@chrysb/alphaclaw 0.4.4 → 0.4.5

package/lib/server/constants.js

@@ -1,11 +1,7 @@
 const os = require("os");
 const path = require("path");
 const kBrowseFilePolicies = require("../public/shared/browse-file-policies.json");
-
-const parsePositiveIntEnv = (value, fallbackValue) => {
-  const parsed = Number.parseInt(String(value || ""), 10);
-  return Number.isFinite(parsed) && parsed > 0 ? parsed : fallbackValue;
-};
+const { parsePositiveInt } = require("./utils/number");
 
 // Portable root directory: --root-dir flag sets ALPHACLAW_ROOT_DIR before require
 const kRootDir =
@@ -38,29 +34,29 @@ const CODEX_OAUTH_SCOPE = "openid profile email offline_access";
 const CODEX_JWT_CLAIM_PATH = "https://api.openai.com/auth";
 const kCodexOauthStateTtlMs = 10 * 60 * 1000;
 
-const kTrustProxyHops = parsePositiveIntEnv(process.env.TRUST_PROXY_HOPS, 1);
-const kLoginWindowMs = parsePositiveIntEnv(
+const kTrustProxyHops = parsePositiveInt(process.env.TRUST_PROXY_HOPS, 1);
+const kLoginWindowMs = parsePositiveInt(
   process.env.LOGIN_RATE_WINDOW_MS,
   10 * 60 * 1000,
 );
-const kLoginMaxAttempts = parsePositiveIntEnv(
+const kLoginMaxAttempts = parsePositiveInt(
   process.env.LOGIN_RATE_MAX_ATTEMPTS,
   5,
 );
-const kLoginBaseLockMs = parsePositiveIntEnv(
+const kLoginBaseLockMs = parsePositiveInt(
   process.env.LOGIN_RATE_BASE_LOCK_MS,
   60 * 1000,
 );
-const kLoginMaxLockMs = parsePositiveIntEnv(
+const kLoginMaxLockMs = parsePositiveInt(
   process.env.LOGIN_RATE_MAX_LOCK_MS,
   15 * 60 * 1000,
 );
-const kLoginCleanupIntervalMs = parsePositiveIntEnv(
+const kLoginCleanupIntervalMs = parsePositiveInt(
   process.env.LOGIN_RATE_CLEANUP_INTERVAL_MS,
   60 * 1000,
 );
 const kLoginStateTtlMs = Math.max(
-  parsePositiveIntEnv(
+  parsePositiveInt(
     process.env.LOGIN_RATE_STATE_TTL_MS,
     Math.max(kLoginWindowMs, kLoginMaxLockMs) * 3,
   ),
@@ -116,31 +112,31 @@ const kLatestVersionCacheTtlMs = 10 * 60 * 1000;
 const kOpenclawRegistryUrl = "https://registry.npmjs.org/openclaw";
 const kAlphaclawRegistryUrl = "https://registry.npmjs.org/@chrysb%2falphaclaw";
 const kAppDir = kNpmPackageRoot;
-const kMaxPayloadBytes = parsePositiveIntEnv(process.env.WEBHOOK_LOG_MAX_BYTES, 50 * 1024);
-const kWebhookPruneDays = parsePositiveIntEnv(process.env.WEBHOOK_LOG_RETENTION_DAYS, 30);
+const kMaxPayloadBytes = parsePositiveInt(process.env.WEBHOOK_LOG_MAX_BYTES, 50 * 1024);
+const kWebhookPruneDays = parsePositiveInt(process.env.WEBHOOK_LOG_RETENTION_DAYS, 30);
 const kWatchdogCheckIntervalMs =
-  parsePositiveIntEnv(process.env.WATCHDOG_CHECK_INTERVAL, 120) * 1000;
+  parsePositiveInt(process.env.WATCHDOG_CHECK_INTERVAL, 120) * 1000;
 const kWatchdogDegradedCheckIntervalMs =
