@link-assistant/hive-mind 1.74.5 → 1.74.7

package/CHANGELOG.md

@@ -1,5 +1,19 @@
 # @link-assistant/hive-mind
 
+## 1.74.7
+
+### Patch Changes
+
+- 8ea7110: Document the issue #1858 case study and add an experimental private Telegram
+  `/auth` command for allowlisted chat owners to check or start GitHub, Claude,
+  and Codex auth flows.
+
+## 1.74.6
+
+### Patch Changes
+
+- e07b243: Split oversized Telegram text messages in the safe reply/edit helper so localized `/help` output cannot exceed Telegram's 4096-character limit.
+
 ## 1.74.5
 
 ### Patch Changes

package/README.hi.md

@@ -29,14 +29,19 @@ Hive Mind एक **सामान्यवादी AI** (मिनी-AGI) ह
 | **पूर्व-स्थापित टूलचेन**           | 25GB+ तैयार: 10 भाषा रनटाइम, 2 थ्योरम प्रूवर, बिल्ड टूल्स। और इंस्टॉल कर सकते हैं।                                                                                                  |
 | **टोकन दक्षता**                    | नियमित कार्य कोड में स्वचालित, ताकि AI टोकन रचनात्मक समस्या-समाधान पर केंद्रित रहें।                                                                                                |
 | **समय की स्वतंत्रता**              | जो काम मनुष्यों को 2-8 घंटे लगता है, AI प्रत्येक कार्य सत्र में 10-25 मिनट में पूरा करता है। रिपॉजिटरी में कार्यों का बड़े पैमाने पर निष्पादन संभव है। "सोते समय कोड लिखा जाता है।" |
-| **ऑर्केस्ट्रेशन के साथ स्केल**     | समानांतर वर्कर डेवलपर्स की एक टीम की तरह महसूस होते हैं, सभी ~$200/माह में।                                                                                                         |
+| **ऑर्केस्ट्रेशन के साथ स्केल**     | समानांतर वर्कर डेवलपर्स की एक टीम की तरह महसूस होते हैं। Claude MAX और ChatGPT Pro (प्रत्येक $200) को जोड़कर दो स्वतंत्र लगभग असीमित बजट मिलते हैं।                                 |
 | **मानव नियंत्रण**                  | AI ड्राफ्ट PR बनाता है - आप तय करते हैं क्या मर्ज होगा। जहाँ मायने रखता है वहाँ गुणवत्ता द्वार।                                                                                     |
 | **किसी भी डिवाइस से प्रोग्रामिंग** | Telegram बॉट के माध्यम से `/solve` और `/hive` से किसी भी डिवाइस से AI प्रबंधित करें। कोई PC, IDE या लैपटॉप की आवश्यकता नहीं।                                                        |
 | **100% ओपन सोर्स**                 | Unlicense (पब्लिक डोमेन)। पूर्ण पारदर्शिता, कोई वेंडर लॉक-इन नहीं।                                                                                                                  |
 
-> _"$200 के Codex की तुलना में, यह समाधान शानदार है।"_ - उपयोगकर्ता प्रतिक्रिया
+**लागत**: Hive Mind दो $200/माह सदस्यताओं को पूर्ण-फीचर वाले लगभग "unlimited" विकल्पों के रूप में समर्थन देता है:
 
-**लागत**: Claude MAX सदस्यता (~$200/माह, वर्तमान में 50% छूट = $400 मूल्य) Hive Mind के लिए लगभग असीमित उपयोग प्रदान करती है - बाजार में सबसे अच्छा मूल्य/गुणवत्ता संतुलन।
+| सदस्यता                                                          | `--tool` के साथ     | डिफ़ॉल्ट मॉडल | किसके लिए बेहतर है                                |
+| ---------------------------------------------------------------- | ------------------- | ------------- | ------------------------------------------------- |
+| **Anthropic Claude MAX** (~$200/माह, अक्सर 50% छूट = $400 मूल्य) | `claude` (डिफ़ॉल्ट) | Sonnet/Haiku  | उच्चतम रचनात्मकता, मजबूत सामान्य कोड रीजनिंग      |
+| **OpenAI ChatGPT Pro** ($200/माह, Codex शामिल)                   | `codex`             | `gpt-5.5`     | भरोसेमंद deterministic refactors और तेज iteration |
+
+दोनों टूल एक ही hive में साथ उपयोग किए जा सकते हैं। Worker अलग-अलग टूल समानांतर चला सकते हैं, और `/codex` या `/solve --tool codex` कार्यों को ChatGPT Pro पर भेजता है जबकि डिफ़ॉल्ट Claude MAX पर जाता है। किसी एक को चुनना आवश्यक नहीं है: किसी भी एक सदस्यता से संचालन संभव है, और दोनों का उपयोग per-tool/model concurrency mode (#1474) खोलता है।
 
 Hive Mind में औसत प्रोग्रामर से अलग न पहचानी जा सकने वाली उच्च रचनात्मकता है। यदि आवश्यकताएँ अस्पष्ट हों तो यह प्रश्न पूछता है, और आप PR टिप्पणियों के माध्यम से चलते-चलते स्पष्ट कर सकते हैं।
 
@@ -48,7 +53,7 @@ Hive Mind में औसत प्रोग्रामर से अलग
 
 इंस्टॉलेशन के लिए Docker का उपयोग करना अनुशंसित है (स्थानीय और सर्वर दोनों पर)। नीचे [Docker इंस्टॉलेशन](#using-docker) अनुभाग देखें।
 
-यह सॉफ़्टवेयर Claude Code के पूर्ण स्वायत्त मोड का उपयोग करता है, जिसका अर्थ है कि यह जो भी उचित समझे वह कमांड निष्पादित करने के लिए स्वतंत्र है।
+यह सॉफ़्टवेयर Claude Code और Codex जैसे समर्थित AI टूल को पूर्ण स्वायत्त मोड में चलाता है, जिसका अर्थ है कि वे जो भी उचित समझें वे कमांड निष्पादित करने के लिए स्वतंत्र हैं।
 
 इसका मतलब है कि इससे अप्रत्याशित दुष्प्रभाव हो सकते हैं।
 
@@ -60,7 +65,7 @@ Hive Mind में औसत प्रोग्रामर से अलग
 
 इंटरनेट से जुड़ी वर्चुअल मशीन से टोकन निकालने के असंख्य तरीके हैं। इसमें शामिल हैं लेकिन इन तक सीमित नहीं:
 
-- **Claude MAX टोकन** - AI संचालन के लिए आवश्यक
+- **Claude MAX टोकन** और/या **ChatGPT Pro (Codex) टोकन** - AI संचालन के लिए आवश्यक; आप इनमें से किसी एक या दोनों के साथ चला सकते हैं
 - **GitHub टोकन** - रिपॉजिटरी एक्सेस के लिए आवश्यक
 - **API keys और क्रेडेंशियल** - सिस्टम पर कोई भी संवेदनशील डेटा
 
@@ -161,7 +166,7 @@ docker exec -it hive-mind /bin/bash
 # Inside the container, authenticate with GitHub
 gh-setup-git-identity
 
-# Authenticate with Claude
+# Authenticate with Claude (if you have Claude MAX)
 claude
 
 # Optionally set configuration like this:
@@ -174,6 +179,14 @@ claude
 # Optionally test Claude connection
 claude -p hi --model haiku
 
+# Authenticate with Codex (if you have ChatGPT Pro)
+codex login --device-auth
+
+# Optionally test Codex connection. codex exec refuses to run unless
+# either cwd is a git repo it trusts or --skip-git-repo-check is passed.
+# It prints the refusal to STDOUT but still exits 0, so do not skip the flag.
+codex exec --skip-git-repo-check --model gpt-5.4-mini "reply with only OK"
+
 # You might need to update hive-mind and agent to latest versions:
 bun install -g @link-assistant/hive-mind
 bun install -g @link-assistant/agent
@@ -546,6 +559,7 @@ Shows:
 - ✅ **Screen सत्र**: कमांड डिटैच्ड screen सत्रों में चलते हैं
 - ✅ **Live Terminal Watch**: `/terminal_watch` और opt-in auto-start live session logs दिखाते हैं
 - ✅ **चैट प्रतिबंध**: अनुमत चैट ID की वैकल्पिक सफेद सूची
+- ✅ **Private Auth Check**: allowlisted chat owners के लिए experimental `/auth --status <gh|claude|codex>` और `/auth --login <gh|claude|codex>`
 - ✅ **डायग्नोस्टिक टूल**: चैट ID और कॉन्फ़िगरेशन जानकारी प्राप्त करें
 
