npm - instar - Versions diffs - 1.2.82 → 1.3.0 - Mend

instar 1.2.82 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (62) hide show

package/dist/commands/init.js +14 -3
package/dist/commands/init.js.map +1 -1
package/dist/commands/server.d.ts.map +1 -1
package/dist/commands/server.js +143 -1
package/dist/commands/server.js.map +1 -1
package/dist/config/ConfigDefaults.d.ts.map +1 -1
package/dist/config/ConfigDefaults.js +23 -0
package/dist/config/ConfigDefaults.js.map +1 -1
package/dist/core/PostUpdateMigrator.d.ts +2 -1
package/dist/core/PostUpdateMigrator.d.ts.map +1 -1
package/dist/core/PostUpdateMigrator.js +268 -3
package/dist/core/PostUpdateMigrator.js.map +1 -1
package/dist/core/SessionManager.d.ts +43 -0
package/dist/core/SessionManager.d.ts.map +1 -1
package/dist/core/SessionManager.js +123 -24
package/dist/core/SessionManager.js.map +1 -1
package/dist/core/installCodexHooks.d.ts.map +1 -1
package/dist/core/installCodexHooks.js +3 -2
package/dist/core/installCodexHooks.js.map +1 -1
package/dist/core/types.d.ts +26 -0
package/dist/core/types.d.ts.map +1 -1
package/dist/core/types.js.map +1 -1
package/dist/monitoring/SessionReaper.d.ts +153 -0
package/dist/monitoring/SessionReaper.d.ts.map +1 -0
package/dist/monitoring/SessionReaper.js +376 -0
package/dist/monitoring/SessionReaper.js.map +1 -0
package/dist/monitoring/TokenLedger.d.ts +12 -0
package/dist/monitoring/TokenLedger.d.ts.map +1 -1
package/dist/monitoring/TokenLedger.js +22 -0
package/dist/monitoring/TokenLedger.js.map +1 -1
package/dist/monitoring/transcriptProber.d.ts +44 -0
package/dist/monitoring/transcriptProber.d.ts.map +1 -0
package/dist/monitoring/transcriptProber.js +57 -0
package/dist/monitoring/transcriptProber.js.map +1 -0
package/dist/scaffold/templates.d.ts.map +1 -1
package/dist/scaffold/templates.js +6 -0
package/dist/scaffold/templates.js.map +1 -1
package/dist/server/AgentServer.d.ts +3 -0
package/dist/server/AgentServer.d.ts.map +1 -1
package/dist/server/AgentServer.js +1 -0
package/dist/server/AgentServer.js.map +1 -1
package/dist/server/routes.d.ts +3 -0
package/dist/server/routes.d.ts.map +1 -1
package/dist/server/routes.js +20 -2
package/dist/server/routes.js.map +1 -1
package/dist/server/stopGate.d.ts +8 -2
package/dist/server/stopGate.d.ts.map +1 -1
package/dist/server/stopGate.js +42 -2
package/dist/server/stopGate.js.map +1 -1
package/package.json +1 -1
package/playbook-scripts/build-state.py +39 -1
package/scripts/analyze-release.js +16 -8
package/scripts/generate-builtin-manifest.cjs +2 -1
package/src/data/builtin-manifest.json +76 -67
package/src/scaffold/templates.ts +6 -0
package/src/templates/hooks/build-stop-hook.sh +62 -0
package/src/templates/hooks/settings-template.json +10 -0
package/upgrades/1.2.83.md +26 -0
package/upgrades/1.3.0.md +27 -0
package/upgrades/side-effects/build-stop-hook-session-scoping.md +133 -0
package/upgrades/side-effects/fresh-session-stop-gate-shadow-wiring.md +35 -0
package/upgrades/side-effects/session-reaper.md +42 -0

package/dist/commands/server.js CHANGED Viewed

@@ -4874,6 +4874,12 @@ export async function startServer(options) {
         // is OFF for Telegram by default and, when enabled, coalesces into ONE
         // consolidated message to the existing system topic. No new-topic-per-event.
         // Spec: docs/specs/silently-stopped-trio.md.
+        //
+        // Captured out of the trio block so the SessionReaper's recovery veto can
+        // compose socket + silence in too (SESSION-REAPER-SPEC §4 "compose, don't
+        // replace"). undefined when the corresponding sentinel is disabled.
