instar 1.3.665 → 1.3.667
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/commands/server.d.ts.map +1 -1
- package/dist/commands/server.js +64 -9
- package/dist/commands/server.js.map +1 -1
- package/dist/core/MessageSentinel.d.ts +62 -1
- package/dist/core/MessageSentinel.d.ts.map +1 -1
- package/dist/core/MessageSentinel.js +123 -1
- package/dist/core/MessageSentinel.js.map +1 -1
- package/dist/core/PostUpdateMigrator.d.ts.map +1 -1
- package/dist/core/PostUpdateMigrator.js +9 -0
- package/dist/core/PostUpdateMigrator.js.map +1 -1
- package/dist/core/SessionManager.d.ts +9 -0
- package/dist/core/SessionManager.d.ts.map +1 -1
- package/dist/core/SessionManager.js +31 -0
- package/dist/core/SessionManager.js.map +1 -1
- package/dist/core/paneTail.d.ts +9 -0
- package/dist/core/paneTail.d.ts.map +1 -1
- package/dist/core/paneTail.js +12 -0
- package/dist/core/paneTail.js.map +1 -1
- package/dist/core/types.d.ts +11 -0
- package/dist/core/types.d.ts.map +1 -1
- package/dist/core/types.js.map +1 -1
- package/dist/monitoring/PermissionPromptAutoResolver.d.ts +215 -0
- package/dist/monitoring/PermissionPromptAutoResolver.d.ts.map +1 -0
- package/dist/monitoring/PermissionPromptAutoResolver.js +475 -0
- package/dist/monitoring/PermissionPromptAutoResolver.js.map +1 -0
- package/dist/monitoring/PresenceProxy.d.ts.map +1 -1
- package/dist/monitoring/PresenceProxy.js +18 -0
- package/dist/monitoring/PresenceProxy.js.map +1 -1
- package/dist/monitoring/StuckSignatureClassifier.d.ts +1 -1
- package/dist/monitoring/StuckSignatureClassifier.d.ts.map +1 -1
- package/dist/monitoring/StuckSignatureClassifier.js +24 -0
- package/dist/monitoring/StuckSignatureClassifier.js.map +1 -1
- package/dist/monitoring/guardManifest.d.ts.map +1 -1
- package/dist/monitoring/guardManifest.js +15 -0
- package/dist/monitoring/guardManifest.js.map +1 -1
- package/dist/monitoring/guardPosture.d.ts.map +1 -1
- package/dist/monitoring/guardPosture.js +19 -0
- package/dist/monitoring/guardPosture.js.map +1 -1
- package/dist/server/routes.d.ts.map +1 -1
- package/dist/server/routes.js +10 -5
- package/dist/server/routes.js.map +1 -1
- package/package.json +1 -1
- package/scripts/lint-guard-manifest.js +1 -0
- package/src/data/builtin-manifest.json +64 -64
- package/upgrades/1.3.666.md +131 -0
- package/upgrades/1.3.667.md +32 -0
- package/upgrades/side-effects/operator-channel-sacred.md +31 -0
- package/upgrades/1.3.665.md +0 -68
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/commands/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AA2CH,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAU3D,OAAO,EAAE,eAAe,EAAiC,MAAM,iCAAiC,CAAC;AAwBjG,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAGvD,OAAO,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAC;AAwH7D,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AA+EtD;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,yBAAyB,CACvC,IAAI,EAAE,MAAM,EACZ,OAAO,EAAE,MAAM,EACf,gBAAgB,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAC1C,OAAO,CAUT;AAyID,UAAU,YAAY;IACpB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;2DACuD;IACvD,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAy4CD,wBAAgB,mBAAmB,CACjC,QAAQ,EAAE,eAAe,EACzB,cAAc,EAAE,cAAc,EAC9B,YAAY,CAAC,EAAE,YAAY,EAC3B,WAAW,CAAC,EAAE,WAAW,EACzB,WAAW,CAAC,EAAE,WAAW,EACzB,iBAAiB,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC,OAAO,CAAC,EAGvE,UAAU,CAAC,EAAE,MAAM,OAAO,8BAA8B,EAAE,WAAW,GAAG,IAAI,EAK5E,qBAAqB,CAAC,EAAE,MAAM,OAAO,gCAAgC,EAAE,kBAAkB,GAAG,IAAI,EAKhG,mBAAmB,CAAC,EAAE,MAAM,MAAM,GAAG,IAAI,GAAG,SAAS,GACpD,IAAI,CA8eN;AA2lBD,wBAAsB,WAAW,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,
