@botcord/daemon 0.2.54 → 0.2.56

package/src/diagnostics.ts

@@ -0,0 +1,348 @@
+import { existsSync, mkdirSync, readFileSync, writeFileSync } from "node:fs";
+import { homedir, hostname, platform, release, arch } from "node:os";
+import path from "node:path";
+import { Buffer } from "node:buffer";
+import { deflateRawSync } from "node:zlib";
+import {
+  AUTH_EXPIRED_FLAG_PATH,
+  USER_AUTH_PATH,
+  type UserAuthManager,
+  type UserAuthRecord,
+} from "./user-auth.js";
+import {
+  CONFIG_FILE_PATH,
+  PID_PATH,
+  SNAPSHOT_PATH,
+  loadConfig,
+  type DaemonConfig,
+} from "./config.js";
+import { LOG_FILE_PATH } from "./log.js";
+import {
+  channelsFromDaemonConfig,
+  defaultHttpFetcher,
+  renderDoctor,
+  runDoctor,
+  type DoctorFileReader,
+  type DoctorRuntimeEntry,
+} from "./doctor.js";
+import { detectRuntimes } from "./adapters/runtimes.js";
+
+const DIAGNOSTICS_DIR = path.join(homedir(), ".botcord", "diagnostics");
+const MAX_UPLOAD_BYTES = 50 * 1024 * 1024;
+
+export interface CreateDiagnosticBundleOptions {
+  diagnosticsDir?: string;
+  logFile?: string;
+  configFile?: string;
+  snapshotFile?: string;
+  doctor?: { text: string; json: unknown };
+}
+
+export interface DiagnosticBundleResult {
+  path: string;
+  filename: string;
+  sizeBytes: number;
+  createdAt: string;
+}
+
+export interface DiagnosticUploadResult {
+  bundleId: string;
+  filename: string;
+  sizeBytes: number;
+  expiresAt?: string;
+}
+
+const SECRET_PATTERNS: Array<[RegExp, string]> = [
+  [/(Authorization:\s*Bearer\s+)[^\s"']+/gi, "$1[REDACTED]"],
+  [/("?(?:accessToken|access_token|refreshToken|refresh_token|token|privateKey|private_key|secret)"?\s*:\s*")[^"]+(")/gi, "$1[REDACTED]$2"],
+  [/(drt_)[A-Za-z0-9_-]+/g, "$1[REDACTED]"],
+  [/(dit_)[A-Za-z0-9_-]+/g, "$1[REDACTED]"],
+  [/([?&](?:token|access_token|refresh_token|install_token)=)[^&\s"']+/gi, "$1[REDACTED]"],
+];
+
+function redact(input: string): string {
+  let out = input;
+  for (const [pattern, replacement] of SECRET_PATTERNS) {
+    out = out.replace(pattern, replacement);
+  }
+  return out;
+}
+
+function safeReadText(file: string): string | null {
+  if (!existsSync(file)) return null;
+  try {
+    return redact(readFileSync(file, "utf8"));
+  } catch (err) {
+    return `read failed: ${err instanceof Error ? err.message : String(err)}\n`;
+  }
+}
+
+function readUserAuthSummary(): Record<string, unknown> | null {
+  const raw = safeReadText(USER_AUTH_PATH);
+  if (!raw) return null;
+  try {
+    const parsed = JSON.parse(raw) as Record<string, unknown>;
+    return {
+      userId: typeof parsed.userId === "string" ? parsed.userId : null,
+      daemonInstanceId:
+        typeof parsed.daemonInstanceId === "string" ? parsed.daemonInstanceId : null,
+      hubUrl: typeof parsed.hubUrl === "string" ? parsed.hubUrl : null,
+      expiresAt: typeof parsed.expiresAt === "number" ? parsed.expiresAt : null,
+      loggedInAt: typeof parsed.loggedInAt === "string" ? parsed.loggedInAt : null,
+      label: typeof parsed.label === "string" ? parsed.label : null,
+      authExpiredFlagPresent: existsSync(AUTH_EXPIRED_FLAG_PATH),
+    };
+  } catch (err) {
+    return {
+      error: `user-auth summary failed: ${err instanceof Error ? err.message : String(err)}`,
+      authExpiredFlagPresent: existsSync(AUTH_EXPIRED_FLAG_PATH),
+    };
+  }
+}
+
+const fsFileReader: DoctorFileReader = {
+  readFile(p: string): string | null {
+    if (!existsSync(p)) return null;
+    try {
+      return readFileSync(p, "utf8");
+    } catch {
+      return null;
+    }
+  },
+};
+
+async function buildDoctorEntries(): Promise<{
+  text: string;
+  json: unknown;
+}> {