+        let socketRecoveryActive;
+        let silenceRecoveryActive;
         {
             const { SocketDisconnectSentinel } = await import('../monitoring/SocketDisconnectSentinel.js');
             const { ActiveWorkSilenceSentinel } = await import('../monitoring/ActiveWorkSilenceSentinel.js');
@@ -4926,6 +4932,7 @@ export async function startServer(options) {
                 socketSentinel.on('recovered', (n) => notifier.record('recovered', 'socket-disconnect', n));
                 socketSentinel.on('recovery-error', (e) => notifier.record('recovery-error', 'socket-disconnect', e.sessionName, e.err instanceof Error ? e.err.message : String(e.err)));
                 socketSentinel.start();
+                socketRecoveryActive = (s) => socketSentinel.isRecoveryActive(s);
                 console.log(pc.green('  SocketDisconnectSentinel enabled (connection-drop recovery)'));
             }
             const silenceCfg = config.monitoring?.activeWorkSilenceSentinel ?? { enabled: true };
@@ -4939,11 +4946,23 @@ export async function startServer(options) {
                 silenceSentinel.on('recovered', (n) => notifier.record('recovered', 'active-silence', n));
                 silenceSentinel.on('nudge-error', (e) => notifier.record('nudge-error', 'active-silence', e.sessionName, e.err instanceof Error ? e.err.message : String(e.err)));
                 silenceSentinel.start();
+                silenceRecoveryActive = (s) => silenceSentinel.isRecoveryActive(s);
                 console.log(pc.green(telegramEscalation
                     ? '  ActiveWorkSilenceSentinel enabled (silent-freeze watchdog — Telegram escalation ON, consolidated)'
                     : '  ActiveWorkSilenceSentinel enabled (silent-freeze watchdog — logs only, Telegram escalation OFF)'));
             }
         }
+        // Recompose the zombie-kill veto to include ALL four recovery sentinels now
+        // that socket + silence exist (the interim set above covered only compaction
+        // + rate-limit, before those two were constructed). This single composed
+        // predicate is the superset — it drops none — and is reused as the
+        // SessionReaper's recovery gate (G) so the reaper never kills a session any
+        // sentinel is reviving. SESSION-REAPER-SPEC §4 "compose, don't replace".
+        const composedRecoveryActive = (session) => compactionSentinel.isRecoveryActive(session.tmuxSession) ||
+            rateLimitSentinel.isRecoveryActive(session.tmuxSession) ||
+            (socketRecoveryActive?.(session.tmuxSession) ?? false) ||
+            (silenceRecoveryActive?.(session.tmuxSession) ?? false);
+        sessionManager.setActiveRecoveryChecker(composedRecoveryActive);
         // Trigger 1: PreCompact hook event — report to sentinel.
         hookEventReceiver.on('PreCompact', () => {
             // Delay to let compaction + recovery hooks finish
@@ -6779,6 +6798,50 @@ export async function startServer(options) {
         const { OutboundDedupGate } = await import('../core/OutboundDedupGate.js');
         const outboundDedupGate = new OutboundDedupGate();
         console.log(pc.green('  Outbound dedup gate: active (word-3gram Jaccard, threshold 0.7, 5min window)'));
+        // Unjustified Stop Gate — observe-only by default. The routes and authority
+        // already fail open; constructing both pieces here is what makes the Stop
+        // router produce real shadow-mode telemetry instead of a dark endpoint.
+        let unjustifiedStopGate;
+        let stopGateDb;
+        {
+            const { configureStopGateState } = await import('../server/stopGate.js');
+            const modeFilePath = path.join(config.stateDir, 'server-data', 'stop-gate-mode.json');
+            try {
+                const { StopGateDb } = await import('../core/StopGateDb.js');
+                stopGateDb = new StopGateDb({
+                    dbPath: path.join(config.stateDir, 'server-data', 'stop-gate.db'),
+                });
+            }
+            catch (err) {
+                DegradationReporter.getInstance().report({
+                    feature: 'unjustifiedStopGate.db',
+                    primary: 'SQLite decision log for Stop-gate evaluations',
+                    fallback: 'fail-open → no Stop-gate persistence',
+                    reason: err instanceof Error ? err.message : String(err),
+                    impact: 'Stop events are allowed and not recorded until the database opens.',
+                });
+            }
+            if (sharedIntelligence && stopGateDb) {
+                try {
+                    const { UnjustifiedStopGate } = await import('../core/UnjustifiedStopGate.js');
+                    unjustifiedStopGate = new UnjustifiedStopGate({ intelligence: sharedIntelligence });
+                }
+                catch (err) {
+                    DegradationReporter.getInstance().report({
+                        feature: 'unjustifiedStopGate.authority',
+                        primary: 'LLM authority for unjustified Stop-event detection',
+                        fallback: 'fail-open → allow',
+                        reason: err instanceof Error ? err.message : String(err),
+                        impact: 'Stop events are allowed until the authority can initialize.',
+                    });
+                }
+            }
+            const activeMode = configureStopGateState({
+                modeFilePath,
+                defaultMode: unjustifiedStopGate && stopGateDb ? 'shadow' : 'off',
+            });
+            console.log(pc.green(`  Unjustified Stop Gate: ${activeMode}${unjustifiedStopGate && stopGateDb ? ' (authority + SQLite wired)' : ' (degraded, fail-open)'}`));
+        }
         // Response Review Pipeline (Coherence Gate) — evaluates agent responses before delivery.
