Perf/privacy: gate hot-path stream print() statements behind #if DEBUG

[mimeding]

Summary

Why this matters (business)

The performance audit identified three print() statements that fire on the local-inference hot path in release builds:

1. Once per chat stream + once every 50 streamed deltas (or any time a gap is >2s) — both inside ChatEngine's producer task.
2. Once per MLX completion-info event in StreamAccumulator — duplicating data already emitted via os_signpost and os_log with the right privacy policy.
3. Once per chat-UI stream completion in ChatView.

On a 100 tok/s local model that's a stdout write and a String(format:) allocation every few hundred milliseconds, per concurrent stream. None of it is read by anyone in production — the same information already goes through os_signpost and os_log, which respect Console privacy filters.

There's also a quiet privacy angle: print() writes go to stdout, which the unified logging system captures without the privacy: .public/.private redaction policy the matching Logger calls use. Keeping these in release builds isn't dangerous in itself, but the comment on the signpost calls explicitly contrasts them with the unredacted printf-style sibling.

What's wrong (technical)

            print("[Osaurus][Stream] Starting stream wrapper for model: \(model)")
            ...
                    if deltaCount % 50 == 1 || timeSinceLastDelta > 2.0 {
                        print(
                            "[Osaurus][Stream] Delta #\(deltaCount): ..."
                        )
                    }

                    print(
                        String(
                            format: "[MLX] prompt: %d tokens %.1f tok/s ..."
                        )
                    )
                    // Emit GPU-accurate stats as a signpost event so they appear in
                    // Instruments and can be captured by `log stream --type signpost`.
                    accumSignposter.emitEvent(...)
                    // Also emit as a Logger.info so it appears in `log stream`.
                    accumLog.info(...)

The signpost + os_log calls right below the print already cover every consumer (Instruments, log stream). The print is purely a duplicate, runs unconditionally, and is the only one of the three that doesn't carry a privacy policy.

                        let totalTime = Date().timeIntervalSince(streamStartTime)
                        print(
                            "[Osaurus][UI] Stream consumption completed: \(uiDeltaCount) deltas in \(String(format: "%.2f", totalTime))s, final contentLen=\(assistantTurn.contentLength)"
                        )

Fix

Wrap each flagged print in #if DEBUG. Behavior in development builds is byte-identical; release builds skip the formatting, the heap allocations, and the stdout write.

In ChatEngine, lastDeltaTime is moved inside the same DEBUG guard since it has no purpose outside the freeze-detection log. startTime stays unconditional because it's still needed by the downstream InsightsService.logInference call.

Scope decisions

• Did not gate the per-tool-call prints at ChatView.swift:1179 / :1242. Those include user-supplied tool arguments and tool outputs, which is the kind of thing that probably should not be in stdout in release builds, but it's a privacy concern and not a perf one, and it deserves a dedicated review (Console.app readability, support diagnostics workflow, etc.). Out of scope for this PR.
• Did not add or remove any os_log / Logger call. The redacted, structured-logging surface is unchanged.

Changes

• Behavior change (release-build only: silences three high-frequency stdout writes)
• UI change
• Refactor / chore
• Tests (no observable behavior under tests — the prints are pure side effects)
• Docs

Test Plan

1. Run a chat session against a local MLX model in a DEBUG build; Console.app and stdout still show [Osaurus][Stream] Delta #N… lines and the MLX-stats line per turn (unchanged).
2. Build a Release configuration; the same lines no longer appear in Console.app, while the matching signpost and Logger.info lines do (verifiable via Instruments and log stream --predicate 'subsystem == "ai.osaurus.…"').
3. Quick sanity: streaming responses still flow into the UI; tool calls still execute. The change is purely additive #if DEBUG guards around print() calls.

Checklist

• I have read CONTRIBUTING.md
• I added/updated tests where reasonable (see above — no observable behavior to test)
• I updated docs/README as needed (n/a)
• I verified build on macOS with Xcode 16.4+ (authored in a Linux sandbox; verified each touched file via swiftc -frontend -parse)