instar 1.3.605 → 1.3.607
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/commands/server.d.ts.map +1 -1
- package/dist/commands/server.js +140 -1
- package/dist/commands/server.js.map +1 -1
- package/dist/config/ConfigDefaults.d.ts.map +1 -1
- package/dist/config/ConfigDefaults.js +29 -0
- package/dist/config/ConfigDefaults.js.map +1 -1
- package/dist/coordination/CrossMachineMandate.d.ts +53 -0
- package/dist/coordination/CrossMachineMandate.d.ts.map +1 -0
- package/dist/coordination/CrossMachineMandate.js +76 -0
- package/dist/coordination/CrossMachineMandate.js.map +1 -0
- package/dist/core/AccountCredentialShare.d.ts +115 -0
- package/dist/core/AccountCredentialShare.d.ts.map +1 -0
- package/dist/core/AccountCredentialShare.js +113 -0
- package/dist/core/AccountCredentialShare.js.map +1 -0
- package/dist/core/AccountFollowMeGrants.d.ts +92 -0
- package/dist/core/AccountFollowMeGrants.d.ts.map +1 -0
- package/dist/core/AccountFollowMeGrants.js +106 -0
- package/dist/core/AccountFollowMeGrants.js.map +1 -0
- package/dist/core/AutonomousSessions.d.ts +24 -0
- package/dist/core/AutonomousSessions.d.ts.map +1 -1
- package/dist/core/AutonomousSessions.js +22 -0
- package/dist/core/AutonomousSessions.js.map +1 -1
- package/dist/core/CoherenceJournal.d.ts +1 -1
- package/dist/core/CoherenceJournal.d.ts.map +1 -1
- package/dist/core/CoherenceJournal.js +12 -2
- package/dist/core/CoherenceJournal.js.map +1 -1
- package/dist/core/PairingEpochManager.d.ts +68 -0
- package/dist/core/PairingEpochManager.d.ts.map +1 -0
- package/dist/core/PairingEpochManager.js +88 -0
- package/dist/core/PairingEpochManager.js.map +1 -0
- package/dist/core/PostUpdateMigrator.d.ts +13 -0
- package/dist/core/PostUpdateMigrator.d.ts.map +1 -1
- package/dist/core/PostUpdateMigrator.js +105 -0
- package/dist/core/PostUpdateMigrator.js.map +1 -1
- package/dist/core/SecretStore.d.ts +44 -0
- package/dist/core/SecretStore.d.ts.map +1 -1
- package/dist/core/SecretStore.js +126 -0
- package/dist/core/SecretStore.js.map +1 -1
- package/dist/core/SecretSync.d.ts.map +1 -1
- package/dist/core/SecretSync.js +6 -0
- package/dist/core/SecretSync.js.map +1 -1
- package/dist/core/SubscriptionAccountMetaReplicatedStore.d.ts +106 -0
- package/dist/core/SubscriptionAccountMetaReplicatedStore.d.ts.map +1 -0
- package/dist/core/SubscriptionAccountMetaReplicatedStore.js +263 -0
- package/dist/core/SubscriptionAccountMetaReplicatedStore.js.map +1 -0
- package/dist/core/SubscriptionPool.d.ts +23 -5
- package/dist/core/SubscriptionPool.d.ts.map +1 -1
- package/dist/core/SubscriptionPool.js +30 -6
- package/dist/core/SubscriptionPool.js.map +1 -1
- package/dist/core/devGatedFeatures.d.ts.map +1 -1
- package/dist/core/devGatedFeatures.js +12 -0
- package/dist/core/devGatedFeatures.js.map +1 -1
- package/dist/core/types.d.ts +29 -0
- package/dist/core/types.d.ts.map +1 -1
- package/dist/core/types.js.map +1 -1
- package/dist/monitoring/AutonomousProgressHeartbeat.d.ts +169 -0
- package/dist/monitoring/AutonomousProgressHeartbeat.d.ts.map +1 -0
- package/dist/monitoring/AutonomousProgressHeartbeat.js +296 -0
- package/dist/monitoring/AutonomousProgressHeartbeat.js.map +1 -0
- package/dist/monitoring/ProxyCoordinator.d.ts +1 -1
- package/dist/monitoring/ProxyCoordinator.d.ts.map +1 -1
- package/dist/monitoring/autonomousHeartbeatScrub.d.ts +44 -0
- package/dist/monitoring/autonomousHeartbeatScrub.d.ts.map +1 -0
- package/dist/monitoring/autonomousHeartbeatScrub.js +81 -0
- package/dist/monitoring/autonomousHeartbeatScrub.js.map +1 -0
- package/dist/monitoring/sentinelWiring.d.ts +14 -0
- package/dist/monitoring/sentinelWiring.d.ts.map +1 -1
- package/dist/monitoring/sentinelWiring.js +19 -0
- package/dist/monitoring/sentinelWiring.js.map +1 -1
- package/dist/scaffold/templates.d.ts.map +1 -1
- package/dist/scaffold/templates.js +10 -0
- package/dist/scaffold/templates.js.map +1 -1
- package/dist/server/CapabilityIndex.d.ts.map +1 -1
- package/dist/server/CapabilityIndex.js +9 -0
- package/dist/server/CapabilityIndex.js.map +1 -1
- package/dist/server/routes.d.ts.map +1 -1
- package/dist/server/routes.js +15 -0
- package/dist/server/routes.js.map +1 -1
- package/package.json +1 -1
- package/src/data/builtin-manifest.json +63 -63
- package/src/scaffold/templates.ts +10 -0
- package/upgrades/1.3.606.md +28 -0
- package/upgrades/1.3.607.md +25 -0
- package/upgrades/side-effects/autonomous-progress-heartbeat-ratchet-fix.md +36 -0
- package/upgrades/side-effects/autonomous-progress-heartbeat.md +40 -0
- package/upgrades/side-effects/ws52-account-follow-me-pr1.md +74 -0
package/package.json
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
{
|
|
2
2
|
"$schema": "./builtin-manifest.schema.json",
|
|
3
3
|
"schemaVersion": 1,
|
|
4
|
-
"generatedAt": "2026-06-
|
|
5
|
-
"instarVersion": "1.3.
