@2en/clawly-plugins 1.30.0-beta.0 → 1.30.0-beta.2

package/auto-pair.ts

@@ -4,7 +4,7 @@ import type {PluginApi} from './index'
 // Security note: clientId is self-reported by the connecting client. This is safe
 // because the gateway enforces Ed25519 signature verification before a pairing
 // request is created — only clients with valid device identity reach this stage.
-const AUTO_APPROVE_CLIENT_IDS = new Set(['openclaw-ios', 'node-host'])
+const AUTO_APPROVE_CLIENT_IDS = new Set(['openclaw-ios', 'openclaw-macos', 'node-host'])
 const POLL_INTERVAL_MS = 3_000
 
 type PendingRequest = {

package/clawly-config-defaults.json5

@@ -94,6 +94,7 @@
   // and fallback lists.
   agents: {
     defaults: {
+      thinkingDefault: "off",
       model: {
         primary: "clawly-model-gateway/anthropic/claude-sonnet-4.6",
       },

package/config-setup.ts

@@ -250,12 +250,18 @@ export function patchBrowser(config: Record<string, unknown>): boolean {
     dirty = true
   }
 
-  // owner: grant mobile app owner permissions (required for cron tool etc.)
+  // owner: grant mobile/mac app owner permissions (required for cron tool etc.)
   const ownerAllowFrom = Array.isArray(commands.ownerAllowFrom)
     ? (commands.ownerAllowFrom as string[])
     : []
-  if (!ownerAllowFrom.includes('openclaw-ios')) {
-    ownerAllowFrom.push('openclaw-ios')
+  let ownerDirty = false
+  for (const clientId of ['openclaw-ios', 'openclaw-macos']) {
+    if (!ownerAllowFrom.includes(clientId)) {
+      ownerAllowFrom.push(clientId)
+      ownerDirty = true
+    }
+  }
+  if (ownerDirty) {
     commands.ownerAllowFrom = ownerAllowFrom
     config.commands = commands
     dirty = true
@@ -490,7 +496,7 @@ export function patchContextPruning(config: Record<string, unknown>): boolean {
   return false
 }
 
-const DEFAULT_HEARTBEAT_MODEL = `${PROVIDER_NAME}/qwen/qwen3.5-flash-02-23`
+const DEFAULT_HEARTBEAT_MODEL = `${PROVIDER_NAME}/moonshotai/kimi-k2.5`
 
 function resolveDefaultHeartbeatModel(pc: ConfigPluginConfig): string {
   return toProviderModelId(pc.defaultHeartbeatModel) || DEFAULT_HEARTBEAT_MODEL

package/gateway/cron-delivery.test.ts

@@ -279,17 +279,35 @@ describe('cron-delivery', () => {
       })
     })
 
-    test('does not skip meaningful content ending with HEARTBEAT_OK', async () => {
+    test('does not skip meaningful content ending with HEARTBEAT_OK when long enough', async () => {
       const {api, handlers} = createMockApi()
       registerCronDelivery(api)
 
+      // Content after stripping HEARTBEAT_OK must exceed 300 chars to pass through
+      const longContent = 'A'.repeat(301) + ' HEARTBEAT_OK'
       await handlers.get('agent_end')!(
-        {messages: makeMessages('Weather is good today. HEARTBEAT_OK')},
+        {messages: makeMessages(longContent)},
         {sessionKey: 'agent:clawly:cron:weather-check', agentId: 'clawly'},
       )
 
       expect(injectCalls).toHaveLength(1)
     })
+
+    test('skips short content ending with HEARTBEAT_OK', async () => {
+      const {api, logs, handlers} = createMockApi()
+      registerCronDelivery(api)
+
+      await handlers.get('agent_end')!(
+        {messages: makeMessages('Weather is good today. HEARTBEAT_OK')},
+        {sessionKey: 'agent:clawly:cron:weather-check', agentId: 'clawly'},
+      )
+
+      expect(injectCalls).toHaveLength(0)
+      expect(logs).toContainEqual({
+        level: 'info',
+        msg: expect.stringContaining('skipped (filtered: heartbeat ack)'),
+      })
+    })
   })
 
   describe('agentId validation', () => {
@@ -327,7 +345,9 @@ describe('cron-delivery', () => {
       ])
       expect(logs).toContainEqual({
         level: 'info',
-        msg: 'cron-delivery: injected into agent:clawly:main (messageId=msg-001)',
+        msg: expect.stringContaining(
+          'cron-delivery: injected into agent:clawly:main (messageId=msg-001)',
+        ),
       })
     })
 
