@omnizap-system/omnizap 2.6.0 → 2.6.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.env.example +4 -4
- package/.github/workflows/ci.yml +2 -2
- package/.github/workflows/codeql.yml +1 -1
- package/.github/workflows/db-migration-check.yml +2 -2
- package/.github/workflows/dependency-review.yml +1 -1
- package/.github/workflows/deploy.yml +2 -2
- package/.github/workflows/release.yml +2 -2
- package/.github/workflows/security-attest-provenance.yml +2 -2
- package/.github/workflows/security-gitleaks.yml +13 -4
- package/.github/workflows/security-runner-hardening.yml +1 -1
- package/.github/workflows/security-scorecard.yml +1 -1
- package/.github/workflows/security-zap-baseline.yml +1 -1
- package/.github/workflows/security-zap-full-scan.yml +1 -1
- package/.github/workflows/security-zizmor.yml +1 -1
- package/.github/workflows/wiki-sync.yml +1 -1
- package/.gitleaksignore +9 -0
- package/CODE_OF_CONDUCT.md +2 -2
- package/GEMINI.md +64 -0
- package/README.md +52 -82
- package/SECURITY.md +1 -1
- package/app/configParts/baileysConfig.js +4 -3
- package/app/configParts/messagePersistenceService.js +2 -1
- package/app/connection/socketController.js +36 -35
- package/app/controllers/messageProcessingPipeline.js +5 -4
- package/app/modules/adminModule/groupCommandHandlers.js +2 -1
- package/app/modules/adminModule/groupCommandHandlers.test.js +3 -2
- package/app/modules/aiModule/catCommand.js +3 -2
- package/app/modules/playModule/commandConfig.json +82 -12
- package/app/modules/playModule/local/installYtDlp.js +25 -0
- package/app/modules/playModule/local/ytDlpInstaller.js +28 -0
- package/app/modules/playModule/playCommand.js +1 -1417
- package/app/modules/playModule/playCommandConstants.js +74 -0
- package/app/modules/playModule/playCommandCore.js +363 -0
- package/app/modules/playModule/playCommandHandlers.js +41 -0
- package/app/modules/playModule/playCommandYtDlpClient.js +1520 -0
- package/app/modules/playModule/playConfigRuntime.js +246 -4
- package/app/modules/playModule/playModuleCriticalFlows.test.js +167 -0
- package/app/modules/quoteModule/quoteCommand.js +3 -2
- package/app/modules/rpgPokemonModule/rpgBattleCanvasRenderer.js +5 -4
- package/app/modules/rpgPokemonModule/rpgBattleService.test.js +2 -1
- package/app/modules/rpgPokemonModule/rpgPokemonDomain.js +2 -1
- package/app/modules/rpgPokemonModule/rpgPokemonService.js +38 -37
- package/app/modules/rpgPokemonModule/rpgProfileCanvasRenderer.js +4 -3
- package/app/modules/statsModule/rankingCommon.js +5 -4
- package/app/modules/stickerModule/addStickerMetadata.js +4 -3
- package/app/modules/stickerModule/stickerCommand.js +1 -1
- package/app/modules/stickerPackModule/semanticThemeClusterService.js +7 -6
- package/app/modules/stickerPackModule/stickerAutoPackByTagsRuntime.js +9 -8
- package/app/modules/stickerPackModule/stickerClassificationBackgroundRuntime.js +9 -8
- package/app/modules/stickerPackModule/stickerDomainEventConsumerRuntime.js +3 -2
- package/app/modules/stickerPackModule/stickerMarketplaceDriftService.js +2 -1
- package/app/modules/stickerPackModule/stickerPackCommandHandlers.js +2 -1
- package/app/modules/stickerPackModule/stickerPackMarketplaceService.js +2 -1
- package/app/modules/stickerPackModule/stickerPackRepository.js +2 -1
- package/app/modules/stickerPackModule/stickerPackScoreSnapshotRuntime.js +5 -4
- package/app/modules/stickerPackModule/stickerStorageService.js +3 -2
- package/app/modules/stickerPackModule/stickerWorkerPipelineRuntime.js +2 -1
- package/app/modules/systemMetricsModule/pingCommand.js +6 -5
- package/app/modules/tiktokModule/tiktokCommand.js +2 -1
- package/app/modules/userModule/userCommand.js +72 -23
- package/app/modules/waifuPicsModule/waifuPicsCommand.js +3 -2
- package/app/services/ai/conversationRouterService.js +4 -3
