instar 1.3.539 → 1.3.541

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (44) hide show
  1. package/dist/commands/server.d.ts.map +1 -1
  2. package/dist/commands/server.js +37 -7
  3. package/dist/commands/server.js.map +1 -1
  4. package/dist/config/ConfigDefaults.d.ts.map +1 -1
  5. package/dist/config/ConfigDefaults.js +23 -21
  6. package/dist/config/ConfigDefaults.js.map +1 -1
  7. package/dist/core/CredentialEnvTokenGate.d.ts +98 -0
  8. package/dist/core/CredentialEnvTokenGate.d.ts.map +1 -0
  9. package/dist/core/CredentialEnvTokenGate.js +103 -0
  10. package/dist/core/CredentialEnvTokenGate.js.map +1 -0
  11. package/dist/core/PostUpdateMigrator.d.ts +1 -0
  12. package/dist/core/PostUpdateMigrator.d.ts.map +1 -1
  13. package/dist/core/PostUpdateMigrator.js +83 -0
  14. package/dist/core/PostUpdateMigrator.js.map +1 -1
  15. package/dist/core/SessionManager.d.ts.map +1 -1
  16. package/dist/core/SessionManager.js +27 -0
  17. package/dist/core/SessionManager.js.map +1 -1
  18. package/dist/core/devGatedFeatures.d.ts +12 -1
  19. package/dist/core/devGatedFeatures.d.ts.map +1 -1
  20. package/dist/core/devGatedFeatures.js +51 -37
  21. package/dist/core/devGatedFeatures.js.map +1 -1
  22. package/dist/core/types.d.ts +18 -0
  23. package/dist/core/types.d.ts.map +1 -1
  24. package/dist/core/types.js.map +1 -1
  25. package/dist/monitoring/guardManifest.js +4 -4
  26. package/dist/monitoring/guardManifest.js.map +1 -1
  27. package/dist/server/AgentServer.d.ts.map +1 -1
  28. package/dist/server/AgentServer.js +15 -11
  29. package/dist/server/AgentServer.js.map +1 -1
  30. package/dist/server/CapabilityIndex.d.ts.map +1 -1
  31. package/dist/server/CapabilityIndex.js +4 -1
  32. package/dist/server/CapabilityIndex.js.map +1 -1
  33. package/dist/server/routes.d.ts +3 -0
  34. package/dist/server/routes.d.ts.map +1 -1
  35. package/dist/server/routes.js +29 -3
  36. package/dist/server/routes.js.map +1 -1
  37. package/package.json +1 -1
  38. package/scripts/lib/dark-gate-attribution.js +7 -2
  39. package/scripts/lint-dev-agent-dark-gate.js +19 -1
  40. package/src/data/builtin-manifest.json +65 -65
  41. package/upgrades/1.3.540.md +70 -0
  42. package/upgrades/1.3.541.md +29 -0
  43. package/upgrades/side-effects/dev-agent-dark-gate-teeth.md +201 -0
  44. package/upgrades/side-effects/ws52-step8-provenance-gate.md +78 -0
@@ -1 +1 @@
1
- {"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/commands/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAgCH,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAS3D,OAAO,EAAE,eAAe,EAAiC,MAAM,iCAAiC,CAAC;AAuBjG,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAGvD,OAAO,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAC;AAiH7D,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAsBtD;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,yBAAyB,CACvC,IAAI,EAAE,MAAM,EACZ,OAAO,EAAE,MAAM,EACf,gBAAgB,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAC1C,OAAO,CAUT;AAyID,UAAU,YAAY;IACpB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;2DACuD;IACvD,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAm3CD,wBAAgB,mBAAmB,CACjC,QAAQ,EAAE,eAAe,EACzB,cAAc,EAAE,cAAc,EAC9B,YAAY,CAAC,EAAE,YAAY,EAC3B,WAAW,CAAC,EAAE,WAAW,EACzB,WAAW,CAAC,EAAE,WAAW,EACzB,iBAAiB,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC,OAAO,CAAC,EAGvE,UAAU,CAAC,EAAE,MAAM,OAAO,8BAA8B,EAAE,WAAW,GAAG,IAAI,EAK5E,qBAAqB,CAAC,EAAE,MAAM,OAAO,gCAAgC,EAAE,kBAAkB,GAAG,IAAI,EAKhG,mBAAmB,CAAC,EAAE,MAAM,MAAM,GAAG,IAAI,GAAG,SAAS,GACpD,IAAI,CA8eN;AA2lBD,wBAAsB,WAAW,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CA6/atE;AAED,wBAAsB,UAAU,CAAC,OAAO,EAAE;IAAE,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAsDzE;AAED;;;;;;;;;;;GAWG;AACH,wBAAsB,aAAa,CAAC,OAAO,EAAE;IAAE,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAuD5E"}
