npm - @inetafrica/open-claudia - Versions diffs - 1.14.3 → 1.14.5 - Mend

@inetafrica/open-claudia 1.14.3 → 1.14.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/bot-agent.js CHANGED Viewed

@@ -1471,7 +1471,7 @@ bot.onText(/\/upgrade$/, async (msg) => {
     await send("Upgrading...");
   }
   try {
-    execSync("npm install -g @inetafrica/open-claudia@latest 2>&1", {
+    execSync(`npm install -g @inetafrica/open-claudia@${latest} 2>&1`, {
       encoding: "utf-8", timeout: 120000,
       cwd: process.env.HOME || require("os").homedir(),
       env: { ...process.env, PATH: FULL_PATH, HOME: process.env.HOME || require("os").homedir() },
@@ -1482,8 +1482,9 @@ bot.onText(/\/upgrade$/, async (msg) => {
     let whatsNew = "";
     try {
       const changelog = fs.readFileSync(path.join(root, "@inetafrica", "open-claudia", "CHANGELOG.md"), "utf-8");
-      const versionHeader = `## v${newPkg.version}`;
-      const start = changelog.indexOf(versionHeader);
+      let versionHeader = `## v${newPkg.version}`;
+      let start = changelog.indexOf(versionHeader);
+      if (start < 0) { versionHeader = `## ${newPkg.version}`; start = changelog.indexOf(versionHeader); }
       if (start >= 0) {
         const afterHeader = changelog.slice(start + versionHeader.length);
         const nextVersion = afterHeader.indexOf("\n## ");
@@ -1717,6 +1718,25 @@ bot.onText(/\/cancel_auth$/, async (msg) => {
   await send("Claude auth flow cancelled. Normal messages will go to the assistant again.");
 });
+bot.onText(/\/auth_code(?:\s+(.+))?$/, async (msg, match) => {
+  if (!isAuthorized(msg)) return;
+  const code = (match[1] || "").trim();
+  await deleteMessage(msg.message_id);
+  if (!pendingClaudeAuthProcess || pendingClaudeAuthLabel === "manual OAuth token save") {
+    return send("No Claude login flow is waiting for an auth code. Start with /login, or use /use_oauth_token for tokens.");
+  }
+  if (!code || !looksLikeClaudeAuthReply(code)) {
+    return send("That does not look like a Claude auth code/callback. Use /cancel_auth to cancel the login flow.");
+  }
+  try {
+    pendingClaudeAuthProcess.stdin.write(code + "\n");
+    await send("Auth code sent to Claude. I’ll confirm with auth status when Claude finishes.");
+  } catch (e) {
+    clearPendingClaudeAuth();
+    await send(`Could not send auth code to Claude: ${redactSensitive(e.message)}`);
+  }
+});
 bot.onText(/\/login$/, async (msg) => {
   if (!isAuthorized(msg)) return;
   await runClaudeAuthCommand(["auth", "login", "--claudeai", "--email", "sumeet@inet.africa"], "Claude login");
@@ -1985,35 +2005,28 @@ bot.on("message", async (msg) => {
   if (msg.voice || msg.audio || msg.photo || msg.document || msg.video || msg.sticker) return;
   if (isDuplicate(msg.message_id)) return;
-  // Handle pending Claude auth/token paste-back. Only consume code/token-looking replies;
-  // normal chat must still go to Claude instead of being deleted.
-  if (pendingClaudeAuthProcess) {
+  // Handle pending manual OAuth token paste mode. Login codes must be sent explicitly
+  // with /auth_code so normal chat can never be deleted/consumed accidentally.
+  if (pendingClaudeAuthProcess && pendingClaudeAuthLabel === "manual OAuth token save") {
     const text = msg.text.trim();
-    if (pendingClaudeAuthLabel === "manual OAuth token save") {
-      if (looksLikeClaudeToken(text)) {
-        await deleteMessage(msg.message_id);
-        clearPendingClaudeAuth();
-        saveClaudeOAuthToken(text);
-        await send(`Claude OAuth token stored in .env${vault.isUnlocked() ? " and vault" : ""}. Restart the bot so launchd picks it up, or use /restart.`);
-        await sendClaudeAuthStatusSummary("Stored token. Current Claude auth status:");
-        return;
-      }
-      await send("That does not look like a Claude OAuth token, so I did not delete it or store it. Send /cancel_auth to stop token paste mode.");
-      // Fall through and treat the message normally.
-    } else if (looksLikeClaudeAuthReply(text)) {
+    if (looksLikeClaudeToken(text)) {
       await deleteMessage(msg.message_id);
-      try {
-        pendingClaudeAuthProcess.stdin.write(text + "\n");
-        await send("Sent to Claude auth process. I’ll confirm when Claude finishes the auth check.");
-      } catch (e) {
-        clearPendingClaudeAuth();
-        await send(`Could not send to Claude auth process: ${redactSensitive(e.message)}`);
-      }
+      clearPendingClaudeAuth();
+      saveClaudeOAuthToken(text);
+      await send(`Claude OAuth token stored in .env${vault.isUnlocked() ? " and vault" : ""}. Restart the bot so launchd picks it up, or use /restart.`);
+      await sendClaudeAuthStatusSummary("Stored token. Current Claude auth status:");
+      return;
+    }
+    await send("Token paste mode is active, but that does not look like a Claude OAuth token. I left your message visible and will handle it normally. Send /cancel_auth to stop token paste mode.");
+  }
+  if (pendingClaudeAuthProcess && pendingClaudeAuthLabel !== "manual OAuth token save") {
+    const text = msg.text.trim();
+    if (looksLikeClaudeAuthReply(text)) {
+      await send("That looks like a Claude login code/callback. I did not delete it or send it to Claude as a prompt. Please resend it as `/auth_code YOUR_CODE`, or use /cancel_auth to stop the login flow.");
       return;
-    } else {
-      await send("Claude auth is still waiting for a login code/token. I left your message visible and will handle it normally. Send /cancel_auth to cancel the auth flow.");
-      // Fall through and treat the message normally.
     }
+    await send("Claude login is still waiting. I will not delete normal messages. If Claude gave you a code, send it as `/auth_code YOUR_CODE`, or use /cancel_auth.");
   }
   // Handle onboarding

