npm - @openclaw/feishu - Versions diffs - 2026.5.2 → 2026.5.3-beta.2 - Mend

@openclaw/feishu 2026.5.2 → 2026.5.3-beta.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (224) hide show

package/dist/accounts-Ba3-WP1z.js +423 -0
package/dist/api.js +2280 -0
package/dist/app-registration-B8qc1MCM.js +184 -0
package/dist/audio-preflight.runtime-BPlzkO3l.js +7 -0
package/dist/card-interaction-BfRLgvw_.js +96 -0
package/dist/channel-CSD_Jt8I.js +1668 -0
package/dist/channel-entry.js +22 -0
package/dist/channel-plugin-api.js +2 -0
package/dist/channel.runtime-DYsXcD36.js +700 -0
package/dist/client-DBVoQL5w.js +157 -0
package/dist/contract-api.js +9 -0
package/dist/conversation-id-DWS3Ep2A.js +139 -0
package/dist/directory.static-f3EeoRJd.js +44 -0
package/dist/drive-C5eJLJr7.js +883 -0
package/dist/index.js +68 -0
package/dist/monitor-CT189QfR.js +60 -0
package/dist/monitor.account-dJV2jO8C.js +4990 -0
package/dist/monitor.state-DYM02ipp.js +100 -0
package/dist/policy-D6c-wMPl.js +118 -0
package/dist/probe-BNzzU_uR.js +149 -0
package/dist/rolldown-runtime-DUslC3ob.js +14 -0
package/dist/runtime-CG0DuRCy.js +8 -0
package/dist/runtime-api.js +14 -0
package/dist/secret-contract-Dm4Z_zQN.js +119 -0
package/dist/secret-contract-api.js +2 -0
package/dist/security-audit-DqJdocrN.js +11 -0
package/dist/security-audit-shared-ByuMx9cJ.js +38 -0
package/dist/security-contract-api.js +2 -0
package/dist/send-DowxxbpH.js +1218 -0
package/dist/session-conversation-B4nrW-vo.js +27 -0
package/dist/session-key-api.js +2 -0
package/dist/setup-api.js +2 -0
package/dist/setup-entry.js +15 -0
package/dist/subagent-hooks-C3UhPVLV.js +227 -0
package/dist/subagent-hooks-api.js +23 -0
package/dist/targets-JMFJRKSe.js +48 -0
package/dist/thread-bindings-BmS6TLes.js +222 -0
package/package.json +15 -6
package/api.ts +0 -31
package/channel-entry.ts +0 -20
package/channel-plugin-api.ts +0 -1
package/contract-api.ts +0 -16
package/index.ts +0 -82
package/runtime-api.ts +0 -55
package/secret-contract-api.ts +0 -5
package/security-contract-api.ts +0 -1
package/session-key-api.ts +0 -1
package/setup-api.ts +0 -3
package/setup-entry.test.ts +0 -14
package/setup-entry.ts +0 -13
package/src/accounts.test.ts +0 -459
package/src/accounts.ts +0 -326
package/src/app-registration.ts +0 -331
package/src/approval-auth.test.ts +0 -24
package/src/approval-auth.ts +0 -25
package/src/async.test.ts +0 -35
package/src/async.ts +0 -104
package/src/audio-preflight.runtime.ts +0 -9
package/src/bitable.test.ts +0 -131
package/src/bitable.ts +0 -762
package/src/bot-content.ts +0 -474
package/src/bot-group-name.test.ts +0 -108
package/src/bot-runtime-api.ts +0 -12
package/src/bot-sender-name.ts +0 -125
package/src/bot.broadcast.test.ts +0 -463
package/src/bot.card-action.test.ts +0 -577
package/src/bot.checkBotMentioned.test.ts +0 -265
package/src/bot.helpers.test.ts +0 -118
package/src/bot.stripBotMention.test.ts +0 -126
package/src/bot.test.ts +0 -3040
package/src/bot.ts +0 -1559
package/src/card-action.ts +0 -447
package/src/card-interaction.test.ts +0 -129
package/src/card-interaction.ts +0 -159
package/src/card-test-helpers.ts +0 -47
package/src/card-ux-approval.ts +0 -65
package/src/card-ux-launcher.test.ts +0 -99
package/src/card-ux-launcher.ts +0 -121
package/src/card-ux-shared.ts +0 -33
package/src/channel-runtime-api.ts +0 -16
package/src/channel.runtime.ts +0 -47
package/src/channel.test.ts +0 -959
package/src/channel.ts +0 -1313
package/src/chat-schema.ts +0 -25
package/src/chat.test.ts +0 -196
package/src/chat.ts +0 -188
package/src/client.test.ts +0 -433
package/src/client.ts +0 -290
package/src/comment-dispatcher-runtime-api.ts +0 -6
package/src/comment-dispatcher.test.ts +0 -169
package/src/comment-dispatcher.ts +0 -107
package/src/comment-handler-runtime-api.ts +0 -3
package/src/comment-handler.test.ts +0 -486
package/src/comment-handler.ts +0 -309
package/src/comment-reaction.test.ts +0 -166
package/src/comment-reaction.ts +0 -259
package/src/comment-shared.test.ts +0 -182
package/src/comment-shared.ts +0 -406
package/src/comment-target.ts +0 -44
package/src/config-schema.test.ts +0 -309
package/src/config-schema.ts +0 -333
package/src/conversation-id.test.ts +0 -18
package/src/conversation-id.ts +0 -199
package/src/dedup-runtime-api.ts +0 -1
package/src/dedup.ts +0 -141
package/src/directory.static.ts +0 -61
package/src/directory.test.ts +0 -136
package/src/directory.ts +0 -124
package/src/doc-schema.ts +0 -182
package/src/docx-batch-insert.test.ts +0 -91
package/src/docx-batch-insert.ts +0 -223
