@a1hvdy/cc-openclaw 0.27.2 → 0.27.6

package/dist/src/engines/persistent-session.js

@@ -59,6 +59,7 @@ export class PersistentClaudeSession extends EventEmitter {
             startTime: null,
             lastActivity: null,
             lastProgressAt: null,
+            inFlightTools: 0,
             history: [],
             retries: 0,
             lastRetryError: undefined,
@@ -291,6 +292,9 @@ export class PersistentClaudeSession extends EventEmitter {
         });
         this.proc.on('close', (code) => {
             this._isReady = false;
+            // v0.27.6 — liveness watchdog (Killer #1): subprocess gone, nothing can be
+            // in flight; clear so a stale count never outlives the process.
+            this.stats.inFlightTools = 0;
             this.emit(SESSION_EVENT.CLOSE, code);
         });
         this.proc.on('error', (err) => {
@@ -385,6 +389,10 @@ export class PersistentClaudeSession extends EventEmitter {
                     const block = inner.content_block;
                     if (block?.type === 'tool_use') {
                         this.stats.toolCalls++;
+                        // v0.27.6 — liveness watchdog (Killer #1): a tool is now in flight.
+                        // Decremented on its tool_result; reset to 0 at turn boundaries so a
+                        // missed result can't pin the count open forever.
+                        this.stats.inFlightTools++;
                         // v0.26.1: carry the tool_use block id so the Telegram mirror can
                         // match the later tool_result event and flip the glyph … → ✓/✗.
                         const toolEvent = { tool: { name: block.name, input: {}, id: block.id } };
@@ -470,6 +478,10 @@ export class PersistentClaudeSession extends EventEmitter {
                             };
                             if (b.is_error)
                                 this.stats.toolErrors++;
+                            // v0.27.6 — liveness watchdog (Killer #1): this tool's result
+                            // arrived, so it's no longer in flight. Clamp at 0 (a duplicate or
+                            // unmatched result must never push the count negative).
+                            this.stats.inFlightTools = Math.max(0, this.stats.inFlightTools - 1);
                             try {
                                 this._streamCallbacks?.onToolResult?.(resultEvent);
                             }
@@ -511,6 +523,8 @@ export class PersistentClaudeSession extends EventEmitter {
                         }
                         else if (block.type === 'tool_use') {
                             this.stats.toolCalls++;
+                            // v0.27.6 — liveness watchdog (Killer #1): tool in flight (see above).
+                            this.stats.inFlightTools++;
                             const toolEvent = {
                                 tool: {
                                     name: block.name,
@@ -559,6 +573,8 @@ export class PersistentClaudeSession extends EventEmitter {
                 break;
             case 'tool_use':
                 this.stats.toolCalls++;
+                // v0.27.6 — liveness watchdog (Killer #1): tool in flight (see above).
+                this.stats.inFlightTools++;
                 try {
                     this._streamCallbacks?.onToolUse?.(event);
                 }
@@ -568,6 +584,8 @@ export class PersistentClaudeSession extends EventEmitter {
                 this.emit(SESSION_EVENT.TOOL_USE, event);
                 break;
             case 'tool_result':
+                // v0.27.6 — liveness watchdog (Killer #1): tool result arrived (see above).
+                this.stats.inFlightTools = Math.max(0, this.stats.inFlightTools - 1);
                 try {
                     this._streamCallbacks?.onToolResult?.(event);
                 }
@@ -601,6 +619,10 @@ export class PersistentClaudeSession extends EventEmitter {
                 }
                 this.emit(SESSION_EVENT.RESULT, event);
                 this.emit(SESSION_EVENT.TURN_COMPLETE, event);
+                // v0.27.6 — liveness watchdog (Killer #1): turn is over; clear any
+                // in-flight tool count so a missed tool_result can't pin the session
+                // "alive" across turns and permanently disable the stalled backstop.
+                this.stats.inFlightTools = 0;
                 this._fireHook('onTurnComplete', {
                     text: event.result,
                     usage,
@@ -668,6 +690,10 @@ export class PersistentClaudeSession extends EventEmitter {
             this._streamCallbacks = options.callbacks;
         if (options.waitForComplete) {
             this._isBusy = true;
+            // v0.27.6 — liveness watchdog (Killer #1): each turn starts with zero
+            // tools in flight; guarantees no count leaks across turns regardless of
+            // how the prior turn ended (result / error / partial).
+            this.stats.inFlightTools = 0;
             try {
                 return await this._waitForTurnComplete(options.timeout || resolveTurnTimeoutMs());
             }
@@ -781,6 +807,7 @@ export class PersistentClaudeSession extends EventEmitter {
             startTime: this.stats.startTime,
             lastActivity: this.stats.lastActivity,
             lastProgressAt: this.stats.lastProgressAt,
+            inFlightTools: this.stats.inFlightTools,
             // v0.6.0: contextPercent now reflects ACTUAL per-turn context occupancy
             // (input + cache-read tokens from the last `result` event), not lifetime
             // cumulative tokens. Pre-fix it saturated at 100% by turn 3 of any

