instar 1.3.540 → 1.3.541
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/commands/server.d.ts.map +1 -1
- package/dist/commands/server.js +24 -2
- package/dist/commands/server.js.map +1 -1
- package/dist/core/CredentialEnvTokenGate.d.ts +98 -0
- package/dist/core/CredentialEnvTokenGate.d.ts.map +1 -0
- package/dist/core/CredentialEnvTokenGate.js +103 -0
- package/dist/core/CredentialEnvTokenGate.js.map +1 -0
- package/dist/core/SessionManager.d.ts.map +1 -1
- package/dist/core/SessionManager.js +27 -0
- package/dist/core/SessionManager.js.map +1 -1
- package/dist/core/types.d.ts +18 -0
- package/dist/core/types.d.ts.map +1 -1
- package/dist/core/types.js.map +1 -1
- package/dist/server/routes.d.ts +3 -0
- package/dist/server/routes.d.ts.map +1 -1
- package/dist/server/routes.js +29 -3
- package/dist/server/routes.js.map +1 -1
- package/package.json +1 -1
- package/src/data/builtin-manifest.json +47 -47
- package/upgrades/1.3.541.md +29 -0
- package/upgrades/side-effects/ws52-step8-provenance-gate.md +78 -0
package/package.json
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
{
|
|
2
2
|
"$schema": "./builtin-manifest.schema.json",
|
|
3
3
|
"schemaVersion": 1,
|
|
4
|
-
"generatedAt": "2026-06-13T21:
|
|
5
|
-
"instarVersion": "1.3.
|
|
4
|
+
"generatedAt": "2026-06-13T21:38:38.083Z",
|
|
5
|
+
"instarVersion": "1.3.541",
|
|
6
6
|
"entryCount": 201,
|
|
7
7
|
"entries": {
|
|
8
8
|
"hook:session-start": {
|
|
@@ -418,7 +418,7 @@
|
|
|
418
418
|
"type": "route-group",
|
|
419
419
|
"domain": "monitoring",
|
|
420
420
|
"sourcePath": "src/server/routes.ts",
|
|
421
|
-
"contentHash": "
|
|
421
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
422
422
|
"since": "2025-01-01"
|
|
423
423
|
},
|
|
424
424
|
"route-group:agents": {
|
|
@@ -426,7 +426,7 @@
|
|
|
426
426
|
"type": "route-group",
|
|
427
427
|
"domain": "sessions",
|
|
428
428
|
"sourcePath": "src/server/routes.ts",
|
|
429
|
-
"contentHash": "
|
|
429
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
430
430
|
"since": "2025-01-01"
|
|
431
431
|
},
|
|
432
432
|
"route-group:backups": {
|
|
@@ -434,7 +434,7 @@
|
|
|
434
434
|
"type": "route-group",
|
|
435
435
|
"domain": "operations",
|
|
436
436
|
"sourcePath": "src/server/routes.ts",
|
|
437
|
-
"contentHash": "
|
|
437
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
438
438
|
"since": "2025-01-01"
|
|
439
439
|
},
|
|
440
440
|
"route-group:git": {
|
|
@@ -442,7 +442,7 @@
|
|
|
442
442
|
"type": "route-group",
|
|
443
443
|
"domain": "coordination",
|
|
444
444
|
"sourcePath": "src/server/routes.ts",
|
|
445
|
-
"contentHash": "
|
|
445
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
446
446
|
"since": "2025-01-01"
|
|
447
447
|
},
|
|
448
448
|
"route-group:memory": {
|
|
@@ -450,7 +450,7 @@
|
|
|
450
450
|
"type": "route-group",
|
|
451
451
|
"domain": "memory",
|
|
452
452
|
"sourcePath": "src/server/routes.ts",
|
|
453
|
-
"contentHash": "
|
|
453
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
454
454
|
"since": "2025-01-01"
|
|
455
455
|
},
|
|
456
456
|
"route-group:semantic": {
|
|
@@ -458,7 +458,7 @@
|
|
|
458
458
|
"type": "route-group",
|
|
459
459
|
"domain": "memory",
|
|
460
460
|
"sourcePath": "src/server/routes.ts",
|
|
461
|
-
"contentHash": "
|
|
461
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
462
462
|
"since": "2025-01-01"
|
|
463
463
|
},
|
|
464
464
|
"route-group:status": {
|
|
@@ -466,7 +466,7 @@
|
|
|
466
466
|
"type": "route-group",
|
|
467
467
|
"domain": "monitoring",
|
|
468
468
|
"sourcePath": "src/server/routes.ts",
|
|
469
|
-
"contentHash": "
|
|
469
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
470
470
|
"since": "2025-01-01"
|
|
471
471
|
},
|
|
472
472
|
"route-group:capabilities": {
|
|
@@ -474,7 +474,7 @@
|
|
|
474
474
|
"type": "route-group",
|
|
475
475
|
"domain": "mapping",
|
|
476
476
|
"sourcePath": "src/server/routes.ts",
|
|
477
|
-
"contentHash": "
|
|
477
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
478
478
|
"since": "2025-01-01"
|
|
479
479
|
},
|
|
480
480
|
"route-group:project-map": {
|
|
@@ -482,7 +482,7 @@
|
|
|
482
482
|
