instar 1.3.455 → 1.3.457
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/commands/server.d.ts.map +1 -1
- package/dist/commands/server.js +9 -8
- package/dist/commands/server.js.map +1 -1
- package/dist/core/devAgentGate.d.ts +39 -0
- package/dist/core/devAgentGate.d.ts.map +1 -0
- package/dist/core/devAgentGate.js +37 -0
- package/dist/core/devAgentGate.js.map +1 -0
- package/dist/core/devGatedFeatures.d.ts +41 -0
- package/dist/core/devGatedFeatures.d.ts.map +1 -0
- package/dist/core/devGatedFeatures.js +76 -0
- package/dist/core/devGatedFeatures.js.map +1 -0
- package/dist/server/AgentServer.d.ts.map +1 -1
- package/dist/server/AgentServer.js +3 -2
- package/dist/server/AgentServer.js.map +1 -1
- package/dist/server/routes.d.ts.map +1 -1
- package/dist/server/routes.js +2 -1
- package/dist/server/routes.js.map +1 -1
- package/package.json +4 -2
- package/scripts/lint-dev-agent-dark-gate.js +196 -0
- package/scripts/lint-no-direct-destructive.js +4 -0
- package/src/data/builtin-manifest.json +47 -47
- package/upgrades/1.3.456.md +33 -0
- package/upgrades/1.3.457.md +45 -0
- package/upgrades/side-effects/dev-agent-dark-gate-lint.md +104 -0
- package/upgrades/side-effects/dev-gated-features-registry.md +70 -0
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "instar",
|
|
3
|
-
"version": "1.3.
|
|
3
|
+
"version": "1.3.457",
|
|
4
4
|
"description": "Coherence infrastructure for self-evolving AI agents — on the Claude Code or Codex subscription you already have.",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "dist/index.js",
|
|
@@ -28,8 +28,10 @@
|
|
|
28
28
|
"test:contract": "node scripts/run-contract-tests.js",
|
|
29
29
|
"test:contract:raw": "vitest run --config vitest.contract.config.ts",
|
|
30
30
|
"test:all": "vitest run && vitest run --config vitest.integration.config.ts && vitest run --config vitest.e2e.config.ts",
|
|
31
|
-
"lint": "tsc --noEmit && node scripts/lint-no-direct-destructive.js && node scripts/lint-no-direct-llm-http.js && node scripts/lint-no-direct-url-log.js && node scripts/lint-no-unfunneled-topic-creation.js && node scripts/lint-no-unfunneled-headless-launch.js && node scripts/lint-state-registry.js && node scripts/lint-cas-emit-placement.js && node scripts/lint-journal-actuation-ban.js && node scripts/lint-no-blocking-process-scans.js && node scripts/check-codex-rule1-drift.js",
|
|
31
|
+
"lint": "tsc --noEmit && node scripts/lint-no-direct-destructive.js && node scripts/lint-no-direct-llm-http.js && node scripts/lint-no-direct-url-log.js && node scripts/lint-no-unfunneled-topic-creation.js && node scripts/lint-no-unfunneled-headless-launch.js && node scripts/lint-state-registry.js && node scripts/lint-cas-emit-placement.js && node scripts/lint-journal-actuation-ban.js && node scripts/lint-no-blocking-process-scans.js && node scripts/lint-dev-agent-dark-gate.js && node scripts/check-codex-rule1-drift.js",
|
|
32
32
|
"lint:destructive": "node scripts/lint-no-direct-destructive.js",
|
|
33
|
+
"lint:dev-agent-dark-gate": "node scripts/lint-dev-agent-dark-gate.js",
|
|
34
|
+
"lint:dev-agent-dark-gate:staged": "node scripts/lint-dev-agent-dark-gate.js --staged",
|
|
33
35
|
"lint:destructive:staged": "node scripts/lint-no-direct-destructive.js --staged",
|
|
34
36
|
"lint:llm-http": "node scripts/lint-no-direct-llm-http.js",
|
|
35
37
|
"lint:llm-http:staged": "node scripts/lint-no-direct-llm-http.js --staged",
|
|
@@ -0,0 +1,196 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
/**
|
|
3
|
+
* lint-dev-agent-dark-gate.js — enforces the developmentAgent dark-feature gate
|
|
4
|
+
* standard (standard_development_agent_dark_feature_gate).
|
|
5
|
+
*
|
|
6
|
+
* Born from PR #1001: the GrowthMilestoneAnalyst hardcoded `enabled: false` in
|
|
7
|
+
* its config default instead of omitting it, so it shipped dark for EVERY agent
|
|
8
|
+
* (dev agents included), silently contradicting the standard. Caught only by
|
|
9
|
+
* operator review — there was no structural guard. This is that guard.
|
|
10
|
+
*
|
|
11
|
+
* Two assertions over `src/`:
|
|
12
|
+
*
|
|
13
|
+
* A. FUNNEL — every dev-agent gate resolution must go through
|
|
14
|
+
* `resolveDevAgentGate` (src/core/devAgentGate.ts). A hand-rolled
|
|
15
|
+
* `?? !!<x>.developmentAgent` / `?? <x>.developmentAgent` anywhere else is a
|
|
16
|
+
* violation (same contract as lint-no-direct-destructive: one funnel, no
|
|
17
|
+
* forks). Comments that merely describe the pattern are ignored.