package/src/docx-color-text.ts +0 -154
package/src/docx-table-ops.test.ts +0 -53
package/src/docx-table-ops.ts +0 -316
package/src/docx-types.ts +0 -38
package/src/docx.account-selection.test.ts +0 -79
package/src/docx.test.ts +0 -685
package/src/docx.ts +0 -1616
package/src/drive-schema.ts +0 -92
package/src/drive.test.ts +0 -1219
package/src/drive.ts +0 -829
package/src/dynamic-agent.ts +0 -137
package/src/event-types.ts +0 -45
package/src/external-keys.test.ts +0 -20
package/src/external-keys.ts +0 -19
package/src/lifecycle.test-support.ts +0 -220
package/src/media.test.ts +0 -900
package/src/media.ts +0 -861
package/src/mention-target.types.ts +0 -5
package/src/mention.ts +0 -114
package/src/message-action-contract.ts +0 -13
package/src/monitor-state-runtime-api.ts +0 -7
package/src/monitor-transport-runtime-api.ts +0 -7
package/src/monitor.account.ts +0 -468
package/src/monitor.acp-init-failure.lifecycle.test-support.ts +0 -219
package/src/monitor.bot-identity.ts +0 -86
package/src/monitor.bot-menu-handler.ts +0 -165
package/src/monitor.bot-menu.lifecycle.test-support.ts +0 -224
package/src/monitor.bot-menu.test.ts +0 -178
package/src/monitor.broadcast.reply-once.lifecycle.test-support.ts +0 -264
package/src/monitor.card-action.lifecycle.test-support.ts +0 -373
package/src/monitor.cleanup.test.ts +0 -376
package/src/monitor.comment-notice-handler.ts +0 -105
package/src/monitor.comment.test.ts +0 -937
package/src/monitor.comment.ts +0 -1386
package/src/monitor.lifecycle.test.ts +0 -4
package/src/monitor.message-handler.ts +0 -339
package/src/monitor.reaction.lifecycle.test-support.ts +0 -68
package/src/monitor.reaction.test.ts +0 -713
package/src/monitor.startup.test.ts +0 -192
package/src/monitor.startup.ts +0 -74
package/src/monitor.state.defaults.test.ts +0 -46
package/src/monitor.state.ts +0 -170
package/src/monitor.synthetic-error.ts +0 -18
package/src/monitor.test-mocks.ts +0 -45
package/src/monitor.transport.ts +0 -424
package/src/monitor.ts +0 -100
package/src/monitor.webhook-e2e.test.ts +0 -272
package/src/monitor.webhook-security.test.ts +0 -264
package/src/monitor.webhook.test-helpers.ts +0 -116
package/src/outbound-runtime-api.ts +0 -1
package/src/outbound.test.ts +0 -935
package/src/outbound.ts +0 -718
package/src/perm-schema.ts +0 -52
package/src/perm.ts +0 -170
package/src/pins.ts +0 -108
package/src/policy.test.ts +0 -334
package/src/policy.ts +0 -236
package/src/post.test.ts +0 -105
package/src/post.ts +0 -275
package/src/probe.test.ts +0 -275
package/src/probe.ts +0 -166
package/src/processing-claims.ts +0 -59
package/src/qr-terminal.ts +0 -1
package/src/reactions.ts +0 -123
package/src/reasoning-preview.test.ts +0 -59
package/src/reasoning-preview.ts +0 -20
package/src/reply-dispatcher-runtime-api.ts +0 -7
package/src/reply-dispatcher.test.ts +0 -1144
package/src/reply-dispatcher.ts +0 -650
package/src/runtime.ts +0 -9
package/src/secret-contract.ts +0 -145
package/src/secret-input.ts +0 -1
package/src/security-audit-shared.ts +0 -69
package/src/security-audit.test.ts +0 -61
package/src/security-audit.ts +0 -1
package/src/send-result.ts +0 -29
package/src/send-target.test.ts +0 -80
package/src/send-target.ts +0 -35
package/src/send.reply-fallback.test.ts +0 -292
package/src/send.test.ts +0 -550
package/src/send.ts +0 -800
package/src/sequential-key.test.ts +0 -72
package/src/sequential-key.ts +0 -28
package/src/sequential-queue.test.ts +0 -92
package/src/sequential-queue.ts +0 -16
package/src/session-conversation.ts +0 -42
package/src/session-route.ts +0 -48
package/src/setup-core.ts +0 -51
package/src/setup-surface.test.ts +0 -174
package/src/setup-surface.ts +0 -581
package/src/streaming-card.test.ts +0 -190
package/src/streaming-card.ts +0 -490
package/src/subagent-hooks.test.ts +0 -603
package/src/subagent-hooks.ts +0 -397
package/src/targets.ts +0 -97
package/src/test-support/lifecycle-test-support.ts +0 -453
package/src/thread-bindings.test.ts +0 -143
package/src/thread-bindings.ts +0 -330
package/src/tool-account-routing.test.ts +0 -187
package/src/tool-account.test.ts +0 -44
package/src/tool-account.ts +0 -93
package/src/tool-factory-test-harness.ts +0 -79
package/src/tool-result.test.ts +0 -32
package/src/tool-result.ts +0 -16
package/src/tools-config.test.ts +0 -21
package/src/tools-config.ts +0 -22
package/src/types.ts +0 -104
package/src/typing.test.ts +0 -144
package/src/typing.ts +0 -214
package/src/wiki-schema.ts +0 -55
package/src/wiki.ts +0 -227
package/subagent-hooks-api.ts +0 -31
package/tsconfig.json +0 -16