 #### Live Terminal Watch
@@ -564,6 +578,8 @@ sessions के लिए अपने आप एक अलग live terminal wat
 
 - केवल उन ग्रुप चैट में काम करता है जहाँ बॉट एडमिन है
 - `TELEGRAM_ALLOWED_CHATS` के माध्यम से वैकल्पिक चैट ID प्रतिबंध
+- private `/auth` तब disabled रहता है जब `TELEGRAM_ALLOWED_CHATS` set नहीं है,
+  और इसे केवल listed chats के owners इस्तेमाल कर सकते हैं
 - बॉट चलाने वाले सिस्टम उपयोगकर्ता के रूप में कमांड चलते हैं
 - उचित प्रमाणीकरण सुनिश्चित करें (`gh auth login`, `claude-profiles`)
 

package/README.md

@@ -29,14 +29,19 @@ Hive Mind is a **generalist AI** (mini-AGI) capable of working on a wide range o
 | **Pre-installed Toolchain**  | 25GB+ ready: 10 language runtimes, 2 theorem provers, build tools. Can install more.                                                                                       |
 | **Token Efficiency**         | Routine tasks automated in code, so AI tokens focus on creative problem-solving.                                                                                           |
 | **Time Freedom**             | What takes humans 2-8 hours, AI completes each working session in 10-25 minutes. Mass execution of tasks in repository is possible. "The code is written while you sleep." |
-| **Scale with Orchestration** | Parallel workers feel like a team of developers, all for ~$200/month.                                                                                                      |
+| **Scale with Orchestration** | Parallel workers feel like a team of developers. Pair Claude MAX and ChatGPT Pro ($200 each) for two independent unlimited budgets.                                        |
 | **Human Control**            | AI creates draft PRs - you decide what merges. Quality gates where they matter.                                                                                            |
 | **Any Device Programming**   | Manage AI from any device with `/solve` and `/hive` via Telegram bot. No PC, IDE, or laptop required.                                                                      |
 | **100% Open Source**         | Unlicense (public domain). Full transparency, no vendor lock-in.                                                                                                           |
 
-> _"Compared to Codex for $200, this solution is fire."_ - User feedback
+**Cost**: Hive Mind supports two $200/month subscriptions as full-featured "unlimited" options:
 
-**Cost**: Claude MAX subscription (~$200/month, currently 50% off = $400 value) provides almost unlimited usage for Hive Mind - the best value/quality balance on the market.
+| Subscription                                                       | Pairs with `--tool` | Default model | Best for                                                |
+| ------------------------------------------------------------------ | ------------------- | ------------- | ------------------------------------------------------- |
+| **Anthropic Claude MAX** (~$200/month, often 50% off = $400 value) | `claude` (default)  | Sonnet/Haiku  | Highest creativity, strongest general code reasoning    |
+| **OpenAI ChatGPT Pro** ($200/month, includes Codex)                | `codex`             | `gpt-5.5`     | Strong deterministic refactors and fast iteration loops |
+
+Both tools can be combined in the same hive. Workers can run different tools in parallel, and `/codex` or `/solve --tool codex` routes tasks to ChatGPT Pro while the default routes to Claude MAX. There is no requirement to pick one: either single subscription is enough to operate, and using both unlocks per-tool/model concurrency mode (#1474).
 
 Hive Mind has high creativity indistinguishable from average programmers. It asks questions if requirements are unclear, and you can clarify on the go via PR comments.
 
@@ -48,7 +53,7 @@ It is UNSAFE to run this software on your developer machine.
 
 It is recommended to use Docker for installation (both locally and on servers). See the [Docker installation](#using-docker) section below.
 
-This software uses full autonomous mode of Claude Code, that means it is free to execute any commands it sees fit.
+This software runs supported AI tools such as Claude Code and Codex in full autonomous mode, which means they are free to execute any commands they see fit.
 
 That means it can lead to unexpected side effects.
 
@@ -60,7 +65,7 @@ There is also a known issue of space leakage. So you need to make sure you are a
 
 There are infinite ways to extract tokens from a virtual machine connected to the internet. This includes but is not limited to:
 
-- **Claude MAX tokens** - Required for AI operations
+- **Claude MAX tokens** and/or **ChatGPT Pro (Codex) tokens** - Required for AI operations; you can run with either or both
 - **GitHub tokens** - Required for repository access
 - **API keys and credentials** - Any sensitive data on the system
 
@@ -161,7 +166,7 @@ docker exec -it hive-mind /bin/bash
 # Inside the container, authenticate with GitHub
 gh-setup-git-identity
 
-# Authenticate with Claude
+# Authenticate with Claude (if you have Claude MAX)
 claude
 
 # Optionally set configuration like this:
@@ -174,6 +179,14 @@ claude
 # Optionally test Claude connection
 claude -p hi --model haiku
 
+# Authenticate with Codex (if you have ChatGPT Pro)
+codex login --device-auth
+
+# Optionally test Codex connection. codex exec refuses to run unless
+# either cwd is a git repo it trusts or --skip-git-repo-check is passed.
+# It prints the refusal to STDOUT but still exits 0, so do not skip the flag.
+codex exec --skip-git-repo-check --model gpt-5.4-mini "reply with only OK"
+
 # Verify Playwright MCP is registered for both CLIs in this container image
 claude mcp list | grep playwright
 codex mcp list | grep playwright
@@ -567,6 +580,7 @@ Shows:
 - ✅ **Screen Sessions**: Commands run in detached screen sessions
 - ✅ **Live Terminal Watch**: `/terminal_watch` and opt-in auto-start show live session logs
 - ✅ **Chat Restrictions**: Optional whitelist of allowed chat IDs
+- ✅ **Private Auth Check**: Experimental `/auth --status <gh|claude|codex>` and `/auth --login <gh|claude|codex>` for owners of allowlisted chats
 - ✅ **Diagnostic Tools**: Get chat ID and configuration info
 
 #### Live Terminal Watch
@@ -584,6 +598,8 @@ When enabled with `--auto-start-screen-watch-message`, the bot automatically sta
 
 - Only works in group chats where the bot is admin
 - Optional chat ID restrictions via `TELEGRAM_ALLOWED_CHATS`
+- Private `/auth` is disabled unless `TELEGRAM_ALLOWED_CHATS` is set and only
+  owners of listed chats can use it
 - Commands run as the system user running the bot
 - Ensure proper authentication (`gh auth login`, `claude-profiles`)
 

package/README.ru.md

@@ -21,22 +21,27 @@
 
 Hive Mind — это **универсальный ИИ** (мини-AGI), способный работать над широким спектром задач, а не только над программированием. Практически всё, что можно сделать с файлами в репозитории, поддаётся автоматизации.
 