@@ -360,7 +380,7 @@ describe('cron-delivery', () => {
       expect(injectCalls).toHaveLength(0)
       expect(logs).toContainEqual({
         level: 'error',
-        msg: 'cron-delivery: sessions.resolve failed: JSON parse error',
+        msg: expect.stringContaining('sessions.resolve failed: JSON parse error'),
       })
     })
 
@@ -378,7 +398,7 @@ describe('cron-delivery', () => {
       expect(injectCalls).toHaveLength(1)
       expect(logs).toContainEqual({
         level: 'error',
-        msg: 'cron-delivery: chat.inject failed: timeout',
+        msg: expect.stringContaining('chat.inject failed: timeout'),
       })
     })
   })

package/gateway/cron-delivery.ts

@@ -59,9 +59,13 @@ export function registerCronDelivery(api: PluginApi) {
       `cron-delivery[debug]: agent_end fired sessionKey=${sessionKey} agentId=${agentId ?? 'undefined'} trigger=${String(ctx?.trigger ?? 'undefined')}`,
     )
 
+    const t0 = Date.now()
     try {
       // Extract raw assistant text (preserving formatting)
       const text = getRawLastAssistantText(event.messages)
+      api.logger.info(
+        `cron-delivery[debug]: extracted text len=${text?.length ?? 'null'} elapsed=${Date.now() - t0}ms`,
+      )
       if (text == null) {
         api.logger.info('cron-delivery: skipped (no assistant message)')
         if (sessionKey) markCronDeliverySkipped(sessionKey, 'no assistant message')
@@ -97,9 +101,18 @@ export function registerCronDelivery(api: PluginApi) {
         return
       }
 
+      api.logger.info(
+        `cron-delivery[debug]: resolving session for agentId=${agentId} elapsed=${Date.now() - t0}ms`,
+      )
       const mainSessionKey = await resolveSessionKey(agentId, api)
+      api.logger.info(
+        `cron-delivery[debug]: resolved mainSessionKey=${mainSessionKey} elapsed=${Date.now() - t0}ms`,
+      )
 
       // Inject the cron result into the main session
+      api.logger.info(
+        `cron-delivery[debug]: injecting message len=${text.length} into ${mainSessionKey} elapsed=${Date.now() - t0}ms`,
+      )
       const result = await injectAssistantMessage(
         {
           sessionKey: mainSessionKey,
@@ -110,12 +123,12 @@ export function registerCronDelivery(api: PluginApi) {
 
       if (sessionKey) markCronDelivered(sessionKey)
       api.logger.info(
-        `cron-delivery: injected into ${mainSessionKey} (messageId=${result.messageId})`,
+        `cron-delivery: injected into ${mainSessionKey} (messageId=${result.messageId}) elapsed=${Date.now() - t0}ms`,
       )
     } catch (err) {
       const msg = err instanceof Error ? err.message : String(err)
       if (sessionKey) markCronDeliverySkipped(sessionKey, msg)
-      api.logger.error(`cron-delivery: ${msg}`)
+      api.logger.error(`cron-delivery: error after ${Date.now() - t0}ms — ${msg}`)
     }
   })
 

package/gateway/node-dangerous-allowlist.ts

@@ -29,6 +29,9 @@ const DANGEROUS_COMMANDS = [
   // Reminders + calendar (iOS nodes)
   'reminders.add',
   'calendar.add',
+  // Device permissions (iOS nodes) — not in OpenClaw's iOS defaults
+  'device.permissions',
+  'device.requestPermission',
 ]
 
 export function registerNodeDangerousAllowlist(api: PluginApi) {

package/gateway/offline-push.test.ts

@@ -391,21 +391,40 @@ describe('shouldSkipPushForMessage', () => {
     expect(shouldSkipPushForMessage('HEARTBEAT_OK\n')).toBe('heartbeat ack')
   })
 
