stagent 0.8.0 → 0.9.0

package/README.md

@@ -39,6 +39,47 @@ The AI agent stack is broken for business operators. You can spin up an agent in
 
 ---
 
+## Community & Premium Editions
+
+Stagent is **free and fully functional** as a local-first tool. The Community Edition (Apache 2.0) includes everything you need to run AI agents, workflows, and schedules on your machine. Premium tiers add cloud sync, expanded limits, marketplace access, and analytics for power users and teams.
+
+### Feature Comparison
+
+| Capability | Community (Free) | Premium |
+|---|---|---|
+| Local tasks & workflows | Unlimited | Unlimited |
+| Agent profiles | All built-in | All built-in |
+| Human-in-the-loop approval | Full | Full |
+| Agent memories per profile | 50 | 200 - Unlimited |
+| Learned context versions | 10 | 50 - Unlimited |
+| Active schedules | 5 | 20 - Unlimited |
+| History retention | 30 days | 180 days - Unlimited |
+| Cloud sync & backup | — | Solo and above |
+| Marketplace blueprints | Browse only | Import & Publish |
+| Outcome analytics | — | Operator and above |
+
+### Soft Limits
+
+| Resource | Community Limit | At Limit |
+|---|---|---|
+| Agent memories | 50 per profile | New writes blocked, existing preserved |
+| Context versions | 10 per profile | New proposals blocked |
+| Active schedules | 5 | New schedule creation returns 402 |
+| Task history | 30 days | Older entries pruned daily |
+
+### Pricing
+
+| Tier | Price | Best For |
+|---|---|---|
+| Community | Free forever | Individual developers, evaluation |
+| Solo | $19/mo | Power users, expanded limits |
+| Operator | $49/mo | Professionals, analytics, cloud sync |
+| Scale | $99/mo | Teams, marketplace publishing, unlimited |
+
+[Get Premium →](https://stagent.io/pricing)
+
+---
+
 ## Runtime Bridge
 
 Run the same business process on different AI providers without changing a line of configuration. Stagent's shared runtime registry routes tasks, schedules, and workflow steps through **Claude Code** (Anthropic Claude Agent SDK) and **OpenAI Codex App Server**, landing everything in the same inbox, monitoring, and cost surfaces. Switching providers is a settings change, not a rewrite.

package/dist/cli.js

@@ -129,7 +129,8 @@ var STAGENT_TABLES = [
   "schedule_table_inputs",
   "user_table_triggers",
   "user_table_row_history",
-  "snapshots"
+  "snapshots",
+  "license"
 ];
 function bootstrapStagentDatabase(sqlite2) {
   sqlite2.exec(`
@@ -889,6 +890,21 @@ function bootstrapStagentDatabase(sqlite2) {
 
     CREATE INDEX IF NOT EXISTS idx_snapshots_type ON snapshots(type);
     CREATE INDEX IF NOT EXISTS idx_snapshots_created_at ON snapshots(created_at);
+
+    CREATE TABLE IF NOT EXISTS license (
+      id TEXT PRIMARY KEY NOT NULL,
+      supabase_user_id TEXT,
+      tier TEXT DEFAULT 'community' NOT NULL,
+      status TEXT DEFAULT 'inactive' NOT NULL,
+      email TEXT,
+      activated_at INTEGER,
+      expires_at INTEGER,
+      last_validated_at INTEGER,
+      grace_period_expires_at INTEGER,
+      encrypted_token TEXT,
+      created_at INTEGER NOT NULL,
+      updated_at INTEGER NOT NULL
+    );
   `);
 }
 function hasLegacyStagentTables(sqlite2) {
@@ -1060,11 +1076,12 @@ async function main() {
     port: actualPort
   });
   const sidecarUrl = buildSidecarUrl(actualPort);
-  console.log(`Stagent ${pkg.version}`);
+  console.log(`Stagent ${pkg.version} \u2014 Community Edition`);
   console.log(`Data dir: ${DATA_DIR}`);
   console.log(`Mode: ${isPrebuilt ? "production" : "development"}`);
   console.log(`Next entry: ${nextEntrypoint}`);
   console.log(`Starting Stagent on ${sidecarUrl}`);
+  console.log(`Upgrade to Premium for cloud sync, expanded limits, and analytics \u2192 stagent.io/pricing`);
   const child = spawn(process.execPath, [nextEntrypoint, ...nextArgs], {
     cwd: effectiveCwd,
     stdio: "inherit",