|
|
4
|
+
"generatedAt": "2026-06-17T09:04:32.557Z",
|
|
5
|
+
"instarVersion": "1.3.607",
|
|
6
6
|
"entryCount": 201,
|
|
7
7
|
"entries": {
|
|
8
8
|
"hook:session-start": {
|
|
@@ -11,7 +11,7 @@
|
|
|
11
11
|
"domain": "identity",
|
|
12
12
|
"sourcePath": "src/core/PostUpdateMigrator.ts",
|
|
13
13
|
"installedPath": ".instar/hooks/instar/session-start.sh",
|
|
14
|
-
"contentHash": "
|
|
14
|
+
"contentHash": "6ba8eb8270f39534f0bb43af9a9c73d89f768df0b5fea421e3673cb6791b5f7c",
|
|
15
15
|
"since": "2025-01-01"
|
|
16
16
|
},
|
|
17
17
|
"hook:dangerous-command-guard": {
|
|
@@ -20,7 +20,7 @@
|
|
|
20
20
|
"domain": "safety",
|
|
21
21
|
"sourcePath": "src/core/PostUpdateMigrator.ts",
|
|
22
22
|
"installedPath": ".instar/hooks/instar/dangerous-command-guard.sh",
|
|
23
|
-
"contentHash": "
|
|
23
|
+
"contentHash": "6ba8eb8270f39534f0bb43af9a9c73d89f768df0b5fea421e3673cb6791b5f7c",
|
|
24
24
|
"since": "2025-01-01"
|
|
25
25
|
},
|
|
26
26
|
"hook:grounding-before-messaging": {
|
|
@@ -29,7 +29,7 @@
|
|
|
29
29
|
"domain": "safety",
|
|
30
30
|
"sourcePath": "src/core/PostUpdateMigrator.ts",
|
|
31
31
|
"installedPath": ".instar/hooks/instar/grounding-before-messaging.sh",
|
|
32
|
-
"contentHash": "
|
|
32
|
+
"contentHash": "6ba8eb8270f39534f0bb43af9a9c73d89f768df0b5fea421e3673cb6791b5f7c",
|
|
33
33
|
"since": "2025-01-01"
|
|
34
34
|
},
|
|
35
35
|
"hook:compaction-recovery": {
|
|
@@ -38,7 +38,7 @@
|
|
|
38
38
|
"domain": "identity",
|
|
39
39
|
"sourcePath": "src/core/PostUpdateMigrator.ts",
|
|
40
40
|
"installedPath": ".instar/hooks/instar/compaction-recovery.sh",
|
|
41
|
-
"contentHash": "
|
|
41
|
+
"contentHash": "6ba8eb8270f39534f0bb43af9a9c73d89f768df0b5fea421e3673cb6791b5f7c",
|
|
42
42
|
"since": "2025-01-01"
|
|
43
43
|
},
|
|
44
44
|
"hook:external-operation-gate": {
|
|
@@ -47,7 +47,7 @@
|
|
|
47
47
|
"domain": "safety",
|
|
48
48
|
"sourcePath": "src/core/PostUpdateMigrator.ts",
|
|
49
49
|
"installedPath": ".instar/hooks/instar/external-operation-gate.js",
|
|
50
|
-
"contentHash": "
|
|
50
|
+
"contentHash": "6ba8eb8270f39534f0bb43af9a9c73d89f768df0b5fea421e3673cb6791b5f7c",
|
|
51
51
|
"since": "2025-01-01"
|
|
52
52
|
},
|
|
53
53
|
"hook:deferral-detector": {
|
|
@@ -56,7 +56,7 @@
|
|
|
56
56
|
"domain": "safety",
|
|
57
57
|
"sourcePath": "src/core/PostUpdateMigrator.ts",
|
|
58
58
|
"installedPath": ".instar/hooks/instar/deferral-detector.js",
|
|
59
|
-
"contentHash": "
|
|
59
|
+
"contentHash": "6ba8eb8270f39534f0bb43af9a9c73d89f768df0b5fea421e3673cb6791b5f7c",
|
|
60
60
|
"since": "2025-01-01"
|
|
61
61
|
},
|
|
62
62
|
"hook:self-stop-guard": {
|
|
@@ -65,7 +65,7 @@
|
|
|
65
65
|
"domain": "coherence",
|
|
66
66
|
"sourcePath": "src/core/PostUpdateMigrator.ts",
|
|
67
67
|
"installedPath": ".instar/hooks/instar/self-stop-guard.js",
|
|
68
|
-
"contentHash": "
|
|
68
|
+
"contentHash": "6ba8eb8270f39534f0bb43af9a9c73d89f768df0b5fea421e3673cb6791b5f7c",
|
|
69
69
|
"since": "2025-01-01"
|
|
70
70
|
},
|
|
71
71
|
"hook:post-action-reflection": {
|
|
@@ -74,7 +74,7 @@
|
|
|
74
74
|
"domain": "evolution",
|
|
75
75
|
"sourcePath": "src/core/PostUpdateMigrator.ts",
|
|
76
76
|
"installedPath": ".instar/hooks/instar/post-action-reflection.js",
|
|
77
|
-
"contentHash": "
|
|
77
|
+
"contentHash": "6ba8eb8270f39534f0bb43af9a9c73d89f768df0b5fea421e3673cb6791b5f7c",
|
|
78
78
|
"since": "2025-01-01"
|
|
79
79
|
},
|
|
80
80
|
"hook:external-communication-guard": {
|
|
@@ -83,7 +83,7 @@
|
|
|
83
83
|
"domain": "safety",
|
|
84
84
|
"sourcePath": "src/core/PostUpdateMigrator.ts",
|
|
85
85
|
"installedPath": ".instar/hooks/instar/external-communication-guard.js",
|
|
86
|
-
"contentHash": "
|
|
86
|
+
"contentHash": "6ba8eb8270f39534f0bb43af9a9c73d89f768df0b5fea421e3673cb6791b5f7c",
|
|
87
87
|
"since": "2025-01-01"
|
|
88
88
|
},
|
|
89
89
|
"hook:scope-coherence-collector": {
|
|
@@ -92,7 +92,7 @@
|
|
|
92
92
|
"domain": "coherence",
|
|
93
93
|
"sourcePath": "src/core/PostUpdateMigrator.ts",
|
|
94
94
|
"installedPath": ".instar/hooks/instar/scope-coherence-collector.js",
|
|
95
|
-
"contentHash": "
|
|
95
|
+
"contentHash": "6ba8eb8270f39534f0bb43af9a9c73d89f768df0b5fea421e3673cb6791b5f7c",
|
|
96
96
|
"since": "2025-01-01"
|
|
97
97
|
},
|
|
98
98
|
"hook:scope-coherence-checkpoint": {
|
|
@@ -101,7 +101,7 @@
|
|
|
101
101
|
"domain": "coherence",
|
|
102
102
|
"sourcePath": "src/core/PostUpdateMigrator.ts",
|
|
103
103
|
"installedPath": ".instar/hooks/instar/scope-coherence-checkpoint.js",
|
|
104
|
-
"contentHash": "
|
|
104
|
+
"contentHash": "6ba8eb8270f39534f0bb43af9a9c73d89f768df0b5fea421e3673cb6791b5f7c",
|
|
105
105
|
"since": "2025-01-01"
|
|
106
106
|
},
|
|
107
107
|
"hook:free-text-guard": {
|
|
@@ -110,7 +110,7 @@
|
|
|
110
110
|
"domain": "safety",
|
|
111
111
|
"sourcePath": "src/core/PostUpdateMigrator.ts",
|
|
112
112
|
"installedPath": ".instar/hooks/instar/free-text-guard.sh",
|
|
113