package/dist/src/lib/error-formatter.d.ts

@@ -49,7 +49,12 @@ export interface ErrorContext {
 export interface FormattedError {
     /** NDJSON-ready row */
     jsonlRow: ErrorJsonlRow;
-    /** Telegram message text (MarkdownV2-safe) */
+    /**
+     * Telegram message text (HTML parse_mode). v0.27.3 — converted from
+     * MarkdownV2 to HTML so the entire Telegram surface (live card + error
+     * alerts) renders through ONE parse mode. error-renderer sends this with
+     * parse_mode: 'HTML'.
+     */
     telegramText: string;
 }
 export interface ErrorJsonlRow {
@@ -64,7 +69,14 @@ export interface ErrorJsonlRow {
 }
 /** Extract a usable message from unknown thrown values. */
 export declare function extractMessage(error: unknown): string;
-/** Escape characters special to Telegram MarkdownV2. */
+/**
+ * Escape characters special to Telegram MarkdownV2.
+ *
+ * v0.27.3 — RETAINED for back-compat (and its own unit tests) but no longer
+ * used by formatError, which now emits HTML (see the telegramText block) so the
+ * whole Telegram surface renders through one parse mode. Kept exported in case a
+ * caller still needs MarkdownV2 escaping.
+ */
 export declare function escapeMdV2(text: string): string;
 /**
  * Pure formatter — no side effects on the return value, but DOES emit

