@a1hvdy/cc-openclaw 0.27.9 → 0.27.11

package/dist/src/channels/telegram-mirror/card-renderer.js

@@ -346,9 +346,12 @@ export function renderTurn(turn, meta) {
             push(`<b>${escapeHtml(status)}</b>`);
         // v0.26.2 M2 — meter row (context % + quota % + reset). Same no-fake-data
         // gating: omitted unless real values are present. HTML-escaped for safety.
+        // v0.27.10 — wrap the meter row in <code> so the bars read as one cohesive
+        // monospace status widget (ctx ▓▓░ 6% · use …) instead of loose plain text
+        // sitting under the bold header — part of the "solid HTML" cleanup.
         const meters = renderMeters(meta);
         if (meters)
-            push(escapeHtml(meters));
+            push(`<code>${escapeHtml(meters)}</code>`);
         // v0.26.4 styling — divider between the status/telemetry block and the
         // activity block (only when a status block was actually rendered). The
         // heavy-bar glyph is not HTML-significant, so it needs no escaping.
@@ -362,7 +365,10 @@ export function renderTurn(turn, meta) {
         : turn.state === 'done'
             ? '✓ Done'
             : '▶ Working';
-    push(header);
+    // v0.27.10 — bold the turn-status header so it anchors the activity block as a
+    // styled heading rather than a plain line (cohesion pass). failReason is already
+    // escapeHtml'd above; ✓ Done / ▶ Working are literal-safe.
+    push(`<b>${header}</b>`);
     if (turn.toolCalls.length > 0) {
         // Build tool ENTRIES (tool line + its optional <pre><code> result block)
         // newest-first, keeping what fits under budget; the older overflow collapses

package/dist/src/engines/persistent-session.js

@@ -611,10 +611,17 @@ export class PersistentClaudeSession extends EventEmitter {
                     this.stats.tokensOut += usage.output_tokens || 0;
                     this.stats.cachedTokens += usage.cache_read_input_tokens || 0;
                     // v0.6.0: track actual per-turn context occupancy for the contextPercent
-                    // calc. cache_read_input_tokens DO occupy the window; input_tokens are
-                    // the new uncached prefix. Together they approximate real window usage.
+                    // calc. v0.27.10: include cache_creation_input_tokens. The full prompt
+                    // sent each turn = input (new uncached) + cache_read (cached prefix
+                    // re-read) + cache_creation (newly written to cache). Summing ALL THREE
+                    // yields the true current context-window occupancy, stable across cache
+                    // hit/miss. Omitting cache_creation made the meter swing wildly (cold
+                    // cache → everything is creation, uncounted → ~6%; warm cache → big
+                    // read → 63%+) — the exact 6%→63%→100% jitter A1 flagged 2026-05-22.
                     this.stats.lastTurnContextTokens =
-                        (usage.input_tokens || 0) + (usage.cache_read_input_tokens || 0);
+                        (usage.input_tokens || 0) +
+                            (usage.cache_read_input_tokens || 0) +
+                            (usage.cache_creation_input_tokens || 0);
                     this._updateCost();
                 }
                 this.emit(SESSION_EVENT.RESULT, event);

package/dist/src/lib/html-render.js

@@ -223,6 +223,19 @@ export function markdownToHtml(input) {
     // glyph isn't HTML-significant, so it survives the escape below. Uses [ \t]
     // (not \s) so it never consumes the line break.
     text = text.replace(/^([ \t]*)[-*+][ \t]+/gm, (_m, indent) => `${indent}• `);
+    // v0.27.10 — strip dangling inline-markdown delimiters left by PARTIAL
+    // streaming text. Every CLOSED span (```fence```, `code`, **bold**, ~~strike~~)
+    // was already lifted out to a NUL placeholder above; whatever **, ~~ or ` is
+    // still here is an UNTERMINATED marker at the live-stream frontier (e.g. the
+    // card edited mid-token while the model is still typing "…and the **bold"). Left
+    // in place it renders as a raw symbol next to formatted text — the "normal text
+    // mixed between HTML" A1 flagged 2026-05-22. Remove the markers, keep the words.
+    // Finalized (balanced) text has none left, so this is a no-op there. `*`/`_` are
+    // deliberately NOT stripped (too easily literal math / snake_case → false hits).
+    text = text
+        .replace(/\*\*/g, '')
+        .replace(/~~/g, '')
+        .replace(/`/g, '');
     text = escapeHtml(text);
     text = text.replace(/\x00CODEBLOCK(\d+)\x00/g, (_m, idx) => codeBlocks[Number(idx)]);
     text = text.replace(/\x00TABLE(\d+)\x00/g, (_m, idx) => tables[Number(idx)]);

