Token Studio v4.8.6
Token Studio v4.8.6
This release hardens the public npx token-studio path before npm publication.
Highlights
npx token-studiois the primary real-data path: it runs read-only coverage, applies trusted Claude/Codex event-level usage when safe, then starts the local UI.npx token-studio demoremains synthetic demo data only and never proves real collection success.- Added tarball install smoke (
npm run smoke:npx) so source-checkout success is not enough for release. - Added browser console smoke (
npm run smoke:browser) to catch DashboardReferenceError, duplicate React keys, and UI-port API proxy failures. - Fixed repeated table row keys for missing or synthetic session identities.
- Hardened real collection visibility: Cursor detected-only/no-token-fields is not marketed as successful usage collection.
Privacy and billing boundaries
- Token Studio reads structured local token metadata only.
- It does not save prompt, response, transcript, diff, or full local file paths.
- Cost is official public token-price conversion for review and strategy, not a provider invoice.
- Historical coverage is limited to local logs that still exist and contain reliable token fields; gaps are reported instead of silently estimated.
Release gate run locally
npm testnpm run buildnpm run privacy:checknode src/cli.mjs privacy-check --include-untrackednpm audit --audit-level=lownpm run smoke:npxnpm run smoke:browsernpm pack --dry-rungit diff --check