package/dist/monitor.state-DYM02ipp.js ADDED Viewed

@@ -0,0 +1,100 @@
+import { t as probeFeishu } from "./probe-BNzzU_uR.js";
+import { normalizeLowercaseStringOrEmpty } from "openclaw/plugin-sdk/text-runtime";
+import { WEBHOOK_ANOMALY_COUNTER_DEFAULTS, WEBHOOK_RATE_LIMIT_DEFAULTS, createFixedWindowRateLimiter, createWebhookAnomalyTracker } from "openclaw/plugin-sdk/webhook-ingress";
+//#region extensions/feishu/src/monitor.startup.ts
+const FEISHU_STARTUP_BOT_INFO_TIMEOUT_DEFAULT_MS = 3e4;
+const FEISHU_STARTUP_BOT_INFO_TIMEOUT_ENV = "OPENCLAW_FEISHU_STARTUP_PROBE_TIMEOUT_MS";
+function resolveStartupProbeTimeoutMs() {
+	const raw = process.env[FEISHU_STARTUP_BOT_INFO_TIMEOUT_ENV];
+	if (raw) {
+		const parsed = Number(raw);
+		if (Number.isFinite(parsed) && parsed > 0) return Math.floor(parsed);
+		console.warn(`[feishu] ${FEISHU_STARTUP_BOT_INFO_TIMEOUT_ENV}="${raw}" is invalid; using default ${FEISHU_STARTUP_BOT_INFO_TIMEOUT_DEFAULT_MS}ms`);
+	}
+	return FEISHU_STARTUP_BOT_INFO_TIMEOUT_DEFAULT_MS;
+}
+const FEISHU_STARTUP_BOT_INFO_TIMEOUT_MS = resolveStartupProbeTimeoutMs();
+function isTimeoutErrorMessage(message) {
+	const lower = normalizeLowercaseStringOrEmpty(message);
+	return lower.includes("timeout") || lower.includes("timed out");
+}
+function isAbortErrorMessage(message) {
+	return normalizeLowercaseStringOrEmpty(message).includes("aborted");
+}
+async function fetchBotIdentityForMonitor(account, options = {}) {
+	if (options.abortSignal?.aborted) return {};
+	const timeoutMs = options.timeoutMs ?? FEISHU_STARTUP_BOT_INFO_TIMEOUT_MS;
+	const result = await probeFeishu(account, {
+		timeoutMs,
+		abortSignal: options.abortSignal
+	});
+	if (result.ok) return {
+		botOpenId: result.botOpenId,
+		botName: result.botName
+	};
+	const probeError = result.error ?? void 0;
+	if (options.abortSignal?.aborted || isAbortErrorMessage(probeError)) return {};
+	if (isTimeoutErrorMessage(probeError)) (options.runtime?.error ?? console.error)(`feishu[${account.accountId}]: bot info probe timed out after ${timeoutMs}ms; continuing startup`);
+	return {};
+}
+//#endregion
+//#region extensions/feishu/src/monitor.state.ts
+const wsClients = /* @__PURE__ */ new Map();
+const httpServers = /* @__PURE__ */ new Map();
+const botOpenIds = /* @__PURE__ */ new Map();
+const botNames = /* @__PURE__ */ new Map();
+const FEISHU_WEBHOOK_MAX_BODY_BYTES = 64 * 1024;
+const FEISHU_WEBHOOK_BODY_TIMEOUT_MS = 5e3;
+const FEISHU_WEBHOOK_RATE_LIMIT_FALLBACK_DEFAULTS = {
+	windowMs: 6e4,
+	maxRequests: 120,
+	maxTrackedKeys: 4096
+};
+const FEISHU_WEBHOOK_ANOMALY_FALLBACK_DEFAULTS = {
+	maxTrackedKeys: 4096,
+	ttlMs: 360 * 6e4,
+	logEvery: 25
+};
+function coercePositiveInt(value, fallback) {
+	if (typeof value !== "number" || !Number.isFinite(value)) return fallback;
+	const normalized = Math.floor(value);
+	return normalized > 0 ? normalized : fallback;
+}
+function resolveFeishuWebhookRateLimitDefaultsForTest(defaults) {
+	const resolved = defaults;
+	return {
+		windowMs: coercePositiveInt(resolved?.windowMs, FEISHU_WEBHOOK_RATE_LIMIT_FALLBACK_DEFAULTS.windowMs),
+		maxRequests: coercePositiveInt(resolved?.maxRequests, FEISHU_WEBHOOK_RATE_LIMIT_FALLBACK_DEFAULTS.maxRequests),
+		maxTrackedKeys: coercePositiveInt(resolved?.maxTrackedKeys, FEISHU_WEBHOOK_RATE_LIMIT_FALLBACK_DEFAULTS.maxTrackedKeys)
+	};
+}
+function resolveFeishuWebhookAnomalyDefaultsForTest(defaults) {
+	const resolved = defaults;
+	return {
+		maxTrackedKeys: coercePositiveInt(resolved?.maxTrackedKeys, FEISHU_WEBHOOK_ANOMALY_FALLBACK_DEFAULTS.maxTrackedKeys),
+		ttlMs: coercePositiveInt(resolved?.ttlMs, FEISHU_WEBHOOK_ANOMALY_FALLBACK_DEFAULTS.ttlMs),
+		logEvery: coercePositiveInt(resolved?.logEvery, FEISHU_WEBHOOK_ANOMALY_FALLBACK_DEFAULTS.logEvery)
+	};
+}
+const feishuWebhookRateLimitDefaults = resolveFeishuWebhookRateLimitDefaultsForTest(WEBHOOK_RATE_LIMIT_DEFAULTS);
+const feishuWebhookAnomalyDefaults = resolveFeishuWebhookAnomalyDefaultsForTest(WEBHOOK_ANOMALY_COUNTER_DEFAULTS);
+const feishuWebhookRateLimiter = createFixedWindowRateLimiter({
+	windowMs: feishuWebhookRateLimitDefaults.windowMs,
+	maxRequests: feishuWebhookRateLimitDefaults.maxRequests,
+	maxTrackedKeys: feishuWebhookRateLimitDefaults.maxTrackedKeys
+});
+const feishuWebhookAnomalyTracker = createWebhookAnomalyTracker({
+	maxTrackedKeys: feishuWebhookAnomalyDefaults.maxTrackedKeys,
+	ttlMs: feishuWebhookAnomalyDefaults.ttlMs,
+	logEvery: feishuWebhookAnomalyDefaults.logEvery
+});
+function recordWebhookStatus(runtime, accountId, path, statusCode) {
+	feishuWebhookAnomalyTracker.record({
+		key: `${accountId}:${path}:${statusCode}`,
+		statusCode,
+		log: runtime?.log ?? console.log,
+		message: (count) => `feishu[${accountId}]: webhook anomaly path=${path} status=${statusCode} count=${count}`
+	});
+}
+//#endregion
+export { feishuWebhookRateLimiter as a, wsClients as c, botOpenIds as i, fetchBotIdentityForMonitor as l, FEISHU_WEBHOOK_MAX_BODY_BYTES as n, httpServers as o, botNames as r, recordWebhookStatus as s, FEISHU_WEBHOOK_BODY_TIMEOUT_MS as t };

