sourcecode 1.35.36__py3-none-any.whl → 1.36.1__py3-none-any.whl

sourcecode/__init__.py

@@ -1,3 +1,3 @@
 """sourcecode — Deterministic codebase context maps for AI coding agents."""
 
-__version__ = "1.35.36"
+__version__ = "1.36.1"

sourcecode/cache.py

@@ -58,6 +58,8 @@ import json
 import os
 import re
 import subprocess
+import time
+import uuid
 from datetime import datetime, timezone
 from pathlib import Path
 from typing import Any, Optional
@@ -101,6 +103,12 @@ _DEFAULT_KEEP_COMMITS: int = 5
 _DEFAULT_MAX_CORES: int = 20
 _DEFAULT_MAX_SIZE_MB: int = 50
 
+#: Windows hardening for _atomic_write: os.replace can raise PermissionError
+#: (WinError 5/32) when an antivirus scanner, search indexer, or concurrent
+#: reader transiently holds the destination open. Retry briefly to ride it out.
+_REPLACE_RETRIES: int = 5
+_REPLACE_BACKOFF_S: float = 0.05
+
 # Matches "snapshot-<hex_commit>-<hex_flags>.json.gz"
 _SNAPSHOT_RE = re.compile(r"^snapshot-([0-9a-f]+)-[0-9a-f]+\.json\.gz$")
 
@@ -808,20 +816,38 @@ def _gc_cas(cache_d: Path, surviving_snapshots: list[Path]) -> None:
 # ---------------------------------------------------------------------------
 
 def _atomic_write(dest: Path, data: bytes) -> None:
-    """Write *data* to *dest* atomically via a sibling .tmp file + rename.
-
-    On POSIX, ``Path.replace()`` is a single ``rename(2)`` syscall — the
-    destination either has the old content or the new content, never a partial
-    write.  The .tmp suffix keeps the partial file out of glob patterns used
-    by the cache reader and GC.
+    """Write *data* to *dest* atomically via a unique temp file + rename.
+
+    ``os.replace`` is an atomic overwrite on both POSIX and Windows: the
+    destination ends up with either the old or the new content, never a partial
+    write.  The trailing ``.tmp`` suffix keeps partial files out of the
+    ``*.json.gz`` / ``*.gz`` glob patterns used by the cache reader and GC.
+
+    Windows hardening (no-ops on POSIX):
+      * The temp name is made *unique* (pid + random token) so concurrent
+        writers of the same destination never collide on a shared temp file —
+        on Windows that collision raises ``PermissionError`` (WinError 32,
+        sharing violation), whereas POSIX tolerates it.
+      * ``os.replace`` is retried with a short backoff: on Windows it raises
+        ``PermissionError`` (WinError 5/32) when an antivirus scanner, the
+        search indexer, or a concurrent reader holds a transient handle on the
+        destination. POSIX ``rename(2)`` has no such restriction.
     """
-    tmp = dest.with_suffix(".tmp")
+    tmp = dest.parent / f"{dest.name}.{os.getpid()}.{uuid.uuid4().hex[:8]}.tmp"
     try:
         tmp.write_bytes(data)
-        tmp.replace(dest)
-    except Exception:
-        _safe_unlink(tmp)
-        raise
+        last_exc: Optional[BaseException] = None
+        for attempt in range(_REPLACE_RETRIES):
+            try:
+                os.replace(tmp, dest)
+                return
+            except PermissionError as exc:  # transient lock on Windows — retry
+                last_exc = exc
+                time.sleep(_REPLACE_BACKOFF_S * (attempt + 1))
+        if last_exc is not None:
+            raise last_exc
+    finally:
+        _safe_unlink(tmp)  # remove temp on failure; no-op after a successful replace
 
 
 def _safe_unlink(path: Path) -> None:

sourcecode/cli.py

@@ -168,7 +168,6 @@ Cold scan: 2–10s depending on repo size. Warm cache: 0.3–0.6s.
   sourcecode --agent                    full structured JSON for AI agents
 
 [bold]Auth commands:[/bold]
-  auth login                   [dim]# authenticate via browser (device code)[/dim]
   auth status                  [dim]# show current plan and auth state[/dim]
   auth logout                  [dim]# remove local credentials[/dim]
 
@@ -570,7 +569,7 @@ app.add_typer(mcp_app, name="mcp")
 cache_app = typer.Typer(help="Cache inspection and management.", rich_markup_mode="rich")
 app.add_typer(cache_app, name="cache")
 
-auth_app = typer.Typer(help="Authentication: login, status, logout.", rich_markup_mode="rich")
+auth_app = typer.Typer(help="Authentication: status, logout.", rich_markup_mode="rich")
 app.add_typer(auth_app, name="auth")
 
