@kodelyth/discord 2026.5.39 → 2026.6.1

package/dist/directory-config-CYbuMmPS.js

@@ -0,0 +1,49 @@
+import { Wt as __exportAll } from "./send.receipt-CDn3GBWC.js";
+import { a as mergeDiscordAccountConfig, c as resolveDiscordAccountAllowFrom, o as resolveDefaultDiscordAccountId } from "./accounts-B7OBFePq.js";
+import { normalizeAccountId } from "klaw/plugin-sdk/account-id";
+import { createResolvedDirectoryEntriesLister } from "klaw/plugin-sdk/directory-config-runtime";
+//#region extensions/discord/src/directory-config.ts
+var directory_config_exports = /* @__PURE__ */ __exportAll({
+	listDiscordDirectoryGroupsFromConfig: () => listDiscordDirectoryGroupsFromConfig,
+	listDiscordDirectoryPeersFromConfig: () => listDiscordDirectoryPeersFromConfig
+});
+function resolveDiscordDirectoryConfigAccount(cfg, accountId) {
+	const resolvedAccountId = normalizeAccountId(accountId ?? resolveDefaultDiscordAccountId(cfg));
+	const config = mergeDiscordAccountConfig(cfg, resolvedAccountId);
+	return {
+		accountId: resolvedAccountId,
+		config,
+		allowFrom: resolveDiscordAccountAllowFrom({
+			cfg,
+			accountId: resolvedAccountId
+		}) ?? [],
+		dm: config.dm
+	};
+}
+const listDiscordDirectoryPeersFromConfig = createResolvedDirectoryEntriesLister({
+	kind: "user",
+	resolveAccount: (cfg, accountId) => resolveDiscordDirectoryConfigAccount(cfg, accountId),
+	resolveSources: (account) => {
+		const guildUsers = Object.values(account.config.guilds ?? {}).flatMap((guild) => (guild.users ?? []).concat(Object.values(guild.channels ?? {}).flatMap((channel) => channel.users ?? [])));
+		return [
+			account.allowFrom,
+			Object.keys(account.config.dms ?? {}),
+			guildUsers
+		];
+	},
+	normalizeId: (raw) => {
+		const cleaned = (raw.match(/^<@!?(\d+)>$/)?.[1] ?? raw).replace(/^(discord|user):/i, "").trim();
+		return /^\d+$/.test(cleaned) ? `user:${cleaned}` : null;
+	}
+});
+const listDiscordDirectoryGroupsFromConfig = createResolvedDirectoryEntriesLister({
+	kind: "group",
+	resolveAccount: (cfg, accountId) => resolveDiscordDirectoryConfigAccount(cfg, accountId),
+	resolveSources: (account) => Object.values(account.config.guilds ?? {}).map((guild) => Object.keys(guild.channels ?? {})),
+	normalizeId: (raw) => {
+		const cleaned = (raw.match(/^<#(\d+)>$/)?.[1] ?? raw).replace(/^(discord|channel|group):/i, "").trim();
+		return /^\d+$/.test(cleaned) ? `channel:${cleaned}` : null;
+	}
+});
+//#endregion
+export { listDiscordDirectoryGroupsFromConfig as n, listDiscordDirectoryPeersFromConfig as r, directory_config_exports as t };

package/dist/directory-contract-api.js

@@ -0,0 +1,2 @@
+import { n as listDiscordDirectoryGroupsFromConfig, r as listDiscordDirectoryPeersFromConfig } from "./directory-config-CYbuMmPS.js";
+export { listDiscordDirectoryGroupsFromConfig, listDiscordDirectoryPeersFromConfig };

package/dist/directory-live-DX4dLRpJ.js

@@ -0,0 +1,159 @@
+import { Wt as __exportAll } from "./send.receipt-CDn3GBWC.js";
+import { p as normalizeDiscordToken, s as resolveDiscordAccount } from "./accounts-B7OBFePq.js";
+import { n as fetchDiscord } from "./api-CXAcv9nZ.js";
+import { a as normalizeDiscordSlug } from "./allow-list-B0s7evD7.js";
+import { normalizeLowercaseStringOrEmpty, normalizeOptionalLowercaseString, normalizeOptionalString, normalizeOptionalStringifiedId } from "klaw/plugin-sdk/string-coerce-runtime";
+import { DEFAULT_ACCOUNT_ID, normalizeAccountId } from "klaw/plugin-sdk/routing";
+//#region extensions/discord/src/directory-cache.ts
+const DISCORD_DIRECTORY_CACHE_MAX_ENTRIES = 4e3;
+const DISCORD_DISCRIMINATOR_SUFFIX = /#\d{4}$/;
+const DIRECTORY_HANDLE_CACHE = /* @__PURE__ */ new Map();
+function normalizeAccountCacheKey(accountId) {
+	return normalizeAccountId(accountId ?? DEFAULT_ACCOUNT_ID) || DEFAULT_ACCOUNT_ID;
+}
