@openclaw/zalo 2026.5.12 → 2026.5.14-beta.2

package/dist/{actions.runtime-B-RkyU18.js → actions.runtime-DPLidmVV.js}

@@ -1,4 +1,4 @@
-import { t as sendMessageZalo } from "./send-B33YPMz_.js";
+import { t as sendMessageZalo } from "./send-DC0JAcxV.js";
 //#region extensions/zalo/src/actions.runtime.ts
 const zaloActionsRuntime = { sendMessageZalo };
 //#endregion

package/dist/api.js

@@ -1,5 +1,5 @@
-import { t as zaloPlugin } from "./channel-CoWHeuWX.js";
-import { n as zaloDmPolicy, r as zaloSetupAdapter, t as createZaloSetupWizardProxy } from "./setup-core-B-97bdBF.js";
-import { n as resolveZaloRuntimeGroupPolicy } from "./group-access-B_fAqJAN.js";
+import { n as zaloDmPolicy, r as zaloSetupAdapter, t as createZaloSetupWizardProxy } from "./setup-core-c-VVz39c.js";
+import { t as zaloPlugin } from "./channel-Ds8WfCFp.js";
+import { n as resolveZaloRuntimeGroupPolicy } from "./group-access-Boqk-JNd.js";
 import { zaloSetupWizard } from "./setup-api.js";
 export { createZaloSetupWizardProxy, resolveZaloRuntimeGroupPolicy, zaloDmPolicy, zaloPlugin, zaloSetupAdapter, zaloSetupWizard };

package/dist/{channel-CoWHeuWX.js → channel-Ds8WfCFp.js}

@@ -1,6 +1,5 @@
-import { a as resolveZaloAccount, i as resolveDefaultZaloAccountId, n as listEnabledZaloAccounts, r as listZaloAccountIds, s as buildSecretInputSchema } from "./accounts-OjbMFek2.js";
+import { c as listZaloAccountIds, f as buildSecretInputSchema, l as resolveDefaultZaloAccountId, r as zaloSetupAdapter, s as listEnabledZaloAccounts, t as createZaloSetupWizardProxy, u as resolveZaloAccount } from "./setup-core-c-VVz39c.js";
 import { n as collectRuntimeConfigAssignments, r as secretTargetRegistryEntries } from "./secret-contract-Dw93tGo2.js";
-import { r as zaloSetupAdapter, t as createZaloSetupWizardProxy } from "./setup-core-B-97bdBF.js";
 import { describeWebhookAccountSnapshot } from "openclaw/plugin-sdk/account-helpers";
 import { DEFAULT_ACCOUNT_ID } from "openclaw/plugin-sdk/account-id";
 import { formatAllowFromLowercase } from "openclaw/plugin-sdk/allow-from";
@@ -25,7 +24,7 @@ import { AllowFromListSchema, DmPolicySchema, GroupPolicySchema, MarkdownConfigS
 import { z } from "zod";
 import { coerceStatusIssueAccountId, readStatusIssueFields } from "openclaw/plugin-sdk/extension-shared";
 //#region extensions/zalo/src/actions.ts
-const loadZaloActionsRuntime = createLazyRuntimeNamedExport(() => import("./actions.runtime-B-RkyU18.js"), "zaloActionsRuntime");
+const loadZaloActionsRuntime = createLazyRuntimeNamedExport(() => import("./actions.runtime-DPLidmVV.js"), "zaloActionsRuntime");
 const providerId = "zalo";
 function listEnabledAccounts(cfg, accountId) {
 	return (accountId ? [resolveZaloAccount({
@@ -174,8 +173,8 @@ function normalizeZaloMessagingTarget(raw) {
 	if (!trimmed) return;
 	return trimmed.replace(/^(zalo|zl):/i, "").trim();
 }
-const loadZaloChannelRuntime = createLazyRuntimeModule(() => import("./channel.runtime-Cvycoekh.js"));
-const zaloSetupWizard = createZaloSetupWizardProxy(async () => (await import("./setup-surface-Cs4_XZXk.js")).zaloSetupWizard);
+const loadZaloChannelRuntime = createLazyRuntimeModule(() => import("./channel.runtime-BwHejuBf.js"));
+const zaloSetupWizard = createZaloSetupWizardProxy(async () => (await import("./setup-surface-DY3c-fas.js")).zaloSetupWizard);
 const zaloTextChunkLimit = 2e3;
 const zaloRawSendResultAdapter = createRawChannelSendResultAdapter({
 	channel: "zalo",