1
+ {"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/commands/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAgCH,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAS3D,OAAO,EAAE,eAAe,EAAiC,MAAM,iCAAiC,CAAC;AAuBjG,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAGvD,OAAO,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAC;AAiH7D,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAsBtD;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,yBAAyB,CACvC,IAAI,EAAE,MAAM,EACZ,OAAO,EAAE,MAAM,EACf,gBAAgB,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAC1C,OAAO,CAUT;AAyID,UAAU,YAAY;IACpB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;2DACuD;IACvD,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAm3CD,wBAAgB,mBAAmB,CACjC,QAAQ,EAAE,eAAe,EACzB,cAAc,EAAE,cAAc,EAC9B,YAAY,CAAC,EAAE,YAAY,EAC3B,WAAW,CAAC,EAAE,WAAW,EACzB,WAAW,CAAC,EAAE,WAAW,EACzB,iBAAiB,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC,OAAO,CAAC,EAGvE,UAAU,CAAC,EAAE,MAAM,OAAO,8BAA8B,EAAE,WAAW,GAAG,IAAI,EAK5E,qBAAqB,CAAC,EAAE,MAAM,OAAO,gCAAgC,EAAE,kBAAkB,GAAG,IAAI,EAKhG,mBAAmB,CAAC,EAAE,MAAM,MAAM,GAAG,IAAI,GAAG,SAAS,GACpD,IAAI,CA8eN;AA2lBD,wBAAsB,WAAW,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CA4hbtE;AAED,wBAAsB,UAAU,CAAC,OAAO,EAAE;IAAE,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAsDzE;AAED;;;;;;;;;;;GAWG;AACH,wBAAsB,aAAa,CAAC,OAAO,EAAE;IAAE,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAuD5E"}
@@ -2767,11 +2767,13 @@ export async function startServer(options) {
2767
2767
  // runs BEFORE AgentServer binds its port, so for minutes nothing answers
2768
2768
  // /health and the supervisor can mistake a slow boot for a dead process →
2769
2769
  // the restart loop. This minimal beacon answers /health from the very start
2770
- // of boot; it is closed at the handoff just before server.start(). Dark by
2771
- // default (monitoring.bootHealthBeacon.enabled); the grace bump (#979) covers
2772
- // the window until this is enabled. Belt-and-suspenders, not a boot reorder.
2770
+ // of boot; it is closed at the handoff just before server.start().
2771
+ // DEV-GATED (CMT-1438): `enabled` OMITTED from defaults so the developmentAgent
2772
+ // gate decides LIVE on a dev agent, DARK on the fleet; the grace bump (#979)
2773
+ // covers the window on the fleet. D4-verified read-only (localhost-only inbound
2774
+ // socket, zero outbound). Belt-and-suspenders, not a boot reorder.
2773
2775
  let bootBeacon;
2774
- if (config.monitoring?.bootHealthBeacon?.enabled) {
2776
+ if (resolveDevAgentGate(config.monitoring?.bootHealthBeacon?.enabled, config)) {
2775
2777
  try {
2776
2778
  bootBeacon = new BootHealthBeacon(config.port);
2777
2779
  await bootBeacon.start();
@@ -8543,9 +8545,30 @@ export async function startServer(options) {
8543
8545
  oracle: new CredentialIdentityOracle(),
8544
8546
  emitAttention: credentialGateEmitAttention,
8545
8547
  });
8548
+ // The §2.10 env-token gate (Step 8): the §0.b applicability precondition, enforced. Evaluates
8549
+ // BOTH `config.anthropicApiKey` (read LIVE per call — restartless) AND the live running fleet's
8550
+ // durable per-session `credentialSource` flag, so a mid-run flip to an env token cannot silently
8551
+ // un-steer the fleet. Pure evaluator (no IO). Constructed BEFORE the location gate so the
8552
+ // location gate can AND-in its refusal — a §2.10 refusal suppresses ALL re-pointing attribution
8553
+ // (requirement 3: an env-token session's usage is never mis-attributed to a slot tenant).