- package/app/services/ai/geminiService.js +1 -0
- package/app/services/ai/globalModuleAiHelpService.js +3 -2
- package/app/services/ai/messageCommandExecutionService.js +2 -1
- package/app/services/ai/moduleAiHelpCoreService.js +12 -10
- package/app/services/ai/moduleToolExecutorService.js +3 -2
- package/app/services/ai/moduleToolRegistryService.js +2 -1
- package/app/services/ai/toolCandidateSelectorService.js +6 -5
- package/app/services/auth/googleWebLinkService.js +3 -2
- package/app/services/auth/whatsappLoginLinkService.js +3 -2
- package/app/services/external/pokeApiService.js +4 -3
- package/app/services/infra/dbWriteQueue.js +6 -5
- package/app/services/infra/featureFlagService.js +2 -1
- package/app/services/messaging/captchaService.js +3 -2
- package/app/services/messaging/newsBroadcastService.js +3 -2
- package/app/services/sticker/stickerFocusService.js +11 -10
- package/app/store/conversationSessionStore.js +7 -6
- package/app/workers/aiLearningWorker.js +6 -5
- package/app/workers/commandConfigEnrichmentWorker.js +4 -3
- package/database/index.js +8 -8
- package/docs/compliance/dpa-b2b-standard-2026-03-07.md +1 -1
- package/docs/compliance/privacy-policy-2026-03-07.md +2 -2
- package/docs/security/incident-response-lgpd-anpd-runbook-2026-03-07.md +1 -1
- package/docs/wiki/Home.md +1 -1
- package/ecosystem.prod.config.cjs +1 -1
- package/index.js +5 -5
- package/package.json +11 -4
- package/public/apple-touch-icon.png +0 -0
- package/public/comandos/commands-catalog.json +641 -3289
- package/public/favicon-16x16.png +0 -0
- package/public/favicon-32x32.png +0 -0
- package/public/favicon.ico +0 -0
- package/public/js/apps/apiDocsApp.js +3 -2
- package/public/js/apps/commandsReactApp.js +31 -30
- package/public/js/apps/createPackApp.js +8 -7
- package/public/js/apps/homeReactApp.js +181 -130
- package/public/js/apps/loginReactApp.js +1 -1
- package/public/js/apps/stickersApp.js +8 -7
- package/public/js/apps/termsReactApp.js +16 -16
- package/public/js/apps/userApp.js +4 -3
- package/public/js/apps/userReactApp.js +289 -263
- package/public/pages/api-docs.html +1 -1
- package/public/pages/aup.html +2 -2
- package/public/pages/dpa.html +3 -3
- package/public/pages/licenca.html +4 -4
- package/public/pages/login.html +1 -1
- package/public/pages/notice-and-takedown.html +2 -2
- package/public/pages/politica-de-privacidade.html +5 -5
- package/public/pages/seo-bot-whatsapp-para-grupo.html +3 -3
- package/public/pages/seo-bot-whatsapp-sem-programar.html +3 -3
- package/public/pages/seo-como-automatizar-avisos-no-whatsapp.html +3 -3
- package/public/pages/seo-como-criar-comandos-whatsapp.html +3 -3
- package/public/pages/seo-como-evitar-spam-no-whatsapp.html +3 -3
- package/public/pages/seo-como-moderar-grupo-whatsapp.html +3 -3
- package/public/pages/seo-como-organizar-comunidade-whatsapp.html +3 -3
- package/public/pages/seo-melhor-bot-whatsapp-para-grupos.html +3 -3
- package/public/pages/stickers-admin.html +1 -1
- package/public/pages/stickers-create.html +1 -1
- package/public/pages/stickers.html +1 -1
- package/public/pages/suboperadores.html +2 -2
- package/public/pages/termos-de-uso-texto-integral.html +5 -5
- package/public/pages/termos-de-uso.html +2 -2
- package/public/pages/user-password-reset.html +1 -1
- package/public/pages/user-systemadm.html +3 -3
- package/public/pages/user.html +1 -1
- package/scripts/deploy.sh +1 -1
- package/scripts/email-broadcast-terms-update.mjs +2 -1
- package/scripts/generate-commands-catalog.mjs +11 -2
- package/scripts/generate-module-agents.mjs +2 -1
- package/scripts/generate-seo-satellite-pages.mjs +5 -4
- package/scripts/github-deploy-notify.mjs +2 -1
- package/scripts/github-release-notify.mjs +25 -10
- package/scripts/release.sh +2 -19