"type": "route-group",
|
|
483
483
|
"domain": "mapping",
|
|
484
484
|
"sourcePath": "src/server/routes.ts",
|
|
485
|
-
"contentHash": "
|
|
485
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
486
486
|
"since": "2025-01-01"
|
|
487
487
|
},
|
|
488
488
|
"route-group:coherence": {
|
|
@@ -490,7 +490,7 @@
|
|
|
490
490
|
"type": "route-group",
|
|
491
491
|
"domain": "coherence",
|
|
492
492
|
"sourcePath": "src/server/routes.ts",
|
|
493
|
-
"contentHash": "
|
|
493
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
494
494
|
"since": "2025-01-01"
|
|
495
495
|
},
|
|
496
496
|
"route-group:topic-bindings": {
|
|
@@ -498,7 +498,7 @@
|
|
|
498
498
|
"type": "route-group",
|
|
499
499
|
"domain": "sessions",
|
|
500
500
|
"sourcePath": "src/server/routes.ts",
|
|
501
|
-
"contentHash": "
|
|
501
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
502
502
|
"since": "2025-01-01"
|
|
503
503
|
},
|
|
504
504
|
"route-group:context": {
|
|
@@ -506,7 +506,7 @@
|
|
|
506
506
|
"type": "route-group",
|
|
507
507
|
"domain": "context",
|
|
508
508
|
"sourcePath": "src/server/routes.ts",
|
|
509
|
-
"contentHash": "
|
|
509
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
510
510
|
"since": "2025-01-01"
|
|
511
511
|
},
|
|
512
512
|
"route-group:scope-coherence": {
|
|
@@ -514,7 +514,7 @@
|
|
|
514
514
|
"type": "route-group",
|
|
515
515
|
"domain": "coherence",
|
|
516
516
|
"sourcePath": "src/server/routes.ts",
|
|
517
|
-
"contentHash": "
|
|
517
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
518
518
|
"since": "2025-01-01"
|
|
519
519
|
},
|
|
520
520
|
"route-group:canonical-state": {
|
|
@@ -522,7 +522,7 @@
|
|
|
522
522
|
"type": "route-group",
|
|
523
523
|
"domain": "state",
|
|
524
524
|
"sourcePath": "src/server/routes.ts",
|
|
525
|
-
"contentHash": "
|
|
525
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
526
526
|
"since": "2025-01-01"
|
|
527
527
|
},
|
|
528
528
|
"route-group:ci": {
|
|
@@ -530,7 +530,7 @@
|
|
|
530
530
|
"type": "route-group",
|
|
531
531
|
"domain": "monitoring",
|
|
532
532
|
"sourcePath": "src/server/routes.ts",
|
|
533
|
-
"contentHash": "
|
|
533
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
534
534
|
"since": "2025-01-01"
|
|
535
535
|
},
|
|
536
536
|
"route-group:sessions": {
|
|
@@ -538,7 +538,7 @@
|
|
|
538
538
|
"type": "route-group",
|
|
539
539
|
"domain": "sessions",
|
|
540
540
|
"sourcePath": "src/server/routes.ts",
|
|
541
|
-
"contentHash": "
|
|
541
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
542
542
|
"since": "2025-01-01"
|
|
543
543
|
},
|
|
544
544
|
"route-group:jobs": {
|
|
@@ -546,7 +546,7 @@
|
|
|
546
546
|
"type": "route-group",
|
|
547
547
|
"domain": "scheduling",
|
|
548
548
|
"sourcePath": "src/server/routes.ts",
|
|
549
|
-
"contentHash": "
|
|
549
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
550
550
|
"since": "2025-01-01"
|
|
551
551
|
},
|
|
552
552
|
"route-group:skip-ledger": {
|
|
@@ -554,7 +554,7 @@
|
|
|
554
554
|
"type": "route-group",
|
|
555
555
|
"domain": "scheduling",
|
|
556
556
|
"sourcePath": "src/server/routes.ts",
|
|
557
|
-
"contentHash": "
|
|
557
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
558
558
|
"since": "2025-01-01"
|
|
559
559
|
},
|
|
560
560
|
"route-group:telegram": {
|
|
@@ -562,7 +562,7 @@
|
|
|
562
562
|
"type": "route-group",
|
|
563
563
|
"domain": "communication",
|
|
564
564
|
"sourcePath": "src/server/routes.ts",
|
|
565
|
-
"contentHash": "
|
|
565
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
566
566
|
"since": "2025-01-01"
|
|
567
567
|
},
|
|
568
568
|
"route-group:attention": {
|
|
@@ -570,7 +570,7 @@
|
|
|
570
570
|
"type": "route-group",
|
|
571
571
|
"domain": "communication",
|
|
572
572
|
"sourcePath": "src/server/routes.ts",
|
|
573
|
-
"contentHash": "
|
|
573
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
574
574
|
"since": "2025-01-01"
|
|
575
575
|
},
|
|
576
576
|
"route-group:relationships": {
|
|
@@ -578,7 +578,7 @@
|
|
|
578
578
|
"type": "route-group",
|
|
579
579
|
"domain": "relationships",
|
|
580
580
|
"sourcePath": "src/server/routes.ts",
|
|
581
|
-
"contentHash": "
