instar 1.3.603 → 1.3.605
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/commands/server.d.ts.map +1 -1
- package/dist/commands/server.js +58 -2
- package/dist/commands/server.js.map +1 -1
- package/dist/config/ConfigDefaults.d.ts.map +1 -1
- package/dist/config/ConfigDefaults.js +15 -0
- package/dist/config/ConfigDefaults.js.map +1 -1
- package/dist/core/CredentialLocationLedger.d.ts +70 -0
- package/dist/core/CredentialLocationLedger.d.ts.map +1 -1
- package/dist/core/CredentialLocationLedger.js +126 -0
- package/dist/core/CredentialLocationLedger.js.map +1 -1
- package/dist/core/PostUpdateMigrator.d.ts.map +1 -1
- package/dist/core/PostUpdateMigrator.js +16 -0
- package/dist/core/PostUpdateMigrator.js.map +1 -1
- package/dist/core/types.d.ts +20 -0
- package/dist/core/types.d.ts.map +1 -1
- package/dist/core/types.js.map +1 -1
- package/dist/feedback-factory/processing/FeedbackProcessingService.d.ts +70 -0
- package/dist/feedback-factory/processing/FeedbackProcessingService.d.ts.map +1 -0
- package/dist/feedback-factory/processing/FeedbackProcessingService.js +74 -0
- package/dist/feedback-factory/processing/FeedbackProcessingService.js.map +1 -0
- package/dist/feedback-factory/store/JsonlFeedbackStore.d.ts +34 -0
- package/dist/feedback-factory/store/JsonlFeedbackStore.d.ts.map +1 -1
- package/dist/feedback-factory/store/JsonlFeedbackStore.js +59 -0
- package/dist/feedback-factory/store/JsonlFeedbackStore.js.map +1 -1
- package/dist/scaffold/templates.d.ts.map +1 -1
- package/dist/scaffold/templates.js +5 -0
- package/dist/scaffold/templates.js.map +1 -1
- package/dist/server/AgentServer.d.ts +5 -0
- package/dist/server/AgentServer.d.ts.map +1 -1
- package/dist/server/AgentServer.js +34 -0
- package/dist/server/AgentServer.js.map +1 -1
- package/dist/server/CapabilityIndex.d.ts.map +1 -1
- package/dist/server/CapabilityIndex.js +12 -0
- package/dist/server/CapabilityIndex.js.map +1 -1
- package/dist/server/routes.d.ts +4 -0
- package/dist/server/routes.d.ts.map +1 -1
- package/dist/server/routes.js +34 -0
- package/dist/server/routes.js.map +1 -1
- package/package.json +1 -1
- package/src/data/builtin-manifest.json +64 -64
- package/src/scaffold/templates/jobs/instar/feedback-factory-process.md +35 -0
- package/src/scaffold/templates.ts +5 -0
- package/upgrades/1.3.604.md +57 -0
- package/upgrades/1.3.605.md +29 -0
- package/upgrades/side-effects/credential-identity-audit.md +183 -0
- package/upgrades/side-effects/feedback-processor-job.md +60 -0
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/commands/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAoCH,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAS3D,OAAO,EAAE,eAAe,EAAiC,MAAM,iCAAiC,CAAC;AAwBjG,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAGvD,OAAO,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAC;AAkH7D,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAsBtD;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,yBAAyB,CACvC,IAAI,EAAE,MAAM,EACZ,OAAO,EAAE,MAAM,EACf,gBAAgB,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAC1C,OAAO,CAUT;AAyID,UAAU,YAAY;IACpB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;2DACuD;IACvD,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAg4CD,wBAAgB,mBAAmB,CACjC,QAAQ,EAAE,eAAe,EACzB,cAAc,EAAE,cAAc,EAC9B,YAAY,CAAC,EAAE,YAAY,EAC3B,WAAW,CAAC,EAAE,WAAW,EACzB,WAAW,CAAC,EAAE,WAAW,EACzB,iBAAiB,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC,OAAO,CAAC,EAGvE,UAAU,CAAC,EAAE,MAAM,OAAO,8BAA8B,EAAE,WAAW,GAAG,IAAI,EAK5E,qBAAqB,CAAC,EAAE,MAAM,OAAO,gCAAgC,EAAE,kBAAkB,GAAG,IAAI,EAKhG,mBAAmB,CAAC,EAAE,MAAM,MAAM,GAAG,IAAI,GAAG,SAAS,GACpD,IAAI,CA8eN;AA2lBD,wBAAsB,WAAW,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,
|
|
1
|
+
