instar 1.3.537 → 1.3.539

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (63) hide show
  1. package/dist/commands/server.d.ts.map +1 -1
  2. package/dist/commands/server.js +133 -2
  3. package/dist/commands/server.js.map +1 -1
  4. package/dist/core/CredentialAuditEmit.d.ts +82 -0
  5. package/dist/core/CredentialAuditEmit.d.ts.map +1 -0
  6. package/dist/core/CredentialAuditEmit.js +132 -0
  7. package/dist/core/CredentialAuditEmit.js.map +1 -0
  8. package/dist/core/CredentialLocationGate.d.ts +99 -0
  9. package/dist/core/CredentialLocationGate.d.ts.map +1 -0
  10. package/dist/core/CredentialLocationGate.js +127 -0
  11. package/dist/core/CredentialLocationGate.js.map +1 -0
  12. package/dist/core/CredentialManualLevers.d.ts +57 -0
  13. package/dist/core/CredentialManualLevers.d.ts.map +1 -0
  14. package/dist/core/CredentialManualLevers.js +0 -0
  15. package/dist/core/CredentialManualLevers.js.map +1 -0
  16. package/dist/core/CredentialRestoreEnrollment.d.ts +76 -0
  17. package/dist/core/CredentialRestoreEnrollment.d.ts.map +1 -0
  18. package/dist/core/CredentialRestoreEnrollment.js +76 -0
  19. package/dist/core/CredentialRestoreEnrollment.js.map +1 -0
  20. package/dist/core/CredentialSwapExecutor.d.ts +10 -0
  21. package/dist/core/CredentialSwapExecutor.d.ts.map +1 -1
  22. package/dist/core/CredentialSwapExecutor.js +19 -0
  23. package/dist/core/CredentialSwapExecutor.js.map +1 -1
  24. package/dist/core/InUseAccountResolver.d.ts +28 -1
  25. package/dist/core/InUseAccountResolver.d.ts.map +1 -1
  26. package/dist/core/InUseAccountResolver.js +34 -1
  27. package/dist/core/InUseAccountResolver.js.map +1 -1
  28. package/dist/core/QuotaPoller.d.ts +22 -0
  29. package/dist/core/QuotaPoller.d.ts.map +1 -1
  30. package/dist/core/QuotaPoller.js +42 -8
  31. package/dist/core/QuotaPoller.js.map +1 -1
  32. package/dist/core/SessionManager.d.ts +19 -0
  33. package/dist/core/SessionManager.d.ts.map +1 -1
  34. package/dist/core/SessionManager.js +37 -5
  35. package/dist/core/SessionManager.js.map +1 -1
  36. package/dist/core/types.d.ts +7 -0
  37. package/dist/core/types.d.ts.map +1 -1
  38. package/dist/core/types.js.map +1 -1
  39. package/dist/monitoring/AccountSwitcher.d.ts.map +1 -1
  40. package/dist/monitoring/AccountSwitcher.js +12 -1
  41. package/dist/monitoring/AccountSwitcher.js.map +1 -1
  42. package/dist/monitoring/CredentialProvider.d.ts +32 -1
  43. package/dist/monitoring/CredentialProvider.d.ts.map +1 -1
  44. package/dist/monitoring/CredentialProvider.js +32 -2
  45. package/dist/monitoring/CredentialProvider.js.map +1 -1
  46. package/dist/server/AgentServer.d.ts +1 -0
  47. package/dist/server/AgentServer.d.ts.map +1 -1
  48. package/dist/server/AgentServer.js +1 -0
  49. package/dist/server/AgentServer.js.map +1 -1
  50. package/dist/server/CapabilityIndex.d.ts.map +1 -1
  51. package/dist/server/CapabilityIndex.js +16 -0
  52. package/dist/server/CapabilityIndex.js.map +1 -1
  53. package/dist/server/routes.d.ts +20 -0
  54. package/dist/server/routes.d.ts.map +1 -1
  55. package/dist/server/routes.js +228 -0
  56. package/dist/server/routes.js.map +1 -1
  57. package/package.json +1 -1
  58. package/src/data/builtin-manifest.json +48 -48
  59. package/upgrades/1.3.538.md +51 -0
  60. package/upgrades/1.3.539.md +29 -0
  61. package/upgrades/side-effects/ws52-step6-census-rerouting.md +143 -0
  62. package/upgrades/side-effects/ws52-step7-routes-audit.md +39 -0
  63. package/upgrades/1.3.537.md +0 -27
@@ -1 +1 @@
1