|
|
18
|
+
*
|
|
19
|
+
* B. NO HARDCODED `enabled: false` UNDER A GATE MARKER — in
|
|
20
|
+
* src/config/ConfigDefaults.ts, a config block whose comment references the
|
|
21
|
+
* dev-gate convention (mentions `developmentAgent` + `dark`/`gate`) must NOT
|
|
22
|
+
* hardcode `enabled: false` in the CODE lines that follow. The convention is
|
|
23
|
+
* to OMIT `enabled` so the gate decides; a baked-in `false` in the shipped
|
|
24
|
+
* default is the exact #1001 shape (it darks dev agents too). `enabled: true`
|
|
25
|
+
* is NOT flagged — that is an allowed deliberate fleet-flip. Comment prose is
|
|
26
|
+
* skipped so the convention's own documentation never trips the check.
|
|
27
|
+
*
|
|
28
|
+
* Exit codes:
|
|
29
|
+
* 0 — no violations.
|
|
30
|
+
* 1 — at least one violation.
|
|
31
|
+
*
|
|
32
|
+
* Usage:
|
|
33
|
+
* node scripts/lint-dev-agent-dark-gate.js # full src/ tree
|
|
34
|
+
* node scripts/lint-dev-agent-dark-gate.js --staged # staged files only
|
|
35
|
+
* node scripts/lint-dev-agent-dark-gate.js path1 path2 # specific files
|
|
36
|
+
*/
|
|
37
|
+
|
|
38
|
+
import fs from 'node:fs';
|
|
39
|
+
import path from 'node:path';
|
|
40
|
+
import { execSync } from 'node:child_process';
|
|
41
|
+
import { fileURLToPath } from 'node:url';
|
|
42
|
+
|
|
43
|
+
const __filename = fileURLToPath(import.meta.url);
|
|
44
|
+
const __dirname = path.dirname(__filename);
|
|
45
|
+
const ROOT = path.resolve(__dirname, '..');
|
|
46
|
+
const SRC_DIR = path.join(ROOT, 'src');
|
|
47
|
+
|
|
48
|
+
// The funnel itself, plus this lint, legitimately name the pattern.
|
|
49
|
+
const FUNNEL_ALLOWLIST = new Set([
|
|
50
|
+
'src/core/devAgentGate.ts',
|
|
51
|
+
]);
|
|
52
|
+
|
|
53
|
+
// Hand-rolled dev-agent gate resolution: `?? [!! | Boolean(]<expr>.developmentAgent`,
|
|
54
|
+
// including bracket access `['developmentAgent']`. Catches the canonical `!!`
|
|
55
|
+
// form, the `Boolean(...)` form, and quoted-key access — the realistic spellings.
|
|
56
|
+
// (It cannot catch arbitrary aliases/wrapper helpers; that limit is documented
|
|
57
|
+
// in the spec's Layer-1 "misses" row.)
|
|
58
|
+
const HANDROLLED_GATE =
|
|
59
|
+
/\?\?\s*(?:!{1,2}\s*|Boolean\s*\(\s*)?[A-Za-z_$][\w$.?]*(?:\.developmentAgent\b|\[\s*['"]developmentAgent['"]\s*\])/;
|
|
60
|
+
// A comment referencing the gate convention (for assertion B).
|
|
61
|
+
const GATE_MARKER = /developmentAgent/i;
|
|
62
|
+
const GATE_MARKER_QUALIFIER = /\b(dark|gate)\b/i;
|
|
63
|
+
// Only a baked-in `false` is the #1001 bug; `true` is an allowed fleet-flip.
|
|
64
|
+
// Catches both bare and quoted keys (`enabled: false` / `"enabled": false`).
|
|
65
|
+
const HARDCODED_ENABLED = /(["']?)enabled\1\s*:\s*false\b/;
|
|
66
|
+
// Once a marker comment is found, scan the config block it introduces (brace-
|
|
67
|
+
// matched, NOT a fixed line window — a long marker comment must not push the
|
|
68
|
+
// block out of range, the bug that let a regressed growthAnalyst slip through).