+  const entries: DoctorRuntimeEntry[] = detectRuntimes();
+  let channels: ReturnType<typeof channelsFromDaemonConfig> = [];
+  let cfgForEndpoints: DaemonConfig | null = null;
+  try {
+    cfgForEndpoints = loadConfig();
+    channels = channelsFromDaemonConfig(cfgForEndpoints);
+  } catch {
+    channels = [];
+  }
+  if (cfgForEndpoints?.openclawGateways && cfgForEndpoints.openclawGateways.length > 0) {
+    const { collectRuntimeSnapshotAsync } = await import("./provision.js");
+    const snap = await collectRuntimeSnapshotAsync({ cfg: cfgForEndpoints });
+    const byId = new Map(snap.runtimes.map((r) => [r.id, r]));
+    for (const e of entries) {
+      const r = byId.get(e.id);
+      if (r?.endpoints) e.endpoints = r.endpoints;
+    }
+  }
+  const input = await runDoctor(entries, channels, {
+    credentialsPath: (accountId) =>
+      path.join(homedir(), ".botcord", "credentials", `${accountId}.json`),
+    fileReader: fsFileReader,
+    fetcher: defaultHttpFetcher,
+    timeoutMs: 5_000,
+  });
+  return { text: renderDoctor(input), json: input };
+}
+
+function crc32(buf: Buffer): number {
+  let crc = 0xffffffff;
+  for (const b of buf) {
+    crc ^= b;
+    for (let i = 0; i < 8; i += 1) {
+      crc = (crc >>> 1) ^ (crc & 1 ? 0xedb88320 : 0);
+    }
+  }
+  return (crc ^ 0xffffffff) >>> 0;
+}
+
+function dosDateTime(date: Date): { time: number; date: number } {
+  const year = Math.max(1980, date.getFullYear());
+  return {
+    time: (date.getHours() << 11) | (date.getMinutes() << 5) | Math.floor(date.getSeconds() / 2),
+    date: ((year - 1980) << 9) | ((date.getMonth() + 1) << 5) | date.getDate(),
+  };
+}
+
+function u16(n: number): Buffer {
+  const b = Buffer.alloc(2);
+  b.writeUInt16LE(n & 0xffff, 0);
+  return b;
+}
+
+function u32(n: number): Buffer {
+  const b = Buffer.alloc(4);
+  b.writeUInt32LE(n >>> 0, 0);
+  return b;
+}
+
+function createZip(entries: Array<{ name: string; data: string | Buffer }>): Buffer {
+  const localParts: Buffer[] = [];
+  const centralParts: Buffer[] = [];
+  let offset = 0;
+  const now = new Date();
+  const dt = dosDateTime(now);
+
+  for (const entry of entries) {
+    const name = Buffer.from(entry.name.replace(/^\/+/, ""), "utf8");
+    const data = Buffer.isBuffer(entry.data)
+      ? entry.data
+      : Buffer.from(entry.data, "utf8");
+    const compressed = deflateRawSync(data, { level: 9 });
+    const crc = crc32(data);
+    const local = Buffer.concat([
+      u32(0x04034b50),
+      u16(20),
+      u16(0),
+      u16(8),
+      u16(dt.time),
+      u16(dt.date),
+      u32(crc),
+      u32(compressed.length),
+      u32(data.length),
+      u16(name.length),
+      u16(0),
+      name,
+      compressed,
+    ]);
+    localParts.push(local);
+
+    centralParts.push(Buffer.concat([
+      u32(0x02014b50),
+      u16(20),
+      u16(20),
+      u16(0),
+      u16(8),
+      u16(dt.time),
+      u16(dt.date),
+      u32(crc),
+      u32(compressed.length),
+      u32(data.length),
+      u16(name.length),
+      u16(0),
+      u16(0),
+      u16(0),
+      u16(0),
+      u32(0),
+      u32(offset),
+      name,
+    ]));
+    offset += local.length;
+  }
+
+  const central = Buffer.concat(centralParts);
+  const end = Buffer.concat([
+    u32(0x06054b50),
+    u16(0),
+    u16(0),
+    u16(entries.length),
+    u16(entries.length),
+    u32(central.length),
+    u32(offset),
+    u16(0),
+  ]);
+  return Buffer.concat([...localParts, central, end]);
+}
+
+export async function createDiagnosticBundle(
+  opts: CreateDiagnosticBundleOptions = {},
+): Promise<DiagnosticBundleResult> {
+  const createdAt = new Date();