- package/scripts/security-smoketest.mjs +6 -5
- package/scripts/sticker-catalog-loadtest.mjs +5 -4
- package/server/auth/googleWebAuth/googleWebAuthService.js +8 -7
- package/server/auth/jwt/webJwtService.js +1 -1
- package/server/auth/stickerCatalogAuthContext.js +2 -1
- package/server/auth/termsAcceptance/termsAcceptanceHandler.js +2 -1
- package/server/auth/userPassword/userPasswordAuthService.js +2 -1
- package/server/auth/userPassword/userPasswordRecoveryService.js +4 -3
- package/server/auth/webAccount/webAccountHandlers.js +9 -10
- package/server/controllers/admin/adminPanelHandlers.js +14 -13
- package/server/controllers/seo/stickerCatalogSeoContext.js +10 -9
- package/server/controllers/sticker/nonCatalogHandlers.js +2 -1
- package/server/controllers/sticker/stickerCatalogController.js +14 -13
- package/server/controllers/system/githubController.js +3 -2
- package/server/controllers/system/stickerCatalogSystemContext.js +14 -13
- package/server/controllers/system/systemMetricsController.js +2 -1
- package/server/email/emailTemplateService.js +2 -1
- package/server/http/httpServer.js +3 -2
- package/server/middleware/rateLimit.js +2 -1
- package/utils/time/timeModule.js +135 -0
- package/utils/time/timeModule.test.js +65 -0
- package/vite.config.mjs +5 -0
- package/public/assets/images/brand-icon-192.png +0 -0
- package/scripts/sync-readme-snapshot.mjs +0 -133
package/.env.example
CHANGED
|
@@ -37,7 +37,7 @@ GEMINI_API_KEY=
|
|
|
37
37
|
GEMINI_API_BASE_URL=https://generativelanguage.googleapis.com/v1beta
|
|
38
38
|
OWNER_NUMBER=5511999999999
|
|
39
39
|
PHONE_NUMBER=
|
|
40
|
-
PM2_APP_NAME=omnizap
|
|
40
|
+
PM2_APP_NAME=omnizap
|
|
41
41
|
SITE_ORIGIN=https://omnizap.shop
|
|
42
42
|
STICKER_API_BASE_PATH=/api/sticker-packs
|
|
43
43
|
USER_API_BASE_PATH=/api
|
|
@@ -282,7 +282,7 @@ LEGAL_TERMS_ACCEPTANCE_SOURCE=login_web
|
|
|
282
282
|
WEB_AUTH_JWT_AUDIENCE=omnizap-web
|
|
283
283
|
WEB_AUTH_JWT_DISABLED=false
|
|
284
284
|
WEB_AUTH_JWT_EXPIRES_IN=7d
|
|
285
|
-
WEB_AUTH_JWT_ISSUER=omnizap
|
|
285
|
+
WEB_AUTH_JWT_ISSUER=omnizap
|
|
286
286
|
WEB_AUTH_JWT_SECRET=
|
|
287
287
|
WEB_PASSWORD_RECOVERY_SESSION_TTL_SECONDS=900
|
|
288
288
|
WEB_USER_PASSWORD_PEPPER_SECRET=
|
|
@@ -388,7 +388,7 @@ POKEAPI_LORE_LANGS=pt-br,pt,en
|
|
|
388
388
|
POKEAPI_RETRY_ATTEMPTS=2
|
|
389
389
|
POKEAPI_RETRY_BASE_DELAY_MS=350
|
|
390
390
|
POKEAPI_TIMEOUT_MS=10000
|
|
391
|
-
POKEAPI_USER_AGENT=omnizap
|
|
391
|
+
POKEAPI_USER_AGENT=omnizap/2.1 (+https://github.com/Omnizap-System/omnizap)
|
|
392
392
|
QUOTE_API_URL=https://bot.lyo.su/quote/generate.png
|
|
393
393
|
QUOTE_BG_COLOR="#144d37"
|
|
394
394
|
QUOTE_EMOJI_BASE_URL=https://raw.githubusercontent.com/googlefonts/noto-emoji/main/png/128
|
|
@@ -752,7 +752,7 @@ DEPLOY_PACKAGE_STEP=0
|
|
|
752
752
|
DEPLOY_PACKAGE_TAG=latest
|
|
753
753
|
DEPLOY_PACKAGE_TEST=0
|
|
754
754
|
DEPLOY_PACKAGE_TOKEN=
|
|
755
|
-
DEPLOY_PM2_APP_NAME=omnizap-
|
|
755
|
+
DEPLOY_PM2_APP_NAME=omnizap-production
|
|
756
756
|
DEPLOY_BACKEND_CACHE_BUST_ENABLED=1
|
|
757
757
|
DEPLOY_BACKEND_BUILD_ID_ENV=OMNIZAP_BUILD_ID
|
|
758
758
|
DEPLOY_BACKEND_BUILD_ID_VALUE=
|
package/.github/workflows/ci.yml
CHANGED
|
@@ -39,12 +39,12 @@ jobs:
|
|
|
39
39
|
DB_POOL_LIMIT: 5
|
|
40
40
|
steps:
|
|
41
41
|
- name: Checkout
|
|
42
|
-
uses: actions/checkout@
|
|
42
|
+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
|
|
43
43
|
with:
|
|
44
44
|
persist-credentials: false
|
|
45
45
|
|
|
46
46
|
- name: Setup Node.js
|
|
47
|
-
uses: actions/setup-node@
|
|
47
|
+
uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f
|
|
48
48
|
with:
|
|
49
49
|
node-version: 20
|
|
50
50
|
cache: npm
|
|
@@ -59,7 +59,7 @@ jobs:
|
|
|
59
59
|
# your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
|
|
60
60
|
steps:
|
|
61
61
|
- name: Checkout repository