- {"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/commands/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAgCH,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAS3D,OAAO,EAAE,eAAe,EAAiC,MAAM,iCAAiC,CAAC;AAuBjG,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAGvD,OAAO,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAC;AAiH7D,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAsBtD;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,yBAAyB,CACvC,IAAI,EAAE,MAAM,EACZ,OAAO,EAAE,MAAM,EACf,gBAAgB,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAC1C,OAAO,CAUT;AAyID,UAAU,YAAY;IACpB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;2DACuD;IACvD,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAm3CD,wBAAgB,mBAAmB,CACjC,QAAQ,EAAE,eAAe,EACzB,cAAc,EAAE,cAAc,EAC9B,YAAY,CAAC,EAAE,YAAY,EAC3B,WAAW,CAAC,EAAE,WAAW,EACzB,WAAW,CAAC,EAAE,WAAW,EACzB,iBAAiB,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC,OAAO,CAAC,EAGvE,UAAU,CAAC,EAAE,MAAM,OAAO,8BAA8B,EAAE,WAAW,GAAG,IAAI,EAK5E,qBAAqB,CAAC,EAAE,MAAM,OAAO,gCAAgC,EAAE,kBAAkB,GAAG,IAAI,EAKhG,mBAAmB,CAAC,EAAE,MAAM,MAAM,GAAG,IAAI,GAAG,SAAS,GACpD,IAAI,CA8eN;AA2lBD,wBAAsB,WAAW,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CAk4atE;AAED,wBAAsB,UAAU,CAAC,OAAO,EAAE;IAAE,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAsDzE;AAED;;;;;;;;;;;GAWG;AACH,wBAAsB,aAAa,CAAC,OAAO,EAAE;IAAE,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAuD5E"}
1
+ {"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/commands/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAgCH,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAS3D,OAAO,EAAE,eAAe,EAAiC,MAAM,iCAAiC,CAAC;AAuBjG,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAGvD,OAAO,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAC;AAiH7D,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAsBtD;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,yBAAyB,CACvC,IAAI,EAAE,MAAM,EACZ,OAAO,EAAE,MAAM,EACf,gBAAgB,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAC1C,OAAO,CAUT;AAyID,UAAU,YAAY;IACpB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;2DACuD;IACvD,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAm3CD,wBAAgB,mBAAmB,CACjC,QAAQ,EAAE,eAAe,EACzB,cAAc,EAAE,cAAc,EAC9B,YAAY,CAAC,EAAE,YAAY,EAC3B,WAAW,CAAC,EAAE,WAAW,EACzB,WAAW,CAAC,EAAE,WAAW,EACzB,iBAAiB,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC,OAAO,CAAC,EAGvE,UAAU,CAAC,EAAE,MAAM,OAAO,8BAA8B,EAAE,WAAW,GAAG,IAAI,EAK5E,qBAAqB,CAAC,EAAE,MAAM,OAAO,gCAAgC,EAAE,kBAAkB,GAAG,IAAI,EAKhG,mBAAmB,CAAC,EAAE,MAAM,MAAM,GAAG,IAAI,GAAG,SAAS,GACpD,IAAI,CA8eN;AA2lBD,wBAAsB,WAAW,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CA6/atE;AAED,wBAAsB,UAAU,CAAC,OAAO,EAAE;IAAE,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAsDzE;AAED;;;;;;;;;;;GAWG;AACH,wBAAsB,aAAa,CAAC,OAAO,EAAE;IAAE,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAuD5E"}
@@ -8515,6 +8515,133 @@ export async function startServer(options) {
8515
8515
  if (subscriptionPool.size() > 0) {
8516
8516
  console.log(pc.green(` Subscription pool: ${subscriptionPool.size()} account(s) registered`));
8517
8517
  }
8518
+ // ── Live credential re-pointing — census consumer re-routing (WS5.2 Step 6) ──
8519
+ // The CredentialLocationLedger is the machine-local source of truth for "which account is in
8520
+ // which config-home slot" once re-pointing is enabled. The CredentialLocationGate re-routes
8521
+ // the §2.2 census consumers (quota poll, spawn placement, in-use badge) through it. Ships DARK:
8522
+ // the gate reads `subscriptionPool.credentialRepointing.enabled` LIVE per call — with the flag
8523
+ // off (always, while dark) every gate read returns the enrollment-home fallback, so every
8524
+ // consumer is byte-for-byte today's behavior. A never-seeded ledger is the same fallback (back-
8525
+ // compat); only UNKNOWN mode (corrupt on-disk) raises a HIGH attention item, never throws.