|
|
581
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
582
582
|
"since": "2025-01-01"
|
|
583
583
|
},
|
|
584
584
|
"route-group:feedback": {
|
|
@@ -586,7 +586,7 @@
|
|
|
586
586
|
"type": "route-group",
|
|
587
587
|
"domain": "feedback",
|
|
588
588
|
"sourcePath": "src/server/routes.ts",
|
|
589
|
-
"contentHash": "
|
|
589
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
590
590
|
"since": "2025-01-01"
|
|
591
591
|
},
|
|
592
592
|
"route-group:updates": {
|
|
@@ -594,7 +594,7 @@
|
|
|
594
594
|
"type": "route-group",
|
|
595
595
|
"domain": "updates",
|
|
596
596
|
"sourcePath": "src/server/routes.ts",
|
|
597
|
-
"contentHash": "
|
|
597
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
598
598
|
"since": "2025-01-01"
|
|
599
599
|
},
|
|
600
600
|
"route-group:dispatches": {
|
|
@@ -602,7 +602,7 @@
|
|
|
602
602
|
"type": "route-group",
|
|
603
603
|
"domain": "dispatches",
|
|
604
604
|
"sourcePath": "src/server/routes.ts",
|
|
605
|
-
"contentHash": "
|
|
605
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
606
606
|
"since": "2025-01-01"
|
|
607
607
|
},
|
|
608
608
|
"route-group:quota": {
|
|
@@ -610,7 +610,7 @@
|
|
|
610
610
|
"type": "route-group",
|
|
611
611
|
"domain": "monitoring",
|
|
612
612
|
"sourcePath": "src/server/routes.ts",
|
|
613
|
-
"contentHash": "
|
|
613
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
614
614
|
"since": "2025-01-01"
|
|
615
615
|
},
|
|
616
616
|
"route-group:publishing": {
|
|
@@ -618,7 +618,7 @@
|
|
|
618
618
|
"type": "route-group",
|
|
619
619
|
"domain": "publishing",
|
|
620
620
|
"sourcePath": "src/server/routes.ts",
|
|
621
|
-
"contentHash": "
|
|
621
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
622
622
|
"since": "2025-01-01"
|
|
623
623
|
},
|
|
624
624
|
"route-group:private-views": {
|
|
@@ -626,7 +626,7 @@
|
|
|
626
626
|
"type": "route-group",
|
|
627
627
|
"domain": "publishing",
|
|
628
628
|
"sourcePath": "src/server/routes.ts",
|
|
629
|
-
"contentHash": "
|
|
629
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
630
630
|
"since": "2025-01-01"
|
|
631
631
|
},
|
|
632
632
|
"route-group:tunnel": {
|
|
@@ -634,7 +634,7 @@
|
|
|
634
634
|
"type": "route-group",
|
|
635
635
|
"domain": "networking",
|
|
636
636
|
"sourcePath": "src/server/routes.ts",
|
|
637
|
-
"contentHash": "
|
|
637
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
638
638
|
"since": "2025-01-01"
|
|
639
639
|
},
|
|
640
640
|
"route-group:events": {
|
|
@@ -642,7 +642,7 @@
|
|
|
642
642
|
"type": "route-group",
|
|
643
643
|
"domain": "networking",
|
|
644
644
|
"sourcePath": "src/server/routes.ts",
|
|
645
|
-
"contentHash": "
|
|
645
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
646
646
|
"since": "2025-01-01"
|
|
647
647
|
},
|
|
648
648
|
"route-group:evolution": {
|
|
@@ -650,7 +650,7 @@
|
|
|
650
650
|
"type": "route-group",
|
|
651
651
|
"domain": "evolution",
|
|
652
652
|
"sourcePath": "src/server/routes.ts",
|
|
653
|
-
"contentHash": "
|
|
653
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
654
654
|
"since": "2025-01-01"
|
|
655
655
|
},
|
|
656
656
|
"route-group:watchdog": {
|
|
@@ -658,7 +658,7 @@
|
|
|
658
658
|
"type": "route-group",
|
|
659
659
|
"domain": "monitoring",
|
|
660
660
|
"sourcePath": "src/server/routes.ts",
|
|
661
|
-
"contentHash": "
|
|
661
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
662
662
|
"since": "2025-01-01"
|
|
663
663
|
},
|
|
664
664
|
"route-group:topic-memory": {
|
|
@@ -666,7 +666,7 @@
|
|
|
666
666
|
"type": "route-group",
|
|
667
667
|
"domain": "memory",
|
|
668
668
|
"sourcePath": "src/server/routes.ts",
|
|
669
|
-
"contentHash": "
|
|
669
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
670
670
|
"since": "2025-01-01"
|
|
671
671
|
},
|
|
672
672
|
"route-group:state-sync": {
|
|
@@ -674,7 +674,7 @@
|
|
|
674
674
|
"type": "route-group",
|
|
675
675
|
"domain": "coordination",
|
|
676
676
|
"sourcePath": "src/server/routes.ts",
|
|
677
|
-
"contentHash": "
|
|
677
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
678
678
|
"since": "2025-01-01"
|
|
679
679
|
},
|
|
680
680
|
"route-group:intent": {