-  parsePositiveIntEnv(process.env.WATCHDOG_DEGRADED_CHECK_INTERVAL, 5) * 1000;
-const kWatchdogStartupFailureThreshold = parsePositiveIntEnv(
+  parsePositiveInt(process.env.WATCHDOG_DEGRADED_CHECK_INTERVAL, 5) * 1000;
+const kWatchdogStartupFailureThreshold = parsePositiveInt(
   process.env.WATCHDOG_STARTUP_FAILURE_THRESHOLD,
   3,
 );
-const kWatchdogMaxRepairAttempts = parsePositiveIntEnv(
+const kWatchdogMaxRepairAttempts = parsePositiveInt(
   process.env.WATCHDOG_MAX_REPAIR_ATTEMPTS,
   2,
 );
 const kWatchdogCrashLoopWindowMs =
-  parsePositiveIntEnv(process.env.WATCHDOG_CRASH_LOOP_WINDOW, 300) * 1000;
-const kWatchdogCrashLoopThreshold = parsePositiveIntEnv(
+  parsePositiveInt(process.env.WATCHDOG_CRASH_LOOP_WINDOW, 300) * 1000;
+const kWatchdogCrashLoopThreshold = parsePositiveInt(
   process.env.WATCHDOG_CRASH_LOOP_THRESHOLD,
   3,
 );
-const kWatchdogLogRetentionDays = parsePositiveIntEnv(
+const kWatchdogLogRetentionDays = parsePositiveInt(
   process.env.WATCHDOG_LOG_RETENTION_DAYS,
   30,
 );
-const kLogMaxBytes = parsePositiveIntEnv(
+const kLogMaxBytes = parsePositiveInt(
   process.env.LOG_MAX_BYTES,
   2 * 1024 * 1024,
 );
@@ -266,17 +262,17 @@ const GOG_CREDENTIALS_PATH = path.join(GOG_CONFIG_DIR, "credentials.json");
 const GOG_STATE_PATH = path.join(GOG_CONFIG_DIR, "state.json");
 const GOG_KEYRING_PASSWORD = process.env.GOG_KEYRING_PASSWORD || "alphaclaw";
 const kMaxGoogleAccounts = 5;
-const kGmailServeBasePort = parsePositiveIntEnv(
+const kGmailServeBasePort = parsePositiveInt(
   process.env.GMAIL_SERVE_BASE_PORT,
   18801,
 );
 const kGmailWatchRenewalIntervalMs =
-  parsePositiveIntEnv(process.env.GMAIL_WATCH_RENEWAL_INTERVAL_SECONDS, 6 * 60 * 60) *
+  parsePositiveInt(process.env.GMAIL_WATCH_RENEWAL_INTERVAL_SECONDS, 6 * 60 * 60) *
   1000;
 const kGmailWatchRenewalThresholdMs =
-  parsePositiveIntEnv(process.env.GMAIL_WATCH_RENEWAL_THRESHOLD_SECONDS, 24 * 60 * 60) *
+  parsePositiveInt(process.env.GMAIL_WATCH_RENEWAL_THRESHOLD_SECONDS, 24 * 60 * 60) *
   1000;
-const kGmailMaxBodyBytes = parsePositiveIntEnv(
+const kGmailMaxBodyBytes = parsePositiveInt(
   process.env.GMAIL_WATCH_MAX_BODY_BYTES,
   20000,
 );

package/lib/server/gmail-push.js

@@ -1,4 +1,14 @@
 const http = require("http");
+const { parsePositiveInt } = require("./utils/number");
+
+const kGmailPushDedupeWindowMs = parsePositiveInt(
+  process.env.GMAIL_PUSH_DEDUPE_WINDOW_MS,
+  24 * 60 * 60 * 1000,
+);
+const kGmailPushDedupeMaxEntries = parsePositiveInt(
+  process.env.GMAIL_PUSH_DEDUPE_MAX_ENTRIES,
+  50000,
+);
 
 const extractBodyBuffer = (body) => {
   if (Buffer.isBuffer(body)) return body;
@@ -21,6 +31,68 @@ const parsePushEnvelope = (bodyBuffer) => {
   };
 };
 
