instar 0.12.15 → 0.12.17

package/dist/commands/server.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/commands/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAsFH,UAAU,YAAY;IACpB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;2DACuD;IACvD,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAmyBD,wBAAsB,WAAW,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CAymDtE;AAED,wBAAsB,UAAU,CAAC,OAAO,EAAE;IAAE,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAsDzE"}
+{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/commands/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AA6OH,UAAU,YAAY;IACpB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;2DACuD;IACvD,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAy0BD,wBAAsB,WAAW,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CA6pDtE;AAED,wBAAsB,UAAU,CAAC,OAAO,EAAE;IAAE,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAsDzE"}

package/dist/commands/server.js

@@ -57,6 +57,9 @@ import { MessageSentinel } from '../core/MessageSentinel.js';
 import { AdaptiveTrust } from '../core/AdaptiveTrust.js';
 import { AutonomyProfileManager } from '../core/AutonomyProfileManager.js';
 import { TrustElevationTracker } from '../core/TrustElevationTracker.js';
+import { AutonomousEvolution } from '../core/AutonomousEvolution.js';
+import { DispatchScopeEnforcer } from '../core/DispatchScopeEnforcer.js';
+import { TrustRecovery } from '../core/TrustRecovery.js';
 import { DegradationReporter } from '../monitoring/DegradationReporter.js';
 import { LiveConfig } from '../config/LiveConfig.js';
 import { CoherenceMonitor } from '../monitoring/CoherenceMonitor.js';
@@ -81,6 +84,131 @@ import { createLifelineProbes } from '../monitoring/probes/LifelineProbe.js';
 import { toInjection } from '../types/pipeline.js';
 import { UserManager } from '../users/UserManager.js';
 import { formatUserContextForSession, hasUserContext } from '../users/UserContextBuilder.js';
+/**
+ * Handle "fix X" and "clean X" commands from Agent Attention notifications.
+ * These are mechanical server-side operations — no Claude session needed.
+ * Returns true if the command was recognized and handled.
+ */
+async function handleFixCommand(topicId, text, deps) {
+    const cmd = text.trim().toLowerCase();
+    // Only handle commands in the Agent Attention topic
+    const attentionTopicId = deps.state.get('agent-attention-topic');
+    if (!attentionTopicId || topicId !== attentionTopicId) {
+        return false;
+    }
+    const send = (msg) => deps.telegram.sendToTopic(topicId, msg);
+    if (cmd === 'fix auth') {
+        const existing = deps.liveConfig.get('authToken', '');
+        if (existing) {
+            await send('Your API already has an authentication token configured. No changes needed.');
+            return true;
+        }
+        // Generate a random token
+        const token = Array.from({ length: 32 }, () => 'abcdefghijklmnopqrstuvwxyz0123456789'.charAt(Math.floor(Math.random() * 36))).join('');
+        deps.liveConfig.set('authToken', token);
+        await send(`Done! Generated and saved a new API authentication token. Your API is now protected.\n\nToken: ${token.slice(0, 8)}... (stored in config)`);
+        return true;
+    }
+    if (cmd === 'fix dashboard') {
+        const existing = deps.liveConfig.get('dashboardPin', '');
+        if (existing) {
+            await send(`Your dashboard already has a PIN: ${existing}`);
+            return true;
+        }
+        const pin = String(Math.floor(100000 + Math.random() * 900000));
+        deps.liveConfig.set('dashboardPin', pin);
+        await send(`Done! Generated dashboard PIN: ${pin}`);
+        return true;
+    }
+    if (cmd === 'fix shadow') {
+        const localPkg = path.join(deps.config.projectDir, 'node_modules', 'instar');
+        if (!fs.existsSync(localPkg)) {
+            await send('No shadow installation found — your agent is using the global Instar installation correctly.');
+            return true;
+        }
+        try {
+            // Remove the shadow installation
+            const { spawnSync } = await import('node:child_process');
+            spawnSync('rm', ['-rf',
+                path.join(deps.config.projectDir, 'node_modules'),
+                path.join(deps.config.projectDir, 'package.json'),