8526
+ const { CredentialLocationLedger } = await import('../core/CredentialLocationLedger.js');
8527
+ const { CredentialIdentityOracle } = await import('../core/CredentialIdentityOracle.js');
8528
+ const { CredentialLocationGate } = await import('../core/CredentialLocationGate.js');
8529
+ const credentialGateEmitAttention = telegram
8530
+ ? (item) => void telegram.createAttentionItem({
8531
+ id: item.id,
8532
+ title: item.title,
8533
+ summary: item.summary,
8534
+ description: item.description,
8535
+ category: item.category,
8536
+ priority: item.priority,
8537
+ sourceContext: item.sourceContext,
8538
+ })
8539
+ : undefined;
8540
+ const credentialLocationLedger = new CredentialLocationLedger({
8541
+ stateDir: config.stateDir,
8542
+ pool: subscriptionPool,
8543
+ oracle: new CredentialIdentityOracle(),
8544
+ emitAttention: credentialGateEmitAttention,
8545
+ });
8546
+ const credentialLocationGate = new CredentialLocationGate({
8547
+ // Live flag read — a restartless config flip is honored on the next read.
8548
+ isEnabled: () => config.subscriptionPool?.credentialRepointing?.enabled === true,
8549
+ ledger: credentialLocationLedger,
8550
+ emitAttention: credentialGateEmitAttention,
8551
+ });
8552
+ // Census #9: the manager-level competing-writer refusal gate. Installed process-wide so
8553
+ // AccountSwitcher / `/switch-account` / autoMigrate refuse a write to a repointing-owned slot
8554
+ // at the funnel chokepoint, not just on a route. Refuses ONLY when re-pointing is enabled AND
8555
+ // the ledger holds a tenant for the (canonicalized) slot.
8556
+ const { setCredentialWriteRefusalGate } = await import('../monitoring/CredentialProvider.js');
8557
+ const { credentialSlotKey: canonicalizeSlot } = await import('../core/OAuthRefresher.js');
8558
+ setCredentialWriteRefusalGate({
8559
+ shouldRefuse: (canonicalSlot) => {
8560
+ if (config.subscriptionPool?.credentialRepointing?.enabled !== true)
8561
+ return false;
8562
+ // The funnel passes a canonicalized slot key, but the ledger stores raw enrollment-home
8563
+ // spellings (`~/.claude`, an enrollment path). Compare canonical-to-canonical so a
8564
+ // repointing-owned slot is recognized regardless of spelling.
8565
+ return credentialLocationLedger
8566
+ .getAssignments()
8567
+ .some((a) => !!a.accountId && canonicalizeSlot(a.slot) === canonicalSlot);
8568
+ },
8569
+ });
8570
+ // Census #5/#6: spawn placement resolves a pinned account's home through the gate (no-op dark).
8571
+ sessionManager.setCredentialLocationGate(credentialLocationGate);
8572
+ // ── WS5.2 Step 7 — manual levers + audit-scrub chokepoint ──
8573
+ // The CredentialAuditEmit is the SINGLE secret-scrub chokepoint: every credential-swaps.jsonl
8574
+ // write, every /credentials/* response body, and every attention-item routes through its
8575
+ // scrub() (reuses redactToken). The CredentialSwapExecutor is CONSTRUCTED + run live HERE (the
8576
+ // Step-5 residual closes). Both ship DARK — the executor's own `config.enabled`/`dryRun` gate
8577
+ // (read from `subscriptionPool.credentialRepointing`) makes it a strict no-op while dark, and
8578
+ // the routes 503/no-op on the same flag, so this is byte-for-byte today's behavior.
