npm - @coffeexdev/openclaw-sentinel - Versions diffs - 0.1.5 → 0.1.7 - Mend

@coffeexdev/openclaw-sentinel 0.1.5 → 0.1.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/tool.d.ts CHANGED Viewed

@@ -1,5 +1,8 @@
 import type { AnyAgentTool } from "openclaw/plugin-sdk";
+import type { Static } from "@sinclair/typebox";
 import { WatcherManager } from "./watcherManager.js";
+import { SentinelToolSchema } from "./toolSchema.js";
+export type SentinelToolParams = Static<typeof SentinelToolSchema>;
 type RegisterToolFn = (tool: AnyAgentTool) => void;
 export declare function registerSentinelControl(registerTool: RegisterToolFn, manager: WatcherManager): void;
 export {};

package/dist/tool.js CHANGED Viewed

@@ -1,13 +1,16 @@
 import { jsonResult } from "openclaw/plugin-sdk";
-import { z } from "zod";
+import { Value } from "@sinclair/typebox/value";
 import { SentinelToolSchema } from "./toolSchema.js";
-const ParamsSchema = z
-    .object({
-    action: z.enum(["create", "enable", "disable", "remove", "status", "list"]),
-    id: z.string().optional(),
-    watcher: z.unknown().optional(),
-})
-    .strict();
+function validateParams(params) {
+    const candidate = (params ?? {});
+    if (!Value.Check(SentinelToolSchema, candidate)) {
+        const first = [...Value.Errors(SentinelToolSchema, candidate)][0];
+        const where = first?.path || "(root)";
+        const why = first?.message || "Invalid parameters";
+        throw new Error(`Invalid sentinel_control parameters at ${where}: ${why}`);
+    }
+    return candidate;
+}
 export function registerSentinelControl(registerTool, manager) {
     registerTool({
         name: "sentinel_control",
@@ -15,7 +18,7 @@ export function registerSentinelControl(registerTool, manager) {
         description: "Create/manage sentinel watchers",
         parameters: SentinelToolSchema,
         async execute(_toolCallId, params) {
-            const payload = ParamsSchema.parse((params ?? {}));
+            const payload = validateParams(params);
             switch (payload.action) {
                 case "create":
                     return jsonResult(await manager.create(payload.watcher));

package/dist/toolSchema.js CHANGED Viewed

@@ -24,7 +24,7 @@ const FireConfigSchema = Type.Object({
     }),
     eventName: Type.String({ description: "Event name included in the dispatched payload" }),
     payloadTemplate: Type.Record(Type.String(), Type.Union([Type.String(), Type.Number(), Type.Boolean(), Type.Null()]), {
-        description: "Key-value template for the webhook payload. Supports {{mustache}} interpolation from matched response data.",
+        description: "Key-value template for the webhook payload. Supports ${...} interpolation from matched response data.",
     }),
 });
 const RetryPolicySchema = Type.Object({
@@ -74,4 +74,4 @@ export const SentinelToolSchema = Type.Object({
     ], { description: "The action to perform" }),
     id: Type.Optional(Type.String({ description: "Watcher ID (required for enable/disable/remove/status)" })),
     watcher: Type.Optional(WatcherSchema),
-});
+}, { additionalProperties: false });

