", "diff"
+ * @param {object} [runData.summary] - { total, P0, P1, P2, P3, blocking }
+ * @param {object} [runData.usage] - { tokens, inputTokens, outputTokens, costUsd, durationMs, toolCalls }
+ * @param {string} [runData.stopReason] - e.g., "completed", "budget_exhausted"
+ * @param {string} [runData.framework] - e.g., "next.js"
+ * @param {object} [runData.reconciliation] - baseline reconciliation summary
+ * @param {object} [runData.runtime] - runtime audit summary (lighthouse scores, headers)
+ * @returns {Promise<{ synced: boolean, reason?: string, runId?: string }>}
+ */
+export async function syncRunToDashboard(runData) {
+  // Circuit breaker: skip if too many consecutive failures
+  if (consecutiveFailures >= MAX_CONSECUTIVE_FAILURES) {
+    return { synced: false, reason: "circuit_breaker_open" };
+  }
+
+  let session;
+  try {
+    session = await readStoredSession();
+  } catch {
+    return { synced: false, reason: "no_session" };
+  }
+
+  if (!session || !session.token) {
+    return { synced: false, reason: "not_authenticated" };
+  }
+
+  const apiUrl = session.apiUrl || "https://api.sentinelayer.com";
+  const runId = randomUUID();
+
+  try {
+    const payload = {
+      schema_version: "1.0",
+      tier: 2,
+      run: {
+        run_id: runId,
+        timestamp_utc: new Date().toISOString(),
+        duration_ms: runData.usage?.durationMs || 0,
+        state: runData.stopReason || "passed",
+      },
+      repo: {
+        owner: detectRepoOwner(),
+        name: detectRepoName(),
+        branch: detectGitRef(),
+      },
+      scan: {
+        mode: mapCommandToMode(runData.command),
+        tokens_in: runData.usage?.inputTokens || runData.usage?.tokens || 0,
+        tokens_out: runData.usage?.outputTokens || 0,
+        cost_estimate_usd: runData.usage?.costUsd || 0,
+        model_used: runData.persona || "deterministic",
+      },
+      findings: {
+        counts: {
+          P0: runData.summary?.P0 || 0,
+          P1: runData.summary?.P1 || 0,
+          P2: runData.summary?.P2 || 0,
+          P3: runData.summary?.P3 || 0,
+        },
+      },
+      gate: {
+        result: runData.summary?.blocking ? "blocked" : "passed",
+        severity_threshold: "P1",
+      },
+      meta: {
+        source: "cli",
+        command: runData.command,
+        persona: runData.persona || null,
+        framework: runData.framework || null,
+        cli_version: CLI_VERSION,
+      },
+    };
+
+    const response = await fetch(apiUrl + "/api/v1/telemetry", {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        Authorization: "Bearer " + session.token,
+      },
+      signal: AbortSignal.timeout(SYNC_TIMEOUT_MS),
+      body: JSON.stringify(payload),
+    });
+
+    if (!response.ok) {
+      consecutiveFailures++;
+      return { synced: false, reason: "api_" + response.status };
+    }
+
+    consecutiveFailures = 0; // reset on success
+    return { synced: true, runId };
+  } catch (err) {
+    consecutiveFailures++;
+    return { synced: false, reason: err.message };
+  }
+}
+
+function mapCommandToMode(command) {
+  if (!command) return "quick_scan";
+  const lower = String(command).toLowerCase();
+  if (lower.includes("omargate")) return "deep_scan";
+  if (lower.includes("review")) return "quick_scan";
+  if (lower.includes("audit") && lower.includes("frontend")) return "audit_frontend";
+  if (lower.includes("audit")) return "audit_full";
+  if (lower.includes("fix")) return "edit_gated";
+  return "quick_scan";
+}
+
+function detectRepoOwner() {
+  try {
+    const remote = execFileSync("git", ["remote", "get-url", "origin"], {
+      encoding: "utf-8", timeout: 5000, stdio: ["pipe", "pipe", "pipe"],
+    }).trim();
+    // Match owner from patterns like:
+    //   https://github.com/owner/repo.git
+    //   git@github.com:owner/repo.git
+    const httpsMatch = remote.match(/(?:github\.com|gitlab\.com)[/:]([^/]+)\//);
+    if (httpsMatch) return httpsMatch[1];
+    return "unknown";
+  } catch {
+    return "unknown";
+  }
+}
+
+function detectRepoName() {
+  try {
+    const remote = execFileSync("git", ["remote", "get-url", "origin"], {
+      encoding: "utf-8", timeout: 5000, stdio: ["pipe", "pipe", "pipe"],
+    }).trim();
+    const match = remote.match(/\/([^/]+?)(?:\.git)?$/);
+    return match ? match[1] : "unknown";
+  } catch {
+    return "local";
+  }
+}
+
+function detectGitRef() {
+  try {
+    return execFileSync("git", ["rev-parse", "--abbrev-ref", "HEAD"], {
+      encoding: "utf-8", timeout: 5000, stdio: ["pipe", "pipe", "pipe"],
+    }).trim() || "main";
+  } catch {
+    return "main";
+  }
+}