package/dist/src/models.js

@@ -219,7 +219,7 @@ export function resolveProvider(model) {
 }
 /** Get context window size for a model. Returns 200k default for unknown models. */
 export function getContextWindow(model) {
-    const clean = model.replace(/^(anthropic|openai|openai-codex|google|gemini|cursor)\//g, '');
+    const clean = model.replace(/^(anthropic|openai|openai-codex|google|gemini|cursor|cc-openclaw)\//g, '');
     const known = lookupModel(clean);
     return known?.contextWindow ?? 200_000;
 }
@@ -227,7 +227,7 @@ export function getContextWindow(model) {
 export function getModelPricing(model, defaultModel = 'claude-sonnet-4-6') {
     if (!model)
         return lookupModel(defaultModel)?.pricing ?? { input: 0, output: 0 };
-    const clean = model.replace(/^(anthropic|openai|openai-codex|google|gemini|cursor)\//g, '');
+    const clean = model.replace(/^(anthropic|openai|openai-codex|google|gemini|cursor|cc-openclaw)\//g, '');
     // Check overrides first
     const override = _pricingOverrides.get(clean);
     if (override)

package/dist/src/openai-compat/autonomy-rule.d.ts

@@ -0,0 +1,26 @@
+/**
+ * AUTONOMY_RULE — "act, don't ask" posture injected into the Savvy chat path.
+ *
+ * Why: the openai-compat (Telegram) path does not reliably load the owner's
+ * CLAUDE.md "Execute, don't discuss" rules (tmpdir CWD), so the model reverts to
+ * Claude's base posture of asking on ambiguous forks. Combined with a Telegram
+ * AskUserQuestion round-trip that silently drops answers, this made Savvy stall
+ * and require many prods to finish one task. This rule restores the terminal-CLI
+ * posture: decide and execute, complete the whole task in one turn.
+ *
+ * Gated by CC_OPENCLAW_AUTONOMY_RULE (default on; set '0' to disable). Prepended
+ * at the same injection points as TTS_RULE in openai-compat.ts so it lands in
+ * both the REPLACE (--system-prompt) and APPEND (--append-system-prompt) paths.
+ *
+ * Pure-string constant — no I/O, no module state.
+ */
+export declare const AUTONOMY_RULE: string;
+/**
+ * Merge AskUserQuestion into a session's disallowedTools when suppression is on.
+ * The Telegram answer round-trip silently drops taps, so a question there stalls
+ * the turn — suppressing the tool is the hard guarantee behind AUTONOMY_RULE's
+ * "decide, do not ask" posture. Returns `prior` unchanged when suppression is
+ * off (so callers only set disallowedTools when there's something to set). Pure
+ * + dedup so it's unit-testable and idempotent across repeated session creates.
+ */
+export declare function withAskUserSuppressed(prior: string[] | undefined, suppress: boolean): string[] | undefined;