package/dist/channel-plugin-api.js

@@ -1,2 +1,2 @@
-import { t as zaloPlugin } from "./channel-CoWHeuWX.js";
+import { t as zaloPlugin } from "./channel-Ds8WfCFp.js";
 export { zaloPlugin };

package/dist/{channel.runtime-Cvycoekh.js → channel.runtime-BwHejuBf.js}

@@ -1,7 +1,6 @@
-import { c as normalizeSecretInputString } from "./accounts-OjbMFek2.js";
-import { n as PAIRING_APPROVED_MESSAGE } from "./runtime-api-df534_Ih.js";
-import { i as getMe, n as ZaloApiError, t as resolveZaloProxyFetch } from "./proxy-D5AGEsI0.js";
-import { t as sendMessageZalo } from "./send-B33YPMz_.js";
+import { p as normalizeSecretInputString } from "./setup-core-c-VVz39c.js";
+import { i as PAIRING_APPROVED_MESSAGE } from "./runtime-api-CnYIxmRv.js";
+import { a as getMe, n as resolveZaloProxyFetch, r as ZaloApiError, t as sendMessageZalo } from "./send-DC0JAcxV.js";
 import { createAccountStatusSink } from "openclaw/plugin-sdk/channel-lifecycle";
 //#region extensions/zalo/src/probe.ts
 async function probeZalo(token, timeoutMs = 5e3, fetcher) {
@@ -53,7 +52,7 @@ async function probeZalo(token, timeoutMs = 5e3, fetcher) {
 //#endregion
 //#region extensions/zalo/src/channel.runtime.ts
 async function notifyZaloPairingApproval(params) {
-	const { resolveZaloAccount } = await import("./accounts-OjbMFek2.js").then((n) => n.t);
+	const { resolveZaloAccount } = await import("./setup-core-c-VVz39c.js").then((n) => n.o);
 	const account = resolveZaloAccount({ cfg: params.cfg });
 	if (!account.token) throw new Error("Zalo token not configured");
 	await sendMessageZalo(params.id, PAIRING_APPROVED_MESSAGE, { token: account.token });
@@ -87,7 +86,7 @@ async function startZaloGatewayAccount(ctx) {
 		setStatus: ctx.setStatus
 	});
 	ctx.log?.info(`[${account.accountId}] starting provider${zaloBotLabel} mode=${mode}`);
-	const { monitorZaloProvider } = await import("./monitor-DaJVBJGD.js");
+	const { monitorZaloProvider } = await import("./monitor-BMpWuV4T.js");
 	return monitorZaloProvider({
 		token,
 		account,

package/dist/contract-api.js

@@ -1,3 +1,3 @@
 import { n as collectRuntimeConfigAssignments, r as secretTargetRegistryEntries } from "./secret-contract-Dw93tGo2.js";
-import { n as resolveZaloRuntimeGroupPolicy } from "./group-access-B_fAqJAN.js";
+import { n as resolveZaloRuntimeGroupPolicy } from "./group-access-Boqk-JNd.js";
 export { collectRuntimeConfigAssignments, resolveZaloRuntimeGroupPolicy, secretTargetRegistryEntries };

