@chainlesschain/personal-data-hub 0.3.1 → 0.3.6

package/lib/adapters/social-xiaohongshu-adb/sign.js

@@ -0,0 +1,90 @@
+"use strict";
+
+/**
+ * Phase 3c (Xhs C 路径 — 2026-05-25): X-S signature generator (Node port).
+ *
+ * Byte-parity port of
+ * `android-app/.../pdh/social/xiaohongshu/XhsApiClient.kt`:computeXsXt.
+ *
+ * **Real xhs.js algorithm (open-source reverse-engineered, best-effort)**:
+ *   1. payload = "url=" + url_path_with_query + ("" or body_json)
+ *   2. raw = ts_ms + payload + a1_cookie
+ *   3. md5_hex = MD5(raw).hex()                — hex STRING (not bytes)
+ *   4. X-S = "XYW_" + base64(utf8_bytes(md5_hex))
+ *      Critical: base64 encodes the UTF-8 bytes of the hex STRING, not
+ *      the raw 16 MD5 bytes. This is what xhs.js does — it stringifies
+ *      the digest before base64-ing it.
+ *   5. X-T = ts_ms (as decimal string)
+ *
+ * **Real xhs.js does one more step after step 3** — XOR-rotate with a
+ * key derived from b1 cookie, then base64 with `=` padding. v0.2 we
+ * skip that step → ~60% GET hit rate, <30% POST hit rate. UI banner
+ * surfaces lastErrorCode=461 when xhs rejects our X-S; collector
+ * gracefully degrades to emptyList() per endpoint.
+ *
+ * Future Phase 3c-v0.3: a WebView-based bridge (see Android-side
+ * XhsSignBridge.kt — runs xhs's own JS in a hidden Electron BrowserView)
+ * would push the hit rate to ~100%. Out of scope for v0.2 Node port.
+ */
+
+const crypto = require("node:crypto");
+
+/** "XYW_" prefix — matches xhs.js output. */
+const XS_PREFIX = "XYW_";
+
+/**
+ * Compute X-S + X-T headers for a GET request.
+ *
+ * @param {string} urlPathWithQuery   url.pathname + url.search (path + "?" + query, encoded)
+ * @param {string|null} body          POST body as a JSON string, or null/empty for GET
+ * @param {string} a1                 a1 cookie value (anti-bot fingerprint)
+ * @param {{now?: () => number}} [opts]  test seam — inject `now: () => 1716383021000`
+ * @returns {{xs: string, xt: string}}
+ */
+function computeXsXt(urlPathWithQuery, body, a1, opts = {}) {
+  if (typeof urlPathWithQuery !== "string" || urlPathWithQuery.length === 0) {
+    throw new TypeError("computeXsXt: urlPathWithQuery must be non-empty string");
+  }
+  if (typeof a1 !== "string" || a1.length === 0) {
+    throw new TypeError("computeXsXt: a1 must be non-empty string");
+  }
+  const ts = (opts.now || Date.now)();
+  const bodyStr = typeof body === "string" ? body : "";
+  const payload = "url=" + urlPathWithQuery + bodyStr;
+  const raw = `${ts}${payload}${a1}`;
+  const md5Hex = crypto.createHash("md5").update(raw, "utf8").digest("hex");
+  // base64 encode the UTF-8 bytes of the hex STRING (32 chars → 32 bytes
+  // → 44-char base64 with padding). xhs.js NO_WRAP NO_PADDING flags
+  // mirror: replace = padding with "", remove newlines (default in
+  // Buffer.toString("base64") already no-newlines, only padding to strip).
+  const b64NoPad = Buffer.from(md5Hex, "utf8").toString("base64").replace(/=+$/, "");
+  return {
+    xs: XS_PREFIX + b64NoPad,
+    xt: String(ts),
+  };
+}
+
+/**
+ * Extract a1 cookie value from a Cookie header string.
+ *
+ *   "web_session=abc; a1=18d6e123abc; xsec_token=xxx" → "18d6e123abc"
+ *
+ * Returns null when a1 not present.
+ */
+function extractA1(cookie) {
+  if (typeof cookie !== "string") return null;
+  for (const part of cookie.split(";")) {
+    const trimmed = part.trim();
+    if (trimmed.startsWith("a1=")) {
+      const v = trimmed.substring(3);
+      return v.length > 0 ? v : null;
+    }
+  }
+  return null;
+}
+
+module.exports = {
+  computeXsXt,
+  extractA1,
+  XS_PREFIX,
+};