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/commands/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAoCH,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAS3D,OAAO,EAAE,eAAe,EAAiC,MAAM,iCAAiC,CAAC;AAwBjG,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAGvD,OAAO,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAC;AAkH7D,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAsBtD;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,yBAAyB,CACvC,IAAI,EAAE,MAAM,EACZ,OAAO,EAAE,MAAM,EACf,gBAAgB,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAC1C,OAAO,CAUT;AAyID,UAAU,YAAY;IACpB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;2DACuD;IACvD,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAg4CD,wBAAgB,mBAAmB,CACjC,QAAQ,EAAE,eAAe,EACzB,cAAc,EAAE,cAAc,EAC9B,YAAY,CAAC,EAAE,YAAY,EAC3B,WAAW,CAAC,EAAE,WAAW,EACzB,WAAW,CAAC,EAAE,WAAW,EACzB,iBAAiB,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC,OAAO,CAAC,EAGvE,UAAU,CAAC,EAAE,MAAM,OAAO,8BAA8B,EAAE,WAAW,GAAG,IAAI,EAK5E,qBAAqB,CAAC,EAAE,MAAM,OAAO,gCAAgC,EAAE,kBAAkB,GAAG,IAAI,EAKhG,mBAAmB,CAAC,EAAE,MAAM,MAAM,GAAG,IAAI,GAAG,SAAS,GACpD,IAAI,CA8eN;AA2lBD,wBAAsB,WAAW,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CAo4dtE;AAED,wBAAsB,UAAU,CAAC,OAAO,EAAE;IAAE,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAsDzE;AAED;;;;;;;;;;;GAWG;AACH,wBAAsB,aAAa,CAAC,OAAO,EAAE;IAAE,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAuD5E"}
|
package/dist/commands/server.js
CHANGED
|
@@ -9246,7 +9246,7 @@ export async function startServer(options) {
|
|
|
9246
9246
|
// off (always, while dark) every gate read returns the enrollment-home fallback, so every
|
|
9247
9247
|
// consumer is byte-for-byte today's behavior. A never-seeded ledger is the same fallback (back-
|
|
9248
9248
|
// compat); only UNKNOWN mode (corrupt on-disk) raises a HIGH attention item, never throws.
|
|
9249
|
-
const { CredentialLocationLedger, shouldBootSeedCredentialLedger } = await import('../core/CredentialLocationLedger.js');
|
|
9249
|
+
const { CredentialLocationLedger, shouldBootSeedCredentialLedger, shouldRunIdentityAudit } = await import('../core/CredentialLocationLedger.js');
|
|
9250
9250
|
const { CredentialIdentityOracle } = await import('../core/CredentialIdentityOracle.js');
|
|
9251
9251
|
const { CredentialLocationGate } = await import('../core/CredentialLocationGate.js');
|
|
9252
9252
|
const credentialGateEmitAttention = telegram
|
|
@@ -9446,14 +9446,22 @@ export async function startServer(options) {
|
|
|
9446
9446
|
// never blocked on them; failures are loud at the slot level (quarantine + attention) INSIDE
|
|
9447
9447
|
// seedFromOracle. Seeding writes ONLY the local slot→account map — it moves ZERO credentials
|
|
9448
9448
|
// (the executor's dryRun gate + the one-home invariant still guard every real swap). <!-- tracked: 20905 -->
|
|
9449
|
+
// `credSeedInFlight` closes the fresh-agent seed↔audit interleave: a never-seeded boot fires
|
|
9450
|
+
// seedFromOracle() fire-and-forget at t=0, and the boot identity audit fires at t≈90s. If the
|
|
9451
|
+
// oracle hangs past 90s the two passes could otherwise touch the in-memory assignments view at
|
|
9452
|
+
// their respective awaits. isSeeded() does NOT protect this (seedFromOracle bumps version at
|
|
9453
|
+
// 'begin', so isSeeded() flips true mid-seed), so the audit gate also checks this flag.
|
|
9454
|
+
let credSeedInFlight = false;
|
|
9449
9455
|
if (shouldBootSeedCredentialLedger(resolveDevAgentGate(config.subscriptionPool?.credentialRepointing?.enabled, config), credentialLocationLedger.isSeeded())) {
|
|
9456
|
+
credSeedInFlight = true;
|
|
9450
9457
|
void credentialLocationLedger
|
|
9451
9458
|
.seedFromOracle()
|
|
9452
9459
|
.then((outcomes) => {
|
|
9453
9460
|
const assigned = outcomes.filter((o) => o.result === 'assigned').length;
|
|
9454
9461
|
console.log(pc.green(` Credential location ledger seeded: ${assigned}/${outcomes.length} slot(s) mapped`));
|
|
9455
9462
|
})
|
|
9456
|
-
.catch((e) => console.warn(`[CredentialLedger] boot seed failed: ${e instanceof Error ? e.message : String(e)}`))
|
|
9463
|
+
.catch((e) => console.warn(`[CredentialLedger] boot seed failed: ${e instanceof Error ? e.message : String(e)}`))
|
|
9464
|
+
.finally(() => { credSeedInFlight = false; });
|
|
9457
9465
|
}
|
|
9458
9466
|
// B3b — the periodic balancer pass. tick() is a strict no-op while the feature resolves dark
|
|
9459
9467
|
// (so the timer can always run; the gate lives INSIDE tick()), and on a dev agent it runs the
|
|
@@ -9471,6 +9479,54 @@ export async function startServer(options) {