+const createPushEventDedupeKey = ({ envelope, payload }) => {
+  const messageId = String(
+    envelope?.message?.messageId || envelope?.message?.message_id || "",
+  ).trim();
+  if (messageId) return `msg:${messageId}`;
+  const email = String(payload?.emailAddress || "")
+    .trim()
+    .toLowerCase();
+  const historyId = String(payload?.historyId || "").trim();
+  if (email && historyId) return `hist:${email}:${historyId}`;
+  if (historyId) return `hist:${historyId}`;
+  return "";
+};
+
+const createGmailPushEventDeduper = ({
+  ttlMs = kGmailPushDedupeWindowMs,
+  maxEntries = kGmailPushDedupeMaxEntries,
+} = {}) => {
+  const seenEvents = new Map();
+
+  const pruneExpiredEntries = (receivedAt) => {
+    const cutoff = receivedAt - ttlMs;
+    for (const [eventKey, seenAt] of seenEvents.entries()) {
+      if (seenAt > cutoff) break;
+      seenEvents.delete(eventKey);
+    }
+    while (seenEvents.size > maxEntries) {
+      const oldestKey = seenEvents.keys().next().value;
+      if (!oldestKey) break;
+      seenEvents.delete(oldestKey);
+    }
+  };
+
+  const shouldProcessPushEvent = ({ envelope, payload, receivedAt = Date.now() }) => {
+    const timestamp = Number.isFinite(receivedAt) ? receivedAt : Date.now();
+    pruneExpiredEntries(timestamp);
+    const eventKey = createPushEventDedupeKey({ envelope, payload });
+    if (!eventKey) return true;
+    return !seenEvents.has(eventKey);
+  };
+
+  shouldProcessPushEvent.markProcessed = ({
+    envelope,
+    payload,
+    receivedAt = Date.now(),
+  }) => {
+    const timestamp = Number.isFinite(receivedAt) ? receivedAt : Date.now();
+    pruneExpiredEntries(timestamp);
+    const eventKey = createPushEventDedupeKey({ envelope, payload });
+    if (!eventKey) return true;
+    seenEvents.set(eventKey, timestamp);
+    return true;
+  };
+
+  return shouldProcessPushEvent;
+};
+
+const isSuccessfulProxyStatus = (statusCode) => {
+  const numericStatus = Number.parseInt(String(statusCode || 0), 10);
+  return numericStatus >= 200 && numericStatus < 300;
+};
+
 const proxyPushToServe = async ({
   port,
   bodyBuffer,
@@ -58,6 +130,8 @@ const createGmailPushHandler = ({
   resolvePushToken,
   resolveTargetByEmail,
   markPushReceived,
+  shouldProcessPushEvent = createGmailPushEventDeduper(),
+  proxyPushToServeImpl = proxyPushToServe,
 }) =>
   async (req, res) => {
     try {
@@ -68,11 +142,24 @@ const createGmailPushHandler = ({
       }
 
       const bodyBuffer = extractBodyBuffer(req.body);
-      const { payload } = parsePushEnvelope(bodyBuffer);
+      const { envelope, payload } = parsePushEnvelope(bodyBuffer);
       const email = String(payload?.emailAddress || "").trim().toLowerCase();
       if (!email) {
         return res.status(200).json({ ok: true, ignored: true, reason: "missing_email" });
       }
+      if (
+        !shouldProcessPushEvent({
+          envelope,
+          payload,
+          receivedAt: Date.now(),
+        })
+      ) {
+        return res.status(200).json({
+          ok: true,
+          ignored: true,
+          reason: "duplicate_event",
+        });
+      }
 
       const target = resolveTargetByEmail?.(email);
       if (!target?.port) {
@@ -80,15 +167,22 @@ const createGmailPushHandler = ({
       }
 