 
@@ -653,6 +652,109 @@ def version_callback(value: bool) -> None:
         raise typer.Exit()
 
 
+# ANSI Shadow block wordmark, stacked "source" / "code" so it fits an 80-col
+# terminal (the single-line "sourcecode" is 83 wide and would wrap).
+_WELCOME_SOURCE = (
+    "███████╗ ██████╗ ██╗   ██╗██████╗  ██████╗███████╗",
+    "██╔════╝██╔═══██╗██║   ██║██╔══██╗██╔════╝██╔════╝",
+    "███████╗██║   ██║██║   ██║██████╔╝██║     █████╗  ",
+    "╚════██║██║   ██║██║   ██║██╔══██╗██║     ██╔══╝  ",
+    "███████║╚██████╔╝╚██████╔╝██║  ██║╚██████╗███████╗",
+    "╚══════╝ ╚═════╝  ╚═════╝ ╚═╝  ╚═╝ ╚═════╝╚══════╝",
+)
+_WELCOME_CODE = (
+    " ██████╗ ██████╗ ██████╗ ███████╗",
+    "██╔════╝██╔═══██╗██╔══██╗██╔════╝",
+    "██║     ██║   ██║██║  ██║█████╗  ",
+    "██║     ██║   ██║██║  ██║██╔══╝  ",
+    "╚██████╗╚██████╔╝██████╔╝███████╗",
+    " ╚═════╝ ╚═════╝ ╚═════╝ ╚══════╝",
+)
+
+_WELCOME_CMDS = (
+    ("sourcecode --compact", "repo summary"),
+    ("sourcecode prepare-context onboard", "onboarding"),
+    ("sourcecode mcp init", "connect IDE"),
+)
+
+
+def _print_welcome_plain(tier: str) -> None:
+    """Plain-text welcome — fallback when rich is unavailable."""
+    lines = ["", f"  sourcecode {__version__}   ·   {tier}", "",
+             "  AI coding-agent context, instant.", "", "  Get started:"]
+    for cmd, desc in _WELCOME_CMDS:
+        lines.append(f"    {cmd.ljust(34)}{desc}")
+    lines.append("")
+    lines.append("  sourcecode --help   all commands")
+    if tier != "Pro":
+        lines.append("  sourcecode activate <key>   unlock Pro")
+    lines.append("")
+    typer.echo("\n".join(lines))
+
+
+def _print_welcome() -> None:
+    """Branded quickstart shown only on a bare invocation at a human terminal.
+
+    Agents and pipes never reach here: they either pass args/flags or stdout is
+    not a TTY, so the JSON machine contract is completely unchanged.
+    """
+    try:
+        from sourcecode import license as _lic
+        tier = "Pro" if _lic.is_pro else "Free"
+    except Exception:
+        tier = "Free"
+
+    try:
+        from rich import box
+        from rich.console import Console
+        from rich.panel import Panel
+        from rich.text import Text
+    except Exception:
+        _print_welcome_plain(tier)
+        return
+
+    pad = max(len(c) for c, _ in _WELCOME_CMDS) + 2
+    tier_style = "green" if tier != "Pro" else "magenta"
+    code_w = max(len(s) for s in _WELCOME_CODE)
+
+    t = Text()
+    for ln in _WELCOME_SOURCE:
+        t.append(ln + "\n", style="bold cyan")
+    # Append version + tier to the right of the "code" block's middle rows.
+    for i, ln in enumerate(_WELCOME_CODE):
+        t.append(ln.ljust(code_w), style="bold cyan")
+        if i == 2:
+            t.append(f"   {__version__}", style="dim")
+        elif i == 3:
+            t.append("   ")
+            t.append(tier, style=tier_style)
+        t.append("\n")
+
+    t.append("\nAI coding-agent context, instant.\n\n", style="white")
+
+    for cmd, desc in _WELCOME_CMDS:
+        t.append("▸ ", style="cyan")
+        t.append(cmd.ljust(pad), style="bold")
+        t.append(desc + "\n", style="dim")
+
+    t.append("\n--help", style="bold")
+    t.append("  ·  ", style="dim")
+    if tier != "Pro":
+        t.append("activate <key>", style="bold")
+        t.append(" for Pro", style="dim")
+    else:
+        t.append("you're on Pro ✓", style="green")
+
+    panel = Panel(
+        t,
+        box=box.ROUNDED,
+        border_style="cyan",
+        padding=(1, 3),
+        expand=False,
+    )
+    Console().print(panel)
+
+
 @app.callback(invoke_without_command=True)
 def main(
     ctx: typer.Context,
@@ -902,6 +1004,13 @@ def main(
     if ctx.invoked_subcommand is not None:
         return
 