package/dist/policy-D6c-wMPl.js ADDED Viewed

@@ -0,0 +1,118 @@
+import { t as detectIdType } from "./targets-JMFJRKSe.js";
+import { normalizeOptionalLowercaseString } from "openclaw/plugin-sdk/text-runtime";
+import { normalizeAccountId, resolveMergedAccountConfig } from "openclaw/plugin-sdk/account-resolution";
+import { evaluateSenderGroupAccessForPolicy } from "openclaw/plugin-sdk/group-access";
+//#region extensions/feishu/src/policy.ts
+const FEISHU_PROVIDER_PREFIX_RE = /^(feishu|lark):/i;
+function stripRepeatedFeishuProviderPrefixes(raw) {
+	let normalized = raw.trim();
+	while (FEISHU_PROVIDER_PREFIX_RE.test(normalized)) normalized = normalized.replace(FEISHU_PROVIDER_PREFIX_RE, "").trim();
+	return normalized;
+}
+function canonicalizeFeishuAllowlistKey(params) {
+	const value = params.value.trim();
+	if (!value) return "";
+	if (value === "*") return "*";
+	return `${params.kind}:${value}`;
+}
+function normalizeFeishuAllowEntry(raw) {
+	const trimmed = raw.trim();
+	if (!trimmed) return "";
+	if (trimmed === "*") return "*";
+	const withoutProviderPrefix = stripRepeatedFeishuProviderPrefixes(trimmed);
+	if (withoutProviderPrefix === "*") return "*";
+	const lowered = normalizeOptionalLowercaseString(withoutProviderPrefix) ?? "";
+	if (!lowered) return "";
+	if (lowered.startsWith("chat:") || lowered.startsWith("group:") || lowered.startsWith("channel:")) return canonicalizeFeishuAllowlistKey({
+		kind: "chat",
+		value: withoutProviderPrefix.slice(withoutProviderPrefix.indexOf(":") + 1)
+	});
+	if (lowered.startsWith("user:") || lowered.startsWith("dm:")) return canonicalizeFeishuAllowlistKey({
+		kind: "user",
+		value: withoutProviderPrefix.slice(withoutProviderPrefix.indexOf(":") + 1)
+	});
+	if (lowered.startsWith("open_id:")) return canonicalizeFeishuAllowlistKey({
+		kind: "user",
+		value: withoutProviderPrefix.slice(withoutProviderPrefix.indexOf(":") + 1)
+	});
+	const detectedType = detectIdType(withoutProviderPrefix);
+	if (detectedType === "chat_id") return canonicalizeFeishuAllowlistKey({
+		kind: "chat",
+		value: withoutProviderPrefix
+	});
+	if (detectedType === "open_id" || detectedType === "user_id") return canonicalizeFeishuAllowlistKey({
+		kind: "user",
+		value: withoutProviderPrefix
+	});
+	return "";
+}
+function resolveFeishuAllowlistMatch(params) {
+	const allowFrom = params.allowFrom.map((entry) => normalizeFeishuAllowEntry(String(entry))).filter(Boolean);
+	if (allowFrom.length === 0) return { allowed: false };
+	if (allowFrom.includes("*")) return {
+		allowed: true,
+		matchKey: "*",
+		matchSource: "wildcard"
+	};
+	const senderCandidates = [params.senderId, ...params.senderIds ?? []].map((entry) => normalizeFeishuAllowEntry(entry ?? "")).filter(Boolean);
+	for (const senderId of senderCandidates) if (allowFrom.includes(senderId)) return {
+		allowed: true,
+		matchKey: senderId,
+		matchSource: "id"
+	};
+	return { allowed: false };
+}
+function resolveFeishuGroupConfig(params) {
+	const groups = params.cfg?.groups ?? {};
+	const wildcard = groups["*"];
+	const groupId = params.groupId?.trim();
+	if (!groupId) return;
+	const direct = groups[groupId];
+	if (direct) return direct;
+	const lowered = normalizeOptionalLowercaseString(groupId) ?? "";
+	const matchKey = Object.keys(groups).find((key) => normalizeOptionalLowercaseString(key) === lowered);
+	if (matchKey) return groups[matchKey];
+	return wildcard;
+}
+function hasExplicitFeishuGroupConfig(params) {
+	const groups = params.cfg?.groups ?? {};
+	const groupId = params.groupId?.trim();
+	if (!groupId) return false;
+	if (Object.prototype.hasOwnProperty.call(groups, groupId) && groupId !== "*") return true;
+	const lowered = normalizeOptionalLowercaseString(groupId) ?? "";
+	return Object.keys(groups).some((key) => key !== "*" && normalizeOptionalLowercaseString(key) === lowered);
+}
+function resolveFeishuGroupToolPolicy(params) {
+	const cfg = params.cfg.channels?.feishu;
+	if (!cfg) return;
+	return resolveFeishuGroupConfig({
+		cfg,
+		groupId: params.groupId
+	})?.tools;
+}
+function isFeishuGroupAllowed(params) {
+	return evaluateSenderGroupAccessForPolicy({
+		groupPolicy: params.groupPolicy === "allowall" ? "open" : params.groupPolicy,
+		groupAllowFrom: params.allowFrom.map((entry) => String(entry)),
+		senderId: params.senderId,
+		isSenderAllowed: () => resolveFeishuAllowlistMatch(params).allowed
+	}).allowed;
+}
+function resolveFeishuReplyPolicy(params) {
+	if (params.isDirectMessage) return { requireMention: false };
+	const feishuCfg = params.cfg.channels?.feishu;
+	const resolvedCfg = resolveMergedAccountConfig({
+		channelConfig: feishuCfg,
+		accounts: feishuCfg?.accounts,
+		accountId: normalizeAccountId(params.accountId),
+		normalizeAccountId,
+		omitKeys: ["defaultAccount"]
+	});
+	const groupRequireMention = resolveFeishuGroupConfig({
+		cfg: resolvedCfg,
+		groupId: params.groupId
+	})?.requireMention;
+	return { requireMention: typeof groupRequireMention === "boolean" ? groupRequireMention : typeof resolvedCfg.requireMention === "boolean" ? resolvedCfg.requireMention : params.groupPolicy !== "open" };
+}
+//#endregion
+export { resolveFeishuGroupToolPolicy as a, resolveFeishuGroupConfig as i, isFeishuGroupAllowed as n, resolveFeishuReplyPolicy as o, resolveFeishuAllowlistMatch as r, hasExplicitFeishuGroupConfig as t };