|
|
69
|
+
const BLOCK_OPEN_SEARCH = 15; // max non-code lines between marker and the block's `{`
|
|
70
|
+
const BLOCK_MAX_LINES = 120; // safety bound on block-body scan
|
|
71
|
+
|
|
72
|
+
/** Strip a `//` line comment; return null if the line is a pure comment line. */
|
|
73
|
+
function codeOnly(line) {
|
|
74
|
+
const trimmed = line.trim();
|
|
75
|
+
if (trimmed.startsWith('*') || trimmed.startsWith('//') || trimmed.startsWith('/*')) {
|
|
76
|
+
return null; // comment line — no code
|
|
77
|
+
}
|
|
78
|
+
const idx = line.indexOf('//');
|
|
79
|
+
return idx >= 0 ? line.slice(0, idx) : line;
|
|
80
|
+
}
|
|
81
|
+
|
|
82
|
+
/** Is this line (trimmed) a comment line? */
|
|
83
|
+
function isCommentLine(line) {
|
|
84
|
+
const t = line.trim();
|
|
85
|
+
return t.startsWith('*') || t.startsWith('//') || t.startsWith('/*');
|
|
86
|
+
}
|
|
87
|
+
|
|
88
|
+
function listSourceFiles() {
|
|
89
|
+
const out = [];
|
|
90
|
+
const walk = (dir) => {
|
|
91
|
+
for (const e of fs.readdirSync(dir, { withFileTypes: true })) {
|
|
92
|
+
const full = path.join(dir, e.name);
|
|
93
|
+
if (e.isDirectory()) {
|
|
94
|
+
if (e.name === 'node_modules') continue;
|
|
95
|
+
walk(full);
|
|
96
|
+
} else if (/\.(ts|tsx|js|mjs|cjs)$/.test(e.name) && !/\.test\.[tj]s$/.test(e.name)) {
|
|
97
|
+
out.push(full);
|
|
98
|
+
}
|
|
99
|
+
}
|
|
100
|
+
};
|
|
101
|
+
walk(SRC_DIR);
|
|
102
|
+
return out;
|
|
103
|
+
}
|
|
104
|
+
|
|
105
|
+
function resolveTargets() {
|
|
106
|
+
const args = process.argv.slice(2);
|
|
107
|
+
if (args.includes('--staged')) {
|
|
108
|
+
const staged = execSync('git diff --cached --name-only --diff-filter=ACM', { cwd: ROOT, encoding: 'utf-8' })
|
|
109
|
+
.split('\n').map((s) => s.trim()).filter(Boolean)
|
|
110
|
+
.filter((f) => f.startsWith('src/') && /\.(ts|tsx|js|mjs|cjs)$/.test(f) && !/\.test\.[tj]s$/.test(f))
|
|
111
|
+
.map((f) => path.join(ROOT, f));
|
|
112
|
+
return staged;
|
|
113
|
+
}
|
|
114
|
+
const explicit = args.filter((a) => !a.startsWith('--'));
|
|
115
|
+
if (explicit.length) return explicit.map((f) => path.resolve(ROOT, f));
|
|
116
|
+
return listSourceFiles();
|
|
117
|
+
}
|
|
118
|
+
|
|
119
|
+
const violations = [];
|
|
120
|
+
|
|
121
|
+
for (const file of resolveTargets()) {
|
|
122
|
+
if (!fs.existsSync(file)) continue;
|
|
123
|
+
const rel = path.relative(ROOT, file);
|
|
124
|
+
const lines = fs.readFileSync(file, 'utf-8').split('\n');
|
|
125
|
+
|
|
126
|
+
// ── Assertion A: funnel ──
|
|
127
|
+
if (!FUNNEL_ALLOWLIST.has(rel)) {
|
|
128
|
+
lines.forEach((line, i) => {
|
|
129
|
+
const code = codeOnly(line);
|
|
130
|
+
if (code === null) return;
|
|
131
|
+
if (HANDROLLED_GATE.test(code)) {
|
|
132
|
+
violations.push({
|
|
133
|
+
file: rel, line: i + 1, kind: 'A: hand-rolled gate',
|
|
134
|
+
text: line.trim(),
|
|
135
|
+
fix: 'route through resolveDevAgentGate(explicitEnabled, config) from src/core/devAgentGate.ts',
|
|
136
|
+
});
|
|
137
|
+
}
|
|
138
|
+
});
|
|
139
|
+
}
|
|
140
|
+
|
|
141
|
+
// ── Assertion B: ConfigDefaults marker (any ConfigDefaults.ts) ──
|
|
142
|
+
if (path.basename(file) === 'ConfigDefaults.ts') {
|
|
143
|
+
const reportedB = new Set(); // a multi-line marker comment fires per line — dedupe by target line
|
|
144
|
+
lines.forEach((line, i) => {
|
|
145
|
+
if (!isCommentLine(line)) return;
|
|
146
|
+
if (!(GATE_MARKER.test(line) && GATE_MARKER_QUALIFIER.test(line))) return;
|
|
147
|
+
// Find the config block this marker introduces: the first CODE line with an
|
|
148
|
+
// opening `{`, skipping any further comment/blank lines. A NON-comment line
|
|
149
|
+
// without a `{` means the marker doesn't introduce an object — stop.
|
|
150
|
+
let openIdx = -1;
|
|
151
|
+
for (let j = i + 1; j <= Math.min(i + BLOCK_OPEN_SEARCH, lines.length - 1); j++) {
|
|
152
|
+
const codeJ = codeOnly(lines[j]);
|
|
153
|
+
if (codeJ === null || codeJ.trim() === '') continue;
|
|
154
|
+
if (codeJ.includes('{')) { openIdx = j; }
|
|
155
|
+
break;
|
|
156
|
+
}
|
|
157
|
+
if (openIdx < 0) return;
|
|
158
|
+
// Brace-match from the opener and scan the block BODY (code lines only, so
|
|
159
|
+
// comment prose like "the fleet-flip registers `enabled: true` here" can't
|
|
160
|
+
// trip it) for a hardcoded `enabled: false`. Brace-matched rather than a
|
|
161
|
+
// fixed window so a long marker comment can't push the block out of range.
