Custom event tracking

[marksmith]

This change adds support for tracking named user events, sent from application code using Aikido::Zen.track_user_event. User events include the event name, user ID, and IP address.

This change extends and should be reviewed after #285.

Summary by Aikido

Security Issues: 0	🔍 Quality Issues: 12	Resolved Issues: 0

🚀 New Features

• Added user event tracking API and integrated agent delivery
• Implemented APIStream for realtime server-sent configuration updates

⚡ Enhancements

• Added APIClient.send_user_event and improved event reporting flow
• Changed runtime settings list update methods to return Boolean

🐛 Bugfixes

• Fixed configUpdatedAt timestamp handling to use seconds correctly

^{More info}

[codecov]

Codecov Report

❌ Patch coverage is 86.15385% with 27 lines in your changes missing coverage. Please review.

Files with missing lines	Patch %	Lines
lib/aikido/zen/agent.rb	70.00%	9 Missing and 6 partials ⚠️
lib/aikido/zen/api_client.rb	58.82%	6 Missing and 1 partial ⚠️
lib/aikido/zen/api_stream.rb	97.29%	2 Missing and 1 partial ⚠️
lib/aikido/zen.rb	75.00%	0 Missing and 2 partials ⚠️

📢 Thoughts on this report? Let us know!

[aikido-pr-checks]

APIStream#work contains 5 levels of nested control flow (http.request -> response.read_body -> while buffer loop -> begin/rescue -> event_str.each_line), making parsing hard to read. Extract the event parsing into a separate method to reduce nesting.

Details

✨ AI Reasoning
​The APIStream#work method introduced a deeply nested control flow chain while parsing server-sent events: an HTTP request block contains a response body read block, which contains a loop for event boundaries, a begin/rescue block for parsing, and a per-line loop. This 5-level nesting reduces readability and testability of the parsing logic and was added in this PR (new file).

🔧 How do I fix it?
Keep nesting levels under 4. Extract complex logic into separate functions when indentation exceeds 4 levels.

_{Reply @AikidoSec feedback: [FEEDBACK] to get better review comments in the future.
Reply @AikidoSec ignore: [REASON] to ignore this issue.
More info}

[aikido-pr-checks]

APIStream#work contains deep nested loops and conditionals; extract/paraphrase parsing into smaller helpers and use early returns/continues to flatten control flow for readability.

Details

✨ AI Reasoning
​APIStream#work processes streaming data with multiple nested loops and conditionals, burying the core event dispatch logic inside several levels of nesting. Early guard clauses (e.g., return unless running?, continue on invalid buffer content, or extract a small helper to parse and dispatch one event with early exits) would flatten the function and improve readability and maintainability.

🔧 How do I fix it?
Place parameter validation and guard clauses at the function start. Use early returns to reduce nesting levels and improve readability.

_{Reply @AikidoSec feedback: [FEEDBACK] to get better review comments in the future.
Reply @AikidoSec ignore: [REASON] to ignore this issue.
More info}

[aikido-pr-checks]

This will fix the Use early returns and guard clauses issue detected on line: 124.

Show Fix

Aikido AutoFix Patch Suggestion - low confidence
This patch mitigates deep nesting in the work method by replacing a case statement with early guard clauses that return immediately for non-200 response codes, flattening the control flow and improving readability.

Suggested change

	case response.code.to_i
	when 200
	# empty
	when 401, 403
	@running.make_false
	return nil
	else
	return nil
	end
	if response.code.to_i == 401 || response.code.to_i == 403
	@running.make_false
	return nil
	end
	return nil unless response.code.to_i == 200

_{Reply @AikidoSec ignore: [REASON] to ignore this issue.}
More info