@leviyuan/lodestar 0.1.0 → 2.0.14

package/src/feishu.ts

@@ -1,365 +0,0 @@
-/**
- * Feishu (Lark) primitives: Lark client, tenant token cache, chat
- * directory, sendText/sendCard, reactions, attachment download, project
- * provisioning, and Anthropic-auth check.
- *
- * Higher layers (cardkit / session / daemon) build on this.
- */
-
-import * as lark from '@larksuiteoapi/node-sdk'
-import { execSync } from 'node:child_process'
-import { mkdirSync, readFileSync, realpathSync, statSync, writeFileSync } from 'node:fs'
-import { homedir } from 'node:os'
-import { basename, extname, join } from 'node:path'
-import { config } from './config'
-import { DATA_DIR, INBOX_DIR, SESSION_CHAT_MAP_FILE } from './paths'
-import { log } from './log'
-
-const APP_ID = config.feishu.app_id
-const APP_SECRET = config.feishu.app_secret
-export const PROJECTS_ROOT = config.runtime.projects_root
-
-export const client = new lark.Client({
-  appId: APP_ID, appSecret: APP_SECRET, disableTokenCache: false,
-})
-
-// ── Tenant token (cached, used by raw fetch wrappers) ──────────────────
-let cachedToken = ''
-let tokenExpiry = 0
-export async function getTenantToken(): Promise<string> {
-  if (cachedToken && Date.now() < tokenExpiry) return cachedToken
-  const res = await fetch('https://open.feishu.cn/open-apis/auth/v3/tenant_access_token/internal', {
-    method: 'POST', headers: { 'Content-Type': 'application/json' },
-    body: JSON.stringify({ app_id: APP_ID, app_secret: APP_SECRET }),
-  })
-  const data = await res.json() as { tenant_access_token?: string; expire?: number }
-  if (!data.tenant_access_token) throw new Error('feishu: failed to obtain tenant token')
-  cachedToken = data.tenant_access_token
-  tokenExpiry = Date.now() + ((data.expire ?? 7200) - 60) * 1000
-  return cachedToken
-}
-
-// ── Chat directory ─────────────────────────────────────────────────────
-export const chatNameCache = new Map<string, string>()
-export const preferredChatForSession = new Map<string, string>()
-
-export function loadSessionChatMap(): void {
-  try {
-    const obj = JSON.parse(readFileSync(SESSION_CHAT_MAP_FILE, 'utf8'))
-    for (const [name, id] of Object.entries(obj)) {
-      if (typeof id === 'string') preferredChatForSession.set(name, id)
-    }
-    log(`feishu: loaded ${preferredChatForSession.size} session→chat bindings`)
-  } catch {}
-}
-
-function saveSessionChatMap(): void {
-  try {
-    const obj: Record<string, string> = {}
-    for (const [k, v] of preferredChatForSession) obj[k] = v
-    mkdirSync(DATA_DIR, { recursive: true })
-    writeFileSync(SESSION_CHAT_MAP_FILE, JSON.stringify(obj, null, 2))
-  } catch (e) { log(`feishu: save session-chat-map failed: ${e}`) }
-}
-
-export function bindSessionToChat(sessionName: string, chatId: string): void {
-  if (preferredChatForSession.get(sessionName) === chatId) return
-  const prev = preferredChatForSession.get(sessionName)
-  preferredChatForSession.set(sessionName, chatId)
-  saveSessionChatMap()
-  log(`feishu: bound session "${sessionName}" → ${chatId}${prev ? ` (was ${prev})` : ''}`)
-}
-
-export function chatIdForSession(sessionName: string): string | null {
-  const preferred = preferredChatForSession.get(sessionName)
-  if (preferred && chatNameCache.get(preferred) === sessionName) return preferred
-  const matches: string[] = []
-  for (const [id, name] of chatNameCache) if (name === sessionName) matches.push(id)
-  if (matches.length === 1) return matches[0]
-  if (matches.length > 1) {
-    log(`feishu: chatIdForSession("${sessionName}"): ${matches.length} candidates with no binding — [${matches.join(', ')}]`)
-  }
-  return null
-}
-
-export async function refreshChatList(): Promise<void> {
-  try {
-    let pageToken: string | undefined
-    do {
-      const res = await client.im.chat.list({
-        params: { page_size: 100, ...(pageToken ? { page_token: pageToken } : {}) },
-      })
-      for (const chat of res.data?.items ?? []) {
-        if (chat.chat_id && chat.name) chatNameCache.set(chat.chat_id, chat.name)