+  const stamp = createdAt.toISOString().replace(/[:.]/g, "-");
+  const filename = `botcord-daemon-diagnostics-${stamp}.zip`;
+  const diagnosticsDir = opts.diagnosticsDir ?? DIAGNOSTICS_DIR;
+  const logFile = opts.logFile ?? LOG_FILE_PATH;
+  const configFile = opts.configFile ?? CONFIG_FILE_PATH;
+  const snapshotFile = opts.snapshotFile ?? SNAPSHOT_PATH;
+  mkdirSync(diagnosticsDir, { recursive: true, mode: 0o700 });
+
+  const doctor = opts.doctor ?? await buildDoctorEntries();
+  const status = {
+    createdAt: createdAt.toISOString(),
+    host: hostname(),
+    platform: platform(),
+    release: release(),
+    arch: arch(),
+    node: process.version,
+    pidPath: PID_PATH,
+    pid: process.pid,
+    configPath: configFile,
+    snapshotPath: snapshotFile,
+    logPath: logFile,
+    diagnosticsDir,
+    userAuth: readUserAuthSummary(),
+  };
+
+  const entries: Array<{ name: string; data: string | Buffer }> = [
+    { name: "README.txt", data: "BotCord daemon diagnostics bundle. Sensitive tokens are redacted before packaging.\n" },
+    { name: "status.json", data: JSON.stringify(status, null, 2) + "\n" },
+    { name: "doctor.txt", data: doctor.text + "\n" },
+    { name: "doctor.json", data: JSON.stringify(doctor.json, null, 2) + "\n" },
+  ];
+  const log = safeReadText(logFile);
+  entries.push({
+    name: "daemon.log",
+    data: log ?? `no log file at ${logFile}\n`,
+  });
+  const config = safeReadText(configFile);
+  entries.push({
+    name: "config.json.redacted",
+    data: config ?? `no config file at ${configFile}\n`,
+  });
+  const snapshot = safeReadText(snapshotFile);
+  entries.push({
+    name: "snapshot.json",
+    data: snapshot ?? `no snapshot file at ${snapshotFile}\n`,
+  });
+
+  const zip = createZip(entries);
+  const out = path.join(diagnosticsDir, filename);
+  writeFileSync(out, zip, { mode: 0o600 });
+  return {
+    path: out,
+    filename,
+    sizeBytes: zip.length,
+    createdAt: createdAt.toISOString(),
+  };
+}
+
+export async function uploadDiagnosticBundle(opts: {
+  auth: UserAuthManager;
+  bundle: DiagnosticBundleResult;
+}): Promise<DiagnosticUploadResult> {
+  const record: UserAuthRecord | null = opts.auth.current;
+  if (!record) throw new Error("daemon not logged in");
+  const data = readFileSync(opts.bundle.path);
+  if (data.length > MAX_UPLOAD_BYTES) {
+    throw new Error(`diagnostic bundle is too large (${data.length} bytes, max ${MAX_UPLOAD_BYTES})`);
+  }
+  const token = await opts.auth.ensureAccessToken();
+  const url = `${record.hubUrl.replace(/\/+$/, "")}/daemon/diagnostics/upload`;
+  const resp = await fetch(url, {
+    method: "POST",
+    headers: {
+      Authorization: `Bearer ${token}`,
+      "Content-Type": "application/zip",
+      "X-BotCord-Filename": opts.bundle.filename,
+    },
+    body: data,
+  });
+  const json = await resp.json().catch(() => null) as Record<string, unknown> | null;
+  if (!resp.ok) {
+    const detail =
+      typeof json?.detail === "string"
+        ? json.detail
+        : typeof json?.error === "string"
+          ? json.error
+          : `HTTP ${resp.status}`;
+    throw new Error(`diagnostic upload failed: ${detail}`);
+  }
+  const bundleId = typeof json?.bundle_id === "string" ? json.bundle_id : null;
+  if (!bundleId) throw new Error("diagnostic upload response missing bundle_id");
+  return {
+    bundleId,
+    filename: typeof json?.filename === "string" ? json.filename : opts.bundle.filename,
+    sizeBytes: typeof json?.size_bytes === "number" ? json.size_bytes : data.length,
+    ...(typeof json?.expires_at === "string" ? { expiresAt: json.expires_at } : {}),
+  };
+}
+
+export { DIAGNOSTICS_DIR };