|
|
|
9471
9479
|
.finally(() => { credRebalancerTickInFlight = false; });
|
|
9472
9480
|
}, credRebalancerPassMs);
|
|
9473
9481
|
credRebalancerTimer.unref?.();
|
|
9482
|
+
// B3c — the periodic NON-DESTRUCTIVE identity audit. THE FIX for the inert-optimizer bug:
|
|
9483
|
+
// the rebalancer's every objective (wall-rescue AND the use-it-or-lose-it drain) only acts on
|
|
9484
|
+
// a DESTINATION slot whose identity was verified within `auditCadenceMs` (default 6h). Nothing
|
|
9485
|
+
// re-stamped verification after the boot seed (markVerified had zero callers), so every slot
|
|
9486
|
+
// decayed to "not recently verified" and the rebalancer went permanently inert — it decided
|
|
9487
|
+
// nothing because it had no eligible targets. auditIdentities() re-probes each slot and refreshes
|
|
9488
|
+
// its verification (and lets a since-resolvable slot EXIT quarantine), keeping the optimizer's
|
|
9489
|
+
// target set live. It moves ZERO credentials (ledger verification state only); never triggers a
|
|
9490
|
+
// swap; HOLDS a healthy slot on a transient oracle blip (never re-creates the stall). Same
|
|
9491
|
+
// dev-gate as the rebalancer (strict no-op / no probe on the dark fleet); reentrancy-guarded;
|
|
9492
|
+
// unref'd. Audit cadence = half of auditCadenceMs, capped at 30min, floored at 1min, so a
|
|
9493
|
+
// healthy slot is always re-confirmed well inside the verified-recent window. <!-- tracked: 20905 -->
|
|
9494
|
+
const credAuditCadenceMs = credResolveBalancerConfig({
|
|
9495
|
+
...(config.subscriptionPool?.credentialRepointing?.balancer ?? {}),
|
|
9496
|
+
slotCount: credentialLocationLedger.getAssignments().length,
|
|
9497
|
+
}).auditCadenceMs;
|
|
9498
|
+
const credAuditIntervalMs = Math.max(60_000, Math.min(Math.floor(credAuditCadenceMs / 2), 30 * 60_000));
|
|
9499
|
+
let credAuditInFlight = false;
|
|
9500
|
+
const runCredentialIdentityAudit = async (trigger) => {
|
|
9501
|
+
// Pure, unit-tested gate (shouldRunIdentityAudit): enabled (no-op/no-probe on the dark fleet)
|
|
9502
|
+
// AND seeded AND not UNKNOWN-mode AND not already in flight (reentrancy guard).
|
|
9503
|
+
// `credSeedInFlight` is the runtime seed↔audit interleave guard (a boot seed can be mid-probe
|
|
9504
|
+
// when the boot audit fires); the pure predicate covers the persistent-state gates.
|
|
9505
|
+
if (credSeedInFlight ||
|
|
9506
|
+
!shouldRunIdentityAudit(resolveDevAgentGate(config.subscriptionPool?.credentialRepointing?.enabled, config), credentialLocationLedger.isSeeded(), credentialLocationLedger.isUnknownMode(), credAuditInFlight)) {
|
|
9507
|
+
return;
|
|
9508
|
+
}
|
|
9509
|
+
credAuditInFlight = true;
|
|
9510
|
+
try {
|
|
9511
|
+
const r = await credentialLocationLedger.auditIdentities();
|
|
9512
|
+
if (r.refreshed || r.recovered || r.quarantined) {
|
|
9513
|
+
console.log(pc.dim(` Credential identity audit (${trigger}): ${r.refreshed} refreshed, ${r.recovered} recovered, ${r.quarantined} quarantined, ${r.unresolved} unresolved`));
|
|
9514
|
+
}
|
|
9515
|
+
}
|
|
9516
|
+
catch (e) {
|
|
9517
|
+
console.warn(`[CredentialIdentityAudit] ${trigger} error: ${e instanceof Error ? e.message : String(e)}`);
|
|
9518
|
+
}
|
|
9519
|
+
finally {
|
|
9520
|
+
credAuditInFlight = false;
|
|
9521
|
+
}
|
|
9522
|
+
};
|
|
9523
|
+
// Boot one-shot (delayed so it never races the boot seed) — refreshes stale verification
|
|
9524
|
+
// immediately on restart so a long-running agent's rebalancer has fresh targets without
|
|
9525
|
+
// waiting a full cadence.
|
|
9526
|
+
const credAuditBootTimer = setTimeout(() => void runCredentialIdentityAudit('boot'), 90_000);
|
|
9527
|
+
credAuditBootTimer.unref?.();
|
|
9528
|
+
const credAuditTimer = setInterval(() => void runCredentialIdentityAudit('periodic'), credAuditIntervalMs);
|
|
9529
|
+
credAuditTimer.unref?.();
|
|
9474
9530
|
// QuotaPoller — per-account live quota reader (P1.2 of the Subscription &
|
|
9475
9531
|
// Auth Standard). Reads each account's 5h/weekly utilization + reset dates
|
|
9476
9532
|
// via the OAuth usage endpoint (transient per-account token, never persisted)
|