|
|
162
|
+
let depth = 0;
|
|
163
|
+
for (let j = openIdx; j <= Math.min(openIdx + BLOCK_MAX_LINES, lines.length - 1); j++) {
|
|
164
|
+
const codeJ = codeOnly(lines[j]);
|
|
165
|
+
if (codeJ === null) continue;
|
|
166
|
+
if (HARDCODED_ENABLED.test(codeJ) && !reportedB.has(j)) {
|
|
167
|
+
reportedB.add(j);
|
|
168
|
+
violations.push({
|
|
169
|
+
file: rel, line: j + 1, kind: 'B: hardcoded enabled under gate marker',
|
|
170
|
+
text: lines[j].trim(),
|
|
171
|
+
fix: 'OMIT `enabled` from the default so the gate decides (resolved as enabled ?? !!developmentAgent at runtime)',
|
|
172
|
+
});
|
|
173
|
+
}
|
|
174
|
+
for (const ch of codeJ) {
|
|
175
|
+
if (ch === '{') depth++;
|
|
176
|
+
else if (ch === '}') depth--;
|
|
177
|
+
}
|
|
178
|
+
if (depth <= 0 && j > openIdx) break; // block closed
|
|
179
|
+
}
|
|
180
|
+
});
|
|
181
|
+
}
|
|
182
|
+
}
|
|
183
|
+
|
|
184
|
+
if (violations.length === 0) {
|
|
185
|
+
console.log('lint-dev-agent-dark-gate: clean');
|
|
186
|
+
process.exit(0);
|
|
187
|
+
}
|
|
188
|
+
|
|
189
|
+
console.error('\n❌ lint-dev-agent-dark-gate found violations of the developmentAgent dark-feature gate standard:\n');
|
|
190
|
+
for (const v of violations) {
|
|
191
|
+
console.error(` ${v.file}:${v.line} [${v.kind}]`);
|
|
192
|
+
console.error(` ${v.text}`);
|
|
193
|
+
console.error(` fix: ${v.fix}\n`);
|
|
194
|
+
}
|
|
195
|
+
console.error('Standard: a dev-gated feature OMITS `enabled` and resolves it through resolveDevAgentGate so it runs LIVE on dev agents and DARK on the fleet. Spec: docs/specs/DEV-AGENT-DARK-GATE-CONFORMANCE-SPEC.md\n');
|
|
196
|
+
process.exit(1);
|
|
@@ -80,6 +80,10 @@ const ALLOWLIST = new Set([
|
|
|
80
80
|
// Same bootstrap-escape pattern (blocking-process-scan lint, topic 21816
|
|
81
81
|
// post-mortem #3) — read-only `git diff --cached --name-only` only.
|
|
82
82
|
'scripts/lint-no-blocking-process-scans.js',
|
|
83
|
+
// Same bootstrap-escape pattern (dev-agent dark-gate conformance lint) —
|
|
84
|
+
// read-only `git diff --cached --name-only` for --staged. Cannot depend on
|
|
85
|
+
// the TS funnel because TS is not compiled when the lint runs in pre-push.
|
|
86
|
+
'scripts/lint-dev-agent-dark-gate.js',
|
|
83
87
|
// Postinstall bootstrap script — runs before TypeScript is compiled and
|
|
84
88
|
// before SafeFsExecutor is available. CommonJS, can't use ESM imports.
|
|
85
89
|
'scripts/fix-better-sqlite3.cjs',
|
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
{
|
|
2
2
|
"$schema": "./builtin-manifest.schema.json",
|
|
3
3
|
"schemaVersion": 1,
|
|
4
|
-
"generatedAt": "2026-06-
|
|
5
|
-
"instarVersion": "1.3.