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "stagent",
-  "version": "0.8.0",
+  "version": "0.9.0",
   "description": "AI Business Operating System — run your business with AI agents. Local-first, multi-provider, governed.",
   "keywords": [
     "ai",
@@ -67,6 +67,7 @@
     "@dnd-kit/sortable": "^10.0.0",
     "@dnd-kit/utilities": "^3.2.2",
     "@hookform/resolvers": "^5.2.2",
+    "@supabase/supabase-js": "^2.101.1",
     "@tailwindcss/postcss": "^4",
     "@tailwindcss/typography": "^0.5",
     "@tanstack/react-table": "^8.21.3",

package/src/app/analytics/page.tsx

@@ -0,0 +1,60 @@
+import { Suspense } from "react";
+import { PageShell } from "@/components/shared/page-shell";
+import { AnalyticsDashboard } from "@/components/analytics/analytics-dashboard";
+import { AnalyticsGateCard } from "@/components/analytics/analytics-gate-card";
+import { licenseManager } from "@/lib/license/manager";
+import {
+  getOutcomeCounts,
+  getSuccessRateTrend,
+  getCostPerOutcomeTrend,
+  getProfileLeaderboard,
+  getEstimatedHoursSaved,
+} from "@/lib/analytics/queries";
+
+export const dynamic = "force-dynamic";
+
+function AnalyticsContent() {
+  const tier = licenseManager.getTierFromDb();
+  const isAllowed = tier !== "community";
+
+  const outcomes = getOutcomeCounts(30);
+  const successTrend = getSuccessRateTrend(30);
+  const costTrend = getCostPerOutcomeTrend(30);
+  const leaderboard = getProfileLeaderboard(30);
+  const hoursSaved = getEstimatedHoursSaved(30);
+
+  const dashboard = (
+    <AnalyticsDashboard
+      outcomes={outcomes}
+      successTrend={successTrend}
+      costTrend={costTrend}
+      leaderboard={leaderboard}
+      hoursSaved={hoursSaved}
+    />
+  );
+
+  if (isAllowed) return dashboard;
+
+  return (
+    <div className="relative">
+      {/* Blurred dashboard preview */}
+      <div className="opacity-20 pointer-events-none select-none blur-[2px]" aria-hidden>
+        {dashboard}
+      </div>
+      {/* Upgrade CTA */}
+      <div className="absolute inset-0 flex items-start justify-center pt-16">
+        <AnalyticsGateCard />
+      </div>
+    </div>
+  );
+}
+
+export default function AnalyticsPage() {
+  return (
+    <PageShell title="Analytics" description="Agent performance and ROI insights">
+      <Suspense fallback={<div className="animate-pulse h-64 bg-muted rounded-lg" />}>
+        <AnalyticsContent />
+      </Suspense>
+    </PageShell>
+  );
+}

package/src/app/api/license/checkout/route.ts

@@ -0,0 +1,28 @@
+import { NextRequest, NextResponse } from "next/server";
+import { createCheckoutSession } from "@/lib/billing/stripe";
+import { TIERS } from "@/lib/license/tier-limits";
+
+/**
+ * POST /api/license/checkout
+ * Creates a Stripe Checkout Session and returns the URL.
+ * Body: { tier: "solo"|"operator"|"scale", billingPeriod?: "monthly"|"annual" }
+ */
+export async function POST(req: NextRequest) {
+  const body = await req.json();
+  const { tier, billingPeriod } = body;
+
+  if (!tier || tier === "community" || !TIERS.includes(tier)) {
+    return NextResponse.json(
+      { error: "Valid paid tier required (solo, operator, scale)" },
+      { status: 400 }
+    );
+  }
+
+  const result = await createCheckoutSession(tier, billingPeriod ?? "monthly");
+
+  if ("error" in result) {
+    return NextResponse.json({ error: result.error }, { status: 502 });
+  }
+
+  return NextResponse.json({ url: result.url });
+}

