instar 1.3.536 โ 1.3.538
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/commands/server.d.ts.map +1 -1
- package/dist/commands/server.js +107 -1
- package/dist/commands/server.js.map +1 -1
- package/dist/config/ConfigDefaults.d.ts.map +1 -1
- package/dist/config/ConfigDefaults.js +13 -0
- package/dist/config/ConfigDefaults.js.map +1 -1
- package/dist/core/CredentialLocationGate.d.ts +99 -0
- package/dist/core/CredentialLocationGate.d.ts.map +1 -0
- package/dist/core/CredentialLocationGate.js +127 -0
- package/dist/core/CredentialLocationGate.js.map +1 -0
- package/dist/core/CredentialSwapExecutor.d.ts +10 -0
- package/dist/core/CredentialSwapExecutor.d.ts.map +1 -1
- package/dist/core/CredentialSwapExecutor.js +19 -0
- package/dist/core/CredentialSwapExecutor.js.map +1 -1
- package/dist/core/InUseAccountResolver.d.ts +28 -1
- package/dist/core/InUseAccountResolver.d.ts.map +1 -1
- package/dist/core/InUseAccountResolver.js +34 -1
- package/dist/core/InUseAccountResolver.js.map +1 -1
- package/dist/core/QuotaPoller.d.ts +22 -0
- package/dist/core/QuotaPoller.d.ts.map +1 -1
- package/dist/core/QuotaPoller.js +42 -8
- package/dist/core/QuotaPoller.js.map +1 -1
- package/dist/core/SessionManager.d.ts +19 -0
- package/dist/core/SessionManager.d.ts.map +1 -1
- package/dist/core/SessionManager.js +37 -5
- package/dist/core/SessionManager.js.map +1 -1
- package/dist/core/WorkEvidence.d.ts +1 -1
- package/dist/core/WorkEvidence.d.ts.map +1 -1
- package/dist/core/WorkEvidence.js +7 -0
- package/dist/core/WorkEvidence.js.map +1 -1
- package/dist/core/devGatedFeatures.d.ts.map +1 -1
- package/dist/core/devGatedFeatures.js +6 -0
- package/dist/core/devGatedFeatures.js.map +1 -1
- package/dist/core/types.d.ts +27 -0
- package/dist/core/types.d.ts.map +1 -1
- package/dist/core/types.js.map +1 -1
- package/dist/core/worktreeDirtyCheck.d.ts +31 -0
- package/dist/core/worktreeDirtyCheck.d.ts.map +1 -0
- package/dist/core/worktreeDirtyCheck.js +129 -0
- package/dist/core/worktreeDirtyCheck.js.map +1 -0
- package/dist/monitoring/AccountSwitcher.d.ts.map +1 -1
- package/dist/monitoring/AccountSwitcher.js +12 -1
- package/dist/monitoring/AccountSwitcher.js.map +1 -1
- package/dist/monitoring/CredentialProvider.d.ts +32 -1
- package/dist/monitoring/CredentialProvider.d.ts.map +1 -1
- package/dist/monitoring/CredentialProvider.js +32 -2
- package/dist/monitoring/CredentialProvider.js.map +1 -1
- package/dist/monitoring/ResumeQueueDrainer.d.ts +6 -0
- package/dist/monitoring/ResumeQueueDrainer.d.ts.map +1 -1
- package/dist/monitoring/ResumeQueueDrainer.js +32 -2
- package/dist/monitoring/ResumeQueueDrainer.js.map +1 -1
- package/dist/monitoring/SessionReaper.d.ts +8 -0
- package/dist/monitoring/SessionReaper.d.ts.map +1 -1
- package/dist/monitoring/SessionReaper.js +18 -4
- package/dist/monitoring/SessionReaper.js.map +1 -1
- package/dist/scaffold/templates.d.ts.map +1 -1
- package/dist/scaffold/templates.js +1 -0
- package/dist/scaffold/templates.js.map +1 -1
- package/dist/server/routes.d.ts.map +1 -1
- package/dist/server/routes.js +15 -0
- package/dist/server/routes.js.map +1 -1
- package/package.json +1 -1
- package/src/data/builtin-manifest.json +47 -47
- package/src/scaffold/templates.ts +1 -0
- package/upgrades/1.3.538.md +51 -0
- package/upgrades/side-effects/build-session-yield-safety.md +58 -0
- package/upgrades/side-effects/ws52-step6-census-rerouting.md +143 -0