-| Возможность                              | Что это означает для вас                                                                                                                                           |
-| ---------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
-| **Без постоянного контроля**             | Полный автономный режим с правами sudo. ИИ обладает творческой свободой, как настоящий программист.                                                                |
-| **Изоляция в облаке**                    | Работает на выделенных виртуальных машинах или в Docker. Легко восстановить в случае поломки.                                                                      |
-| **Полный доступ к интернету + Sudo**     | ИИ может устанавливать пакеты, получать документацию и настраивать систему по мере необходимости.                                                                  |
-| **Предустановленный инструментарий**     | Более 25 ГБ готово к работе: 10 языковых сред выполнения, 2 средства доказательства теорем, инструменты сборки. Можно установить дополнительные.                   |
-| **Эффективность токенов**                | Рутинные задачи автоматизированы в коде, поэтому токены ИИ сосредоточены на творческом решении проблем.                                                            |
-| **Свобода времени**                      | То, что занимает у людей 2–8 часов, ИИ выполняет за 10–25 минут за рабочую сессию. Возможно массовое выполнение задач в репозитории. «Код пишется, пока вы спите». |
-| **Масштабирование с оркестрацией**       | Параллельные воркеры ощущаются как команда разработчиков — всё примерно за $200 в месяц.                                                                           |
-| **Контроль со стороны человека**         | ИИ создаёт черновые PR — вы решаете, что вливать. Контроль качества там, где это важно.                                                                            |
-| **Программирование с любого устройства** | Управляйте ИИ с любого устройства через `/solve` и `/hive` посредством Telegram-бота. ПК, IDE или ноутбук не нужны.                                                |
-| **100% открытый исходный код**           | Лицензия Unlicense (общественное достояние). Полная прозрачность, без привязки к поставщику.                                                                       |
-
-> _«По сравнению с Codex за $200, это решение — огонь.»_ — отзыв пользователя
-
-**Стоимость**: подписка Claude MAX (~$200 в месяц, сейчас со скидкой 50% = ценность $400) обеспечивает практически неограниченное использование для Hive Mind — лучшее соотношение цены и качества на рынке.
+| Возможность                              | Что это означает для вас                                                                                                                                               |
+| ---------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| **Без постоянного контроля**             | Полный автономный режим с правами sudo. ИИ обладает творческой свободой, как настоящий программист.                                                                    |
+| **Изоляция в облаке**                    | Работает на выделенных виртуальных машинах или в Docker. Легко восстановить в случае поломки.                                                                          |
+| **Полный доступ к интернету + Sudo**     | ИИ может устанавливать пакеты, получать документацию и настраивать систему по мере необходимости.                                                                      |
+| **Предустановленный инструментарий**     | Более 25 ГБ готово к работе: 10 языковых сред выполнения, 2 средства доказательства теорем, инструменты сборки. Можно установить дополнительные.                       |
+| **Эффективность токенов**                | Рутинные задачи автоматизированы в коде, поэтому токены ИИ сосредоточены на творческом решении проблем.                                                                |
+| **Свобода времени**                      | То, что занимает у людей 2–8 часов, ИИ выполняет за 10–25 минут за рабочую сессию. Возможно массовое выполнение задач в репозитории. «Код пишется, пока вы спите».     |
+| **Масштабирование с оркестрацией**       | Параллельные воркеры ощущаются как команда разработчиков. Свяжите Claude MAX и ChatGPT Pro (по $200 каждый), чтобы получить два независимых почти безлимитных бюджета. |
+| **Контроль со стороны человека**         | ИИ создаёт черновые PR — вы решаете, что вливать. Контроль качества там, где это важно.                                                                                |
+| **Программирование с любого устройства** | Управляйте ИИ с любого устройства через `/solve` и `/hive` посредством Telegram-бота. ПК, IDE или ноутбук не нужны.                                                    |
+| **100% открытый исходный код**           | Лицензия Unlicense (общественное достояние). Полная прозрачность, без привязки к поставщику.                                                                           |
+
+**Стоимость**: Hive Mind поддерживает две подписки по $200 в месяц как полнофункциональные почти «безлимитные» варианты:
+
+| Подписка                                                          | Используется с `--tool` | Модель по умолчанию | Лучше всего подходит для                                   |
+| ----------------------------------------------------------------- | ----------------------- | ------------------- | ---------------------------------------------------------- |
+| **Anthropic Claude MAX** (~$200 в месяц, часто скидка 50% = $400) | `claude` (по умолчанию) | Sonnet/Haiku        | Максимальная креативность и сильное общее кодовое мышление |
+| **OpenAI ChatGPT Pro** ($200 в месяц, включает Codex)             | `codex`                 | `gpt-5.5`           | Надёжные детерминированные рефакторинги и быстрые итерации |
+
+Оба инструмента можно сочетать в одном hive. Воркеры могут параллельно запускать разные инструменты, а `/codex` или `/solve --tool codex` направляет задачи в ChatGPT Pro, тогда как маршрут по умолчанию идёт в Claude MAX. Выбирать только один вариант не требуется: любой одной подписки достаточно для работы, а использование обеих открывает режим параллелизма по инструментам/моделям (#1474).
 
 Hive Mind обладает высоким уровнем творчества, неотличимым от среднего программиста. Он задаёт вопросы, если требования неясны, и вы можете уточнять их на ходу через комментарии к PR.
 
@@ -48,7 +53,7 @@ Hive Mind обладает высоким уровнем творчества,
 
 Рекомендуется использовать Docker для установки (как локально, так и на серверах). Смотрите раздел [Установка через Docker](#использование-docker) ниже.
 
-Это программное обеспечение использует полностью автономный режим Claude Code, а значит, оно может выполнять любые команды по своему усмотрению.
+Это программное обеспечение запускает поддерживаемые ИИ-инструменты, такие как Claude Code и Codex, в полностью автономном режиме, а значит, они могут выполнять любые команды по своему усмотрению.
 
 Это может привести к непредвиденным побочным эффектам.
 
@@ -60,7 +65,7 @@ Hive Mind обладает высоким уровнем творчества,
 
 Существует бесконечное множество способов извлечь токены с виртуальной машины, подключённой к интернету. Это включает, но не ограничивается:
 
-- **Токены Claude MAX** — необходимы для работы ИИ
+- **Токены Claude MAX** и/или **токены ChatGPT Pro (Codex)** — необходимы для работы ИИ; можно запускать с любым из них или с обоими
 - **Токены GitHub** — необходимы для доступа к репозиториям
 - **API-ключи и учётные данные** — любые конфиденциальные данные в системе
 
@@ -161,7 +166,7 @@ docker exec -it hive-mind /bin/bash
 # Inside the container, authenticate with GitHub
 gh-setup-git-identity
 
-# Authenticate with Claude
+# Authenticate with Claude (if you have Claude MAX)
 claude
 
 # Optionally set configuration like this:
@@ -174,6 +179,14 @@ claude
 # Optionally test Claude connection
 claude -p hi --model haiku
 
+# Authenticate with Codex (if you have ChatGPT Pro)
+codex login --device-auth
+
+# Optionally test Codex connection. codex exec refuses to run unless
+# either cwd is a git repo it trusts or --skip-git-repo-check is passed.
+# It prints the refusal to STDOUT but still exits 0, so do not skip the flag.
+codex exec --skip-git-repo-check --model gpt-5.4-mini "reply with only OK"
+
 # You might need to update hive-mind and agent to latest versions:
 bun install -g @link-assistant/hive-mind
 bun install -g @link-assistant/agent
@@ -548,6 +561,7 @@ Shows:
 - ✅ **Screen-сессии**: команды запускаются в отсоединённых screen-сессиях
 - ✅ **Live Terminal Watch**: `/terminal_watch` и opt-in auto-start показывают live session logs
 - ✅ **Ограничения по чатам**: опциональный белый список разрешённых ID чатов
+- ✅ **Приватная проверка auth**: экспериментальные `/auth --status <gh|claude|codex>` и `/auth --login <gh|claude|codex>` для владельцев разрешённых чатов
 - ✅ **Диагностические инструменты**: получение ID чата и информации о конфигурации
 
 #### Live Terminal Watch
@@ -566,6 +580,8 @@ Shows:
 
 - Работает только в групповых чатах, где бот является администратором
 - Опциональное ограничение по ID чата через `TELEGRAM_ALLOWED_CHATS`
+- Приватная `/auth` отключена, если `TELEGRAM_ALLOWED_CHATS` не задан, и
+  доступна только владельцам перечисленных чатов
 - Команды выполняются от имени системного пользователя, запустившего бота
 - Убедитесь в наличии надлежащей аутентификации (`gh auth login`, `claude-profiles`)
 

package/README.zh.md

@@ -29,14 +29,19 @@ Hive Mind 是一款**通用 AI**（迷你 AGI），能够处理广泛的任务
 | **预装工具链**             | 25GB+ 开箱即用：10 种语言运行时、2 个定理证明器、构建工具，还可继续安装更多。                                 |
 | **高效利用 Token**         | 常规任务通过代码自动化完成，让 AI Token 专注于创造性问题解决。                                                |
 | **节省时间**               | 人类需要 2~8 小时的工作，AI 每个工作会话仅需 10~25 分钟完成。可批量执行仓库中的任务。"代码在你睡觉时已写好。" |
-| **编排式扩展**             | 并行工作进程犹如一支开发团队，每月仅需约 $200。                                                               |
+| **编排式扩展**             | 并行工作进程犹如一支开发团队。可将 Claude MAX 和 ChatGPT Pro（各 $200）配对，获得两份独立的近乎无限预算。     |
 | **人工控制**               | AI 创建草稿 PR——由您决定是否合并。在关键节点设置质量把关。                                                    |
 | **任意设备编程**           | 通过 Telegram 机器人使用 `/solve` 和 `/hive` 命令，在任意设备上管理 AI，无需 PC、IDE 或笔记本电脑。           |
 | **100% 开源**              | Unlicense（公共领域）。完全透明，无供应商锁定。                                                               |
 
-> _"与 $200 的 Codex 相比，这个解决方案简直是神器。"_ - 用户反馈
+**费用**：Hive Mind 支持两种 $200/月订阅作为功能完整、近乎“无限”的选项：
 
-**费用**：Claude MAX 订阅（约 $200/月，目前五折优惠 = 价值 $400）可为 Hive Mind 提供几乎无限的使用量——市场上最佳的性价比。
+| 订阅                                                             | 搭配 `--tool`    | 默认模型     | 最适合场景                   |
+| ---------------------------------------------------------------- | ---------------- | ------------ | ---------------------------- |
+| **Anthropic Claude MAX**（约 $200/月，常有五折优惠 = 价值 $400） | `claude`（默认） | Sonnet/Haiku | 最高创造力、最强通用代码推理 |
+| **OpenAI ChatGPT Pro**（$200/月，包含 Codex）                    | `codex`          | `gpt-5.5`    | 稳定确定性的重构和快速迭代   |
+
+两个工具可以在同一个 hive 中组合使用。Worker 可以并行运行不同工具，`/codex` 或 `/solve --tool codex` 会将任务路由到 ChatGPT Pro，而默认路由到 Claude MAX。无需二选一：任意单一订阅都足以运行，同时使用两者可解锁按工具/模型划分的并发模式（#1474）。
 