package/dist/probe-BNzzU_uR.js ADDED Viewed

@@ -0,0 +1,149 @@
+import { t as __exportAll } from "./rolldown-runtime-DUslC3ob.js";
+import { r as createFeishuClient } from "./client-DBVoQL5w.js";
+import { formatErrorMessage } from "openclaw/plugin-sdk/error-runtime";
+//#region extensions/feishu/src/async.ts
+const RACE_TIMEOUT = Symbol("race-timeout");
+const RACE_ABORT = Symbol("race-abort");
+async function raceWithTimeoutAndAbort(promise, options = {}) {
+	if (options.abortSignal?.aborted) return { status: "aborted" };
+	if (options.timeoutMs === void 0 && !options.abortSignal) return {
+		status: "resolved",
+		value: await promise
+	};
+	let timeoutHandle;
+	let abortHandler;
+	const contenders = [promise];
+	if (options.timeoutMs !== void 0) contenders.push(new Promise((resolve) => {
+		timeoutHandle = setTimeout(() => resolve(RACE_TIMEOUT), options.timeoutMs);
+	}));
+	if (options.abortSignal) contenders.push(new Promise((resolve) => {
+		abortHandler = () => resolve(RACE_ABORT);
+		options.abortSignal?.addEventListener("abort", abortHandler, { once: true });
+	}));
+	try {
+		const result = await Promise.race(contenders);
+		if (result === RACE_TIMEOUT) return { status: "timeout" };
+		if (result === RACE_ABORT) return { status: "aborted" };
+		return {
+			status: "resolved",
+			value: result
+		};
+	} finally {
+		if (timeoutHandle) clearTimeout(timeoutHandle);
+		if (abortHandler) options.abortSignal?.removeEventListener("abort", abortHandler);
+	}
+}
+function waitForAbortableDelay(delayMs, abortSignal) {
+	if (abortSignal?.aborted) return Promise.resolve(false);
+	return new Promise((resolve) => {
+		let settled = false;
+		let timer;
+		let handleAbort;
+		const finish = (value) => {
+			if (settled) return;
+			settled = true;
+			if (timer) clearTimeout(timer);
+			if (handleAbort) abortSignal?.removeEventListener("abort", handleAbort);
+			resolve(value);
+		};
+		handleAbort = () => {
+			finish(false);
+		};
+		abortSignal?.addEventListener("abort", handleAbort, { once: true });
+		if (abortSignal?.aborted) {
+			finish(false);
+			return;
+		}
+		timer = setTimeout(() => finish(true), delayMs);
+		timer.unref?.();
+	});
+}
+//#endregion
+//#region extensions/feishu/src/probe.ts
+var probe_exports = /* @__PURE__ */ __exportAll({
+	FEISHU_PROBE_REQUEST_TIMEOUT_MS: () => FEISHU_PROBE_REQUEST_TIMEOUT_MS,
+	probeFeishu: () => probeFeishu
+});
+/** Cache probe results to reduce repeated health-check calls.
+* Gateway health checks call probeFeishu() every minute; without caching this
+* burns ~43,200 calls/month, easily exceeding Feishu's free-tier quota.
+* Successful bot info is effectively static, while failures are cached briefly
+* to avoid hammering the API during transient outages. */
+const probeCache = /* @__PURE__ */ new Map();
+const PROBE_SUCCESS_TTL_MS = 600 * 1e3;
+const PROBE_ERROR_TTL_MS = 60 * 1e3;
+const MAX_PROBE_CACHE_SIZE = 64;
+const FEISHU_PROBE_REQUEST_TIMEOUT_MS = 1e4;
+function setCachedProbeResult(cacheKey, result, ttlMs) {
+	probeCache.set(cacheKey, {
+		result,
+		expiresAt: Date.now() + ttlMs
+	});
+	if (probeCache.size > MAX_PROBE_CACHE_SIZE) {
+		const oldest = probeCache.keys().next().value;
+		if (oldest !== void 0) probeCache.delete(oldest);
+	}
+	return result;
+}
+async function probeFeishu(creds, options = {}) {
+	if (!creds?.appId || !creds?.appSecret) return {
+		ok: false,
+		error: "missing credentials (appId, appSecret)"
+	};
+	if (options.abortSignal?.aborted) return {
+		ok: false,
+		appId: creds.appId,
+		error: "probe aborted"
+	};
+	const timeoutMs = options.timeoutMs ?? 1e4;
+	const cacheKey = creds.accountId ?? `${creds.appId}:${creds.appSecret.slice(0, 8)}`;
+	const cached = probeCache.get(cacheKey);
+	if (cached && cached.expiresAt > Date.now()) return cached.result;
+	try {
+		const responseResult = await raceWithTimeoutAndAbort(createFeishuClient(creds).request({
+			method: "POST",
+			url: "/open-apis/bot/v1/openclaw_bot/ping",
+			data: { needBotInfo: true },
+			timeout: timeoutMs
+		}), {
+			timeoutMs,
+			abortSignal: options.abortSignal
+		});
+		if (responseResult.status === "aborted") return {
+			ok: false,
+			appId: creds.appId,
+			error: "probe aborted"
+		};
+		if (responseResult.status === "timeout") return setCachedProbeResult(cacheKey, {
+			ok: false,
+			appId: creds.appId,
+			error: `probe timed out after ${timeoutMs}ms`
+		}, PROBE_ERROR_TTL_MS);
+		const response = responseResult.value;
+		if (options.abortSignal?.aborted) return {
+			ok: false,
+			appId: creds.appId,
+			error: "probe aborted"
+		};
+		if (response.code !== 0) return setCachedProbeResult(cacheKey, {
+			ok: false,
+			appId: creds.appId,
+			error: `API error: ${response.msg || `code ${response.code}`}`
+		}, PROBE_ERROR_TTL_MS);
+		const botInfo = response.data?.pingBotInfo;
+		return setCachedProbeResult(cacheKey, {
+			ok: true,
+			appId: creds.appId,
+			botName: botInfo?.botName,
+			botOpenId: botInfo?.botID
+		}, PROBE_SUCCESS_TTL_MS);
+	} catch (err) {
+		return setCachedProbeResult(cacheKey, {
+			ok: false,
+			appId: creds.appId,
+			error: formatErrorMessage(err)
+		}, PROBE_ERROR_TTL_MS);
+	}
+}
+//#endregion
+export { waitForAbortableDelay as i, probe_exports as n, raceWithTimeoutAndAbort as r, probeFeishu as t };

package/dist/rolldown-runtime-DUslC3ob.js ADDED Viewed

@@ -0,0 +1,14 @@
+import "node:module";
+//#region \0rolldown/runtime.js
+var __defProp = Object.defineProperty;
+var __exportAll = (all, no_symbols) => {
+	let target = {};
+	for (var name in all) __defProp(target, name, {
+		get: all[name],
+		enumerable: true
+	});
+	if (!no_symbols) __defProp(target, Symbol.toStringTag, { value: "Module" });
+	return target;
+};
+//#endregion
+export { __exportAll as t };

package/dist/runtime-CG0DuRCy.js ADDED Viewed

@@ -0,0 +1,8 @@
+import { createPluginRuntimeStore } from "openclaw/plugin-sdk/runtime-store";
+//#region extensions/feishu/src/runtime.ts
+const { setRuntime: setFeishuRuntime, getRuntime: getFeishuRuntime } = createPluginRuntimeStore({
+	pluginId: "feishu",
+	errorMessage: "Feishu runtime not initialized"
+});
+//#endregion
+export { setFeishuRuntime as n, getFeishuRuntime as t };