+function normalizeSnowflake(value) {
+	const text = normalizeOptionalStringifiedId(value) ?? "";
+	if (!/^\d+$/.test(text)) return null;
+	return text;
+}
+function normalizeHandleKey(raw) {
+	let handle = normalizeOptionalString(raw) ?? "";
+	if (!handle) return null;
+	if (handle.startsWith("@")) handle = normalizeOptionalString(handle.slice(1)) ?? "";
+	if (!handle || /\s/.test(handle)) return null;
+	return normalizeLowercaseStringOrEmpty(handle);
+}
+function ensureAccountCache(accountId) {
+	const cacheKey = normalizeAccountCacheKey(accountId);
+	const existing = DIRECTORY_HANDLE_CACHE.get(cacheKey);
+	if (existing) return existing;
+	const created = /* @__PURE__ */ new Map();
+	DIRECTORY_HANDLE_CACHE.set(cacheKey, created);
+	return created;
+}
+function setCacheEntry(cache, key, userId) {
+	if (cache.has(key)) cache.delete(key);
+	cache.set(key, userId);
+	if (cache.size <= DISCORD_DIRECTORY_CACHE_MAX_ENTRIES) return;
+	const oldest = cache.keys().next();
+	if (!oldest.done) cache.delete(oldest.value);
+}
+function rememberDiscordDirectoryUser(params) {
+	const userId = normalizeSnowflake(params.userId);
+	if (!userId) return;
+	const cache = ensureAccountCache(params.accountId);
+	for (const candidate of params.handles) {
+		if (typeof candidate !== "string") continue;
+		const handle = normalizeHandleKey(candidate);
+		if (!handle) continue;
+		setCacheEntry(cache, handle, userId);
+		const withoutDiscriminator = handle.replace(DISCORD_DISCRIMINATOR_SUFFIX, "");
+		if (withoutDiscriminator && withoutDiscriminator !== handle) setCacheEntry(cache, withoutDiscriminator, userId);
+	}
+}
+function resolveDiscordDirectoryUserId(params) {
+	const cache = DIRECTORY_HANDLE_CACHE.get(normalizeAccountCacheKey(params.accountId));
+	if (!cache) return;
+	const handle = normalizeHandleKey(params.handle);
+	if (!handle) return;
+	const direct = cache.get(handle);
+	if (direct) return direct;
+	const withoutDiscriminator = handle.replace(DISCORD_DISCRIMINATOR_SUFFIX, "");
+	if (!withoutDiscriminator || withoutDiscriminator === handle) return;
+	return cache.get(withoutDiscriminator);
+}
+//#endregion
+//#region extensions/discord/src/directory-live.ts
+var directory_live_exports = /* @__PURE__ */ __exportAll({
+	listDiscordDirectoryGroupsLive: () => listDiscordDirectoryGroupsLive,
+	listDiscordDirectoryPeersLive: () => listDiscordDirectoryPeersLive
+});
+function normalizeQuery(value) {
+	return normalizeOptionalLowercaseString(value) ?? "";
+}
+function buildUserRank(user) {
+	return user.bot ? 0 : 1;
+}
+function resolveDiscordDirectoryAccess(params) {
+	const account = resolveDiscordAccount({
+		cfg: params.cfg,
+		accountId: params.accountId
+	});
+	const token = normalizeDiscordToken(account.token, "channels.discord.token");
+	if (!token) return null;
+	return {
+		token,
+		query: normalizeQuery(params.query),
+		accountId: account.accountId
+	};
+}
+async function listDiscordGuilds(token) {
+	return (await fetchDiscord("/users/@me/guilds", token)).filter((guild) => guild.id && guild.name);
+}
+async function listDiscordDirectoryGroupsLive(params) {
+	const access = resolveDiscordDirectoryAccess(params);
+	if (!access) return [];
+	const { token, query } = access;
+	const guilds = await listDiscordGuilds(token);
+	const rows = [];
+	for (const guild of guilds) {
+		const channels = await fetchDiscord(`/guilds/${guild.id}/channels`, token);
+		for (const channel of channels) {
+			const name = channel.name?.trim();
+			if (!name) continue;
+			if (query && !normalizeDiscordSlug(name).includes(normalizeDiscordSlug(query))) continue;
+			rows.push({
+				kind: "group",
+				id: `channel:${channel.id}`,
+				name,
+				handle: `#${name}`,
+				raw: channel
+			});
+			if (typeof params.limit === "number" && params.limit > 0 && rows.length >= params.limit) return rows;