package/lib/adapters/social-xiaohongshu-adb/snapshot-builder.js

@@ -0,0 +1,126 @@
+"use strict";
+
+/**
+ * Phase 3c (Xhs C 路径 — 2026-05-25): API responses → snapshot JSON.
+ *
+ * Matches the existing `social-xiaohongshu` adapter's snapshot mode
+ * schema (schemaVersion=1). Kinds: note / liked / follow.
+ *
+ * Note: xhs userId is a Base64-ish string (e.g. "5e8c8f7e..."), not a
+ * numeric Long. The account.uid in the snapshot is set to userId
+ * verbatim (string passthrough); consumers shouldn't expect numeric uid.
+ */
+
+const fs = require("node:fs");
+const path = require("node:path");
+const os = require("node:os");
+const crypto = require("node:crypto");
+
+const SNAPSHOT_SCHEMA_VERSION = 1;
+
+function buildSnapshot(input) {
+  if (!input || typeof input !== "object") {
+    throw new TypeError("buildSnapshot: input must be an object");
+  }
+  const userId = input.userId;
+  if (typeof userId !== "string" || userId.length === 0) {
+    throw new TypeError("buildSnapshot: input.userId must be a non-empty string");
+  }
+  const snapshottedAt =
+    Number.isFinite(input.snapshottedAt) && input.snapshottedAt > 0
+      ? input.snapshottedAt
+      : Date.now();
+  const account = {
+    userId, // xhs userId is a string, not numeric
+    nickname: typeof input.nickname === "string" ? input.nickname : "",
+  };
+  const events = [];
+
+  // notes
+  const notes = Array.isArray(input.notes) ? input.notes : [];
+  notes.forEach((n, idx) => {
+    if (!n || typeof n !== "object") return;
+    events.push({
+      kind: "note",
+      id: n.noteId ? `note-${n.noteId}` : `note-${idx}`,
+      capturedAt:
+        typeof n.createdAt === "number" && n.createdAt > 0
+          ? n.createdAt
+          : snapshottedAt,
+      noteId: n.noteId || null,
+      title: n.title || null,
+      desc: n.desc || null,
+      type: n.type || "normal",
+      likedCount: typeof n.likedCount === "number" ? n.likedCount : 0,
+      collectedCount:
+        typeof n.collectedCount === "number" ? n.collectedCount : 0,
+      commentCount: typeof n.commentCount === "number" ? n.commentCount : 0,
+    });
+  });
+
+  // liked
+  const liked = Array.isArray(input.liked) ? input.liked : [];
+  liked.forEach((l, idx) => {
+    if (!l || typeof l !== "object") return;
+    events.push({
+      kind: "liked",
+      id: l.noteId ? `liked-${l.noteId}` : `liked-${idx}`,
+      // xhs doesn't return liked_at — use snapshottedAt
+      capturedAt: snapshottedAt,
+      noteId: l.noteId || null,
+      title: l.title || null,
+      authorNickname: l.authorNickname || null,
+    });
+  });
+
+  // follows
+  const follows = Array.isArray(input.follows) ? input.follows : [];
+  follows.forEach((f, idx) => {
+    if (!f || typeof f !== "object") return;
+    events.push({
+      kind: "follow",
+      id: f.userId ? `follow-${f.userId}` : `follow-${idx}`,
+      capturedAt: snapshottedAt,
+      userId: f.userId || null,
+      nickname: f.nickname || null,
+      image: f.image || null,
+    });
+  });
+
+  return {
+    schemaVersion: SNAPSHOT_SCHEMA_VERSION,
+    snapshottedAt,
+    account,
+    events,
+  };
+}
+
+function writeSnapshotJson(snapshot, opts = {}) {
+  const dir = opts.dir || os.tmpdir();
+  const fileName =
+    opts.fileName || `cc-xhs-snapshot-${crypto.randomUUID()}.json`;
+  if (fileName.includes("/") || fileName.includes("\\")) {
+    throw new Error(
+      "writeSnapshotJson: opts.fileName must be a basename, not a path",
+    );
+  }
+  const full = path.join(dir, fileName);
+  fs.writeFileSync(full, JSON.stringify(snapshot), "utf-8");
+  return full;
+}
+
+function cleanupSnapshotJson(filePath) {
+  if (!filePath) return;
+  try {
+    fs.unlinkSync(filePath);
+  } catch (_e) {
+    // ignore
+  }
+}
+
+module.exports = {
+  buildSnapshot,
+  writeSnapshotJson,
+  cleanupSnapshotJson,
+  SNAPSHOT_SCHEMA_VERSION,
+};