package/src/app/api/license/portal/route.ts

@@ -0,0 +1,26 @@
+import { NextRequest, NextResponse } from "next/server";
+import { createPortalSession } from "@/lib/billing/stripe";
+
+/**
+ * GET /api/license/portal
+ * Creates a Stripe Customer Portal session and redirects.
+ * Query: ?email=user@example.com
+ */
+export async function GET(req: NextRequest) {
+  const email = req.nextUrl.searchParams.get("email");
+
+  if (!email) {
+    return NextResponse.json(
+      { error: "email query parameter required" },
+      { status: 400 }
+    );
+  }
+
+  const result = await createPortalSession(email);
+
+  if ("error" in result) {
+    return NextResponse.json({ error: result.error }, { status: 502 });
+  }
+
+  return NextResponse.redirect(result.url);
+}

package/src/app/api/license/route.ts

@@ -0,0 +1,88 @@
+import { NextRequest, NextResponse } from "next/server";
+import { licenseManager } from "@/lib/license/manager";
+import { TIER_LIMITS, type LimitResource } from "@/lib/license/tier-limits";
+import { LICENSE_FEATURES, canAccessFeature } from "@/lib/license/features";
+import { activateLicenseSchema } from "@/lib/validators/license";
+import type { LicenseTier } from "@/lib/license/tier-limits";
+
+/**
+ * GET /api/license — current license status, feature flags, and limits.
+ */
+export async function GET() {
+  const status = licenseManager.getStatus();
+  const tier = status.tier;
+
+  // Build feature access map
+  const features: Record<string, boolean> = {};
+  for (const feature of LICENSE_FEATURES) {
+    features[feature] = canAccessFeature(tier, feature);
+  }
+
+  // Build limit map
+  const limits: Record<string, number> = {};
+  for (const key of Object.keys(TIER_LIMITS[tier]) as LimitResource[]) {
+    const val = TIER_LIMITS[tier][key];
+    limits[key] = val === Infinity ? -1 : val; // -1 = unlimited for JSON
+  }
+
+  return NextResponse.json({
+    tier: status.tier,
+    status: status.status,
+    email: status.email,
+    activatedAt: status.activatedAt?.toISOString() ?? null,
+    expiresAt: status.expiresAt?.toISOString() ?? null,
+    lastValidatedAt: status.lastValidatedAt?.toISOString() ?? null,
+    gracePeriodExpiresAt: status.gracePeriodExpiresAt?.toISOString() ?? null,
+    isPremium: licenseManager.isPremium(),
+    features,
+    limits,
+  });
+}
+
+/**
+ * POST /api/license — activate a license.
+ * Accepts either a license key or direct tier/email/token (from Stripe webhook flow).
+ */
+export async function POST(req: NextRequest) {
+  const body = await req.json();
+  const parsed = activateLicenseSchema.safeParse(body);
+
+  if (!parsed.success) {
+    return NextResponse.json(
+      { error: "Invalid request", details: parsed.error.flatten() },
+      { status: 400 }
+    );
+  }
+
+  const { tier, email, token } = parsed.data;
+
+  if (!tier || !email) {
+    return NextResponse.json(
+      { error: "tier and email are required for activation" },
+      { status: 400 }
+    );
+  }
+
+  licenseManager.activate({
+    tier: tier as LicenseTier,
+    email,
+    encryptedToken: token,
+  });
+
+  return NextResponse.json({
+    success: true,
+    tier: licenseManager.getTier(),
+    status: licenseManager.getStatus().status,
+  });
+}
+
+/**
+ * DELETE /api/license — deactivate and revert to community.
+ */
+export async function DELETE() {
+  licenseManager.deactivate();
+  return NextResponse.json({
+    success: true,
+    tier: "community",
+  });
+}