package/dist/runtime-api.js ADDED Viewed

@@ -0,0 +1,14 @@
+import { n as setFeishuRuntime } from "./runtime-CG0DuRCy.js";
+import { normalizeAgentId } from "openclaw/plugin-sdk/routing";
+import { createChannelPairingController } from "openclaw/plugin-sdk/channel-pairing";
+import { PAIRING_APPROVED_MESSAGE, buildProbeChannelStatusSummary, createDefaultChannelRuntimeState } from "openclaw/plugin-sdk/channel-status";
+import { chunkTextForOutbound } from "openclaw/plugin-sdk/text-chunking";
+import { DEFAULT_ACCOUNT_ID, buildChannelConfigSchema, createActionGate, createDedupeCache } from "openclaw/plugin-sdk/core";
+import { buildAgentMediaPayload } from "openclaw/plugin-sdk/agent-media-payload";
+import { createReplyPrefixContext } from "openclaw/plugin-sdk/channel-reply-pipeline";
+import { evaluateSupplementalContextVisibility, filterSupplementalContextItems, resolveChannelContextVisibilityMode } from "openclaw/plugin-sdk/context-visibility-runtime";
+import { loadSessionStore, resolveSessionStoreEntry } from "openclaw/plugin-sdk/session-store-runtime";
+import { readJsonFileWithFallback } from "openclaw/plugin-sdk/json-store";
+import { createPersistentDedupe } from "openclaw/plugin-sdk/persistent-dedupe";
+import { isRequestBodyLimitError, readRequestBodyWithLimit, requestBodyErrorToText } from "openclaw/plugin-sdk/webhook-ingress";
+export { DEFAULT_ACCOUNT_ID, PAIRING_APPROVED_MESSAGE, buildAgentMediaPayload, buildChannelConfigSchema, buildProbeChannelStatusSummary, chunkTextForOutbound, createActionGate, createChannelPairingController, createDedupeCache, createDefaultChannelRuntimeState, createPersistentDedupe, createReplyPrefixContext, evaluateSupplementalContextVisibility, filterSupplementalContextItems, isRequestBodyLimitError, loadSessionStore, normalizeAgentId, readJsonFileWithFallback, readRequestBodyWithLimit, requestBodyErrorToText, resolveChannelContextVisibilityMode, resolveSessionStoreEntry, setFeishuRuntime };

package/dist/secret-contract-Dm4Z_zQN.js ADDED Viewed

@@ -0,0 +1,119 @@
+import { collectConditionalChannelFieldAssignments, collectSimpleChannelFieldAssignments, getChannelSurface, hasOwnProperty, normalizeSecretStringValue } from "openclaw/plugin-sdk/channel-secret-basic-runtime";
+//#region extensions/feishu/src/secret-contract.ts
+const secretTargetRegistryEntries = [
+	{
+		id: "channels.feishu.accounts.*.appSecret",
+		targetType: "channels.feishu.accounts.*.appSecret",
+		configFile: "openclaw.json",
+		pathPattern: "channels.feishu.accounts.*.appSecret",
+		secretShape: "secret_input",
+		expectedResolvedValue: "string",
+		includeInPlan: true,
+		includeInConfigure: true,
+		includeInAudit: true
+	},
+	{
+		id: "channels.feishu.accounts.*.encryptKey",
+		targetType: "channels.feishu.accounts.*.encryptKey",
+		configFile: "openclaw.json",
+		pathPattern: "channels.feishu.accounts.*.encryptKey",
+		secretShape: "secret_input",
+		expectedResolvedValue: "string",
+		includeInPlan: true,
+		includeInConfigure: true,
+		includeInAudit: true
+	},
+	{
+		id: "channels.feishu.accounts.*.verificationToken",
+		targetType: "channels.feishu.accounts.*.verificationToken",
+		configFile: "openclaw.json",
+		pathPattern: "channels.feishu.accounts.*.verificationToken",
+		secretShape: "secret_input",
+		expectedResolvedValue: "string",
+		includeInPlan: true,
+		includeInConfigure: true,
+		includeInAudit: true
+	},