package/lib/adapters/system-data-android/adapter.js

@@ -28,13 +28,28 @@ const {
 } = require("../../constants");
 
 const NAME = "system-data-android";
+// v0.3.2 (2026-05-25): denormalise contact identifiers (phones/emails/
+//   organization/starred) and app version/install fields onto
+//   event.extra so the Vault Browser tap-to-detail sheet can render
+//   human-readable fields without joining back to the persons/items
+//   tables. Same content lives on the entity rows; events are now a
+//   convenience copy. Adds ~50-200 bytes per event but keeps the detail
+//   UI single-table.
+// v0.3.1 (2026-05-25): normalize() now emits a synthetic OTHER event per
+//   contact + per app. Snapshot mode previously only wrote persons/items;
+//   Vault Browser's `category=system` facet only counts events, so the
+//   chip showed (0) forever even after a successful sync. Synthetic event
+//   per entity (stable id, idempotent across re-syncs via UPSERT) lights
+//   up the chip with `total = #contacts + #apps`. occurredAt = capturedAt
+//   of the latest snapshot containing the entity. sms/call/media events
+//   were already emitted in v0.2 — unchanged.
 // v0.3.0 (2026-05-24): added kind="media-file" via bridge mode
 //   (host-adb-bridge media.list across 5 /sdcard categories). Metadata
 //   only — path/size/mtime/ext, no file content.
 // v0.2.0 (2026-05-24): added kind="sms" + kind="call" via bridge mode.
 //   Snapshot mode still v1 schema — sms/calls/media only land via
 //   bridge path until Android snapshot writer is updated to include them.
-const VERSION = "0.3.0";
+const VERSION = "0.3.2";
 const SNAPSHOT_SCHEMA_VERSION = 1;
 
 // Stable per-source originalId — registry.putRawEvent rejects null originalId
@@ -391,8 +406,42 @@ class SystemDataAndroidAdapter {
       if (typeof p.photoUri === "string" && p.photoUri.length > 0) extra.photoUri = p.photoUri;
       if (Object.keys(extra).length > 0) person.extra = extra;
 
+      // v0.3.1 — synthesise an OTHER event so the snapshot contact shows up
+      // in the Vault Browser's `category=system` facet (which counts events,
+      // not persons). Stable id keyed on stableKey makes re-syncs idempotent
+      // via UPSERT; occurredAt floats forward to the latest snapshot time
+      // ("last time we saw this contact").
+      //
+      // v0.3.2 — duplicate the contact's identifying fields onto event.extra
+      // so the Vault Browser's tap-to-detail sheet can render them inline
+      // without joining back to the persons table. Phones/emails/relation/
+      // starred — same data shape as person.identifiers + person.relation
+      // + person.extra, just denormalised so a single events-table read
+      // suffices for the detail UI.
+      const eventExtra = { kind: "contact-snapshot" };
+      if (identifiers.phone && identifiers.phone.length > 0) {
+        eventExtra.phones = identifiers.phone;
+      }
+      if (identifiers.email && identifiers.email.length > 0) {
+        eventExtra.emails = identifiers.email;
+      }
+      if (typeof p.organization === "string" && p.organization.trim().length > 0) {
+        eventExtra.organization = p.organization.trim();
+      }
+      if (typeof p.starred === "boolean") eventExtra.starred = p.starred;
+      const event = {
+        id: `event-android-contact-${stableKey}`,
+        type: ENTITY_TYPES.EVENT,
+        subtype: EVENT_SUBTYPES.OTHER,
+        occurredAt: raw.capturedAt,
+        ingestedAt,
+        source: source(`android-contact:${stableKey}`),
+        content: { title: `联系人：${displayName}` },
+        extra: eventExtra,
+      };
+
       return {
-        events: [],
+        events: [event],
         persons: [person],
         places: [],
         items: [],
@@ -428,8 +477,33 @@ class SystemDataAndroidAdapter {
         },
       };
 