package/src/app/api/license/usage/route.ts

@@ -0,0 +1,63 @@
+import { NextResponse } from "next/server";
+import { licenseManager } from "@/lib/license/manager";
+import { getContextVersionCount, getActiveScheduleCount } from "@/lib/license/limit-queries";
+import { getAllExecutions } from "@/lib/agents/execution-manager";
+import { db } from "@/lib/db";
+import { agentMemory } from "@/lib/db/schema";
+import { eq, sql, desc } from "drizzle-orm";
+
+/**
+ * GET /api/license/usage
+ * Returns current usage counts and limits for the subscription UI.
+ */
+export async function GET() {
+  // Find the profile with the most memories for the usage display
+  const topProfile = db
+    .select({
+      profileId: agentMemory.profileId,
+      count: sql<number>`count(*)`,
+    })
+    .from(agentMemory)
+    .where(eq(agentMemory.status, "active"))
+    .groupBy(agentMemory.profileId)
+    .orderBy(desc(sql`count(*)`))
+    .limit(1)
+    .get();
+
+  const memoryCount = topProfile?.count ?? 0;
+
+  // Find the profile with the most context versions
+  // Use the same top profile for consistency
+  const contextCount = topProfile?.profileId
+    ? getContextVersionCount(topProfile.profileId)
+    : 0;
+
+  const scheduleCount = getActiveScheduleCount();
+  const parallelCount = getAllExecutions().size;
+
+  const limits = {
+    agentMemories: licenseManager.getLimit("agentMemories"),
+    contextVersions: licenseManager.getLimit("contextVersions"),
+    activeSchedules: licenseManager.getLimit("activeSchedules"),
+    parallelWorkflows: licenseManager.getLimit("parallelWorkflows"),
+  };
+
+  return NextResponse.json({
+    agentMemories: {
+      current: memoryCount,
+      limit: limits.agentMemories === Infinity ? -1 : limits.agentMemories,
+    },
+    contextVersions: {
+      current: contextCount,
+      limit: limits.contextVersions === Infinity ? -1 : limits.contextVersions,
+    },
+    activeSchedules: {
+      current: scheduleCount,
+      limit: limits.activeSchedules === Infinity ? -1 : limits.activeSchedules,
+    },
+    parallelWorkflows: {
+      current: parallelCount,
+      limit: limits.parallelWorkflows === Infinity ? -1 : limits.parallelWorkflows,
+    },
+  });
+}

package/src/app/api/marketplace/browse/route.ts

@@ -0,0 +1,15 @@
+import { NextRequest, NextResponse } from "next/server";
+import { browseBlueprints } from "@/lib/marketplace/marketplace-client";
+
+/**
+ * GET /api/marketplace/browse?page=1&category=general
+ * Browse published marketplace blueprints. Available to all tiers.
+ */
+export async function GET(req: NextRequest) {
+  const { searchParams } = req.nextUrl;
+  const page = parseInt(searchParams.get("page") ?? "1", 10);
+  const category = searchParams.get("category") ?? undefined;
+
+  const result = await browseBlueprints(page, category);
+  return NextResponse.json(result);
+}

package/src/app/api/marketplace/import/route.ts

@@ -0,0 +1,28 @@
+import { NextRequest, NextResponse } from "next/server";
+import { licenseManager } from "@/lib/license/manager";
+import { importBlueprint } from "@/lib/marketplace/marketplace-client";
+
+/**
+ * POST /api/marketplace/import
+ * Import a blueprint from the marketplace. Requires Solo+ tier.
+ */
+export async function POST(req: NextRequest) {
+  if (!licenseManager.isFeatureAllowed("marketplace-import")) {
+    return NextResponse.json(
+      { error: "Blueprint import requires Solo tier or above" },
+      { status: 402 }
+    );
+  }
+
+  const { blueprintId } = await req.json();
+  if (!blueprintId) {
+    return NextResponse.json({ error: "blueprintId required" }, { status: 400 });
+  }
+
+  const result = await importBlueprint(blueprintId);
+  if (!result.success) {
+    return NextResponse.json({ error: result.error }, { status: 500 });
+  }
+
+  return NextResponse.json({ content: result.content });
+}