+		}
+	}
+	return rows;
+}
+async function listDiscordDirectoryPeersLive(params) {
+	const access = resolveDiscordDirectoryAccess(params);
+	if (!access) return [];
+	const { token, query, accountId } = access;
+	if (!query) return [];
+	const guilds = await listDiscordGuilds(token);
+	const rows = [];
+	const limit = typeof params.limit === "number" && params.limit > 0 ? params.limit : 25;
+	for (const guild of guilds) {
+		const paramsObj = new URLSearchParams({
+			query,
+			limit: String(Math.min(limit, 100))
+		});
+		const members = await fetchDiscord(`/guilds/${guild.id}/members/search?${paramsObj.toString()}`, token);
+		for (const member of members) {
+			const user = member.user;
+			if (!user?.id) continue;
+			rememberDiscordDirectoryUser({
+				accountId,
+				userId: user.id,
+				handles: [
+					user.username,
+					user.global_name,
+					member.nick,
+					user.username ? `@${user.username}` : null
+				]
+			});
+			const name = member.nick?.trim() || user.global_name?.trim() || user.username?.trim();
+			rows.push({
+				kind: "user",
+				id: `user:${user.id}`,
+				name: name || void 0,
+				handle: user.username ? `@${user.username}` : void 0,
+				rank: buildUserRank(user),
+				raw: member
+			});
+			if (rows.length >= limit) return rows;
+		}
+	}
+	return rows;
+}
+//#endregion
+export { resolveDiscordDirectoryUserId as a, rememberDiscordDirectoryUser as i, listDiscordDirectoryGroupsLive as n, listDiscordDirectoryPeersLive as r, directory_live_exports as t };

package/dist/doctor-bbKSvGVD.js

@@ -0,0 +1,244 @@
+import { o as resolveDefaultDiscordAccountId } from "./accounts-B7OBFePq.js";
+import { t as inspectDiscordAccount } from "./account-inspect-Dqw-enky.js";
+import { r as DISCORD_LEGACY_CONFIG_RULES } from "./shared-AIlvuZXt.js";
+import { n as normalizeCompatibilityConfig } from "./doctor-contract-Btjt6NJD.js";
+import { t as isDiscordMutableAllowEntry } from "./security-doctor-DepqtNCI.js";
+import { normalizeOptionalString } from "klaw/plugin-sdk/string-coerce-runtime";
+import { collectProviderDangerousNameMatchingScopes } from "klaw/plugin-sdk/runtime-doctor";
+//#region extensions/discord/src/doctor.ts
+function asObjectRecord$1(value) {
+	return value && typeof value === "object" && !Array.isArray(value) ? value : null;
+}
+function sanitizeForLog(value) {
+	return value.replace(/\p{Cc}+/gu, " ").trim();
+}
+function collectDiscordAccountScopes(cfg) {
+	const scopes = [];
+	const discord = asObjectRecord$1(cfg.channels?.discord);
+	if (!discord) return scopes;
+	scopes.push({
+		prefix: "channels.discord",
+		account: discord
+	});
+	const accounts = asObjectRecord$1(discord.accounts);
+	if (!accounts) return scopes;
+	for (const key of Object.keys(accounts)) {
+		const account = asObjectRecord$1(accounts[key]);
+		if (account) scopes.push({
+			prefix: `channels.discord.accounts.${key}`,
+			account
+		});
+	}
+	return scopes;
+}
+function collectDiscordIdLists(prefix, account) {
+	const refs = [{
+		pathLabel: `${prefix}.allowFrom`,
+		holder: account,
+		key: "allowFrom"
+	}];
+	const dm = asObjectRecord$1(account.dm);
+	if (dm) {
+		refs.push({
+			pathLabel: `${prefix}.dm.allowFrom`,
+			holder: dm,
+			key: "allowFrom"
+		});
+		refs.push({
+			pathLabel: `${prefix}.dm.groupChannels`,
+			holder: dm,
+			key: "groupChannels"
+		});
+	}
+	const execApprovals = asObjectRecord$1(account.execApprovals);
+	if (execApprovals) refs.push({
+		pathLabel: `${prefix}.execApprovals.approvers`,
+		holder: execApprovals,
+		key: "approvers"
+	});
+	const guilds = asObjectRecord$1(account.guilds);
+	if (!guilds) return refs;
+	for (const guildId of Object.keys(guilds)) {
+		const guild = asObjectRecord$1(guilds[guildId]);
+		if (!guild) continue;
+		refs.push({