 Hive Mind 具备与普通程序员无异的高度创造力。当需求不明确时，它会主动提问，您也可以随时通过 PR 评论进行说明补充。
 
@@ -48,7 +53,7 @@ Hive Mind 具备与普通程序员无异的高度创造力。当需求不明确
 
 建议使用 Docker 进行安装（本地和服务器均适用）。请参阅下方的 [Docker 安装](#使用-docker) 部分。
 
-本软件使用 Claude Code 的完全自主模式，这意味着它可以自由执行任何它认为合适的命令。
+本软件会以完全自主模式运行 Claude Code、Codex 等受支持的 AI 工具，这意味着它们可以自由执行任何它们认为合适的命令。
 
 这可能导致意想不到的副作用。
 
@@ -60,7 +65,7 @@ Hive Mind 具备与普通程序员无异的高度创造力。当需求不明确
 
 从连接互联网的虚拟机中提取 Token 的方式多种多样，包括但不限于：
 
-- **Claude MAX Token** - AI 操作所必需
+- **Claude MAX Token** 和/或 **ChatGPT Pro (Codex) Token** - AI 操作所必需；您可以使用其中任意一种或同时使用两者
 - **GitHub Token** - 仓库访问所必需
 - **API 密钥和凭证** - 系统上的任何敏感数据
 
@@ -161,7 +166,7 @@ docker exec -it hive-mind /bin/bash
 # Inside the container, authenticate with GitHub
 gh-setup-git-identity
 
-# Authenticate with Claude
+# Authenticate with Claude (if you have Claude MAX)
 claude
 
 # Optionally set configuration like this:
@@ -174,6 +179,14 @@ claude
 # Optionally test Claude connection
 claude -p hi --model haiku
 
+# Authenticate with Codex (if you have ChatGPT Pro)
+codex login --device-auth
+
+# Optionally test Codex connection. codex exec refuses to run unless
+# either cwd is a git repo it trusts or --skip-git-repo-check is passed.
+# It prints the refusal to STDOUT but still exits 0, so do not skip the flag.
+codex exec --skip-git-repo-check --model gpt-5.4-mini "reply with only OK"
+
 # You might need to update hive-mind and agent to latest versions:
 bun install -g @link-assistant/hive-mind
 bun install -g @link-assistant/agent
@@ -542,6 +555,7 @@ Shows:
 - ✅ **Screen 会话**：命令在后台 Screen 会话中运行
 - ✅ **Live Terminal Watch**：`/terminal_watch` 和 opt-in auto-start 显示 live session logs
 - ✅ **聊天限制**：可选配置允许的聊天 ID 白名单
+- ✅ **私聊 Auth 检查**：为白名单聊天所有者提供实验性的 `/auth --status <gh|claude|codex>` 和 `/auth --login <gh|claude|codex>`
 - ✅ **诊断工具**：获取聊天 ID 和配置信息
 
 #### Live Terminal Watch
@@ -560,6 +574,7 @@ Shows:
 
 - 仅在机器人为管理员的群聊中有效
 - 可通过 `TELEGRAM_ALLOWED_CHATS` 配置可选的聊天 ID 限制
+- 如果未设置 `TELEGRAM_ALLOWED_CHATS`，私聊 `/auth` 会被禁用，且只有所列聊天的所有者可以使用
 - 命令以运行机器人的系统用户身份执行
 - 请确保已完成正确的身份验证（`gh auth login`、`claude-profiles`）
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@link-assistant/hive-mind",
-  "version": "1.74.5",
+  "version": "1.74.7",
   "description": "AI-powered issue solver and hive mind for collaborative problem solving",
   "main": "src/hive.mjs",
   "type": "module",