package/bot.js CHANGED Viewed

@@ -1502,7 +1502,7 @@ bot.onText(/\/upgrade$/, async (msg) => {
     await send("Upgrading...");
   }
   try {
-    execSync("npm install -g @inetafrica/open-claudia@latest 2>&1", {
+    execSync(`npm install -g @inetafrica/open-claudia@${latest} 2>&1`, {
       encoding: "utf-8", timeout: 120000,
       cwd: process.env.HOME || require("os").homedir(),
       env: { ...process.env, PATH: FULL_PATH, HOME: process.env.HOME || require("os").homedir() },
@@ -1519,8 +1519,9 @@ bot.onText(/\/upgrade$/, async (msg) => {
     let whatsNew = "";
     try {
       const changelog = fs.readFileSync(path.join(root, "@inetafrica", "open-claudia", "CHANGELOG.md"), "utf-8");
-      const versionHeader = `## v${newPkg.version}`;
-      const start = changelog.indexOf(versionHeader);
+      let versionHeader = `## v${newPkg.version}`;
+      let start = changelog.indexOf(versionHeader);
+      if (start < 0) { versionHeader = `## ${newPkg.version}`; start = changelog.indexOf(versionHeader); }
       if (start >= 0) {
         const afterHeader = changelog.slice(start + versionHeader.length);
         const nextVersion = afterHeader.indexOf("\n## ");
@@ -1748,6 +1749,25 @@ bot.onText(/\/cancel_auth$/, async (msg) => {
   await send("Claude auth flow cancelled. Normal messages will go to the assistant again.");
 });
+bot.onText(/\/auth_code(?:\s+(.+))?$/, async (msg, match) => {
+  if (!isAuthorized(msg)) return;
+  const code = (match[1] || "").trim();
+  await deleteMessage(msg.message_id);
+  if (!pendingClaudeAuthProcess || pendingClaudeAuthLabel === "manual OAuth token save") {
+    return send("No Claude login flow is waiting for an auth code. Start with /login, or use /use_oauth_token for tokens.");
+  }
+  if (!code || !looksLikeClaudeAuthReply(code)) {
+    return send("That does not look like a Claude auth code/callback. Use /cancel_auth to cancel the login flow.");
+  }
+  try {
+    pendingClaudeAuthProcess.stdin.write(code + "\n");
+    await send("Auth code sent to Claude. I’ll confirm with auth status when Claude finishes.");
+  } catch (e) {
+    clearPendingClaudeAuth();
+    await send(`Could not send auth code to Claude: ${redactSensitive(e.message)}`);
+  }
+});
 bot.onText(/\/login$/, async (msg) => {
   if (!isAuthorized(msg)) return;
   await runClaudeAuthCommand(["auth", "login", "--claudeai", "--email", "sumeet@inet.africa"], "Claude login");
@@ -2024,35 +2044,28 @@ bot.on("message", async (msg) => {
   if (msg.voice || msg.audio || msg.photo || msg.document || msg.video || msg.sticker) return;
   if (isDuplicate(msg.message_id)) return;
-  // Handle pending Claude auth/token paste-back. Only consume code/token-looking replies;
-  // normal chat must still go to Claude instead of being deleted.
-  if (pendingClaudeAuthProcess) {
+  // Handle pending manual OAuth token paste mode. Login codes must be sent explicitly
+  // with /auth_code so normal chat can never be deleted/consumed accidentally.
