stagent 0.9.0 → 0.9.1

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "stagent",
-  "version": "0.9.0",
+  "version": "0.9.1",
   "description": "AI Business Operating System — run your business with AI agents. Local-first, multi-provider, governed.",
   "keywords": [
     "ai",

package/src/app/auth/callback/route.ts

@@ -3,10 +3,7 @@ import { createClient } from "@supabase/supabase-js";
 import { licenseManager } from "@/lib/license/manager";
 import { validateLicenseWithCloud } from "@/lib/license/cloud-validation";
 import { sendUpgradeConfirmation } from "@/lib/billing/email";
-
-const DEFAULT_SUPABASE_URL = "https://yznantjbmacbllhcyzwc.supabase.co";
-const DEFAULT_SUPABASE_ANON_KEY =
-  "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6Inl6bmFudGpibWFjYmxsaGN5endjIiwicm9sZSI6ImFub24iLCJpYXQiOjE3NzI1MDg1ODMsImV4cCI6MjA4ODA4NDU4M30.i-P7MXpR1_emBjhUkzbFeSX7fgjgPDv90_wkqF7sW3Y";
+import { getSupabaseUrl, getSupabaseAnonKey } from "@/lib/cloud/supabase-client";
 
 /**
  * GET /auth/callback
@@ -30,10 +27,7 @@ export async function GET(req: NextRequest) {
     return NextResponse.redirect(new URL("/settings?auth=error", req.url));
   }
 
-  const url = process.env.NEXT_PUBLIC_SUPABASE_URL || DEFAULT_SUPABASE_URL;
-  const anonKey = process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY || DEFAULT_SUPABASE_ANON_KEY;
-
-  const supabase = createClient(url, anonKey, {
+  const supabase = createClient(getSupabaseUrl(), getSupabaseAnonKey(), {
     auth: { persistSession: false },
   });
 

package/src/instrumentation.node.ts

@@ -0,0 +1,44 @@
+/**
+ * Node.js-only instrumentation startup.
+ * Imported dynamically from instrumentation.ts with a bundler-ignore comment
+ * so the Edge runtime never analyzes this module's dependency tree.
+ */
+export async function registerNode() {
+  // License manager — initialize from DB (creates default row if needed)
+  const { licenseManager } = await import("@/lib/license/manager");
+  licenseManager.initialize();
+  licenseManager.startValidationTimer();
+
+  const { startScheduler } = await import("@/lib/schedules/scheduler");
+  startScheduler();
+
+  const { startChannelPoller } = await import("@/lib/channels/poller");
+  startChannelPoller();
+
+  const { startAutoBackup } = await import("@/lib/snapshots/auto-backup");
+  startAutoBackup();
+
+  // History retention cleanup — prunes old agent_logs and usage_ledger
+  // based on tier retention limit (Community: 30 days)
+  const CLEANUP_INTERVAL = 24 * 60 * 60 * 1000; // 24 hours
+
+  async function cleanup() {
+    const retentionDays = licenseManager.getLimit("historyRetentionDays");
+    if (!Number.isFinite(retentionDays)) return; // Unlimited retention
+
+    const { db } = await import("@/lib/db");
+    const { agentLogs, usageLedger } = await import("@/lib/db/schema");
+    const { lt } = await import("drizzle-orm");
+
+    const cutoff = new Date(Date.now() - retentionDays * 24 * 60 * 60 * 1000);
+    db.delete(agentLogs).where(lt(agentLogs.timestamp, cutoff)).run();
+    db.delete(usageLedger).where(lt(usageLedger.startedAt, cutoff)).run();
+  }
+
+  cleanup().catch(() => {});
+  setInterval(() => cleanup().catch(() => {}), CLEANUP_INTERVAL);
+
+  // Telemetry batch flush (opt-in, every 5 minutes)
+  const { startTelemetryFlush } = await import("@/lib/telemetry/queue");
+  startTelemetryFlush();
+}