|
-
"contentHash": "
|
|
113
|
+
"contentHash": "6ba8eb8270f39534f0bb43af9a9c73d89f768df0b5fea421e3673cb6791b5f7c",
|
|
114
114
|
"since": "2025-01-01"
|
|
115
115
|
},
|
|
116
116
|
"hook:claim-intercept": {
|
|
@@ -119,7 +119,7 @@
|
|
|
119
119
|
"domain": "coherence",
|
|
120
120
|
"sourcePath": "src/core/PostUpdateMigrator.ts",
|
|
121
121
|
"installedPath": ".instar/hooks/instar/claim-intercept.js",
|
|
122
|
-
"contentHash": "
|
|
122
|
+
"contentHash": "6ba8eb8270f39534f0bb43af9a9c73d89f768df0b5fea421e3673cb6791b5f7c",
|
|
123
123
|
"since": "2025-01-01"
|
|
124
124
|
},
|
|
125
125
|
"hook:claim-intercept-response": {
|
|
@@ -128,7 +128,7 @@
|
|
|
128
128
|
"domain": "coherence",
|
|
129
129
|
"sourcePath": "src/core/PostUpdateMigrator.ts",
|
|
130
130
|
"installedPath": ".instar/hooks/instar/claim-intercept-response.js",
|
|
131
|
-
"contentHash": "
|
|
131
|
+
"contentHash": "6ba8eb8270f39534f0bb43af9a9c73d89f768df0b5fea421e3673cb6791b5f7c",
|
|
132
132
|
"since": "2025-01-01"
|
|
133
133
|
},
|
|
134
134
|
"hook:stop-gate-router": {
|
|
@@ -137,7 +137,7 @@
|
|
|
137
137
|
"domain": "safety",
|
|
138
138
|
"sourcePath": "src/core/PostUpdateMigrator.ts",
|
|
139
139
|
"installedPath": ".instar/hooks/instar/stop-gate-router.js",
|
|
140
|
-
"contentHash": "
|
|
140
|
+
"contentHash": "6ba8eb8270f39534f0bb43af9a9c73d89f768df0b5fea421e3673cb6791b5f7c",
|
|
141
141
|
"since": "2025-01-01"
|
|
142
142
|
},
|
|
143
143
|
"hook:auto-approve-permissions": {
|
|
@@ -146,7 +146,7 @@
|
|
|
146
146
|
"domain": "safety",
|
|
147
147
|
"sourcePath": "src/core/PostUpdateMigrator.ts",
|
|
148
148
|
"installedPath": ".instar/hooks/instar/auto-approve-permissions.js",
|
|
149
|
-
"contentHash": "
|
|
149
|
+
"contentHash": "6ba8eb8270f39534f0bb43af9a9c73d89f768df0b5fea421e3673cb6791b5f7c",
|
|
150
150
|
"since": "2025-01-01"
|
|
151
151
|
},
|
|
152
152
|
"job:health-check": {
|
|
@@ -418,7 +418,7 @@
|
|
|
418
418
|
"type": "route-group",
|
|
419
419
|
"domain": "monitoring",
|
|
420
420
|
"sourcePath": "src/server/routes.ts",
|
|
421
|
-
"contentHash": "
|
|
421
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
422
422
|
"since": "2025-01-01"
|
|
423
423
|
},
|
|
424
424
|
"route-group:agents": {
|
|
@@ -426,7 +426,7 @@
|
|
|
426
426
|
"type": "route-group",
|
|
427
427
|
"domain": "sessions",
|
|
428
428
|
"sourcePath": "src/server/routes.ts",
|
|
429
|
-
"contentHash": "
|
|
429
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
430
430
|
"since": "2025-01-01"
|
|
431
431
|
},
|
|
432
432
|
"route-group:backups": {
|
|
@@ -434,7 +434,7 @@
|
|
|
434
434
|
"type": "route-group",
|
|
435
435
|
"domain": "operations",
|
|
436
436
|
"sourcePath": "src/server/routes.ts",
|
|
437
|
-
"contentHash": "
|
|
437
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
438
438
|
"since": "2025-01-01"
|
|
439
439
|
},
|
|
440
440
|
"route-group:git": {
|
|
@@ -442,7 +442,7 @@
|
|
|
442
442
|
"type": "route-group",
|
|
443
443
|
"domain": "coordination",
|
|
444
444
|
"sourcePath": "src/server/routes.ts",
|
|
445
|
-
"contentHash": "
|
|
445
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
446
446
|
"since": "2025-01-01"
|
|
447
447
|
},
|
|
448
448
|
"route-group:memory": {
|
|
@@ -450,7 +450,7 @@
|
|
|
450
450
|
"type": "route-group",
|
|
451
451
|
"domain": "memory",
|
|
452
452
|
"sourcePath": "src/server/routes.ts",
|
|
453
|
-
"contentHash": "
|
|
453
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
454
454
|
"since": "2025-01-01"
|
|
455
455
|
},
|
|
456
456
|
"route-group:semantic": {
|
|
@@ -458,7 +458,7 @@
|
|
|
458
458
|
"type": "route-group",
|
|
459
459
|
"domain": "memory",
|
|
460
460
|
"sourcePath": "src/server/routes.ts",
|
|
461
|
-
"contentHash": "
|
|
461
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
462
462
|
"since": "2025-01-01"
|
|
463
463
|
},
|
|
464
464
|
"route-group:status": {
|
|
@@ -466,7 +466,7 @@
|
|
|
466
466
|
"type": "route-group",
|
|
467
467
|
"domain": "monitoring",
|
|
468
468
|
"sourcePath": "src/server/routes.ts",
|
|
469
|
-
"contentHash": "
|
|
469
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
470
470
|
"since": "2025-01-01"
|
|
471
471
|
},
|
|
472
472
|
"route-group:capabilities": {
|
|
@@ -474,7 +474,7 @@
|
|
|
474
474
|
"type": "route-group",
|
|
475
475
|
"domain": "mapping",
|
|
476
476
|
"sourcePath": "src/server/routes.ts",
|
|
477
|
-
"contentHash": "
|
|
477
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
478
478
|
"since": "2025-01-01"
|
|
479
479
|
},
|
|
480
480
|
"route-group:project-map": {
|
|
@@ -482,7 +482,7 @@
|
|
|
482
482
|
"type": "route-group",
|
|
483
483
|
"domain": "mapping",
|
|
484
484
|
"sourcePath": "src/server/routes.ts",
|
|
485
|
-
"contentHash": "
|
|
485
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
486
486
|
"since": "2025-01-01"
|
|
487
487
|
},
|
|
488
488
|
"route-group:coherence": {
|
|
@@ -490,7 +490,7 @@
|
|
|
490
490
|