+	{
+		id: "channels.feishu.appSecret",
+		targetType: "channels.feishu.appSecret",
+		configFile: "openclaw.json",
+		pathPattern: "channels.feishu.appSecret",
+		secretShape: "secret_input",
+		expectedResolvedValue: "string",
+		includeInPlan: true,
+		includeInConfigure: true,
+		includeInAudit: true
+	},
+	{
+		id: "channels.feishu.encryptKey",
+		targetType: "channels.feishu.encryptKey",
+		configFile: "openclaw.json",
+		pathPattern: "channels.feishu.encryptKey",
+		secretShape: "secret_input",
+		expectedResolvedValue: "string",
+		includeInPlan: true,
+		includeInConfigure: true,
+		includeInAudit: true
+	},
+	{
+		id: "channels.feishu.verificationToken",
+		targetType: "channels.feishu.verificationToken",
+		configFile: "openclaw.json",
+		pathPattern: "channels.feishu.verificationToken",
+		secretShape: "secret_input",
+		expectedResolvedValue: "string",
+		includeInPlan: true,
+		includeInConfigure: true,
+		includeInAudit: true
+	}
+];
+function collectRuntimeConfigAssignments(params) {
+	const resolved = getChannelSurface(params.config, "feishu");
+	if (!resolved) return;
+	const { channel: feishu, surface } = resolved;
+	collectSimpleChannelFieldAssignments({
+		channelKey: "feishu",
+		field: "appSecret",
+		channel: feishu,
+		surface,
+		defaults: params.defaults,
+		context: params.context,
+		topInactiveReason: "no enabled account inherits this top-level Feishu appSecret.",
+		accountInactiveReason: "Feishu account is disabled."
+	});
+	const baseConnectionMode = normalizeSecretStringValue(feishu.connectionMode) === "webhook" ? "webhook" : "websocket";
+	const resolveAccountMode = (account) => hasOwnProperty(account, "connectionMode") ? normalizeSecretStringValue(account.connectionMode) : baseConnectionMode;
+	collectConditionalChannelFieldAssignments({
+		channelKey: "feishu",
+		field: "encryptKey",
+		channel: feishu,
+		surface,
+		defaults: params.defaults,
+		context: params.context,
+		topLevelActiveWithoutAccounts: baseConnectionMode === "webhook",
+		topLevelInheritedAccountActive: ({ account, enabled }) => enabled && !hasOwnProperty(account, "encryptKey") && resolveAccountMode(account) === "webhook",
+		accountActive: ({ account, enabled }) => enabled && resolveAccountMode(account) === "webhook",
+		topInactiveReason: "no enabled Feishu webhook-mode surface inherits this top-level encryptKey.",
+		accountInactiveReason: "Feishu account is disabled or not running in webhook mode."
+	});
+	collectConditionalChannelFieldAssignments({
+		channelKey: "feishu",
+		field: "verificationToken",
+		channel: feishu,
+		surface,
+		defaults: params.defaults,
+		context: params.context,
+		topLevelActiveWithoutAccounts: baseConnectionMode === "webhook",
+		topLevelInheritedAccountActive: ({ account, enabled }) => enabled && !hasOwnProperty(account, "verificationToken") && resolveAccountMode(account) === "webhook",
+		accountActive: ({ account, enabled }) => enabled && resolveAccountMode(account) === "webhook",
+		topInactiveReason: "no enabled Feishu webhook-mode surface inherits this top-level verificationToken.",
+		accountInactiveReason: "Feishu account is disabled or not running in webhook mode."
+	});
+}
+const channelSecrets = {
+	secretTargetRegistryEntries,
+	collectRuntimeConfigAssignments
+};
+//#endregion
+export { collectRuntimeConfigAssignments as n, secretTargetRegistryEntries as r, channelSecrets as t };

