instar 1.3.608 → 1.3.609
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/commands/server.js +2 -1
- package/dist/commands/server.js.map +1 -1
- package/dist/coordination/AccountFollowMeMandateBridge.d.ts +56 -0
- package/dist/coordination/AccountFollowMeMandateBridge.d.ts.map +1 -0
- package/dist/coordination/AccountFollowMeMandateBridge.js +56 -0
- package/dist/coordination/AccountFollowMeMandateBridge.js.map +1 -0
- package/dist/core/AccountFollowMeDetector.d.ts +53 -0
- package/dist/core/AccountFollowMeDetector.d.ts.map +1 -0
- package/dist/core/AccountFollowMeDetector.js +56 -0
- package/dist/core/AccountFollowMeDetector.js.map +1 -0
- package/dist/core/AccountFollowMeEmailGate.d.ts +51 -0
- package/dist/core/AccountFollowMeEmailGate.d.ts.map +1 -0
- package/dist/core/AccountFollowMeEmailGate.js +50 -0
- package/dist/core/AccountFollowMeEmailGate.js.map +1 -0
- package/dist/core/AccountFollowMeOrchestrator.d.ts +98 -0
- package/dist/core/AccountFollowMeOrchestrator.d.ts.map +1 -0
- package/dist/core/AccountFollowMeOrchestrator.js +76 -0
- package/dist/core/AccountFollowMeOrchestrator.js.map +1 -0
- package/dist/core/AccountFollowMeService.d.ts +84 -0
- package/dist/core/AccountFollowMeService.d.ts.map +1 -0
- package/dist/core/AccountFollowMeService.js +105 -0
- package/dist/core/AccountFollowMeService.js.map +1 -0
- package/dist/core/accountFollowMeDepth.d.ts +40 -0
- package/dist/core/accountFollowMeDepth.d.ts.map +1 -0
- package/dist/core/accountFollowMeDepth.js +47 -0
- package/dist/core/accountFollowMeDepth.js.map +1 -0
- package/dist/core/fetchPeerSubscriptionViews.d.ts +46 -0
- package/dist/core/fetchPeerSubscriptionViews.d.ts.map +1 -0
- package/dist/core/fetchPeerSubscriptionViews.js +70 -0
- package/dist/core/fetchPeerSubscriptionViews.js.map +1 -0
- package/dist/monitoring/guardManifest.d.ts.map +1 -1
- package/dist/monitoring/guardManifest.js +1 -0
- package/dist/monitoring/guardManifest.js.map +1 -1
- package/dist/server/AgentServer.d.ts +1 -0
- package/dist/server/AgentServer.d.ts.map +1 -1
- package/dist/server/AgentServer.js +1 -0
- package/dist/server/AgentServer.js.map +1 -1
- package/dist/server/routes.d.ts +3 -0
- package/dist/server/routes.d.ts.map +1 -1
- package/dist/server/routes.js +49 -0
- package/dist/server/routes.js.map +1 -1
- package/package.json +1 -1
- package/src/data/builtin-manifest.json +47 -47
- package/upgrades/1.3.609.md +24 -0
- package/upgrades/side-effects/ws52-account-follow-me-pr2.md +59 -0
package/dist/server/routes.js
CHANGED
|
@@ -19094,6 +19094,55 @@ export function createRoutes(ctx) {
|
|
|
19094
19094
|
res.status(500).json({ error: err instanceof Error ? err.message : 'failed to start enrollment' });
|
|
19095
19095
|
}
|
|
19096
19096
|
});
|
|
19097
|
+
// WS5.2 §5.2 — Account Follow-Me: SURFACE (never act on) depth-zero enrollment offers.
|
|
19098
|
+
// Detects machines with no usable account (this machine + peers via the injected peer-views
|
|
19099
|
+
// reader, prod-wired to ?scope=pool) and surfaces ONE aggregated phone-first consent. The
|
|
19100
|
+
// agent NEVER self-enrolls — authorization is the operator's mandate, issued on the target's
|
|
19101
|
+
// own dashboard (per-server, OQ6). Dark behind multiMachine.accountFollowMe (503 when off).