"type": "route-group",
|
|
491
491
|
"domain": "coherence",
|
|
492
492
|
"sourcePath": "src/server/routes.ts",
|
|
493
|
-
"contentHash": "
|
|
493
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
494
494
|
"since": "2025-01-01"
|
|
495
495
|
},
|
|
496
496
|
"route-group:topic-bindings": {
|
|
@@ -498,7 +498,7 @@
|
|
|
498
498
|
"type": "route-group",
|
|
499
499
|
"domain": "sessions",
|
|
500
500
|
"sourcePath": "src/server/routes.ts",
|
|
501
|
-
"contentHash": "
|
|
501
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
502
502
|
"since": "2025-01-01"
|
|
503
503
|
},
|
|
504
504
|
"route-group:context": {
|
|
@@ -506,7 +506,7 @@
|
|
|
506
506
|
"type": "route-group",
|
|
507
507
|
"domain": "context",
|
|
508
508
|
"sourcePath": "src/server/routes.ts",
|
|
509
|
-
"contentHash": "
|
|
509
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
510
510
|
"since": "2025-01-01"
|
|
511
511
|
},
|
|
512
512
|
"route-group:scope-coherence": {
|
|
@@ -514,7 +514,7 @@
|
|
|
514
514
|
"type": "route-group",
|
|
515
515
|
"domain": "coherence",
|
|
516
516
|
"sourcePath": "src/server/routes.ts",
|
|
517
|
-
"contentHash": "
|
|
517
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
518
518
|
"since": "2025-01-01"
|
|
519
519
|
},
|
|
520
520
|
"route-group:canonical-state": {
|
|
@@ -522,7 +522,7 @@
|
|
|
522
522
|
"type": "route-group",
|
|
523
523
|
"domain": "state",
|
|
524
524
|
"sourcePath": "src/server/routes.ts",
|
|
525
|
-
"contentHash": "
|
|
525
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
526
526
|
"since": "2025-01-01"
|
|
527
527
|
},
|
|
528
528
|
"route-group:ci": {
|
|
@@ -530,7 +530,7 @@
|
|
|
530
530
|
"type": "route-group",
|
|
531
531
|
"domain": "monitoring",
|
|
532
532
|
"sourcePath": "src/server/routes.ts",
|
|
533
|
-
"contentHash": "
|
|
533
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
534
534
|
"since": "2025-01-01"
|
|
535
535
|
},
|
|
536
536
|
"route-group:sessions": {
|
|
@@ -538,7 +538,7 @@
|
|
|
538
538
|
"type": "route-group",
|
|
539
539
|
"domain": "sessions",
|
|
540
540
|
"sourcePath": "src/server/routes.ts",
|
|
541
|
-
"contentHash": "
|
|
541
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
542
542
|
"since": "2025-01-01"
|
|
543
543
|
},
|
|
544
544
|
"route-group:jobs": {
|
|
@@ -546,7 +546,7 @@
|
|
|
546
546
|
"type": "route-group",
|
|
547
547
|
"domain": "scheduling",
|
|
548
548
|
"sourcePath": "src/server/routes.ts",
|
|
549
|
-
"contentHash": "
|
|
549
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
550
550
|
"since": "2025-01-01"
|
|
551
551
|
},
|
|
552
552
|
"route-group:skip-ledger": {
|
|
@@ -554,7 +554,7 @@
|
|
|
554
554
|
"type": "route-group",
|
|
555
555
|
"domain": "scheduling",
|
|
556
556
|
"sourcePath": "src/server/routes.ts",
|
|
557
|
-
"contentHash": "
|
|
557
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
558
558
|
"since": "2025-01-01"
|
|
559
559
|
},
|
|
560
560
|
"route-group:telegram": {
|
|
@@ -562,7 +562,7 @@
|
|
|
562
562
|
"type": "route-group",
|
|
563
563
|
"domain": "communication",
|
|
564
564
|
"sourcePath": "src/server/routes.ts",
|
|
565
|
-
"contentHash": "
|
|
565
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
566
566
|
"since": "2025-01-01"
|
|
567
567
|
},
|
|
568
568
|
"route-group:attention": {
|
|
@@ -570,7 +570,7 @@
|
|
|
570
570
|
"type": "route-group",
|
|
571
571
|
"domain": "communication",
|
|
572
572
|
"sourcePath": "src/server/routes.ts",
|
|
573
|
-
"contentHash": "
|
|
573
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
574
574
|
"since": "2025-01-01"
|
|
575
575
|
},
|
|
576
576
|
"route-group:relationships": {
|
|
@@ -578,7 +578,7 @@
|
|
|
578
578
|
"type": "route-group",
|
|
579
579
|
"domain": "relationships",
|
|
580
580
|
"sourcePath": "src/server/routes.ts",
|
|
581
|
-
"contentHash": "
|
|
581
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
582
582
|
"since": "2025-01-01"
|
|
583
583
|
},
|
|
584
584
|
"route-group:feedback": {
|
|
@@ -586,7 +586,7 @@
|
|
|
586
586
|
"type": "route-group",
|
|
587
587
|
"domain": "feedback",
|
|
588
588
|
"sourcePath": "src/server/routes.ts",
|
|
589
|
-
"contentHash": "
|
|
589
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
590
590
|
"since": "2025-01-01"
|
|
591
591
|
},
|
|
592
592
|
"route-group:updates": {
|
|
@@ -594,7 +594,7 @@
|
|
|
594
594
|
"type": "route-group",
|
|
595
595
|
"domain": "updates",
|
|
596
596
|
"sourcePath": "src/server/routes.ts",
|
|
597
|
-
"contentHash": "
|
|
597
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
598
598
|
"since": "2025-01-01"
|
|
599
599
|
},
|
|
600
600
|
"route-group:dispatches": {
|
|
@@ -602,7 +602,7 @@
|
|
|
602
602
|
"type": "route-group",
|
|
603
603
|
"domain": "dispatches",
|
|
604
604
|
"sourcePath": "src/server/routes.ts",
|
|
605
|
-
"contentHash": "
|
|
605
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
606
606
|
"since": "2025-01-01"
|
|
607
607
|
},
|
|
608