+      // v0.3.1 — same rationale as the contact branch: emit a synthetic
+      // OTHER event so installed apps show up in the system facet count.
+      // v0.3.2 — copy versioning/install fields onto event.extra so the
+      // detail sheet can render them inline.
+      const eventExtra = { kind: "app-snapshot", packageName: pkgName };
+      if (typeof a.versionName === "string" && a.versionName.length > 0) {
+        eventExtra.versionName = a.versionName;
+      }
+      if (Number.isInteger(a.versionCode)) eventExtra.versionCode = a.versionCode;
+      if (Number.isInteger(a.firstInstallTime)) {
+        eventExtra.firstInstallTime = a.firstInstallTime;
+      }
+      if (Number.isInteger(a.lastUpdateTime)) eventExtra.lastUpdateTime = a.lastUpdateTime;
+      if (typeof a.isSystem === "boolean") eventExtra.isSystem = a.isSystem;
+      const event = {
+        id: `event-android-app-${pkgName}`,
+        type: ENTITY_TYPES.EVENT,
+        subtype: EVENT_SUBTYPES.OTHER,
+        occurredAt: raw.capturedAt,
+        ingestedAt,
+        source: source(`android-app:${pkgName}`),
+        content: { title: `应用：${label}` },
+        extra: eventExtra,
+      };
+
       return {
-        events: [],
+        events: [event],
         persons: [],
         places: [],
         items: [item],

package/lib/adapters/travel-amap/index.js

@@ -19,20 +19,22 @@ const fs = require("node:fs");
 const { normalizeTravelRecord, parseChineseDateTime } = require("../travel-base");
 
 const NAME = "travel-amap";
-const VERSION = "0.5.0";
+const VERSION = "0.6.0"; // 2026-05-25 — account.deviceId OPTIONAL + inputPath alias
 
 class AmapAdapter {
   constructor(opts = {}) {
-    if (!opts.account || !opts.account.deviceId) {
-      throw new Error("AmapAdapter: opts.account.deviceId required");
-    }
-    this.account = opts.account;
-    this._dbPath = opts.dbPath || null;
+    // 2026-05-25 — account.deviceId OPTIONAL (mirror Taobao/Ctrip/Telegram).
+    // sqlite-mode adapter still requires user to provide a pulled amap.db
+    // (`/data/data/com.autonavi.minimap/databases/amap.db`). Earlier strict
+    // ctor blocked auto-register at boot → silent "no adapter travel-amap"
+    // when Android collector ships extracted db.
+    this.account = opts.account || null;
+    this._dbPath = opts.dbPath || opts.inputPath || null;
     this._dbDriverFactory = opts.dbDriverFactory || null;
 
     this.name = NAME;
     this.version = VERSION;
-    this.capabilities = ["sync:sqlite", "parse:amap-history"];
+    this.capabilities = ["sync:sqlite", "sync:snapshot", "parse:amap-history"];
     this.extractMode = "device-pull";
     this.rateLimits = {};
     this.dataDisclosure = {
@@ -46,8 +48,12 @@ class AmapAdapter {
     };
   }
 
-  async authenticate() {
-    return { ok: true, account: this.account.deviceId };
+  async authenticate(ctx = {}) {
+    const dbPath = (ctx && (ctx.inputPath || ctx.dbPath)) || this._dbPath;
+    if (!dbPath || !fs.existsSync(dbPath)) {
+      return { ok: true, account: this.account ? this.account.deviceId : null, mode: "ready" };
+    }
+    return { ok: true, account: this.account ? this.account.deviceId : null, mode: "snapshot-file" };
   }
 
   async healthCheck() {
@@ -55,7 +61,7 @@ class AmapAdapter {
   }
 
   async *sync(opts = {}) {
-    const dbPath = opts.dbPath || this._dbPath;
+    const dbPath = opts.inputPath || opts.dbPath || this._dbPath;
     if (!dbPath || !fs.existsSync(dbPath)) return;
     const Database = this._dbDriverFactory || (() => require("better-sqlite3-multiple-ciphers"));
     const Driver = typeof Database === "function" ? Database() : Database;