+    # Bare invocation at a human terminal → branded quickstart instead of
+    # dumping a large JSON blob. Agents/pipes are untouched: any arg/flag, or a
+    # non-TTY stdout (piped), falls through to the normal analysis + JSON.
+    if len(sys.argv) <= 1 and sys.stdout.isatty():
+        _print_welcome()
+        raise typer.Exit()
+
     _t0 = time.monotonic()
     no_tree: bool = False  # set True by --agent; --no-tree flag removed
 
@@ -2797,6 +2906,17 @@ def prepare_context_cmd(
             _cached_pctx = _pctx_cache.read(target, _pctx_cache_key)
             if _cached_pctx is not None:
                 _emit_command_output(_cached_pctx, output_path, copy)
+                try:
+                    from sourcecode import telemetry as _tel
+                    _tel.record(
+                        "execution_completed",
+                        cmd="prepare-context",
+                        feature=task,
+                        output_fmt=format,
+                        duration_s=0.0,
+                    )
+                except Exception:
+                    pass
                 return
 
     builder = TaskContextBuilder(target)
@@ -3192,6 +3312,18 @@ def prepare_context_cmd(
 
     _emit_command_output(_pc_content, output_path, copy)
 
+    try:
+        from sourcecode import telemetry as _tel
+        _tel.record(
+            "execution_completed",
+            cmd="prepare-context",
+            feature=task,
+            output_fmt=format,
+            duration_s=_time.perf_counter() - _t0,
+        )
+    except Exception:
+        pass
+
     from sourcecode.mcp_nudge import nudge_mcp_if_needed as _nudge
     _nudge()
 
@@ -5282,26 +5414,9 @@ def activate_cmd(
 
 
 # ---------------------------------------------------------------------------
-# Auth commands (device-flow login / status / logout)
+# Auth commands (status / logout)
 # ---------------------------------------------------------------------------
 
-@auth_app.command("login")
-def auth_login_cmd() -> None:
-    """Authenticate via browser (device code flow).
-
-    \b
-    The CLI shows a URL. Open it in your browser, log in with your account,
-    and the CLI completes authentication automatically.
-    Credentials are stored in ~/.sourcecode/license.json (30-min cache; Supabase is source of truth).
-
-    \b
-    Examples:
-      sourcecode auth login
-    """
-    from sourcecode.license import auth_login as _auth_login
-    _auth_login()
-
-
 @auth_app.command("status")
 def auth_status_cmd() -> None:
     """Show current authentication and plan status."""

sourcecode/license.py

@@ -71,9 +71,6 @@ _DELTA_FREE_LIMIT: int = 30
 # Hybrid model size limit: repos at/under this many Java source files are fully
 # free (every command, no caps). Above it = enterprise-scale monolith = Pro.
 _FREE_REPO_JAVA_FILE_LIMIT: int = 500
-_DEVICE_POLL_INTERVAL_S: float = 2.5
-_DEVICE_POLL_TIMEOUT_S: float = 300.0  # 5-minute window for user to complete browser auth
-_AUTH_BASE_URL: str = "https://sourcecode.dev"
 _LICENSE_KEY_RE = re.compile(r"^[A-Za-z0-9_\-]{1,200}$")
 
 # ---------------------------------------------------------------------------
@@ -243,78 +240,6 @@ def _call_get_license(license_key: str) -> Optional[dict]:
         return None  # Network error — caller decides what to do
 