608
|
"route-group:quota": {
|
|
@@ -610,7 +610,7 @@
|
|
|
610
610
|
"type": "route-group",
|
|
611
611
|
"domain": "monitoring",
|
|
612
612
|
"sourcePath": "src/server/routes.ts",
|
|
613
|
-
"contentHash": "
|
|
613
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
614
614
|
"since": "2025-01-01"
|
|
615
615
|
},
|
|
616
616
|
"route-group:publishing": {
|
|
@@ -618,7 +618,7 @@
|
|
|
618
618
|
"type": "route-group",
|
|
619
619
|
"domain": "publishing",
|
|
620
620
|
"sourcePath": "src/server/routes.ts",
|
|
621
|
-
"contentHash": "
|
|
621
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
622
622
|
"since": "2025-01-01"
|
|
623
623
|
},
|
|
624
624
|
"route-group:private-views": {
|
|
@@ -626,7 +626,7 @@
|
|
|
626
626
|
"type": "route-group",
|
|
627
627
|
"domain": "publishing",
|
|
628
628
|
"sourcePath": "src/server/routes.ts",
|
|
629
|
-
"contentHash": "
|
|
629
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
630
630
|
"since": "2025-01-01"
|
|
631
631
|
},
|
|
632
632
|
"route-group:tunnel": {
|
|
@@ -634,7 +634,7 @@
|
|
|
634
634
|
"type": "route-group",
|
|
635
635
|
"domain": "networking",
|
|
636
636
|
"sourcePath": "src/server/routes.ts",
|
|
637
|
-
"contentHash": "
|
|
637
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
638
638
|
"since": "2025-01-01"
|
|
639
639
|
},
|
|
640
640
|
"route-group:events": {
|
|
@@ -642,7 +642,7 @@
|
|
|
642
642
|
"type": "route-group",
|
|
643
643
|
"domain": "networking",
|
|
644
644
|
"sourcePath": "src/server/routes.ts",
|
|
645
|
-
"contentHash": "
|
|
645
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
646
646
|
"since": "2025-01-01"
|
|
647
647
|
},
|
|
648
648
|
"route-group:evolution": {
|
|
@@ -650,7 +650,7 @@
|
|
|
650
650
|
"type": "route-group",
|
|
651
651
|
"domain": "evolution",
|
|
652
652
|
"sourcePath": "src/server/routes.ts",
|
|
653
|
-
"contentHash": "
|
|
653
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
654
654
|
"since": "2025-01-01"
|
|
655
655
|
},
|
|
656
656
|
"route-group:watchdog": {
|
|
@@ -658,7 +658,7 @@
|
|
|
658
658
|
"type": "route-group",
|
|
659
659
|
"domain": "monitoring",
|
|
660
660
|
"sourcePath": "src/server/routes.ts",
|
|
661
|
-
"contentHash": "
|
|
661
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
662
662
|
"since": "2025-01-01"
|
|
663
663
|
},
|
|
664
664
|
"route-group:topic-memory": {
|
|
@@ -666,7 +666,7 @@
|
|
|
666
666
|
"type": "route-group",
|
|
667
667
|
"domain": "memory",
|
|
668
668
|
"sourcePath": "src/server/routes.ts",
|
|
669
|
-
"contentHash": "
|
|
669
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
670
670
|
"since": "2025-01-01"
|
|
671
671
|
},
|
|
672
672
|
"route-group:state-sync": {
|
|
@@ -674,7 +674,7 @@
|
|
|
674
674
|
"type": "route-group",
|
|
675
675
|
"domain": "coordination",
|
|
676
676
|
"sourcePath": "src/server/routes.ts",
|
|
677
|
-
"contentHash": "
|
|
677
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
678
678
|
"since": "2025-01-01"
|
|
679
679
|
},
|
|
680
680
|
"route-group:intent": {
|
|
@@ -682,7 +682,7 @@
|
|
|
682
682
|
"type": "route-group",
|
|
683
683
|
"domain": "intent",
|
|
684
684
|
"sourcePath": "src/server/routes.ts",
|
|
685
|
-
"contentHash": "
|
|
685
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
686
686
|
"since": "2025-01-01"
|
|
687
687
|
},
|
|
688
688
|
"route-group:triage": {
|
|
@@ -690,7 +690,7 @@
|
|
|
690
690
|
"type": "route-group",
|
|
691
691
|
"domain": "safety",
|
|
692
692
|
"sourcePath": "src/server/routes.ts",
|
|
693
|
-
"contentHash": "
|
|
693
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
694
694
|
"since": "2025-01-01"
|
|
695
695
|
},
|
|
696
696
|
"route-group:operations": {
|
|
@@ -698,7 +698,7 @@
|
|
|
698
698
|
"type": "route-group",
|
|
699
699
|
"domain": "safety",
|
|
700
700
|
"sourcePath": "src/server/routes.ts",
|
|
701
|
-
"contentHash": "
|
|
701
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
702
702
|
"since": "2025-01-01"
|
|
703
703
|
},
|
|
704
704
|
"route-group:sentinel": {
|
|
@@ -706,7 +706,7 @@
|
|
|
706
706
|
"type": "route-group",
|
|
707
707
|
"domain": "safety",
|
|
708
708
|
"sourcePath": "src/server/routes.ts",
|
|
709
|
-
"contentHash": "
|
|
709
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
710
710
|
"since": "2025-01-01"
|
|
711
711
|
},
|
|
712
712
|
"route-group:trust": {
|
|
@@ -714,7 +714,7 @@
|
|
|
714
714
|
"type": "route-group",
|
|
715
715
|
"domain": "safety",
|
|
716
716
|
"sourcePath": "src/server/routes.ts",
|
|
717
|
-
"contentHash": "
|
|
717
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
718
718
|
"since": "2025-01-01"
|
|
719
719
|
},
|
|
720
720
|
"route-group:monitoring": {
|
|
@@ -722,7 +722,7 @@
|
|
|
722
722
|
"type": "route-group",
|
|
723
723
|
"domain": "monitoring",
|
|
724
724
|
"sourcePath": "src/server/routes.ts",
|
|
725
|
-
"contentHash": "
|
|
725
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
726
