instar 1.3.440 → 1.3.442

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (37) hide show
  1. package/dist/commands/server.d.ts.map +1 -1
  2. package/dist/commands/server.js +36 -1
  3. package/dist/commands/server.js.map +1 -1
  4. package/dist/coordination/MandateStore.d.ts +30 -2
  5. package/dist/coordination/MandateStore.d.ts.map +1 -1
  6. package/dist/coordination/MandateStore.js +89 -3
  7. package/dist/coordination/MandateStore.js.map +1 -1
  8. package/dist/coordination/types.d.ts +35 -0
  9. package/dist/coordination/types.d.ts.map +1 -1
  10. package/dist/messaging/slack/SlackAdapter.d.ts.map +1 -1
  11. package/dist/messaging/slack/SlackAdapter.js +26 -6
  12. package/dist/messaging/slack/SlackAdapter.js.map +1 -1
  13. package/dist/permissions/MandateBackedGrantStore.d.ts +40 -0
  14. package/dist/permissions/MandateBackedGrantStore.d.ts.map +1 -0
  15. package/dist/permissions/MandateBackedGrantStore.js +72 -0
  16. package/dist/permissions/MandateBackedGrantStore.js.map +1 -0
  17. package/dist/permissions/SlackUserRegistry.d.ts +64 -0
  18. package/dist/permissions/SlackUserRegistry.d.ts.map +1 -0
  19. package/dist/permissions/SlackUserRegistry.js +114 -0
  20. package/dist/permissions/SlackUserRegistry.js.map +1 -0
  21. package/dist/permissions/index.d.ts +2 -0
  22. package/dist/permissions/index.d.ts.map +1 -1
  23. package/dist/permissions/index.js +2 -0
  24. package/dist/permissions/index.js.map +1 -1
  25. package/dist/server/CapabilityIndex.d.ts.map +1 -1
  26. package/dist/server/CapabilityIndex.js +1 -0
  27. package/dist/server/CapabilityIndex.js.map +1 -1
  28. package/dist/server/routes.d.ts.map +1 -1
  29. package/dist/server/routes.js +117 -0
  30. package/dist/server/routes.js.map +1 -1
  31. package/package.json +1 -1
  32. package/src/data/builtin-manifest.json +46 -46
  33. package/src/data/state-coherence-registry.json +12 -0
  34. package/upgrades/1.3.441.md +26 -0
  35. package/upgrades/1.3.442.md +28 -0
  36. package/upgrades/side-effects/mandate-user-grants.md +78 -0
  37. package/upgrades/side-effects/slack-org-permissions-phase1.md +68 -0
@@ -1 +1 @@
1
- {"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/commands/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAaH,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAS3D,OAAO,EAAE,eAAe,EAAiC,MAAM,iCAAiC,CAAC;AAuBjG,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAGvD,OAAO,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAC;AAiG7D,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AA6JtD,UAAU,YAAY;IACpB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;2DACuD;IACvD,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AA05BD,wBAAgB,mBAAmB,CACjC,QAAQ,EAAE,eAAe,EACzB,cAAc,EAAE,cAAc,EAC9B,YAAY,CAAC,EAAE,YAAY,EAC3B,WAAW,CAAC,EAAE,WAAW,EACzB,WAAW,CAAC,EAAE,WAAW,EACzB,iBAAiB,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC,OAAO,CAAC,EAGvE,UAAU,CAAC,EAAE,MAAM,OAAO,8BAA8B,EAAE,WAAW,GAAG,IAAI,EAK5E,qBAAqB,CAAC,EAAE,MAAM,OAAO,gCAAgC,EAAE,kBAAkB,GAAG,IAAI,GAC/F,IAAI,CAyUN;AA2lBD,wBAAsB,WAAW,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CAmpUtE;AAED,wBAAsB,UAAU,CAAC,OAAO,EAAE;IAAE,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAsDzE;AAED;;;;;;;;;;;GAWG;AACH,wBAAsB,aAAa,CAAC,OAAO,EAAE;IAAE,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAuD5E"}
1