package/dist/src/openai-compat/autonomy-rule.js

@@ -0,0 +1,56 @@
+/**
+ * AUTONOMY_RULE — "act, don't ask" posture injected into the Savvy chat path.
+ *
+ * Why: the openai-compat (Telegram) path does not reliably load the owner's
+ * CLAUDE.md "Execute, don't discuss" rules (tmpdir CWD), so the model reverts to
+ * Claude's base posture of asking on ambiguous forks. Combined with a Telegram
+ * AskUserQuestion round-trip that silently drops answers, this made Savvy stall
+ * and require many prods to finish one task. This rule restores the terminal-CLI
+ * posture: decide and execute, complete the whole task in one turn.
+ *
+ * Gated by CC_OPENCLAW_AUTONOMY_RULE (default on; set '0' to disable). Prepended
+ * at the same injection points as TTS_RULE in openai-compat.ts so it lands in
+ * both the REPLACE (--system-prompt) and APPEND (--append-system-prompt) paths.
+ *
+ * Pure-string constant — no I/O, no module state.
+ */
+export const AUTONOMY_RULE = [
+    '=== AUTONOMY RULE (cc-openclaw, takes precedence) ===',
+    '',
+    'You are operating over a chat channel for the owner, who cannot watch you',
+    'work and only sees your final reply. Default to ACTING, not asking.',
+    '',
+    '1. DECIDE, do not ask. For any reversible decision (layout, naming, which of',
+    '   several valid approaches), pick the best option, state your reasoning in',
+    '   ONE line, and proceed. Do NOT stop to ask "shall I proceed?", "A or B?",',
+    '   or "want me to continue?" for routine work. Only pause for genuinely',
+    '   destructive or irreversible actions (deleting data, force-push, sending',
+    '   external messages).',
+    '',
+    '2. FINISH THE WHOLE TASK in one turn. When a request implies multiple steps',
+    '   (e.g. fix -> build -> test -> commit -> ship), run ALL of them before',
+    '   yielding. Do not hand back a half-done task with "say go to continue" —',
+    '   that forces the owner to prod you repeatedly. Run it to completion.',
+    '',
+    '3. The ONE exception is restarting the gateway you run inside: never bounce it',
+    '   mid-reply (it kills this message). Do every other step first, then schedule',
+    '   the restart as a detached, delayed command so it lands AFTER your reply.',
+    '',
+    '4. Verify before claiming done. Run the build/test/probe and report what you',
+    '   actually observed ("ran X, it returned Y"), never "should work".',
+    '',
+    '=== END AUTONOMY RULE ===',
+].join('\n');
+/**
+ * Merge AskUserQuestion into a session's disallowedTools when suppression is on.
+ * The Telegram answer round-trip silently drops taps, so a question there stalls
+ * the turn — suppressing the tool is the hard guarantee behind AUTONOMY_RULE's
+ * "decide, do not ask" posture. Returns `prior` unchanged when suppression is
+ * off (so callers only set disallowedTools when there's something to set). Pure
+ * + dedup so it's unit-testable and idempotent across repeated session creates.
+ */
+export function withAskUserSuppressed(prior, suppress) {
+    if (!suppress)
+        return prior;
+    return [...new Set([...(prior ?? []), 'AskUserQuestion'])];
+}