package/dist/src/lib/error-formatter.js

@@ -80,7 +80,14 @@ function extractStack(error) {
     }
     return undefined;
 }
-/** Escape characters special to Telegram MarkdownV2. */
+/**
+ * Escape characters special to Telegram MarkdownV2.
+ *
+ * v0.27.3 — RETAINED for back-compat (and its own unit tests) but no longer
+ * used by formatError, which now emits HTML (see the telegramText block) so the
+ * whole Telegram surface renders through one parse mode. Kept exported in case a
+ * caller still needs MarkdownV2 escaping.
+ */
 export function escapeMdV2(text) {
     // Per Telegram docs, these must be escaped: _ * [ ] ( ) ~ ` > # + - = | { } . !
     return text.replace(/[_*[\]()~`>#+=|{}.!\\-]/g, (c) => `\\${c}`);
@@ -97,6 +104,7 @@ const SEVERITY_EMOJI = {
 // are unset, so the import itself has zero runtime cost.
 import { emit as emitTrajectory } from './trajectory.js';
 import { metricsRegistry } from '../health/metrics.js';
+import { escapeHtml } from './html-render.js';
 /**
  * Pure formatter — no side effects on the return value, but DOES emit
  * trajectory + metrics events for centralized observability per Pillars A+B.
@@ -128,27 +136,31 @@ export function formatError(error, context) {
         ...(stack !== undefined ? { stack } : {}),
         ...(context.details !== undefined ? { details: context.details } : {}),
     };
+    // v0.27.3 — emit Telegram HTML (sent with parse_mode: 'HTML' by
+    // error-renderer) so error alerts share the live card's single render path.
+    // <b> code, <code> message, <i> timestamp; all interpolated text is
+    // HTML-escaped (& < >) so a stray < in a message can't break the parser.
     const emoji = SEVERITY_EMOJI[severity];
-    const safeCode = escapeMdV2(context.code);
-    const safeMsg = escapeMdV2(message.length > 300 ? message.slice(0, 300) + '...' : message);
-    const safeTs = escapeMdV2(ts.slice(0, 19).replace('T', ' '));
+    const safeCode = escapeHtml(context.code);
+    const safeMsg = escapeHtml(message.length > 300 ? message.slice(0, 300) + '...' : message);
+    const safeTs = escapeHtml(ts.slice(0, 19).replace('T', ' '));
     const lines = [
-        `${emoji} *${safeCode}*`,
-        `\`${safeMsg}\``,
-        `_${safeTs}_`,
+        `${emoji} <b>${safeCode}</b>`,
+        `<code>${safeMsg}</code>`,
+        `<i>${safeTs}</i>`,
     ];
     if (context.sessionId) {
-        lines.push(`session: \`${escapeMdV2(context.sessionId)}\``);
+        lines.push(`session: <code>${escapeHtml(context.sessionId)}</code>`);
     }
     if (context.laptopId) {
-        lines.push(`laptop: \`${escapeMdV2(context.laptopId)}\``);
+        lines.push(`laptop: <code>${escapeHtml(context.laptopId)}</code>`);
     }
     if (context.details && Object.keys(context.details).length > 0) {
         const detailParts = Object.entries(context.details)
             .slice(0, 5)
-            .map(([k, v]) => `${escapeMdV2(k)}: ${escapeMdV2(String(v))}`)
+            .map(([k, v]) => `${escapeHtml(k)}: ${escapeHtml(String(v))}`)
             .join(', ');
-        lines.push(`_${detailParts}_`);
+        lines.push(`<i>${detailParts}</i>`);
     }
     const telegramText = lines.join('\n');
     return { jsonlRow, telegramText };

package/dist/src/lib/error-renderer.js

@@ -67,7 +67,9 @@ export async function renderError(formatted, opts = {}) {
     const params = {
         chat_id: chatId,
         text: telegramText,
-        parse_mode: 'MarkdownV2',
+        // v0.27.3 — HTML (formatter now emits HTML) so error alerts share the live
+        // card's single render path. The 400-fallback below sends plain text.
+        parse_mode: 'HTML',
     };
     if (opts.threadId)
         params.message_thread_id = opts.threadId;

package/dist/src/lib/html-render.d.ts

@@ -18,26 +18,33 @@
 export declare function escapeHtml(text: string | null | undefined): string;
 /** Inline monospace span: `<code>escaped</code>`. */
 export declare function code(s: string): string;
+/**
+ * Strip Telegram HTML markup back to readable plain text (v0.27.3). Used
+ * by editTg's plain-text fallback: when an HTML edit is rejected, re-sending the
+ * SAME string without parse_mode would dump literal `<b>`/`<pre>` tags into the
+ * chat. This removes the tags and decodes the basic entities so the fallback
+ * stays legible. Not a general sanitizer — scoped to the tags this module emits.
+ */
+export declare function stripHtml(input: string | null | undefined): string;
+/**
+ * v0.27.5 M4 — close any unclosed Telegram-HTML tags this module emits, in LIFO
+ * order. A hard truncation of a rendered card (renderTurn's 4096-char backstop)
+ * can slice through an open `<pre>`/`<b>`/… ; left dangling, Telegram rejects the
+ * edit and editTg falls back to plain text — dumping literal `<pre>`/`**`/`- `
+ * markup into the chat. Closing the danglers keeps the truncated HTML well-formed
+ * so the edit is accepted.
+ *
+ * Conservative by design: only the tags this module emits (pre, code, blockquote,
+ * b, i, s, a) are tracked, balanced input passes through byte-identical, and
+ * stray/mismatched closers are tolerated (pop nearest match, never go negative).
+ * Attribute values here never contain a literal `>` (escapeHtml runs on class /
+ * href), so `[^>]*` safely consumes the whole opening tag.
+ */
+export declare function closeDanglingTags(html: string): string;
 /**
  * Fenced code block: `<pre><code class="language-LANG">escaped</code></pre>`.
  * Omits the class when no language is given. Body is HTML-escaped (the only
  * escaping Telegram requires inside pre/code).
  */
 export declare function pre(body: string, lang?: string): string;
-/**
- * Convert a subset of CommonMark Markdown to Telegram HTML with structure
- * preserved (`**bold**`→`<b>`, fenced blocks→`<pre><code>`, etc.). Returns ''
- * for null/undefined.
- *
- * Algorithm (placeholder substitution, NUL-sentinel keyed — mirrors
- * markdown-to-mdv2.ts so behaviour is auditable side-by-side):
- *   1. code fences  → <pre><code [class]>…</code></pre>
- *   2. inline code  → <code>…</code>
- *   3. bold (**…**) → <b>…</b>
- *   4. italic (*…* / _…_) → <i>…</i>
- *   5. ATX headers (#…) at line start → <b>…</b>
- *   6. links [label](url) → <a href="url">label</a>
- *   7. escape remaining text (& < >)
- *   8. restore placeholders verbatim
- */
 export declare function markdownToHtml(input: string | null | undefined): string;