8579
+ const { CredentialAuditEmit } = await import('../core/CredentialAuditEmit.js');
8580
+ const { CredentialSwapExecutor } = await import('../core/CredentialSwapExecutor.js');
8581
+ const { CredentialManualLevers } = await import('../core/CredentialManualLevers.js');
8582
+ const { credentialWriteFunnel } = await import('../core/CredentialWriteFunnel.js');
8583
+ const { defaultKeychainExec } = await import('../core/CredentialSwapExecutor.js');
8584
+ const { claudeCredentialService: credSwapService } = await import('../core/OAuthRefresher.js');
8585
+ const credSwapsLogPath = path.join(config.stateDir, 'logs', 'credential-swaps.jsonl');
8586
+ const credentialAuditEmit = new CredentialAuditEmit({
8587
+ writeLine: (line) => { try {
8588
+ fs.appendFileSync(credSwapsLogPath, line);
8589
+ }
8590
+ catch { /* @silent-fallback-ok: audit jsonl is observability; the swap is the load-bearing action and is unaffected. The line was scrubbed before this write, so a failure leaks nothing. */ } },
8591
+ emitAttention: credentialGateEmitAttention,
8592
+ });
8593
+ // Compose the host identity resolver: REAL oracle (slot blob → email) → pool (email → accountId).
8594
+ const { CredentialIdentityOracle: CredSwapOracle } = await import('../core/CredentialIdentityOracle.js');
8595
+ const credSwapOracle = new CredSwapOracle();
8596
+ const credResolveIdentity = async (slot) => {
8597
+ const r = await credSwapOracle.resolveSlotTenant(slot);
8598
+ if (r.unavailable || !r.email)
8599
+ return { unavailable: true, reason: r.reason ?? 'oracle unavailable' };
8600
+ const matches = subscriptionPool.list().filter((a) => a.email && a.email === r.email);
8601
+ if (matches.length !== 1)
8602
+ return { unavailable: true, reason: `ambiguous/unknown email (${matches.length} pool matches)` };
8603
+ return { accountId: matches[0].id };
8604
+ };
8605
+ const credentialSwapExecutor = new CredentialSwapExecutor({
8606
+ funnel: credentialWriteFunnel,
8607
+ ledger: credentialLocationLedger,
8608
+ resolveIdentity: credResolveIdentity,
8609
+ // The executor reads the SAME dark gate the routes do — strict no-op while disabled.
8610
+ config: {
8611
+ enabled: config.subscriptionPool?.credentialRepointing?.enabled === true,
8612
+ dryRun: config.subscriptionPool?.credentialRepointing?.dryRun !== false,
8613
+ },
8614
+ emitAudit: (rec) => credentialAuditEmit.audit({ event: 'swap-step', ...rec }),
8615
+ emitAttention: (item) => void credentialAuditEmit.attention(item),
8616
+ onSlotsChanged: (slots) => { try {
8617
+ inUseAccountResolver.bustCache?.();
8618
+ }
8619
+ catch { /* @silent-fallback-ok: cache-bust is an observability nicety (a stale badge self-corrects at TTL); a throwing consumer must never break the committed swap */ } void slots; },
8620
+ });
8621
+ const credentialManualLevers = new CredentialManualLevers({
8622
+ maxForcedPerWindow: config.subscriptionPool?.credentialRepointing?.maxForcedManualSwapsPerWindow,
8623
+ forcedWindowMs: config.subscriptionPool?.credentialRepointing?.forcedManualSwapWindowMs,
8624
+ });
8625
+ const credentialRepointing = {
8626
+ ledger: credentialLocationLedger,
8627
+ swapExecutor: credentialSwapExecutor,
8628
+ resolveIdentity: credResolveIdentity,
8629
+ audit: credentialAuditEmit,
8630
+ levers: credentialManualLevers,
8631
+ readBlob: async (slot) => {
8632
+ const raw = await defaultKeychainExec.readService(credSwapService(slot));
8633
+ if (!raw)
8634
+ return null;
8635
+ try {
8636
+ const parsed = JSON.parse(raw);
8637
+ const oauth = (parsed?.claudeAiOauth ?? null);
8638
+ return { raw, oauth };
8639
+ }
8640
+ catch {
8641
+ return { raw, oauth: null }; // @silent-fallback-ok: unparseable blob → coherence classifier parks it one-directionally (never exchanged); the raw is returned only so the classifier sees "has-raw-but-no-oauth"
8642
+ }
8643
+ },
8644
+ };
8518
8645
  // QuotaPoller — per-account live quota reader (P1.2 of the Subscription &
8519
8646
  // Auth Standard). Reads each account's 5h/weekly utilization + reset dates
8520
8647
  // via the OAuth usage endpoint (transient per-account token, never persisted)
@@ -8526,6 +8653,8 @@ export async function startServer(options) {
8526
8653
  const quotaPoller = new QuotaPoller({
8527
8654
  pool: subscriptionPool,
8528
8655
  logger: { log: (m) => console.log(m), warn: (m) => console.warn(m) },
8656
+ // Census #1–#4: resolve each account's LIVE slot through the ledger (no-op while dark).
