@nextclaw/channel-plugin-feishu 0.2.16 → 0.2.18

package/src/task-task.ts

@@ -0,0 +1,172 @@
+import { Type } from "@sinclair/typebox";
+import type { OpenClawPluginApi } from "./nextclaw-sdk/feishu.js";
+import { normalizeTaskTime } from "./task-shared.js";
+import { assertLarkOk, createToolContext, handleInvokeError, json, parseTimeToTimestampMs, registerTool, StringEnum } from "./user-tool-helpers.js";
+
+const TaskSchema = Type.Union([
+  Type.Object({
+    action: Type.Literal("create"),
+    summary: Type.String(),
+    current_user_id: Type.Optional(Type.String()),
+    description: Type.Optional(Type.String()),
+    due: Type.Optional(Type.Object({ timestamp: Type.String(), is_all_day: Type.Optional(Type.Boolean()) })),
+    start: Type.Optional(Type.Object({ timestamp: Type.String(), is_all_day: Type.Optional(Type.Boolean()) })),
+    members: Type.Optional(Type.Array(Type.Object({ id: Type.String(), role: Type.Optional(StringEnum(["assignee", "follower"])) }))),
+    tasklists: Type.Optional(Type.Array(Type.Object({ tasklist_guid: Type.String(), section_guid: Type.Optional(Type.String()) }))),
+    repeat_rule: Type.Optional(Type.String()),
+  }),
+  Type.Object({ action: Type.Literal("get"), task_guid: Type.String() }),
+  Type.Object({ action: Type.Literal("list"), page_size: Type.Optional(Type.Number()), page_token: Type.Optional(Type.String()), completed: Type.Optional(Type.Boolean()) }),
+  Type.Object({
+    action: Type.Literal("patch"),
+    task_guid: Type.String(),
+    summary: Type.Optional(Type.String()),
+    description: Type.Optional(Type.String()),
+    due: Type.Optional(Type.Object({ timestamp: Type.String(), is_all_day: Type.Optional(Type.Boolean()) })),
+    start: Type.Optional(Type.Object({ timestamp: Type.String(), is_all_day: Type.Optional(Type.Boolean()) })),
+    completed_at: Type.Optional(Type.String()),
+    members: Type.Optional(Type.Array(Type.Object({ id: Type.String(), role: Type.Optional(StringEnum(["assignee", "follower"])) }))),
+    repeat_rule: Type.Optional(Type.String()),
+  }),
+]);
+
+export function registerFeishuTaskTaskTool(api: OpenClawPluginApi) {
+  const { toolClient } = createToolContext(api, "feishu_task_task");
+  registerTool(api, {
+    name: "feishu_task_task",
+    label: "Feishu Task",
+    description: "按本人身份创建、查询、列出、更新飞书任务。",
+    parameters: TaskSchema,
+    async execute(_toolCallId, params) {
+      const payload = params as {
+        action: "create" | "get" | "list" | "patch";
+        task_guid?: string;
+        summary?: string;
+        current_user_id?: string;
+        description?: string;
+        due?: { timestamp?: string; is_all_day?: boolean };
+        start?: { timestamp?: string; is_all_day?: boolean };
+        members?: Array<{ id: string; role?: string }>;
+        tasklists?: Array<{ tasklist_guid: string; section_guid?: string }>;
+        repeat_rule?: string;
+        page_size?: number;
+        page_token?: string;
+        completed?: boolean;
+        completed_at?: string;
+      };
+      try {
+        const client = toolClient();
+        if (payload.action === "create") {
+          const members = [...(payload.members ?? [])];
+          if (payload.current_user_id && !members.some((member) => member.id === payload.current_user_id)) {
+            members.push({ id: payload.current_user_id, role: "follower" });
+          }
+          const response = await client.invoke(
+            "feishu_task_task.create",
+            (sdk, opts) =>
+              sdk.task.v2.task.create(
+                {
+                  params: { user_id_type: "open_id" as never },
+                  data: {
+                    summary: payload.summary,
+                    description: payload.description,
+                    due: normalizeTaskTime(payload.due),