package/src/telegram-auth-command.lib.mjs

@@ -0,0 +1,298 @@
+import { spawn } from 'child_process';
+import { parseCommandArgs } from './telegram-solve-command.lib.mjs';
+
+export const AUTH_PROVIDERS = Object.freeze(['gh', 'claude', 'codex']);
+
+const AUTH_PROVIDER_SET = new Set(AUTH_PROVIDERS);
+const AUTH_USAGE = 'Usage: /auth --status <gh|claude|codex> or /auth --login <gh|claude|codex>';
+// eslint-disable-next-line no-control-regex
+const ANSI_RE = /\x1B(?:[@-Z\\-_]|\[[0-?]*[ -/]*[@-~])/g;
+const TOKEN_RE = /\b(?:gh[opsu]_[A-Za-z0-9_]{20,}|github_pat_[A-Za-z0-9_]{20,}|sk-proj-[A-Za-z0-9_-]{20,}|sk-[A-Za-z0-9_-]{20,}|xox[baprs]-[A-Za-z0-9-]{20,})\b/g;
+const TOKEN_FIELD_RE = /\b(token|access_token|refresh_token|api[_-]?key|authorization)\s*[:=]\s*["']?[^"'\s,}]+/gi;
+
+function trimOutput(text, max = 3500) {
+  const value = String(text || '').trim();
+  if (value.length <= max) return value;
+  return value.slice(0, max) + `\n... truncated ${value.length - max} characters`;
+}
+
+function escapeCodeFence(text) {
+  return String(text || '').replace(/```/g, '` ` `');
+}
+
+function normalizeProvider(provider) {
+  return String(provider || '')
+    .trim()
+    .toLowerCase();
+}
+
+function readActionValue(arg) {
+  if (arg === '--status') return { action: 'status', provider: null, consumesNext: true };
+  if (arg === '--login') return { action: 'login', provider: null, consumesNext: true };
+  if (arg.startsWith('--status=')) return { action: 'status', provider: arg.slice('--status='.length), consumesNext: false };
+  if (arg.startsWith('--login=')) return { action: 'login', provider: arg.slice('--login='.length), consumesNext: false };
+  return null;
+}
+
+export function parseAuthRequest(text) {
+  const args = parseCommandArgs(text || '');
+  let action = null;
+  let provider = null;
+
+  for (let i = 0; i < args.length; i++) {
+    const parsed = readActionValue(args[i]);
+    if (!parsed) {
+      return { action: null, provider: null, error: `Unsupported /auth argument: ${args[i]}\n\n${AUTH_USAGE}` };
+    }
+    if (action) {
+      return { action: null, provider: null, error: `Use exactly one of --status or --login.\n\n${AUTH_USAGE}` };
+    }
+    action = parsed.action;
+    provider = normalizeProvider(parsed.provider);
+    if (parsed.consumesNext) {
+      const next = args[i + 1];
+      if (!next || next.startsWith('--')) {
+        return { action: null, provider: null, error: AUTH_USAGE };
+      }
+      provider = normalizeProvider(next);
+      i++;
+    }
+  }
+
+  if (!action || !provider) {
+    return { action: null, provider: null, error: AUTH_USAGE };
+  }
+  if (!AUTH_PROVIDER_SET.has(provider)) {
+    return { action, provider: null, error: `Unsupported auth provider: ${provider}\n\n${AUTH_USAGE}` };
+  }
+
+  return { action, provider, error: null };
+}
+
+export function buildAuthCommand(action, provider) {
+  if (action === 'status') {
+    if (provider === 'gh') return { command: 'gh', args: ['auth', 'status', '--hostname', 'github.com'] };
+    if (provider === 'claude') return { command: 'claude', args: ['auth', 'status'] };
+    if (provider === 'codex') return { command: 'codex', args: ['login', 'status'] };
+  }
+  if (action === 'login') {
+    if (provider === 'gh') return { command: 'gh', args: ['auth', 'login', '--hostname', 'github.com', '--git-protocol', 'https', '--web'] };
+    if (provider === 'claude') return { command: 'claude', args: ['auth', 'login', '--claudeai'] };
+    if (provider === 'codex') return { command: 'codex', args: ['login', '--device-auth'] };
+  }
+  throw new Error(`Unsupported auth command: ${action} ${provider}`);
+}
+
+export function redactAuthOutput(output) {
+  return String(output || '')
+    .replace(ANSI_RE, '')
+    .replace(TOKEN_RE, '[REDACTED_TOKEN]')
+    .replace(TOKEN_FIELD_RE, (_, name) => `${name}: [REDACTED_TOKEN]`);
+}
+
+function collectAuthOutput(result) {
+  return redactAuthOutput([result?.stdout, result?.stderr].filter(Boolean).join('\n'));
+}
+
+export function extractAuthStartDetails(output) {
+  const text = redactAuthOutput(output);
+  const urls = [...new Set([...text.matchAll(/https?:\/\/[^\s<>)"']+/g)].map(match => match[0].replace(/[.,;:!?]+$/, '')))];
+
+  const codePatterns = [/\bone-time code\s*[:=]\s*([A-Z0-9][A-Z0-9-]{3,})/i, /\b(?:user code|verification code|code)\s*[:=]\s*([A-Z0-9][A-Z0-9-]{3,})/i, /\b([A-Z0-9]{4,}-[A-Z0-9-]{4,})\b/];
+  let code = null;
+  for (const pattern of codePatterns) {
+    const match = text.match(pattern);
+    if (match) {
+      code = match[1].toUpperCase();
+      break;
+    }
+  }
+
+  return { urls, code };
+}
+
+export function formatAuthStatusMessage(provider, result) {
+  const code = result?.code;
+  const ok = code === 0;
+  const output = trimOutput(collectAuthOutput(result)) || '(no output)';
+  return `${ok ? 'OK' : 'ERROR'} *${provider} auth status*\n\nExit code: ${code ?? 'unknown'}\n\n\`\`\`\n${escapeCodeFence(output)}\n\`\`\``;
+}
+
+export function formatAuthLoginMessage(provider, result) {
+  const output = collectAuthOutput(result);
+  const details = extractAuthStartDetails(output);
+  const lines = [`*${provider} auth login started*`, '', 'The local login command was cancelled locally after capturing the browser step, so this bot command did not replace existing credentials.'];
+
+  if (details.urls.length > 0) {
+    lines.push('', 'Open this URL:');
+    for (const url of details.urls) lines.push(url);
+  }
+  if (details.code) {
+    lines.push('', `Code: \`${details.code}\``);
+  }
+  if (details.urls.length === 0 && !details.code) {
+    const shownOutput = trimOutput(output) || '(no output captured)';
+    lines.push('', 'Captured output:', '', '```', escapeCodeFence(shownOutput), '```');
+  }
+  if (result?.cancelled) {
+    lines.push('', 'Status: cancelled locally after capture.');
+  } else if (typeof result?.code === 'number') {
+    lines.push('', `Status: login command exited with code ${result.code}.`);
+  }
+  lines.push('', 'Continuation by replying with a provider code is not automated yet; this is the first experimental CLI-backed /auth path.');
+  return lines.join('\n');
+}
+
+export const resolveAllowedAuthChatIds = allowedChats => {
+  if (!allowedChats) return [];
+  const raw = typeof allowedChats === 'function' ? allowedChats() : allowedChats;
+  if (!Array.isArray(raw)) return [];
+  return raw.map(value => String(value)).filter(Boolean);
+};
+
+export async function isAuthOperator({ telegram, userId, allowedChatIds }) {
+  if (!telegram || !userId || !allowedChatIds || allowedChatIds.length === 0) {
+    return false;
+  }
+  for (const chatId of allowedChatIds) {
+    if (String(chatId) === String(userId)) return true;
+    try {
+      const member = await telegram.getChatMember(chatId, userId);
+      if (member?.status === 'creator') return true;
+    } catch {
+      // Try the next configured chat. The bot may no longer be a member.
+    }
+  }
+  return false;
+}
+
+export function runAuthCommand(command, args, options = {}) {
+  const { mode = 'status', loginCaptureMs = 15000, outputLimit = 20000, env = process.env } = options;
+  return new Promise(resolve => {
+    const child = spawn(command, args, {
+      stdio: ['ignore', 'pipe', 'pipe'],
+      env,
+    });
+    let stdout = '';
+    let stderr = '';
+    let settled = false;
+    let captureTimer = null;
+
+    const settle = result => {
+      if (settled) return;
+      settled = true;
+      if (captureTimer) clearTimeout(captureTimer);
+      resolve({
+        stdout: stdout.slice(0, outputLimit),
+        stderr: stderr.slice(0, outputLimit),
+        ...result,
+      });
+    };
+
+    const maybeCancelLogin = () => {
+      if (mode !== 'login' || settled) return;
+      const details = extractAuthStartDetails(`${stdout}\n${stderr}`);
+      if (details.urls.length === 0 && !details.code) return;
+      child.kill('SIGTERM');
+      settle({ code: null, signal: 'SIGTERM', cancelled: true });
+    };
+
+    child.stdout.on('data', data => {
+      stdout += data.toString();
+      maybeCancelLogin();
+    });
+    child.stderr.on('data', data => {
+      stderr += data.toString();
+      maybeCancelLogin();
+    });
+    child.on('error', error => {
+      settle({ code: null, error: error.message });
+    });
+    child.on('close', (code, signal) => {
+      settle({ code, signal, cancelled: false });
+    });
+
+    if (mode === 'login') {
+      captureTimer = setTimeout(() => {
+        child.kill('SIGTERM');
+        settle({ code: null, signal: 'SIGTERM', cancelled: true });
+      }, loginCaptureMs);
+    }
+  });
+}
+
+export function registerAuthCommand(bot, options = {}) {
+  const { VERBOSE = false, isOldMessage, isForwardedOrReply, allowedChats, authEnabled = true } = options;
+  const execute = options.runCommand || runAuthCommand;
+  const reply = options.safeReply || ((ctx, text, replyOptions) => ctx.reply(text, replyOptions));
+
+  async function handleAuthCommand(ctx) {
+    VERBOSE && console.log('[VERBOSE] /auth command received');
+
+    if (isOldMessage && isOldMessage(ctx)) {
+      VERBOSE && console.log('[VERBOSE] /auth ignored: old message');
+      return;
+    }
+    if (isForwardedOrReply && isForwardedOrReply(ctx)) {
+      VERBOSE && console.log('[VERBOSE] /auth ignored: forwarded or reply');
+      return;
+    }
+    if (!authEnabled) {
+      await reply(ctx, 'The /auth command is disabled on this bot instance.', { reply_to_message_id: ctx.message?.message_id });
+      return;
+    }
+    if (!ctx.chat || !ctx.from || !ctx.message) return;
+    if (ctx.chat.type !== 'private') {
+      await reply(ctx, 'The /auth command is only available in private messages.', { reply_to_message_id: ctx.message.message_id });
+      return;
+    }
+
+    const allowedChatIds = resolveAllowedAuthChatIds(allowedChats);
+    if (allowedChatIds.length === 0) {
+      await reply(ctx, 'The /auth command is disabled because TELEGRAM_ALLOWED_CHATS is not configured.', { reply_to_message_id: ctx.message.message_id });
+      return;
+    }
+
+    const authorized = await isAuthOperator({ telegram: ctx.telegram, userId: ctx.from.id, allowedChatIds });
+    if (!authorized) {
+      VERBOSE && console.log(`[VERBOSE] /auth denied: user ${ctx.from.id} is not creator of any allowed chat`);
+      await reply(ctx, 'The /auth command is only available to owners of allowlisted chats.', { reply_to_message_id: ctx.message.message_id });
+      return;
+    }
+
+    const request = parseAuthRequest(ctx.message.text || '');
+    if (request.error) {
+      await reply(ctx, request.error, { reply_to_message_id: ctx.message.message_id });
+      return;
+    }
+
+    const { command, args } = buildAuthCommand(request.action, request.provider);
+    let result;
+    try {
+      result = await execute(command, args, { mode: request.action, provider: request.provider });
+    } catch (error) {
+      await reply(ctx, `Failed to run ${request.provider} auth ${request.action}: ${error.message || String(error)}`, { reply_to_message_id: ctx.message.message_id });
+      return;
+    }
+
+    const message = request.action === 'status' ? formatAuthStatusMessage(request.provider, result) : formatAuthLoginMessage(request.provider, result);
+    await reply(ctx, message, { parse_mode: 'Markdown', reply_to_message_id: ctx.message.message_id });
+  }
+
+  bot.command('auth', handleAuthCommand);
+  return { handleAuthCommand };
+}
+
+export default {
+  AUTH_PROVIDERS,
+  buildAuthCommand,
+  extractAuthStartDetails,
+  formatAuthLoginMessage,
+  formatAuthStatusMessage,
+  isAuthOperator,
+  parseAuthRequest,
+  redactAuthOutput,
+  registerAuthCommand,
+  resolveAllowedAuthChatIds,
+  runAuthCommand,
+};