package/dist/src/lib/html-render.js

@@ -14,6 +14,7 @@
  * pre+code[class=language-X], blockquote, tg-spoiler. Everything else in text
  * content must have &, <, > escaped.
  */
+/* eslint-disable no-control-regex -- NUL-byte sentinel delimiters intentionally guard placeholders through the bulk-escape step, then are restored */
 /** Escape the three HTML-significant chars for Telegram HTML text content. */
 export function escapeHtml(text) {
     if (text == null)
@@ -27,6 +28,59 @@ export function escapeHtml(text) {
 export function code(s) {
     return `<code>${escapeHtml(s)}</code>`;
 }
+/**
+ * Strip Telegram HTML markup back to readable plain text (v0.27.3). Used
+ * by editTg's plain-text fallback: when an HTML edit is rejected, re-sending the
+ * SAME string without parse_mode would dump literal `<b>`/`<pre>` tags into the
+ * chat. This removes the tags and decodes the basic entities so the fallback
+ * stays legible. Not a general sanitizer — scoped to the tags this module emits.
+ */
+export function stripHtml(input) {
+    if (input == null)
+        return '';
+    return String(input)
+        .replace(/<\/?(?:b|strong|i|em|u|s|a|code|pre|blockquote|tg-spoiler)\b[^>]*>/gi, '')
+        .replace(/&lt;/g, '<')
+        .replace(/&gt;/g, '>')
+        .replace(/&quot;/g, '"')
+        .replace(/&amp;/g, '&');
+}
+/**
+ * v0.27.5 M4 — close any unclosed Telegram-HTML tags this module emits, in LIFO
+ * order. A hard truncation of a rendered card (renderTurn's 4096-char backstop)
+ * can slice through an open `<pre>`/`<b>`/… ; left dangling, Telegram rejects the
+ * edit and editTg falls back to plain text — dumping literal `<pre>`/`**`/`- `
+ * markup into the chat. Closing the danglers keeps the truncated HTML well-formed
+ * so the edit is accepted.
+ *
+ * Conservative by design: only the tags this module emits (pre, code, blockquote,
+ * b, i, s, a) are tracked, balanced input passes through byte-identical, and
+ * stray/mismatched closers are tolerated (pop nearest match, never go negative).
+ * Attribute values here never contain a literal `>` (escapeHtml runs on class /
+ * href), so `[^>]*` safely consumes the whole opening tag.
+ */
+export function closeDanglingTags(html) {
+    const stack = [];
+    const re = /<(\/?)(pre|code|blockquote|b|i|s|a)\b[^>]*>/gi;
+    let m;
+    while ((m = re.exec(html)) !== null) {
+        const tag = m[2].toLowerCase();
+        if (m[1] === '/') {
+            const idx = stack.lastIndexOf(tag);
+            if (idx !== -1)
+                stack.splice(idx, 1);
+        }
+        else {
+            stack.push(tag);
+        }
+    }
+    if (stack.length === 0)
+        return html;
+    let out = html;
+    for (let i = stack.length - 1; i >= 0; i--)
+        out += `</${stack[i]}>`;
+    return out;
+}
 /**
  * Fenced code block: `<pre><code class="language-LANG">escaped</code></pre>`.
  * Omits the class when no language is given. Body is HTML-escaped (the only
@@ -52,16 +106,73 @@ export function pre(body, lang) {
  *   7. escape remaining text (& < >)
  *   8. restore placeholders verbatim
  */
+/** Split a GFM table row into trimmed cells, dropping the empty cells produced
+ *  by leading/trailing pipes (`| a | b |` → ['a','b']). */
+function splitTableRow(row) {
+    const cells = row.split('|').map((c) => c.trim());
+    if (cells.length && cells[0] === '')
+        cells.shift();
+    if (cells.length && cells[cells.length - 1] === '')
+        cells.pop();
+    return cells;
+}
+/** Render parsed table rows as a padded monospace block. Telegram HTML has no
+ *  <table>, so column-aligned text inside <pre> is the faithful terminal-style
+ *  rendering. Returns a ready <pre><code> string (content HTML-escaped by pre()). */
+function renderPaddedTable(rows) {
+    const cols = Math.max(...rows.map((r) => r.length));
+    const widths = [];
+    for (let c = 0; c < cols; c++) {
+        widths[c] = Math.max(...rows.map((r) => (r[c] ?? '').length));
+    }
+    const body = rows