+			pathLabel: `${prefix}.guilds.${guildId}.users`,
+			holder: guild,
+			key: "users"
+		});
+		refs.push({
+			pathLabel: `${prefix}.guilds.${guildId}.roles`,
+			holder: guild,
+			key: "roles"
+		});
+		const channels = asObjectRecord$1(guild.channels);
+		if (!channels) continue;
+		for (const channelId of Object.keys(channels)) {
+			const channel = asObjectRecord$1(channels[channelId]);
+			if (!channel) continue;
+			refs.push({
+				pathLabel: `${prefix}.guilds.${guildId}.channels.${channelId}.users`,
+				holder: channel,
+				key: "users"
+			});
+			refs.push({
+				pathLabel: `${prefix}.guilds.${guildId}.channels.${channelId}.roles`,
+				holder: channel,
+				key: "roles"
+			});
+		}
+	}
+	return refs;
+}
+function scanDiscordNumericIdEntries(cfg) {
+	const hits = [];
+	const scanList = (pathLabel, list) => {
+		if (!Array.isArray(list)) return;
+		for (const [index, entry] of list.entries()) {
+			if (typeof entry !== "number") continue;
+			hits.push({
+				path: `${pathLabel}[${index}]`,
+				entry,
+				safe: Number.isSafeInteger(entry) && entry >= 0
+			});
+		}
+	};
+	for (const scope of collectDiscordAccountScopes(cfg)) for (const ref of collectDiscordIdLists(scope.prefix, scope.account)) scanList(ref.pathLabel, ref.holder[ref.key]);
+	return hits;
+}
+function collectDiscordNumericIdWarnings(params) {
+	if (params.hits.length === 0) return [];
+	const hitsByListPath = /* @__PURE__ */ new Map();
+	for (const hit of params.hits) {
+		const listPath = hit.path.replace(/\[\d+\]$/, "");
+		const existing = hitsByListPath.get(listPath);
+		if (existing) existing.push(hit);
+		else hitsByListPath.set(listPath, [hit]);
+	}
+	const repairableHits = [];
+	const blockedHits = [];
+	for (const hits of hitsByListPath.values()) if (hits.some((hit) => !hit.safe)) blockedHits.push(...hits);
+	else repairableHits.push(...hits);
+	const lines = [];
+	if (repairableHits.length > 0) {
+		const sample = repairableHits[0];
+		lines.push(`- Discord allowlists contain ${repairableHits.length} numeric ${repairableHits.length === 1 ? "entry" : "entries"} (e.g. ${sanitizeForLog(sample.path)}=${sanitizeForLog(String(sample.entry))}).`, `- Discord IDs must be strings; run "${params.doctorFixCommand}" to convert numeric IDs to quoted strings.`);
+	}
+	if (blockedHits.length > 0) {
+		const sample = blockedHits[0];
+		lines.push(`- Discord allowlists contain ${blockedHits.length} numeric ${blockedHits.length === 1 ? "entry" : "entries"} in lists that cannot be auto-repaired (e.g. ${sanitizeForLog(sample.path)}).`, `- These lists include invalid or precision-losing numeric IDs; manually quote the original values in your config file, then rerun "${params.doctorFixCommand}".`);
+	}
+	return lines;
+}
+function maybeRepairDiscordNumericIds(cfg, doctorFixCommand) {
+	const hits = scanDiscordNumericIdEntries(cfg);
+	if (hits.length === 0) return {
+		config: cfg,
+		changes: []
+	};
+	const next = structuredClone(cfg);
+	const changes = [];
+	const repairList = (pathLabel, holder, key) => {
+		const raw = holder[key];
+		if (!Array.isArray(raw)) return;
+		if (raw.some((entry) => typeof entry === "number" && (!Number.isSafeInteger(entry) || entry < 0))) return;
+		let converted = 0;
+		holder[key] = raw.map((entry) => {
+			if (typeof entry === "number") {
+				converted += 1;
+				return String(entry);
+			}
+			return entry;
+		});
+		if (converted > 0) changes.push(`- ${sanitizeForLog(pathLabel)}: converted ${converted} numeric ${converted === 1 ? "ID" : "IDs"} to strings`);
+	};
+	for (const scope of collectDiscordAccountScopes(next)) for (const ref of collectDiscordIdLists(scope.prefix, scope.account)) repairList(ref.pathLabel, ref.holder, ref.key);
+	if (changes.length === 0) return {
+		config: cfg,
+		changes: [],
