npm - tokentracker-cli - Versions diffs - 0.24.6 → 0.24.8 - Mend

tokentracker-cli 0.24.6 → 0.24.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (45) hide show

package/src/commands/sync.js CHANGED Viewed

@@ -52,6 +52,8 @@ const {
   parseZedIncremental,
   resolveGooseDbPath,
   parseGooseIncremental,
+  listDroidSettingsFiles,
+  parseDroidIncremental,
   bucketKey,
   totalsKey,
   claudeMessageDedupKey,
@@ -456,6 +458,35 @@ async function cmdSync(argv) {
       });
     }
+    // ── Droid (Factory CLI) — passive reader for ~/.factory/sessions/*.settings.json ──
+    const droidSettingsFiles = listDroidSettingsFiles(process.env);
+    let droidResult = { recordsProcessed: 0, eventsAggregated: 0, bucketsQueued: 0 };
+    if (droidSettingsFiles.length > 0) {
+      if (progress?.enabled) {
+        progress.start(
+          `Parsing Droid ${renderBar(0)} 0/${formatNumber(droidSettingsFiles.length)} sessions | buckets 0`,
+        );
+      }
+      droidResult = await parseDroidIncremental({
+        settingsFiles: droidSettingsFiles,
+        cursors,
+        queuePath,
+        // Full-scan sync: drop cursor entries for any session whose
+        // settings.json has disappeared off disk so cursors.droid stays
+        // bounded by the actual on-disk session count.
+        prune: true,
+        onProgress: (p) => {
+          if (!progress?.enabled) return;
+          const pct = p.total > 0 ? p.index / p.total : 1;
+          progress.update(
+            `Parsing Droid ${renderBar(pct)} ${formatNumber(p.index)}/${formatNumber(
+              p.total,
+            )} sessions | buckets ${formatNumber(p.bucketsQueued)}`,
+          );
+        },
+      });
+    }
     // ── Zed Agent (hosted models only; cumulative-delta over SQLite threads) ──
     const zedDbPath = resolveZedDbPath(process.env);
     let zedResult = { recordsProcessed: 0, eventsAggregated: 0, bucketsQueued: 0 };
@@ -948,7 +979,8 @@ async function cmdSync(argv) {
         kilocodeResult.recordsProcessed +
         roocodeResult.recordsProcessed +
         zedResult.recordsProcessed +
-        gooseResult.recordsProcessed;
+        gooseResult.recordsProcessed +
+        droidResult.recordsProcessed;
       const totalBuckets =
         parseResult.bucketsQueued +
         openclawResult.bucketsQueued +
@@ -971,7 +1003,8 @@ async function cmdSync(argv) {
         kilocodeResult.bucketsQueued +
         roocodeResult.bucketsQueued +
         zedResult.bucketsQueued +
-        gooseResult.bucketsQueued;
+        gooseResult.bucketsQueued +
+        droidResult.bucketsQueued;
       process.stdout.write(
         [
           "Sync finished:",