+                path.join(deps.config.projectDir, 'package-lock.json'),
+            ], { timeout: 10000 });
+            await send('Done! Removed the local shadow installation. Your agent will now use the global Instar binary and receive auto-updates properly.');
+        }
+        catch (err) {
+            await send(`Failed to remove shadow installation: ${err instanceof Error ? err.message : String(err)}\n\nYou can fix this manually by deleting the node_modules folder in your project directory.`);
+        }
+        return true;
+    }
+    if (cmd === 'clean processes' || cmd === 'clean') {
+        if (!deps.orphanReaper) {
+            await send('The process monitor is still starting up. Try again in a minute.');
+            return true;
+        }
+        // Run a fresh scan first
+        await deps.orphanReaper.scan();
+        const result = deps.orphanReaper.killAllExternal();
+        if (result.killed === 0) {
+            await send('No external Claude processes found to clean up. Everything looks good.');
+        }
+        else {
+            await send(`Cleaned up ${result.killed} external Claude process${result.killed === 1 ? '' : 'es'}, freeing ~${result.freedMB}MB of memory.`);
+        }
+        return true;
+    }
+    if (cmd === 'restart') {
+        // Request a graceful server restart
+        const restartFile = path.join(deps.config.stateDir, 'restart-requested.json');
+        fs.writeFileSync(restartFile, JSON.stringify({
+            requestedAt: new Date().toISOString(),
+            reason: 'User requested restart via Agent Attention fix command',
+            requestedBy: 'fix-command',
+        }));
+        await send('Restart requested. Your agent will restart momentarily.');
+        return true;
+    }
+    if (cmd === 'restart sessions') {
+        const running = deps.sessionManager.listRunningSessions();
+        const stale = running.filter(s => !deps.sessionManager.isSessionAlive(s.tmuxSession));
+        if (stale.length === 0) {
+            await send(`All ${running.length} session${running.length === 1 ? ' is' : 's are'} running normally. No action needed.`);
+        }
+        else {
+            for (const s of stale) {
+                try {
+                    deps.sessionManager.killSession(s.tmuxSession);
+                }
+                catch { /* best effort */ }
+            }
+            await send(`Found ${stale.length} stuck session${stale.length === 1 ? '' : 's'} and cleaned ${stale.length === 1 ? 'it' : 'them'} up. New sessions will start fresh when needed.`);
+        }
+        return true;
+    }
+    if (cmd === 'fix lifeline') {
+        // Lifeline is managed by the separate lifeline process, not the server.
+        // Best we can do is suggest the right command.
+        await send('The lifeline runs as a separate process. To restart it, use the Lifeline topic and send:\n/lifeline restart\n\nThis will reset the circuit breaker and restart your server.');
+        return true;
+    }
+    if (cmd === 'fix output') {
+        if (!deps.coherenceMonitor) {
+            await send('The coherence monitor is still starting up. Try again in a minute.');
+            return true;
+        }
+        const report = deps.coherenceMonitor.runCheck();
+        const outputCheck = report.checks.find(c => c.name === 'output-sanity');
+        if (!outputCheck || outputCheck.passed) {
+            await send('Output check passed — no bad patterns found in recent messages. The earlier issue may have resolved itself.');
+        }
+        else {
+            await send(`Output check still showing issues: ${outputCheck.message}\n\nThis usually means your agent is including internal URLs (like "localhost") in messages. Your agent should be using your public domain instead. The issue will be flagged to your agent in its next session.`);
+        }
+        return true;
+    }
+    // Not a recognized fix command
+    return false;
+}
 /**
  * Check if autostart is installed for this project.
  * Extracted from the CLI `autostart status` handler for programmatic use.
@@ -115,6 +243,7 @@ function isAutostartInstalled(projectName) {
 // Set once the reaper is initialized in startServer().
 let _orphanReaper = null;
 let _memoryMonitor = null;
+let _fixDeps = null;
 // Module-level reference for session resume mapping.