726
|
"since": "2025-01-01"
|
|
727
727
|
},
|
|
728
728
|
"route-group:commitments": {
|
|
@@ -730,7 +730,7 @@
|
|
|
730
730
|
"type": "route-group",
|
|
731
731
|
"domain": "commitments",
|
|
732
732
|
"sourcePath": "src/server/routes.ts",
|
|
733
|
-
"contentHash": "
|
|
733
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
734
734
|
"since": "2025-01-01"
|
|
735
735
|
},
|
|
736
736
|
"route-group:episodes": {
|
|
@@ -738,7 +738,7 @@
|
|
|
738
738
|
"type": "route-group",
|
|
739
739
|
"domain": "memory",
|
|
740
740
|
"sourcePath": "src/server/routes.ts",
|
|
741
|
-
"contentHash": "
|
|
741
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
742
742
|
"since": "2025-01-01"
|
|
743
743
|
},
|
|
744
744
|
"route-group:messages": {
|
|
@@ -746,7 +746,7 @@
|
|
|
746
746
|
"type": "route-group",
|
|
747
747
|
"domain": "coordination",
|
|
748
748
|
"sourcePath": "src/server/routes.ts",
|
|
749
|
-
"contentHash": "
|
|
749
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
750
750
|
"since": "2025-01-01"
|
|
751
751
|
},
|
|
752
752
|
"route-group:system-reviews": {
|
|
@@ -754,7 +754,7 @@
|
|
|
754
754
|
"type": "route-group",
|
|
755
755
|
"domain": "monitoring",
|
|
756
756
|
"sourcePath": "src/server/routes.ts",
|
|
757
|
-
"contentHash": "
|
|
757
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
758
758
|
"since": "2025-01-01"
|
|
759
759
|
},
|
|
760
760
|
"route-group:machine-mesh": {
|
|
@@ -770,7 +770,7 @@
|
|
|
770
770
|
"type": "route-group",
|
|
771
771
|
"domain": "security",
|
|
772
772
|
"sourcePath": "src/server/routes.ts",
|
|
773
|
-
"contentHash": "
|
|
773
|
+
"contentHash": "c45de820e9612abb3e48d432553ce129c45b36d9a772ddba5074c2b26859317e",
|
|
774
774
|
"since": "2025-01-01"
|
|
775
775
|
},
|
|
776
776
|
"cli:init": {
|
|
@@ -1554,7 +1554,7 @@
|
|
|
1554
1554
|
"type": "subsystem",
|
|
1555
1555
|
"domain": "updates",
|
|
1556
1556
|
"sourcePath": "src/core/PostUpdateMigrator.ts",
|
|
1557
|
-
"contentHash": "
|
|
1557
|
+
"contentHash": "6ba8eb8270f39534f0bb43af9a9c73d89f768df0b5fea421e3673cb6791b5f7c",
|
|
1558
1558
|
"since": "2025-01-01"
|
|
1559
1559
|
},
|
|
1560
1560
|
"subsystem:scheduler": {
|
|
@@ -550,6 +550,9 @@ Every guard (monitoring sentinels, reapers, the scheduler, …) is graded by wha
|
|
|
550
550
|
- **Topic-operator binding is the THIRD PII store** (WS2.6): when enabled, the VERIFIED operator a topic was bound to on one machine is VISIBLE as advisory context on the others. THE LOAD-BEARING SAFETY RULE (Know Your Principal): a replicated topic-operator record is UNTRUSTED peer data — it is NEVER my authoritative answer to "who is my verified operator of this topic?". Only the LOCAL binding from an AUTHENTICATED sender (TopicOperatorStore.setOperator) is authoritative; a replicated record can NEVER establish or override an operator — it is rendered as quoted untrusted data that explicitly says so. Cross-machine identity is keyed on \`sha256(topicId + ":" + verified-uid)\`, NEVER a content-name. An unbind propagates a tombstone. Enable with \`multiMachine.stateSync.topicOperator\` (ships dark: \`enabled:false\`, \`dryRun:true\`). With user-registry + topic-operator, the WS2 memory family is COMPLETE (7 kinds; playbook deferred).
|
|
551
551
|
- **When to use** (PROACTIVE — these are the triggers): the user asks "why do I have two versions of preference X?" → read open conflicts and present them for resolution. The user says "roll back machine Y's data / forget what the other machine learned" → un-merge that origin. The user asks "is my relationship/contact data shared across machines / is it encrypted on the other machine?" → explain the at-rest honesty above (transit encrypted; at-rest plaintext on each machine). The user asks "do my learnings/lessons follow me across machines?" → yes when \`stateSync.learnings\` is on (the same lesson collapses by content fingerprint, never duplicates). The user asks "do my ingested sources / knowledge base follow me across machines?" → yes when \`stateSync.knowledge\` is on (the same source collapses by content fingerprint; only the catalog metadata syncs, not the file body). The user asks "do my action items / commitments follow me across machines?" → yes when \`stateSync.evolutionActions\` is on (the same action collapses by content fingerprint; a peer sees its real status so it does not redo completed work). The user asks "do my registered users follow me across machines?" → yes when \`stateSync.userRegistry\` is on (keyed on the channel set; but identity resolution of an inbound sender stays local-authoritative). The user asks "do you know who my verified operator is on the other machine?" → a replicated topic-operator record is advisory context ONLY; my authoritative operator is always the locally auth-bound one. Spec: \`docs/specs/multi-machine-replicated-store-foundation.md\` §7, \`docs/specs/ws23-relationships-userregistry-security.md\`.