         // Prefers the shared IntelligenceProvider (subscription-compatible) so the gate works
         // even without ANTHROPIC_API_KEY. Falls back to direct Anthropic API if a key is set
@@ -7193,7 +7256,86 @@ export async function startServer(options) {
                 },
             });
         }
-        const server = new AgentServer({ config, sessionManager, state, scheduler, telegram, relationships, feedback, feedbackAnomalyDetector, dispatches, updateChecker, autoUpdater, autoDispatcher, quotaTracker, quotaManager, publisher, viewer, tunnel, evolution, watchdog, topicMemory, triageNurse, projectMapper, coherenceGate: scopeVerifier, contextHierarchy, canonicalState, operationGate, sentinel, adaptiveTrust, memoryMonitor, orphanReaper, coherenceMonitor, commitmentTracker, semanticMemory, activitySentinel, rateLimitSentinel, messageRouter, summarySentinel, spawnManager, systemReviewer, capabilityMapper, selfKnowledgeTree, coverageAuditor, topicResumeMap: _topicResumeMap ?? undefined, sessionRefresh: _sessionRefresh ?? undefined, autonomyManager, trustElevationTracker, autonomousEvolution, coordinator: coordinator.enabled ? coordinator : undefined, localSigningKeyPem, whatsapp: whatsappAdapter, slack: slackAdapter, imessage: imessageAdapter, whatsappBusinessBackend, messageBridge, hookEventReceiver, worktreeMonitor, subagentTracker, instructionsVerifier, handshakeManager: threadlineHandshake, threadlineRouter, conversationStore, warrantsReplyGate, collaborationSurfacer, threadResumeMap, topicLinkageHandler: topicLinkageHandler ?? undefined, threadlineRelayClient, threadlineReplyWaiters, listenerManager: listenerManager ?? undefined, responseReviewGate, messagingToneGate, outboundDedupGate, telemetryHeartbeat, pasteManager, featureRegistry, discoveryEvaluator, completionEvaluator, unifiedTrust, liveConfig, sharedStateLedger, ledgerSessionRegistry, worktreeManager, oidcEnrolledRepos: parallelDevConfig?.oidcEnrolledRepos, initiativeTracker, projectRoundRunner, projectDriftChecker, machineHeartbeat, proxyCoordinator, topicIntentStore, usherSignalStore, intelligence: sharedIntelligence ?? undefined, telegramBridgeConfig, telegramBridge: telegramBridge ?? undefined, threadlineObservability, workingMemory, taskFlowRegistry, threadlineFlowBridge });
+        // ── SessionReaper (SESSION-REAPER-SPEC) ──────────────────────────────
+        // Pressure-aware reaper of idle-but-alive sessions. Ships OFF + dry-run by
+        // default; the classifier's positive-evidence + confidence-contract is what
+        // guarantees it never reaps a working session. Reuses composedRecoveryActive
+        // (gate G) so it defers to every recovery sentinel. Pressure is freemem-tiered
+        // for v1 (advisory; spawn-denial-primary is a tracked follow-up) — and note
+        // an over-eager tier can only reap a GENUINELY-idle session sooner, never a
+        // working one (the classifier protects working sessions regardless of tier).
+        const { SessionReaper, fileAuditSink } = await import('../monitoring/SessionReaper.js');
+        const _os = await import('node:os');
+        const _resolveTopic = (tmuxSession) => {
+            const t = telegram?.getTopicForSession(tmuxSession);
+            if (t == null)
+                return null;
+            const n = typeof t === 'number' ? t : Number(t);
+            return Number.isFinite(n) ? n : null;
+        };
+        const sessionReaper = new SessionReaper({
+            listRunningSessions: () => sessionManager.listRunningSessions(),
+            captureOutput: (s, n) => sessionManager.captureOutput(s, n) ?? '',
+            hasActiveProcesses: (s) => sessionManager.hasActiveProcesses(s),
+            frameworkForSession: (s) => sessionManager.frameworkForSession(s),
+            isRecoveryActive: (session) => composedRecoveryActive(session),
+            isRelayLeaseActive: (id) => sessionManager.isRelayLeaseActive(id),
+            hasPendingInjection: (s) => sessionManager.getPendingInjection(s) != null,
+            topicBinding: _resolveTopic,
+            // Gate I is a v1 stub (returns false): active conversation is already
+            // covered by the relay-lease + pending-injection gates and by render
+            // stasis (a session being talked to is not render-static for the full
+            // hysteresis+threshold window). Promoting to a real message-recency
+            // query is a tracked tuning follow-up.