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/commands/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAgCH,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAS3D,OAAO,EAAE,eAAe,EAAiC,MAAM,iCAAiC,CAAC;AAuBjG,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAGvD,OAAO,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAC;AAiH7D,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAsBtD;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,yBAAyB,CACvC,IAAI,EAAE,MAAM,EACZ,OAAO,EAAE,MAAM,EACf,gBAAgB,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAC1C,OAAO,CAUT;AAyID,UAAU,YAAY;IACpB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;2DACuD;IACvD,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAm3CD,wBAAgB,mBAAmB,CACjC,QAAQ,EAAE,eAAe,EACzB,cAAc,EAAE,cAAc,EAC9B,YAAY,CAAC,EAAE,YAAY,EAC3B,WAAW,CAAC,EAAE,WAAW,EACzB,WAAW,CAAC,EAAE,WAAW,EACzB,iBAAiB,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC,OAAO,CAAC,EAGvE,UAAU,CAAC,EAAE,MAAM,OAAO,8BAA8B,EAAE,WAAW,GAAG,IAAI,EAK5E,qBAAqB,CAAC,EAAE,MAAM,OAAO,gCAAgC,EAAE,kBAAkB,GAAG,IAAI,EAKhG,mBAAmB,CAAC,EAAE,MAAM,MAAM,GAAG,IAAI,GAAG,SAAS,GACpD,IAAI,CA8eN;AA2lBD,wBAAsB,WAAW,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,
|
|
1
|
+
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/commands/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAgCH,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAS3D,OAAO,EAAE,eAAe,EAAiC,MAAM,iCAAiC,CAAC;AAuBjG,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAGvD,OAAO,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAC;AAiH7D,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAsBtD;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,yBAAyB,CACvC,IAAI,EAAE,MAAM,EACZ,OAAO,EAAE,MAAM,EACf,gBAAgB,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAC1C,OAAO,CAUT;AAyID,UAAU,YAAY;IACpB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;2DACuD;IACvD,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAm3CD,wBAAgB,mBAAmB,CACjC,QAAQ,EAAE,eAAe,EACzB,cAAc,EAAE,cAAc,EAC9B,YAAY,CAAC,EAAE,YAAY,EAC3B,WAAW,CAAC,EAAE,WAAW,EACzB,WAAW,CAAC,EAAE,WAAW,EACzB,iBAAiB,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC,OAAO,CAAC,EAGvE,UAAU,CAAC,EAAE,MAAM,OAAO,8BAA8B,EAAE,WAAW,GAAG,IAAI,EAK5E,qBAAqB,CAAC,EAAE,MAAM,OAAO,gCAAgC,EAAE,kBAAkB,GAAG,IAAI,EAKhG,mBAAmB,CAAC,EAAE,MAAM,MAAM,GAAG,IAAI,GAAG,SAAS,GACpD,IAAI,CA8eN;AA2lBD,wBAAsB,WAAW,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CA67atE;AAED,wBAAsB,UAAU,CAAC,OAAO,EAAE;IAAE,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAsDzE;AAED;;;;;;;;;;;GAWG;AACH,wBAAsB,aAAa,CAAC,OAAO,EAAE;IAAE,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAuD5E"}
|
package/dist/commands/server.js
CHANGED
|
@@ -6223,6 +6223,33 @@ export async function startServer(options) {
|
|
|
6223
6223
|
return;
|
|
6224
6224
|
notify('SUMMARY', 'session-resume', `๐ I restarted this session to pick the work back up after it was shut down mid-work.`, entry.topicId);
|
|
6225
6225
|
},
|
|
6226
|
+
// Build-Session Yield Safety (ACT-839) R2.2: present ONLY when the
|
|
6227
|
+
// dev-gated feature is live (its presence is the gate). Registers a
|
|
6228
|
+
// durable, beacon-enabled obligation so a STALLED revived session is
|
|
6229
|
+
// re-surfaced by PromiseBeacon; deduped per stableKey so a re-revival
|
|
6230
|
+
// refreshes rather than floods. The die-again case is covered by the
|
|
6231
|
+
// dev-live OrphanedWorkSentinel (#1113) โ no duplicate scanner here.