+        .map((r) => Array.from({ length: cols }, (_v, c) => (r[c] ?? '').padEnd(widths[c]))
+        .join(' | ')
+        .replace(/\s+$/, ''))
+        .join('\n');
+    return pre(body);
+}
 export function markdownToHtml(input) {
     if (input == null)
         return '';
     let text = String(input);
     const codeBlocks = [];
-    text = text.replace(/```([a-zA-Z0-9_+\-]*)\n?([\s\S]*?)```/g, (_m, lang, body) => {
+    text = text.replace(/```([a-zA-Z0-9_+-]*)\n?([\s\S]*?)```/g, (_m, lang, body) => {
         const idx = codeBlocks.length;
         codeBlocks.push(pre(body.replace(/\n$/, ''), lang || undefined));
         return `\x00CODEBLOCK${idx}\x00`;
     });
+    // v0.27.4 M4 — GFM pipe tables → padded monospace <pre> (gap #5). Telegram HTML
+    // has no <table>; column-aligned text is the terminal-faithful rendering. A
+    // table is a row containing `|` immediately followed by a `---` separator row.
+    const tables = [];
+    {
+        const lines = text.split('\n');
+        const out = [];
+        let i = 0;
+        while (i < lines.length) {
+            const header = lines[i];
+            const sep = lines[i + 1];
+            const isSep = sep != null && sep.includes('-') && /^\s*\|?[\s:|-]+\|?\s*$/.test(sep);
+            if (header != null && header.includes('|') && isSep) {
+                const block = [splitTableRow(header)];
+                let j = i + 2;
+                while (j < lines.length && lines[j].includes('|') && lines[j].trim() !== '') {
+                    block.push(splitTableRow(lines[j]));
+                    j++;
+                }
+                const idx = tables.length;
+                tables.push(renderPaddedTable(block));
+                out.push(`\x00TABLE${idx}\x00`);
+                i = j;
+            }
+            else {
+                out.push(header);
+                i++;
+            }
+        }
+        text = out.join('\n');
+    }
     const inlineCodes = [];
     text = text.replace(/`([^`\n]+)`/g, (_m, body) => {
         const idx = inlineCodes.length;
@@ -74,6 +185,14 @@ export function markdownToHtml(input) {
         bolds.push(`<b>${escapeHtml(body)}</b>`);
         return `\x00BOLD${idx}\x00`;
     });
+    // v0.27.4 M4 — strikethrough ~~text~~ → <s> (gap #5). After bold so the `~~`
+    // pass never sees `**`-delimited spans.
+    const strikes = [];
+    text = text.replace(/~~([^~\n]+)~~/g, (_m, body) => {
+        const idx = strikes.length;
+        strikes.push(`<s>${escapeHtml(body)}</s>`);
+        return `\x00STRIKE${idx}\x00`;
+    });
     const italics = [];
     text = text.replace(/(?<![\w*])\*([^*\n]+)\*(?!\w)/g, (_m, body) => {
         const idx = italics.length;
@@ -99,10 +218,17 @@ export function markdownToHtml(input) {
         links.push(`<a href="${safeUrl}">${escapeHtml(label)}</a>`);
         return `\x00LINK${idx}\x00`;
     });
+    // v0.27.4 M4 — unordered list markers (-, *, +) at line start → "• " bullet
+    // (gap #5). Ordered lists (1. 2.) already read fine as plain text. The bullet
+    // glyph isn't HTML-significant, so it survives the escape below. Uses [ \t]
+    // (not \s) so it never consumes the line break.
+    text = text.replace(/^([ \t]*)[-*+][ \t]+/gm, (_m, indent) => `${indent}• `);
     text = escapeHtml(text);
     text = text.replace(/\x00CODEBLOCK(\d+)\x00/g, (_m, idx) => codeBlocks[Number(idx)]);
+    text = text.replace(/\x00TABLE(\d+)\x00/g, (_m, idx) => tables[Number(idx)]);
     text = text.replace(/\x00INLINECODE(\d+)\x00/g, (_m, idx) => inlineCodes[Number(idx)]);
     text = text.replace(/\x00BOLD(\d+)\x00/g, (_m, idx) => bolds[Number(idx)]);
+    text = text.replace(/\x00STRIKE(\d+)\x00/g, (_m, idx) => strikes[Number(idx)]);
     text = text.replace(/\x00ITALIC(\d+)\x00/g, (_m, idx) => italics[Number(idx)]);
     text = text.replace(/\x00HEADER(\d+)\x00/g, (_m, idx) => headers[Number(idx)]);
     text = text.replace(/\x00LINK(\d+)\x00/g, (_m, idx) => links[Number(idx)]);