package/src/gateway/__tests__/claude-code-adapter.test.ts

@@ -349,5 +349,40 @@ process.stdout.write(JSON.stringify({type:"result", subtype:"success", session_i
       const modeIdx = argv.indexOf("--permission-mode");
       expect(argv[modeIdx + 1]).toBe("plan");
     });
+
+    it("drops inherited Codex-only extraArgs while preserving shared Claude flags", async () => {
+      const adapter = new ClaudeCodeAdapter({ binary: echoScript() });
+      const ctrl = new AbortController();
+      const res = await adapter.run({
+        text: "x",
+        sessionId: null,
+        accountId: "ag_test",
+        cwd: tmpRoot,
+        signal: ctrl.signal,
+        trustLevel: "public",
+        extraArgs: [
+          "-c",
+          'model="gpt-5.2"',
+          "--sandbox",
+          "read-only",
+          "--skip-git-repo-check",
+          "--json",
+          "-p",
+          "codex-profile",
+          "--model",
+          "sonnet",
+        ],
+      });
+      const argv = JSON.parse(res.text) as string[];
+      expect(argv).not.toContain("-c");
+      expect(argv).not.toContain('model="gpt-5.2"');
+      expect(argv).not.toContain("--sandbox");
+      expect(argv).not.toContain("read-only");
+      expect(argv).not.toContain("--skip-git-repo-check");
+      expect(argv).not.toContain("--json");
+      expect(argv).not.toContain("codex-profile");
+      expect(argv).toContain("--model");
+      expect(argv[argv.indexOf("--model") + 1]).toBe("sonnet");
+    });
   });
 });

package/src/gateway/__tests__/codex-adapter.test.ts

@@ -371,7 +371,7 @@ process.stdout.write(JSON.stringify({type:"item.completed", item:{id:"i0", type:
       expect(argv).toContain('approval_policy="never"');
     });
 