 
-def _generate_device_code() -> str:
-    """Generate a human-readable device code: XXXX-XXXX-XXXX."""
-    import uuid
-    raw = uuid.uuid4().hex.upper()
-    return f"{raw[:4]}-{raw[4:8]}-{raw[8:12]}"
-
-
-def _call_device_check(device_code: str) -> Optional[dict]:
-    """Poll /device-check edge function. Returns dict or None on network error.
-
-    Expected responses:
-      {"status": "pending"}
-      {"status": "complete", "device_token": "...", "email": "...", "plan": "pro", ...}
-      {"status": "error", "message": "..."}
-    """
-    import urllib.error
-    import urllib.request
-
-    if not _SUPABASE_ANON_KEY:
-        return None
-
-    url = f"{_SUPABASE_URL}/functions/v1/device-check"
-    body = json.dumps({"device_code": device_code}).encode("utf-8")
-    req = urllib.request.Request(url, data=body, method="POST")
-    req.add_header("apikey", _SUPABASE_ANON_KEY)
-    req.add_header("Authorization", f"Bearer {_SUPABASE_ANON_KEY}")
-    req.add_header("Content-Type", "application/json")
-    req.add_header("Accept", "application/json")
-    try:
-        with urllib.request.urlopen(req, timeout=8) as resp:
-            return json.loads(resp.read().decode("utf-8"))
-    except urllib.error.HTTPError as exc:
-        try:
-            return json.loads(exc.read().decode("utf-8", errors="replace"))
-        except Exception:
-            return {"status": "error", "message": f"HTTP {exc.code}"}
-    except Exception:
-        return None
-
-
-def _call_get_user_plan(device_token: str) -> Optional[dict]:
-    """Fetch current plan/status for an authenticated device token.
-
-    Expected response:
-      {"valid": true, "plan": "pro", "status": "active", "features": [...], "email": "..."}
-      {"valid": false, "error": "token_revoked"}
-    """
-    import urllib.error
-    import urllib.request
-
-    if not _SUPABASE_ANON_KEY:
-        return None
-
-    url = f"{_SUPABASE_URL}/functions/v1/get-user-plan"
-    body = json.dumps({"device_token": device_token}).encode("utf-8")
-    req = urllib.request.Request(url, data=body, method="POST")
-    req.add_header("apikey", _SUPABASE_ANON_KEY)
-    req.add_header("Authorization", f"Bearer {_SUPABASE_ANON_KEY}")
-    req.add_header("Content-Type", "application/json")
-    req.add_header("Accept", "application/json")
-    try:
-        with urllib.request.urlopen(req, timeout=8) as resp:
-            return json.loads(resp.read().decode("utf-8"))
-    except urllib.error.HTTPError as exc:
-        try:
-            return json.loads(exc.read().decode("utf-8", errors="replace"))
-        except Exception:
-            return {"valid": False, "error": f"HTTP {exc.code}"}
-    except Exception:
-        return None
-
-
 def _maybe_revalidate() -> None:
     """Re-validate cached license if stale. Mutates globals; never raises."""
     global _license_data, is_pro
@@ -338,39 +263,7 @@ def _maybe_revalidate() -> None:
         except Exception:
             pass
 
-    auth_method = _license_data.get("auth_method")
-
-    if auth_method == "device_flow":
-        device_token = _license_data.get("device_token")
-        if not device_token:
-            return
-        result = _call_get_user_plan(device_token)
-        if result is None:
-            return  # Network error — keep cached (offline-first)
-        if not result.get("valid", True):
-            _license_data = None
-            is_pro = False
-            try:
-                if _LICENSE_FILE.exists():
-                    _LICENSE_FILE.unlink()
-            except Exception:
-                pass
-            return
-        _license_data["plan"] = result.get("plan", "free")
-        _license_data["status"] = result.get("status", "active")
-        _license_data["features"] = result.get("features", [])
-        _license_data["validated_at"] = datetime.now(timezone.utc).isoformat()
-        is_pro = (
-            _license_data.get("plan") == "pro"
-            and _license_data.get("status", "active") != "inactive"
-        )
-        try:
-            _write_license_file(_license_data)
-        except Exception:
-            pass
-        return
-
-    # Key-based auth (existing flow / legacy)
+    # Key-based auth
     key = _license_data.get("license_key")
     if not key:
         return
@@ -416,6 +309,15 @@ _init()
 # Entitlement helpers
 # ---------------------------------------------------------------------------
 
+def _emit_telemetry(event: str, **kw: object) -> None:
+    """Best-effort telemetry emit. Respects opt-in; never raises or blocks."""
+    try:
+        from sourcecode import telemetry as _tel
+        _tel.record(event, **kw)  # type: ignore[arg-type]
+    except Exception:
+        pass
+
+
 def can_use(feature_name: str) -> bool:
     """Return True if the current plan has access to feature_name.
 
@@ -510,6 +412,7 @@ def require_feature(
     }
     if extra_fields:
         payload.update(extra_fields)
+    _emit_telemetry("gate_blocked", feature=feature_name, success=False)
     _emit_upgrade_and_exit(
         f"'{display}' is a Pro feature.",
         [info.get("description", ""), info.get("value", "")],
@@ -560,6 +463,7 @@ def require_repo_or_pro(
     }
     if extra_fields:
         payload.update(extra_fields)
+    _emit_telemetry("gate_blocked", feature=feature_name, repo_size="large", success=False)
     _emit_upgrade_and_exit(headline, body, payload)
 
 
@@ -574,105 +478,7 @@ def require_pro(feature_name: str) -> None:
 