|
|
552
552
|
|
|
553
|
+
**Cross-Machine Account Follow-Me (WS5.2 — seamless account/quota sharing)** — When I run on more than one machine, "log in once, the account works everywhere" is delivered the ToS-SAFE way: each machine RE-MINTS its OWN login (operator approves once per machine; Mechanism B — default), and NO Claude OAuth token is ever copied between machines (Anthropic's ToS forbids relocating a Claude login). Only a redacted, credential-free METADATA projection of each account (id, nickname, email, provider, framework, status, quota) replicates so a peer KNOWS an account's depth/quota — the login LOCATION (configHome) and every credential field are STRIPPED and never cross the wire. A cross-machine credential SHARE (Mechanism A, sealed-transport) is fully designed but REFUSED for Anthropic by default (per-provider allowlist, default empty). Authorization is operator-mandate-gated (deny-by-default; a peer can NEVER enroll an account onto itself via the mesh), the cross-machine mandate carries an asymmetric Ed25519 issuance signature (the local HMAC proof is machine-local), de-pairing ROTATES the recipient key so old sealed credentials die, and per-account spend is lease-sliced (sum-of-leases bound). Ships DARK on the fleet, LIVE on a development agent (dogfooding); gate: \`multiMachine.accountFollowMe\`. Spec: \`docs/specs/ws52-account-follow-me-security.md\`.
|
|
554
|
+
- **When to use** (PROACTIVE): the user asks "do I have to log my account in on every machine?" / "share my account across machines" → explain the re-mint-per-machine model (one approval per machine, then that machine serves from the shared pool's quota; no token copied). "is my login copied to my other machines?" → NO — only non-credential account metadata replicates; each machine holds its own grant.
|
|
555
|
+
|
|
553
556
|
**Relationships** — Track people I interact with.
|
|
554
557
|
- List: \`curl -H "Authorization: Bearer $AUTH" http://localhost:${port}/relationships\`
|
|
555
558
|
|
|
@@ -1566,6 +1569,13 @@ Two background notifiers used to post frequent, falsely-confident noise because
|
|
|
1566
1569
|
- **Silent-freeze watchdog** (ActiveWorkSilenceSentinel): before claiming a session is stuck, it re-captures the LIVE frame and corroborates — if the frame still shows an active-work indicator (spinner / "esc to interrupt"), a sub-agent is live, or it's a clean idle prompt, it stays SILENT. It speaks only when genuinely wedged, and even then hedges ("…hasn't changed in N min and a nudge didn't wake it — it may be stuck, or on a long task I can't see into. Want me to check?"). Threshold raised 15m→30m; a 90m frozen-indicator backstop still surfaces a real mid-tool hang. Tune/disable: \`monitoring.activeWorkSilenceSentinel.enabled\` (off), \`.silenceThresholdMs\` (default 30m), \`.activeWorkMaxFrozenIndicatorMs\` (default 90m).
|
|
1567
1570
|
- **Promise beacon** (the ⏳ heartbeats): the zero-information "still on it, no new output" filler is suppressed by default — it speaks only on genuine new progress, deadline pressure, a sparse once-per-60m liveness line, or a one-shot turn-finished close-out. Base cadence relaxed 10m→20m. Tune/disable: \`promiseBeacon.suppressUnchangedHeartbeats: false\` (restore the legacy every-tick heartbeat — the rollback lever), \`promiseBeacon.beaconLivenessIntervalMs\` (default 60m), \`promiseBeacon.turnFinishedCloseoutChecks\` (default 3).
|
|
1568
1571
|
- **Doc correction:** the trio's escalations are NOT gated by \`monitoring.sentinelTelegramEscalation\` (that gate governs a different path); they route through the tone-gated \`/attention\` surface and are controlled by each sentinel's own \`enabled\` flag (both default true). Effectiveness is measurable in \`logs/sentinel-events.jsonl\` and the per-feature LLM-metrics surface (feature keys \`active-work-silence\`, \`promise-beacon\`). Spec: \`docs/specs/HONEST-PROGRESS-MESSAGING-SPEC.md\`.
|
|
1572
|
+
|
|
1573
|
+
## Autonomous-run silence backstop (AutonomousProgressHeartbeat)
|
|
1574
|
+
|
|
1575
|
+
A proactive backstop that posts ONE purely-observational liveness line when an autonomous run has gone silent on you for a long stretch while its terminal output is still changing. **This is NOT the commitment-cadence "still on it" heartbeat that the honest-progress work removed** — it fires only on a LONG user-silence gate (≥25m) WITH corroborated recent output change (a liveness signal, NOT a progress claim), and the wording is observational ("I haven't posted here in a while — last observed activity was «…». Message me if you need me."), never an assertive "still working" / "still going" claim. It closes the *busy-but-silent-to-user* gap the other watchers miss: the silent-freeze watchdog stays quiet while output is moving (it's a stuck-detector), PresenceProxy needs an inbound message, and PromiseBeacon needs an open commitment — a long heads-down autonomous run with no commitment and no inbound message falls through all three. The real fix is still you sending your own milestones; this only catches a lapse.
|
|
1576
|
+
- **It can't spam you (three LOCAL brakes, NOT dedup):** a long user-silence gate that ANY outbound (including your own normal reply) resets; a per-topic emit-cooldown; and a widening per-run backoff (25→40→60→90m) with a hard cap (~6 lines per run). A 24h silent-but-working run yields a handful of hedged lines, never dozens. Output advancing proves only LIVENESS, never that work is progressing (a log/retry loop also advances output) — which is exactly why the wording is liveness-only.
|
|
1577
|
+
- **Signal-only:** it only ever ADDS a line — never blocks, delays, or rewrites your real messages. Every predicate fails CLOSED (no emit) on any uncertainty (can't read history, the shared snapshot is unavailable, the run is mid-move to another machine). The interpolated \`focus\` is scrubbed for credentials/secrets/paths (drop-to-generic on any match), length-clamped, and HTML-escaped before it's ever shown.
|
|
1578
|
+
- **Status:** \`curl -H "Authorization: Bearer $AUTH" http://localhost:4042/autonomous-heartbeat\` → \`{ enabled, dryRun, silenceThresholdMinutes, lastTickAt, topicsConsidered, lastEmits }\` (503 when dark). Ships dark on the fleet + \`dryRun: true\` on a dev agent (logs "would emit" on the SAME cooldown/budget as live). Tune/disable: \`monitoring.autonomousHeartbeat\` (\`dryRun\`, \`silenceThresholdMinutes\`, \`tickIntervalMs\`, \`maxHeartbeatsPerRun\`). Spec: \`docs/specs/autonomous-progress-heartbeat.md\`.