|
|
4
|
+
"generatedAt": "2026-06-10T01:54:06.043Z",
|
|
5
|
+
"instarVersion": "1.3.457",
|
|
6
6
|
"entryCount": 199,
|
|
7
7
|
"entries": {
|
|
8
8
|
"hook:session-start": {
|
|
@@ -418,7 +418,7 @@
|
|
|
418
418
|
"type": "route-group",
|
|
419
419
|
"domain": "monitoring",
|
|
420
420
|
"sourcePath": "src/server/routes.ts",
|
|
421
|
-
"contentHash": "
|
|
421
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
422
422
|
"since": "2025-01-01"
|
|
423
423
|
},
|
|
424
424
|
"route-group:agents": {
|
|
@@ -426,7 +426,7 @@
|
|
|
426
426
|
"type": "route-group",
|
|
427
427
|
"domain": "sessions",
|
|
428
428
|
"sourcePath": "src/server/routes.ts",
|
|
429
|
-
"contentHash": "
|
|
429
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
430
430
|
"since": "2025-01-01"
|
|
431
431
|
},
|
|
432
432
|
"route-group:backups": {
|
|
@@ -434,7 +434,7 @@
|
|
|
434
434
|
"type": "route-group",
|
|
435
435
|
"domain": "operations",
|
|
436
436
|
"sourcePath": "src/server/routes.ts",
|
|
437
|
-
"contentHash": "
|
|
437
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
438
438
|
"since": "2025-01-01"
|
|
439
439
|
},
|
|
440
440
|
"route-group:git": {
|
|
@@ -442,7 +442,7 @@
|
|
|
442
442
|
"type": "route-group",
|
|
443
443
|
"domain": "coordination",
|
|
444
444
|
"sourcePath": "src/server/routes.ts",
|
|
445
|
-
"contentHash": "
|
|
445
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
446
446
|
"since": "2025-01-01"
|
|
447
447
|
},
|
|
448
448
|
"route-group:memory": {
|
|
@@ -450,7 +450,7 @@
|
|
|
450
450
|
"type": "route-group",
|
|
451
451
|
"domain": "memory",
|
|
452
452
|
"sourcePath": "src/server/routes.ts",
|
|
453
|
-
"contentHash": "
|
|
453
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
454
454
|
"since": "2025-01-01"
|
|
455
455
|
},
|
|
456
456
|
"route-group:semantic": {
|
|
@@ -458,7 +458,7 @@
|
|
|
458
458
|
"type": "route-group",
|
|
459
459
|
"domain": "memory",
|
|
460
460
|
"sourcePath": "src/server/routes.ts",
|
|
461
|
-
"contentHash": "
|
|
461
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
462
462
|
"since": "2025-01-01"
|
|
463
463
|
},
|
|
464
464
|
"route-group:status": {
|
|
@@ -466,7 +466,7 @@
|
|
|
466
466
|
"type": "route-group",
|
|
467
467
|
"domain": "monitoring",
|
|
468
468
|
"sourcePath": "src/server/routes.ts",
|
|
469
|
-
"contentHash": "
|
|
469
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
470
470
|
"since": "2025-01-01"
|
|
471
471
|
},
|
|
472
472
|
"route-group:capabilities": {
|
|
@@ -474,7 +474,7 @@
|
|
|
474
474
|
"type": "route-group",
|
|
475
475
|
"domain": "mapping",
|
|
476
476
|
"sourcePath": "src/server/routes.ts",
|
|
477
|
-
"contentHash": "
|
|
477
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
478
478
|
"since": "2025-01-01"
|
|
479
479
|
},
|
|
480
480
|
"route-group:project-map": {
|
|
@@ -482,7 +482,7 @@
|
|
|
482
482
|
"type": "route-group",
|
|
483
483
|
"domain": "mapping",
|
|
484
484
|
"sourcePath": "src/server/routes.ts",
|
|
485
|
-
"contentHash": "
|
|
485
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
486
486
|
"since": "2025-01-01"
|
|
487
487
|
},
|
|
488
488
|
"route-group:coherence": {
|
|
@@ -490,7 +490,7 @@
|
|
|
490
490
|
"type": "route-group",
|
|
491
491
|
"domain": "coherence",
|
|
492
492
|
"sourcePath": "src/server/routes.ts",
|
|
493
|
-
"contentHash": "
|
|
493
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
494
494
|
"since": "2025-01-01"
|
|
495
495
|
},
|
|
496
496
|
"route-group:topic-bindings": {
|
|
@@ -498,7 +498,7 @@
|
|
|
498
498
|
"type": "route-group",
|
|
499
499
|
"domain": "sessions",
|
|
500
500
|
"sourcePath": "src/server/routes.ts",
|
|
501
|
-
"contentHash": "
|
|
501
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
502
502
|
"since": "2025-01-01"
|
|
503
503
|
},
|
|
504
504
|
"route-group:context": {
|
|
@@ -506,7 +506,7 @@
|
|
|
506
506
|
"type": "route-group",
|
|
507
507
|
"domain": "context",
|
|
508
508
|
"sourcePath": "src/server/routes.ts",
|
|
509
|
-
"contentHash": "
|
|
509
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
510
510
|
"since": "2025-01-01"
|
|
511
511
|
},
|
|
512
512
|
"route-group:scope-coherence": {
|
|
@@ -514,7 +514,7 @@
|
|
|
514
514
|
"type": "route-group",
|
|
515
515
|
"domain": "coherence",
|
|
516
516
|
"sourcePath": "src/server/routes.ts",
|