+ {"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/commands/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAaH,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAS3D,OAAO,EAAE,eAAe,EAAiC,MAAM,iCAAiC,CAAC;AAuBjG,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAGvD,OAAO,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAC;AAiG7D,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AA6JtD,UAAU,YAAY;IACpB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;2DACuD;IACvD,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AA05BD,wBAAgB,mBAAmB,CACjC,QAAQ,EAAE,eAAe,EACzB,cAAc,EAAE,cAAc,EAC9B,YAAY,CAAC,EAAE,YAAY,EAC3B,WAAW,CAAC,EAAE,WAAW,EACzB,WAAW,CAAC,EAAE,WAAW,EACzB,iBAAiB,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC,OAAO,CAAC,EAGvE,UAAU,CAAC,EAAE,MAAM,OAAO,8BAA8B,EAAE,WAAW,GAAG,IAAI,EAK5E,qBAAqB,CAAC,EAAE,MAAM,OAAO,gCAAgC,EAAE,kBAAkB,GAAG,IAAI,GAC/F,IAAI,CAyUN;AA2lBD,wBAAsB,WAAW,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CAmrUtE;AAED,wBAAsB,UAAU,CAAC,OAAO,EAAE;IAAE,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAsDzE;AAED;;;;;;;;;;;GAWG;AACH,wBAAsB,aAAa,CAAC,OAAO,EAAE;IAAE,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAuD5E"}
@@ -4221,10 +4221,44 @@ export async function startServer(options) {
4221
4221
  const slackCfg = slackConfig.config;
4222
4222
  const pgCfg = slackCfg.permissionGate;
4223
4223
  if (pgCfg && (pgCfg.observeOnly || pgCfg.enforce)) {
4224
- const { SlackPermissionObserver, SlackPrincipalResolver, SlackPermissionGate, PermissionDecisionLedger, RolePolicy, HeuristicIntentClassifier, HeuristicAnomalyScorer, } = await import('../permissions/index.js');
4224
+ const { SlackPermissionObserver, SlackPrincipalResolver, SlackPermissionGate, PermissionDecisionLedger, RolePolicy, HeuristicIntentClassifier, HeuristicAnomalyScorer, MandateBackedGrantStore, } = await import('../permissions/index.js');
4225
4225
  // Own UserManager instance for verified-principal resolution (the
4226
4226
  // Telegram-block userManager is out of scope here). Reads users.json.
4227
4227
  const slackUserManager = new UserManager(config.stateDir, config.users);
4228
+ // ── Floor-action grants are read from the SIGNED Coordination Mandate ──
4229
+ // A MandateStore reader over the SAME file + SAME HMAC sign/verify deps as
4230
+ // the coordination engine in AgentServer (which is constructed later, so we
4231
+ // can't share the instance) — a stateless reader, so a second instance over
4232
+ // the same on-disk mandates is correct. With no stateDir, leave grants
4233
+ // unset (deny-by-default: the gate then refuses every floor action).
4234
+ let grantStore;
4235
+ if (config.stateDir) {
4236
+ try {
4237
+ const { MandateStore } = await import('../coordination/MandateStore.js');
4238
+ const cryptoMod = await import('node:crypto');
4239
+ const issuanceKey = config.authToken || 'mandate-issuance-unsigned-dev-key';
4240
+ const mSign = (canonical) => cryptoMod.createHmac('sha256', issuanceKey).update(canonical).digest('hex');
4241
+ const mVerify = (canonical, proof) => {
4242
+ const expected = mSign(canonical);
4243
+ try {
4244
+ return expected.length === proof.length
4245
+ && cryptoMod.timingSafeEqual(Buffer.from(expected), Buffer.from(proof));
4246
+ }
4247
+ catch { /* @silent-fallback-ok — a malformed proof must verify FALSE (deny-safe), never throw */
4248
+ return false;
4249
+ }
4250
+ };
4251
+ const mandateStore = new MandateStore({
4252
+ filePath: path.join(config.stateDir, 'state', 'coordination-mandates.json'),
4253
+ sign: mSign,
4254
+ verifySig: mVerify,
4255
+ });
4256
+ grantStore = new MandateBackedGrantStore({ store: mandateStore });
4257
+ }
4258
+ catch (ge) {
4259
+ console.warn('[slack] mandate-backed grant store wiring skipped:', ge.message);
4260
+ }
4261
+ }
4228
4262
  const observer = new SlackPermissionObserver({
4229
4263
  resolver: new SlackPrincipalResolver({
4230
4264
  resolveFromSlackUserId: (id) => slackUserManager.resolveFromSlackUserId(id),
@@ -4233,6 +4267,7 @@ export async function startServer(options) {
4233
4267
  rolePolicy: new RolePolicy(),
4234
4268
  classifier: new HeuristicIntentClassifier(),
4235
4269
  anomalyScorer: new HeuristicAnomalyScorer(),
4270
+ grants: grantStore,
4236
4271
  }),
4237
4272
  ledger: new PermissionDecisionLedger(config.stateDir),
4238
4273
  enforce: pgCfg.enforce === true,