-      }
-      pageToken = res.data?.page_token
-    } while (pageToken)
-    log(`feishu: refreshed chat list — ${chatNameCache.size} groups`)
-  } catch (e) { log(`feishu: refresh chat list failed: ${e}`) }
-}
-
-// ── Outbound: text + card ──────────────────────────────────────────────
-export async function sendText(chatId: string, text: string): Promise<string | null> {
-  try {
-    const res: any = await client.im.message.create({
-      params: { receive_id_type: 'chat_id' },
-      data: { receive_id: chatId, msg_type: 'text', content: JSON.stringify({ text }) },
-    })
-    if (res?.code && res.code !== 0) {
-      log(`feishu: sendText rejected chat=${chatId} code=${res.code} msg=${res.msg}`)
-      return null
-    }
-    return res?.data?.message_id ?? null
-  } catch (e) { log(`feishu: sendText failed chat=${chatId}: ${e}`); return null }
-}
-
-export async function sendCard(chatId: string, card: object): Promise<string | null> {
-  try {
-    const res: any = await client.im.message.create({
-      params: { receive_id_type: 'chat_id' },
-      data: { receive_id: chatId, msg_type: 'interactive', content: JSON.stringify(card) },
-    })
-    if (res?.code && res.code !== 0) {
-      log(`feishu: sendCard rejected chat=${chatId} code=${res.code} msg=${res.msg}`)
-      return null
-    }
-    return res?.data?.message_id ?? null
-  } catch (e) { log(`feishu: sendCard failed chat=${chatId}: ${e}`); return null }
-}
-
-// PATCH a regular interactive message (i.e. a card NOT promoted to a
-// cardkit entity). Used for permission cards that flip allow/deny once.
-export async function patchCardMessage(messageId: string, card: object): Promise<void> {
-  try {
-    const token = await getTenantToken()
-    const res = await fetch(`https://open.feishu.cn/open-apis/im/v1/messages/${messageId}`, {
-      method: 'PATCH',
-      headers: { Authorization: `Bearer ${token}`, 'Content-Type': 'application/json' },
-      body: JSON.stringify({ content: JSON.stringify(card) }),
-    })
-    const data = await res.json() as any
-    if (data?.code && data.code !== 0) {
-      log(`feishu: patchCardMessage ${messageId} code=${data.code} msg=${data.msg}`)
-    }
-  } catch (e) { log(`feishu: patchCardMessage ${messageId} failed: ${e}`) }
-}
-
-// ── Reactions ──────────────────────────────────────────────────────────
-export async function addReaction(messageId: string, emojiType: string): Promise<void> {
-  if (!messageId) return
-  try {
-    await client.im.messageReaction.create({
-      path: { message_id: messageId },
-      data: { reaction_type: { emoji_type: emojiType } },
-    })
-  } catch (e) { log(`feishu: addReaction ${emojiType} on ${messageId} failed: ${e}`) }
-}
-
-// ── Attachment download (image/file) ───────────────────────────────────
-export async function downloadAttachment(
-  messageId: string, key: string, type: 'image' | 'file', name?: string,
-): Promise<string | undefined> {
-  try {
-    const token = await getTenantToken()
-    const url = `https://open.feishu.cn/open-apis/im/v1/messages/${messageId}/resources/${key}?type=${type}`
-    const res = await fetch(url, { headers: { Authorization: `Bearer ${token}` } })
-    if (!res.ok) {
-      log(`feishu: download ${type} HTTP ${res.status}: ${(await res.text()).slice(0, 200)}`)
-      return undefined
-    }
-    const buf = Buffer.from(await res.arrayBuffer())
-    mkdirSync(INBOX_DIR, { recursive: true })
-    const safeName = name
-      ? name.replace(/[^a-zA-Z0-9._-]/g, '_')
-      : `${key.replace(/[^a-zA-Z0-9_-]/g, '_')}.png`
-    const path = join(INBOX_DIR, `${Date.now()}-${safeName}`)
-    writeFileSync(path, buf)
-    log(`feishu: downloaded ${type} ${path} (${buf.length}B)`)
-    return path
-  } catch (e) {
-    log(`feishu: download ${type} failed: ${e instanceof Error ? e.message : e}`)
-    return undefined
-  }
-}
-
-// ── Outbound: upload + send file/image ────────────────────────────────
-// Lark caps message images at ~30 MB; files vary by tenant (default 30 MB).