|
|
@@ -682,7 +682,7 @@
|
|
|
682
682
|
"type": "route-group",
|
|
683
683
|
"domain": "intent",
|
|
684
684
|
"sourcePath": "src/server/routes.ts",
|
|
685
|
-
"contentHash": "
|
|
685
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
686
686
|
"since": "2025-01-01"
|
|
687
687
|
},
|
|
688
688
|
"route-group:triage": {
|
|
@@ -690,7 +690,7 @@
|
|
|
690
690
|
"type": "route-group",
|
|
691
691
|
"domain": "safety",
|
|
692
692
|
"sourcePath": "src/server/routes.ts",
|
|
693
|
-
"contentHash": "
|
|
693
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
694
694
|
"since": "2025-01-01"
|
|
695
695
|
},
|
|
696
696
|
"route-group:operations": {
|
|
@@ -698,7 +698,7 @@
|
|
|
698
698
|
"type": "route-group",
|
|
699
699
|
"domain": "safety",
|
|
700
700
|
"sourcePath": "src/server/routes.ts",
|
|
701
|
-
"contentHash": "
|
|
701
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
702
702
|
"since": "2025-01-01"
|
|
703
703
|
},
|
|
704
704
|
"route-group:sentinel": {
|
|
@@ -706,7 +706,7 @@
|
|
|
706
706
|
"type": "route-group",
|
|
707
707
|
"domain": "safety",
|
|
708
708
|
"sourcePath": "src/server/routes.ts",
|
|
709
|
-
"contentHash": "
|
|
709
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
710
710
|
"since": "2025-01-01"
|
|
711
711
|
},
|
|
712
712
|
"route-group:trust": {
|
|
@@ -714,7 +714,7 @@
|
|
|
714
714
|
"type": "route-group",
|
|
715
715
|
"domain": "safety",
|
|
716
716
|
"sourcePath": "src/server/routes.ts",
|
|
717
|
-
"contentHash": "
|
|
717
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
718
718
|
"since": "2025-01-01"
|
|
719
719
|
},
|
|
720
720
|
"route-group:monitoring": {
|
|
@@ -722,7 +722,7 @@
|
|
|
722
722
|
"type": "route-group",
|
|
723
723
|
"domain": "monitoring",
|
|
724
724
|
"sourcePath": "src/server/routes.ts",
|
|
725
|
-
"contentHash": "
|
|
725
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
726
726
|
"since": "2025-01-01"
|
|
727
727
|
},
|
|
728
728
|
"route-group:commitments": {
|
|
@@ -730,7 +730,7 @@
|
|
|
730
730
|
"type": "route-group",
|
|
731
731
|
"domain": "commitments",
|
|
732
732
|
"sourcePath": "src/server/routes.ts",
|
|
733
|
-
"contentHash": "
|
|
733
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
734
734
|
"since": "2025-01-01"
|
|
735
735
|
},
|
|
736
736
|
"route-group:episodes": {
|
|
@@ -738,7 +738,7 @@
|
|
|
738
738
|
"type": "route-group",
|
|
739
739
|
"domain": "memory",
|
|
740
740
|
"sourcePath": "src/server/routes.ts",
|
|
741
|
-
"contentHash": "
|
|
741
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
742
742
|
"since": "2025-01-01"
|
|
743
743
|
},
|
|
744
744
|
"route-group:messages": {
|
|
@@ -746,7 +746,7 @@
|
|
|
746
746
|
"type": "route-group",
|
|
747
747
|
"domain": "coordination",
|
|
748
748
|
"sourcePath": "src/server/routes.ts",
|
|
749
|
-
"contentHash": "
|
|
749
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
750
750
|
"since": "2025-01-01"
|
|
751
751
|
},
|
|
752
752
|
"route-group:system-reviews": {
|
|
@@ -754,7 +754,7 @@
|
|
|
754
754
|
"type": "route-group",
|
|
755
755
|
"domain": "monitoring",
|
|
756
756
|
"sourcePath": "src/server/routes.ts",
|
|
757
|
-
"contentHash": "
|
|
757
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
758
758
|
"since": "2025-01-01"
|
|
759
759
|
},
|
|
760
760
|
"route-group:machine-mesh": {
|
|
@@ -770,7 +770,7 @@
|
|
|
770
770
|
"type": "route-group",
|
|
771
771
|
"domain": "security",
|
|
772
772
|
"sourcePath": "src/server/routes.ts",
|
|
773
|
-
"contentHash": "
|
|
773
|
+
"contentHash": "a6a1c22fc6213c6ab2da23825c5fcd0b2213fd3dbc4bc9bae094bcdb42c8157c",
|
|
774
774
|
"since": "2025-01-01"
|
|
775
775
|
},
|
|
776
776
|
"cli:init": {
|
|
@@ -1530,7 +1530,7 @@
|
|
|
1530
1530
|
"type": "subsystem",
|
|
1531
1531
|
"domain": "sessions",
|
|
1532
1532
|
"sourcePath": "src/core/SessionManager.ts",
|
|
1533
|
-
"contentHash": "
|
|
1533
|
+
"contentHash": "1e282ecacc10ebe6ab4adeaabc00ff2f0295b1b0954ee5b48e2314c368594577",
|
|
1534
1534
|
"since": "2025-01-01"
|
|
1535
1535
|
},
|
|
1536
1536
|
"subsystem:auto-updater": {
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
