Analytics reliability improvements + bug fixes

[strickvl]

Summary

Addresses all 8 analytics gaps identified in the first analytics report (Jan 12 – Feb 6, 2026). Also fixes a P0 bug where local server connect options (Docker, port) were silently dropped due to an argument-passing mismatch between TypeScript and Python.

• Fix local connect args bug (P0): The url variable was uninitialized for local connections but still sent in the args array, causing Python to grab the wrong positional arg. Additionally, getattr() was used on a dict instead of .get(). Docker/port options were always silently ignored.
• Add server.connection_failed event (P1): Dedicated failure event with privacy-safe error taxonomy (errorKind, errorSource, messageHash) — key signal for diagnosing the Windows connection gap (1.8% vs 11.4% connection rate).
• Fix "unknown" disconnections (P1): Store lastConnectedType on connect, use it on disconnect instead of re-categorizing the post-disconnect URL (which reverts to sqlite). Add disconnectReason (user_initiated vs unexpected) via disconnect intent signal.
• Add centralized error.occurred tracking (P1): Emit from LSClient.sendLsClientRequest() at three points (preflight, request, response) with 60s dedupe window.
• Add Python/ZenML version to common properties (P2): Wire existing version data into AnalyticsService via ENVIRONMENT_INFO_UPDATED EventBus pattern.
• Add session tracking + extension.deactivated (P2): Generate sessionId on init, include in all events, emit deactivation event with session duration.
• Add first-run detection (P2): extension.first_activated event via globalState flag, isFirstActivation on extension.activated.
• Add component CRUD analytics (P3): component.registered, component.updated, component.deleted events.

New file: src/utils/analytics.ts

Privacy-safe error classification utility:

• ErrorKind / ErrorSource / ErrorPhase taxonomy types
• sanitizeErrorForAnalytics() — classifies errors + produces hash, never raw messages
• normalizeForHash() — strips URLs, paths, UUIDs, tokens before hashing
• isErrorLikeResponse() — type guard for LSP error responses
• trackEvent() — shared helper used by all command modules
• extractErrorMessage() — safely extracts message from any error type

Code review fixes (second commit)

• Fix unused import / add error taxonomy to component register/update: ComponentsForm.ts now returns ComponentOperationResult from registerComponent()/updateComponent(), including sanitizeErrorForAnalytics taxonomy on failure. All three component operations (register, update, delete) now have consistent error tracking.
• Fix spurious server.disconnected on startup: handleServerStatusChange() now treats the first observed disconnected state as initialization (sets baseline, doesn't emit). Initial connected state still emits server.connected.
• Widen ConnectServerResponse type: Added SuccessMessageResponse to the union for local/pro message-only success payloads (no access_token).
• Add dedupe map pruning: LSClient.errorDedupe now has opportunistic pruning — stale entries older than 60s are removed at most once per minute to prevent unbounded growth.
• Add 54 new tests: Error taxonomy classification (all ErrorKind variants), hash privacy guarantees (URL/path/UUID stripping), server status tracking (initial state, disconnect classification with 10s window, connection type preservation, deduplication), and utility functions (normalizeForHash, sha256Hex, isErrorLikeResponse).

11-agent code review fixes (third commit)

Addressed findings from a comprehensive review by 11 parallel agents (code reviewer, silent failure hunter, comment analyzer, test analyzer, type design analyzer, efficiency reviewer, code quality/reuse/simplification reviewers, and two reviewer personas):

• Fix catch (error: any) runtime crash risks: Changed to catch (error: unknown) with proper narrowing in LSClient.sendLsClientRequest and disconnectServer. The old code called error.message without checking if error was an Error instance.
• Fix isErrorLikeResponse false positives: Added truthiness check (&& result.error) to prevent analytics events from { error: null } responses.
• Fix silent data corruption: Logged globalState.update rejections (first-activated flag and anonymous ID) — failures were silently swallowed, causing extension.first_activated to fire on every activation.
• Fix event listener leak: Stored 4 listener references in AnalyticsService.registerEventBus() for proper cleanup in dispose(). Previously, anonymous arrow functions were never unsubscribed.
• Consolidate trackEvent helper: Extracted shared export in analytics.ts, replacing 5 identical local copies across command modules.
• Extract executeComponentOperation(): Eliminated ~50 lines of copy-paste between registerComponent and updateComponent in ComponentsForm.ts.
• Export extractErrorMessage(): Shared utility replacing hand-rolled error instanceof Error ? error.message : String(error) pattern.
• Remove dead 'python_backend' from ErrorSource: No code path ever produced this value.
• Add logging to bare catch blocks: track() and emitErrorOccurred() now log to console.debug instead of silently swallowing.
• Remove redundant double-flush on deactivation: dispose() already flushes.
• Fix sha256Hex JSDoc: Now correctly documents truncation to 16 characters.
• Update CLAUDE.md analytics instructions: References shared trackEvent import instead of stale local pattern.
• Add 7 new TS tests: LSClient error dedupe (dedup within window, emit after expiry, cross-operation independence, preflight hard-dedupe).
• Add 6 new Python tests: Connect args parsing for P0 bug fix (corrected shape, legacy shape, defaults, empty args, missing URL).

Test plan

• Verify local server connect with Docker=Yes and custom port actually passes options through (was broken before)
• Verify remote server connect still works (args unchanged for remote path)
• Check that extension.first_activated fires only on first install (clear globalState to test)
• Check that extension.deactivated fires with sessionDurationMs on window close
• Verify server.connection_failed fires with error taxonomy on failed connect
• Verify error.occurred fires from LSClient on LSP errors (with dedupe)
• Verify disconnect shows correct connectionType (not "unknown") and disconnectReason
• Verify component register/update/delete emit analytics events with error taxonomy on failure
• Verify pythonVersion and zenmlVersion appear in event properties after LSP initialization
• Run with ZENML_ANALYTICS_VERBOSE=1 ZENML_ANALYTICS_DEBUG=1 to inspect event payloads
• Confirm no raw URLs, paths, or error messages appear in any analytics payload
• Run ./scripts/lint.sh — all checks pass
• Run npm run compile — builds successfully
• Run npm run test — all 134 tests pass (including 54 new tests)
• Python connect args tests — 6/6 pass