package/dist/src/lib/markdown-to-mdv2.js

@@ -46,6 +46,7 @@
  *   - "CODE"/"BOLD"/etc letters are not in the special-char set
  *   So placeholders survive the bulk-escape step intact.
  */
+/* eslint-disable no-control-regex -- NUL-byte sentinel delimiters intentionally guard placeholders through the bulk-escape step, then are restored */
 /** MarkdownV2 special characters (Telegram Bot API spec). Outside code spans
  *  / pre blocks, these MUST be backslash-escaped when intended as content. */
 const MDV2_TEXT_SPECIAL = /[_*[\]()~`>#+\-=|{}.!\\]/g;
@@ -73,7 +74,7 @@ export function markdownToMdv2(input) {
     // Step 1 — extract code fences (triple-backtick blocks). Body verbatim
     // except backticks and backslashes are escaped per Telegram spec.
     const codeBlocks = [];
-    text = text.replace(/```([a-zA-Z0-9_+\-]*)\n?([\s\S]*?)```/g, (_m, lang, body) => {
+    text = text.replace(/```([a-zA-Z0-9_+-]*)\n?([\s\S]*?)```/g, (_m, lang, body) => {
         const idx = codeBlocks.length;
         const langStr = lang || '';
         const escapedBody = escapeCodeContent(body);