package/dist/src/openai-compat/openai-compat.js

@@ -29,6 +29,7 @@ import { getTtsAutoMode } from '../lib/config.js';
 // suggestion. v0.10.3 explicitly forbids alternatives and gives an example.
 // `TTS_RULE` extracted to `./tts-rule.ts` 2026-05-13 — pure-string constant.
 import { TTS_RULE } from './tts-rule.js';
+import { AUTONOMY_RULE, withAskUserSuppressed } from './autonomy-rule.js';
 import { extractUserMessage, } from './message-extractor.js';
 import { handleNonStreaming } from './non-streaming-handler.js';
 import { handleStreaming } from './streaming-handler.js';
@@ -332,6 +333,16 @@ export async function handleChatCompletion(manager, body, headers, res) {
                 sessionConfig.tools = '';
             }
         }
+        // v0.27.11: suppress AskUserQuestion on the chat path (CC_OPENCLAW_SUPPRESS_ASKUSER,
+        // default on). The Telegram answer round-trip silently drops taps (askuser.ts
+        // injectAnswer → "SKIPPED sessionKey=none"), so a question there stalls the turn.
+        // This is the hard guarantee behind the AUTONOMY_RULE posture: the model decides
+        // instead of asking. Reversible via the env flag.
+        if (engine === 'claude') {
+            const suppressed = withAskUserSuppressed(sessionConfig.disallowedTools, process.env.CC_OPENCLAW_SUPPRESS_ASKUSER !== '0');
+            if (suppressed)
+                sessionConfig.disallowedTools = suppressed;
+        }
         // Claude Code CLI supports --system-prompt (replace) and --append-system-prompt (append).
         // When the caller provides tools, use --system-prompt to REPLACE the CLI's entire
         // system prompt via buildSessionSystemPrompt(). See that function's doc for details
@@ -343,16 +354,21 @@ export async function handleChatCompletion(manager, body, headers, res) {
             // [[tts:text]] syntax regardless of which CLI flag is used.
             const ttsAuto = getTtsAutoMode();
             const ttsPrefix = ttsAuto !== 'off' ? `${TTS_RULE}\n\n` : '';
+            // v0.27.11: "act, don't ask" posture (CC_OPENCLAW_AUTONOMY_RULE, default on).
+            // Restores the terminal-CLI execution posture the tmpdir-CWD chat path
+            // otherwise loses, so Savvy finishes the whole task instead of stalling.
+            const autonomyPrefix = process.env.CC_OPENCLAW_AUTONOMY_RULE !== '0' ? `${AUTONOMY_RULE}\n\n` : '';
+            const prefix = autonomyPrefix + ttsPrefix;
             if (request.tools?.length) {
                 sessionConfig.systemPrompt =
-                    ttsPrefix + buildSessionSystemPrompt(request.tools, extracted.systemPrompt);
+                    prefix + buildSessionSystemPrompt(request.tools, extracted.systemPrompt);
             }
             else if (extracted.systemPrompt) {
-                sessionConfig.appendSystemPrompt = ttsPrefix + extracted.systemPrompt;
+                sessionConfig.appendSystemPrompt = prefix + extracted.systemPrompt;
             }
-            else if (ttsPrefix) {
-                // No upstream system prompt but TTS is on → inject just the rule
-                sessionConfig.appendSystemPrompt = ttsPrefix.trim();
+            else if (prefix) {
+                // No upstream system prompt but a rule prefix is on → inject just the rules
+                sessionConfig.appendSystemPrompt = prefix.trim();
             }
         }
         try {

package/dist/src/session/persisted-sessions.d.ts

@@ -30,6 +30,21 @@ export interface PersistedSession {
  * the decision is unit-testable independent of the disk layer.
  */
 export declare function isPersistedSessionFresh(persisted: Pick<PersistedSession, 'lastActivity'> | undefined, now: number, freshnessMs: number): boolean;
+/**
+ * v0.27.11 — write-through decision for the resume id. The debounced disk save
+ * loses an unflushed claudeSessionId on a hard kill (cc-install / watchdog
+ * SIGTERM / detached pm2 restart) — exactly when post-restart resume matters.
+ * So a freshness-resume session flushes its id to disk synchronously the first
+ * time that id is seen. Returns true → caller does a synchronous save and
+ * records the id as flushed; false → caller uses the debounced save (fine for
+ * frequent same-id lastActivity bumps). Pure + side-effect-free for unit-testing.
+ */
+export declare function shouldWriteThroughResumeId(opts: {
+    enabled: boolean;
+    optedFreshResume: boolean;
+    lastFlushedId: string | undefined;
+    newId: string | undefined;
+}): boolean;
 export declare function loadPersistedSessions(): Map<string, PersistedSession>;
 export declare function savePersistedSessions(sessions: Map<string, PersistedSession>, logger?: Logger): void;
 export declare function savePersistedSessionsAsync(sessions: Map<string, PersistedSession>, logger?: Logger): void;

package/dist/src/session/persisted-sessions.js

@@ -31,6 +31,22 @@ export function isPersistedSessionFresh(persisted, now, freshnessMs) {
         return false;
     return now - persisted.lastActivity <= freshnessMs;
 }
+/**
+ * v0.27.11 — write-through decision for the resume id. The debounced disk save
+ * loses an unflushed claudeSessionId on a hard kill (cc-install / watchdog
+ * SIGTERM / detached pm2 restart) — exactly when post-restart resume matters.
+ * So a freshness-resume session flushes its id to disk synchronously the first
+ * time that id is seen. Returns true → caller does a synchronous save and
+ * records the id as flushed; false → caller uses the debounced save (fine for
+ * frequent same-id lastActivity bumps). Pure + side-effect-free for unit-testing.
+ */
+export function shouldWriteThroughResumeId(opts) {
+    if (!opts.enabled || !opts.optedFreshResume)
+        return false;
+    if (!opts.newId)
+        return false;
+    return opts.lastFlushedId !== opts.newId;
+}
 export function loadPersistedSessions() {
     try {
         if (!fs.existsSync(PERSIST_FILE))