package/src/telegram-bot.mjs

@@ -40,7 +40,7 @@ const { applySolveToolAlias, getFirstParsedPositionalArg, getSolveCommandNameFro
 const { executeStartScreen: executeStartScreenCommand, buildExecuteAndUpdateMessage } = await import('./telegram-command-execution.lib.mjs');
 const { isChatStopped, getChatStopInfo, getStoppedChatRejectMessage, DEFAULT_STOP_REASON } = await import('./telegram-start-stop-command.lib.mjs');
 const { isOldMessage: _isOldMessage, isGroupChat: _isGroupChat, isChatAuthorized: _isChatAuthorized, isForwardedOrReply: _isForwardedOrReply, extractCommandFromText, extractGitHubUrl: _extractGitHubUrl } = await import('./telegram-message-filters.lib.mjs');
-const { installTelegramFormattingFallback, safeEditMessageText, safeReply } = await import('./telegram-safe-reply.lib.mjs');
+const { installTelegramFormattingFallback, isTelegramFormattingError, isTelegramMessageTooLongError, safeEditMessageText, safeReply, TELEGRAM_TEXT_LIMIT } = await import('./telegram-safe-reply.lib.mjs');
 const { registerTerminalWatchCommand, startAutoTerminalWatchForSession } = await import('./telegram-terminal-watch-command.lib.mjs');
 const { launchBotWithRetry } = await import('./telegram-bot-launcher.lib.mjs');
 const { trackSession, startSessionMonitoring, hasActiveSessionForUrlAsync } = await import('./session-monitor.lib.mjs');
@@ -100,6 +100,11 @@ const config = yargs(hideBin(process.argv))
     description: 'Enable /task and /split commands (use --no-task to disable)',
     default: getenv('TELEGRAM_TASK', 'true') !== 'false',
   })
+  .option('auth', {
+    type: 'boolean',
+    description: 'Enable experimental private /auth command for allowlisted chat owners (use --no-auth to disable)',
+    default: getenv('TELEGRAM_AUTH', 'true') !== 'false',
+  })
   .option('dryRun', {
     type: 'boolean',
     description: 'Validate configuration and options without starting the bot',
@@ -163,6 +168,7 @@ const hiveOverrides = resolvedHiveOverrides
 const solveEnabled = config.solve;
 const hiveEnabled = config.hive;
 const taskEnabled = config.task;
+const authEnabled = config.auth;
 // Isolation mode (experimental): uses `$` from start-command with specified backend
 const ISOLATION_BACKEND = (config.isolation || getenv('TELEGRAM_ISOLATION', '')).trim().toLowerCase();
 let isolationRunner = null;
@@ -283,7 +289,7 @@ if (config.dryRun) {
   if (allowedTopics && allowedTopics.length > 0) {
     console.log('  Allowed topics:', lino.formatLinks(allowedTopics));
   }
-  console.log('  Commands enabled:', { solve: solveEnabled, hive: hiveEnabled, task: taskEnabled });
+  console.log('  Commands enabled:', { solve: solveEnabled, hive: hiveEnabled, task: taskEnabled, auth: authEnabled });
   if (solveOverrides.length > 0) {
     console.log('  Solve overrides:', lino.format(solveOverrides));
   }
@@ -606,6 +612,8 @@ const { registerSubscribeCommands } = await import('./telegram-subscribers.lib.m
 registerSubscribeCommands(bot, sharedCommandOpts);
 const { registerTaskCommands } = await import('./telegram-task-command.lib.mjs');
 const { handleTaskCommand, TASK_COMMAND_NAMES } = registerTaskCommands(bot, { ...sharedCommandOpts, taskEnabled, safeReply, executeAndUpdateMessage, resolveLocale: resolveLocaleFromTelegramCtx });
+const { registerAuthCommand } = await import('./telegram-auth-command.lib.mjs');
+const { handleAuthCommand } = registerAuthCommand(bot, { ...sharedCommandOpts, allowedChats, authEnabled, safeReply });
 
 // Named handler for /solve command - extracted for reuse by text-based fallback (issue #1207)
 async function handleSolveCommand(ctx) {
@@ -1170,7 +1178,7 @@ bot.on('message', async (ctx, next) => {
   const solveHandlers = Object.fromEntries(SOLVE_COMMAND_NAMES.map(command => [command, handleSolveCommand]));
   const taskHandlers = Object.fromEntries(TASK_COMMAND_NAMES.map(command => [command, handleTaskCommand]));
   // /queue is the short alias for /solve_queue (issue #1837)
-  const handlers = { ...solveHandlers, ...taskHandlers, hive: handleHiveCommand, solve_queue: handleSolveQueueCommand, solvequeue: handleSolveQueueCommand, queue: handleSolveQueueCommand };
+  const handlers = { ...solveHandlers, ...taskHandlers, auth: handleAuthCommand, hive: handleHiveCommand, solve_queue: handleSolveQueueCommand, solvequeue: handleSolveQueueCommand, queue: handleSolveQueueCommand };
 
   const handler = handlers[extracted.command];
   if (!handler) return next();
@@ -1214,15 +1222,17 @@ bot.catch((error, ctx) => {
 
   // Try to notify the user about the error with more details
   if (ctx?.reply) {
-    const isTelegramParsingError = error.message && (error.message.includes("can't parse entities") || error.message.includes("Can't parse entities") || error.message.includes("can't find end of") || (error.message.includes('Bad Request') && error.message.includes('400')));
+    const isTelegramParsingError = isTelegramFormattingError(error);
+    const isTelegramTextLimitError = isTelegramMessageTooLongError(error);
 
     let errorMessage;
 
-    if (isTelegramParsingError) {
+    if (isTelegramParsingError || isTelegramTextLimitError) {
       // Issue #1460: Log detailed context for root cause analysis (always logged, not just in verbose mode)
       const userInfo = ctx.from ? { id: ctx.from.id, username: ctx.from.username, first_name: ctx.from.first_name, last_name: ctx.from.last_name } : 'unknown';
-      console.error(`[telegram-bot] Parsing error: ${error.message}`);
-      console.error(`[telegram-bot] Parsing error context - user: ${JSON.stringify(userInfo)}, command: ${ctx.message?.text?.split(' ')[0] || 'unknown'}`);
+      const errorKind = isTelegramTextLimitError ? 'Message length error' : 'Parsing error';
+      console.error(`[telegram-bot] ${errorKind}: ${error.message}`);
+      console.error(`[telegram-bot] ${errorKind} context - user: ${JSON.stringify(userInfo)}, command: ${ctx.message?.text?.split(' ')[0] || 'unknown'}`);
       console.error(`[telegram-bot] User input text: ${ctx.message?.text || 'none'}`);
       if (ctx.message?.text) {
         const visibleInput = makeSpecialCharsVisible(ctx.message.text, { maxLength: 500 });
@@ -1233,8 +1243,11 @@ bot.catch((error, ctx) => {
         }
       }
 
-      // Issue #1460: Show user a simple, non-confusing message — all details are in the logs
-      errorMessage = `❌ Failed to send formatted message. Please try your command again.\n\nIf the issue persists, contact support with Update ID: ${ctx.update.update_id}`;
+      if (isTelegramTextLimitError) {
+        errorMessage = `❌ Telegram rejected an oversized bot message.\n\nThe bot splits messages above ${TELEGRAM_TEXT_LIMIT} characters automatically. Please try your command again.\n\nIf the issue persists, contact support with Update ID: ${ctx.update.update_id}`;
+      } else {
+        errorMessage = `❌ Telegram rejected a formatted bot message, and the fallback handler could not recover automatically.\n\nPlease try your command again.\n\nIf the issue persists, contact support with Update ID: ${ctx.update.update_id}`;
+      }
     } else {
       errorMessage = '❌ An error occurred while processing your request.\n\n';
       if (error.message) {
@@ -1251,20 +1264,13 @@ bot.catch((error, ctx) => {
       if (VERBOSE) errorMessage += `\n\n🔍 Debug info: Update ID: ${ctx.update.update_id}`;
     }
 
-    // Issue #1460: For parsing errors send plain text; otherwise try Markdown first
-    if (isTelegramParsingError) {
-      ctx.reply(errorMessage).catch(fallbackError => {
-        console.error('Failed to send plain text error message:', fallbackError);
+    safeReply(ctx, errorMessage, { fallbackLocale: resolveLocaleFromTelegramCtx(ctx), verbose: VERBOSE }).catch(replyError => {
+      console.error('Failed to send error message to user:', replyError);
+      const plainMessage = `An error occurred while processing your request. Please try again or contact support.\n\nError: ${error.message || 'Unknown error'}`;
+      ctx.reply(plainMessage).catch(fallbackError => {
+        console.error('Failed to send fallback error message:', fallbackError);
       });
-    } else {
-      ctx.reply(errorMessage, { parse_mode: 'Markdown' }).catch(replyError => {
-        console.error('Failed to send error message to user:', replyError);
-        const plainMessage = `An error occurred while processing your request. Please try again or contact support.\n\nError: ${error.message || 'Unknown error'}`;
-        ctx.reply(plainMessage).catch(fallbackError => {
-          console.error('Failed to send fallback error message:', fallbackError);
-        });
-      });
-    }
+    });
   }
 });
 