+                    start: normalizeTaskTime(payload.start),
+                    repeat_rule: payload.repeat_rule,
+                    members: members.length
+                      ? members.map((member) => ({
+                          id: member.id,
+                          type: "user",
+                          role: member.role ?? "assignee",
+                        }))
+                      : undefined,
+                    tasklists: payload.tasklists,
+                  },
+                },
+                opts,
+              ),
+            { as: "user" },
+          );
+          assertLarkOk(response);
+          return json({ task: (response.data as { task?: unknown } | undefined)?.task });
+        }
+        if (payload.action === "get") {
+          const response = await client.invoke(
+            "feishu_task_task.get",
+            (sdk, opts) =>
+              sdk.task.v2.task.get(
+                { path: { task_guid: payload.task_guid! }, params: { user_id_type: "open_id" as never } },
+                opts,
+              ),
+            { as: "user" },
+          );
+          assertLarkOk(response);
+          return json({ task: (response.data as { task?: unknown } | undefined)?.task });
+        }
+        if (payload.action === "list") {
+          const response = await client.invoke(
+            "feishu_task_task.list",
+            (sdk, opts) =>
+              sdk.task.v2.task.list(
+                {
+                  params: {
+                    page_size: payload.page_size,
+                    page_token: payload.page_token,
+                    completed: payload.completed,
+                    user_id_type: "open_id" as never,
+                  },
+                },
+                opts,
+              ),
+            { as: "user" },
+          );
+          assertLarkOk(response);
+          return json({
+            tasks: (response.data as { items?: unknown[] } | undefined)?.items ?? [],
+            has_more: (response.data as { has_more?: boolean } | undefined)?.has_more ?? false,
+            page_token: (response.data as { page_token?: string } | undefined)?.page_token,
+          });
+        }
+
+        const patchData: Record<string, unknown> = {};
+        if (payload.summary) patchData.summary = payload.summary;
+        if (payload.description) patchData.description = payload.description;
+        if (payload.due) patchData.due = normalizeTaskTime(payload.due);
+        if (payload.start) patchData.start = normalizeTaskTime(payload.start);
+        if (payload.repeat_rule) patchData.repeat_rule = payload.repeat_rule;
+        if (payload.completed_at !== undefined) {
+          patchData.completed_at =
+            payload.completed_at === "0"
+              ? "0"
+              : /^\d+$/.test(payload.completed_at)
+                ? payload.completed_at
+                : parseTimeToTimestampMs(payload.completed_at);
+        }
+        if (payload.members) {
+          patchData.members = payload.members.map((member) => ({
+            id: member.id,
+            type: "user",
+            role: member.role ?? "assignee",
+          }));
+        }
+        const response = await client.invoke(
+          "feishu_task_task.patch",
+          (sdk, opts) =>
+            sdk.task.v2.task.patch(
+              {
+                path: { task_guid: payload.task_guid! },
+                params: { user_id_type: "open_id" as never },
+                data: patchData,
+              },
+              opts,
+            ),
+          { as: "user" },
+        );
+        assertLarkOk(response);
+        return json({ task: (response.data as { task?: unknown } | undefined)?.task });
+      } catch (error) {
+        return handleInvokeError(error, api);
+      }
+    },
+  }, { name: "feishu_task_task" });
+}

