instar 0.7.35 → 0.7.37
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -142,7 +142,16 @@ export class SessionManager extends EventEmitter {
|
|
|
142
142
|
'new-session', '-d',
|
|
143
143
|
'-s', tmuxSession,
|
|
144
144
|
'-c', this.config.projectDir,
|
|
145
|
-
'-e', 'CLAUDECODE=',
|
|
145
|
+
'-e', 'CLAUDECODE=', // Prevent nested Claude Code detection
|
|
146
|
+
'-e', 'ANTHROPIC_API_KEY=', // Clear stale/invalid API keys — agents use Claude subscription
|
|
147
|
+
// Isolate database credentials — spawned sessions must never inherit production
|
|
148
|
+
// database URLs from the parent shell. This prevents accidental schema changes
|
|
149
|
+
// or data operations against the wrong database. (Learned from Portal incident 2026-02-22)
|
|
150
|
+
'-e', 'DATABASE_URL=',
|
|
151
|
+
'-e', 'DIRECT_DATABASE_URL=',
|
|
152
|
+
'-e', 'DATABASE_URL_PROD=',
|
|
153
|
+
'-e', 'DATABASE_URL_DEV=',
|
|
154
|
+
'-e', 'DATABASE_URL_TEST=',
|
|
146
155
|
this.config.claudePath, ...claudeArgs,
|
|
147
156
|
], { encoding: 'utf-8' });
|
|
148
157
|
}
|
|
@@ -375,6 +384,14 @@ export class SessionManager extends EventEmitter {
|
|
|
375
384
|
'-c', this.config.projectDir,
|
|
376
385
|
'-x', '200', '-y', '50',
|
|
377
386
|
'-e', 'CLAUDECODE=', // Prevent nested Claude Code detection
|
|
387
|
+
'-e', 'ANTHROPIC_API_KEY=', // Clear stale/invalid API keys — agents use Claude subscription
|
|
388
|
+
// Isolate database credentials — spawned sessions must never inherit production
|
|
389
|
+
// database URLs from the parent shell. (Learned from Portal incident 2026-02-22)
|
|
390
|
+
'-e', 'DATABASE_URL=',
|
|
391
|
+
'-e', 'DIRECT_DATABASE_URL=',
|
|
392
|
+
'-e', 'DATABASE_URL_PROD=',
|
|
393
|
+
'-e', 'DATABASE_URL_DEV=',
|
|
394
|
+
'-e', 'DATABASE_URL_TEST=',
|
|
378
395
|
];
|
|
379
396
|
if (options?.telegramTopicId) {
|
|
380
397
|
tmuxArgs.push('-e', `INSTAR_TELEGRAM_TOPIC=${options.telegramTopicId}`);
|
package/dist/core/types.d.ts
CHANGED
|
@@ -112,6 +112,8 @@ export interface JobState {
|
|
|
112
112
|
lastResult?: 'success' | 'failure' | 'timeout' | 'pending';
|
|
113
113
|
/** Error message from the last failure (cleared on success) */
|
|
114
114
|
lastError?: string;
|
|
115
|
+
/** Handoff notes from the last successful run — claims to verify, not facts */
|
|
116
|
+
lastHandoff?: string;
|
|
115
117
|
nextScheduled?: string;
|
|
116
118
|
consecutiveFailures: number;
|
|
117
119
|
}
|
|
@@ -223,6 +223,11 @@ This routes feedback to the Instar maintainers automatically. Valid types: \`bug
|
|
|
223
223
|
- Register work: \`curl -X POST -H "Authorization: Bearer $AUTH" http://localhost:${port}/skip-ledger/workload -H 'Content-Type: application/json' -d '{"workloadId":"job-name","itemId":"unique-item","metadata":{}}'\`
|
|
224
224
|
- **When to use**: Any job that processes a list of items (emails, feedback entries, messages) should check the skip ledger first to avoid re-processing.
|
|
225
225
|
|
|
226
|
+
**Job Handoff Notes** — Pass context between job runs. At the end of a job session, write notes for the next run to \`.instar/state/job-handoff-{slug}.md\`. The next run's session-start hook will inject these notes automatically.
|
|
227
|
+
- **Write**: \`echo "your notes" > .instar/state/job-handoff-YOUR-SLUG.md\`
|
|
228
|
+
- **CRITICAL**: Handoff notes from previous runs are CLAIMS, not facts. Any assertion about external state (file status, API availability, deployment state) MUST be verified with actual commands before including in your own output. The previous session may have been wrong, or the state may have changed since.
|
|
229
|
+
- **When to use**: Any job that needs continuity — tracking what was processed, what to check next, what state was observed.
|
|
230
|
+
|
|
226
231
|
**Dispatch System** — Receive behavioral instructions from Instar maintainers. Dispatches are more than code updates — they're contextual guidance about how to adapt: configuration changes, new patterns, workarounds, behavioral adjustments.
|
|
227
232
|
- View dispatches: \`curl -H "Authorization: Bearer $AUTH" http://localhost:${port}/dispatches\`
|
|
228
233
|
- Pending: \`curl -H "Authorization: Bearer $AUTH" http://localhost:${port}/dispatches/pending\`
|
|
@@ -404,6 +409,8 @@ I run with \`--dangerously-skip-permissions\` — meaning I have full access to
|
|
|
404
409
|
|
|
405
410
|
**"Settle for Failure"** — If a tool returns empty or fails, try alternatives before concluding something is impossible.
|
|
406
411
|
|
|
412
|
+
**"Inherit Without Verifying"** — Handoff notes and MEMORY.md are claims from previous sessions, not ground truth. If a previous run wrote "API is down" or "file has pending changes", verify with actual commands before repeating the claim. Previous sessions can hallucinate or go stale. Run the command, then report what you see.
|
|
413
|
+
|
|
407
414
|
**"Search Blind"** — Don't grep the entire project to answer a question that a state file or API endpoint could answer. Check \`.instar/\` state files, \`MEMORY.md\`, and \`/capabilities\` first. When spawning sub-agents, give them the relevant context — an agent without a map searches 10x longer and is less accurate.
|
|
408
415
|
|
|
409
416
|
**"Unfortunately I Can't"** — This phrase should NEVER appear in my responses. If I lack a capability, the correct response is: "I don't have that yet, but I can build it. Want me to set it up?" My job is to grow to meet the user's needs, not to list my limitations. Every "I can't" is an opportunity to evolve. Check if instar already supports it (check for updates first), then offer to build it or submit a feature request.
|