|
|
19102
|
+
router.post('/subscription-pool/follow-me/scan', async (_req, res) => {
|
|
19103
|
+
const afmCfg = ctx.config.multiMachine?.accountFollowMe;
|
|
19104
|
+
if (!resolveDevAgentGate(afmCfg?.enabled, ctx.config)) {
|
|
19105
|
+
res.status(503).json({ error: 'account follow-me not enabled' });
|
|
19106
|
+
return;
|
|
19107
|
+
}
|
|
19108
|
+
if (!ctx.subscriptionPool || !ctx.coordination) {
|
|
19109
|
+
res.json({ enabled: true, offered: [] });
|
|
19110
|
+
return;
|
|
19111
|
+
}
|
|
19112
|
+
try {
|
|
19113
|
+
const { buildDepthInput } = await import('../core/accountFollowMeDepth.js');
|
|
19114
|
+
const { AccountFollowMeOrchestrator } = await import('../core/AccountFollowMeOrchestrator.js');
|
|
19115
|
+
const { AccountFollowMeService } = await import('../core/AccountFollowMeService.js');
|
|
19116
|
+
const localRows = ctx.subscriptionPool.list().map((a) => ({
|
|
19117
|
+
accountId: a.id, email: a.email, status: a.status, locallyHeld: typeof a.configHome === 'string' && a.configHome.length > 0,
|
|
19118
|
+
}));
|
|
19119
|
+
const selfView = { machineId: '(self)', nickname: 'this machine', accounts: localRows };
|
|
19120
|
+
const peerViews = ctx.accountFollowMePeerViews ? await ctx.accountFollowMePeerViews() : [];
|
|
19121
|
+
const orchestrator = new AccountFollowMeOrchestrator({
|
|
19122
|
+
gate: ctx.coordination.gate,
|
|
19123
|
+
agentFp: () => ctx.config.projectName ?? 'self',
|
|
19124
|
+
mandatesDeepLink: (a) => `/dashboard?tab=mandates&account=${encodeURIComponent(a.accountId)}&target=${encodeURIComponent(a.targetMachineId)}&mechanism=${a.mechanism}`,
|
|
19125
|
+
});
|
|
19126
|
+
const svc = new AccountFollowMeService({
|
|
19127
|
+
readPoolDepth: () => buildDepthInput([selfView, ...peerViews]),
|
|
19128
|
+
maxFollowMachines: () => afmCfg?.maxFollowMachines ?? 5,
|
|
19129
|
+
inFlight: () => new Set(),
|
|
19130
|
+
orchestrator,
|
|
19131
|
+
emitAggregatedConsent: (c) => {
|
|
19132
|
+
// Map the service's consent to the attention-queue item shape (medium → NORMAL).
|
|
19133
|
+
void ctx.telegram?.createAttentionItem?.({
|
|
19134
|
+
id: c.id, title: c.title, summary: c.body, description: c.body,
|
|
19135
|
+
category: 'account-follow-me', priority: 'NORMAL', sourceContext: 'account-follow-me',
|
|
19136
|
+
});
|
|
19137
|
+
},
|
|
19138
|
+
});
|
|
19139
|
+
const { offered } = svc.scanAndOffer();
|
|
19140
|
+
res.json({ enabled: true, offered });
|
|
19141
|
+
}
|
|
19142
|
+
catch (err) {
|
|
19143
|
+
res.status(500).json({ error: err instanceof Error ? err.message : 'follow-me scan failed' });
|
|
19144
|
+
}
|
|
19145
|
+
});
|
|
19097
19146
|
// Single-segment path → no collision with /enroll/:id/complete (3 segments).
|
|
19098
19147
|
router.post('/subscription-pool/enroll/reissue-expired', async (_req, res) => {
|
|
19099
19148
|
if (!ctx.enrollmentWizard) {
|