-// We refuse anything above 30 MB up front rather than chasing per-tenant
-// limits and surfacing opaque API errors mid-upload.
-const MAX_UPLOAD_BYTES = 30 * 1024 * 1024
-const IMAGE_EXTS = new Set(['.png', '.jpg', '.jpeg', '.gif', '.bmp', '.webp'])
-
-function looksLikeImage(filePath: string): boolean {
-  return IMAGE_EXTS.has(extname(filePath).toLowerCase())
-}
-
-/** Defense against prompt-injection-driven exfiltration via the
- * [[send: /path]] marker.  The resolved (symlink-followed) real path
- * must sit inside one of the explicitly-trusted roots.  Anything
- * outside — `/etc/*`, `~/.ssh`, `~/.config/lodestar/config.toml`,
- * `~/.claude.json`, the user's home dotfiles — is rejected, even if a
- * symlink in an allowed root points to it.
- *
- * Returns [realPath, ''] on accept, [null, reason] on reject. */
-function gateOutboundPath(rawPath: string, allowedRoots: string[]): [string | null, string] {
-  let real: string
-  try { real = realpathSync(rawPath) }
-  catch (e) { return [null, `realpath failed: ${e instanceof Error ? e.message : e}`] }
-  for (const root of allowedRoots) {
-    if (!root) continue
-    if (real === root) return [real, '']
-    const prefix = root.endsWith('/') ? root : root + '/'
-    if (real.startsWith(prefix)) return [real, '']
-    // Special-case the `/tmp/lodestar-` namespace: caller can pass
-    // the bare prefix without a trailing slash to mean "any tmp file
-    // whose basename starts with lodestar-".
-    if (root.endsWith('-') && real.startsWith(root)) return [real, '']
-  }
-  return [null, `not inside any allowed root (real=${real})`]
-}
-
-async function uploadImageMultipart(filePath: string): Promise<string | null> {
-  const token = await getTenantToken()
-  const file = Bun.file(filePath)
-  const form = new FormData()
-  form.append('image_type', 'message')
-  form.append('image', file, basename(filePath))
-  const res = await fetch('https://open.feishu.cn/open-apis/im/v1/images', {
-    method: 'POST',
-    headers: { Authorization: `Bearer ${token}` },
-    body: form,
-  })
-  const data = await res.json() as any
-  if (data?.code !== 0) {
-    log(`feishu: uploadImage ${filePath} code=${data.code} msg=${data.msg}`)
-    return null
-  }
-  return data.data?.image_key ?? null
-}
-
-async function uploadFileMultipart(filePath: string): Promise<string | null> {
-  const token = await getTenantToken()
-  const file = Bun.file(filePath)
-  const form = new FormData()
-  // 'stream' is the catch-all type and works for arbitrary binaries.
-  form.append('file_type', 'stream')
-  form.append('file_name', basename(filePath))
-  form.append('file', file, basename(filePath))
-  const res = await fetch('https://open.feishu.cn/open-apis/im/v1/files', {
-    method: 'POST',
-    headers: { Authorization: `Bearer ${token}` },
-    body: form,
-  })
-  const data = await res.json() as any
-  if (data?.code !== 0) {
-    log(`feishu: uploadFile ${filePath} code=${data.code} msg=${data.msg}`)
-    return null
-  }
-  return data.data?.file_key ?? null
-}
-
-export async function sendImage(chatId: string, imageKey: string): Promise<string | null> {
-  try {
-    const res: any = await client.im.message.create({
-      params: { receive_id_type: 'chat_id' },
-      data: { receive_id: chatId, msg_type: 'image', content: JSON.stringify({ image_key: imageKey }) },
-    })
-    if (res?.code && res.code !== 0) {
-      log(`feishu: sendImage rejected chat=${chatId} code=${res.code} msg=${res.msg}`)
-      return null
-    }
-    return res?.data?.message_id ?? null
-  } catch (e) { log(`feishu: sendImage failed chat=${chatId}: ${e}`); return null }
-}
-
-export async function sendFile(chatId: string, fileKey: string): Promise<string | null> {
-  try {
-    const res: any = await client.im.message.create({
-      params: { receive_id_type: 'chat_id' },
-      data: { receive_id: chatId, msg_type: 'file', content: JSON.stringify({ file_key: fileKey }) },
-    })
-    if (res?.code && res.code !== 0) {
-      log(`feishu: sendFile rejected chat=${chatId} code=${res.code} msg=${res.msg}`)
-      return null
-    }
-    return res?.data?.message_id ?? null
-  } catch (e) { log(`feishu: sendFile failed chat=${chatId}: ${e}`); return null }
-}
-
-/** Upload a local file and post it as an image or file message in the
- * chat.  Type is inferred from extension.  The path MUST resolve inside
- * one of `allowedRoots` (defense against prompt-injection-driven
- * exfiltration via the `[[send: /path]]` marker — see isPathAllowed).