|
|
1
|
+
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/commands/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AA2CH,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAU3D,OAAO,EAAE,eAAe,EAAiC,MAAM,iCAAiC,CAAC;AAwBjG,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAGvD,OAAO,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAC;AAwH7D,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AA+EtD;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,yBAAyB,CACvC,IAAI,EAAE,MAAM,EACZ,OAAO,EAAE,MAAM,EACf,gBAAgB,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAC1C,OAAO,CAUT;AAyID,UAAU,YAAY;IACpB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;2DACuD;IACvD,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAy4CD,wBAAgB,mBAAmB,CACjC,QAAQ,EAAE,eAAe,EACzB,cAAc,EAAE,cAAc,EAC9B,YAAY,CAAC,EAAE,YAAY,EAC3B,WAAW,CAAC,EAAE,WAAW,EACzB,WAAW,CAAC,EAAE,WAAW,EACzB,iBAAiB,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC,OAAO,CAAC,EAGvE,UAAU,CAAC,EAAE,MAAM,OAAO,8BAA8B,EAAE,WAAW,GAAG,IAAI,EAK5E,qBAAqB,CAAC,EAAE,MAAM,OAAO,gCAAgC,EAAE,kBAAkB,GAAG,IAAI,EAKhG,mBAAmB,CAAC,EAAE,MAAM,MAAM,GAAG,IAAI,GAAG,SAAS,GACpD,IAAI,CA8eN;AA2lBD,wBAAsB,WAAW,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CA6/gBtE;AAED,wBAAsB,UAAU,CAAC,OAAO,EAAE;IAAE,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAsDzE;AAED;;;;;;;;;;;GAWG;AACH,wBAAsB,aAAa,CAAC,OAAO,EAAE;IAAE,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAuD5E"}
|
package/dist/commands/server.js
CHANGED
|
@@ -5175,6 +5175,58 @@ export async function startServer(options) {
|
|
|
5175
5175
|
// their construction sites below; GET /guards reconciles registrations
|
|
5176
5176
|
// against the declared manifest (missing = a state, never an omission).
|
|
5177
5177
|
const guardRegistry = new GuardRegistry();
|
|
5178
|
+
// ── Permission-Prompt Auto-Resolver (always-on safety floor) ──────────────
|
|
5179
|
+
// Auto-answers a framework approval prompt Instar cannot otherwise clear (the
|
|
5180
|
+
// Claude Code 2.1.176-177 cd-redirection wedge). UNCONDITIONAL — there is NO
|
|
5181
|
+
// enable flag (a stale persisted `false` could re-disable the very safety it
|
|
5182
|
+
// provides; that exact trap is what caused this bug). The only opt-out is
|
|
5183
|
+
// monitoring.permissionPromptAutoResolver.emergencyDisable (absent ⇒ on).
|
|
5184
|
+
{
|
|
5185
|
+
const { PermissionPromptAutoResolver, toPaneTailLines } = await import('../monitoring/PermissionPromptAutoResolver.js');
|
|
5186
|
+
const { looksGeneratingNow } = await import('../monitoring/sentinelWiring.js');
|
|
5187
|
+
const pprAuditPath = path.join(config.sessions.projectDir, 'logs', 'permission-prompt-resolver.jsonl');
|
|
5188
|
+
const permissionPromptResolver = new PermissionPromptAutoResolver({
|
|
5189
|
+
sendKey: (s, k) => sessionManager.sendKey(s, k),
|
|
5190
|
+
reCaptureTail: async (s) => {
|
|
5191
|
+
const t = sessionManager.captureMeaningfulTail(s, 16);
|
|
5192
|
+
return t == null ? null : toPaneTailLines(t);
|
|
5193
|
+
},
|
|
5194
|
+
isGenerating: (text) => looksGeneratingNow(text, 'claude-code'),
|
|
5195
|
+
raiseDefect: (d) => {
|
|
5196
|
+
try {
|
|
5197
|
+
void telegram?.createAttentionItem({
|
|
5198
|
+
id: `perm-prompt:${d.dedupKey}`,
|
|
5199
|
