instar 0.7.28 → 0.7.30

package/dist/commands/init.js

@@ -1462,17 +1462,56 @@ if [ -d "$INSTAR_DIR/relationships" ]; then
   [ "\$REL_COUNT" -gt "0" ] && echo "  \${REL_COUNT} tracked relationships in .instar/relationships/"
 fi
 
-# Server status + self-discovery
+# Server status + feature discovery
 if [ -f "$INSTAR_DIR/config.json" ]; then
   PORT=\$(python3 -c "import json; print(json.load(open('$INSTAR_DIR/config.json')).get('port', 4040))" 2>/dev/null || echo "4040")
+  AUTH=\$(python3 -c "import json; print(json.load(open('$INSTAR_DIR/config.json')).get('authToken',''))" 2>/dev/null)
   HEALTH=\$(curl -s -o /dev/null -w "%{http_code}" "http://localhost:\${PORT}/health" 2>/dev/null)
   if [ "\$HEALTH" = "200" ]; then
     echo ""
     echo "Instar server: RUNNING on port \${PORT}"
-    echo "Capabilities: curl http://localhost:\${PORT}/capabilities"
+    echo ""
+    # Query capabilities and output a compact feature summary
+    CAPS=\$(curl -s -H "Authorization: Bearer \${AUTH}" "http://localhost:\${PORT}/capabilities" 2>/dev/null)
+    if [ -n "\$CAPS" ]; then
+      echo "Your capabilities (use these proactively — don't wait for the user to ask):"
+      # Parse key features with python
+      python3 -c "
+import json, sys
+try:
+    c = json.loads('''$CAPS'''.replace(\"'\", ''))
+except:
+    c = json.loads(sys.stdin.read()) if not sys.stdin.isatty() else {}
+features = []
+if c.get('telegram', {}).get('bidirectional'): features.append('Telegram (bidirectional messaging)')
+if c.get('scheduler', {}).get('enabled'):
+    slugs = c.get('scheduler', {}).get('jobSlugs', [])
+    features.append(f'Job Scheduler ({len(slugs)} jobs)')
+if c.get('relationships', {}).get('count', 0) > 0:
+    features.append(f'Relationships ({c[\"relationships\"][\"count\"]} tracked)')
+if c.get('publishing', {}).get('enabled'): features.append('Telegraph Publishing (public pages)')
+if c.get('privateViewer', {}).get('enabled'): features.append('Private Viewer (auth-gated HTML pages)')
+if c.get('tunnel', {}).get('running'): features.append(f'Cloudflare Tunnel ({c[\"tunnel\"].get(\"url\", \"active\")})')
+elif c.get('tunnel', {}).get('enabled'): features.append('Cloudflare Tunnel (configured, not running)')
+if c.get('evolution', {}).get('enabled'): features.append('Evolution System (proposals, learnings, gaps, actions)')
+if c.get('dispatches', {}).get('enabled'): features.append('Dispatch System (receive behavioral updates)')
+if c.get('updates', {}).get('autoUpdate'): features.append('Auto-Updater (checks for new versions)')
+features.append('Attention Queue (signal items to user)')
+features.append('Skip Ledger (avoid re-processing)')
+features.append('Feedback System (report bugs/features upstream)')
+features.append('CI Health (check GitHub Actions)')
+for f in features:
+    print(f'  - {f}')
+" 2>/dev/null <<< "\$CAPS"
+      echo ""
+      echo "Proactive guidance: When the user mentions documents → use Private Viewer."
+      echo "When they repeat a task → suggest creating a job. When something needs"
+      echo "attention later → use the Attention Queue. You are the user's guide."
+    fi
   else
     echo ""
     echo "Instar server: NOT RUNNING (port \${PORT})"
+    echo "Start it with: instar server start"
   fi
 fi
 

package/dist/scaffold/templates.js

@@ -211,6 +211,51 @@ This routes feedback to the Instar maintainers automatically. Valid types: \`bug
 - Named tunnels: Persistent custom domain, requires token from Cloudflare dashboard
 - When a tunnel is running, private view responses include a \`tunnelUrl\` field for remote access
 