# Upgrade Guide — vNEXT
|
|
2
|
+
|
|
3
|
+
<!-- assembled-by: assemble-next-md -->
|
|
4
|
+
<!-- bump: patch -->
|
|
5
|
+
|
|
6
|
+
## What Changed
|
|
7
|
+
|
|
8
|
+
Enforces the spec's applicability precondition: live credential re-pointing only works for sessions that read their credential from the per-config-home store. A session launched with an env token bypasses that store and is invisible to the mechanism — so this step records, at spawn, WHERE each session's Anthropic credential comes from, and refuses to run the feature whenever an env-token session is present.
|
|
9
|
+
|
|
10
|
+
- **Durable per-session provenance flag** — a new `credentialSource: 'store' | 'env'` field on the session record, set at every claude-code spawn lane. It is derived from the IDENTICAL expression that selects the session's Anthropic env block — `(config.anthropicApiKey ?? '') !== '' ? 'env' : 'store'`, computed at the spawn site — so the flag can never drift from what actually launched the session (single source of truth; an independent recomputation would re-create the staleness class this spec exists to kill).
|
|
11
|
+
- **The env-token gate** — a new `CredentialEnvTokenGate` (src/core/CredentialEnvTokenGate.ts), a pure evaluator. It REFUSES the feature, with a NAMED category reason, when either the config field `anthropicApiKey` is any non-empty value (an OAuth token OR a direct API key — both bypass the store) OR any running claude-code session's provenance flag is `env`. Checking the LIVE fleet — not just the config field — closes the mid-life-flip hole: an operator setting an env token mid-run would otherwise leave already-running store sessions steerable while new env spawns are silently un-steered.
|
|
12
|
+
- **Named reason on the status route** — `GET /credentials/rebalancer`, when the feature flag is ON, now surfaces the gate verdict (refused, the reason category, and the count of env sessions), scrubbed through the existing secret-scrub chokepoint. Dark (flag off) it stays a strict 503 no-op.
|
|
13
|
+
- **Attribution-suppression** — on a gate refusal the location gate behaves as dark, so the quota poller stops routing reads/attribution through moved slots: an env session's usage is never mis-attributed to a slot tenant.
|
|
14
|
+
- **Dark** — gated by the existing `subscriptionPool.credentialRepointing` flag. With the feature off (the fleet + dev default) the gate is never consulted and the only delta is the additive provenance field on new session records (free metadata, never read) — byte-for-byte today's behavior.
|
|
15
|
+
|
|
16
|
+
## What to Tell Your User
|
|
17
|
+
|
|
18
|
+
This is internal plumbing that ships turned off, so nothing changes for you day to day. What it builds toward, with a safety guarantee baked in: the under-the-hood feature that moves a credential between your subscription accounts only works for sessions that read their login from the on-disk store I manage. If a session was instead launched with a login token handed straight to it in its environment, that session ignores the store entirely and the moving trick would be a no-op for it. So this step teaches me to record, the moment each session starts, which of those two kinds it is — and to refuse to run the whole moving feature at all whenever any running session is the kind I cannot steer. That refusal is deliberate and visible, with a plain reason, rather than the feature quietly mis-handling a session it does not actually control. It is off by default and does nothing until the feature is turned on after a review window.
|
|
19
|
+
|
|
20
|
+
## Summary of New Capabilities
|
|
21
|
+
|
|
22
|
+
One new exported class — `CredentialEnvTokenGate` (the env-token applicability gate: refuses on the config field OR a live env-token session in the fleet, with a named reason) — plus a new additive optional `Session.credentialSource` provenance field set at every claude-code spawn lane, and the `GET /credentials/rebalancer` route surfacing the gate verdict. All gated by the existing `subscriptionPool.credentialRepointing` flag. No new gate flag, no new unfunneled credential write path.