package/src/app/api/marketplace/publish/route.ts

@@ -0,0 +1,40 @@
+import { NextRequest, NextResponse } from "next/server";
+import { licenseManager } from "@/lib/license/manager";
+import { publishBlueprint } from "@/lib/marketplace/marketplace-client";
+
+/**
+ * POST /api/marketplace/publish
+ * Publish a workflow blueprint to the marketplace. Requires Operator+ tier.
+ */
+export async function POST(req: NextRequest) {
+  if (!licenseManager.isFeatureAllowed("marketplace-publish")) {
+    return NextResponse.json(
+      { error: "Blueprint publishing requires Operator tier or above" },
+      { status: 402 }
+    );
+  }
+
+  const body = await req.json();
+  const { title, description, category, content, tags } = body;
+
+  if (!title || !content) {
+    return NextResponse.json(
+      { error: "title and content are required" },
+      { status: 400 }
+    );
+  }
+
+  const result = await publishBlueprint({
+    title,
+    description: description ?? "",
+    category: category ?? "general",
+    content,
+    tags: tags ?? [],
+  });
+
+  if (!result.success) {
+    return NextResponse.json({ error: result.error }, { status: 500 });
+  }
+
+  return NextResponse.json({ id: result.id }, { status: 201 });
+}

package/src/app/api/memory/route.ts

@@ -3,6 +3,9 @@ import { db } from "@/lib/db";
 import { agentMemory } from "@/lib/db/schema";
 import { and, eq, desc } from "drizzle-orm";
 import { randomUUID } from "crypto";
+import { checkLimit, buildLimitErrorBody } from "@/lib/license/limit-check";
+import { getMemoryCount } from "@/lib/license/limit-queries";
+import { createTierLimitNotification } from "@/lib/license/notifications";
 
 /**
  * GET /api/memory?profileId=xxx&category=fact&status=active
@@ -75,6 +78,14 @@ export async function POST(req: NextRequest) {
       );
     }
 
+    // Tier limit check — memory cap per profile
+    const currentCount = getMemoryCount(profileId);
+    const limitResult = checkLimit("agentMemories", currentCount);
+    if (!limitResult.allowed) {
+      createTierLimitNotification("agentMemories", currentCount, limitResult.limit).catch(() => {});
+      return NextResponse.json(buildLimitErrorBody("agentMemories", limitResult), { status: 402 });
+    }
+
     const now = new Date();
     const id = randomUUID();
     // Convert 0-1 confidence to 0-1000, default 700

package/src/app/api/onboarding/email/route.ts

@@ -0,0 +1,53 @@
+import { NextRequest, NextResponse } from "next/server";
+import { z } from "zod";
+import { getSupabaseClient } from "@/lib/cloud/supabase-client";
+
+const emailSchema = z.object({
+  email: z.string().email(),
+});
+
+/**
+ * POST /api/onboarding/email
+ * Creates a Supabase Auth user via magic link.
+ * Fire-and-forget — does not block any local functionality.
+ */
+export async function POST(req: NextRequest) {
+  const body = await req.json();
+  const parsed = emailSchema.safeParse(body);
+
+  if (!parsed.success) {
+    return NextResponse.json(
+      { error: "Valid email required" },
+      { status: 400 }
+    );
+  }
+
+  const supabase = getSupabaseClient();
+  if (!supabase) {
+    // Cloud not configured — silently succeed
+    return NextResponse.json({ ok: true });
+  }
+
+  try {
+    const { error } = await supabase.auth.signInWithOtp({
+      email: parsed.data.email,
+      options: {
+        emailRedirectTo: `${process.env.NEXT_PUBLIC_SUPABASE_URL ?? "http://localhost:3000"}/auth/callback`,
+      },
+    });
+
+    if (error) {
+      return NextResponse.json(
+        { error: error.message },
+        { status: 502 }
+      );
+    }
+
+    return NextResponse.json({ ok: true });
+  } catch {
+    return NextResponse.json(
+      { error: "Failed to connect to cloud service" },
+      { status: 502 }
+    );
+  }
+}