 
 # ---------------------------------------------------------------------------
-# Device-flow authentication
-# ---------------------------------------------------------------------------
-
-def _finish_device_auth(result: dict) -> None:
-    """Persist device-flow credentials and emit success JSON. Exits on error."""
-    global _license_data, is_pro
-
-    device_token = result.get("device_token") or result.get("access_token") or ""
-    email = result.get("email", "")
-    plan = result.get("plan", "free")
-    plan_status = (
-        result.get("status_detail")
-        or result.get("user_status")
-        or result.get("status", "active")
-    )
-    features = result.get("features") or []
-
-    if not device_token:
-        sys.stderr.write("\n")
-        _fail("auth_error", "Authentication completed but no session token received. Contact support.")
-
-    _LICENSE_DIR.mkdir(parents=True, exist_ok=True)
-    now = datetime.now(timezone.utc).isoformat()
-    data: dict = {
-        "auth_method": "device_flow",
-        "device_token": device_token,
-        "email": email,
-        "plan": plan,
-        "status": plan_status,
-        "features": features,
-        "authenticated_at": now,
-        "validated_at": now,
-    }
-    _write_license_file(data)
-    _license_data = data
-    is_pro = plan == "pro" and plan_status != "inactive"
-
-    sys.stderr.write(f"\n  Authenticated as {email}.  Plan: {plan}\n\n")
-    sys.stderr.flush()
-
-    output: dict = {"status": "authenticated", "email": email, "plan": plan, "pro": is_pro}
-    if not is_pro:
-        output["upgrade_hint"] = "https://sourcecode.dev/pricing"
-    else:
-        output["features"] = features
-    sys.stdout.write(json.dumps(output, ensure_ascii=False) + "\n")
-    sys.stdout.flush()
-
-
-def auth_login() -> None:
-    """Device code authentication flow.
-
-    Shows a browser URL; polls the backend every 2.5 s until the user
-    completes authentication or the 5-minute window expires.
-    Writes credentials to ~/.sourcecode/license.json on success.
-    Exits 0 on success, 1 on any failure.
-    """
-    import time
-
-    device_code = _generate_device_code()
-    activate_url = f"{_AUTH_BASE_URL}/activate?code={device_code}"
-
-    sys.stderr.write(f"\n  Open this URL to authenticate:\n  {activate_url}\n\n  Waiting")
-    sys.stderr.flush()
-
-    deadline = time.monotonic() + _DEVICE_POLL_TIMEOUT_S
-    _tick = 0
-
-    while time.monotonic() < deadline:
-        time.sleep(_DEVICE_POLL_INTERVAL_S)
-        _tick += 1
-        if _tick % 4 == 0:
-            sys.stderr.write(".")
-            sys.stderr.flush()
-
-        result = _call_device_check(device_code)
-        if result is None:
-            continue  # network blip — keep polling
-
-        status = result.get("status")
-        if status == "pending":
-            continue
-
-        if status == "complete":
-            _finish_device_auth(result)
-            return
-
-        if status == "error" or result.get("error"):
-            sys.stderr.write("\n")
-            _fail("auth_error", result.get("message") or result.get("error") or "Authentication failed.")
-
-        # Unknown status — keep polling
-
-    sys.stderr.write("\n")
-    _fail("auth_timeout", "Authentication timed out after 5 minutes. Please try again.")
-
-
-# ---------------------------------------------------------------------------
-# Activation (key-based — legacy / direct key entry)
+# Activation (key-based — direct key entry)
 # ---------------------------------------------------------------------------
 
 def activate_license(license_key: str) -> None:
@@ -693,9 +499,11 @@ def activate_license(license_key: str) -> None:
         _fail("network_error", "Could not reach license server. Check your internet connection.")
 
     if not result.get("valid"):
+        _emit_telemetry("activation", feature="key", success=False, error_kind="InvalidLicense")
         _fail("invalid_license", result.get("error", "License key is not valid or subscription is inactive."))
 
     if result.get("plan") != "pro":
+        _emit_telemetry("activation", feature="key", success=False, error_kind="NotPro")
         _fail("not_pro", "This license is not a Pro license.")
 
     _LICENSE_DIR.mkdir(parents=True, exist_ok=True)
@@ -709,6 +517,7 @@ def activate_license(license_key: str) -> None:
         "validated_at": now,
     }
     _write_license_file(data)
+    _emit_telemetry("activation", feature="key", success=True)
 
     output = {"status": "activated", "plan": "pro", "features": data["features"]}
     sys.stdout.write(json.dumps(output, ensure_ascii=False) + "\n")

sourcecode/telemetry/__init__.py

@@ -19,7 +19,7 @@ import sys
 import uuid
 from typing import Any, Optional
 
-from sourcecode.telemetry.config import is_enabled
+from sourcecode.telemetry.config import get_install_id, is_enabled
 from sourcecode.telemetry.events import (
     TelemetryEvent,
     duration_bucket,
@@ -77,6 +77,8 @@ def record(
     duration_s: Optional[float] = None,
     success: bool = True,
     error_kind: Optional[str] = None,
+    feature: Optional[str] = None,
+    repo_size: Optional[str] = None,
 ) -> None:
     """Record a telemetry event. Fire-and-forget — never blocks or raises.
 