package/src/lib/local-api.js CHANGED Viewed

@@ -14,6 +14,13 @@ const {
 const SYNC_TIMEOUT_MS = 120_000;
 const TRACKER_BIN = path.resolve(__dirname, "../../bin/tracker.js");
+// Avatar proxy (see /api/avatar-proxy below). In-memory LRU; survives the
+// CLI server lifetime, which is good enough — the dashboard reloads cheaply.
+const AVATAR_PROXY_TTL_MS = 60 * 60 * 1000; // 1h
+const AVATAR_PROXY_MAX_BYTES = 512 * 1024; // 512 KiB per image
+const AVATAR_PROXY_MAX_ENTRIES = 64;
+const avatarProxyCache = new Map();
 // ---------------------------------------------------------------------------
 // Per-model pricing — delegated to src/lib/pricing/
 //   - CURATED overrides (kiro-*, hy3-*, composer-*, kimi-for-coding, etc.)
@@ -1100,6 +1107,111 @@ function createLocalApiHandler({ queuePath }) {
       return true;
     }
+    // --- avatar proxy: fetch third-party avatars server-side ---
+    // Why: WKWebView in TokenTrackerBar fails to load some users' Google /
+    // GitHub avatars directly (network-stack / proxy / TLS quirks vary by
+    // environment), even when the same URL renders fine in Safari. Proxying
+    // through Node's fetch — which honors system proxy + cookies-of-none —
+    // produces a same-origin <img> the WKWebView always accepts.
+    // Lock-down: GET only; host allowlist of well-known avatar CDNs (no open
+    // proxy); strip cookies/auth; small in-memory cache.
+    if (p === "/api/avatar-proxy") {
+      const method = String(req.method || "GET").toUpperCase();
+      if (method !== "GET" && method !== "HEAD") {
+        json(res, { error: "Method Not Allowed" }, 405);
+        return true;
+      }
+      const target = url.searchParams.get("url");
+      if (!target) {
+        json(res, { error: "Missing url" }, 400);
+        return true;
+      }
+      let parsed;
+      try {
+        parsed = new URL(target);
+      } catch {
+        json(res, { error: "Invalid url" }, 400);
+        return true;
+      }
+      if (parsed.protocol !== "https:" && parsed.protocol !== "http:") {
+        json(res, { error: "Only http(s) allowed" }, 400);
+        return true;
+      }
+      const AVATAR_HOST_ALLOWLIST = [
+        "lh3.googleusercontent.com",
+        "lh4.googleusercontent.com",
+        "lh5.googleusercontent.com",
+        "lh6.googleusercontent.com",
+        "avatars.githubusercontent.com",
+        "secure.gravatar.com",
+        "www.gravatar.com",
+        "gravatar.com",
+        "cdn.discordapp.com",
+        "pbs.twimg.com",
+        "abs.twimg.com",
+        "api.dicebear.com",
+      ];
+      const hostOk = AVATAR_HOST_ALLOWLIST.some(
+        (h) => parsed.hostname === h || parsed.hostname.endsWith(`.${h}`),
+      );
+      if (!hostOk) {
+        json(res, { error: "Host not allowed" }, 403);
+        return true;
+      }
+      const cacheKey = parsed.toString();
+      const now = Date.now();
+      const cached = avatarProxyCache.get(cacheKey);
+      if (cached && now - cached.fetchedAt < AVATAR_PROXY_TTL_MS) {
+        res.writeHead(200, {
+          "Content-Type": cached.contentType,
+          "Cache-Control": "public, max-age=3600",
+          "X-Avatar-Cache": "HIT",
+        });
+        res.end(method === "HEAD" ? undefined : cached.body);
+        return true;
+      }
+      try {
+        const upstream = await fetch(cacheKey, {
+          method,
+          redirect: "follow",
+          headers: {
+            accept: req.headers["accept"] || "image/*",
+            "accept-language": req.headers["accept-language"] || "en",
+            "user-agent": "TokenTracker/AvatarProxy (https://www.tokentracker.cc)",
+          },
+        });
+        if (!upstream.ok) {
+          json(res, { error: `Upstream ${upstream.status}` }, upstream.status);
+          return true;
+        }
+        const contentType = upstream.headers.get("content-type") || "image/png";
+        if (!contentType.toLowerCase().startsWith("image/")) {
+          json(res, { error: "Not an image" }, 415);
+          return true;
+        }
+        const body = Buffer.from(await upstream.arrayBuffer());
+        if (body.length <= AVATAR_PROXY_MAX_BYTES) {
+          // Simple LRU: drop oldest if over capacity.
+          if (avatarProxyCache.size >= AVATAR_PROXY_MAX_ENTRIES) {
+            const oldestKey = avatarProxyCache.keys().next().value;
+            if (oldestKey) avatarProxyCache.delete(oldestKey);
+          }
+          avatarProxyCache.set(cacheKey, { body, contentType, fetchedAt: now });
+        }
+        res.writeHead(200, {
+          "Content-Type": contentType,
+          "Cache-Control": "public, max-age=3600",
+          "X-Avatar-Cache": "MISS",
+        });
+        res.end(method === "HEAD" ? undefined : body);
+      } catch (e) {
+        json(res, { error: `Avatar proxy error: ${e?.message || e}` }, 502);
+      }
+      return true;
+    }
     // --- local-sync (POST) ---
     if (p === "/functions/tokentracker-local-sync") {
       if (String(req.method || "GET").toUpperCase() !== "POST") {