package/lib/adapters/travel-ctrip/index.js

@@ -16,19 +16,21 @@ const fs = require("node:fs");
 const { normalizeTravelRecord, parseChineseDateTime } = require("../travel-base");
 
 const NAME = "travel-ctrip";
-const VERSION = "0.5.0";
+const VERSION = "0.6.0"; // §9.3b — account.email OPTIONAL + inputPath snapshot alias
 
 class CtripAdapter {
   constructor(opts = {}) {
-    if (!opts.account || !opts.account.email) {
-      throw new Error("CtripAdapter: opts.account.email required");
-    }
-    this.account = opts.account;
+    // §9.3b 2026-05-25 — account.email OPTIONAL (mirror shopping-jd/taobao
+    // dual-mode). file-import mode is stateless; bookkeeping account.email
+    // is informational, not gating. Earlier strict ctor blocked
+    // auto-register at boot → Android collector ship JSON staging path
+    // failed with silent "no adapter travel-ctrip".
+    this.account = opts.account || null;
     this._dataPath = opts.dataPath || null;
 
     this.name = NAME;
     this.version = VERSION;
-    this.capabilities = ["import:json", "parse:ctrip-orders"];
+    this.capabilities = ["import:json", "sync:snapshot", "parse:ctrip-orders"];
     this.extractMode = "file-import";
     this.rateLimits = {};
     this.dataDisclosure = {
@@ -40,8 +42,19 @@ class CtripAdapter {
     };
   }
 
-  async authenticate() {
-    return { ok: true, account: this.account.email };
+  async authenticate(ctx = {}) {
+    // Snapshot / file-import path: validate file readable when an inputPath
+    // / dataPath is provided. Otherwise return ok with whatever account
+    // bookkeeping we have (file path can be supplied later via sync(opts)).
+    const filePath = (ctx && ctx.inputPath) || ctx.dataPath || this._dataPath;
+    if (filePath) {
+      try { fs.accessSync(filePath, fs.constants.R_OK); }
+      catch (err) {
+        return { ok: false, reason: "INPUT_PATH_UNREADABLE", message: `not readable at ${filePath}: ${err.message}` };
+      }
+      return { ok: true, mode: "snapshot-file" };
+    }
+    return { ok: true, account: this.account ? this.account.email : null, mode: "ready" };
   }
 
   async healthCheck() {
@@ -49,7 +62,10 @@ class CtripAdapter {
   }
 
   async *sync(opts = {}) {
-    const dataPath = opts.dataPath || this._dataPath;
+    // Snapshot mode aliases dataPath → inputPath so Android in-APK cc can
+    // call syncAdapter("travel-ctrip", path) with the same shape it uses
+    // for the other snapshot-mode adapters (shopping-jd / travel-12306).
+    const dataPath = opts.inputPath || opts.dataPath || this._dataPath;
     if (!dataPath || !fs.existsSync(dataPath)) return;
     const text = fs.readFileSync(dataPath, "utf-8");
     let records;

package/lib/adapters/vscode/vscode-reader.js

@@ -23,7 +23,12 @@ const os = require("node:os");
 // Dual-load: bs3mc tracks Electron's ABI 140 (runtime path), plain
 // better-sqlite3 tracks Node's ABI 127 (test path). Whichever loads
 // wins. See chrome-db-reader.js for the same pattern + rationale.
+//
+// CRITICAL: must be lazy. Top-level invocation kills main process when
+// both modules absent/ABI-mismatched (v5.0.3.87 startup crash).
+let _cachedDatabaseClass = null;
 function loadDatabase() {
+  if (_cachedDatabaseClass) return _cachedDatabaseClass;
   for (const mod of ["better-sqlite3-multiple-ciphers", "better-sqlite3"]) {
     let cls;
     try {
@@ -35,6 +40,7 @@ function loadDatabase() {
     try {
       const probe = new cls(":memory:");
       probe.close();
+      _cachedDatabaseClass = cls;
       return cls;
     } catch (_e) {
       /* ABI mismatch, try next */
@@ -44,7 +50,6 @@ function loadDatabase() {
     "vscode-reader: neither better-sqlite3-multiple-ciphers nor better-sqlite3 loaded — both ABI-mismatched",
   );
 }
-const Database = loadDatabase();
 