+            recentUserMessage: () => false,
+            activeCommitmentForTopic: (topicId) => {
+                try {
+                    return commitmentTracker.getActive().some(c => c.topicId === topicId);
+                }
+                catch {
+                    return true;
+                } // cannot tell → protect
+            },
+            activeSubagentCount: (csid) => {
+                try {
+                    return csid ? subagentTracker.getActiveSubagents(csid).length : 0;
+                }
+                catch {
+                    return 1;
+                } // cannot tell → protect
+            },
+            buildOrAutonomousActive: (topicId) => {
+                const fresh = (p) => {
+                    try {
+                        return fs.existsSync(p) && (Date.now() - fs.statSync(p).mtimeMs) < 30 * 60_000;
+                    }
+                    catch {
+                        return false;
+                    }
+                };
+                if (topicId != null && fresh(path.join(config.stateDir, 'autonomous', `${topicId}.local.md`)))
+                    return true;
+                return fresh(path.join(config.stateDir, 'state', 'build', 'build-state.json'));
+            },
+            protectedSessions: () => sessionManager.getProtectedSessions(),
+            pressure: () => {
+                const total = _os.totalmem();
+                const freePct = total > 0 ? (_os.freemem() / total) * 100 : 100;
+                const tier = freePct < 5 ? 'critical' : freePct < 12 ? 'moderate' : 'normal';
+                return { tier, inputs: { freePct: Math.round(freePct * 10) / 10 } };
+            },
+            terminate: (id, reason) => sessionManager.terminateSession(id, reason),
+            markReaping: (id) => sessionManager.markReaping(id),
+            clearReaping: (id) => sessionManager.clearReaping(id),
+            audit: fileAuditSink(config.stateDir),
+        }, config.monitoring?.sessionReaper);
+        sessionReaper.start();
+        if (config.monitoring?.sessionReaper?.enabled) {
+            console.log(pc.green(config.monitoring.sessionReaper.dryRun === false
+                ? '  SessionReaper enabled (idle-session reaper — LIVE)'
+                : '  SessionReaper enabled (idle-session reaper — dry-run, logs only)'));
+        }
+        const server = new AgentServer({ config, sessionManager, state, scheduler, telegram, relationships, feedback, feedbackAnomalyDetector, dispatches, updateChecker, autoUpdater, autoDispatcher, quotaTracker, quotaManager, publisher, viewer, tunnel, evolution, watchdog, topicMemory, triageNurse, projectMapper, coherenceGate: scopeVerifier, contextHierarchy, canonicalState, operationGate, sentinel, adaptiveTrust, memoryMonitor, orphanReaper, coherenceMonitor, commitmentTracker, semanticMemory, activitySentinel, rateLimitSentinel, messageRouter, summarySentinel, spawnManager, systemReviewer, capabilityMapper, selfKnowledgeTree, coverageAuditor, topicResumeMap: _topicResumeMap ?? undefined, sessionRefresh: _sessionRefresh ?? undefined, autonomyManager, trustElevationTracker, autonomousEvolution, coordinator: coordinator.enabled ? coordinator : undefined, localSigningKeyPem, whatsapp: whatsappAdapter, slack: slackAdapter, imessage: imessageAdapter, whatsappBusinessBackend, messageBridge, hookEventReceiver, worktreeMonitor, subagentTracker, instructionsVerifier, handshakeManager: threadlineHandshake, threadlineRouter, conversationStore, warrantsReplyGate, collaborationSurfacer, threadResumeMap, topicLinkageHandler: topicLinkageHandler ?? undefined, threadlineRelayClient, threadlineReplyWaiters, listenerManager: listenerManager ?? undefined, responseReviewGate, messagingToneGate, outboundDedupGate, telemetryHeartbeat, pasteManager, featureRegistry, discoveryEvaluator, completionEvaluator, unifiedTrust, liveConfig, sharedStateLedger, ledgerSessionRegistry, worktreeManager, oidcEnrolledRepos: parallelDevConfig?.oidcEnrolledRepos, initiativeTracker, projectRoundRunner, projectDriftChecker, machineHeartbeat, proxyCoordinator, topicIntentStore, usherSignalStore, intelligence: sharedIntelligence ?? undefined, telegramBridgeConfig, telegramBridge: telegramBridge ?? undefined, threadlineObservability, workingMemory, taskFlowRegistry, threadlineFlowBridge, sessionReaper, unjustifiedStopGate, stopGateDb });
         // Boot-recovery (tunnel-failure-resilience spec Part 6): if the agent
         // died mid-relay-episode, the persisted tunnel.json carries
         // rotationPending=true. Rotate the dashboard PIN + authToken BEFORE