|
517
|
-
"contentHash": "
|
|
517
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
518
518
|
"since": "2025-01-01"
|
|
519
519
|
},
|
|
520
520
|
"route-group:canonical-state": {
|
|
@@ -522,7 +522,7 @@
|
|
|
522
522
|
"type": "route-group",
|
|
523
523
|
"domain": "state",
|
|
524
524
|
"sourcePath": "src/server/routes.ts",
|
|
525
|
-
"contentHash": "
|
|
525
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
526
526
|
"since": "2025-01-01"
|
|
527
527
|
},
|
|
528
528
|
"route-group:ci": {
|
|
@@ -530,7 +530,7 @@
|
|
|
530
530
|
"type": "route-group",
|
|
531
531
|
"domain": "monitoring",
|
|
532
532
|
"sourcePath": "src/server/routes.ts",
|
|
533
|
-
"contentHash": "
|
|
533
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
534
534
|
"since": "2025-01-01"
|
|
535
535
|
},
|
|
536
536
|
"route-group:sessions": {
|
|
@@ -538,7 +538,7 @@
|
|
|
538
538
|
"type": "route-group",
|
|
539
539
|
"domain": "sessions",
|
|
540
540
|
"sourcePath": "src/server/routes.ts",
|
|
541
|
-
"contentHash": "
|
|
541
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
542
542
|
"since": "2025-01-01"
|
|
543
543
|
},
|
|
544
544
|
"route-group:jobs": {
|
|
@@ -546,7 +546,7 @@
|
|
|
546
546
|
"type": "route-group",
|
|
547
547
|
"domain": "scheduling",
|
|
548
548
|
"sourcePath": "src/server/routes.ts",
|
|
549
|
-
"contentHash": "
|
|
549
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
550
550
|
"since": "2025-01-01"
|
|
551
551
|
},
|
|
552
552
|
"route-group:skip-ledger": {
|
|
@@ -554,7 +554,7 @@
|
|
|
554
554
|
"type": "route-group",
|
|
555
555
|
"domain": "scheduling",
|
|
556
556
|
"sourcePath": "src/server/routes.ts",
|
|
557
|
-
"contentHash": "
|
|
557
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
558
558
|
"since": "2025-01-01"
|
|
559
559
|
},
|
|
560
560
|
"route-group:telegram": {
|
|
@@ -562,7 +562,7 @@
|
|
|
562
562
|
"type": "route-group",
|
|
563
563
|
"domain": "communication",
|
|
564
564
|
"sourcePath": "src/server/routes.ts",
|
|
565
|
-
"contentHash": "
|
|
565
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
566
566
|
"since": "2025-01-01"
|
|
567
567
|
},
|
|
568
568
|
"route-group:attention": {
|
|
@@ -570,7 +570,7 @@
|
|
|
570
570
|
"type": "route-group",
|
|
571
571
|
"domain": "communication",
|
|
572
572
|
"sourcePath": "src/server/routes.ts",
|
|
573
|
-
"contentHash": "
|
|
573
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
574
574
|
"since": "2025-01-01"
|
|
575
575
|
},
|
|
576
576
|
"route-group:relationships": {
|
|
@@ -578,7 +578,7 @@
|
|
|
578
578
|
"type": "route-group",
|
|
579
579
|
"domain": "relationships",
|
|
580
580
|
"sourcePath": "src/server/routes.ts",
|
|
581
|
-
"contentHash": "
|
|
581
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
582
582
|
"since": "2025-01-01"
|
|
583
583
|
},
|
|
584
584
|
"route-group:feedback": {
|
|
@@ -586,7 +586,7 @@
|
|
|
586
586
|
"type": "route-group",
|
|
587
587
|
"domain": "feedback",
|
|
588
588
|
"sourcePath": "src/server/routes.ts",
|
|
589
|
-
"contentHash": "
|
|
589
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
590
590
|
"since": "2025-01-01"
|
|
591
591
|
},
|
|
592
592
|
"route-group:updates": {
|
|
@@ -594,7 +594,7 @@
|
|
|
594
594
|
"type": "route-group",
|
|
595
595
|
"domain": "updates",
|
|
596
596
|
"sourcePath": "src/server/routes.ts",
|
|
597
|
-
"contentHash": "
|
|
597
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
598
598
|
"since": "2025-01-01"
|
|
599
599
|
},
|
|
600
600
|
"route-group:dispatches": {
|
|
@@ -602,7 +602,7 @@
|
|
|
602
602
|
"type": "route-group",
|
|
603
603
|
"domain": "dispatches",
|
|
604
604
|
"sourcePath": "src/server/routes.ts",
|
|
605
|
-
"contentHash": "
|
|
605
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
606
606
|
"since": "2025-01-01"
|
|
607
607
|
},
|
|
608
608
|
"route-group:quota": {
|
|
@@ -610,7 +610,7 @@
|
|
|
610
610
|
"type": "route-group",
|
|
611
611
|
"domain": "monitoring",
|
|
612
612
|
"sourcePath": "src/server/routes.ts",
|
|
613
|
-
"contentHash": "
|
|
613
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
614
614
|
"since": "2025-01-01"
|
|
615
615
|
},
|
|
616
616
|
"route-group:publishing": {
|
|
@@ -618,7 +618,7 @@
|
|
|
618
618
|
"type": "route-group",
|
|
619
619
|
"domain": "publishing",
|
|
620
620
|
"sourcePath": "src/server/routes.ts",
