instar 1.3.726 → 1.3.727

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1 +1 @@
1
- {"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/commands/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AA+CH,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAU3D,OAAO,EAAE,eAAe,EAAiC,MAAM,iCAAiC,CAAC;AAyBjG,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAGvD,OAAO,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAC;AA6H7D,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAgFtD;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,yBAAyB,CACvC,IAAI,EAAE,MAAM,EACZ,OAAO,EAAE,MAAM,EACf,gBAAgB,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAC1C,OAAO,CAUT;AAyID,UAAU,YAAY;IACpB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;2DACuD;IACvD,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAi/CD,wBAAgB,mBAAmB,CACjC,QAAQ,EAAE,eAAe,EACzB,cAAc,EAAE,cAAc,EAC9B,YAAY,CAAC,EAAE,YAAY,EAC3B,WAAW,CAAC,EAAE,WAAW,EACzB,WAAW,CAAC,EAAE,WAAW,EACzB,iBAAiB,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC,OAAO,CAAC,EAGvE,UAAU,CAAC,EAAE,MAAM,OAAO,8BAA8B,EAAE,WAAW,GAAG,IAAI,EAK5E,qBAAqB,CAAC,EAAE,MAAM,OAAO,gCAAgC,EAAE,kBAAkB,GAAG,IAAI,EAKhG,mBAAmB,CAAC,EAAE,MAAM,MAAM,GAAG,IAAI,GAAG,SAAS,GACpD,IAAI,CAijBN;AA2lBD,wBAAsB,WAAW,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CA44jBtE;AAED,wBAAsB,UAAU,CAAC,OAAO,EAAE;IAAE,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAsDzE;AAED;;;;;;;;;;;GAWG;AACH,wBAAsB,aAAa,CAAC,OAAO,EAAE;IAAE,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAuD5E"}
1
+ {"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/commands/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AA+CH,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAU3D,OAAO,EAAE,eAAe,EAAiC,MAAM,iCAAiC,CAAC;AAyBjG,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAGvD,OAAO,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAC;AA6H7D,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAgFtD;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,yBAAyB,CACvC,IAAI,EAAE,MAAM,EACZ,OAAO,EAAE,MAAM,EACf,gBAAgB,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAC1C,OAAO,CAUT;AAyID,UAAU,YAAY;IACpB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;2DACuD;IACvD,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAi/CD,wBAAgB,mBAAmB,CACjC,QAAQ,EAAE,eAAe,EACzB,cAAc,EAAE,cAAc,EAC9B,YAAY,CAAC,EAAE,YAAY,EAC3B,WAAW,CAAC,EAAE,WAAW,EACzB,WAAW,CAAC,EAAE,WAAW,EACzB,iBAAiB,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC,OAAO,CAAC,EAGvE,UAAU,CAAC,EAAE,MAAM,OAAO,8BAA8B,EAAE,WAAW,GAAG,IAAI,EAK5E,qBAAqB,CAAC,EAAE,MAAM,OAAO,gCAAgC,EAAE,kBAAkB,GAAG,IAAI,EAKhG,mBAAmB,CAAC,EAAE,MAAM,MAAM,GAAG,IAAI,GAAG,SAAS,GACpD,IAAI,CAijBN;AA2lBD,wBAAsB,WAAW,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CAq8jBtE;AAED,wBAAsB,UAAU,CAAC,OAAO,EAAE;IAAE,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAsDzE;AAED;;;;;;;;;;;GAWG;AACH,wBAAsB,aAAa,CAAC,OAAO,EAAE;IAAE,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAuD5E"}
@@ -6651,7 +6651,7 @@ export async function startServer(options) {
6651
6651
  const slackCfg = slackConfig.config;
6652
6652
  const pgCfg = slackCfg.permissionGate;
6653
6653
  if (pgCfg && (pgCfg.observeOnly || pgCfg.enforce)) {
6654
- const { SlackPermissionObserver, SlackPrincipalResolver, SlackPermissionGate, PermissionDecisionLedger, RolePolicy, HeuristicIntentClassifier, LlmIntentClassifier, HeuristicAnomalyScorer, RelationshipBehaviorStore, RelationshipAnomalyScorer, MandateBackedGrantStore, } = await import('../permissions/index.js');
6654
+ const { SlackPermissionObserver, SlackPrincipalResolver, SlackPermissionGate, PermissionDecisionLedger, RolePolicy, HeuristicIntentClassifier, LlmIntentClassifier, HeuristicAnomalyScorer, RelationshipBehaviorStore, RelationshipAnomalyScorer, MandateBackedGrantStore, TestWorkspacePrincipalSource, ChainedUserLookup, } = await import('../permissions/index.js');
6655
6655
  // Own UserManager instance for verified-principal resolution (the
6656
6656
  // Telegram-block userManager is out of scope here). Reads users.json.