 // Set once in startServer() and used by spawnSessionForTopic/respawnSessionForTopic.
 let _topicResumeMap = null;
@@ -543,7 +672,7 @@ function messageToPipeline(msg, topicName) {
         timestamp: msg.receivedAt,
     };
 }
-function wireTelegramRouting(telegram, sessionManager, quotaTracker, topicMemory, userManager) {
+function wireTelegramRouting(telegram, sessionManager, quotaTracker, topicMemory, userManager, fixCommandHandler) {
     telegram.onTopicMessage = (msg) => {
         const topicId = msg.metadata?.messageThreadId ?? null;
         if (!topicId)
@@ -578,6 +707,38 @@ function wireTelegramRouting(telegram, sessionManager, quotaTracker, topicMemory
             })();
             return;
         }
+        // ── Fix commands from notification messages ──────────────────────
+        // Handle "fix auth", "clean processes", "restart", etc. directly
+        // in the server process — no need to spawn a Claude session for these.
+        if (fixCommandHandler) {
+            const cmdText = text.trim().toLowerCase();
+            const isFixCommand = cmdText.startsWith('fix ') || cmdText.startsWith('clean ') ||
+                cmdText.startsWith('restart') || cmdText === 'fix' || cmdText === 'clean';
+            if (isFixCommand) {
+                (async () => {
+                    try {
+                        const handled = await fixCommandHandler(topicId, text);
+                        if (!handled) {
+                            // Not a recognized fix command — fall through to session routing
+                            // Re-trigger the normal routing by calling the topic message handler again
+                            // Actually, since we can't re-trigger, just send a help message
+                            await telegram.sendToTopic(topicId, `I didn't recognize that command. Available fix commands:\n` +
+                                `• "fix auth" — Generate an API security token\n` +
+                                `• "fix lifeline" — Restart the crash-recovery system\n` +
+                                `• "fix shadow" — Remove shadow installation\n` +
+                                `• "clean processes" — Kill external Claude processes\n` +
+                                `• "restart" — Restart the server\n` +
+                                `• "restart sessions" — Restart stuck sessions`);
+                        }
+                    }
+                    catch (err) {
+                        console.error(`[telegram] Fix command error:`, err);
+                        await telegram.sendToTopic(topicId, `Something went wrong while trying to fix that: ${err instanceof Error ? err.message : String(err)}`).catch(() => { });
+                    }
+                })();
+                return;
+            }
+        }
         // ── Pipeline-typed routing ──────────────────────────────────────
         // Convert to PipelineMessage — types enforce that sender identity
         // and topic context are present at every stage downstream.
@@ -1222,8 +1383,17 @@ export async function startServer(options) {
             }
             // Initialize persistent UserManager for user identity resolution (Gap 8)
             const userManager = new UserManager(config.stateDir, config.users);
+            // Fix command dependencies — populated later when subsystems initialize.
+            // Uses a mutable ref so wireTelegramRouting can capture it in a closure now.
+            _fixDeps = {
+                state,
+                liveConfig,
+                sessionManager,
+                telegram,
+                config,
+            };
             // Wire up topic → session routing and session management callbacks
-            wireTelegramRouting(telegram, sessionManager, quotaTracker, topicMemory, userManager);
+            wireTelegramRouting(telegram, sessionManager, quotaTracker, topicMemory, userManager, (topicId, text) => handleFixCommand(topicId, text, _fixDeps));
             wireTelegramCallbacks(telegram, sessionManager, state, quotaTracker, accountSwitcher, config.sessions.claudePath, topicMemory);
             // Wire up unknown-user handling (Multi-User Setup Wizard Phase 4.5)
             telegram.onGetRegistrationPolicy = () => ({
@@ -1707,6 +1877,8 @@ export async function startServer(options) {
         });
         orphanReaper.start();
         _orphanReaper = orphanReaper;
+        if (_fixDeps)
+            _fixDeps.orphanReaper = orphanReaper;
         _memoryMonitor = memoryMonitor;
         console.log(pc.green('  Orphan process reaper enabled'));
         // Coherence Monitor — runtime self-awareness for homeostasis.
@@ -1726,6 +1898,8 @@ export async function startServer(options) {
             },
         });
         coherenceMonitor.start();
+        if (_fixDeps)
+            _fixDeps.coherenceMonitor = coherenceMonitor;
         console.log(pc.green('  Coherence monitor enabled'));
         // Commitment Tracker — durable promise enforcement for agent commitments.
         // When users ask agents to change settings/behavior, this ensures it sticks.