8657
+ locationGate: credentialLocationGate,
8529
8658
  });
8530
8659
  if (subscriptionPool.size() > 0) {
8531
8660
  quotaPoller.start();
@@ -8535,7 +8664,9 @@ export async function startServer(options) {
8535
8664
  // right now" for the dashboard "in use" badge (read-only; cached probe of
8536
8665
  // `claude auth status`). One shared instance so the TTL cache is honored.
8537
8666
  const { InUseAccountResolver } = await import('../core/InUseAccountResolver.js');
8538
- const inUseAccountResolver = new InUseAccountResolver({});
8667
+ // Census #8 (the E4a liar): when re-pointing is enabled and the ledger knows the `~/.claude`
8668
+ // tenant, the badge resolves from the ledger — NOT a stale `claude auth status` re-probe.
8669
+ const inUseAccountResolver = new InUseAccountResolver({ locationGate: credentialLocationGate });
8539
8670
  // EnrollmentWizard — mobile-first new-account login (P2.1 of the Subscription
8540
8671
  // & Auth Standard). Dark with the pool: the /subscription-pool/enroll routes
8541
8672
  // do nothing until an operator starts an enrollment. The login driver reuses
@@ -15117,7 +15248,7 @@ export async function startServer(options) {
15117
15248
  carrier: _topicProfileCarrier,
15118
15249
  }
15119
15250
  : null;
15120
- const server = new AgentServer({ config, sessionManager, state, scheduler, telegram, relationships, feedback, feedbackAnomalyDetector, dispatches, updateChecker, autoUpdater, autoDispatcher, quotaTracker, quotaManager, publisher, viewer, tunnel, evolution, watchdog, topicMemory, triageNurse, projectMapper, cartographer: cartographer ?? undefined, coherenceGate: scopeVerifier, contextHierarchy, canonicalState, operationGate, sentinel, adaptiveTrust, memoryMonitor, orphanReaper, coherenceMonitor, commitmentTracker, subscriptionPool, quotaPoller, quotaAwareScheduler: _quotaAwareScheduler ?? undefined, proactiveSwapMonitor: _proactiveSwapMonitor ?? undefined, inUseAccountResolver, enrollmentWizard, semanticMemory, activitySentinel, rateLimitSentinel, releaseReadinessSentinel: releaseReadinessSentinel ?? undefined, greenPrAutoMerger: greenPrAutoMerger ?? undefined, guardLatchStore: guardLatchStore ?? undefined, messageRouter, summarySentinel, spawnManager, systemReviewer, capabilityMapper, selfKnowledgeTree, coverageAuditor, topicResumeMap: _topicResumeMap ?? undefined, topicProfile: _topicProfileCtx ?? undefined, sessionRefresh: _sessionRefresh ?? undefined, autonomyManager, trustElevationTracker, autonomousEvolution, coordinator: coordinator.enabled ? coordinator : undefined, localSigningKeyPem, leaseTransport, onLeasePullRequest: () => leaseCoordinatorRef?.currentLease() ?? null, liveTailReceiver, handoffWireTransport, onHandoffBegin, onHandoffInitiate: handoffInitiate, handoffInProgress: handoffSentinelInProgress, messageLedger, currentInboundByTopic, replyMarkerTransport, onReplyMarker: messageLedger ? (marker) => { const m = marker; messageLedger.applyRemoteReplyMarker(m.dedupeKey, { platform: m.platform, replyIdempotencyKey: m.replyIdempotencyKey, epoch: m.epoch, topic: m.topic ?? null }); } : undefined, whatsapp: whatsappAdapter, slack: slackAdapter, imessage: imessageAdapter, whatsappBusinessBackend, messageBridge, hookEventReceiver, worktreeMonitor, subagentTracker, instructionsVerifier, handshakeManager: threadlineHandshake, threadlineRouter, conversationStore, threadLog, threadMessageRecorder, warrantsReplyGate, collaborationSurfacer, threadResumeMap, topicLinkageHandler: topicLinkageHandler ?? undefined, threadlineRelayClient, threadlineReplyWaiters, listenerManager: listenerManager ?? undefined, a2aDeliveryTracker: a2aDeliveryTracker ?? undefined, responseReviewGate, messagingToneGate, outboundDedupGate, telemetryHeartbeat, pasteManager, featureRegistry, discoveryEvaluator, completionEvaluator, unifiedTrust, liveConfig, sharedStateLedger, ledgerSessionRegistry, worktreeManager, oidcEnrolledRepos: parallelDevConfig?.oidcEnrolledRepos, initiativeTracker, projectRoundRunner, projectDriftChecker, machineHeartbeat, machinePoolRegistry, getInboundQueue: () => _inboundQueue, meshRpcDispatcher, workingSetPullCoordinator, commitmentReplicaStore, preferenceReplicaStore, conflictStore, rollbackUnmerge, droppedOriginRegistry, preferencesUnionReader, forwardCommitmentMutate, sessionOwnershipRegistry, topicPinStore: _topicPinStore ?? undefined, streamTicketStore: _streamTicketStore ?? undefined, poolStreamAllowRemoteInput: config.dashboard?.poolStream?.allowRemoteInput ?? false, poolStreamConnector: _poolStreamConnector ?? undefined, secretSync: _secretSyncHandle ?? undefined, meshSelfId: _meshSelfId ?? undefined, resolveRouterUrl: _resolveRouterUrl ?? undefined, resolvePeerUrls: _resolvePeerUrls ?? undefined, guardRegistry, listPoolMachines: _listPoolMachines ?? undefined, poolLink: _poolLink ?? undefined, sessionPoolE2EResultStore, proxyCoordinator, topicIntentStore, topicIntentArcCheck, usherSignalStore, intelligence: sharedIntelligence ?? undefined, telegramBridgeConfig, telegramBridge: telegramBridge ?? undefined, threadlineObservability, briefDeps, workingMemory, taskFlowRegistry, threadlineFlowBridge, sessionReaper, agentWorktreeReaper, orphanedWorkSentinel, mcpProcessReaper, geminiLoopRunner, sleepController, agentActivityState, reapLog, resumeQueue, resumeDrainer, operatorStopRecorder: recordOperatorStop, sleepWakeDetector, unjustifiedStopGate, stopGateDb, stopNotifier }); // Resolve the late-bound topic-operator getter (increment 2e): routing was
15251
+ const server = new AgentServer({ config, sessionManager, state, scheduler, telegram, relationships, feedback, feedbackAnomalyDetector, dispatches, updateChecker, autoUpdater, autoDispatcher, quotaTracker, quotaManager, publisher, viewer, tunnel, evolution, watchdog, topicMemory, triageNurse, projectMapper, cartographer: cartographer ?? undefined, coherenceGate: scopeVerifier, contextHierarchy, canonicalState, operationGate, sentinel, adaptiveTrust, memoryMonitor, orphanReaper, coherenceMonitor, commitmentTracker, subscriptionPool, quotaPoller, quotaAwareScheduler: _quotaAwareScheduler ?? undefined, proactiveSwapMonitor: _proactiveSwapMonitor ?? undefined, inUseAccountResolver, enrollmentWizard, credentialRepointing, semanticMemory, activitySentinel, rateLimitSentinel, releaseReadinessSentinel: releaseReadinessSentinel ?? undefined, greenPrAutoMerger: greenPrAutoMerger ?? undefined, guardLatchStore: guardLatchStore ?? undefined, messageRouter, summarySentinel, spawnManager, systemReviewer, capabilityMapper, selfKnowledgeTree, coverageAuditor, topicResumeMap: _topicResumeMap ?? undefined, topicProfile: _topicProfileCtx ?? undefined, sessionRefresh: _sessionRefresh ?? undefined, autonomyManager, trustElevationTracker, autonomousEvolution, coordinator: coordinator.enabled ? coordinator : undefined, localSigningKeyPem, leaseTransport, onLeasePullRequest: () => leaseCoordinatorRef?.currentLease() ?? null, liveTailReceiver, handoffWireTransport, onHandoffBegin, onHandoffInitiate: handoffInitiate, handoffInProgress: handoffSentinelInProgress, messageLedger, currentInboundByTopic, replyMarkerTransport, onReplyMarker: messageLedger ? (marker) => { const m = marker; messageLedger.applyRemoteReplyMarker(m.dedupeKey, { platform: m.platform, replyIdempotencyKey: m.replyIdempotencyKey, epoch: m.epoch, topic: m.topic ?? null }); } : undefined, whatsapp: whatsappAdapter, slack: slackAdapter, imessage: imessageAdapter, whatsappBusinessBackend, messageBridge, hookEventReceiver, worktreeMonitor, subagentTracker, instructionsVerifier, handshakeManager: threadlineHandshake, threadlineRouter, conversationStore, threadLog, threadMessageRecorder, warrantsReplyGate, collaborationSurfacer, threadResumeMap, topicLinkageHandler: topicLinkageHandler ?? undefined, threadlineRelayClient, threadlineReplyWaiters, listenerManager: listenerManager ?? undefined, a2aDeliveryTracker: a2aDeliveryTracker ?? undefined, responseReviewGate, messagingToneGate, outboundDedupGate, telemetryHeartbeat, pasteManager, featureRegistry, discoveryEvaluator, completionEvaluator, unifiedTrust, liveConfig, sharedStateLedger, ledgerSessionRegistry, worktreeManager, oidcEnrolledRepos: parallelDevConfig?.oidcEnrolledRepos, initiativeTracker, projectRoundRunner, projectDriftChecker, machineHeartbeat, machinePoolRegistry, getInboundQueue: () => _inboundQueue, meshRpcDispatcher, workingSetPullCoordinator, commitmentReplicaStore, preferenceReplicaStore, conflictStore, rollbackUnmerge, droppedOriginRegistry, preferencesUnionReader, forwardCommitmentMutate, sessionOwnershipRegistry, topicPinStore: _topicPinStore ?? undefined, streamTicketStore: _streamTicketStore ?? undefined, poolStreamAllowRemoteInput: config.dashboard?.poolStream?.allowRemoteInput ?? false, poolStreamConnector: _poolStreamConnector ?? undefined, secretSync: _secretSyncHandle ?? undefined, meshSelfId: _meshSelfId ?? undefined, resolveRouterUrl: _resolveRouterUrl ?? undefined, resolvePeerUrls: _resolvePeerUrls ?? undefined, guardRegistry, listPoolMachines: _listPoolMachines ?? undefined, poolLink: _poolLink ?? undefined, sessionPoolE2EResultStore, proxyCoordinator, topicIntentStore, topicIntentArcCheck, usherSignalStore, intelligence: sharedIntelligence ?? undefined, telegramBridgeConfig, telegramBridge: telegramBridge ?? undefined, threadlineObservability, briefDeps, workingMemory, taskFlowRegistry, threadlineFlowBridge, sessionReaper, agentWorktreeReaper, orphanedWorkSentinel, mcpProcessReaper, geminiLoopRunner, sleepController, agentActivityState, reapLog, resumeQueue, resumeDrainer, operatorStopRecorder: recordOperatorStop, sleepWakeDetector, unjustifiedStopGate, stopGateDb, stopNotifier }); // Resolve the late-bound topic-operator getter (increment 2e): routing was
15121
15252
  // wired before the server existed; from here on inbound binds use the
15122
15253
  // server's own store instance.
15123
15254
  _agentServerRef = server;