package/src/task-tasklist.ts

@@ -0,0 +1,174 @@
+import { Type } from "@sinclair/typebox";
+import type { OpenClawPluginApi } from "./nextclaw-sdk/feishu.js";
+import { assertLarkOk, createToolContext, handleInvokeError, json, registerTool, StringEnum } from "./user-tool-helpers.js";
+
+const TasklistSchema = Type.Union([
+  Type.Object({
+    action: Type.Literal("create"),
+    name: Type.String(),
+    members: Type.Optional(
+      Type.Array(
+        Type.Object({
+          id: Type.String(),
+          role: Type.Optional(StringEnum(["editor", "viewer"])),
+        }),
+      ),
+    ),
+  }),
+  Type.Object({ action: Type.Literal("get"), tasklist_guid: Type.String() }),
+  Type.Object({ action: Type.Literal("list"), page_size: Type.Optional(Type.Number()), page_token: Type.Optional(Type.String()) }),
+  Type.Object({ action: Type.Literal("tasks"), tasklist_guid: Type.String(), page_size: Type.Optional(Type.Number()), page_token: Type.Optional(Type.String()), completed: Type.Optional(Type.Boolean()) }),
+  Type.Object({ action: Type.Literal("patch"), tasklist_guid: Type.String(), name: Type.Optional(Type.String()) }),
+  Type.Object({
+    action: Type.Literal("add_members"),
+    tasklist_guid: Type.String(),
+    members: Type.Array(
+      Type.Object({
+        id: Type.String(),
+        role: Type.Optional(StringEnum(["editor", "viewer"])),
+      }),
+    ),
+  }),
+]);
+
+export function registerFeishuTaskTasklistTool(api: OpenClawPluginApi) {
+  const { toolClient } = createToolContext(api, "feishu_task_tasklist");
+  registerTool(api, {
+    name: "feishu_task_tasklist",
+    label: "Feishu Tasklist",
+    description: "按本人身份创建、查询和管理飞书任务清单。",
+    parameters: TasklistSchema,
+    async execute(_toolCallId, params) {
+      const payload = params as {
+        action: "create" | "get" | "list" | "tasks" | "patch" | "add_members";
+        tasklist_guid?: string;
+        name?: string;
+        members?: Array<{ id: string; role?: string }>;
+        page_size?: number;
+        page_token?: string;
+        completed?: boolean;
+      };
+      try {
+        const client = toolClient();
+        if (payload.action === "create") {
+          const response = await client.invoke(
+            "feishu_task_tasklist.create",
+            (sdk, opts) =>
+              sdk.task.v2.tasklist.create(
+                {
+                  params: { user_id_type: "open_id" as never },
+                  data: {
+                    name: payload.name,
+                    members: payload.members?.map((member) => ({
+                      id: member.id,
+                      type: "user",
+                      role: member.role ?? "editor",
+                    })),
+                  },
+                },
+                opts,
+              ),
+            { as: "user" },
+          );
+          assertLarkOk(response);
+          return json({ tasklist: (response.data as { tasklist?: unknown } | undefined)?.tasklist });
+        }
+        if (payload.action === "get") {
+          const response = await client.invoke(
+            "feishu_task_tasklist.get",
+            (sdk, opts) =>
+              sdk.task.v2.tasklist.get(
+                { path: { tasklist_guid: payload.tasklist_guid! }, params: { user_id_type: "open_id" as never } },
+                opts,
+              ),
+            { as: "user" },
+          );
+          assertLarkOk(response);
+          return json({ tasklist: (response.data as { tasklist?: unknown } | undefined)?.tasklist });
+        }
+        if (payload.action === "list") {
+          const response = await client.invoke(
+            "feishu_task_tasklist.list",
+            (sdk, opts) =>
+              sdk.task.v2.tasklist.list(
+                { params: { page_size: payload.page_size, page_token: payload.page_token, user_id_type: "open_id" as never } },
+                opts,
+              ),
+            { as: "user" },
+          );
+          assertLarkOk(response);
+          return json({
+            tasklists: (response.data as { items?: unknown[] } | undefined)?.items ?? [],
+            has_more: (response.data as { has_more?: boolean } | undefined)?.has_more ?? false,
+            page_token: (response.data as { page_token?: string } | undefined)?.page_token,
+          });
+        }
+        if (payload.action === "tasks") {
+          const response = await client.invoke(
+            "feishu_task_tasklist.tasks",
+            (sdk, opts) =>
+              sdk.task.v2.tasklist.tasks(
+                {
+                  path: { tasklist_guid: payload.tasklist_guid! },
+                  params: {
+                    page_size: payload.page_size,
+                    page_token: payload.page_token,
+                    completed: payload.completed,
+                    user_id_type: "open_id" as never,
+                  },
+                },
+                opts,
+              ),
+            { as: "user" },
+          );
+          assertLarkOk(response);
+          return json({
+            tasks: (response.data as { items?: unknown[] } | undefined)?.items ?? [],
+            has_more: (response.data as { has_more?: boolean } | undefined)?.has_more ?? false,
+            page_token: (response.data as { page_token?: string } | undefined)?.page_token,
+          });
+        }
+        if (payload.action === "patch") {
+          const response = await client.invoke(
+            "feishu_task_tasklist.patch",
+            (sdk, opts) =>
+              sdk.task.v2.tasklist.patch(
+                {
+                  path: { tasklist_guid: payload.tasklist_guid! },
+                  params: { user_id_type: "open_id" as never },
+                  data: { name: payload.name },
+                },
+                opts,
+              ),
+            { as: "user" },
+          );
+          assertLarkOk(response);
+          return json({ tasklist: (response.data as { tasklist?: unknown } | undefined)?.tasklist });
+        }
+        const response = await client.invoke(
+          "feishu_task_tasklist.add_members",
+          (sdk, opts) =>
+            sdk.task.v2.tasklist.addMembers(
+              {
+                path: { tasklist_guid: payload.tasklist_guid! },
+                params: { user_id_type: "open_id" as never },
+                data: {
+                  members: (payload.members ?? []).map((member) => ({
+                    id: member.id,
+                    type: "user",
+                    role: member.role ?? "editor",
+                  })),
+                },
+              },
+              opts,
+            ),
+          { as: "user" },
+        );
+        assertLarkOk(response);
+        return json({ success: true, tasklist_guid: payload.tasklist_guid });
+      } catch (error) {
+        return handleInvokeError(error, api);
+      }
+    },
+  }, { name: "feishu_task_tasklist" });
+}