package/dist/src/session/session-manager.d.ts

@@ -24,6 +24,7 @@ export declare class SessionManager {
     private pluginConfig;
     private persistedSessions;
     private _debouncedSave;
+    private _lastFlushedIds;
     private _proxyServer;
     private _proxyPort;
     private _activePids;

package/dist/src/session/session-manager.js

@@ -33,7 +33,7 @@ function getPluginVersion() {
 // ─── Persistence ─────────────────────────────────────────────────────────────
 // Extracted to `./persisted-sessions.ts` 2026-05-13 — coherent persistence
 // layer (load + sync atomic-write + async-write + types + constants).
-import { loadPersistedSessions, savePersistedSessions, savePersistedSessionsAsync, isPersistedSessionFresh, } from './persisted-sessions.js';
+import { loadPersistedSessions, savePersistedSessions, savePersistedSessionsAsync, isPersistedSessionFresh, shouldWriteThroughResumeId, } from './persisted-sessions.js';
 // Debounce helper — coalesces rapid writes into one
 // `makeDebounced` extracted to `../lib/debounce.ts` 2026-05-13 —
 // pure-function hot-path decomposition.
@@ -72,6 +72,10 @@ export class SessionManager {
     pluginConfig;
     persistedSessions;
     _debouncedSave;
+    // v0.27.11: tracks the claudeSessionId last DURABLY (synchronously) written to
+    // disk per session name, so write-through fires once per new id rather than on
+    // every send. See _persistSession.
+    _lastFlushedIds = new Map();
     _proxyServer = null;
     _proxyPort = null;
     _activePids = new Map();
@@ -429,6 +433,7 @@ export class SessionManager {
         this._savePids();
         // Explicit stop = user intent to end session — remove from disk too
         this.persistedSessions.delete(name);
+        this._lastFlushedIds.delete(name);
         savePersistedSessions(this.persistedSessions, this.logger);
     }
     listSessions() {
@@ -943,7 +948,26 @@ export class SessionManager {
             lastResumed: new Date().toISOString(),
             lastActivity: managed.lastActivity,
         });
-        this._debouncedSave();
+        // v0.27.11: write-through the resume id. The debounced save (used for
+        // frequent lastActivity bumps) loses the claudeSessionId when the gateway is
+        // hard-killed before the timer fires — and hard restarts are common
+        // (cc-install, watchdog SIGTERM, detached pm2 restart), which is exactly when
+        // resume matters most. So when a freshness-resume session sees a NEW
+        // claudeSessionId, flush it to disk synchronously, once, immediately. Frequent
+        // same-id bumps stay debounced. Gated by CC_OPENCLAW_RESUME_WRITETHROUGH.
+        const optedFreshResume = typeof managed.config.resumeFreshnessMs === 'number' && managed.config.resumeFreshnessMs > 0;
+        if (shouldWriteThroughResumeId({
+            enabled: process.env.CC_OPENCLAW_RESUME_WRITETHROUGH !== '0',
+            optedFreshResume,
+            lastFlushedId: this._lastFlushedIds.get(name),
+            newId: managed.claudeSessionId,
+        })) {
+            savePersistedSessions(this.persistedSessions, this.logger);
+            this._lastFlushedIds.set(name, managed.claudeSessionId);
+        }
+        else {
+            this._debouncedSave();
+        }
     }
     // ─── PID Tracking ──────────────────────────────────────────────────────
     static PID_FILE = path.join(os.homedir(), '.openclaw', 'session-pids.json');
@@ -1523,6 +1547,7 @@ export class SessionManager {
         for (const [name, entry] of this.persistedSessions) {
             if (now - entry.lastActivity > PERSIST_DISK_TTL_MS) {
                 this.persistedSessions.delete(name);
+                this._lastFlushedIds.delete(name);
                 pruned = true;
             }
         }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@a1hvdy/cc-openclaw",
-  "version": "0.27.9",
+  "version": "0.27.11",
   "description": "A1xAI's Anthropic CLI bridge plugin for OpenClaw",
   "author": "@a1cy",
   "license": "MIT",