package/dist/{monitor-DaJVBJGD.js → monitor-BMpWuV4T.js}

@@ -1,6 +1,6 @@
-import { n as resolveZaloRuntimeGroupPolicy, t as normalizeZaloAllowEntry } from "./group-access-B_fAqJAN.js";
-import { t as getZaloRuntime } from "./runtime-BRFxnYQx.js";
-import { a as getUpdates, c as sendMessage, l as sendPhoto, n as ZaloApiError, o as getWebhookInfo, r as deleteWebhook, s as sendChatAction, t as resolveZaloProxyFetch, u as setWebhook } from "./proxy-D5AGEsI0.js";
+import { n as resolveZaloRuntimeGroupPolicy, t as normalizeZaloAllowEntry } from "./group-access-Boqk-JNd.js";
+import { t as getZaloRuntime } from "./runtime-api-CnYIxmRv.js";
+import { c as sendChatAction, d as setWebhook, i as deleteWebhook, l as sendMessage, n as resolveZaloProxyFetch, o as getUpdates, r as ZaloApiError, s as getWebhookInfo, u as sendPhoto } from "./send-DC0JAcxV.js";
 import { deliverTextOrMediaReply, resolveSendableOutboundReplyParts } from "openclaw/plugin-sdk/reply-payload";
 import { normalizeStringEntries } from "openclaw/plugin-sdk/string-coerce-runtime";
 import { resolveDefaultGroupPolicy, warnMissingProviderGroupPolicyFallbackOnce } from "openclaw/plugin-sdk/runtime-group-policy";
@@ -186,7 +186,7 @@ const ZALO_TYPING_TIMEOUT_MS = 5e3;
 let zaloWebhookModulePromise;
 const hostedMediaRouteRefs = /* @__PURE__ */ new Map();
 function loadZaloWebhookModule() {
-	zaloWebhookModulePromise ??= import("./monitor.webhook-DDHdDX2R.js");
+	zaloWebhookModulePromise ??= import("./monitor.webhook-DlMvHl6I.js");
 	return zaloWebhookModulePromise;
 }
 function registerSharedHostedMediaRoute(params) {
@@ -377,11 +377,10 @@ async function handleImageMessage(params) {
 	let mediaType;
 	if (photo_url) try {
 		const maxBytes = mediaMaxMb * 1024 * 1024;
-		const fetched = await core.channel.media.fetchRemoteMedia({
+		const saved = await core.channel.media.saveRemoteMedia({
 			url: photo_url,
 			maxBytes
 		});
-		const saved = await core.channel.media.saveMediaBuffer(fetched.buffer, fetched.contentType, "inbound", maxBytes);
 		mediaPath = saved.path;
 		mediaType = saved.contentType;
 	} catch (err) {

package/dist/{monitor.webhook-DDHdDX2R.js → monitor.webhook-DlMvHl6I.js}

@@ -1,4 +1,4 @@
-import { L as registerWebhookTarget, P as readJsonWebhookBodyOrReject, R as registerWebhookTargetWithPluginRoute, W as resolveWebhookTargetWithAuthOrRejectSync, X as withResolvedWebhookRequestPipeline, i as WEBHOOK_RATE_LIMIT_DEFAULTS, r as WEBHOOK_ANOMALY_COUNTER_DEFAULTS, s as applyBasicWebhookRequestGuards, v as createFixedWindowRateLimiter, y as createWebhookAnomalyTracker, z as resolveClientIp } from "./runtime-api-df534_Ih.js";
+import { B as registerWebhookTargetWithPluginRoute, I as readJsonWebhookBodyOrReject, K as resolveWebhookTargetWithAuthOrRejectSync, Q as withResolvedWebhookRequestPipeline, V as resolveClientIp, a as WEBHOOK_ANOMALY_COUNTER_DEFAULTS, b as createFixedWindowRateLimiter, l as applyBasicWebhookRequestGuards, o as WEBHOOK_RATE_LIMIT_DEFAULTS, x as createWebhookAnomalyTracker, z as registerWebhookTarget } from "./runtime-api-CnYIxmRv.js";
 import { safeEqualSecret } from "openclaw/plugin-sdk/security-runtime";
 import { createClaimableDedupe } from "openclaw/plugin-sdk/persistent-dedupe";
 //#region extensions/zalo/src/monitor.webhook.ts