package/src/instrumentation.ts

@@ -1,47 +1,10 @@
 export async function register() {
-  // Only start background services on the server (not during build or edge)
   if (process.env.NEXT_RUNTIME === "nodejs") {
-    // License manager — initialize from DB (creates default row if needed)
-    const { licenseManager } = await import("@/lib/license/manager");
-    licenseManager.initialize();
-    licenseManager.startValidationTimer();
-
-    const { startScheduler } = await import("@/lib/schedules/scheduler");
-    startScheduler();
-
-    const { startChannelPoller } = await import("@/lib/channels/poller");
-    startChannelPoller();
-
-    const { startAutoBackup } = await import("@/lib/snapshots/auto-backup");
-    startAutoBackup();
-
-    // History retention cleanup — prunes old agent_logs and usage_ledger
-    // based on tier retention limit (Community: 30 days)
-    startHistoryCleanup(licenseManager);
-
-    // Telemetry batch flush (opt-in, every 5 minutes)
-    const { startTelemetryFlush } = await import("@/lib/telemetry/queue");
-    startTelemetryFlush();
+    // Single dynamic import with bundler-ignore so Turbopack's Edge analyzer
+    // never follows this module's Node.js dependency tree.
+    const { registerNode } = await import(
+      /* webpackIgnore: true */ "./instrumentation.node"
+    );
+    await registerNode();
   }
 }
-
-async function startHistoryCleanup(licenseManager: { getLimit: (r: "historyRetentionDays") => number }) {
-  const CLEANUP_INTERVAL = 24 * 60 * 60 * 1000; // 24 hours
-
-  async function cleanup() {
-    const retentionDays = licenseManager.getLimit("historyRetentionDays");
-    if (!Number.isFinite(retentionDays)) return; // Unlimited retention
-
-    const { db } = await import("@/lib/db");
-    const { agentLogs, usageLedger } = await import("@/lib/db/schema");
-    const { lt } = await import("drizzle-orm");
-
-    const cutoff = new Date(Date.now() - retentionDays * 24 * 60 * 60 * 1000);
-    db.delete(agentLogs).where(lt(agentLogs.timestamp, cutoff)).run();
-    db.delete(usageLedger).where(lt(usageLedger.startedAt, cutoff)).run();
-  }
-
-  // Run once at startup, then daily
-  cleanup().catch(() => {});
-  setInterval(() => cleanup().catch(() => {}), CLEANUP_INTERVAL);
-}

package/src/lib/agents/profiles/registry.ts

@@ -1,4 +1,5 @@
 import fs from "node:fs";
+import { homedir } from "node:os";
 import path from "node:path";
 import yaml from "js-yaml";
 import { ProfileConfigSchema } from "@/lib/validators/profile";
@@ -30,7 +31,7 @@ function getBuiltinsDir(): string {
 }
 
 const SKILLS_DIR = path.join(
-  process.env.HOME ?? process.env.USERPROFILE ?? ".",
+  process.env.HOME ?? process.env.USERPROFILE ?? homedir(),
   ".claude",
   "skills"
 );

package/src/lib/billing/email.ts

@@ -6,7 +6,7 @@
  * the cloud backend is not configured.
  */
 
-import { isCloudConfigured } from "@/lib/cloud/supabase-client";
+import { isCloudConfigured, getSupabaseUrl, getSupabaseAnonKey } from "@/lib/cloud/supabase-client";
 
 async function sendEmail(
   template: string,
@@ -15,8 +15,8 @@ async function sendEmail(
 ): Promise<void> {
   if (!isCloudConfigured()) return;
 
-  const supabaseUrl = process.env.NEXT_PUBLIC_SUPABASE_URL!;
-  const anonKey = process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!;
+  const supabaseUrl = getSupabaseUrl();
+  const anonKey = getSupabaseAnonKey();
 
   try {
     await fetch(`${supabaseUrl}/functions/v1/send-email`, {

package/src/lib/billing/stripe.ts

@@ -6,7 +6,7 @@
  * Edge Functions to create Checkout Sessions and Portal Sessions.
  */
 
-import { isCloudConfigured } from "@/lib/cloud/supabase-client";
+import { isCloudConfigured, getSupabaseUrl, getSupabaseAnonKey } from "@/lib/cloud/supabase-client";
 import { getProductForTier } from "./products";
 import type { LicenseTier } from "@/lib/license/tier-limits";
 import type { BillingInterval } from "./products";
@@ -30,8 +30,8 @@ export async function createCheckoutSession(
   }
 
   const priceId = product.prices[billingPeriod].id;
-  const supabaseUrl = process.env.NEXT_PUBLIC_SUPABASE_URL!;
-  const anonKey = process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!;
+  const supabaseUrl = getSupabaseUrl();
+  const anonKey = getSupabaseAnonKey();
 
   try {
     const response = await fetch(
@@ -72,8 +72,8 @@ export async function createPortalSession(
     return { error: "Cloud backend not configured" };
   }
 