+
title: 'Session wedged on an approval prompt I could not auto-clear',
|
|
5200
|
+
summary: d.reason,
|
|
5201
|
+
description: `Session ${d.sessionName} (${d.layer}) is parked on an approval prompt the ` +
|
|
5202
|
+
`auto-resolver could not clear (the host may have changed its prompt UI). It needs a look.`,
|
|
5203
|
+
category: 'session',
|
|
5204
|
+
priority: 'NORMAL',
|
|
5205
|
+
sourceContext: 'permission-prompt-auto-resolver',
|
|
5206
|
+
});
|
|
5207
|
+
}
|
|
5208
|
+
catch { /* observability must never throw into the floor */ }
|
|
5209
|
+
},
|
|
5210
|
+
appendAudit: (row) => {
|
|
5211
|
+
try {
|
|
5212
|
+
fs.mkdirSync(path.dirname(pprAuditPath), { recursive: true });
|
|
5213
|
+
try {
|
|
5214
|
+
const st = fs.statSync(pprAuditPath);
|
|
5215
|
+
if (st.size > 8 * 1024 * 1024)
|
|
5216
|
+
fs.renameSync(pprAuditPath, `${pprAuditPath}.1`);
|
|
5217
|
+
}
|
|
5218
|
+
catch { /* file may not exist yet */ }
|
|
5219
|
+
fs.appendFileSync(pprAuditPath, `${JSON.stringify(row)}\n`);
|
|
5220
|
+
}
|
|
5221
|
+
catch { /* audit is best-effort; never throw */ }
|
|
5222
|
+
},
|
|
5223
|
+
now: () => Date.now(),
|
|
5224
|
+
emergencyDisabled: () => config.monitoring?.permissionPromptAutoResolver?.emergencyDisable === true,
|
|
5225
|
+
});
|
|
5226
|
+
guardRegistry.register('monitoring.permissionPromptAutoResolver.enabled', () => permissionPromptResolver.guardStatus());
|
|
5227
|
+
sessionManager.setPermissionPromptResolver(permissionPromptResolver);
|
|
5228
|
+
console.log(pc.green(' Permission-Prompt Auto-Resolver: enabled (always-on safety floor)'));
|
|
5229
|
+
}
|
|
5178
5230
|
let scheduler;
|
|
5179
5231
|
if (config.scheduler.enabled && coordinator.isAwake) {
|
|
5180
5232
|
scheduler = new JobScheduler(config.scheduler, sessionManager, state, config.stateDir);
|
|
@@ -12043,16 +12095,19 @@ export async function startServer(options) {
|
|
|
12043
12095
|
// Wire sentinel into Telegram message flow — intercepts BEFORE session routing.
|
|
12044
12096
|
// Must be wired AFTER sentinel is created but BEFORE server starts.
|
|
12045
12097
|
if (sentinel && telegram) {
|
|
12046
|
-
telegram.onSentinelIntercept = async (text,
|
|
12047
|
-
|
|
12048
|
-
|
|
12049
|
-
|
|
12050
|
-
|
|
12051
|
-
|
|
12052
|
-
|
|
12053
|
-
};
|
|
12098
|
+
telegram.onSentinelIntercept = async (text, topicId) => {
|
|
12099
|
+
// Operator-channel-sacred: route the decision through the single disposition
|
|
12100
|
+
// helper so a 'pause' consumes ONLY on a deterministic match — a bare-LLM or
|
|
12101
|
+
// capacity-shed 'pause' routes THROUGH (returns null), never consuming the
|
|
12102
|
+
// operator's message. A long-form genuine stop is rescued to a kill.
|
|
12103
|
+
const decision = await sentinel.decideInboundDisposition(text, topicId);
|
|
12104
|
+
if (decision.disposition === 'kill') {
|
|
12105
|
+
return { category: 'emergency-stop', action: { type: 'kill-session' }, reason: decision.reason };
|
|
12106
|
+
}
|
|
12107
|
+
if (decision.disposition === 'pause') {
|
|
12108
|
+
return { category: 'pause', action: { type: 'pause-session' }, reason: decision.reason };
|
|
12054
12109
|
}
|
|
12055
|
-
return null; //
|
|
12110
|
+
return null; // route-through → normal routing (deliver, don't consume)
|
|
12056
12111
|
};
|
|
12057
12112
|
// Durable Inbound Message Queue §3.6: emergency stop reaches custody.
|
|
12058
12113
|
telegram.onSentinelStopCustody = (topicId) => {
|