package/src/app/api/onboarding/progress/route.ts

@@ -0,0 +1,60 @@
+import { NextResponse } from "next/server";
+import { db } from "@/lib/db";
+import { tasks, projects, schedules, settings } from "@/lib/db/schema";
+import { eq, sql } from "drizzle-orm";
+
+interface Milestone {
+  id: string;
+  label: string;
+  completed: boolean;
+}
+
+/**
+ * GET /api/onboarding/progress
+ * Returns 6 milestones computed from existing DB data.
+ */
+export async function GET() {
+  const taskCount = db
+    .select({ count: sql<number>`count(*)` })
+    .from(tasks)
+    .get()?.count ?? 0;
+
+  const completedTaskCount = db
+    .select({ count: sql<number>`count(*)` })
+    .from(tasks)
+    .where(eq(tasks.status, "completed"))
+    .get()?.count ?? 0;
+
+  const projectCount = db
+    .select({ count: sql<number>`count(*)` })
+    .from(projects)
+    .get()?.count ?? 0;
+
+  const scheduleCount = db
+    .select({ count: sql<number>`count(*)` })
+    .from(schedules)
+    .get()?.count ?? 0;
+
+  const hasBudgetConfig = db
+    .select({ count: sql<number>`count(*)` })
+    .from(settings)
+    .where(eq(settings.key, "usage.budgetPolicy"))
+    .get()?.count ?? 0;
+
+  const milestones: Milestone[] = [
+    { id: "create-task", label: "Create a task", completed: taskCount > 0 },
+    { id: "complete-task", label: "Run a task to completion", completed: completedTaskCount > 0 },
+    { id: "create-project", label: "Create a project", completed: projectCount > 0 },
+    { id: "create-schedule", label: "Schedule a workflow", completed: scheduleCount > 0 },
+    { id: "run-three", label: "Run 3 tasks", completed: completedTaskCount >= 3 },
+    { id: "configure-budget", label: "Configure a budget", completed: hasBudgetConfig > 0 },
+  ];
+
+  const completedCount = milestones.filter((m) => m.completed).length;
+
+  return NextResponse.json({
+    milestones,
+    completedCount,
+    totalCount: milestones.length,
+  });
+}

package/src/app/api/schedules/route.ts

@@ -6,6 +6,9 @@ import { parseInterval, computeNextFireTime } from "@/lib/schedules/interval-par
 import { parseNaturalLanguage } from "@/lib/schedules/nlp-parser";
 import { resolveAgentRuntime } from "@/lib/agents/runtime/catalog";
 import { validateRuntimeProfileAssignment } from "@/lib/agents/profiles/assignment-validation";
+import { checkLimit, buildLimitErrorBody } from "@/lib/license/limit-check";
+import { getActiveScheduleCount } from "@/lib/license/limit-queries";
+import { createTierLimitNotification } from "@/lib/license/notifications";
 
 export async function GET() {
   const result = await db
@@ -127,6 +130,14 @@ export async function POST(req: NextRequest) {
     return NextResponse.json({ error: compatibilityError }, { status: 400 });
   }
 
+  // Tier limit check — active schedule cap
+  const activeCount = getActiveScheduleCount();
+  const limitResult = checkLimit("activeSchedules", activeCount);
+  if (!limitResult.allowed) {
+    createTierLimitNotification("activeSchedules", activeCount, limitResult.limit).catch(() => {});
+    return NextResponse.json(buildLimitErrorBody("activeSchedules", limitResult), { status: 402 });
+  }
+
   const id = crypto.randomUUID();
   const now = new Date();
   const nextFireAt = computeNextFireTime(cronExpression, now);

package/src/app/api/settings/telemetry/route.ts

@@ -0,0 +1,14 @@
+import { NextRequest, NextResponse } from "next/server";
+import { getSetting, setSetting } from "@/lib/settings/helpers";
+import { SETTINGS_KEYS } from "@/lib/constants/settings";
+
+export async function GET() {
+  const enabled = await getSetting(SETTINGS_KEYS.TELEMETRY_ENABLED);
+  return NextResponse.json({ enabled: enabled === "true" });
+}
+
+export async function POST(req: NextRequest) {
+  const { enabled } = await req.json();
+  await setSetting(SETTINGS_KEYS.TELEMETRY_ENABLED, String(!!enabled));
+  return NextResponse.json({ enabled: !!enabled });
+}