@@ -96,10 +98,16 @@ def record(
             cmd=cmd,
             flags=flags or [],
             output_fmt=output_fmt,
-            repo_size=file_count_bucket(file_count) if file_count is not None else "unknown",
+            repo_size=(
+                repo_size if repo_size is not None
+                else file_count_bucket(file_count) if file_count is not None
+                else "unknown"
+            ),
             duration=duration_bucket(duration_s) if duration_s is not None else "unknown",
             success=success,
             error_kind=error_kind,
+            feature=feature,
+            install=get_install_id(),
             session=_SESSION,
         )
         payload = sanitize(ev)

sourcecode/telemetry/config.py

@@ -63,5 +63,28 @@ def mark_asked() -> None:
     _save(data)
 
 
+def get_install_id() -> str:
+    """Stable anonymous install id — a random UUID v4.
+
+    Created lazily on first opted-in event. NOT derived from hardware, email,
+    hostname or any identifier — it only says "the same install across runs",
+    which is what enables unique-user, conversion and retention metrics.
+    Returns "" if it cannot be persisted (telemetry then degrades to events
+    without a stable id, never an error).
+    """
+    data = _load()
+    tel = data.setdefault("telemetry", {})
+    iid = tel.get("install_id")
+    if not iid:
+        import uuid
+        iid = str(uuid.uuid4())
+        tel["install_id"] = iid
+        _save(data)
+        # If the write failed, re-read to avoid handing out a non-persisted id
+        if not _load().get("telemetry", {}).get("install_id"):
+            return ""
+    return str(iid)
+
+
 def config_file_path() -> Path:
     return _CONFIG_FILE

sourcecode/telemetry/events.py

@@ -59,6 +59,9 @@ class TelemetryEvent:
         duration    — <1s | <5s | <15s | <60s | 60s+
         success     — True/False
         error_kind  — exception class name only (no message, no traceback)
+        feature     — gated feature / task name (closed categorical set) or None
+        install     — stable anonymous install UUID (random, no PII); enables
+                      unique-user / conversion / retention metrics
         session     — 8-char random hex, ephemeral, NOT persisted
     """
 
@@ -75,4 +78,6 @@ class TelemetryEvent:
     duration: str = "unknown"
     success: bool = True
     error_kind: Optional[str] = None
+    feature: Optional[str] = None
+    install: str = ""
     session: str = ""

sourcecode/telemetry/filters.py

@@ -63,6 +63,19 @@ _SAFE_EVENTS: frozenset[str] = frozenset({
     "execution_failed",
     "telemetry_enabled",
     "telemetry_disabled",
+    "gate_blocked",
+    "activation",
+})
+# Closed set of gated features / task names. Used to learn which capability
+# drives Pro demand. All values are fixed product identifiers — no user data.
+_SAFE_FEATURES: frozenset[str] = frozenset({
+    # gated features (license._FEATURE_INFO keys)
+    "impact", "modernize", "fix-bug", "review-pr", "delta", "generate-tests",
+    "--full", "git-history", "multi-repo", "export-rich", "team-snapshots",
+    # prepare-context task names not already above
+    "explain", "onboard", "refactor",
+    # activation outcomes
+    "key",
 })
 _SAFE_SIZES: frozenset[str] = frozenset({"tiny", "small", "medium", "large", "huge", "unknown"})
 _SAFE_DURATIONS: frozenset[str] = frozenset({"<1s", "<5s", "<15s", "<60s", "60s+", "unknown"})
@@ -103,6 +116,14 @@ def _safe_session(value: str) -> str:
     return ""
 
 
+_UUID_RE = re.compile(r"^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$")
+
+
+def _safe_install(value: str) -> str:
+    """Install id must be a canonical UUID — nothing else can pass."""
+    return value if value and _UUID_RE.match(value) else ""
+
+
 def sanitize(event: TelemetryEvent) -> dict[str, Any]:
     """Apply privacy filter to event and return a safe dict for transmission.
 
@@ -127,6 +148,13 @@ def sanitize(event: TelemetryEvent) -> dict[str, Any]:
     if event.error_kind:
         safe["error_kind"] = _safe_error_kind(event.error_kind)
 
+    if event.feature:
+        safe["feature"] = _safe_str(event.feature, _SAFE_FEATURES, "other")
+
+    install = _safe_install(event.install)
+    if install:
+        safe["install"] = install
+
     session = _safe_session(event.session)
     if session:
         safe["session"] = session

sourcecode/telemetry/transport.py

@@ -15,7 +15,7 @@ import os
 import threading
 from typing import Any
 
-_DEFAULT_ENDPOINT = "https://t.sourcecode.dev/v1/event"
+_DEFAULT_ENDPOINT = "https://qkndlmyekvujjdgthtmz.supabase.co/functions/v1/telemetry"
 _TIMEOUT_S = 3
 
 