package/src/task.ts

@@ -0,0 +1,18 @@
+import type { OpenClawPluginApi } from "./nextclaw-sdk/feishu.js";
+import { listEnabledFeishuAccounts } from "./accounts.js";
+import { resolveAnyEnabledFeishuToolsConfig } from "./tool-account.js";
+import { registerFeishuTaskCommentTool } from "./task-comment.js";
+import { registerFeishuTaskSubtaskTool } from "./task-subtask.js";
+import { registerFeishuTaskTaskTool } from "./task-task.js";
+import { registerFeishuTaskTasklistTool } from "./task-tasklist.js";
+
+export function registerFeishuTaskTools(api: OpenClawPluginApi) {
+  if (!api.config) return;
+  const accounts = listEnabledFeishuAccounts(api.config);
+  if (accounts.length === 0) return;
+  if (!resolveAnyEnabledFeishuToolsConfig(accounts).task) return;
+  registerFeishuTaskTaskTool(api);
+  registerFeishuTaskTasklistTool(api);
+  registerFeishuTaskCommentTool(api);
+  registerFeishuTaskSubtaskTool(api);
+}

package/src/token-store.ts

@@ -0,0 +1,211 @@
+import { execFile as execFileCb } from "node:child_process";
+import { mkdir, unlink, readFile, writeFile, chmod } from "node:fs/promises";
+import { createCipheriv, createDecipheriv, randomBytes } from "node:crypto";
+import { homedir } from "node:os";
+import { join } from "node:path";
+import { promisify } from "node:util";
+
+const execFile = promisify(execFileCb);
+
+export type StoredUAToken = {
+  userOpenId: string;
+  appId: string;
+  accessToken: string;
+  refreshToken: string;
+  expiresAt: number;
+  refreshExpiresAt: number;
+  scope: string;
+  grantedAt: number;
+};
+
+const KEYCHAIN_SERVICE = "nextclaw-feishu-uat";
+const REFRESH_AHEAD_MS = 5 * 60 * 1000;
+
+function accountKey(appId: string, userOpenId: string): string {
+  return `${appId}:${userOpenId}`;
+}
+
+export function maskToken(token: string): string {
+  if (token.length <= 8) {
+    return "****";
+  }
+  return `****${token.slice(-4)}`;
+}
+
+type KeychainBackend = {
+  get(service: string, account: string): Promise<string | null>;
+  set(service: string, account: string, data: string): Promise<void>;
+  remove(service: string, account: string): Promise<void>;
+};
+
+const darwinBackend: KeychainBackend = {
+  async get(service, account) {
+    try {
+      const { stdout } = await execFile("security", [
+        "find-generic-password",
+        "-s",
+        service,
+        "-a",
+        account,
+        "-w",
+      ]);
+      return stdout.trim() || null;
+    } catch {
+      return null;
+    }
+  },
+
+  async set(service, account, data) {
+    try {
+      await execFile("security", ["delete-generic-password", "-s", service, "-a", account]);
+    } catch {
+      // no-op
+    }
+    await execFile("security", [
+      "add-generic-password",
+      "-s",
+      service,
+      "-a",
+      account,
+      "-w",
+      data,
+    ]);
+  },
+
+  async remove(service, account) {
+    try {
+      await execFile("security", ["delete-generic-password", "-s", service, "-a", account]);
+    } catch {
+      // no-op
+    }
+  },
+};
+
+const STORAGE_DIR = join(
+  process.platform === "win32"
+    ? process.env.LOCALAPPDATA ?? join(process.env.USERPROFILE ?? homedir(), "AppData", "Local")
+    : process.env.XDG_DATA_HOME ?? join(homedir(), ".local", "share"),
+  KEYCHAIN_SERVICE,
+);
+const MASTER_KEY_PATH = join(STORAGE_DIR, "master.key");
+const MASTER_KEY_BYTES = 32;
+const IV_BYTES = 12;
+const TAG_BYTES = 16;
+
+function safeFileName(account: string): string {