|
|
621
|
-
"contentHash": "
|
|
621
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
622
622
|
"since": "2025-01-01"
|
|
623
623
|
},
|
|
624
624
|
"route-group:private-views": {
|
|
@@ -626,7 +626,7 @@
|
|
|
626
626
|
"type": "route-group",
|
|
627
627
|
"domain": "publishing",
|
|
628
628
|
"sourcePath": "src/server/routes.ts",
|
|
629
|
-
"contentHash": "
|
|
629
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
630
630
|
"since": "2025-01-01"
|
|
631
631
|
},
|
|
632
632
|
"route-group:tunnel": {
|
|
@@ -634,7 +634,7 @@
|
|
|
634
634
|
"type": "route-group",
|
|
635
635
|
"domain": "networking",
|
|
636
636
|
"sourcePath": "src/server/routes.ts",
|
|
637
|
-
"contentHash": "
|
|
637
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
638
638
|
"since": "2025-01-01"
|
|
639
639
|
},
|
|
640
640
|
"route-group:events": {
|
|
@@ -642,7 +642,7 @@
|
|
|
642
642
|
"type": "route-group",
|
|
643
643
|
"domain": "networking",
|
|
644
644
|
"sourcePath": "src/server/routes.ts",
|
|
645
|
-
"contentHash": "
|
|
645
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
646
646
|
"since": "2025-01-01"
|
|
647
647
|
},
|
|
648
648
|
"route-group:evolution": {
|
|
@@ -650,7 +650,7 @@
|
|
|
650
650
|
"type": "route-group",
|
|
651
651
|
"domain": "evolution",
|
|
652
652
|
"sourcePath": "src/server/routes.ts",
|
|
653
|
-
"contentHash": "
|
|
653
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
654
654
|
"since": "2025-01-01"
|
|
655
655
|
},
|
|
656
656
|
"route-group:watchdog": {
|
|
@@ -658,7 +658,7 @@
|
|
|
658
658
|
"type": "route-group",
|
|
659
659
|
"domain": "monitoring",
|
|
660
660
|
"sourcePath": "src/server/routes.ts",
|
|
661
|
-
"contentHash": "
|
|
661
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
662
662
|
"since": "2025-01-01"
|
|
663
663
|
},
|
|
664
664
|
"route-group:topic-memory": {
|
|
@@ -666,7 +666,7 @@
|
|
|
666
666
|
"type": "route-group",
|
|
667
667
|
"domain": "memory",
|
|
668
668
|
"sourcePath": "src/server/routes.ts",
|
|
669
|
-
"contentHash": "
|
|
669
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
670
670
|
"since": "2025-01-01"
|
|
671
671
|
},
|
|
672
672
|
"route-group:state-sync": {
|
|
@@ -674,7 +674,7 @@
|
|
|
674
674
|
"type": "route-group",
|
|
675
675
|
"domain": "coordination",
|
|
676
676
|
"sourcePath": "src/server/routes.ts",
|
|
677
|
-
"contentHash": "
|
|
677
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
678
678
|
"since": "2025-01-01"
|
|
679
679
|
},
|
|
680
680
|
"route-group:intent": {
|
|
@@ -682,7 +682,7 @@
|
|
|
682
682
|
"type": "route-group",
|
|
683
683
|
"domain": "intent",
|
|
684
684
|
"sourcePath": "src/server/routes.ts",
|
|
685
|
-
"contentHash": "
|
|
685
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
686
686
|
"since": "2025-01-01"
|
|
687
687
|
},
|
|
688
688
|
"route-group:triage": {
|
|
@@ -690,7 +690,7 @@
|
|
|
690
690
|
"type": "route-group",
|
|
691
691
|
"domain": "safety",
|
|
692
692
|
"sourcePath": "src/server/routes.ts",
|
|
693
|
-
"contentHash": "
|
|
693
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
694
694
|
"since": "2025-01-01"
|
|
695
695
|
},
|
|
696
696
|
"route-group:operations": {
|
|
@@ -698,7 +698,7 @@
|
|
|
698
698
|
"type": "route-group",
|
|
699
699
|
"domain": "safety",
|
|
700
700
|
"sourcePath": "src/server/routes.ts",
|
|
701
|
-
"contentHash": "
|
|
701
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
702
702
|
"since": "2025-01-01"
|
|
703
703
|
},
|
|
704
704
|
"route-group:sentinel": {
|
|
@@ -706,7 +706,7 @@
|
|
|
706
706
|
"type": "route-group",
|
|
707
707
|
"domain": "safety",
|
|
708
708
|
"sourcePath": "src/server/routes.ts",
|
|
709
|
-
"contentHash": "
|
|
709
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
710
710
|
"since": "2025-01-01"
|
|
711
711
|
},
|
|
712
712
|
"route-group:trust": {
|
|
@@ -714,7 +714,7 @@
|
|
|
714
714
|
"type": "route-group",
|
|
715
715
|
"domain": "safety",
|
|
716
716
|
"sourcePath": "src/server/routes.ts",
|
|
717
|
-
"contentHash": "
|
|
717
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
718
718
|
"since": "2025-01-01"
|
|
719
719
|
},
|
|
720
720
|
"route-group:monitoring": {
|
|
@@ -722,7 +722,7 @@
|
|
|
722
722
|
"type": "route-group",
|
|
723
723
|
"domain": "monitoring",
|
|
724
724
|
"sourcePath": "src/server/routes.ts",