|
|
62
|
-
uses: actions/checkout@
|
|
62
|
+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
|
|
63
63
|
with:
|
|
64
64
|
persist-credentials: false
|
|
65
65
|
|
|
@@ -40,12 +40,12 @@ jobs:
|
|
|
40
40
|
DB_POOL_LIMIT: 5
|
|
41
41
|
steps:
|
|
42
42
|
- name: Checkout
|
|
43
|
-
uses: actions/checkout@
|
|
43
|
+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
|
|
44
44
|
with:
|
|
45
45
|
persist-credentials: false
|
|
46
46
|
|
|
47
47
|
- name: Setup Node.js
|
|
48
|
-
uses: actions/setup-node@
|
|
48
|
+
uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f
|
|
49
49
|
with:
|
|
50
50
|
node-version: 20
|
|
51
51
|
cache: npm
|
|
@@ -59,13 +59,13 @@ jobs:
|
|
|
59
59
|
packages: write
|
|
60
60
|
steps:
|
|
61
61
|
- name: Checkout
|
|
62
|
-
uses: actions/checkout@
|
|
62
|
+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
|
|
63
63
|
with:
|
|
64
64
|
fetch-depth: 0
|
|
65
65
|
persist-credentials: false
|
|
66
66
|
|
|
67
67
|
- name: Setup Node.js
|
|
68
|
-
uses: actions/setup-node@
|
|
68
|
+
uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f
|
|
69
69
|
with:
|
|
70
70
|
node-version: 20
|
|
71
71
|
cache: npm
|
|
@@ -63,13 +63,13 @@ jobs:
|
|
|
63
63
|
packages: write
|
|
64
64
|
steps:
|
|
65
65
|
- name: Checkout
|
|
66
|
-
uses: actions/checkout@
|
|
66
|
+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
|
|
67
67
|
with:
|
|
68
68
|
fetch-depth: 0
|
|
69
69
|
persist-credentials: false
|
|
70
70
|
|
|
71
71
|
- name: Setup Node.js
|
|
72
|
-
uses: actions/setup-node@
|
|
72
|
+
uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f
|
|
73
73
|
with:
|
|
74
74
|
node-version: 20
|
|
75
75
|
cache: npm
|
|
@@ -24,12 +24,12 @@ jobs:
|
|
|
24
24
|
id-token: write
|
|
25
25
|
steps:
|
|
26
26
|
- name: Checkout
|
|
27
|
-
uses: actions/checkout@
|
|
27
|
+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
|
|
28
28
|
with:
|
|
29
29
|
persist-credentials: false
|
|
30
30
|
|
|
31
31
|
- name: Setup Node.js
|
|
32
|
-
uses: actions/setup-node@
|
|
32
|
+
uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f
|
|
33
33
|
with:
|
|
34
34
|
node-version: 20
|
|
35
35
|
|
|
@@ -21,14 +21,23 @@ jobs:
|
|
|
21
21
|
name: Secret Leak Scan
|
|
22
22
|
runs-on: ubuntu-latest
|
|
23
23
|
timeout-minutes: 20
|
|
24
|
+
permissions:
|
|
25
|
+
contents: read
|
|
26
|
+
security-events: write
|
|
24
27
|
steps:
|
|
25
28
|
- name: Checkout
|
|
26
|
-
uses: actions/checkout@
|
|
29
|
+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
|
|
27
30
|
with:
|
|
28
31
|
fetch-depth: 0
|
|
29
32
|
persist-credentials: false
|
|
30
33
|
|
|
31
34
|
- name: Run Gitleaks
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
+
run: |
|
|
36
|
+
docker run --rm -v "$PWD":/repo -w /repo zricethezav/gitleaks:v8.25.1 \
|
|
37
|
+
git --config .gitleaks.toml --redact --verbose --report-format sarif --report-path gitleaks.sarif --exit-code 0
|
|
38
|
+
|
|
39
|
+
- name: Upload SARIF
|
|
40
|
+
if: always()
|
|
41
|
+
uses: github/codeql-action/upload-sarif@0d579ffd059c29b07949a3cce3983f0780820c98
|
|
42
|
+
with:
|
|
43
|
+
sarif_file: gitleaks.sarif
|
|
@@ -30,7 +30,7 @@ jobs:
|
|
|
30
30
|
TARGET_URL: ${{ inputs.target_url || vars.SECURITY_SCAN_TARGET_URL || 'https://omnizap.shop/' }}
|
|
31
31
|
steps:
|
|
32
32
|
- name: Checkout
|
|
33
|
-
uses: actions/checkout@
|
|
33
|
+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
|
|
34
34
|
with:
|
|
35
35
|
persist-credentials: false
|
|
36
36
|
|
|
@@ -30,7 +30,7 @@ jobs:
|
|
|
30
30
|
TARGET_URL: ${{ inputs.target_url || vars.SECURITY_SCAN_TARGET_URL || 'https://omnizap.shop/' }}
|
|
31
31
|
steps:
|
|
32
32
|
- name: Checkout
|
|
33
|
-
uses: actions/checkout@
|
|
33
|
+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
|
|
34
34
|
with:
|
|
35
35
|
persist-credentials: false
|
|
36
36
|
|
package/.gitleaksignore
ADDED
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
# Known false positives for migration identifiers and sanitized message fixtures.
|
|
2
|
+
# Fingerprints are stable by commit:path:rule:line.
|
|
3
|
+
7f8d845f120ccb0edb82a8b2f8f813aadb48a180:database/migrations/20260307_d0_hardening_down.sql:generic-api-key:5
|
|
4
|
+
7f8d845f120ccb0edb82a8b2f8f813aadb48a180:database/migrations/20260307_d0_hardening_up.sql:generic-api-key:6
|
|
5
|
+
7f8d845f120ccb0edb82a8b2f8f813aadb48a180:docs/database/production-db-evolution-runbook-2026q1.md:generic-api-key:55
|
|
6
|
+
698dcd6f1c07af00cd91871128e1ed99f36ed9ff:temp/messages.json:generic-api-key:16
|
|
7
|
+
698dcd6f1c07af00cd91871128e1ed99f36ed9ff:temp/messages.json:generic-api-key:24
|
|
8
|
+
698dcd6f1c07af00cd91871128e1ed99f36ed9ff:temp/messages.json:generic-api-key:43
|
|
9
|
+
698dcd6f1c07af00cd91871128e1ed99f36ed9ff:temp/messages.json:generic-api-key:79
|
package/CODE_OF_CONDUCT.md
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
## Nosso compromisso
|
|
4
4
|
|
|
5
|
-
Nós, contribuidores e mantenedores do
|
|
5
|
+
Nós, contribuidores e mantenedores do Omnizap, assumimos o compromisso de manter a participação na comunidade livre de assédio para todas as pessoas, independentemente de idade, tipo corporal, deficiência (visível ou não), etnia, características sexuais, identidade e expressão de gênero, nível de experiência, escolaridade, condição socioeconômica, nacionalidade, aparência pessoal, religião ou identidade/orientação sexual.
|
|
6
6
|
|
|
7
7
|
Nós nos comprometemos a agir e interagir de forma a promover uma comunidade aberta, acolhedora, diversa, inclusiva e saudável.
|
|
8
8
|
|
|
@@ -51,7 +51,7 @@ Este Código de Conduta se aplica a todos os espaços oficiais do projeto, inclu
|
|
|
51
51
|
- Canais de comunicação relacionados ao projeto.
|
|
52
52
|
- Interações em nome do projeto em espaços públicos.
|
|
53
53
|
|
|
54
|
-
Também se aplica quando uma pessoa representa oficialmente o projeto, por exemplo, ao usar conta oficial, atuar como mantenedor(a) ou participar de eventos em nome do
|
|
54
|
+
Também se aplica quando uma pessoa representa oficialmente o projeto, por exemplo, ao usar conta oficial, atuar como mantenedor(a) ou participar de eventos em nome do Omnizap.
|
|
55
55
|
|
|
56
56
|
## Responsabilidade de aplicação
|
|
57
57
|
|
package/GEMINI.md
ADDED
|
@@ -0,0 +1,64 @@
|
|
|
1
|
+
# Omnizap - GEMINI.md
|
|
2
|
+
|
|
3
|
+
Este arquivo fornece contexto e diretrizes para o Gemini CLI operar com segurança e eficiência no projeto **Omnizap**.
|
|
4
|
+
|
|
5
|
+
## Visão Geral do Projeto
|
|
6
|
+
|
|
7
|
+
O **Omnizap** é um sistema profissional de automação para WhatsApp, integrando um bot robusto, painel web de gerenciamento, catálogo de figurinhas (stickers) com classificação por IA e um sistema de RPG (Pokemon) integrado.
|
|
8
|
+
|
|
9
|
+
- **Arquitetura:** Monolito modular em Node.js (ESM).
|
|
10
|
+
- **Core Engine:** `@whiskeysockets/baileys` para conectividade WhatsApp.
|
|
11
|
+
- **Backend:** Servidor HTTP customizado (Node.js nativo + roteamento modular), MySQL para persistência.
|
|
12
|
+
- **Frontend:** Single Page Applications (SPAs) em React, estilizadas com TailwindCSS e DaisyUI.
|
|
13
|
+
- **Observabilidade:** Métricas via Prometheus, logs estruturados com `pino`.
|
|
14
|
+
- **IA:** Integração com Gemini e OpenAI para suporte, classificação de stickers e aprendizado de padrões.
|
|
15
|
+
|
|
16
|
+
## Estrutura do Repositório
|
|
17
|
+
|
|
18
|
+
- `index.js`: Ponto de entrada (bootstrap) que inicializa banco, servidor HTTP e conexão WhatsApp.
|
|
19
|
+
- `app/`: Lógica de domínio do bot e serviços.
|
|
20
|
+
- `connection/`: Gerenciamento do socket Baileys e estado de autenticação.
|
|
21
|
+
- `controllers/`: Pipeline de processamento de mensagens.
|
|
22
|
+
- `modules/`: Módulos funcionais (AI, RPG, StickerPack, Admin, etc.).