@@ -1281,7 +1287,7 @@ if (allowedChats && allowedChats.length > 0) {
 if (allowedTopics && allowedTopics.length > 0) {
   console.log('Allowed topics (lino):', lino.formatLinks(allowedTopics));
 }
-console.log('Commands enabled:', { solve: solveEnabled, hive: hiveEnabled, task: taskEnabled });
+console.log('Commands enabled:', { solve: solveEnabled, hive: hiveEnabled, task: taskEnabled, auth: authEnabled });
 if (solveOverrides.length > 0) console.log('Solve overrides (lino):', lino.format(solveOverrides));
 if (hiveOverrides.length > 0) console.log('Hive overrides (lino):', lino.format(hiveOverrides));
 if (VERBOSE) {

package/src/telegram-safe-reply.lib.mjs

@@ -2,6 +2,7 @@ import { normalizeLocale, t } from './i18n.lib.mjs';
 
 const FORMATTING_FALLBACK_INSTALLED = Symbol.for('hiveMind.telegramFormattingFallbackInstalled');
 const DEFAULT_FORMATTING_FALLBACK_WARNING = '⚠️ Formatting error detected. Showing plain text fallback.';
+export const TELEGRAM_TEXT_LIMIT = 4096;
 const FORMATTING_FALLBACK_WARNINGS = {
   en: DEFAULT_FORMATTING_FALLBACK_WARNING,
   ru: '⚠️ Обнаружена ошибка форматирования. Показываю обычный текст.',
@@ -18,9 +19,18 @@ function splitOptions(options = {}) {
   };
 }
 
+function getTelegramErrorMessage(error) {
+  return error?.description || error?.message || String(error || '');
+}
+
 export function isTelegramFormattingError(error) {
-  const message = error?.description || error?.message || String(error || '');
-  return /can't parse entities/i.test(message) || /can't find end of/i.test(message) || /entity.*parse/i.test(message) || (/bad request/i.test(message) && /400|parse|entity/i.test(message));
+  const message = getTelegramErrorMessage(error);
+  return /can't parse entities/i.test(message) || /can't find end of/i.test(message) || /entity.*parse/i.test(message) || /parse.*entity/i.test(message) || /character .* is reserved/i.test(message) || /unsupported start tag/i.test(message);
+}
+
+export function isTelegramMessageTooLongError(error) {
+  const message = getTelegramErrorMessage(error);
+  return /message is too long/i.test(message) || /message text is too long/i.test(message) || /text is too long/i.test(message) || /message_too_long/i.test(message) || (/bad request/i.test(message) && /too long/i.test(message) && /(message|text|caption)/i.test(message));
 }
 
 export function stripTelegramMarkdown(text) {
@@ -36,6 +46,45 @@ export function stripTelegramMarkdown(text) {
     .replace(/`([^`]+)`/g, '$1');
 }
 
+function findTelegramSplitIndex(text, limit) {
+  const minUsefulSplit = Math.floor(limit * 0.45);
+  const separators = ['\n\n', '\n', '. ', '; ', ', ', ' '];
+
+  for (const separator of separators) {
+    const searchEnd = Math.max(0, limit - separator.length);
+    const index = text.lastIndexOf(separator, searchEnd);
+    if (index >= minUsefulSplit) {
+      return index + separator.length;
+    }
+  }
+
+  return limit;
+}
+
+export function splitTelegramMessageText(text, limit = TELEGRAM_TEXT_LIMIT) {
+  const source = String(text ?? '');
+  if (source.length <= limit) return [source];
+
+  const chunks = [];
+  let remaining = source;
+
+  while (remaining.length > limit) {
+    let splitAt = findTelegramSplitIndex(remaining, limit);
+    let chunk = remaining.slice(0, splitAt).trimEnd();
+
+    if (!chunk) {
+      splitAt = limit;
+      chunk = remaining.slice(0, splitAt);
+    }
+
+    chunks.push(chunk);
+    remaining = remaining.slice(splitAt).trimStart();
+  }
+
+  if (remaining) chunks.push(remaining);
+  return chunks;
+}
+
 function getFormattingFallbackWarning(locale) {
   const key = 'telegram.formatting_fallback_warning';
   const normalizedLocale = normalizeLocale(locale);
@@ -50,7 +99,7 @@ export function buildTelegramFormattingFallbackText(text, options = {}) {
 }
 
 function logFormattingFailure(scope, error, text, verbose = false, fallbackText = null) {
-  const message = error?.description || error?.message || String(error || '');
+  const message = getTelegramErrorMessage(error);
   console.error(`[telegram-bot] ${scope}: formatted Telegram message failed: ${message}`);
   if (verbose) {
     const originalBytes = Buffer.byteLength(String(text ?? ''), 'utf-8');
@@ -76,54 +125,241 @@ function logFormattingFailure(scope, error, text, verbose = false, fallbackText
   }
 }
 
+function logMessageTooLongFailure(scope, error, text, verbose = false, fallbackText = null) {
+  const message = getTelegramErrorMessage(error);
+  console.error(`[telegram-bot] ${scope}: Telegram message exceeded ${TELEGRAM_TEXT_LIMIT} character limit: ${message}`);
+  if (verbose) {
+    const original = String(text ?? '');
+    console.error(`[telegram-bot] ${scope}: Oversized message (${original.length} chars, ${Buffer.byteLength(original, 'utf-8')} bytes): ${original}`);
+    if (fallbackText !== null) {
+      const fallback = String(fallbackText ?? '');
+      console.error(`[telegram-bot] ${scope}: Plain text fallback (${fallback.length} chars, ${Buffer.byteLength(fallback, 'utf-8')} bytes): ${fallback}`);
+    }
+  }
+}
+
+function logChunking(scope, text, chunks, verbose = false) {
+  if (chunks.length <= 1) return;
+  const source = String(text ?? '');
+  console.warn(`[telegram-bot] ${scope}: Telegram text is ${source.length} chars (${Buffer.byteLength(source, 'utf-8')} bytes), splitting into ${chunks.length} messages (limit ${TELEGRAM_TEXT_LIMIT}).`);
+  if (verbose) {
+    chunks.forEach((chunk, index) => {
+      console.error(`[telegram-bot] ${scope}: Chunk ${index + 1}/${chunks.length} (${chunk.length} chars, ${Buffer.byteLength(chunk, 'utf-8')} bytes): ${chunk}`);
+    });
+  }
+}
+
+function getPlainTextOptions(telegramOptions) {
+  return { ...telegramOptions, parse_mode: undefined, entities: undefined };
+}
+
+async function sendPlainTextChunks({ text, telegramOptions, scope, verbose, sendChunk }) {
+  const plainOptions = getPlainTextOptions(telegramOptions);
+  const chunks = splitTelegramMessageText(text);
+  logChunking(`${scope}:plainText`, text, chunks, verbose);
+
+  let firstResult;
+  for (const chunk of chunks) {
+    const result = await sendChunk(chunk, plainOptions);
+    if (firstResult === undefined) firstResult = result;
+  }
+  return firstResult;
+}
+
+async function sendTelegramTextChunks({ text, telegramOptions, fallbackLocale, verbose, scope, sendChunk }) {
+  const chunks = splitTelegramMessageText(text);
+  logChunking(scope, text, chunks, verbose);
+
+  let firstResult;
+  for (const chunk of chunks) {
+    try {
+      const result = await sendChunk(chunk, telegramOptions);
+      if (firstResult === undefined) firstResult = result;
+    } catch (error) {
+      let fallbackText;
+      if (isTelegramFormattingError(error)) {
+        fallbackText = buildTelegramFormattingFallbackText(chunk, { fallbackLocale });
+        logFormattingFailure(scope, error, chunk, verbose, fallbackText);
+      } else if (isTelegramMessageTooLongError(error)) {
+        fallbackText = stripTelegramMarkdown(chunk);
+        logMessageTooLongFailure(scope, error, chunk, verbose, fallbackText);
+      } else {
+        throw error;
+      }
+
+      const result = await sendPlainTextChunks({
+        text: fallbackText,
+        telegramOptions,
+        scope,
+        verbose,
+        sendChunk,
+      });
+      if (firstResult === undefined) firstResult = result;
+    }
+  }
+
+  return firstResult;
+}
+
+async function sendRemainingEditChunks({ chunks, telegramOptions, fallbackLocale, verbose, scope, sendFollowUpChunk }) {
+  if (chunks.length === 0) return undefined;
+  if (!sendFollowUpChunk) {
+    console.error(`[telegram-bot] ${scope}: cannot send ${chunks.length} remaining chunk(s) after edit because chat_id is unavailable.`);
+    return undefined;
+  }
+
+  return await sendTelegramTextChunks({
+    text: chunks.join('\n'),
+    telegramOptions,
+    fallbackLocale,
+    verbose,
+    scope: `${scope}:followUp`,
+    sendChunk: sendFollowUpChunk,
+  });
+}
+
+async function sendPlainRemainingEditChunks({ chunks, telegramOptions, verbose, scope, sendFollowUpChunk }) {
+  if (chunks.length === 0) return undefined;
+  if (!sendFollowUpChunk) {
+    console.error(`[telegram-bot] ${scope}: cannot send ${chunks.length} plain-text fallback chunk(s) after edit because chat_id is unavailable.`);
+    return undefined;
+  }
+
+  return await sendPlainTextChunks({
+    text: chunks.join('\n'),
+    telegramOptions,
+    scope: `${scope}:followUp`,
+    verbose,
+    sendChunk: sendFollowUpChunk,
+  });
+}
+
+async function editTelegramTextChunks({ text, telegramOptions, fallbackLocale, verbose, scope, editChunk, sendFollowUpChunk }) {
+  const chunks = splitTelegramMessageText(text);
+  logChunking(scope, text, chunks, verbose);
+
+  const [firstChunk, ...remainingChunks] = chunks;
+  try {
+    const result = await editChunk(firstChunk, telegramOptions);
+    await sendRemainingEditChunks({
+      chunks: remainingChunks,
+      telegramOptions,
+      fallbackLocale,
+      verbose,
+      scope,
+      sendFollowUpChunk,
+    });
+    return result;
+  } catch (error) {
+    let fallbackText;
+    if (isTelegramFormattingError(error)) {
+      fallbackText = buildTelegramFormattingFallbackText(firstChunk, { fallbackLocale });
+      logFormattingFailure(scope, error, firstChunk, verbose, fallbackText);
+    } else if (isTelegramMessageTooLongError(error)) {
+      fallbackText = stripTelegramMarkdown(firstChunk);
+      logMessageTooLongFailure(scope, error, firstChunk, verbose, fallbackText);
+    } else {
+      throw error;
+    }
+
+    const plainOptions = getPlainTextOptions(telegramOptions);
+    const fallbackChunks = splitTelegramMessageText(fallbackText);
+    logChunking(`${scope}:plainText`, fallbackText, fallbackChunks, verbose);
+    const [firstFallbackChunk, ...remainingFallbackChunks] = fallbackChunks;
+    const result = await editChunk(firstFallbackChunk, plainOptions);
+    await sendPlainRemainingEditChunks({
+      chunks: [...remainingFallbackChunks, ...remainingChunks.map(stripTelegramMarkdown)],
+      telegramOptions,
+      verbose,
+      scope,
+      sendFollowUpChunk,
+    });
+    return result;
+  }
+}
+
 // Issue #1460/#1497/#1788: try Markdown first, fall back to localized plain text on parsing errors.
 export async function safeReply(ctx, text, options = {}) {
   const { telegramOptions, fallbackLocale, verbose } = splitOptions(options);
   const firstOptions = { parse_mode: 'Markdown', ...telegramOptions };
-  try {
-    return await ctx.reply(text, firstOptions);
-  } catch (error) {
-    if (!isTelegramFormattingError(error)) throw error;
-    const fallbackText = buildTelegramFormattingFallbackText(text, { fallbackLocale });
-    logFormattingFailure('safeReply', error, text, verbose, fallbackText);
-    return await ctx.reply(fallbackText, { ...telegramOptions, parse_mode: undefined });
-  }
+  return await sendTelegramTextChunks({
+    text,
+    telegramOptions: firstOptions,
+    fallbackLocale,
+    verbose,
+    scope: 'safeReply',
+    sendChunk: (chunk, chunkOptions) => ctx.reply(chunk, chunkOptions),
+  });
 }
 