       try {
-        const proxied = await proxyPushToServe({
+        const proxied = await proxyPushToServeImpl({
           port: target.port,
           bodyBuffer,
           headers: req.headers || {},
         });
-        await markPushReceived?.({
-          accountId: target.accountId,
-          at: Date.now(),
-        });
+        if (isSuccessfulProxyStatus(proxied.statusCode)) {
+          shouldProcessPushEvent.markProcessed?.({
+            envelope,
+            payload,
+            receivedAt: Date.now(),
+          });
+          await markPushReceived?.({
+            accountId: target.accountId,
+            at: Date.now(),
+          });
+        }
         return res
           .status(proxied.statusCode)
           .send(proxied.body || "");
@@ -106,4 +200,6 @@ const createGmailPushHandler = ({
 
 module.exports = {
   createGmailPushHandler,
+  createGmailPushEventDeduper,
+  createPushEventDedupeKey,
 };

package/lib/server/gmail-watch.js

@@ -14,29 +14,14 @@ const {
   allocateServePort,
 } = require("./google-state");
 const { createGmailServeManager } = require("./gmail-serve");
+const { parseJsonObjectFromNoisyOutput, parseJsonSafe } = require("./utils/json");
 const { createWebhook } = require("./webhooks");
-
-const quoteShellArg = (value) =>
-  `"${String(value || "").replace(/(["\\$`])/g, "\\$1")}"`;
-
-const parseJsonMaybe = (raw) => {
-  const text = String(raw || "").trim();
-  if (!text) return null;
-  try {
-    return JSON.parse(text);
-  } catch {}
-  const firstBrace = text.indexOf("{");
-  const lastBrace = text.lastIndexOf("}");
-  if (firstBrace >= 0 && lastBrace > firstBrace) {
-    try {
-      return JSON.parse(text.slice(firstBrace, lastBrace + 1));
-    } catch {}
-  }
-  return null;
-};
+const { quoteShellArg } = require("./utils/shell");
 
 const parseExpirationFromOutput = (raw) => {
-  const parsed = parseJsonMaybe(raw);
+  const parsed =
+    parseJsonSafe(raw, null, { trim: true }) ||
+    parseJsonObjectFromNoisyOutput(raw);
   if (parsed?.expiration) {
     const numeric = Number.parseInt(String(parsed.expiration), 10);
     if (Number.isFinite(numeric) && numeric > 0) return numeric;

package/lib/server/helpers.js

@@ -5,6 +5,9 @@ const {
   kOnboardingModelProviders,
   gogClientCredentialsPath,
 } = require("./constants");
+const { isTruthyFlag } = require("./utils/boolean");
+const { parseJsonObjectFromNoisyOutput } = require("./utils/json");
+const { normalizeIp } = require("./utils/network");
 
 const normalizeOpenclawVersion = (rawVersion) => {
   if (!rawVersion) return null;
@@ -32,19 +35,7 @@ const compareVersionParts = (a, b) => {
   return 0;
 };
 
-const parseJsonFromNoisyOutput = (raw) => {
-  const text = String(raw || "");
-  const firstBrace = text.indexOf("{");
-  const lastBrace = text.lastIndexOf("}");
-  if (firstBrace === -1 || lastBrace === -1 || lastBrace <= firstBrace) {
-    return null;
-  }
-  try {
-    return JSON.parse(text.slice(firstBrace, lastBrace + 1));
-  } catch {
-    return null;
-  }
-};
+const parseJsonFromNoisyOutput = (raw) => parseJsonObjectFromNoisyOutput(raw);
 
 const parseJwtPayload = (token) => {
   try {
@@ -63,14 +54,7 @@ const getCodexAccountId = (accessToken) => {
   return typeof accountId === "string" && accountId ? accountId : null;
 };
 