package/dist/validator.js CHANGED Viewed

@@ -1,63 +1,62 @@
-import { z } from "zod";
+import { Type } from "@sinclair/typebox";
+import { Value } from "@sinclair/typebox/value";
 const codeyKeyPattern = /(script|code|eval|handler|function|import|require)/i;
 const codeyValuePattern = /(=>|\bfunction\b|\bimport\s+|\brequire\s*\(|\beval\s*\()/i;
-const conditionSchema = z
-    .object({
-    path: z.string().min(1),
-    op: z.enum([
-        "eq",
-        "neq",
-        "gt",
-        "gte",
-        "lt",
-        "lte",
-        "exists",
-        "absent",
-        "contains",
-        "matches",
-        "changed",
+const ConditionSchema = Type.Object({
+    path: Type.String({ minLength: 1 }),
+    op: Type.Union([
+        Type.Literal("eq"),
+        Type.Literal("neq"),
+        Type.Literal("gt"),
+        Type.Literal("gte"),
+        Type.Literal("lt"),
+        Type.Literal("lte"),
+        Type.Literal("exists"),
+        Type.Literal("absent"),
+        Type.Literal("contains"),
+        Type.Literal("matches"),
+        Type.Literal("changed"),
     ]),
-    value: z.any().optional(),
-})
-    .strict();
-const watcherSchema = z
-    .object({
-    id: z.string().min(1),
-    skillId: z.string().min(1),
-    enabled: z.boolean().default(true),
-    strategy: z.enum(["http-poll", "websocket", "sse", "http-long-poll"]),
-    endpoint: z.string().url(),
-    method: z.enum(["GET", "POST"]).optional(),
-    headers: z.record(z.string()).optional(),
-    body: z.string().optional(),
-    intervalMs: z.number().int().positive().optional(),
-    timeoutMs: z.number().int().positive().optional(),
-    match: z.enum(["all", "any"]),
-    conditions: z.array(conditionSchema).min(1),
-    fire: z
-        .object({
-        webhookPath: z.string().regex(/^\//),
-        eventName: z.string().min(1),
-        payloadTemplate: z.record(z.union([z.string(), z.number(), z.boolean(), z.null()])),
-    })
-        .strict(),
-    retry: z
-        .object({
-        maxRetries: z.number().int().min(0).max(20),
-        baseMs: z.number().int().min(50).max(60000),
-        maxMs: z.number().int().min(100).max(300000),
-    })
-        .strict(),
-    fireOnce: z.boolean().optional(),
-    metadata: z.record(z.string()).optional(),
-})
-    .strict();
+    value: Type.Optional(Type.Unknown()),
+}, { additionalProperties: false });
+const WatcherSchema = Type.Object({
+    id: Type.String({ minLength: 1 }),
+    skillId: Type.String({ minLength: 1 }),
+    enabled: Type.Boolean(),
+    strategy: Type.Union([
+        Type.Literal("http-poll"),
+        Type.Literal("websocket"),
+        Type.Literal("sse"),
+        Type.Literal("http-long-poll"),
+    ]),
+    endpoint: Type.String({ minLength: 1 }),
+    method: Type.Optional(Type.Union([Type.Literal("GET"), Type.Literal("POST")])),
+    headers: Type.Optional(Type.Record(Type.String(), Type.String())),
+    body: Type.Optional(Type.String()),
+    intervalMs: Type.Optional(Type.Integer({ minimum: 1 })),
+    timeoutMs: Type.Optional(Type.Integer({ minimum: 1 })),
+    match: Type.Union([Type.Literal("all"), Type.Literal("any")]),
+    conditions: Type.Array(ConditionSchema, { minItems: 1 }),
+    fire: Type.Object({
+        webhookPath: Type.String({ pattern: "^/" }),
+        eventName: Type.String({ minLength: 1 }),
+        payloadTemplate: Type.Record(Type.String(), Type.Union([Type.String(), Type.Number(), Type.Boolean(), Type.Null()])),
+    }, { additionalProperties: false }),
+    retry: Type.Object({
+        maxRetries: Type.Integer({ minimum: 0, maximum: 20 }),
+        baseMs: Type.Integer({ minimum: 50, maximum: 60000 }),
+        maxMs: Type.Integer({ minimum: 100, maximum: 300000 }),
+    }, { additionalProperties: false }),
+    fireOnce: Type.Optional(Type.Boolean()),
+    metadata: Type.Optional(Type.Record(Type.String(), Type.String())),
+}, { additionalProperties: false });
 function scanNoCodeLike(input, parentKey = "") {
     if (input === null || input === undefined)
         return;
     if (typeof input === "string") {
-        if (codeyValuePattern.test(input))
+        if (codeyValuePattern.test(input)) {
             throw new Error(`Code-like value rejected at ${parentKey || "<root>"}`);
+        }
         return;
     }
     if (Array.isArray(input)) {
@@ -66,13 +65,29 @@ function scanNoCodeLike(input, parentKey = "") {
     }
     if (typeof input === "object") {
         for (const [key, value] of Object.entries(input)) {
-            if (codeyKeyPattern.test(key))
+            if (codeyKeyPattern.test(key)) {
                 throw new Error(`Code-like field rejected: ${parentKey ? `${parentKey}.` : ""}${key}`);
+            }
             scanNoCodeLike(value, parentKey ? `${parentKey}.${key}` : key);
         }
     }
 }
 export function validateWatcherDefinition(input) {
     scanNoCodeLike(input);
-    return watcherSchema.parse(input);
+    if (!Value.Check(WatcherSchema, input)) {
+        const first = [...Value.Errors(WatcherSchema, input)][0];
+        const where = first?.path || "(root)";
+        const why = first?.message || "Invalid watcher definition";
+        throw new Error(`Invalid watcher definition at ${where}: ${why}`);
+    }
+    const endpoint = input.endpoint;
+    try {
+        if (typeof endpoint !== "string")
+            throw new Error("endpoint must be a string");
+        new URL(endpoint);
+    }
+    catch {
+        throw new Error("Invalid watcher definition at /endpoint: Invalid URL");
+    }
+    return input;
 }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@coffeexdev/openclaw-sentinel",
-  "version": "0.1.5",
+  "version": "0.1.7",
   "description": "Secure declarative gateway-native watcher plugin for OpenClaw",
   "keywords": [
     "openclaw",
@@ -44,8 +44,7 @@
   "dependencies": {
     "@sinclair/typebox": "^0.34.48",
     "re2-wasm": "^1.0.2",
-    "ws": "^8.18.3",
-    "zod": "^3.24.1"
+    "ws": "^8.18.3"
   },
   "devDependencies": {
     "@changesets/cli": "^2.29.7",
@@ -65,7 +64,8 @@
     "re2": "^1.23.3"
   },
   "lint-staged": {
-    "*.{ts,js,jsx,tsx,mjs,cjs,json,yml,yaml,md,css,html}": "oxfmt --write"
+    "!(*package-lock).json": "oxfmt --write",
+    "*.{ts,js,jsx,tsx,mjs,cjs,yml,yaml,md,css,html}": "oxfmt --write"
   },
   "engines": {
     "node": ">=22"