|
|
23
|
+
- `services/`: Serviços de infraestrutura e integração externa.
|
|
24
|
+
- `server/`: Servidor HTTP, rotas, middlewares e controladores de API.
|
|
25
|
+
- `database/`: Schema consolidado (`schema.sql`) e script de inicialização (`init.js`).
|
|
26
|
+
- `public/`: Código-fonte do frontend (React) e assets estáticos.
|
|
27
|
+
- `scripts/`: Utilitários para build, deploy, release e tarefas de background.
|
|
28
|
+
- `docs/`: Documentação técnica, manuais de operação e conformidade.
|
|
29
|
+
|
|
30
|
+
## Comandos Principais
|
|
31
|
+
|
|
32
|
+
### Desenvolvimento
|
|
33
|
+
|
|
34
|
+
- `npm install`: Instala as dependências.
|
|
35
|
+
- `cp .env.example .env`: Configura as variáveis de ambiente necessárias.
|
|
36
|
+
- `npm run db:init`: Inicializa o banco de dados MySQL e aplica o schema.
|
|
37
|
+
- `npm run dev`: Inicia o sistema em modo de desenvolvimento.
|
|
38
|
+
|
|
39
|
+
### Build e Qualidade
|
|
40
|
+
|
|
41
|
+
- `npm run build:frontend`: Gera os bundles de produção para o frontend (CSS + JS via Vite).
|
|
42
|
+
- `npm run check`: Executa linting, testes e checagem de formatação.
|
|
43
|
+
- `npm test`: Roda a suíte de testes (Node.js native test runner).
|
|
44
|
+
- `npm run lint`: Executa o ESLint.
|
|
45
|
+
- `npm run format`: Aplica a formatação do Prettier.
|
|
46
|
+
|
|
47
|
+
### Segurança e Manutenção
|
|
48
|
+
|
|
49
|
+
- `npm run security:audit`: Executa auditoria de dependências (`npm audit`).
|
|
50
|
+
- `npm run security:codeql`: Roda análise estática localmente.
|
|
51
|
+
- `npm run catalog:commands`: Gera o catálogo de comandos para os módulos.
|
|
52
|
+
|
|
53
|
+
## Convenções de Desenvolvimento
|
|
54
|
+
|
|
55
|
+
- **Módulos:** Utilize estritamente ES Modules (`import`/`export`).
|
|
56
|
+
- **Imports:** Use subpath imports definidos no `package.json` (`#logger`, `#time`).
|
|
57
|
+
- **Logging:** Utilize o módulo `#logger` (Pino) para logs estruturados. Evite `console.log`.
|
|
58
|
+
- **Banco de Dados:** Utilize o pool de conexões do MySQL em `database/index.js`. Novos campos devem ser refletidos no `database/schema.sql`.
|
|
59
|
+
- **Frontend:** Novos componentes devem seguir o padrão React + TailwindCSS.
|
|
60
|
+
- **Segurança:** Nunca exponha segredos ou dados sensíveis em logs ou no código. Use variáveis de ambiente.
|
|
61
|
+
|
|
62
|
+
## Observações de Segurança
|
|
63
|
+
|
|
64
|
+
O projeto possui fluxos de CI para CodeQL e Gitleaks. Auditorias de dependência devem ser realizadas regularmente. O sistema utiliza `helmet` e `express-rate-limit` (no backend) para proteção contra ataques comuns.
|
package/README.md
CHANGED
|
@@ -1,6 +1,8 @@
|
|
|
1
|
-
<img width="1318" height="352" alt="OmniZap banner" src="https://
|
|
1
|
+
<img width="1318" height="352" alt="OmniZap banner" src="https://iili.io/qlAYvSf.png" />
|
|
2
2
|
|
|
3
|
-
#
|
|
3
|
+
# Omnizap
|
|
4
|
+
|
|
5
|
+
Projeto principal da organizacao **Omnizap**, focado em automacao para WhatsApp com bot, painel web, catalogo de figurinhas e operacao em producao.