-const normalizeIp = (ip) => String(ip || "").replace(/^::ffff:/, "");
-
-const isTruthyEnvFlag = (value) =>
-  ["1", "true", "yes", "on"].includes(
-    String(value || "")
-      .trim()
-      .toLowerCase(),
-  );
+const isTruthyEnvFlag = (value) => isTruthyFlag(value);
 const isDebugEnabled = () =>
   isTruthyEnvFlag(process.env.ALPHACLAW_DEBUG) ||
   isTruthyEnvFlag(process.env.DEBUG);

package/lib/server/routes/google.js

@@ -12,16 +12,8 @@ const {
 } = require("../google-state");
 const { syncBootstrapPromptFiles } = require("../onboarding/workspace");
 const { installGogCliSkill } = require("../gog-skill");
-
-const quoteShellArg = (value) => `"${String(value || "").replace(/(["\\$`])/g, "\\$1")}"`;
-
-const parseJsonSafe = (raw, fallbackValue) => {
-  try {
-    return JSON.parse(String(raw || ""));
-  } catch {
-    return fallbackValue;
-  }
-};
+const { parseJsonSafe } = require("../utils/json");
+const { quoteShellArg } = require("../utils/shell");
 
 const uniqueServiceLabels = (scopes) =>
   Array.from(

package/lib/server/routes/telegram.js

@@ -1,19 +1,10 @@
 const fs = require("fs");
 const { OPENCLAW_DIR } = require("../constants");
 const { isDebugEnabled } = require("../helpers");
+const { parseBooleanValue } = require("../utils/boolean");
+const { quoteShellArg } = require("../utils/shell");
 const topicRegistry = require("../topic-registry");
 const { syncConfigForTelegram } = require("../telegram-workspace");
-
-const parseBooleanValue = (value, fallbackValue = false) => {
-  if (typeof value === "boolean") return value;
-  if (typeof value === "number") return value !== 0;
-  if (typeof value === "string") {
-    const normalized = value.trim().toLowerCase();
-    if (["true", "1", "yes", "on"].includes(normalized)) return true;
-    if (["false", "0", "no", "off", ""].includes(normalized)) return false;
-  }
-  return fallbackValue;
-};
 const resolveGroupId = (req) => {
   const body = req.body || {};
   const rawGroupId = body.groupId ?? body.chatId;
@@ -53,13 +44,11 @@ const normalizeGitSyncMessagePart = (value) =>
     .replace(/\s+/g, " ")
     .trim();
 
-const quoteShellArg = (value) => `'${String(value || "").replace(/'/g, `'\"'\"'`)}'`;
-
 const buildTelegramGitSyncCommand = (action, target = "") => {
   const safeAction = normalizeGitSyncMessagePart(action);
   const safeTarget = normalizeGitSyncMessagePart(target);
   const message = `telegram workspace: ${safeAction} ${safeTarget}`.trim();
-  return `alphaclaw git-sync -m ${quoteShellArg(message)}`;
+  return `alphaclaw git-sync -m ${quoteShellArg(message, { strategy: "single" })}`;
 };
 
 const registerTelegramRoutes = ({

package/lib/server/routes/usage.js

@@ -1,13 +1,9 @@
 const topicRegistry = require("../topic-registry");
+const { parsePositiveInt } = require("../utils/number");
 
 const kSummaryCacheTtlMs = 60 * 1000;
 const kClientTimeZoneHeader = "x-client-timezone";
 
-const parsePositiveInt = (value, fallbackValue) => {
-  const parsed = Number.parseInt(String(value ?? ""), 10);
-  return Number.isFinite(parsed) && parsed > 0 ? parsed : fallbackValue;
-};
-
 const createSummaryCache = () => new Map();
 const toTitleLabel = (value) => {
   const raw = String(value || "").trim();

package/lib/server/routes/webhooks.js

@@ -5,15 +5,11 @@ const {
   deleteWebhook,
   validateWebhookName,
 } = require("../webhooks");
+const { isTruthyFlag } = require("../utils/boolean");
 
 const isFiniteInteger = (value) =>
   Number.isFinite(value) && Number.isInteger(value);
-const parseBooleanFlag = (value) => {
-  const normalized = String(value == null ? "" : value)
-    .trim()
-    .toLowerCase();
-  return ["1", "true", "yes", "on"].includes(normalized);
-};
+const parseBooleanFlag = (value) => isTruthyFlag(value);
 
 const buildHealth = ({ totalCount, errorCount }) => {
   if (!totalCount || totalCount <= 0) return "green";