+  return account.replace(/[^a-zA-Z0-9._-]/g, "_") + ".enc";
+}
+
+async function ensureStorageDir(): Promise<void> {
+  await mkdir(STORAGE_DIR, { recursive: true, mode: 0o700 });
+}
+
+async function getMasterKey(): Promise<Buffer> {
+  try {
+    const key = await readFile(MASTER_KEY_PATH);
+    if (key.length === MASTER_KEY_BYTES) {
+      return key;
+    }
+  } catch {
+    // ignore
+  }
+
+  await ensureStorageDir();
+  const key = randomBytes(MASTER_KEY_BYTES);
+  await writeFile(MASTER_KEY_PATH, key, { mode: 0o600 });
+  if (process.platform !== "win32") {
+    await chmod(MASTER_KEY_PATH, 0o600);
+  }
+  return key;
+}
+
+function encryptData(plaintext: string, key: Buffer): Buffer {
+  const iv = randomBytes(IV_BYTES);
+  const cipher = createCipheriv("aes-256-gcm", key, iv);
+  const encrypted = Buffer.concat([cipher.update(plaintext, "utf8"), cipher.final()]);
+  return Buffer.concat([iv, cipher.getAuthTag(), encrypted]);
+}
+
+function decryptData(data: Buffer, key: Buffer): string | null {
+  if (data.length < IV_BYTES + TAG_BYTES) {
+    return null;
+  }
+  try {
+    const iv = data.subarray(0, IV_BYTES);
+    const tag = data.subarray(IV_BYTES, IV_BYTES + TAG_BYTES);
+    const encrypted = data.subarray(IV_BYTES + TAG_BYTES);
+    const decipher = createDecipheriv("aes-256-gcm", key, iv);
+    decipher.setAuthTag(tag);
+    return Buffer.concat([decipher.update(encrypted), decipher.final()]).toString("utf8");
+  } catch {
+    return null;
+  }
+}
+
+const encryptedFileBackend: KeychainBackend = {
+  async get(_service, account) {
+    try {
+      const key = await getMasterKey();
+      const data = await readFile(join(STORAGE_DIR, safeFileName(account)));
+      return decryptData(data, key);
+    } catch {
+      return null;
+    }
+  },
+
+  async set(_service, account, data) {
+    const key = await getMasterKey();
+    await ensureStorageDir();
+    const filePath = join(STORAGE_DIR, safeFileName(account));
+    const encrypted = encryptData(data, key);
+    await writeFile(filePath, encrypted, { mode: 0o600 });
+    if (process.platform !== "win32") {
+      await chmod(filePath, 0o600);
+    }
+  },
+
+  async remove(_service, account) {
+    try {
+      await unlink(join(STORAGE_DIR, safeFileName(account)));
+    } catch {
+      // no-op
+    }
+  },
+};
+
+const backend =
+  process.platform === "darwin"
+    ? darwinBackend
+    : encryptedFileBackend;
+
+export async function getStoredToken(
+  appId: string,
+  userOpenId: string,
+): Promise<StoredUAToken | null> {
+  try {
+    const json = await backend.get(KEYCHAIN_SERVICE, accountKey(appId, userOpenId));
+    return json ? (JSON.parse(json) as StoredUAToken) : null;
+  } catch {
+    return null;
+  }
+}
+
+export async function setStoredToken(token: StoredUAToken): Promise<void> {
+  const payload = JSON.stringify(token);
+  await backend.set(KEYCHAIN_SERVICE, accountKey(token.appId, token.userOpenId), payload);
+}
+
+export async function removeStoredToken(appId: string, userOpenId: string): Promise<void> {
+  await backend.remove(KEYCHAIN_SERVICE, accountKey(appId, userOpenId));
+}
+
+export function tokenStatus(token: StoredUAToken): "valid" | "needs_refresh" | "expired" {
+  const now = Date.now();
+  if (now < token.expiresAt - REFRESH_AHEAD_MS) {
+    return "valid";
+  }
+  if (now < token.refreshExpiresAt) {
+    return "needs_refresh";
+  }
+  return "expired";
+}