package/dist/secret-contract-api.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import { n as collectRuntimeConfigAssignments, r as secretTargetRegistryEntries, t as channelSecrets } from "./secret-contract-Dm4Z_zQN.js";
2	+ export { channelSecrets, collectRuntimeConfigAssignments, secretTargetRegistryEntries };

package/dist/security-audit-DqJdocrN.js ADDED Viewed

@@ -0,0 +1,11 @@
+import "./security-audit-shared-ByuMx9cJ.js";
+//#region extensions/feishu/src/message-action-contract.ts
+const messageActionTargetAliases = {
+	read: { aliases: ["messageId"] },
+	pin: { aliases: ["messageId"] },
+	unpin: { aliases: ["messageId"] },
+	"list-pins": { aliases: ["chatId"] },
+	"channel-info": { aliases: ["chatId"] }
+};
+//#endregion
+export { messageActionTargetAliases as t };

package/dist/security-audit-shared-ByuMx9cJ.js ADDED Viewed

@@ -0,0 +1,38 @@
+import { hasConfiguredSecretInput } from "openclaw/plugin-sdk/secret-input";
+//#region extensions/feishu/src/security-audit-shared.ts
+function asRecord(value) {
+	return value && typeof value === "object" && !Array.isArray(value) ? value : void 0;
+}
+function hasNonEmptyString(value) {
+	return typeof value === "string" && value.trim().length > 0;
+}
+function isFeishuDocToolEnabled(cfg) {
+	const feishu = asRecord(asRecord(cfg.channels)?.feishu);
+	if (!feishu || feishu.enabled === false) return false;
+	const baseTools = asRecord(feishu.tools);
+	const baseDocEnabled = baseTools?.doc !== false;
+	const baseAppId = hasNonEmptyString(feishu.appId);
+	const baseAppSecret = hasConfiguredSecretInput(feishu.appSecret, cfg.secrets?.defaults);
+	const baseConfigured = baseAppId && baseAppSecret;
+	const accounts = asRecord(feishu.accounts);
+	if (!accounts || Object.keys(accounts).length === 0) return baseDocEnabled && baseConfigured;
+	for (const accountValue of Object.values(accounts)) {
+		const account = asRecord(accountValue) ?? {};
+		if (account.enabled === false) continue;
+		if (!((asRecord(account.tools) ?? baseTools)?.doc !== false)) continue;
+		if ((hasNonEmptyString(account.appId) || baseAppId) && (hasConfiguredSecretInput(account.appSecret, cfg.secrets?.defaults) || baseAppSecret)) return true;
+	}
+	return false;
+}
+function collectFeishuSecurityAuditFindings(params) {
+	if (!isFeishuDocToolEnabled(params.cfg)) return [];
+	return [{
+		checkId: "channels.feishu.doc_owner_open_id",
+		severity: "warn",
+		title: "Feishu doc create can grant requester permissions",
+		detail: "channels.feishu tools include \"doc\"; feishu_doc action \"create\" can grant document access to the trusted requesting Feishu user.",
+		remediation: "Disable channels.feishu.tools.doc when not needed, and restrict tool access for untrusted prompts."
+	}];
+}
+//#endregion
+export { collectFeishuSecurityAuditFindings as t };

package/dist/security-contract-api.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import { t as collectFeishuSecurityAuditFindings } from "./security-audit-shared-ByuMx9cJ.js";
2	+ export { collectFeishuSecurityAuditFindings };