package/lib/server/utils/boolean.js

@@ -0,0 +1,22 @@
+const isTruthyFlag = (value) =>
+  ["1", "true", "yes", "on"].includes(
+    String(value ?? "")
+      .trim()
+      .toLowerCase(),
+  );
+
+const parseBooleanValue = (value, fallbackValue = false) => {
+  if (typeof value === "boolean") return value;
+  if (typeof value === "number") return value !== 0;
+  if (typeof value === "string") {
+    const normalized = value.trim().toLowerCase();
+    if (["true", "1", "yes", "on"].includes(normalized)) return true;
+    if (["false", "0", "no", "off", ""].includes(normalized)) return false;
+  }
+  return fallbackValue;
+};
+
+module.exports = {
+  isTruthyFlag,
+  parseBooleanValue,
+};

package/lib/server/utils/json.js

@@ -0,0 +1,31 @@
+const parseJsonSafe = (rawValue, fallbackValue = null, options = {}) => {
+  const shouldTrim = options?.trim === true;
+  const text = shouldTrim
+    ? String(rawValue ?? "").trim()
+    : String(rawValue ?? "");
+  if (!text) return fallbackValue;
+  try {
+    return JSON.parse(text);
+  } catch {
+    return fallbackValue;
+  }
+};
+
+const parseJsonObjectFromNoisyOutput = (rawValue) => {
+  const text = String(rawValue ?? "");
+  const firstBrace = text.indexOf("{");
+  const lastBrace = text.lastIndexOf("}");
+  if (firstBrace === -1 || lastBrace === -1 || lastBrace <= firstBrace) {
+    return null;
+  }
+  try {
+    return JSON.parse(text.slice(firstBrace, lastBrace + 1));
+  } catch {
+    return null;
+  }
+};
+
+module.exports = {
+  parseJsonSafe,
+  parseJsonObjectFromNoisyOutput,
+};

package/lib/server/utils/network.js

@@ -0,0 +1,5 @@
+const normalizeIp = (ip) => String(ip || "").replace(/^::ffff:/, "");
+
+module.exports = {
+  normalizeIp,
+};

package/lib/server/utils/number.js

@@ -0,0 +1,8 @@
+const parsePositiveInt = (value, fallbackValue) => {
+  const parsed = Number.parseInt(String(value ?? ""), 10);
+  return Number.isFinite(parsed) && parsed > 0 ? parsed : fallbackValue;
+};
+
+module.exports = {
+  parsePositiveInt,
+};

package/lib/server/utils/shell.js

@@ -0,0 +1,16 @@
+const quoteShellArg = (value, options = {}) => {
+  const strategy = String(options?.strategy || "double").trim().toLowerCase();
+  const normalizedValue = String(value || "");
+
+  if (strategy === "single") {
+    return `'${normalizedValue.replace(/'/g, `'\"'\"'`)}'`;
+  }
+  if (strategy === "double") {
+    return `"${normalizedValue.replace(/(["\\$`])/g, "\\$1")}"`;
+  }
+  throw new Error(`Unsupported shell quote strategy: ${strategy}`);
+};
+
+module.exports = {
+  quoteShellArg,
+};

package/lib/server/webhook-middleware.js

@@ -1,13 +1,12 @@
 const http = require("http");
 const https = require("https");
 const { URL } = require("url");
+const { normalizeIp } = require("./utils/network");
 
 const kRedactedHeaderKeys = new Set(["authorization", "cookie", "x-webhook-token"]);
 const kGmailDedupeTtlMs = 24 * 60 * 60 * 1000;
 const kGmailDedupeCleanupIntervalMs = 60 * 1000;
 
-const normalizeIp = (ip) => String(ip || "").replace(/^::ffff:/, "");
-
 const sanitizeHeaders = (headers) => {
   const sanitized = {};
   for (const [key, value] of Object.entries(headers || {})) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@chrysb/alphaclaw",
-  "version": "0.4.4",
+  "version": "0.4.5",
   "publishConfig": {
     "access": "public"
   },