package/src/tool-account-routing.test.ts

@@ -2,6 +2,7 @@ import type { OpenClawPluginApi } from "./nextclaw-sdk/feishu.js";
 import { beforeEach, describe, expect, test, vi } from "vitest";
 import { registerFeishuBitableTools } from "./bitable.js";
 import { registerFeishuDriveTools } from "./drive.js";
+import { withTicket } from "./lark-ticket.js";
 import { registerFeishuPermTools } from "./perm.js";
 import { createToolFactoryHarness } from "./tool-factory-test-harness.js";
 import { registerFeishuWikiTools } from "./wiki.js";
@@ -126,4 +127,22 @@ describe("feishu tool account routing", () => {
     expect(createFeishuClientMock.mock.calls[0]?.[0]?.appId).toBe("app-b");
     expect(createFeishuClientMock.mock.calls[1]?.[0]?.appId).toBe("app-a");
   });
+
+  test("ticket account id overrides inherited tool account selection", async () => {
+    const { api, resolveTool } = createToolFactoryHarness(createConfig({}));
+    registerFeishuBitableTools(api);
+
+    const tool = resolveTool("feishu_bitable_get_meta");
+    await withTicket(
+      {
+        accountId: "b",
+        chatId: "oc_test",
+        messageId: "om_test",
+        startTime: Date.now(),
+      },
+      () => tool.execute("call-ticket", { url: "invalid-url" }),
+    );
+
+    expect(createFeishuClientMock.mock.calls.at(-1)?.[0]?.appId).toBe("app-b");
+  });
 });

package/src/tool-account.ts

@@ -2,6 +2,7 @@ import type * as Lark from "@larksuiteoapi/node-sdk";
 import type { OpenClawPluginApi } from "./nextclaw-sdk/feishu.js";
 import { resolveFeishuAccount } from "./accounts.js";
 import { createFeishuClient } from "./client.js";
+import { getTicket } from "./lark-ticket.js";
 import { resolveToolsConfig } from "./tools-config.js";
 import type { FeishuToolsConfig, ResolvedFeishuAccount } from "./types.js";
 
@@ -21,6 +22,10 @@ function readConfiguredDefaultAccountId(config: OpenClawPluginApi["config"]): st
   return normalizeOptionalAccountId(value);
 }
 
+function readTicketAccountId(): string | undefined {
+  return normalizeOptionalAccountId(getTicket()?.accountId);
+}
+
 export function resolveFeishuToolAccount(params: {
   api: Pick<OpenClawPluginApi, "config">;
   executeParams?: AccountAwareParams;
@@ -33,6 +38,7 @@ export function resolveFeishuToolAccount(params: {
     cfg: params.api.config,
     accountId:
       normalizeOptionalAccountId(params.executeParams?.accountId) ??
+      readTicketAccountId() ??
       readConfiguredDefaultAccountId(params.api.config) ??
       normalizeOptionalAccountId(params.defaultAccountId),
   });
@@ -56,6 +62,11 @@ export function resolveAnyEnabledFeishuToolsConfig(
     drive: false,
     perm: false,
     scopes: false,
+    calendar: false,
+    task: false,
+    sheets: false,
+    oauth: false,
+    identity: false,
   };
   for (const account of accounts) {
     const cfg = resolveToolsConfig(account.config.tools);
@@ -65,6 +76,11 @@ export function resolveAnyEnabledFeishuToolsConfig(
     merged.drive = merged.drive || cfg.drive;
     merged.perm = merged.perm || cfg.perm;
     merged.scopes = merged.scopes || cfg.scopes;
+    merged.calendar = merged.calendar || cfg.calendar;
+    merged.task = merged.task || cfg.task;
+    merged.sheets = merged.sheets || cfg.sheets;
+    merged.oauth = merged.oauth || cfg.oauth;
+    merged.identity = merged.identity || cfg.identity;
   }
   return merged;
 }