- * Returns true on success.  All failures (missing file, oversize,
- * outside allowed roots, upload reject, send reject) log and surface
- * an inline error message in the chat so the user knows. */
-export async function uploadAndSend(chatId: string, filePath: string, allowedRoots: string[]): Promise<boolean> {
-  const [realPath, reason] = gateOutboundPath(filePath, allowedRoots)
-  if (!realPath) {
-    log(`feishu: uploadAndSend REJECTED ${filePath}: ${reason}`)
-    await sendText(chatId, `❌ 出站文件被拒绝（路径不在允许范围）: ${filePath}`)
-    return false
-  }
-  try {
-    const stats = statSync(realPath)
-    if (!stats.isFile()) {
-      await sendText(chatId, `❌ 出站文件: 路径不是文件 — ${filePath}`)
-      return false
-    }
-    if (stats.size > MAX_UPLOAD_BYTES) {
-      await sendText(chatId, `❌ 出站文件: ${basename(realPath)} 超过 30 MB (${(stats.size / 1024 / 1024).toFixed(1)} MB)`)
-      return false
-    }
-  } catch (e) {
-    await sendText(chatId, `❌ 出站文件: 无法读取 ${filePath} (${e})`)
-    return false
-  }
-  const isImage = looksLikeImage(realPath)
-  try {
-    if (isImage) {
-      const key = await uploadImageMultipart(realPath)
-      if (!key) { await sendText(chatId, `❌ 出站图片上传失败: ${basename(realPath)}`); return false }
-      const msgId = await sendImage(chatId, key)
-      return msgId != null
-    } else {
-      const key = await uploadFileMultipart(realPath)
-      if (!key) { await sendText(chatId, `❌ 出站文件上传失败: ${basename(realPath)}`); return false }
-      const msgId = await sendFile(chatId, key)
-      return msgId != null
-    }
-  } catch (e) {
-    log(`feishu: uploadAndSend ${filePath} failed: ${e}`)
-    await sendText(chatId, `❌ 出站文件异常: ${basename(realPath)} — ${e}`)
-    return false
-  }
-}
-
-// ── Project provisioning ──────────────────────────────────────────────
-// Bootstrap ~/{name}: create dir, mark as trusted in ~/.claude.json so
-// Claude skips the trust dialog, and `git init` so the project starts as
-// a real repo.
-export function provisionProject(workDir: string): void {
-  mkdirSync(workDir, { recursive: true })
-  log(`feishu: provisioned ${workDir}`)
-  const claudeJsonPath = join(homedir(), '.claude.json')
-  try {
-    let config: any = {}
-    try { config = JSON.parse(readFileSync(claudeJsonPath, 'utf8')) } catch { config = {} }
-    if (!config.projects || typeof config.projects !== 'object') config.projects = {}
-    config.projects[workDir] = { ...(config.projects[workDir] ?? {}), hasTrustDialogAccepted: true }
-    writeFileSync(claudeJsonPath, JSON.stringify(config, null, 2))
-  } catch (e) { log(`feishu: trust write failed for ${workDir}: ${e}`) }
-  try { execSync('git init -q', { cwd: workDir, stdio: 'ignore' }) } catch {}
-}
-
-export function isAnthropicAuthenticated(): boolean {
-  try {
-    const out = execSync(`${join(homedir(), '.local', 'bin', 'claude')} auth status 2>&1`, { timeout: 10_000 }).toString()
-    const status = JSON.parse(out)
-    return status.loggedIn === true && status.apiProvider === 'firstParty'
-  } catch { return false }
-}
-
-export function sanitizeSessionName(raw: string): string {
-  return raw.replace(/[^\w一-鿿\-]/g, '_').slice(0, 64)
-}

package/src/instructions.ts

@@ -1,22 +0,0 @@
-/**
- * The system-prompt fragment Lodestar appends on every claude headless
- * launch. Carry-over of the original "channel instructions" from
- * Lodestar 1.x's MCP server, adapted for the streaming-card model where
- * Claude's own stdout already renders live in the Feishu group, so there
- * is no separate `reply` tool to call.