|
|
4
6
|
|
|
5
7
|
[](https://github.com/Omnizap-System/omnizap/actions/workflows/ci.yml)
|
|
6
8
|
[](https://github.com/Omnizap-System/omnizap/actions/workflows/codeql.yml)
|
|
@@ -8,103 +10,71 @@
|
|
|
8
10
|
[](./LICENSE)
|
|
9
11
|
[](https://nodejs.org/)
|
|
10
12
|
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
---
|
|
14
|
-
|
|
15
|
-
## 🚀 Links Rápidos
|
|
16
|
-
|
|
17
|
-
- **Site Oficial:** [omnizap.shop](https://omnizap.shop/)
|
|
18
|
-
- **Documentação da API:** [/api-docs/](https://omnizap.shop/api-docs/)
|
|
19
|
-
- **Painel do Usuário:** [/user/](https://omnizap.shop/user/)
|
|
20
|
-
- **Catálogo de Figurinha:** [/stickers/](https://omnizap.shop/stickers/)
|
|
21
|
-
- **Wiki do Projeto:** [GitHub Wiki](https://github.com/Omnizap-System/omnizap/wiki)
|
|
22
|
-
|
|
23
|
-
---
|
|
24
|
-
|
|
25
|
-
## 🛠️ Quick Start (Local)
|
|
26
|
-
|
|
27
|
-
1. **Instalar dependências:**
|
|
28
|
-
|
|
29
|
-
```bash
|
|
30
|
-
npm install
|
|
31
|
-
```
|
|
32
|
-
|
|
33
|
-
2. **Configurar Ambiente:**
|
|
34
|
-
|
|
35
|
-
```bash
|
|
36
|
-
cp .env.example .env
|
|
37
|
-
# Edite o .env com suas credenciais MySQL e segredos JWT
|
|
38
|
-
```
|
|
39
|
-
|
|
40
|
-
3. **Inicializar Banco e Frontend:**
|
|
41
|
-
|
|
42
|
-
```bash
|
|
43
|
-
npm run db:init
|
|
44
|
-
npm run build:frontend
|
|
45
|
-
```
|
|
46
|
-
|
|
47
|
-
4. **Rodar:**
|
|
48
|
-
```bash
|
|
49
|
-
npm run dev
|
|
50
|
-
```
|
|
51
|
-
|
|
52
|
-
---
|
|
53
|
-
|
|
54
|
-
## 🏗️ Arquitetura & Stack
|
|
55
|
-
|
|
56
|
-
O sistema é dividido em 3 camadas integradas:
|
|
13
|
+
## Organizacao e Projeto
|
|
57
14
|
|
|
58
|
-
-
|
|
59
|
-
-
|
|
60
|
-
-
|
|
61
|
-
-
|
|
15
|
+
- Organizacao: [Omnizap](https://github.com/Omnizap-System)
|
|
16
|
+
- Perfil da organizacao: [Omnizap-System/.github](https://github.com/Omnizap-System/.github)
|
|
17
|
+
- Projeto principal: [Omnizap](https://github.com/Omnizap-System/omnizap)
|
|
18
|
+
- Pacote atual: `omnizap`
|
|
62
19
|
|
|
63
|
-
|
|
20
|
+
## Links Oficiais
|
|
64
21
|
|
|
65
|
-
|
|
22
|
+
- Site: https://omnizap.shop/
|
|
23
|
+
- Documentacao da API: https://omnizap.shop/api-docs/
|
|
24
|
+
- Painel do usuario: https://omnizap.shop/user/
|
|
25
|
+
- Catalogo de figurinhas: https://omnizap.shop/stickers/
|
|
26
|
+
- Wiki: https://github.com/Omnizap-System/omnizap/wiki
|
|
66
27
|
|
|
67
|
-
|
|
68
|
-
- **Gestão de Packs:** Criação, edição e publicação de pacotes de figurinhas via bot ou web.
|
|
69
|
-
- **Painel Web:** Autenticação segura, recuperação de senha e gestão de perfil.
|
|
70
|
-
- **Marketplace:** Catálogo público com SEO otimizado e busca dinâmica.
|
|
71
|
-
- **Observabilidade:** Métricas nativas para Prometheus e logs estruturados com Pino.
|
|
28
|
+
## Quick Start
|
|
72
29
|
|
|
73
|
-
|
|
30
|
+
1. Instale dependencias:
|
|
74
31
|
|
|
75
|
-
|
|
32
|
+
```bash
|
|
33
|
+
npm install
|
|
34
|
+
```
|
|
76
35
|
|
|
77
|
-
|
|
36
|
+
2. Configure ambiente:
|
|
78
37
|
|
|
79
|
-
|
|
38
|
+
```bash
|
|
39
|
+
cp .env.example .env
|
|
40
|
+
```
|
|
80
41
|
|
|
81
|
-
|
|
42
|
+
3. Inicialize banco e frontend:
|
|
82
43
|
|
|
83
|
-
|
|
44
|
+
```bash
|
|
45
|
+
npm run db:init
|
|
46
|
+
npm run build:frontend
|
|
47
|
+
```
|
|
84
48
|
|
|
85
|
-
|
|
49
|
+
4. Rode localmente:
|
|
86
50
|
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
- `public/`: Código-fonte do frontend (React) e assets estáticos.
|
|
91
|
-
- `scripts/`: Utilitários de deploy, release e workers de background.
|
|
92
|
-
- `docs/`: Runbooks de segurança, conformidade (LGPD) e playbooks de SEO.