 export async function safeEditMessageText(telegram, chatId, messageId, inlineMessageId, text, options = {}) {
   const { telegramOptions, fallbackLocale, verbose } = splitOptions(options);
   const firstOptions = { parse_mode: 'Markdown', ...telegramOptions };
-  try {
-    return await telegram.editMessageText(chatId, messageId, inlineMessageId, text, firstOptions);
-  } catch (error) {
-    if (!isTelegramFormattingError(error)) throw error;
-    const fallbackText = buildTelegramFormattingFallbackText(text, { fallbackLocale });
-    logFormattingFailure('safeEditMessageText', error, text, verbose, fallbackText);
-    return await telegram.editMessageText(chatId, messageId, inlineMessageId, fallbackText, { ...telegramOptions, parse_mode: undefined });
-  }
+  return await editTelegramTextChunks({
+    text,
+    telegramOptions: firstOptions,
+    fallbackLocale,
+    verbose,
+    scope: 'safeEditMessageText',
+    editChunk: (chunk, chunkOptions) => telegram.editMessageText(chatId, messageId, inlineMessageId, chunk, chunkOptions),
+    sendFollowUpChunk: chatId !== undefined && chatId !== null && typeof telegram.sendMessage === 'function' ? (chunk, chunkOptions) => telegram.sendMessage(chatId, chunk, chunkOptions) : null,
+  });
 }
 
-function wrapTelegramMethod(telegram, methodName, textIndex, optionsIndex, defaults = {}) {
-  const original = telegram?.[methodName];
+function wrapTelegramSendMessage(telegram, defaults = {}) {
+  const original = telegram?.sendMessage;
   if (typeof original !== 'function') return;
 
-  telegram[methodName] = async function wrappedTelegramMessageMethod(...args) {
-    const text = args[textIndex];
-    const originalOptions = args[optionsIndex] || {};
+  telegram.sendMessage = async function wrappedTelegramSendMessage(...args) {
+    const text = args[1];
+    const originalOptions = args[2] || {};
     const { telegramOptions, fallbackLocale, verbose } = splitOptions(originalOptions);
-    args[optionsIndex] = telegramOptions;
+    args[2] = telegramOptions;
 
-    try {
-      return await original.apply(this, args);
-    } catch (error) {
-      if (!isTelegramFormattingError(error) || typeof text !== 'string') throw error;
-      const fallbackText = buildTelegramFormattingFallbackText(text, { fallbackLocale: fallbackLocale || defaults.fallbackLocale });
-      logFormattingFailure(methodName, error, text, verbose || defaults.verbose, fallbackText);
-      const retryArgs = [...args];
-      retryArgs[textIndex] = fallbackText;
-      retryArgs[optionsIndex] = { ...telegramOptions, parse_mode: undefined };
-      return await original.apply(this, retryArgs);
-    }
+    if (typeof text !== 'string') return await original.apply(this, args);
+
+    return await sendTelegramTextChunks({
+      text,
+      telegramOptions,
+      fallbackLocale: fallbackLocale || defaults.fallbackLocale,
+      verbose: verbose || defaults.verbose,
+      scope: 'sendMessage',
+      sendChunk: (chunk, chunkOptions) => {
+        const chunkArgs = [...args];
+        chunkArgs[1] = chunk;
+        chunkArgs[2] = chunkOptions;
+        return original.apply(this, chunkArgs);
+      },
+    });
+  };
+}
+
+function wrapTelegramEditMessageText(telegram, defaults = {}) {
+  const original = telegram?.editMessageText;
+  if (typeof original !== 'function') return;
+
+  telegram.editMessageText = async function wrappedTelegramEditMessageText(...args) {
+    const text = args[3];
+    const originalOptions = args[4] || {};
+    const { telegramOptions, fallbackLocale, verbose } = splitOptions(originalOptions);
+    args[4] = telegramOptions;
+
+    if (typeof text !== 'string') return await original.apply(this, args);
+
+    return await editTelegramTextChunks({
+      text,
+      telegramOptions,
+      fallbackLocale: fallbackLocale || defaults.fallbackLocale,
+      verbose: verbose || defaults.verbose,
+      scope: 'editMessageText',
+      editChunk: (chunk, chunkOptions) => {
+        const chunkArgs = [...args];
+        chunkArgs[3] = chunk;
+        chunkArgs[4] = chunkOptions;
+        return original.apply(this, chunkArgs);
+      },
+      sendFollowUpChunk: args[0] !== undefined && args[0] !== null && typeof this.sendMessage === 'function' ? (chunk, chunkOptions) => this.sendMessage(args[0], chunk, chunkOptions) : null,
+    });
   };
 }
 
@@ -135,8 +371,8 @@ export function installTelegramFormattingFallback(telegram, options = {}) {
     verbose: Boolean(options.verbose),
   };
 
-  wrapTelegramMethod(telegram, 'sendMessage', 1, 2, defaults);
-  wrapTelegramMethod(telegram, 'editMessageText', 3, 4, defaults);
+  wrapTelegramSendMessage(telegram, defaults);
+  wrapTelegramEditMessageText(telegram, defaults);
   telegram[FORMATTING_FALLBACK_INSTALLED] = true;
   return telegram;
 }