|
|
23
|
+
|
|
24
|
+
## Evidence
|
|
25
|
+
|
|
26
|
+
- `tests/unit/credential-env-token-gate.test.ts` (18) — config predicate (permits empty/undefined; refuses on sk-ant-oat, on a direct sk-ant-api03 key, and on any non-empty value); live-fleet path (refuses on one running env session with config empty, counts multiple, ignores a non-running env session and a non-claude env session, treats undefined as store, config-field refusal short-circuits before the fleet scan); attribution-suppression (`shouldAttributeSlotTenant` false for env, true for store/undefined); and the single-source-of-truth blocker proven by a static grep-assert against the real SessionManager source (exactly 3 env-block predicates + 3 identical provenance derivations + 4 record writes).
|
|
27
|
+
- `tests/integration/credential-routes.test.ts` (+3) — the rebalancer route surfaces the config-field refusal (scrubbed, no token leak), the live-fleet refusal (mid-life flip, config empty), and permits when config empty + all-store fleet.
|
|
28
|
+
- `tests/e2e/credential-repointing-routes-alive.test.ts` (+3) — feature-alive on the real AgentServer factory: rebalancer DARK is a strict 503 no-op, ENABLED + clean config + all-store fleet permits, ENABLED + a live env-token session refuses with the named reason.
|
|
29
|
+
- tsc clean; full `npm run lint` clean (dark-gate 16/16 unchanged — no ConfigDefaults touched); no-silent-fallbacks + no-empty-catch-blocks + feature-delivery-completeness + docs-coverage green.
|
|
@@ -0,0 +1,78 @@
|
|
|
1
|
+
# Side-effects review — WS5.2 Step 8 (credential provenance flag + env-token gate)
|
|
2
|
+
|
|
3
|
+
**Spec:** `docs/specs/live-credential-repointing-rebalancer.md` (approved:true, converged) §2.10/§0.b/§2.4, build-plan §8.
|
|
4
|
+
**Tier:** 2 (src code + a read-time gate + a session-record metadata field; ships DARK behind the EXISTING `subscriptionPool.credentialRepointing` flag — NO new gate flag).
|
|
5
|
+
**Parent principle:** Cross-Machine Coherence — One Agent, Robust Under Degraded Conditions.
|
|
6
|
+
**Second-pass reviewer:** independent reviewer subagent (this change touches a "gate" → Phase 5 required).
|
|
7
|
+
|
|
8
|
+
## What changed
|
|
9
|
+
|
|
10
|
+
- **NEW `src/core/CredentialEnvTokenGate.ts`** — the §2.10 env-token gate (the §0.b applicability precondition, enforced). Pure evaluator (no IO): `evaluate()` REFUSES the feature, with a NAMED CATEGORY reason, when (a) `config.anthropicApiKey` is ANY non-empty value (OAuth OR API key — round-3) OR (b) any RUNNING claude-code session's durable `credentialSource` flag is `'env'` (the live-fleet path that closes the mid-life flip). The static helper `shouldAttributeSlotTenant(session)` is `false` for an env session (its usage is never mis-attributed to a slot tenant — §2.10 requirement 3).
|
|
11
|
+
- **`src/core/types.ts`** — adds `Session.credentialSource?: 'store' | 'env'` (additive optional metadata field; no `enabled:` literal → dark-gate UNCHANGED).
|
|
12
|
+
- **`src/core/SessionManager.ts`** — sets `credentialSource` on the session record at all four claude-code spawn record-writes. At the three env-block lanes (headless `~:1846`, rerouted-interactive `~:2127`, interactive `~:3248`) it is derived from the **IDENTICAL** expression that selects the Anthropic env block — `(this.config.anthropicApiKey ?? '') !== '' ? 'env' : 'store'`, computed at the spawn site, NEVER a recomputation. The triage lane hardcodes `'store'` (it always empties `ANTHROPIC_API_KEY=`, so it deterministically reads the store).
|
|
13
|
+
- **`src/commands/server.ts`** — constructs the `CredentialEnvTokenGate` (reading `config.sessions.anthropicApiKey` — the SAME source `sessionManagerConfig` spreads into SessionManager — and `state.listSessions()`); AND-s its refusal into the `CredentialLocationGate.isEnabled` (so a §2.10 refusal suppresses ALL re-pointing attribution: requirement 3 enforced structurally through the one gate the QuotaPoller already consults); adds the gate to the `credentialRepointing` bundle.
|
|
14
|
+
- **`src/server/routes.ts`** — adds `envTokenGate` to the `credentialRepointing` RouteContext type; `GET /credentials/rebalancer` now surfaces the gate verdict (refused + named reason + envSessionCount) when the flag is ON, scrubbed via `audit.response`. DARK → strict 503 no-op (unchanged).