@@ -1881,6 +2055,38 @@ export async function startServer(options) {
         const trustElevationTracker = new TrustElevationTracker({
             stateDir: config.stateDir,
         });
+        // Autonomous Evolution — auto-approval and auto-implementation of proposals
+        const autonomousEvolution = new AutonomousEvolution({
+            stateDir: config.stateDir,
+            enabled: autonomyManager.getResolvedState().evolutionApprovalMode === 'autonomous',
+        });
+        // Dispatch Scope Enforcer — scope tiers for dispatch execution
+        const dispatchScopeEnforcer = new DispatchScopeEnforcer();
+        // Trust Recovery — recovery path after trust incidents
+        const trustRecovery = extOpsEnabled ? new TrustRecovery({
+            stateDir: config.stateDir,
+        }) : undefined;
+        // ── Adaptive Autonomy Wiring ──────────────────────────────────────
+        // Wire the new modules together so they exchange events at runtime.
+        // 1. AdaptiveTrust ↔ TrustRecovery
+        //    When trust drops (incident), record in TrustRecovery.
+        //    When operations succeed post-incident, increment recovery counter.
+        if (adaptiveTrust && trustRecovery) {
+            adaptiveTrust.setTrustRecovery(trustRecovery);
+        }
+        // 2. AutoDispatcher ↔ DispatchScopeEnforcer
+        //    Before executing a dispatch, check scope permissions against current autonomy profile.
+        if (autoDispatcher) {
+            autoDispatcher.setScopeEnforcer(dispatchScopeEnforcer, autonomyManager);
+        }
+        // 3. EvolutionManager ↔ TrustElevationTracker + AutonomousEvolution
+        //    Proposal decisions feed trust elevation tracking.
+        //    Autonomous mode uses AutonomousEvolution for auto-implementation.
+        evolution.setAdaptiveAutonomyModules({
+            trustElevationTracker,
+            autonomousEvolution,
+            autonomyManager,
+        });
         // Wire sentinel into Telegram message flow — intercepts BEFORE session routing.
         // Must be wired AFTER sentinel is created but BEFORE server starts.
         if (sentinel && telegram) {
@@ -2103,7 +2309,7 @@ export async function startServer(options) {
             systemReviewer.start();
             console.log(pc.green(`  System Reviewer: ${probes.length} probes registered`));
         }
-        const server = new AgentServer({ config, sessionManager, state, scheduler, telegram, relationships, feedback, feedbackAnomalyDetector, dispatches, updateChecker, autoUpdater, autoDispatcher, quotaTracker, quotaManager, publisher, viewer, tunnel, evolution, watchdog, topicMemory, triageNurse, projectMapper, coherenceGate, contextHierarchy, canonicalState, operationGate, sentinel, adaptiveTrust, memoryMonitor, orphanReaper, coherenceMonitor, commitmentTracker, semanticMemory, activitySentinel, messageRouter, summarySentinel, spawnManager, systemReviewer, capabilityMapper, topicResumeMap: _topicResumeMap ?? undefined, autonomyManager, trustElevationTracker, coordinator: coordinator.enabled ? coordinator : undefined, localSigningKeyPem });
+        const server = new AgentServer({ config, sessionManager, state, scheduler, telegram, relationships, feedback, feedbackAnomalyDetector, dispatches, updateChecker, autoUpdater, autoDispatcher, quotaTracker, quotaManager, publisher, viewer, tunnel, evolution, watchdog, topicMemory, triageNurse, projectMapper, coherenceGate, contextHierarchy, canonicalState, operationGate, sentinel, adaptiveTrust, memoryMonitor, orphanReaper, coherenceMonitor, commitmentTracker, semanticMemory, activitySentinel, messageRouter, summarySentinel, spawnManager, systemReviewer, capabilityMapper, topicResumeMap: _topicResumeMap ?? undefined, autonomyManager, trustElevationTracker, autonomousEvolution, coordinator: coordinator.enabled ? coordinator : undefined, localSigningKeyPem });
         await server.start();
         // Connect DegradationReporter downstream systems now that everything is initialized.
         // Any degradation events queued during startup will drain to feedback + telegram.