package/dist/src/lib/telegram-bot-api.d.ts

@@ -87,15 +87,31 @@ export interface TelegramApiResponse {
  */
 export declare function telegramApi(method: string, params: Record<string, unknown>): Promise<TelegramApiResponse>;
 /**
- * sendMessage with MarkdownV2 first + plain-text fallback. The fallback
- * is the v0.20.1 fix: prior implementation stripped punctuation on
- * MarkdownV2 parse errors; current behaviour retries with parse_mode
- * omitted so all content survives.
+ * v0.27.4 M6 — CLI-parity gap #8: split a message that exceeds Telegram's 4096
+ * char cap into ≤max-char chunks so long cc-openclaw-originated content sends as
+ * sequential messages instead of being rejected outright. Splits on newline
+ * boundaries (never mid-line) so HTML constructs mostly stay intact; a single
+ * line longer than max is hard-split. Returns [text] unchanged when ≤max (the
+ * common path — no behavior change for normal messages).
+ *
+ * Scope note: this covers cc-openclaw's OWN sends (slash/error responses). The
+ * live card is one edited message (truncated by design) and the model's final
+ * answer is delivered by the OpenClaw gateway — neither flows through here.
+ */
+export declare function splitForTelegram(text: string, max?: number): string[];
+/**
+ * sendMessage with HTML parse_mode first + plain-text fallback. The fallback
+ * is the v0.20.1 fix: prior implementation stripped punctuation on parse
+ * errors; current behaviour retries with parse_mode omitted so all content
+ * survives. (v0.27.0 switched the live mirror MarkdownV2 → HTML; v0.27.3
+ * converted the last MarkdownV2 emitter, error-formatter, so the whole
+ * Telegram surface is now one HTML render path.) v0.27.4 M6 — auto-chunks
+ * over-cap text and the plain fallback now strips HTML (was: re-sent raw tags).
  */
 export declare function sendTg(chatId: string | number, text: string, threadId?: string | number, replyMarkup?: unknown, replyToMessageId?: number | null): Promise<TelegramApiResponse>;
 /**
- * editMessageText with MarkdownV2-first + 429 retry-after handling +
- * plain-text fallback.
+ * editMessageText with HTML parse_mode + 429 retry-after handling +
+ * plain-text fallback (v0.27.3 stripHtml fallback on rejection).
  */
 export declare function editTg(chatId: string | number, messageId: number, text: string, replyMarkup?: unknown): Promise<TelegramApiResponse>;
 export interface SendDocumentOptions {