-    it("extraArgs `-s read-only` suppresses the default sandbox `-c`s", async () => {
+    it("extraArgs `-s read-only` is converted to resume-compatible sandbox config", async () => {
       const adapter = new CodexAdapter({ binary: echoScript() });
       const ctrl = new AbortController();
       const res = await adapter.run({
@@ -384,11 +384,87 @@ process.stdout.write(JSON.stringify({type:"item.completed", item:{id:"i0", type:
         extraArgs: ["-s", "read-only"],
       });
       const argv = JSON.parse(res.text) as string[];
-      // Only the operator-supplied `-s` appears; our defaults are suppressed.
-      expect(argv.filter((a) => a === "-s").length).toBe(1);
-      expect(argv[argv.indexOf("-s") + 1]).toBe("read-only");
+      expect(argv).not.toContain("-s");
+      expect(argv).toContain('sandbox_mode="read-only"');
       expect(argv).not.toContain('sandbox_mode="workspace-write"');
       expect(argv).not.toContain('sandbox_mode="danger-full-access"');
     });
+
+    it("extraArgs `--sandbox=value` is converted on resume too", async () => {
+      const adapter = new CodexAdapter({ binary: echoScript() });
+      const ctrl = new AbortController();
+      const res = await adapter.run({
+        text: "x",
+        sessionId: "01234567-89ab-7def-8123-456789abcdef",
+        accountId: "ag_test",
+        cwd: tmpRoot,
+        signal: ctrl.signal,
+        trustLevel: "public",
+        extraArgs: ["--sandbox=workspace-write"],
+      });
+      const argv = JSON.parse(res.text) as string[];
+      expect(argv[0]).toBe("exec");
+      expect(argv[1]).toBe("resume");
+      expect(argv).not.toContain("--sandbox=workspace-write");
+      expect(argv).toContain('sandbox_mode="workspace-write"');
+      expect(argv).not.toContain('sandbox_mode="danger-full-access"');
+    });
+
+    it("maps legacy Codex --full-auto to the current bypass flag", async () => {
+      const adapter = new CodexAdapter({ binary: echoScript() });
+      const ctrl = new AbortController();
+      const res = await adapter.run({
+        text: "x",
+        sessionId: null,
+        accountId: "ag_test",
+        cwd: tmpRoot,
+        signal: ctrl.signal,
+        trustLevel: "public",
+        extraArgs: ["--full-auto"],
+      });
+      const argv = JSON.parse(res.text) as string[];
+      expect(argv).not.toContain("--full-auto");
+      expect(argv).toContain("--dangerously-bypass-approvals-and-sandbox");
+      expect(argv).not.toContain('sandbox_mode="danger-full-access"');
+    });
+
+    it("drops inherited Claude --permission-mode extraArgs and their values", async () => {
+      const adapter = new CodexAdapter({ binary: echoScript() });
+      const ctrl = new AbortController();
+      const res = await adapter.run({
+        text: "x",
+        sessionId: null,
+        accountId: "ag_test",
+        cwd: tmpRoot,
+        signal: ctrl.signal,
+        trustLevel: "public",
+        extraArgs: ["--permission-mode", "bypassPermissions", "--model", "gpt-5.2"],
+      });
+      const argv = JSON.parse(res.text) as string[];
+      expect(argv).not.toContain("--permission-mode");
+      expect(argv).not.toContain("bypassPermissions");
+      expect(argv).toContain("--model");
+      expect(argv[argv.indexOf("--model") + 1]).toBe("gpt-5.2");
+      expect(argv).toContain('sandbox_mode="danger-full-access"');
+      expect(argv).toContain('approval_policy="never"');
+    });
+
+    it("drops inherited Claude --permission-mode=value extraArgs", async () => {
+      const adapter = new CodexAdapter({ binary: echoScript() });
+      const ctrl = new AbortController();
+      const res = await adapter.run({
+        text: "x",
+        sessionId: null,
+        accountId: "ag_test",
+        cwd: tmpRoot,
+        signal: ctrl.signal,
+        trustLevel: "public",
+        extraArgs: ["--permission-mode=bypassPermissions"],
+      });
+      const argv = JSON.parse(res.text) as string[];
+      expect(argv).not.toContain("--permission-mode=bypassPermissions");
+      expect(argv).toContain('sandbox_mode="danger-full-access"');
+      expect(argv).toContain('approval_policy="never"');
+    });
   });
 });

package/src/gateway/gateway.ts

@@ -261,4 +261,13 @@ export class Gateway {
     const idx = this.config.channels.findIndex((c) => c.id === id);
     if (idx >= 0) this.config.channels.splice(idx, 1);
   }
+
+  /**
+   * Inject a daemon-internal inbound message into the normal dispatcher.
+   * Control-plane wakeups use this path so scheduled turns share the same
+   * routing, queueing, transcript, and runtime behavior as channel messages.
+   */
+  async injectInbound(message: GatewayInboundMessage): Promise<void> {
+    await this.dispatcher.handle({ message });
+  }
 }

package/src/gateway/runtimes/claude-code.ts

@@ -32,6 +32,77 @@ function invalidClaudeSessionIdError(): string {
   return "claude-code: invalid sessionId (expected non-control text not starting with '-')";
 }
 