|
|
725
|
-
"contentHash": "
|
|
725
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
726
726
|
"since": "2025-01-01"
|
|
727
727
|
},
|
|
728
728
|
"route-group:commitments": {
|
|
@@ -730,7 +730,7 @@
|
|
|
730
730
|
"type": "route-group",
|
|
731
731
|
"domain": "commitments",
|
|
732
732
|
"sourcePath": "src/server/routes.ts",
|
|
733
|
-
"contentHash": "
|
|
733
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
734
734
|
"since": "2025-01-01"
|
|
735
735
|
},
|
|
736
736
|
"route-group:episodes": {
|
|
@@ -738,7 +738,7 @@
|
|
|
738
738
|
"type": "route-group",
|
|
739
739
|
"domain": "memory",
|
|
740
740
|
"sourcePath": "src/server/routes.ts",
|
|
741
|
-
"contentHash": "
|
|
741
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
742
742
|
"since": "2025-01-01"
|
|
743
743
|
},
|
|
744
744
|
"route-group:messages": {
|
|
@@ -746,7 +746,7 @@
|
|
|
746
746
|
"type": "route-group",
|
|
747
747
|
"domain": "coordination",
|
|
748
748
|
"sourcePath": "src/server/routes.ts",
|
|
749
|
-
"contentHash": "
|
|
749
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
750
750
|
"since": "2025-01-01"
|
|
751
751
|
},
|
|
752
752
|
"route-group:system-reviews": {
|
|
@@ -754,7 +754,7 @@
|
|
|
754
754
|
"type": "route-group",
|
|
755
755
|
"domain": "monitoring",
|
|
756
756
|
"sourcePath": "src/server/routes.ts",
|
|
757
|
-
"contentHash": "
|
|
757
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
758
758
|
"since": "2025-01-01"
|
|
759
759
|
},
|
|
760
760
|
"route-group:machine-mesh": {
|
|
@@ -770,7 +770,7 @@
|
|
|
770
770
|
"type": "route-group",
|
|
771
771
|
"domain": "security",
|
|
772
772
|
"sourcePath": "src/server/routes.ts",
|
|
773
|
-
"contentHash": "
|
|
773
|
+
"contentHash": "75179857cd709e8165c1aa249caa8a704c7b3bdd1ed99ade3ec42f7cb3e18bad",
|
|
774
774
|
"since": "2025-01-01"
|
|
775
775
|
},
|
|
776
776
|
"cli:init": {
|
|
@@ -1506,7 +1506,7 @@
|
|
|
1506
1506
|
"type": "subsystem",
|
|
1507
1507
|
"domain": "server",
|
|
1508
1508
|
"sourcePath": "src/server/AgentServer.ts",
|
|
1509
|
-
"contentHash": "
|
|
1509
|
+
"contentHash": "2ebeac31cf1dce6c885f62677aa4fad1640be488149a2e973031b7a231fc4345",
|
|
1510
1510
|
"since": "2025-01-01"
|
|
1511
1511
|
},
|
|
1512
1512
|
"subsystem:session-manager": {
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
# Upgrade Guide — vNEXT
|
|
2
|
+
|
|
3
|
+
<!-- assembled-by: assemble-next-md -->
|
|
4
|
+
<!-- bump: patch -->
|
|
5
|
+
|
|
6
|
+
## What Changed
|
|
7
|
+
|
|
8
|
+
Added a structural guard for the `developmentAgent` dark-feature gate so a
|
|
9
|
+
dev-gated feature can no longer ship dark on development agents by hardcoding
|
|
10
|
+
`enabled: false` or hand-rolling the gate (the PR #1001 class of miss). A new
|
|
11
|
+
`resolveDevAgentGate` helper is the single funnel for the gate, and a new CI lint
|
|
12
|
+
(`scripts/lint-dev-agent-dark-gate.js`, run in the `lint` posture / Repo
|
|
13
|
+
Invariants) fails the build on a hand-rolled gate (`!!`/`Boolean(...)`/bracket
|
|
14
|
+
forms) outside the funnel, or a hardcoded `enabled: false` under a dev-gate marker
|
|
15
|
+
comment in `ConfigDefaults.ts` (brace-matched, so a long comment can't hide the
|
|
16
|
+
block). All 11 existing hand-rolled gate sites were migrated to the funnel —
|
|
17
|
+
behavior-identical, so no runtime behavior changes.
|
|
18
|
+
|
|
19
|
+
## What to Tell Your User
|
|
20
|
+
|
|
21
|
+
Nothing user-facing — this is internal developer/CI tooling (audience:
|
|
22
|
+
agent-only). It does not change how any feature behaves at runtime; it only stops
|
|
23
|
+
a specific developer mistake from recurring. No action needed.
|
|
24
|
+
|
|
25
|
+
## Summary of New Capabilities
|
|
26
|
+
|
|
27
|
+
- `resolveDevAgentGate(explicit, config)` — the canonical dev-agent dark-feature
|
|
28
|
+
gate funnel (`src/core/devAgentGate.ts`).
|
|
29
|
+
- `lint-dev-agent-dark-gate` — CI lint enforcing the `standard_development_agent_dark_feature_gate`
|
|
30
|
+
convention (joins the existing `lint-*` family).
|
|
31
|
+
- Honest limit: this slice does not catch a feature that omits the gate entirely
|
|
32
|
+
with no marker; that is deferred to a registry + both-sides wiring test and a
|
|
33
|
+
spec-intent cross-check, tracked as CMT-1253. <!-- tracked: CMT-1253 -->
|