|
|
1569
1579
|
`;
|
|
1570
1580
|
|
|
1571
1581
|
if (hasTelegram) {
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
# Upgrade Guide — vNEXT
|
|
2
|
+
|
|
3
|
+
<!-- assembled-by: assemble-next-md -->
|
|
4
|
+
<!-- bump: patch -->
|
|
5
|
+
|
|
6
|
+
## What Changed
|
|
7
|
+
|
|
8
|
+
A new background watcher (sibling to the silently-stopped trio) that posts ONE honest, observational line when an autonomous run has gone quiet to the user past a threshold **AND** the terminal shows genuinely fresh output. It covers the *"busy-but-silent"* failure mode — a heads-down build emitting no heartbeat for an hour, indistinguishable to the user from a stall.
|
|
9
|
+
|
|
10
|
+
- Hedged, movement-gated wording — never a bare timer, never a false "still working" claim on a frozen screen.
|
|
11
|
+
- Real per-run cooldown/backoff (not the inert duplicate-suppressor); content scrubbed for secrets/paths; cross-machine-move guard.
|
|
12
|
+
- Read-only status at `GET /autonomous-heartbeat`.
|
|
13
|
+
- Ships **dark on the fleet, dryRun-first on dev** (the dev-agent gate). Off everywhere by config until a deliberate flip; signal-only, never blocks or rewrites a message.
|
|
14
|
+
|
|
15
|
+
## What to Tell Your User
|
|
16
|
+
|
|
17
|
+
If you're running a long autonomous job and the agent goes quiet, it will now occasionally drop a brief, honest note about what it was last doing — so you can tell "busy" from "stuck." It never claims to be working when it isn't, never spams (it backs off), and never talks over a real reply. It's off by default and only runs in observe-mode on a development agent first.
|
|
18
|
+
|
|
19
|
+
## Summary of New Capabilities
|
|
20
|
+
|
|
21
|
+
- A timer-backed safety net that makes a long autonomous run *legible*: if the agent goes heads-down and silent past a threshold while still genuinely working, it surfaces one hedged "here's where I was" line instead of leaving the user staring at silence.
|
|
22
|
+
- `GET /autonomous-heartbeat` — read-only status (active runs, per-run cooldown/backoff, last-emitted).
|
|
23
|
+
|
|
24
|
+
## Evidence
|
|
25
|
+
|
|
26
|
+
- **Reproduction (observed, 2026-06-16):** during a 24-hour autonomous run (topic 12476), the agent went heads-down fixing a multi-step CI failure for ~60 minutes and emitted zero user-facing messages. From the user's side this was indistinguishable from a stall; the user asked "did the session stall?" The existing silent-freeze watchdog correctly stayed quiet (the terminal WAS changing), and the promise-beacon's liveness line is tuned to once-per-60m — too slow.
|
|
27
|
+
- **Before:** "report every ~30m" was a prompt instruction (willpower); a heads-down task blew past it with no structural backstop → an hour of silence.
|
|
28
|
+
- **After:** the heartbeat fires on genuine fresh output + user-silence past the threshold, capped by cooldown/backoff → a long run produces a handful of honest liveness lines, not silence and not spam. Verified by 6 e2e "feature is alive" cases (emits when silent+moving; suppressed when mid-move / frozen / dryRun) + 25 unit + 2 integration tests (33 green).
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
# Upgrade Guide — vNEXT
|
|
2
|
+
|
|
3
|
+
<!-- assembled-by: assemble-next-md -->
|
|
4
|
+
<!-- bump: patch -->
|
|
5
|
+
|
|
6
|
+
## What Changed
|
|
7
|
+
|
|
8
|
+
WS5.2 Account Follow-Me, PR1 — the shared security primitives for seamless cross-machine account/quota sharing, with **no live-credential code path** (the security spec's build-order requires the secure mechanism to exist and be proven before any credential-bearing wiring). Ships DARK on the fleet (live on a development agent for dogfooding) behind `multiMachine.accountFollowMe`.
|
|
9
|
+
|
|
10
|
+
Added: an AAD-bound, fail-closed credential-sealing crypto pair (`encryptAccountCredential`/`decryptAccountCredential`, domain-separated from secret-sync); the distinct `account-credential-share` mesh verb + an RBAC-gated handler (recipient-match → operator-mandate → single-use grant, all before decrypt); an asymmetric Ed25519 cross-machine mandate issuance signature (the existing HMAC proof is machine-local); de-pair X25519 key-rotation with a durable, rollback-resistant epoch anchor; single-use grants + a per-account sum-of-leases spend ceiling; and the `subscription-account-meta` replicated JournalKind — a redacted, credential-free projection (id/nickname/email/provider/framework/status/quota) that replicates so a peer knows an account's depth/quota WITHOUT holding its login (the login location and every credential field are stripped). R0: corrected the `SubscriptionPool.ts` header contradiction (default is re-mint-per-machine, not credential-blob transport).
|
|
11
|
+
|
|
12
|
+
## What to Tell Your User
|
|
13
|
+
|
|
14
|
+
Nothing changes for you yet — this lays the secure foundation for "log in once, your account works on every machine," shipped off by default. When the follow-on pieces land, a new machine with no account will (with one approval tap from you) enroll its own login and serve from your shared quota — and no Claude login token is ever copied between machines (each machine mints its own, the ToS-safe way). If asked "do I have to log in on every machine?" the answer will be: the agent does it for you, one tap per machine.
|
|
15
|
+
|
|
16
|
+
## Summary of New Capabilities
|
|
17
|
+
|
|
18
|
+
Cross-machine account follow-me security foundation (dark): AAD-bound credential sealing, an operator-mandate-gated credential-share mesh verb, asymmetric cross-machine mandate signatures, de-pair key-rotation revocation, per-account lease-sliced spend bounds, and a credential-free account-metadata replication kind. No user-facing surface is live in this release.
|
|
19
|
+
|
|
20
|
+
## Evidence
|
|
21
|
+
|
|
22
|
+
- 61 new unit tests + the wiring-integrity test, all green; full replication regression suite green (147 tests together); `tsc --noEmit` clean.
|
|
23
|
+
- The wiring-integrity test caught a real bug pre-ship (a reserved-envelope-field collision that would have thrown at server-startup registration and disrupted machine-to-machine sync) — fixed.
|
|
24
|
+
- Side-effects review + mandatory independent second-pass security review (high-risk: credentials/gate/mesh) — reviewer concurred after independently re-running the tests + tsc and verifying no fail-open path, no credential-on-the-wire, and a genuinely-inert fleet default. Artifact: `upgrades/side-effects/ws52-account-follow-me-pr1.md`.
|
|
25
|
+
- Spec: `docs/specs/ws52-account-follow-me-security.md` (converged 2026-06-13, approved).
|