{sourcecode-1.35.36.dist-info → sourcecode-1.36.1.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: sourcecode
-Version: 1.35.36
+Version: 1.36.1
 Summary: Persistent structural context and ultra-fast repeated analysis for AI coding agents
 License-File: LICENSE
 Keywords: agents,ai,codebase,context,developer-tools,llm
@@ -40,7 +40,7 @@ Description-Content-Type: text/markdown
 
 **Persistent structural context and ultra-fast repeated analysis for AI coding agents.**
 
-![Version](https://img.shields.io/badge/version-1.35.36-blue)
+![Version](https://img.shields.io/badge/version-1.36.1-blue)
 ![Python](https://img.shields.io/badge/python-3.10%2B-green)
 
 ---
@@ -114,7 +114,7 @@ pipx install sourcecode
 
 ```bash
 sourcecode version
-# sourcecode 1.35.36
+# sourcecode 1.36.1
 ```
 
 ---
@@ -311,8 +311,7 @@ when the work gets bigger or automated.
 files only, by design. sourcecode monetises enterprise Java monoliths.
 
 ```bash
-sourcecode auth login          # browser device-code auth
-sourcecode activate <key>      # or activate a license key directly
+sourcecode activate <key>      # activate a license key
 ```
 
 Full breakdown: [docs/PRODUCT_TIERS.md](docs/PRODUCT_TIERS.md).