-  const supabaseUrl = process.env.NEXT_PUBLIC_SUPABASE_URL!;
-  const anonKey = process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!;
+  const supabaseUrl = getSupabaseUrl();
+  const anonKey = getSupabaseAnonKey();
 
   try {
     const response = await fetch(

package/src/lib/cloud/supabase-browser.ts

@@ -9,10 +9,7 @@
  */
 
 import { createClient, type SupabaseClient } from "@supabase/supabase-js";
-
-const DEFAULT_SUPABASE_URL = "https://yznantjbmacbllhcyzwc.supabase.co";
-const DEFAULT_SUPABASE_ANON_KEY =
-  "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6Inl6bmFudGpibWFjYmxsaGN5endjIiwicm9sZSI6ImFub24iLCJpYXQiOjE3NzI1MDg1ODMsImV4cCI6MjA4ODA4NDU4M30.i-P7MXpR1_emBjhUkzbFeSX7fgjgPDv90_wkqF7sW3Y";
+import { getSupabaseUrl, getSupabaseAnonKey } from "@/lib/cloud/supabase-client";
 
 let browserClient: SupabaseClient | null = null;
 
@@ -23,10 +20,7 @@ let browserClient: SupabaseClient | null = null;
 export function getSupabaseBrowserClient(): SupabaseClient {
   if (browserClient) return browserClient;
 
-  const url = process.env.NEXT_PUBLIC_SUPABASE_URL || DEFAULT_SUPABASE_URL;
-  const anonKey = process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY || DEFAULT_SUPABASE_ANON_KEY;
-
-  browserClient = createClient(url, anonKey, {
+  browserClient = createClient(getSupabaseUrl(), getSupabaseAnonKey(), {
     auth: {
       autoRefreshToken: true,
       persistSession: true,

package/src/lib/cloud/supabase-client.ts

@@ -15,6 +15,16 @@ const DEFAULT_SUPABASE_URL = "https://yznantjbmacbllhcyzwc.supabase.co";
 const DEFAULT_SUPABASE_ANON_KEY =
   "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6Inl6bmFudGpibWFjYmxsaGN5endjIiwicm9sZSI6ImFub24iLCJpYXQiOjE3NzI1MDg1ODMsImV4cCI6MjA4ODA4NDU4M30.i-P7MXpR1_emBjhUkzbFeSX7fgjgPDv90_wkqF7sW3Y";
 
+/** Resolved Supabase URL (env override or production default) */
+export function getSupabaseUrl(): string {
+  return process.env.NEXT_PUBLIC_SUPABASE_URL || DEFAULT_SUPABASE_URL;
+}
+
+/** Resolved Supabase anon key (env override or production default) */
+export function getSupabaseAnonKey(): string {
+  return process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY || DEFAULT_SUPABASE_ANON_KEY;
+}
+
 let client: SupabaseClient | null = null;
 let initialized = false;
 
@@ -27,10 +37,7 @@ export function getSupabaseClient(): SupabaseClient | null {
   if (initialized) return client;
   initialized = true;
 
-  const url = process.env.NEXT_PUBLIC_SUPABASE_URL || DEFAULT_SUPABASE_URL;
-  const anonKey = process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY || DEFAULT_SUPABASE_ANON_KEY;
-
-  client = createClient(url, anonKey, {
+  client = createClient(getSupabaseUrl(), getSupabaseAnonKey(), {
     auth: {
       autoRefreshToken: true,
       persistSession: false, // Server-side — no browser session

package/src/lib/license/cloud-validation.ts

@@ -6,13 +6,9 @@
  * defaults as supabase-client.ts (production backend by default).
  */
 
-import { isCloudConfigured } from "@/lib/cloud/supabase-client";
+import { isCloudConfigured, getSupabaseUrl, getSupabaseAnonKey } from "@/lib/cloud/supabase-client";
 import type { LicenseTier } from "./tier-limits";
 
-const DEFAULT_SUPABASE_URL = "https://yznantjbmacbllhcyzwc.supabase.co";
-const DEFAULT_SUPABASE_ANON_KEY =
-  "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6Inl6bmFudGpibWFjYmxsaGN5endjIiwicm9sZSI6ImFub24iLCJpYXQiOjE3NzI1MDg1ODMsImV4cCI6MjA4ODA4NDU4M30.i-P7MXpR1_emBjhUkzbFeSX7fgjgPDv90_wkqF7sW3Y";
-
 export interface CloudValidationResult {
   valid: boolean;
   tier: LicenseTier;
@@ -31,8 +27,8 @@ export async function validateLicenseWithCloud(
     return { valid: false, tier: "community", error: "Cloud disabled or no email" };
   }
 