|
|
6232
|
+
onWorktreeRevival: resolveDevAgentGate(config.monitoring?.yieldSafety?.enabled, config)
|
|
6233
|
+
? (entry) => {
|
|
6234
|
+
if (!commitmentTracker || entry.topicId == null)
|
|
6235
|
+
return;
|
|
6236
|
+
const externalKey = `yield-safety:${entry.stableKey}`;
|
|
6237
|
+
try {
|
|
6238
|
+
if (commitmentTracker.getActive().some((c) => c.externalKey === externalKey))
|
|
6239
|
+
return; // dedup
|
|
6240
|
+
commitmentTracker.record({
|
|
6241
|
+
type: 'one-time-action',
|
|
6242
|
+
topicId: entry.topicId,
|
|
6243
|
+
source: 'sentinel',
|
|
6244
|
+
beaconEnabled: true,
|
|
6245
|
+
externalKey,
|
|
6246
|
+
userRequest: 'Session revived because its worktree held uncommitted work (ACT-839 yield-safety).',
|
|
6247
|
+
agentResponse: 'Commit the uncommitted worktree changes with a real, descriptive commit, or deliberately preserve/discard them, before yielding again.',
|
|
6248
|
+
});
|
|
6249
|
+
}
|
|
6250
|
+
catch { /* @silent-fallback-ok: best-effort obligation registration; a CommitmentTracker failure must never endanger the revival. */ }
|
|
6251
|
+
}
|
|
6252
|
+
: undefined,
|
|
6226
6253
|
raiseAggregated: raiseResumeAggregated,
|
|
6227
6254
|
audit: auditResumeQueue,
|
|
6228
6255
|
tier1Check: async (entry) => {
|
|
@@ -8488,6 +8515,60 @@ export async function startServer(options) {
|
|
|
8488
8515
|
if (subscriptionPool.size() > 0) {
|
|
8489
8516
|
console.log(pc.green(` Subscription pool: ${subscriptionPool.size()} account(s) registered`));
|
|
8490
8517
|
}
|
|
8518
|
+
// โโ Live credential re-pointing โ census consumer re-routing (WS5.2 Step 6) โโ
|
|
8519
|
+
// The CredentialLocationLedger is the machine-local source of truth for "which account is in
|
|
8520
|
+
// which config-home slot" once re-pointing is enabled. The CredentialLocationGate re-routes
|
|
8521
|
+
// the ยง2.2 census consumers (quota poll, spawn placement, in-use badge) through it. Ships DARK:
|
|
8522
|
+
// the gate reads `subscriptionPool.credentialRepointing.enabled` LIVE per call โ with the flag
|
|
8523
|
+
// off (always, while dark) every gate read returns the enrollment-home fallback, so every
|
|
8524
|
+
// consumer is byte-for-byte today's behavior. A never-seeded ledger is the same fallback (back-
|
|
8525
|
+
// compat); only UNKNOWN mode (corrupt on-disk) raises a HIGH attention item, never throws.