+const CLAUDE_FOREIGN_FLAGS_WITH_VALUE = new Set([
+  "--color",
+  "--config",
+  "--disable",
+  "--enable",
+  "--image",
+  "--local-provider",
+  "--output-last-message",
+  "--output-schema",
+  "--profile",
+  "--sandbox",
+  "-i",
+  "-o",
+  "-p",
+  "-s",
+]);
+const CLAUDE_FOREIGN_BOOLEAN_FLAGS = new Set([
+  "--all",
+  "--dangerously-bypass-approvals-and-sandbox",
+  "--ephemeral",
+  "--full-auto",
+  "--ignore-rules",
+  "--ignore-user-config",
+  "--json",
+  "--last",
+  "--oss",
+  "--print",
+  "--skip-git-repo-check",
+]);
+
+function extraFlagName(arg: string): string {
+  if (!arg.startsWith("-")) return arg;
+  const eq = arg.indexOf("=");
+  return eq === -1 ? arg : arg.slice(0, eq);
+}
+
+function nextExtraValue(args: string[], index: number): string | undefined {
+  const next = args[index + 1];
+  if (typeof next !== "string") return undefined;
+  if (!next.startsWith("-")) return next;
+  return /^-\d/.test(next) ? next : undefined;
+}
+
+function sanitizeClaudeExtraArgs(extraArgs: string[] | undefined): string[] {
+  if (!extraArgs?.length) return [];
+  const out: string[] = [];
+  for (let i = 0; i < extraArgs.length; i += 1) {
+    const arg = extraArgs[i];
+    const name = extraFlagName(arg);
+
+    if (arg === "-c") {
+      const value = nextExtraValue(extraArgs, i);
+      if (value !== undefined) i += 1;
+      continue;
+    }
+    if (name === "--config" || name === "--sandbox") {
+      if (!arg.includes("=") && nextExtraValue(extraArgs, i) !== undefined) i += 1;
+      continue;
+    }
+    if (CLAUDE_FOREIGN_FLAGS_WITH_VALUE.has(name)) {
+      if (!arg.includes("=") && nextExtraValue(extraArgs, i) !== undefined) i += 1;
+      continue;
+    }
+    if (CLAUDE_FOREIGN_BOOLEAN_FLAGS.has(name)) {
+      continue;
+    }
+    out.push(arg);
+  }
+  return out;
+}
+
 /** Resolve the Claude Code CLI path on PATH or the macOS desktop bundle fallback. */
 export function resolveClaudeCommand(deps: ProbeDeps = {}): string | null {
   const onPath = resolveCommandOnPath("claude", deps);
@@ -95,11 +166,12 @@ export class ClaudeCodeAdapter extends NdjsonStreamAdapter {
   }
 
   protected buildArgs(opts: RuntimeRunOptions): string[] {
+    const extraArgs = sanitizeClaudeExtraArgs(opts.extraArgs);
     const args = ["-p", opts.text, "--output-format", "stream-json", "--verbose"];
     // Headless `-p` mode does not load project `.claude/` by default, so
     // per-agent skills seeded at `<workspace>/.claude/skills/` are invisible
     // unless we opt in. `extraArgs` wins so operators can still override.
-    if (!opts.extraArgs?.some((a) => a.startsWith("--setting-sources"))) {
+    if (!extraArgs.some((a) => a.startsWith("--setting-sources"))) {
       args.push("--setting-sources", "project");
     }
     if (opts.sessionId) {
@@ -112,16 +184,16 @@ export class ClaudeCodeAdapter extends NdjsonStreamAdapter {
     // MCP) because there is no prompt relay back to the user yet. Default to
     // bypassPermissions for every trust tier; operators who need a stricter
     // posture can still override with route/defaultRoute extraArgs.
-    if (!opts.extraArgs?.some((a) => a.startsWith("--permission-mode"))) {
+    if (!extraArgs.some((a) => a.startsWith("--permission-mode"))) {
       args.push("--permission-mode", "bypassPermissions");
     }
     // Claude Code's `--append-system-prompt` is applied per invocation and NOT
     // persisted in the resumed session transcript — ideal for memory / digest
     // content that should re-evaluate every turn.
-    if (opts.systemContext && !opts.extraArgs?.includes("--append-system-prompt")) {
+    if (opts.systemContext && !extraArgs.includes("--append-system-prompt")) {
       args.push("--append-system-prompt", opts.systemContext);
     }
-    if (opts.extraArgs?.length) args.push(...opts.extraArgs);
+    if (extraArgs.length) args.push(...extraArgs);
     return args;
   }