+		warnings: collectDiscordNumericIdWarnings({
+			hits,
+			doctorFixCommand
+		})
+	};
+	return {
+		config: next,
+		changes,
+		warnings: collectDiscordNumericIdWarnings({
+			hits: hits.filter((hit) => !hit.safe),
+			doctorFixCommand
+		})
+	};
+}
+function collectDiscordMissingEnvTokenWarnings(params) {
+	if (resolveDefaultDiscordAccountId(params.cfg) !== "default") return [];
+	const account = inspectDiscordAccount({
+		cfg: params.cfg,
+		accountId: "default",
+		envToken: params.env?.DISCORD_BOT_TOKEN ?? ""
+	});
+	if (!account.enabled || account.tokenStatus !== "missing" || account.tokenSource !== "none") return [];
+	return ["- channels.discord: default account has no available bot token, and DISCORD_BOT_TOKEN is absent in this doctor environment. After migration, verify DISCORD_BOT_TOKEN is present in the state-dir .env or configure channels.discord.token / channels.discord.accounts.default.token as a SecretRef."];
+}
+function collectDiscordMutableAllowlistWarnings(cfg) {
+	const hits = [];
+	const addHits = (pathLabel, list) => {
+		if (!Array.isArray(list)) return;
+		for (const entry of list) {
+			const text = normalizeOptionalString(String(entry)) ?? "";
+			if (!text || text === "*" || !isDiscordMutableAllowEntry(text)) continue;
+			hits.push({
+				path: pathLabel,
+				entry: text
+			});
+		}
+	};
+	for (const scope of collectProviderDangerousNameMatchingScopes(cfg, "discord")) {
+		if (scope.dangerousNameMatchingEnabled) continue;
+		addHits(`${scope.prefix}.allowFrom`, scope.account.allowFrom);
+		const dm = asObjectRecord$1(scope.account.dm);
+		if (dm) addHits(`${scope.prefix}.dm.allowFrom`, dm.allowFrom);
+		const guilds = asObjectRecord$1(scope.account.guilds);
+		if (!guilds) continue;
+		for (const [guildId, guildRaw] of Object.entries(guilds)) {
+			const guild = asObjectRecord$1(guildRaw);
+			if (!guild) continue;
+			addHits(`${scope.prefix}.guilds.${guildId}.users`, guild.users);
+			const channels = asObjectRecord$1(guild.channels);
+			if (!channels) continue;
+			for (const [channelId, channelRaw] of Object.entries(channels)) {
+				const channel = asObjectRecord$1(channelRaw);
+				if (channel) addHits(`${scope.prefix}.guilds.${guildId}.channels.${channelId}.users`, channel.users);
+			}
+		}
+	}
+	if (hits.length === 0) return [];
+	const exampleLines = hits.slice(0, 8).map((hit) => `- ${sanitizeForLog(hit.path)}: ${sanitizeForLog(hit.entry)}`);
+	const remaining = hits.length > 8 ? `- +${hits.length - 8} more mutable allowlist entries.` : null;
+	return [
+		`- Found ${hits.length} mutable allowlist ${hits.length === 1 ? "entry" : "entries"} across discord while name matching is disabled by default.`,
+		...exampleLines,
+		...remaining ? [remaining] : [],
+		`- Option A (break-glass): enable channels.discord.dangerousNameMatching=true for the affected scope.`,
+		`- Option B (recommended): resolve names to stable Discord IDs and rewrite the allowlist entries.`
+	];
+}
+const discordDoctor = {
+	dmAllowFromMode: "topOnly",
+	groupModel: "route",
+	groupAllowFromFallbackToAllowFrom: false,
+	warnOnEmptyGroupSenderAllowlist: false,
+	legacyConfigRules: DISCORD_LEGACY_CONFIG_RULES,
+	normalizeCompatibilityConfig,
+	collectPreviewWarnings: ({ cfg, doctorFixCommand, env }) => [...collectDiscordMissingEnvTokenWarnings({
+		cfg,
+		env
+	}), ...collectDiscordNumericIdWarnings({
+		hits: scanDiscordNumericIdEntries(cfg),
+		doctorFixCommand
+	})],
+	collectMutableAllowlistWarnings: ({ cfg }) => collectDiscordMutableAllowlistWarnings(cfg),
+	repairConfig: ({ cfg, doctorFixCommand }) => maybeRepairDiscordNumericIds(cfg, doctorFixCommand)
+};
+//#endregion
+export { collectDiscordMissingEnvTokenWarnings, collectDiscordNumericIdWarnings, discordDoctor, maybeRepairDiscordNumericIds, scanDiscordNumericIdEntries };