-  test('does NOT skip meaningful content ending with HEARTBEAT_OK', () => {
-    expect(shouldSkipPushForMessage('All good. HEARTBEAT_OK')).toBeNull()
-    expect(shouldSkipPushForMessage('Nothing to report. HEARTBEAT_OK。')).toBeNull()
+  test('skips short content ending with HEARTBEAT_OK (under ackMaxChars threshold)', () => {
+    // "All good." is 9 chars — well under 300 threshold, matches OpenClaw heartbeat runner behavior
+    expect(shouldSkipPushForMessage('All good. HEARTBEAT_OK')).toBe('heartbeat ack')
+    expect(shouldSkipPushForMessage('Nothing to report. HEARTBEAT_OK。')).toBe('heartbeat ack')
   })
 
-  test('does NOT skip verbose heartbeat response with content before HEARTBEAT_OK', () => {
+  test('skips verbose heartbeat response under ackMaxChars threshold', () => {
+    // 89 chars remaining — under 300, matches OpenClaw behavior
     const verbose =
       'The user said hello recently. Looking at HEARTBEAT.md checklist: nothing needs attention. HEARTBEAT_OK'
-    expect(shouldSkipPushForMessage(verbose)).toBeNull()
+    expect(shouldSkipPushForMessage(verbose)).toBe('heartbeat ack')
   })
 
-  test('does not skip message mentioning HEARTBEAT_OK mid-text', () => {
+  test('skips HEARTBEAT_OK at start with short status note', () => {
+    expect(shouldSkipPushForMessage('HEARTBEAT_OK — all systems nominal.')).toBe('heartbeat ack')
+    expect(shouldSkipPushForMessage('HEARTBEAT_OK. Nothing to report.')).toBe('heartbeat ack')
+  })
+
+  test('does NOT skip HEARTBEAT_OK with >300 chars of real content', () => {
+    const longContent = 'A'.repeat(301)
+    expect(shouldSkipPushForMessage(`HEARTBEAT_OK ${longContent}`)).toBeNull()
+    expect(shouldSkipPushForMessage(`${longContent} HEARTBEAT_OK`)).toBeNull()
+  })
+
+  test('skips message mentioning HEARTBEAT_OK at start with short remaining text', () => {
+    // "is a status code I output after each check." is 45 chars — under 300, matches OpenClaw's stripTokenAtEdges
     expect(
       shouldSkipPushForMessage('HEARTBEAT_OK is a status code I output after each check.'),
-    ).toBeNull()
+    ).toBe('heartbeat ack')
+  })
+
+  test('does NOT skip HEARTBEAT_OK appearing only in middle of text', () => {
+    expect(shouldSkipPushForMessage('You asked about HEARTBEAT_OK earlier.')).toBeNull()
+    expect(shouldSkipPushForMessage('The token HEARTBEAT_OK is used for health checks.')).toBeNull()
   })
 
   test('skips system prompt leak', () => {
@@ -497,7 +516,7 @@ describe('offline-push with filtered messages', () => {
     })
   })
 
-  test('sends push for meaningful heartbeat response and strips HEARTBEAT_OK from body', async () => {
+  test('skips push for short heartbeat response with HEARTBEAT_OK (under ackMaxChars)', async () => {
     const {api, logs, handlers} = createMockApi()
     registerOfflinePush(api)
 
@@ -513,11 +532,37 @@ describe('offline-push with filtered messages', () => {
       {sessionKey: 'agent:clawly:main'},
     )
 
+    expect(logs).toContainEqual({
+      level: 'info',
+      msg: expect.stringContaining('skipped (filtered: heartbeat ack)'),
+    })
+    expect(logs.filter((l) => l.msg.includes('notified'))).toHaveLength(0)
+  })
+
+  test('sends push for long heartbeat response over ackMaxChars and strips HEARTBEAT_OK from body', async () => {
+    const {api, logs, handlers} = createMockApi()
+    registerOfflinePush(api)
+
+    const longContent = 'A'.repeat(301)
+    await handlers.get('agent_end')!(
+      {
+        messages: [
+          {
+            role: 'assistant',
+            content: `${longContent}\n\nHEARTBEAT_OK`,
+          },
+        ],
+      },
+      {sessionKey: 'agent:clawly:main'},
+    )
+
     expect(logs).toContainEqual({
       level: 'info',
       msg: expect.stringContaining('notified (session=agent:clawly:main)'),
     })
-    expect(lastPushOpts?.body).toBe('Hey! Just checking in — saw some interesting news today.')
+    // HEARTBEAT_OK should be stripped from body, content truncated to 140
+    expect(lastPushOpts?.body?.length).toBe(141)
+    expect(lastPushOpts?.body?.endsWith('…')).toBe(true)
   })
 