|
|
15
|
+
- **Tests:** NEW `tests/unit/credential-env-token-gate.test.ts` (18); extended `tests/integration/credential-routes.test.ts` (+3 rebalancer cases) and `tests/e2e/credential-repointing-routes-alive.test.ts` (+3 cases, incl. live env-token fleet); widened the look-back window in `tests/unit/codex-model-swap-wiring.test.ts` (the §2.10 derivation sits between `effectiveAccountId` and `buildInteractiveLaunch` — the WS5.3 source-string-ratchet lesson).
|
|
16
|
+
|
|
17
|
+
## Decision-point inventory
|
|
18
|
+
|
|
19
|
+
- `CredentialEnvTokenGate.evaluate()` — **add** — the §2.10 refusal decision (config field OR live fleet). It is a SIGNAL feeding the rebalancer status surface + the location-gate enablement; it never blocks a session spawn, a message, or a swap directly.
|
|
20
|
+
- `CredentialLocationGate.isEnabled` AND-in — **modify** — a §2.10 refusal makes the location gate behave as dark (attribution off) so the QuotaPoller stops re-routing reads/attribution through moved slots for an env fleet.
|
|
21
|
+
- `Session.credentialSource` derivation — **add** — additive provenance metadata, not a decision (it is the durable INPUT the gate's fleet scan reads).
|
|
22
|
+
|
|
23
|
+
## State files / migrations
|
|
24
|
+
|
|
25
|
+
- **No new state file.** `credentialSource` rides the existing session record (`state/sessions/*.json`); additive optional field, absent on legacy records (treated as `'store'` — the safe, non-refusing direction).
|
|
26
|
+
- **No migration in Step 8.** The CLAUDE.md awareness template + `migrateConfig`/`migrateClaudeMd` + CapabilityIndex are explicitly scoped to **build-plan §9 (Step 9 — Migration parity)** — tracked there, not deferred silently. No new config flag means nothing to migrate for the gate itself.
|
|
27
|
+
|
|
28
|
+
## Blast radius / reversibility
|
|
29
|
+
|
|
30
|
+
- **Ships DARK.** The gate is only consulted behind `subscriptionPool.credentialRepointing.enabled` (the location-gate AND-in short-circuits on the flag BEFORE evaluating the gate, and the rebalancer route 503s while dark). With the flag off (always, fleet-wide) the only runtime delta is the additive `credentialSource` field on new session records — free metadata, never read. E2E proves the dark surface is a byte-for-byte 503 no-op.
|
|
31
|
+
- Reversibility: revert the commit. The `credentialSource` field is inert metadata; no credential write, no schema migration, no durable state to repair. A swap is still the reversible oracle-verified permutation from Step 5.
|
|
32
|
+
|
|
33
|
+
## Per-Phase-C (multi-machine posture)
|
|
34
|
+
|
|
35
|
+
- **Machine-local BY DESIGN.** The gate is per-machine: each machine evaluates ITS OWN `config.sessions.anthropicApiKey` + ITS OWN `state.listSessions()`. An N-machine pool is N independent gates; a machine running an env-token fleet refuses LOCALLY without reading or affecting a peer's store-reading fleet. No cross-machine credential read, no LAN/broadcast assumption. The `credentialSource` flag is per-session-per-machine durable metadata and never crosses machines (it would be meaningless on another machine, whose config/fleet differ). This is the correct posture: env-vs-store is a function of the LOCAL config field + the LOCAL fleet, so a remote read would be both unnecessary and a coherence hazard.
|
|
36
|
+
|
|
37
|
+
## Adversarial review (4 lenses, folded as named tests)
|
|
38
|
+
|
|
39
|
+
1. **Single-source-of-truth provenance (THE blocker)** — the flag is the IDENTICAL `(this.config.anthropicApiKey ?? '')` expression as the env-block selection at each of the three lanes, computed at the spawn site. Proven by a static grep-assert against the real SessionManager source (exactly 3 env-block predicates + 3 identical provenance derivations + 4 record writes) — an independent recomputation would fail it. A divergence test guards the staleness class this whole spec exists to kill.
|
|
40
|
+
2. **Mid-life-flip / live-fleet** — the gate refuses on a running `env` session even when the config field is empty (named unit + integration + e2e tests). A config-only gate would miss it; the fleet scan reads the durable flag.
|
|
41
|
+
3. **Attribution-suppression** — `shouldAttributeSlotTenant` is false for an env session (named test); structurally, the location-gate AND-in suppresses re-pointing attribution wholesale on refusal so the QuotaPoller never mis-attributes an env session's usage to a slot tenant.
|
|
42
|
+
4. **Dark-ship inertness** — flag OFF → rebalancer 503 strict no-op; record-write shape unchanged except the additive field (e2e "feature is alive" — the single most important test).
|
|
43
|
+
|
|
44
|
+
## Silent-fallback tags
|
|
45
|
+
|
|
46
|
+
`CredentialEnvTokenGate` is pure logic with NO catch blocks. The route/server edits add no new catch. no-silent-fallbacks (5/5) + no-empty-catch-blocks (4/4) pass with NO baseline bump.