 function defaultVscodeRoot() {
   if (process.platform === "win32") {
@@ -136,6 +141,7 @@ function readTerminalHistory(vscodeRoot, opts = {}) {
     }
   }
   try {
+    const Database = loadDatabase();
     const db = new Database(tmp, { readonly: true });
     const get = (k) => {
       try {

package/lib/sign-providers/index.js

@@ -0,0 +1,20 @@
+"use strict";
+
+/**
+ * Phase 6a (2026-05-25) — sign-providers entry point.
+ *
+ * Re-exports the abstract `SignProvider` contract + the default
+ * `NullSignProvider` impl. Real implementations live in the desktop
+ * Electron main process (`desktop-app-vue/src/main/sign-bridge/`)
+ * because they need a WebContentsView. CLI / web-shell / test code
+ * uses NullSignProvider unless desktop-side wiring injects a real one.
+ */
+
+const { SignProvider } = require("./interface");
+const { NullSignProvider, NULL_SIGN_PROVIDER } = require("./null-sign-provider");
+
+module.exports = {
+  SignProvider,
+  NullSignProvider,
+  NULL_SIGN_PROVIDER,
+};

package/lib/sign-providers/interface.js

@@ -0,0 +1,82 @@
+"use strict";
+
+/**
+ * Phase 6a (2026-05-25) — SignProvider abstract contract for platforms
+ * that require per-request signatures (Toutiao `_signature` / Kuaishou
+ * `NS_sig3` / Xhs `X-S` / Douyin `X-Bogus`).
+ *
+ * Mirror of Android-side `pdh/social/SignProvider.kt`. Same 3-method
+ * interface so Node API clients can swap impl without changes:
+ *
+ *   - `signUrl(rawUrl, purpose)` — Some platforms (Toutiao, Kuaishou)
+ *     append `_signature=...` / `NS_sig3=...` to the URL itself; this
+ *     returns a NEW URL with sig appended, OR `null` if signing failed.
+ *
+ *   - `signedHeaders(rawUrl, purpose)` — Other platforms (Xhs) leave
+ *     the URL alone and put `X-S` / `X-T` / `X-S-Common` in HTTP
+ *     headers; this returns an object of header name → value, possibly
+ *     empty when signing failed.
+ *
+ *   - `shutdown()` — Release the WebContentsView / WebView held by the
+ *     bridge implementation. Idempotent.
+ *
+ * **The two methods are independent** — a bridge for Toutiao implements
+ * signUrl (URL mutation), Xhs implements signedHeaders (header set).
+ * The base abstract returns null/empty for both so subclasses only
+ * implement what they need.
+ *
+ * **`purpose` string** is platform-defined opaque context the JS in the
+ * WebContentsView needs to discriminate which signing function to call.
+ * For Xhs we encode as `"<pathWithQuery>|<bodyJsonOrEmpty>"`. For
+ * Toutiao we use a string like `"feed"` / `"collection"` to pick the
+ * acrawler.js entry point. Subclasses define the schema.
+ */
+
+/**
+ * Abstract base — direct subclassing in JS uses prototypal extension;
+ * the methods here are stubs returning null/empty so subclasses can
+ * implement only what their platform needs.
+ */
+class SignProvider {
+  /**
+   * Sign a URL by appending platform-specific query params (e.g.
+   * Toutiao's `_signature`). Returns a new URL string with sig
+   * appended, or `null` if signing failed (bridge cold / JS rotated).
+   *
+   * The caller (api-client) MUST handle `null` by surfacing a
+   * lastErrorCode like -99 ("_signature unavailable") and returning
+   * empty result for that endpoint, NOT throwing.
+   *
+   * @param {URL|string} rawUrl  the unsigned URL
+   * @param {string} purpose  opaque context for the bridge's JS
+   * @returns {Promise<string|null>}  signed URL or null
+   */
+  async signUrl(_rawUrl, _purpose) {
+    return null;
+  }
+
+  /**
+   * Sign by returning HTTP headers to merge into the request (e.g.
+   * Xhs `X-S` / `X-T` / `X-S-Common`). Returns an object — empty
+   * map `{}` when signing failed (NOT null) so callers can spread
+   * the result unconditionally.
+   *
+   * @param {URL|string} rawUrl
+   * @param {string} purpose
+   * @returns {Promise<{[name: string]: string}>}
+   */
+  async signedHeaders(_rawUrl, _purpose) {
+    return {};
+  }
+
+  /**
+   * Release WebContentsView and any background resources. Idempotent —
+   * the api-client calls this in a `finally` so racing shutdowns
+   * must not throw.
+   */
+  async shutdown() {
+    // no-op default
+  }
+}
+
+module.exports = { SignProvider };