   test('sends push for normal message text', async () => {
@@ -715,7 +760,7 @@ describe('isInternalRuntimeContextTriggered', () => {
 // ── Heartbeat-triggered integration tests ────────────────────────
 
 describe('offline-push with heartbeat-triggered turns', () => {
-  test('skips push for verbose heartbeat response', async () => {
+  test('skips push for verbose heartbeat response (caught by content filter before trigger check)', async () => {
     const {api, logs, handlers} = createMockApi()
     registerOfflinePush(api)
 
@@ -732,9 +777,10 @@ describe('offline-push with heartbeat-triggered turns', () => {
       {sessionKey: 'agent:clawly:main'},
     )
 
+    // Now caught by shouldSkipPushForMessage (content under 300 chars) before trigger check
     expect(logs).toContainEqual({
       level: 'info',
-      msg: 'offline-push: skipped (heartbeat-triggered turn)',
+      msg: expect.stringContaining('skipped (filtered: heartbeat ack)'),
     })
     expect(logs.filter((l) => l.msg.includes('notified'))).toHaveLength(0)
   })

package/gateway/offline-push.ts

@@ -157,10 +157,17 @@ export function shouldSkipPushForMessage(text: string): string | null {
   // — the scenario is extremely unlikely and the cost is a missed push, not hidden UI.
   if (/NO_REPLY[\p{P}\s]*$/u.test(text)) return 'silent reply'
 
-  // Heartbeat acknowledgment (HEARTBEAT_OK as ending sentinel) — only skip if no substantial content before it
-  if (/HEARTBEAT_OK[\p{P}\s]*$/u.test(text)) {
-    const stripped = text.replace(/HEARTBEAT_OK[\p{P}\s]*$/u, '').trim()
-    if (stripped.length === 0) return 'heartbeat ack'
+  // Heartbeat acknowledgment — strip HEARTBEAT_OK from both edges (mirrors
+  // OpenClaw's stripTokenAtEdges). Skip if remaining text ≤ ackMaxChars (300).
+  const HEARTBEAT_ACK_MAX_CHARS = 300
+  const hasAtEnd = /HEARTBEAT_OK[\p{P}\s]*$/u.test(text)
+  const hasAtStart = /^[\p{P}\s]*HEARTBEAT_OK/u.test(text)
+  if (hasAtEnd || hasAtStart) {
+    let stripped = text
+    if (hasAtEnd) stripped = stripped.replace(/HEARTBEAT_OK[\p{P}\s]*$/u, '')
+    if (hasAtStart) stripped = stripped.replace(/^[\p{P}\s]*HEARTBEAT_OK[\p{P}\s]*/u, '')
+    stripped = stripped.trim()
+    if (stripped.length <= HEARTBEAT_ACK_MAX_CHARS) return 'heartbeat ack'
   }
 
   // Agent echoed system prompt metadata — mobile hides as "systemPromptLeak"
@@ -270,7 +277,17 @@ export function registerOfflinePush(api: PluginApi) {
         return
       }
 
-      const noHeartbeat = fullText?.replace(/HEARTBEAT_OK[\p{P}\s]*$/u, '').trim() ?? null
+      const noHeartbeat =
+        (() => {
+          if (!fullText) return null
+          const atEnd = /HEARTBEAT_OK[\p{P}\s]*$/u.test(fullText)
+          const atStart = /^[\p{P}\s]*HEARTBEAT_OK/u.test(fullText)
+          if (!atEnd && !atStart) return fullText.trim()
+          let s = fullText
+          if (atEnd) s = s.replace(/HEARTBEAT_OK[\p{P}\s]*$/u, '')
+          if (atStart) s = s.replace(/^[\p{P}\s]*HEARTBEAT_OK[\p{P}\s]*/u, '')
+          return s.trim()
+        })() ?? null
       const cleaned = noHeartbeat ? stripPlaceholders(noHeartbeat) : null
       const preview = cleaned && cleaned.length > 140 ? `${cleaned.slice(0, 140)}…` : cleaned
       const body = preview || 'Your response is ready'

package/gateway/presence.test.ts

@@ -6,8 +6,8 @@ describe('isOnlineEntry', () => {
     expect(isOnlineEntry({host: 'openclaw-ios', reason: 'foreground'})).toBe(true)
   })
 