|
|
47
|
+
|
|
48
|
+
## Second-pass review (Phase 5 — independent reviewer subagent)
|
|
49
|
+
|
|
50
|
+
**Concur with the review.** All seven load-bearing invariants verified against the actual code:
|
|
51
|
+
1. Single-source-of-truth — the `credentialSource` derivation is the IDENTICAL `(this.config.anthropicApiKey ?? '') !== ''` expression adjacent to each lane's `.startsWith('sk-ant-oat')` env-block predicate over the SAME `this.config.anthropicApiKey` field (SessionManager lanes 1/2/3); triage hardcodes `'store'` and demonstrably empties `ANTHROPIC_API_KEY=`. Not a recomputation.
|
|
52
|
+
2. Config predicate is "any non-empty value" (`key !== ''`), correctly broader than the launch's sk-ant-oat branch (both branches set a store-bypassing env var).
|
|
53
|
+
3. Gate ANDs the live-fleet scan (running + claude-code + `credentialSource === 'env'`, undefined→store safe default) onto the config check, closing the mid-life-flip hole.
|
|
54
|
+
4. The location-gate `isEnabled` AND-in is sound: `&&` short-circuits on the dark flag BEFORE `evaluate()` is ever called (true no-op while dark); on refusal it suppresses re-pointing attribution wholesale (the conservatively-correct direction); `shouldAttributeSlotTenant` false for env.
|
|
55
|
+
5. Gate-level single-source-of-truth holds — `config.sessions?.anthropicApiKey` is the same value `sessionManagerConfig = { ...config.sessions }` feeds SessionManager (anthropicApiKey not overridden).
|
|
56
|
+
6. Dark surface is a strict 503 no-op through the scrub chokepoint; the only record-shape delta is the additive optional field.
|
|
57
|
+
7. Signal-vs-authority: advisory except the attribution-suppression AND-in, which is appropriate and non-brittle (a boolean over a durable flag with a safe default).
|
|
58
|
+
|
|
59
|
+
No concern raised.
|
|
60
|
+
|
|
61
|
+
## Gate-ratchet results (run locally before push)
|
|
62
|
+
|
|
63
|
+
- `tsc --noEmit` clean; full `npm run lint` clean (includes dark-gate 16/16 — **UNCHANGED**, no ConfigDefaults touch).
|
|
64
|
+
- no-silent-fallbacks 5/5, no-empty-catch-blocks 4/4, feature-delivery-completeness 97/97, docs-coverage --check pass (floor-based; internal-plumbing symbol, no floor breach).
|
|
65
|
+
- credential-env-token-gate 18/18; credential-routes (integration) all pass incl. 3 new rebalancer cases; credential-repointing-routes-alive (e2e) 6/6 incl. live env-token fleet; codex-model-swap-wiring 7/7 (window widened); all SessionManager wiring/activation tests green.
|
|
66
|
+
|
|
67
|
+
## Second-pass review verdict (Phase 5 — required: change touches a "gate")
|
|
68
|
+
|
|
69
|
+
Independent reviewer subagent audited the gate + the 4 spawn-site provenance derivations + the dark-ship short-circuit against the real code (not the artifact's claims), and against `docs/signal-vs-authority.md`. All six verification points held:
|
|
70
|
+
|
|
71
|
+
1. **Single-source-of-truth** — all 3 env-block lanes (`SessionManager.ts:1844/2126/3246`) derive `credentialSource` from the identical `(this.config.anthropicApiKey ?? '') !== ''` predicate adjacent to their own env-block write; the triage lane hardcodes `'store'` and provably empties `ANTHROPIC_API_KEY=`. The gate reads `config.sessions?.anthropicApiKey` (`server.ts:9213`), which is the SAME value `sessionManagerConfig = {...config.sessions}` feeds SessionManager (not overridden). Not a recompute.
|
|
72
|
+
2. **Fail-safe direction** — `credentialSource==='env'` is the only fleet-path refusal; `undefined`→`'store'` (non-refusing). A refusal disables the FEATURE (re-pointing attribution), never messaging/sessions/swaps.
|
|
73
|
+
3. **Dark-ship inertness** — `enabled === true && !gate.evaluate().refused` short-circuits on the flag BEFORE `evaluate()`; the route 503s before evaluating. Byte-for-byte prior behavior when dark.
|
|
74
|
+
4. **Config predicate** — refuses on ANY non-empty `anthropicApiKey` (OAuth `sk-ant-oat` OR api key), matching both SessionManager launch branches.
|
|
75
|
+
5. **Signal-vs-authority** — a deterministic policy evaluator over a structured durable flag, not a brittle detector; the only authority it holds is suppressing the feature itself (the conservatively-correct fail-safe), which the principle doc explicitly permits for a domain this constrained.
|
|
76
|
+
6. **Over/under-refuse** — the mixed-fleet whole-feature refusal is conservatively-correct (refuse rather than mis-steer); machine-local posture is correct. No hole found.
|
|
77
|
+
|
|
78
|
+
**Verdict: CONCUR.** The side-effects artifact's claims all hold against the actual code.
|