+**Attention Queue** — Signal important items to the user. When something needs their attention — a decision, a review, an anomaly — queue it here instead of hoping they see a chat message.
+- Queue: \`curl -X POST -H "Authorization: Bearer $AUTH" http://localhost:${port}/attention -H 'Content-Type: application/json' -d '{"title":"...","body":"...","priority":"medium","source":"agent"}'\`
+- View queue: \`curl -H "Authorization: Bearer $AUTH" http://localhost:${port}/attention\`
+- Resolve: \`curl -X PATCH -H "Authorization: Bearer $AUTH" http://localhost:${port}/attention/ATT-ID -H 'Content-Type: application/json' -d '{"status":"resolved","resolution":"Done"}'\`
+- **Proactive use**: When you detect something the user should know about (stale relationships, failed jobs, CI failures, overdue actions) — don't just log it. Queue it. The attention system ensures it gets seen.
+
+**Skip Ledger** — Track computational work to avoid repeating expensive operations. When a job or session processes items (files, messages, records), log what was processed so the next run can skip already-handled items.
+- View ledger: \`curl -H "Authorization: Bearer $AUTH" http://localhost:${port}/skip-ledger\`
+- View workloads: \`curl -H "Authorization: Bearer $AUTH" http://localhost:${port}/skip-ledger/workloads\`
+- Register work: \`curl -X POST -H "Authorization: Bearer $AUTH" http://localhost:${port}/skip-ledger/workload -H 'Content-Type: application/json' -d '{"workloadId":"job-name","itemId":"unique-item","metadata":{}}'\`
+- **When to use**: Any job that processes a list of items (emails, feedback entries, messages) should check the skip ledger first to avoid re-processing.
+
+**Dispatch System** — Receive behavioral instructions from Instar maintainers. Dispatches are more than code updates — they're contextual guidance about how to adapt: configuration changes, new patterns, workarounds, behavioral adjustments.
+- View dispatches: \`curl -H "Authorization: Bearer $AUTH" http://localhost:${port}/dispatches\`
+- Pending: \`curl -H "Authorization: Bearer $AUTH" http://localhost:${port}/dispatches/pending\`
+- Context updates: \`curl -H "Authorization: Bearer $AUTH" http://localhost:${port}/dispatches/context\`
+- Apply: \`curl -X POST -H "Authorization: Bearer $AUTH" http://localhost:${port}/dispatches/DISPATCH-ID/apply\`
+- Auto-dispatch status: \`curl -H "Authorization: Bearer $AUTH" http://localhost:${port}/dispatches/auto\`
+- The AutoDispatcher polls and applies dispatches automatically when configured.
+
+**Update Management** — Check for and apply Instar updates. The AutoUpdater handles this automatically, but you can also check manually.
+- Check: \`curl -H "Authorization: Bearer $AUTH" http://localhost:${port}/updates\`
+- Last update: \`curl -H "Authorization: Bearer $AUTH" http://localhost:${port}/updates/last\`
+- Apply: \`curl -X POST -H "Authorization: Bearer $AUTH" http://localhost:${port}/updates/apply\`
+- Rollback: \`curl -X POST -H "Authorization: Bearer $AUTH" http://localhost:${port}/updates/rollback\`
+- Auto-update status: \`curl -H "Authorization: Bearer $AUTH" http://localhost:${port}/updates/auto\`
+
+**CI Health** — Check GitHub Actions status for your project. Detects repo from git remote automatically.
+- Check: \`curl -H "Authorization: Bearer $AUTH" http://localhost:${port}/ci\`
+- **When to use**: Before deploying, after pushing, or during health checks — verify CI is green.
+
+**Telegram Search** — Search across message history when Telegram is configured.
+- Search: \`curl -H "Authorization: Bearer $AUTH" "http://localhost:${port}/telegram/search?q=QUERY"\`
+- Topic messages: \`curl -H "Authorization: Bearer $AUTH" http://localhost:${port}/telegram/topics/TOPIC_ID/messages\`
+- Log stats: \`curl -H "Authorization: Bearer $AUTH" http://localhost:${port}/telegram/log-stats\`
+
+**Quota Tracking** — Monitor Claude API usage when configured.
+- Check: \`curl -H "Authorization: Bearer $AUTH" http://localhost:${port}/quota\`
+
+**Event Stream (SSE)** — Real-time server events via Server-Sent Events. Useful for monitoring activity in real-time.
+- Connect: \`curl -H "Authorization: Bearer $AUTH" http://localhost:${port}/events\`
+
+**Server Status** — Detailed runtime information beyond health checks.
+- Status: \`curl -H "Authorization: Bearer $AUTH" http://localhost:${port}/status\`
+
 **Scripts** — Reusable capabilities in \`.claude/scripts/\`.
 
 **Skills** — Reusable behavioral capabilities in \`.claude/skills/\`.
@@ -363,6 +408,23 @@ I run with \`--dangerously-skip-permissions\` — meaning I have full access to
 
 **"Unfortunately I Can't"** — This phrase should NEVER appear in my responses. If I lack a capability, the correct response is: "I don't have that yet, but I can build it. Want me to set it up?" My job is to grow to meet the user's needs, not to list my limitations. Every "I can't" is an opportunity to evolve. Check if instar already supports it (check for updates first), then offer to build it or submit a feature request.
 
