Summary

CodeBurn users sometimes need to share enough local telemetry to debug provider parsing, cost attribution, or a suspicious session, but the existing JSON/reporting surfaces are not safe to paste into GitHub issues. Raw reports can include project names, absolute local paths, prompts, shell fragments, emails, and tokens.

This adds codeburn share, a local-only redacted JSON support bundle. It keeps the useful debugging structure (projects, sessions, turns, models, token usage, tools, activity categories, and costs) while replacing sensitive strings with stable placeholders such as [project:1], [path:1], [email:1], and [secret:1].

What changed

• Add codeburn share with period, custom date range, provider, project, exclude, output-path, and --include-prompts options.
• Add src/share.ts for building codeburn.share.v1 bundles from parsed project summaries.
• Omit prompt text by default with userMessage: null; prompt text is only included through explicit --include-prompts opt-in.
• Add redaction.prompts metadata so bundle consumers can distinguish omitted from redacted.
• Pseudonymize project labels, including values passed through --project and --exclude.
• Redact common sensitive values: emails, macOS/Linux/Windows/UNC/relative paths, URL basic-auth credentials, bearer/basic auth headers, API key / token / password-style assignments, and common token formats.
• Preserve useful non-content debugging signals such as models, token usage, costs, tools, skills, agent-spawn flags, plan-mode flags, and timestamps.
• Write default bundles with a timestamped filename to avoid accidental same-day overwrites.
• Document the command and add an Unreleased changelog entry.

Privacy model

The command does not upload anything and does not add a support service. It writes a local JSON file and tells users to review the output before posting it publicly. Redaction is intentionally best-effort: it covers common leak patterns while preserving enough structure for maintainers to understand parser and cost attribution issues.

Prompt text is omitted by default. --include-prompts is intended only for cases where maintainers explicitly need prompt text, and even then prompt redaction is best-effort.

The tests construct secret-like fixture values at runtime instead of storing literal credentials in the repository, so the redaction cases remain covered without tripping repository secret scanning.

Validation

• npx vitest run tests/share.test.ts tests/export.test.ts tests/cli-date.test.ts — 25/25 tests passed.
• npm run build — passed.
• git diff --check — passed.
• Structural smoke on a locally generated bundle: redaction.prompts=omitted, non_null_user_messages=0; temporary bundle deleted after the check.
• Claude Opus 4.7 effort max review — PASS.
• Gemini 3.1 Pro Preview review — PASS.