-  const supabaseUrl = process.env.NEXT_PUBLIC_SUPABASE_URL || DEFAULT_SUPABASE_URL;
-  const anonKey = process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY || DEFAULT_SUPABASE_ANON_KEY;
+  const supabaseUrl = getSupabaseUrl();
+  const anonKey = getSupabaseAnonKey();
 
   try {
     const response = await fetch(`${supabaseUrl}/functions/v1/validate-license`, {

package/src/lib/marketplace/marketplace-client.ts

@@ -4,7 +4,7 @@
  * Writes go directly to Supabase with RLS.
  */
 
-import { getSupabaseClient, isCloudConfigured } from "@/lib/cloud/supabase-client";
+import { getSupabaseClient, isCloudConfigured, getSupabaseUrl, getSupabaseAnonKey } from "@/lib/cloud/supabase-client";
 
 export interface MarketplaceBlueprint {
   id: string;
@@ -36,8 +36,8 @@ export async function browseBlueprints(
     return { blueprints: [], total: 0, page, limit: 20 };
   }
 
-  const supabaseUrl = process.env.NEXT_PUBLIC_SUPABASE_URL!;
-  const anonKey = process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!;
+  const supabaseUrl = getSupabaseUrl();
+  const anonKey = getSupabaseAnonKey();
 
   const params = new URLSearchParams({ page: String(page) });
   if (category) params.set("category", category);

package/src/lib/sync/cloud-sync.ts

@@ -12,7 +12,7 @@ import { readFileSync, writeFileSync, existsSync, copyFileSync } from "fs";
 import { join } from "path";
 import { tmpdir } from "os";
 import { getStagentDataDir } from "@/lib/utils/stagent-paths";
-import { getSupabaseClient } from "@/lib/cloud/supabase-client";
+import { getSupabaseClient, getSupabaseUrl, getSupabaseAnonKey } from "@/lib/cloud/supabase-client";
 import { sqlite } from "@/lib/db";
 
 const SYNC_VERSION = Buffer.from([0, 0, 0, 1]); // Version 1
@@ -89,9 +89,7 @@ export async function exportAndUpload(
   // If an access token is provided, create an authenticated client for Storage RLS
   if (accessToken) {
     const { createClient } = await import("@supabase/supabase-js");
-    const url = process.env.NEXT_PUBLIC_SUPABASE_URL || "https://yznantjbmacbllhcyzwc.supabase.co";
-    const anonKey = process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY || "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6Inl6bmFudGpibWFjYmxsaGN5endjIiwicm9sZSI6ImFub24iLCJpYXQiOjE3NzI1MDg1ODMsImV4cCI6MjA4ODA4NDU4M30.i-P7MXpR1_emBjhUkzbFeSX7fgjgPDv90_wkqF7sW3Y";
-    supabase = createClient(url, anonKey, {
+    supabase = createClient(getSupabaseUrl(), getSupabaseAnonKey(), {
       global: { headers: { Authorization: `Bearer ${accessToken}` } },
       auth: { persistSession: false },
     });

package/src/lib/telemetry/conversion-events.ts

@@ -9,7 +9,7 @@
  * No-op if Supabase is not configured.
  */
 
-import { isCloudConfigured } from "@/lib/cloud/supabase-client";
+import { isCloudConfigured, getSupabaseUrl, getSupabaseAnonKey } from "@/lib/cloud/supabase-client";
 import { getSettingSync, setSetting } from "@/lib/settings/helpers";
 
 const SESSION_KEY = "conversion.sessionId";
@@ -49,10 +49,8 @@ export function trackConversionEvent(
   if (!isCloudConfigured()) return;
 
   const sessionId = getSessionId();
-  const supabaseUrl = process.env.NEXT_PUBLIC_SUPABASE_URL;
-  const anonKey = process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY;
-
-  if (!supabaseUrl || !anonKey) return;
+  const supabaseUrl = getSupabaseUrl();
+  const anonKey = getSupabaseAnonKey();
 
   // Fire-and-forget — don't await, don't block
   fetch(`${supabaseUrl}/functions/v1/conversion-ingest`, {

package/src/lib/telemetry/queue.ts

@@ -11,7 +11,7 @@
 
 import { getSettingSync, setSetting } from "@/lib/settings/helpers";
 import { SETTINGS_KEYS } from "@/lib/constants/settings";
-import { isCloudConfigured } from "@/lib/cloud/supabase-client";
+import { isCloudConfigured, getSupabaseUrl, getSupabaseAnonKey } from "@/lib/cloud/supabase-client";
 
 const MAX_BATCH_SIZE = 200;
 const FLUSH_INTERVAL_MS = 5 * 60 * 1000; // 5 minutes
@@ -75,8 +75,8 @@ export async function flushTelemetryBatch(): Promise<void> {
   const batch = loadBatch();
   if (batch.length === 0) return;
 
-  const supabaseUrl = process.env.NEXT_PUBLIC_SUPABASE_URL!;
-  const anonKey = process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!;
+  const supabaseUrl = getSupabaseUrl();
+  const anonKey = getSupabaseAnonKey();
 
   try {
     const res = await fetch(`${supabaseUrl}/functions/v1/telemetry-ingest`, {