package/dist/src/lib/telegram-bot-api.js

@@ -28,6 +28,9 @@ import { readFileSync } from 'node:fs';
 import { homedir } from 'node:os';
 import { join } from 'node:path';
 import { randomBytes } from 'node:crypto';
+import { stripHtml } from './html-render.js';
+/** Telegram's hard per-message character cap. */
+const TG_MAX_CHARS = 4096;
 export const OPENCLAW_CONFIG_PATH = join(homedir(), '.openclaw', 'openclaw.json');
 const PLUGIN_TAG = '[cc-openclaw/telegram-bot-api]';
 // ─── Bot token state ───────────────────────────────────────────────────────
@@ -139,32 +142,96 @@ export function telegramApi(method, params) {
     });
 }
 /**
- * sendMessage with MarkdownV2 first + plain-text fallback. The fallback
- * is the v0.20.1 fix: prior implementation stripped punctuation on
- * MarkdownV2 parse errors; current behaviour retries with parse_mode
- * omitted so all content survives.
+ * v0.27.4 M6 — CLI-parity gap #8: split a message that exceeds Telegram's 4096
+ * char cap into ≤max-char chunks so long cc-openclaw-originated content sends as
+ * sequential messages instead of being rejected outright. Splits on newline
+ * boundaries (never mid-line) so HTML constructs mostly stay intact; a single
+ * line longer than max is hard-split. Returns [text] unchanged when ≤max (the
+ * common path — no behavior change for normal messages).
+ *
+ * Scope note: this covers cc-openclaw's OWN sends (slash/error responses). The
+ * live card is one edited message (truncated by design) and the model's final
+ * answer is delivered by the OpenClaw gateway — neither flows through here.
+ */
+export function splitForTelegram(text, max = TG_MAX_CHARS) {
+    if (text.length <= max)
+        return [text];
+    const chunks = [];
+    let current = '';
+    for (const line of text.split('\n')) {
+        if (line.length > max) {
+            if (current) {
+                chunks.push(current);
+                current = '';
+            }
+            for (let i = 0; i < line.length; i += max)
+                chunks.push(line.slice(i, i + max));
+            continue;
+        }
+        const candidate = current ? `${current}\n${line}` : line;
+        if (candidate.length > max) {
+            if (current)
+                chunks.push(current);
+            current = line;
+        }
+        else {
+            current = candidate;
+        }
+    }
+    if (current)
+        chunks.push(current);
+    return chunks;
+}
+/**
+ * sendMessage with HTML parse_mode first + plain-text fallback. The fallback
+ * is the v0.20.1 fix: prior implementation stripped punctuation on parse
+ * errors; current behaviour retries with parse_mode omitted so all content
+ * survives. (v0.27.0 switched the live mirror MarkdownV2 → HTML; v0.27.3
+ * converted the last MarkdownV2 emitter, error-formatter, so the whole
+ * Telegram surface is now one HTML render path.) v0.27.4 M6 — auto-chunks
+ * over-cap text and the plain fallback now strips HTML (was: re-sent raw tags).
  */
 export async function sendTg(chatId, text, threadId, replyMarkup, replyToMessageId) {
     try {
         const base = { chat_id: chatId, disable_web_page_preview: true };
         if (threadId)
             base.message_thread_id = Number(threadId);
-        if (replyMarkup)
-            base.reply_markup = replyMarkup;
         if (replyToMessageId)
             base.reply_to_message_id = Number(replyToMessageId);
-        const res = await telegramApi('sendMessage', { ...base, text, parse_mode: 'HTML' });
-        if (res.ok)
-            return res;
-        return telegramApi('sendMessage', { ...base, text: text || 'Session update' });
+        // Send one body with HTML first, then a stripped plain-text fallback so a
+        // chunk that split an HTML tag still lands legibly (mirrors editTg v0.27.3).
+        const sendOne = async (body, markup) => {
+            const params = { ...base, text: body, parse_mode: 'HTML' };
+            if (markup)
+                params.reply_markup = markup;
+            const res = await telegramApi('sendMessage', params);
+            if (res.ok)
+                return res;
+            const fb = { ...base, text: stripHtml(body) || 'Session update' };
+            if (markup)
+                fb.reply_markup = markup;
+            return telegramApi('sendMessage', fb);
+        };
+        if (text.length > TG_MAX_CHARS) {
+            const chunks = splitForTelegram(text, TG_MAX_CHARS);
+            let first = { ok: false };
+            for (let i = 0; i < chunks.length; i++) {
+                // Keyboard rides only the LAST chunk (actions belong with the tail).
+                const res = await sendOne(chunks[i], i === chunks.length - 1 ? replyMarkup : undefined);
+                if (i === 0)
+                    first = res;
+            }
+            return first;
+        }
+        return await sendOne(text, replyMarkup);
     }
     catch {
         return { ok: false };
     }
 }
 /**
- * editMessageText with MarkdownV2-first + 429 retry-after handling +
- * plain-text fallback.
+ * editMessageText with HTML parse_mode + 429 retry-after handling +
+ * plain-text fallback (v0.27.3 stripHtml fallback on rejection).
  */
 export async function editTg(chatId, messageId, text, replyMarkup) {
     try {
@@ -188,17 +255,30 @@ export async function editTg(chatId, messageId, text, replyMarkup) {
         }
         if (res.ok)
             return res;
+        // v0.27.3 — the HTML edit was rejected (commonly "can't parse
+        // entities" or "message is too long"). Re-sending the SAME string without
+        // parse_mode would dump literal <b>/<pre> tags into the chat AND, if the
+        // reason was length, fail identically. Strip the markup back to plain text
+        // and hard-truncate to Telegram's cap so the fallback can actually land.
+        // Log the original failure so a broken live card is never silent again
+        // (the prior swallow is exactly why the 4096-overflow regression hid).
+        process.stderr.write(`[cc-openclaw/telegram-bot-api] editTg HTML edit rejected (len=${text.length}) ` +
+            `code=${res.error_code ?? '?'} desc=${JSON.stringify(res.description ?? '')} — plain-text fallback\n`);
+        let plain = stripHtml(text) || 'Session update';
+        if (plain.length > TG_MAX_CHARS)
+            plain = plain.slice(0, TG_MAX_CHARS - 1) + '…';
         const fallback = {
             chat_id: chatId,
             message_id: messageId,
-            text: text || 'Session update',
+            text: plain,
             disable_web_page_preview: true,
         };
         if (replyMarkup)
             fallback.reply_markup = replyMarkup;
         return telegramApi('editMessageText', fallback);
     }
-    catch {
+    catch (err) {
+        process.stderr.write(`[cc-openclaw/telegram-bot-api] editTg threw: ${err.message}\n`);
         return { ok: false };
     }
 }