-  test('returns true for reason "connect"', () => {
-    expect(isOnlineEntry({host: 'openclaw-ios', reason: 'connect'})).toBe(true)
+  test('returns false for reason "connect" (WebSocket alive but not foreground)', () => {
+    expect(isOnlineEntry({host: 'openclaw-ios', reason: 'connect'})).toBe(false)
   })
 
   test('returns false for reason "background"', () => {

package/gateway/presence.ts

@@ -1,8 +1,8 @@
 /**
  * Online presence check — queries `system-presence` via the gateway CLI
- * and checks if the mobile client (`openclaw-ios`) is connected.
+ * and checks if ANY device is in the foreground.
  *
- * Method: clawly.isOnline({ host? }) → { isOnline: boolean }
+ * Method: clawly.isOnline() → { isOnline: boolean }
  */
 
 import {$} from 'zx'
@@ -12,43 +12,38 @@ import {stripCliLogs} from '../lib/stripCliLogs'
 
 $.verbose = false
 
-const DEFAULT_HOST = 'openclaw-ios'
-
 interface PresenceEntry {
   host?: string
   reason?: string
 }
 
-/** Returns true if the presence entry indicates the client is connected.
+/** Returns true if the presence entry indicates the user is actively viewing the app.
  *
- *  ENG-1752: 之前只信任 'foreground' 信号，忽略了 'connect'，导致 dev/nightly
- *  环境在 app active 时仍返回 isOnline=false，触发了不必要的 push 通知。
- *  恢复 'connect' 判断以修复在线检测。 */
+ *  Only `foreground` counts — `connect` merely means the WebSocket is alive,
+ *  which is true for backgrounded apps and should not suppress push notifications. */
 export function isOnlineEntry(entry: PresenceEntry | undefined): boolean {
   if (!entry) return false
-  return entry.reason === 'foreground' || entry.reason === 'connect'
+  return entry.reason === 'foreground'
 }
 
 /**
  * Shells out to `openclaw gateway call system-presence` and checks
- * whether the given host has a non-"disconnect" entry.
+ * whether ANY device has a foreground presence entry.
  */
-export async function isClientOnline(host = DEFAULT_HOST): Promise<boolean> {
+export async function isClientOnline(): Promise<boolean> {
   try {
     const result = await $`openclaw gateway call system-presence --json`
     const jsonStr = stripCliLogs(result.stdout)
     const entries: PresenceEntry[] = JSON.parse(jsonStr)
-    const entry = entries.find((e) => e.host === host)
-    return isOnlineEntry(entry)
+    return entries.some(isOnlineEntry)
   } catch {
     return false
   }
 }
 
 export function registerPresence(api: PluginApi) {
-  api.registerGatewayMethod('clawly.isOnline', async ({params, respond}) => {
-    const host = typeof params.host === 'string' ? params.host : DEFAULT_HOST
-    const isOnline = await isClientOnline(host)
+  api.registerGatewayMethod('clawly.isOnline', async ({respond}) => {
+    const isOnline = await isClientOnline()
     respond(true, {isOnline})
   })
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@2en/clawly-plugins",
-  "version": "1.30.0-beta.0",
+  "version": "1.30.0-beta.2",
   "module": "index.ts",
   "type": "module",
   "repository": {

package/tools/clawly-is-user-online.ts

@@ -11,22 +11,17 @@ const TOOL_NAME = 'clawly_is_user_online'
 
 const parameters: Record<string, unknown> = {
   type: 'object',
-  properties: {
-    host: {
-      type: 'string',
-      description: 'Presence host identifier (default: "openclaw-ios")',
-    },
-  },
+  properties: {},
 }
 
 export function registerIsUserOnlineTool(api: PluginApi) {
   api.registerTool({
     name: TOOL_NAME,
-    description: "Check if the user's mobile device is currently online.",
+    description:
+      "Check if the user's mobile device is currently online (any device in foreground).",
     parameters,
-    async execute(_toolCallId, params) {
-      const host = typeof params.host === 'string' ? params.host : undefined
-      const isOnline = await isClientOnline(host)
+    async execute() {
+      const isOnline = await isClientOnline()
       return {content: [{type: 'text', text: JSON.stringify({isOnline})}]}
     },
   })