package/lib/sign-providers/null-sign-provider.js

@@ -0,0 +1,30 @@
+"use strict";
+
+/**
+ * Phase 6a (2026-05-25) — NullSignProvider: default no-op for callers
+ * that don't have a WebContentsView context (e.g. headless `cc serve`
+ * without Electron, or unit tests).
+ *
+ * Mirror of Android `pdh/social/NullSignProvider.kt`.
+ *
+ * API clients use this as the default — when wiring upgrades to
+ * Electron+WebContentsView, swap to `XhsSignBridge` / `ToutiaoSignBridge`
+ * etc. **without changing the api-client code**. The signing endpoints
+ * gracefully degrade to "best-effort" or "empty result" rather than
+ * throwing.
+ */
+
+const { SignProvider } = require("./interface");
+
+class NullSignProvider extends SignProvider {
+  // Inherits all stubs from base — signUrl returns null,
+  // signedHeaders returns {}, shutdown is no-op.
+}
+
+/** Frozen singleton — callers should not create multiple NullSignProviders. */
+const NULL_SIGN_PROVIDER = Object.freeze(new NullSignProvider());
+
+module.exports = {
+  NullSignProvider,
+  NULL_SIGN_PROVIDER,
+};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@chainlesschain/personal-data-hub",
-  "version": "0.3.1",
+  "version": "0.3.6",
   "description": "Personal Data Hub — UnifiedSchema + validators + KG ingest helpers for the data-back-to-the-individual middleware",
   "type": "commonjs",
   "main": "lib/index.js",
@@ -27,6 +27,7 @@
     "./bridges/cc-llm-adapter": "./lib/bridges/cc-llm-adapter.js",
     "./bridges/cc-kg-sink": "./lib/bridges/cc-kg-sink.js",
     "./bridges/cc-rag-sink": "./lib/bridges/cc-rag-sink.js",
+    "./sign-providers": "./lib/sign-providers/index.js",
     "./adapters/email-imap": "./lib/adapters/email-imap/index.js",
     "./adapters/alipay-bill": "./lib/adapters/alipay-bill/index.js",
     "./adapters/system-data": "./lib/adapters/system-data/index.js",
@@ -53,9 +54,13 @@
     "./adapters/shopping-jd": "./lib/adapters/shopping-jd/index.js",
     "./adapters/shopping-meituan": "./lib/adapters/shopping-meituan/index.js",
     "./adapters/social-bilibili": "./lib/adapters/social-bilibili/index.js",
+    "./adapters/social-bilibili-adb": "./lib/adapters/social-bilibili-adb/index.js",
     "./adapters/social-weibo": "./lib/adapters/social-weibo/index.js",
+    "./adapters/social-weibo-adb": "./lib/adapters/social-weibo-adb/index.js",
     "./adapters/social-douyin": "./lib/adapters/social-douyin/index.js",
+    "./adapters/social-douyin-adb": "./lib/adapters/social-douyin-adb/index.js",
     "./adapters/social-xiaohongshu": "./lib/adapters/social-xiaohongshu/index.js",
+    "./adapters/social-xiaohongshu-adb": "./lib/adapters/social-xiaohongshu-adb/index.js",
     "./adapters/messaging-qq": "./lib/adapters/messaging-qq/index.js",
     "./adapters/messaging-telegram": "./lib/adapters/messaging-telegram/index.js",
     "./adapters/messaging-whatsapp": "./lib/adapters/messaging-whatsapp/index.js",