+### Feature Proactivity — Guide, Don't Wait
+
+**I am the user's guide to this system.** Most users will never run a command, read API docs, or explore endpoints. They talk to me. That means I need to proactively surface capabilities when they're relevant — not wait for the user to ask about features they don't know exist.
+
+**Context-triggered suggestions:**
+- User mentions a **document, file, or report** → Use the private viewer to render it as a beautiful HTML page they can view on any device. If a tunnel is running, they can access it from their phone.
+- User asks to **share something publicly** → Use Telegraph publishing. Warn them it's public.
+- User mentions **someone by name** → Check relationships. If they're tracked, use context to personalize. If not, offer to start tracking.
+- User has a **recurring task** → Suggest creating a job for it. "I can run this automatically every day/hour/week."
+- User describes a **workflow they repeat** → Suggest creating a skill. "I can turn this into a slash command."
+- User is **debugging CI or deployment** → Use the CI health endpoint to check GitHub Actions status.
+- User asks about **something that happened earlier** → Search Telegram history, check activity logs, review memory.
+- User seems **frustrated with a limitation** → Check for updates. The fix might already exist.
+- User asks me to **remember something** → Write it to MEMORY.md and explain it persists across sessions.
+
+**The principle**: The user should discover my capabilities through natural conversation, not documentation. I don't say "you can use the private viewer endpoint at..." — I say "Here, I've rendered that as a page you can view on your phone" and hand them the link.
+
 ### Gravity Wells (Persistent Traps)
 
 These are patterns that feel like insight or helpfulness but actually perpetuate problems. Each new session tends to "rediscover" these and act on them incorrectly.

package/dist/server/routes.js

@@ -204,6 +204,41 @@ export function createRoutes(ctx) {
                 count: userCount,
             },
             monitoring: ctx.config.monitoring,
+            evolution: {
+                enabled: !!ctx.evolution,
+                subsystems: ['proposals', 'learnings', 'gaps', 'actions'],
+            },
+            dispatches: {
+                enabled: !!ctx.config.dispatches?.enabled,
+                autoDispatch: !!ctx.autoDispatcher,
+            },
+            updates: {
+                autoUpdate: !!ctx.autoUpdater,
+            },
+            attentionQueue: {
+                enabled: true,
+                hint: 'Use POST /attention to signal important items to the user.',
+            },
+            skipLedger: {
+                enabled: true,
+                hint: 'Use GET /skip-ledger to avoid re-processing items in jobs.',
+            },
+            featureGuide: {
+                description: 'Context-triggered capability suggestions. Use these proactively when context matches.',
+                triggers: [
+                    { context: 'User mentions a document, file, or report', action: 'Render it as a private view (POST /view) — beautiful HTML accessible on any device. If tunnel is running, shareable remotely.' },
+                    { context: 'User wants to share something publicly', action: 'Publish via Telegraph (POST /publish). Always warn the user it is publicly accessible.' },
+                    { context: 'User mentions someone by name', action: 'Check relationships (GET /relationships). Use context to personalize interactions. Offer to start tracking if not found.' },
+                    { context: 'User has a recurring task', action: 'Create a scheduled job in .instar/jobs.json. Explain it will run automatically.' },
+                    { context: 'User repeats a workflow', action: 'Create a skill in .claude/skills/. It becomes a slash command for future sessions.' },
+                    { context: 'User is debugging CI or deployment', action: 'Check CI health (GET /ci) for GitHub Actions status.' },
+                    { context: 'User asks about past events', action: 'Search Telegram history (GET /telegram/search?q=...), check memory, review activity logs.' },
+                    { context: 'User frustrated with a limitation', action: 'Check for updates (GET /updates). Check dispatches (GET /dispatches/pending). The fix may already exist.' },
+                    { context: 'User asks to remember something', action: 'Write to .instar/MEMORY.md. Explain it persists across sessions.' },
+                    { context: 'Something needs user attention later', action: 'Queue in attention system (POST /attention). More reliable than hoping they see a message.' },
+                    { context: 'Job processes a list of items', action: 'Use skip ledger (POST /skip-ledger/workload) to avoid re-processing on next run.' },
+                ],
+            },
         });
     });
     // ── CI Health ─────────────────────────────────────────────────────

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "instar",
-  "version": "0.7.28",
+  "version": "0.7.30",
   "description": "Persistent autonomy infrastructure for AI agents",
   "type": "module",
   "main": "dist/index.js",