{sourcecode-1.35.36.dist-info → sourcecode-1.36.1.dist-info}/RECORD

@@ -1,13 +1,13 @@
-sourcecode/__init__.py,sha256=ZxOECabDmAtGWQ7baAF8kAmS-2Kzj1Q5E1ciWq3lDi8,104
+sourcecode/__init__.py,sha256=mpBzwyDeOFDWE6zNN6TkjBgPX2taBQzVcufgFBu_TN8,103
 sourcecode/adaptive_scanner.py,sha256=XffluXKzJUXrMtjEiAOnSNPZnztdIcts17T9ouHeID0,10521
 sourcecode/architecture_analyzer.py,sha256=liCwQmLgb5vplohy8arjYxs_HOIv5C9MjLh_gY6bc5Q,44115
 sourcecode/architecture_summary.py,sha256=z34_6v7cSwy98cof2UVciGho7SCrZ93tiqMmq5WNzRQ,20405
 sourcecode/ast_extractor.py,sha256=sa6CmLpn-k5G3_Hzxn8hAlZ5-TS-EVzXDD0Gvxd2jzs,50613
-sourcecode/cache.py,sha256=wAyPrXN5DqiGivnMpeEuun2xHDKfBer2_oBsh6kj_vc,30447
+sourcecode/cache.py,sha256=1V3vsaODAa2UBJAC0xpvxpmRdriCezQx5Q8JCcfgziE,31892
 sourcecode/canonical_ir.py,sha256=c_lYTVoegg-1W2dZ34_2s3tN8L0GVx7eiDRh9ghdSD8,24178
 sourcecode/cir_graphs.py,sha256=rZi8JV4ZrAa2WSCeyNa4JIEKQ_yZzDZTsrvVz2KfuKA,8919
 sourcecode/classifier.py,sha256=hKzg-nQ47htqqIUzSGvYxv15cXrA3KgICTwJmdqal0o,8095
-sourcecode/cli.py,sha256=5LrX0Fwp1Wqw7yE3hrXc26TOPf_A2vod7X6SG1s_0ag,247606
+sourcecode/cli.py,sha256=76_rdkUKpm9fGP-97rx5Q25q2KXzW030fDpDZiwCnIA,252320
 sourcecode/code_notes_analyzer.py,sha256=EJemNCNc9Dn-1RZYu-aNbK0ELzmsyC4s6FdHi3XyNEI,9392
 sourcecode/confidence_analyzer.py,sha256=_jckZSxksV-OU38vbkxfVNBnWCtlCq8Vwfg23x1uspA,19054
 sourcecode/context_scorer.py,sha256=QpChSpsmaAYz91rXA4Ue5xzQmNz_ZboZN09YOHScq1U,14679
@@ -27,7 +27,7 @@ sourcecode/flow_analyzer.py,sha256=dSiuY4w49k29jW_EPXUOND9B5uVbuCA7kjnuHi-pIWA,2
 sourcecode/fqn_utils.py,sha256=XLU7zDkNBXz_RZkIUNfpPmp1nekWtqP-fxV92tDV1vg,2158
 sourcecode/git_analyzer.py,sha256=JStxTQXNjBWi_wLdwhsZs9mT-v50cSJIz4Agzn6Kh9I,13362
 sourcecode/graph_analyzer.py,sha256=DHR8fY69oU_Pi4SYaWboX6EoEFrctQKB9dsjpqwGMzw,62403
-sourcecode/license.py,sha256=iYtczUa4xh4-Y-2pMlfa6T7t1g-4nuld6-_PXT-Cq5Q,27299
+sourcecode/license.py,sha256=i_X1bYdobL_z9OVuLiycnWEFSaaNhcKKuTd6G55U3_k,20747
 sourcecode/mcp_nudge.py,sha256=5ELU_ixzh6uA83NXLOZT8h00OhL53okfQdji3jyKOjg,2917
 sourcecode/metrics_analyzer.py,sha256=m0ENgtqKeBL17kUIK3fmGkgo7UfXBNHxCMj0H_Y5K7c,22750
 sourcecode/migrate_check.py,sha256=vowVIAxVaHU8vhZUEt-HrWrWM38m6a5INHJQGjEg5E0,55390
@@ -90,14 +90,14 @@ sourcecode/mcp/onboarding/applier.py,sha256=B9CneieWTpaDSDIyW3S5nrlRlBpvfqUcgi93
 sourcecode/mcp/onboarding/backup.py,sha256=ihqGOR8QTX8HASRSEDyfFyXr5bkXrygPHamv4p9KTmk,1452
 sourcecode/mcp/onboarding/detector.py,sha256=kDc0U6kXMuq_GivqwKrgJzIVLVeoLr3RQl63ksW10I8,3327
 sourcecode/mcp/onboarding/planner.py,sha256=Fopg5f72FDiPfldF7NOxYjcBA_w8hi_jBJpSz39lPb8,1332
-sourcecode/telemetry/__init__.py,sha256=M0eQZFNkmJiLbI_oNP4QEXwVju1dQ2d4P-E1-Bw8PxE,3116
-sourcecode/telemetry/config.py,sha256=Pir0WHp4z-9Qclnn2NDZ3vwitqsMkOAJckmwjUSxrk4,1795
+sourcecode/telemetry/__init__.py,sha256=rth1GuU9Tqt6BvbOe6q6sro1yCygiDW4dN3r1OvmvQM,3375
+sourcecode/telemetry/config.py,sha256=_MfMevIic1NTc8IRmCzQs96D8KPBLOWZ5cdhWrnHuwI,2639
 sourcecode/telemetry/consent.py,sha256=wLMvGNJeSSyZoNkQXpoUioY6mMv4Qdvuw7S9jAEWnII,2237
-sourcecode/telemetry/events.py,sha256=oEvvulfsv5GIDWG2174gSS6tNB95w38AIYiYeifGKlE,2294
-sourcecode/telemetry/filters.py,sha256=Asa71oRl7q3Wt_FMwuufIZJFzSYdgRNKS8LHCIyFeYE,4805
-sourcecode/telemetry/transport.py,sha256=QSslxIwij8YkRWcVvxykODDrkiN_GAAEu3dUP7KIWeE,1651
-sourcecode-1.35.36.dist-info/METADATA,sha256=I2uv7cJb0-J0u-7RNSvPYjiExMkJIwjHqlLnOCcN618,30386
-sourcecode-1.35.36.dist-info/WHEEL,sha256=QccIxa26bgl1E6uMy58deGWi-0aeIkkangHcxk2kWfw,87
-sourcecode-1.35.36.dist-info/entry_points.txt,sha256=ex3F9rmbXeyDIoFQHtkEqTsKSaJow8F0LrVu8XfIktQ,57
-sourcecode-1.35.36.dist-info/licenses/LICENSE,sha256=7DdHrU9Z_3e7dSvq4ISijZNjnuHo5NIHNiHDouMQ9JU,10491
-sourcecode-1.35.36.dist-info/RECORD,,
+sourcecode/telemetry/events.py,sha256=LtzYfaX9Ilckj5PTvAcTpDa9mLqDsYPDUiDkRa58piY,2580
+sourcecode/telemetry/filters.py,sha256=NHa5T-6DaZduQPFuC34jOqHWQgSizM-Ygq8aZ4j19ng,5834
+sourcecode/telemetry/transport.py,sha256=4gGHsq0WeY9VywEZXA3vUxykfiYnw9uuqfjAAec7F8o,1681
+sourcecode-1.36.1.dist-info/METADATA,sha256=3B_cemxNmCw3HpB0xSWmblfvftNCGh45Wi5mQvvrdeg,30313
+sourcecode-1.36.1.dist-info/WHEEL,sha256=QccIxa26bgl1E6uMy58deGWi-0aeIkkangHcxk2kWfw,87
+sourcecode-1.36.1.dist-info/entry_points.txt,sha256=ex3F9rmbXeyDIoFQHtkEqTsKSaJow8F0LrVu8XfIktQ,57
+sourcecode-1.36.1.dist-info/licenses/LICENSE,sha256=7DdHrU9Z_3e7dSvq4ISijZNjnuHo5NIHNiHDouMQ9JU,10491
+sourcecode-1.36.1.dist-info/RECORD,,