|
|
51
|
+
```bash
|
|
52
|
+
npm run dev
|
|
53
|
+
```
|
|
93
54
|
|
|
94
|
-
|
|
55
|
+
## Stack
|
|
95
56
|
|
|
96
|
-
|
|
57
|
+
- Bot engine: `@whiskeysockets/baileys`
|
|
58
|
+
- Backend HTTP: Node.js
|
|
59
|
+
- Frontend: React + TailwindCSS + DaisyUI
|
|
60
|
+
- Banco de dados: MySQL
|
|
61
|
+
- Observabilidade: Prometheus + logs estruturados
|
|
97
62
|
|
|
98
|
-
|
|
63
|
+
## Estrutura do Repositorio
|
|
99
64
|
|
|
100
|
-
-
|
|
101
|
-
-
|
|
102
|
-
-
|
|
65
|
+
- `app/`: modulos do bot e servicos de dominio
|
|
66
|
+
- `server/`: rotas, middlewares e controladores HTTP
|
|
67
|
+
- `database/`: schema, init e evolucao de banco
|
|
68
|
+
- `public/`: frontend React e assets estaticos
|
|
69
|
+
- `scripts/`: automacoes de build, release e operacao
|
|
70
|
+
- `docs/`: runbooks de seguranca, compliance e SEO
|
|
103
71
|
|
|
104
|
-
|
|
72
|
+
## Seguranca
|
|
105
73
|
|
|
106
|
-
|
|
74
|
+
- Politica e processo de reporte em [SECURITY.md](./SECURITY.md)
|
|
75
|
+
- Fluxo de seguranca com CodeQL, Gitleaks e hardening de workflows
|
|
76
|
+
- Materiais de conformidade em `docs/compliance` e `docs/security`
|
|
107
77
|
|
|
108
|
-
##
|
|
78
|
+
## Licenca
|
|
109
79
|
|
|
110
|
-
|
|
80
|
+
Distribuido sob a licenca MIT. Consulte [LICENSE](./LICENSE).
|
package/SECURITY.md
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
Este documento estabelece:
|
|
4
4
|
|
|
5
|
-
- as diretrizes formais para tratamento de vulnerabilidades no
|
|
5
|
+
- as diretrizes formais para tratamento de vulnerabilidades no Omnizap;
|
|
6
6
|
- o fluxo operacional (runbook) utilizado para triagem, correção e divulgação responsável.
|
|
7
7
|
|
|
8
8
|
## Objetivo e Aplicabilidade
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import { now as __timeNow, nowIso as __timeNowIso, toUnixMs as __timeNowMs } from '#time';
|
|
1
2
|
/* eslint-disable no-unused-vars */
|
|
2
3
|
/* eslint-disable no-useless-escape */
|
|
3
4
|
import { fetchLatestBaileysVersion, downloadContentFromMessage, jidNormalizedUser, jidEncode, jidDecode, areJidsSameUser, normalizeMessageContent, isJidMetaAI, isPnUser, isLidUser, isJidBroadcast, isJidGroup, isJidStatusBroadcast, isJidNewsletter, isHostedPnUser, isHostedLidUser, isJidBot, SERVER_JID, PSA_WID, STORIES_JID, META_AI_JID, delay } from '@whiskeysockets/baileys';
|
|
@@ -837,9 +838,9 @@ export const downloadMediaMessage = async (message, type, outputPath) => {
|
|
|
837
838
|
try {
|
|
838
839
|
const stream = await downloadContentFromMessage(message, type);
|
|
839
840
|
|
|
840
|
-
const fileId = message.key?.id ||
|
|
841
|
+
const fileId = message.key?.id || __timeNowMs();
|
|
841
842
|
const extension = getMediaExtension(type);
|
|
842
|
-
const fileName = `${
|
|
843
|
+
const fileName = `${__timeNowMs()}-${fileId}.${extension}`;
|
|
843
844
|
const filePath = path.join(outputPath, fileName);
|
|
844
845
|
|
|
845
846
|
await pipeline(Readable.from(stream), createWriteStream(filePath));
|
|
@@ -1033,7 +1034,7 @@ const updateLidQueueMetric = () => {
|
|
|
1033
1034
|
* Retorna timestamp atual em ms.
|
|
1034
1035
|
* @returns {number}
|
|
1035
1036
|
*/
|
|
1036
|
-
const now = () =>
|
|
1037
|
+
const now = () => __timeNowMs();
|
|
1037
1038
|
|
|
1038
1039
|
const normalizeLid = (lid) => {
|
|
1039
1040
|
if (!lid || !isLidJid(lid)) return null;
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import { now as __timeNow, nowIso as __timeNowIso, toUnixMs as __timeNowMs } from '#time';
|
|
1
2
|
import { baileysConnectionLogger as logger } from './loggerConfig.js';
|
|
2
3
|
import { queueMessageInsert } from '../services/infra/dbWriteQueue.js';
|
|
3
4
|
import { parseEnvBool, parseEnvInt, normalizeJid, isGroupJid, isStatusJid, isBroadcastJid, isNewsletterJid, normalizeWAPresence } from './baileysConfig.js';
|
|
@@ -155,7 +156,7 @@ const resolveMessageTimestampMs = (msg) => {
|
|
|
155
156
|
return tsNumber * 1000;
|
|
156
157
|
}
|
|
157
158
|
}
|
|
158
|
-
return
|
|
159
|
+
return __timeNowMs();
|
|
159
160
|
};
|
|
160
161
|
|
|
161
162
|
/**
|