+  if (pendingClaudeAuthProcess && pendingClaudeAuthLabel === "manual OAuth token save") {
     const text = msg.text.trim();
-    if (pendingClaudeAuthLabel === "manual OAuth token save") {
-      if (looksLikeClaudeToken(text)) {
-        await deleteMessage(msg.message_id);
-        clearPendingClaudeAuth();
-        saveClaudeOAuthToken(text);
-        await send(`Claude OAuth token stored in .env${vault.isUnlocked() ? " and vault" : ""}. Restart the bot so launchd picks it up, or use /restart.`);
-        await sendClaudeAuthStatusSummary("Stored token. Current Claude auth status:");
-        return;
-      }
-      await send("That does not look like a Claude OAuth token, so I did not delete it or store it. Send /cancel_auth to stop token paste mode.");
-      // Fall through and treat the message normally.
-    } else if (looksLikeClaudeAuthReply(text)) {
+    if (looksLikeClaudeToken(text)) {
       await deleteMessage(msg.message_id);
-      try {
-        pendingClaudeAuthProcess.stdin.write(text + "\n");
-        await send("Sent to Claude auth process. I’ll confirm when Claude finishes the auth check.");
-      } catch (e) {
-        clearPendingClaudeAuth();
-        await send(`Could not send to Claude auth process: ${redactSensitive(e.message)}`);
-      }
+      clearPendingClaudeAuth();
+      saveClaudeOAuthToken(text);
+      await send(`Claude OAuth token stored in .env${vault.isUnlocked() ? " and vault" : ""}. Restart the bot so launchd picks it up, or use /restart.`);
+      await sendClaudeAuthStatusSummary("Stored token. Current Claude auth status:");
+      return;
+    }
+    await send("Token paste mode is active, but that does not look like a Claude OAuth token. I left your message visible and will handle it normally. Send /cancel_auth to stop token paste mode.");
+  }
+  if (pendingClaudeAuthProcess && pendingClaudeAuthLabel !== "manual OAuth token save") {
+    const text = msg.text.trim();
+    if (looksLikeClaudeAuthReply(text)) {
+      await send("That looks like a Claude login code/callback. I did not delete it or send it to Claude as a prompt. Please resend it as `/auth_code YOUR_CODE`, or use /cancel_auth to stop the login flow.");
       return;
-    } else {
-      await send("Claude auth is still waiting for a login code/token. I left your message visible and will handle it normally. Send /cancel_auth to cancel the auth flow.");
-      // Fall through and treat the message normally.
     }
+    await send("Claude login is still waiting. I will not delete normal messages. If Claude gave you a code, send it as `/auth_code YOUR_CODE`, or use /cancel_auth.");
   }
   // Handle onboarding

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@inetafrica/open-claudia",
-  "version": "1.14.3",
+  "version": "1.14.5",
   "description": "Your always-on AI coding assistant — Claude Code via Telegram",
   "main": "bot.js",
   "bin": {