|
|
8526
|
+
const { CredentialLocationLedger } = await import('../core/CredentialLocationLedger.js');
|
|
8527
|
+
const { CredentialIdentityOracle } = await import('../core/CredentialIdentityOracle.js');
|
|
8528
|
+
const { CredentialLocationGate } = await import('../core/CredentialLocationGate.js');
|
|
8529
|
+
const credentialGateEmitAttention = telegram
|
|
8530
|
+
? (item) => void telegram.createAttentionItem({
|
|
8531
|
+
id: item.id,
|
|
8532
|
+
title: item.title,
|
|
8533
|
+
summary: item.summary,
|
|
8534
|
+
description: item.description,
|
|
8535
|
+
category: item.category,
|
|
8536
|
+
priority: item.priority,
|
|
8537
|
+
sourceContext: item.sourceContext,
|
|
8538
|
+
})
|
|
8539
|
+
: undefined;
|
|
8540
|
+
const credentialLocationLedger = new CredentialLocationLedger({
|
|
8541
|
+
stateDir: config.stateDir,
|
|
8542
|
+
pool: subscriptionPool,
|
|
8543
|
+
oracle: new CredentialIdentityOracle(),
|
|
8544
|
+
emitAttention: credentialGateEmitAttention,
|
|
8545
|
+
});
|
|
8546
|
+
const credentialLocationGate = new CredentialLocationGate({
|
|
8547
|
+
// Live flag read โ a restartless config flip is honored on the next read.
|
|
8548
|
+
isEnabled: () => config.subscriptionPool?.credentialRepointing?.enabled === true,
|
|
8549
|
+
ledger: credentialLocationLedger,
|
|
8550
|
+
emitAttention: credentialGateEmitAttention,
|
|
8551
|
+
});
|
|
8552
|
+
// Census #9: the manager-level competing-writer refusal gate. Installed process-wide so
|
|
8553
|
+
// AccountSwitcher / `/switch-account` / autoMigrate refuse a write to a repointing-owned slot
|
|
8554
|
+
// at the funnel chokepoint, not just on a route. Refuses ONLY when re-pointing is enabled AND
|
|
8555
|
+
// the ledger holds a tenant for the (canonicalized) slot.
|
|
8556
|
+
const { setCredentialWriteRefusalGate } = await import('../monitoring/CredentialProvider.js');
|
|
8557
|
+
const { credentialSlotKey: canonicalizeSlot } = await import('../core/OAuthRefresher.js');
|
|
8558
|
+
setCredentialWriteRefusalGate({
|
|
8559
|
+
shouldRefuse: (canonicalSlot) => {
|
|
8560
|
+
if (config.subscriptionPool?.credentialRepointing?.enabled !== true)
|
|
8561
|
+
return false;
|
|
8562
|
+
// The funnel passes a canonicalized slot key, but the ledger stores raw enrollment-home
|
|
8563
|
+
// spellings (`~/.claude`, an enrollment path). Compare canonical-to-canonical so a
|
|
8564
|
+
// repointing-owned slot is recognized regardless of spelling.
|
|
8565
|
+
return credentialLocationLedger
|
|
8566
|
+
.getAssignments()
|
|
8567
|
+
.some((a) => !!a.accountId && canonicalizeSlot(a.slot) === canonicalSlot);
|
|
8568
|
+
},
|
|
8569
|
+
});
|
|
8570
|
+
// Census #5/#6: spawn placement resolves a pinned account's home through the gate (no-op dark).
|
|
8571
|
+
sessionManager.setCredentialLocationGate(credentialLocationGate);
|
|
8491
8572
|
// QuotaPoller โ per-account live quota reader (P1.2 of the Subscription &
|
|
8492
8573
|
// Auth Standard). Reads each account's 5h/weekly utilization + reset dates
|
|
8493
8574
|
// via the OAuth usage endpoint (transient per-account token, never persisted)
|
|
@@ -8499,6 +8580,8 @@ export async function startServer(options) {
|
|
|
8499
8580
|
const quotaPoller = new QuotaPoller({
|
|
8500
8581
|
pool: subscriptionPool,
|
|
8501
8582
|
logger: { log: (m) => console.log(m), warn: (m) => console.warn(m) },
|
|
8583
|
+
// Census #1โ#4: resolve each account's LIVE slot through the ledger (no-op while dark).