- */
-export const CHANNEL_INSTRUCTIONS = [
-  'You are running inside Lodestar, a daemon that bridges this session to a Feishu (Lark) group chat.',
-  'Your assistant text is streamed live as a Feishu card in that group; tool calls appear as collapsible panels; thinking is shown but de-emphasized. There is no separate reply tool — your normal conversational output IS the reply.',
-  '',
-  'Conventions for every turn:',
-  '- Open with one short acknowledgement so the user sees you started.',
-  '- Stream your conclusion before the turn ends; never end on a silent tool call. The card is your voice.',
-  '- For long work, drop progress sentences between tool calls so the user is not staring at a loading dot.',
-  '',
-  'Inbound user messages may carry a [file: /abs/path] hint when the user sent an image or attachment in Feishu. Read those files when relevant.',
-  '',
-  'To send a local file or image back to the user in this Feishu group, write the marker `[[send: /abs/path]]` (absolute path) anywhere in your reply, preferably on its own line at the end. The daemon strips every marker from the displayed card and posts the file as a separate Feishu message. Emit the marker only when the user asked for a file or when delivering a generated artifact (screenshot, diagram, exported doc) — not for arbitrary paths.',
-  '',
-  'The group name equals the working directory under $HOME and equals the Lodestar session name. Treat that binding as load-bearing — do not rename or move the directory.',
-].join('\n')

package/src/log.ts

@@ -1,11 +0,0 @@
-import { appendFileSync, mkdirSync } from 'node:fs'
-import { dirname } from 'node:path'
-import { LOG_FILE } from './paths'
-
-try { mkdirSync(dirname(LOG_FILE), { recursive: true }) } catch {}
-
-export function log(msg: string): void {
-  const line = `[${new Date().toISOString()}] ${msg}\n`
-  process.stderr.write(line)
-  try { appendFileSync(LOG_FILE, line) } catch {}
-}

package/src/paths.ts

@@ -1,41 +0,0 @@
-/**
- * Filesystem layout — XDG Base Directory spec, with env-var overrides.
- *
- *   Config:   $LODESTAR_CONFIG_DIR | $XDG_CONFIG_HOME/lodestar | ~/.config/lodestar
- *   Data:     $LODESTAR_DATA_DIR   | $XDG_DATA_HOME/lodestar   | ~/.local/share/lodestar
- *
- *   config.toml             — credentials + preferences (in CONFIG_DIR)
- *   daemon.pid              — single-instance lock          (in DATA_DIR)
- *   daemon.log              — append-only run log           (in DATA_DIR)
- *   session-chat-map.json   — duplicate-name routing        (in DATA_DIR)
- *   inbox/                  — downloaded attachments        (in DATA_DIR)
- */
-
-import { homedir } from 'node:os'
-import { join } from 'node:path'
-
-const HOME = homedir()
-
-function pickDir(envOverride: string | undefined, xdgVar: string | undefined, fallback: string): string {
-  if (envOverride) return envOverride
-  if (xdgVar) return join(xdgVar, 'lodestar')
-  return fallback
-}
-
-export const CONFIG_DIR = pickDir(
-  process.env.LODESTAR_CONFIG_DIR,
-  process.env.XDG_CONFIG_HOME,
-  join(HOME, '.config', 'lodestar'),
-)
-
-export const DATA_DIR = pickDir(
-  process.env.LODESTAR_DATA_DIR,
-  process.env.XDG_DATA_HOME,
-  join(HOME, '.local', 'share', 'lodestar'),
-)
-
-export const CONFIG_FILE = process.env.LODESTAR_CONFIG ?? join(CONFIG_DIR, 'config.toml')
-export const PID_FILE = join(DATA_DIR, 'daemon.pid')
-export const LOG_FILE = join(DATA_DIR, 'daemon.log')
-export const SESSION_CHAT_MAP_FILE = join(DATA_DIR, 'session-chat-map.json')
-export const INBOX_DIR = join(DATA_DIR, 'inbox')