6657
6657
  const slackUserManager = new UserManager(config.stateDir, config.users);
@@ -6742,10 +6742,51 @@ export async function startServer(options) {
6742
6742
  });
6743
6743
  console.log(`[slack] relationship-aware anomaly scorer attached (observe-only baseline; LLM style check ${raCfg.useLlmStyleCheck ? 'ON' : 'off'}; poisoning-resistance: min-age ${pr.minBaselineAgeDays ?? 7}d, rate-cap ${pr.maxObservationsPerWindow ?? 50}/window, decay ${pr.decayHalfLifeWindows ?? 30}w)`);
6744
6744
  }
6745
+ // ── Principal resolution: production registry first; optionally chained
6746
+ // with the sanctioned test-cast source (roadmap 0.3 entry condition).
6747
+ // The cast source is workspace-scoped (VERIFIED connected team id from
6748
+ // auth.test — fail-closed until verified), fixture-marker-only (the
6749
+ // partition invariant: the production registry refuses fixtures, this
6750
+ // source accepts ONLY fixtures — one identity space, two disjoint homes),
6751
+ // and read-only (it never touches users.json; the fixture-identity
6752
+ // guard's production invariant is fully intact).
6753
+ const productionLookup = {
6754
+ resolveFromSlackUserId: (id) => slackUserManager.resolveFromSlackUserId(id),
6755
+ };
6756
+ let principalLookup = productionLookup;
6757
+ const tcCfg = pgCfg.testCast;
6758
+ if (tcCfg && typeof tcCfg.workspaceId === 'string' && tcCfg.workspaceId.trim()
6759
+ && Array.isArray(tcCfg.principals) && tcCfg.principals.length > 0) {
6760
+ try {
6761
+ const adapterForScope = slackAdapter;
6762
+ const testCastSource = new TestWorkspacePrincipalSource({
6763
+ workspaceId: tcCfg.workspaceId,
6764
+ testWorkspace: tcCfg.testWorkspace === true,
6765
+ principals: tcCfg.principals,
6766
+ getVerifiedWorkspaceId: () => adapterForScope?.getConnectedTeamId() ?? null,
6767
+ });
6768
+ if (testCastSource.disabled) {
6769
+ // Fail-closed: the source already logged the single loud line
6770
+ // (missing "testWorkspace: true"). Stay production-registry-only —
6771
+ // do NOT attach an inert chain, so behavior is byte-identical to
6772
+ // having no cast configured.
6773
+ }
6774
+ else {
6775
+ for (const r of testCastSource.rejected) {
6776
+ console.warn(`[slack] test-cast principal REFUSED (${r.reason}): "${r.slackUserId}" — the cast admits fixture-marker identities only (see users/testIdentityMarkers.ts)`);
6777
+ }
6778
+ principalLookup = new ChainedUserLookup([productionLookup, testCastSource]);
6779
+ console.log(`[slack] permission-gate test-cast principal source attached: workspace ${tcCfg.workspaceId}, ` +
6780
+ `${testCastSource.size} seat(s) admitted, ${testCastSource.rejected.length} refused ` +
6781
+ `(production registry takes precedence; cast inert until the connected team id is verified)`);
6782
+ }
6783
+ }
6784
+ catch (tce) {
6785
+ console.warn('[slack] test-cast principal source wiring skipped:', tce.message);
6786
+ }
6787
+ }
6745
6788
  const observer = new SlackPermissionObserver({
6746
- resolver: new SlackPrincipalResolver({
6747
- resolveFromSlackUserId: (id) => slackUserManager.resolveFromSlackUserId(id),
6748
- }),
6789
+ resolver: new SlackPrincipalResolver(principalLookup),
6749
6790
  gate: new SlackPermissionGate({
6750
6791
  rolePolicy: new RolePolicy(),
6751
6792
  classifier: intentClassifier,