8554
+ const { CredentialEnvTokenGate } = await import('../core/CredentialEnvTokenGate.js');
8555
+ const credentialEnvTokenGate = new CredentialEnvTokenGate({
8556
+ // SINGLE SOURCE OF TRUTH: the SessionManager spawn site reads `this.config.anthropicApiKey`,
8557
+ // and `sessionManagerConfig` is `{ ...config.sessions }`, so the IDENTICAL value the env-block
8558
+ // predicate sees is `config.sessions.anthropicApiKey`. Read it (not the legacy top-level field)
8559
+ // so the gate's config predicate can never diverge from what actually launched the sessions.
8560
+ getAnthropicApiKey: () => config.sessions?.anthropicApiKey,
8561
+ listSessions: () => state.listSessions(),
8562
+ });
8546
8563
  const credentialLocationGate = new CredentialLocationGate({
8547
- // Live flag read — a restartless config flip is honored on the next read.
8548
- isEnabled: () => config.subscriptionPool?.credentialRepointing?.enabled === true,
8564
+ // Live flag read — a restartless config flip is honored on the next read. AND-ed with the
8565
+ // §2.10 env-token gate: when the feature would refuse (config field set OR a live env-token
8566
+ // session in the fleet), re-pointing attribution is suppressed wholesale, so the QuotaPoller
8567
+ // stops routing reads/attribution through moved slots (an env fleet isn't store-steered, and
8568
+ // attributing it would mis-credit usage to a slot tenant). Dark-default: when the feature flag
8569
+ // is off this short-circuits before evaluating the gate, so it's byte-for-byte today's behavior.
8570
+ isEnabled: () => config.subscriptionPool?.credentialRepointing?.enabled === true &&
8571
+ !credentialEnvTokenGate.evaluate().refused,
8549
8572
  ledger: credentialLocationLedger,
8550
8573
  emitAttention: credentialGateEmitAttention,
8551
8574
  });
@@ -8628,6 +8651,7 @@ export async function startServer(options) {
8628
8651
  resolveIdentity: credResolveIdentity,
8629
8652
  audit: credentialAuditEmit,
8630
8653
  levers: credentialManualLevers,
8654
+ envTokenGate: credentialEnvTokenGate,
8631
8655
  readBlob: async (slot) => {
8632
8656
  const raw = await defaultKeychainExec.readService(credSwapService(slot));
8633
8657
  if (!raw)
@@ -12638,7 +12662,13 @@ export async function startServer(options) {
12638
12662
  {
12639
12663
  const rrCfg = config.monitoring?.releaseReadiness;
12640
12664
  const repoPath = rrCfg?.repoPath ?? process.cwd();
12641
- if (rrCfg?.enabled) {
12665
+ // DEV-GATED (CMT-1438): `enabled` OMITTED from defaults so the developmentAgent
12666
+ // gate decides — LIVE on a dev agent, DARK on the fleet. D4-verified
12667
+ // inert-on-enable: this only constructs the READ surface; ticks/sends require
12668
+ // the SEPARATE off-by-default release-readiness-check job (two-switch). The
12669
+ // `rrCfg &&` guard preserves the original "block must exist" semantics
12670
+ // (applyDefaults always injects it) and narrows the type for the field reads.
12671
+ if (rrCfg && resolveDevAgentGate(rrCfg.enabled, config)) {
12642
12672
  const { isAnalyzableRepo, buildReleaseReadinessDeps } = await import('../monitoring/releaseReadinessWiring.js');
12643
12673
  if (isAnalyzableRepo(repoPath)) {
12644
12674
  const { ReleaseReadinessSentinel } = await import('../monitoring/ReleaseReadinessSentinel.js');