|
|
8584
|
+
locationGate: credentialLocationGate,
|
|
8502
8585
|
});
|
|
8503
8586
|
if (subscriptionPool.size() > 0) {
|
|
8504
8587
|
quotaPoller.start();
|
|
@@ -8508,7 +8591,9 @@ export async function startServer(options) {
|
|
|
8508
8591
|
// right now" for the dashboard "in use" badge (read-only; cached probe of
|
|
8509
8592
|
// `claude auth status`). One shared instance so the TTL cache is honored.
|
|
8510
8593
|
const { InUseAccountResolver } = await import('../core/InUseAccountResolver.js');
|
|
8511
|
-
|
|
8594
|
+
// Census #8 (the E4a liar): when re-pointing is enabled and the ledger knows the `~/.claude`
|
|
8595
|
+
// tenant, the badge resolves from the ledger โ NOT a stale `claude auth status` re-probe.
|
|
8596
|
+
const inUseAccountResolver = new InUseAccountResolver({ locationGate: credentialLocationGate });
|
|
8512
8597
|
// EnrollmentWizard โ mobile-first new-account login (P2.1 of the Subscription
|
|
8513
8598
|
// & Auth Standard). Dark with the pool: the /subscription-pool/enroll routes
|
|
8514
8599
|
// do nothing until an operator starts an enrollment. The login driver reuses
|
|
@@ -11948,8 +12033,29 @@ export async function startServer(options) {
|
|
|
11948
12033
|
}
|
|
11949
12034
|
// (setAwakeChecker is wired earlier, before the boot purge, so the purge is
|
|
11950
12035
|
// lease-gated โ see the ยงP3/ยงP4 block above.)
|
|
12036
|
+
// Build-Session Yield Safety (ACT-839): construct the bounded, cached
|
|
12037
|
+
// worktreeDirtyCheck and inject it into the reaper ONLY when the dev-gated
|
|
12038
|
+
// yieldSafety feature is live (its mere presence is the gate). Dev-enabled,
|
|
12039
|
+
// dark on the fleet, per the Maturation Path standard.
|
|
12040
|
+
let _yieldSafetyDirtyCheck;
|
|
12041
|
+
if (resolveDevAgentGate(config.monitoring?.yieldSafety?.enabled, config)) {
|
|
12042
|
+
const ysCfg = config.monitoring?.yieldSafety ?? {};
|
|
12043
|
+
const { makeWorktreeDirtyCheck } = await import('../core/worktreeDirtyCheck.js');
|
|
12044
|
+
const { SafeGitExecutor } = await import('../core/SafeGitExecutor.js');
|
|
12045
|
+
_yieldSafetyDirtyCheck = makeWorktreeDirtyCheck({
|
|
12046
|
+
readGit: (args, cwd) => SafeGitExecutor.readSync(args, {
|
|
12047
|
+
cwd, encoding: 'utf-8',
|
|
12048
|
+
timeout: ysCfg.dirtyCheckTimeoutMs ?? 5_000,
|
|
12049
|
+
operation: 'src/core/worktreeDirtyCheck.ts (yield-safety)',
|
|
12050
|
+
sourceTreeReadOk: true,
|
|
12051
|
+
sourceTreeWorktreeManagerOk: true,
|
|
12052
|
+
}),
|
|
12053
|
+
config: { residueDenylist: ysCfg.residueDenylist, cacheTtlMs: ysCfg.dirtyCheckCacheTtlMs },
|
|
12054
|
+
});
|
|
12055
|
+
}
|
|
11951
12056
|
const sessionReaper = new SessionReaper({
|
|
11952
12057
|
...reapGuardDeps,
|
|
12058
|
+
dirtyCheck: _yieldSafetyDirtyCheck,
|
|
11953
12059
|
listRunningSessions: () => sessionManager.listRunningSessions(),
|
|
11954
12060
|
captureOutput: (s, n) => sessionManager.captureOutput(s, n) ?? '',
|
|
11955
12061
|
frameworkForSession: (s) => sessionManager.frameworkForSession(s),
|