package/src/lib/pricing/matcher.js CHANGED Viewed

@@ -72,6 +72,33 @@ function getSortedKeys(litellm) {
   return cached;
 }
+function buildDotRestoredModel(model) {
+  if (typeof model !== "string") return "";
+  const lower = model.toLowerCase();
+  const restored = lower.replace(/(\d+)-(\d+)/g, "$1.$2");
+  return restored === lower ? "" : restored;
+}
+function lookupExactCaseInsensitive(table, model) {
+  if (!table || !model) return null;
+  if (table[model]) return table[model];
+  const lower = model.toLowerCase();
+  for (const key of Object.keys(table)) {
+    if (key.toLowerCase() === lower) return table[key];
+  }
+  return null;
+}
+function lookupContainedExactCaseInsensitive(table, model) {
+  if (!table || !model) return null;
+  const lower = model.toLowerCase();
+  const keys = Object.keys(table).sort((a, b) => b.length - a.length);
+  for (const key of keys) {
+    if (lower.includes(key.toLowerCase())) return table[key];
+  }
+  return null;
+}
 function lookupPricing(model, { curated, litellm, source } = {}) {
   if (!model || typeof model !== "string") {
     return { hit: false, source: "empty", value: null };
@@ -80,16 +107,29 @@ function lookupPricing(model, { curated, litellm, source } = {}) {
     ? normalizeAntigravityModel(model)
     : model;
   const lower = lookupModel.toLowerCase();
+  const dotForm = buildDotRestoredModel(lookupModel);
   // 1. CURATED exact
   if (curated.exact && curated.exact[lookupModel]) {
     return { hit: true, source: "curated:exact", value: curated.exact[lookupModel] };
   }
+  const curatedDotExact = lookupExactCaseInsensitive(curated.exact, dotForm);
+  if (curatedDotExact) {
+    return { hit: true, source: "curated:exact-dot", value: curatedDotExact };
+  }
+  const curatedDotContainedExact = lookupContainedExactCaseInsensitive(curated.exact, dotForm);
+  if (curatedDotContainedExact) {
+    return { hit: true, source: "curated:exact-dot", value: curatedDotContainedExact };
+  }
   // 2. LiteLLM exact
   if (litellm && litellm[lookupModel]) {
     return { hit: true, source: "litellm:exact", value: litellm[lookupModel] };
   }
+  const litellmDotExact = lookupExactCaseInsensitive(litellm, dotForm);
+  if (litellmDotExact) {
+    return { hit: true, source: "litellm:exact-dot", value: litellmDotExact };
+  }
   // 3. CURATED alias (literal mapping like "auto" -> "composer-1")
   if (curated.alias && curated.alias[lookupModel] && curated.exact[curated.alias[lookupModel]]) {
@@ -100,11 +140,22 @@ function lookupPricing(model, { curated, litellm, source } = {}) {
     };
   }
-  // 4. CURATED fuzzy substring
+  // 4. CURATED fuzzy substring. Also try a dot-restored variant of the input
+  // (digits separated by `-` rejoined as `.`) so providers that dash-normalize
+  // numeric segments — Droid emits `glm-5-1-0` for upstream `GLM-5.1` — still
+  // resolve against dot-keyed curated entries like `glm-5.1`, `glm-4.6`, etc.
+  // The regex only fires on digit-dash-digit, so `claude-3-7-sonnet`,
+  // `gpt-5-codex`, `gemini-2-5-pro` are unaffected (no digit-pair to rejoin or
+  // no matching curated key).
   if (Array.isArray(curated.fuzzy)) {
     for (const { match, ref } of curated.fuzzy) {
       if (!match || !ref) continue;
-      if (lower.includes(match.toLowerCase()) && curated.exact[ref]) {
+      const needle = match.toLowerCase();
+      if (!curated.exact[ref]) continue;
+      if (lower.includes(needle)) {
+        return { hit: true, source: "curated:fuzzy", value: curated.exact[ref] };
+      }
+      if (dotForm && dotForm.includes(needle)) {
         return { hit: true, source: "curated:fuzzy", value: curated.exact[ref] };
       }
     }
@@ -125,7 +176,7 @@ function lookupPricing(model, { curated, litellm, source } = {}) {
       const keyLower = key.toLowerCase();
       // Only accept if model is a superset of key (model contains key), to
       // avoid e.g. "gpt-5" matching "gpt-5-pro" in the wrong direction.
-      if (lower.includes(keyLower)) {
+      if (lower.includes(keyLower) || (dotForm && dotForm.includes(keyLower))) {
         return { hit: true, source: "litellm:fuzzy", value: litellm[key] };
       }
     }