package/dist/{runtime-api-df534_Ih.js → runtime-api-CnYIxmRv.js}

@@ -1,4 +1,3 @@
-import "./runtime-BRFxnYQx.js";
 import { formatAllowFromLowercase as formatAllowFromLowercase$1, isNormalizedSenderAllowed } from "openclaw/plugin-sdk/allow-from";
 import { createChannelMessageReplyPipeline } from "openclaw/plugin-sdk/channel-message";
 import { PAIRING_APPROVED_MESSAGE, buildTokenChannelStatusSummary as buildTokenChannelStatusSummary$1 } from "openclaw/plugin-sdk/channel-status";
@@ -14,4 +13,11 @@ import { logTypingFailure as logTypingFailure$1 } from "openclaw/plugin-sdk/chan
 import { resolveInboundRouteEnvelopeBuilderWithRuntime as resolveInboundRouteEnvelopeBuilderWithRuntime$1 } from "openclaw/plugin-sdk/inbound-envelope";
 import { waitForAbortSignal } from "openclaw/plugin-sdk/runtime";
 import { WEBHOOK_ANOMALY_COUNTER_DEFAULTS, WEBHOOK_RATE_LIMIT_DEFAULTS, applyBasicWebhookRequestGuards, createFixedWindowRateLimiter, createWebhookAnomalyTracker, readJsonWebhookBodyOrReject, registerPluginHttpRoute as registerPluginHttpRoute$1, registerWebhookTarget, registerWebhookTargetWithPluginRoute, resolveWebhookPath as resolveWebhookPath$1, resolveWebhookTargetWithAuthOrRejectSync, withResolvedWebhookRequestPipeline } from "openclaw/plugin-sdk/webhook-ingress";
-export { normalizeAccountId$1 as A, resolveDefaultGroupPolicy$1 as B, hasConfiguredSecretInput$1 as C, logTypingFailure$1 as D, jsonResult as E, readStringParam as F, runSingleChannelSecretStep$1 as G, resolveOpenProviderRuntimeGroupPolicy$1 as H, registerPluginHttpRoute$1 as I, waitForAbortSignal as J, sendPayloadWithChunkedTextAndMedia$1 as K, registerWebhookTarget as L, normalizeSecretInputString as M, promptSingleChannelSecretInput$1 as N, mergeAllowFromEntries$1 as O, readJsonWebhookBodyOrReject as P, registerWebhookTargetWithPluginRoute as R, formatPairingApproveHint as S, isNumericTargetId$1 as T, resolveWebhookPath$1 as U, resolveInboundRouteEnvelopeBuilderWithRuntime$1 as V, resolveWebhookTargetWithAuthOrRejectSync as W, withResolvedWebhookRequestPipeline as X, warnMissingProviderGroupPolicyFallbackOnce$1 as Y, createDedupeCache as _, addWildcardAllowFrom$1 as a, deliverTextOrMediaReply$1 as b, applySetupAccountConfigPatch as c, buildSecretInputSchema as d, buildSingleChannelSecretPromptState$1 as f, createChannelPairingController$1 as g, createChannelMessageReplyPipeline as h, WEBHOOK_RATE_LIMIT_DEFAULTS as i, normalizeResolvedSecretInputString as j, migrateBaseNameToDefaultAccount as k, buildBaseAccountStatusSnapshot as l, chunkTextForOutbound$1 as m, PAIRING_APPROVED_MESSAGE as n, applyAccountNameToChannelSection as o, buildTokenChannelStatusSummary$1 as p, setTopLevelChannelDmPolicyWithAllowFrom as q, WEBHOOK_ANOMALY_COUNTER_DEFAULTS as r, applyBasicWebhookRequestGuards as s, DEFAULT_ACCOUNT_ID$1 as t, buildChannelConfigSchema as u, createFixedWindowRateLimiter as v, isNormalizedSenderAllowed as w, formatAllowFromLowercase$1 as x, createWebhookAnomalyTracker as y, resolveClientIp as z };
+import { createPluginRuntimeStore } from "openclaw/plugin-sdk/runtime-store";
+//#region extensions/zalo/src/runtime.ts
+const { setRuntime: setZaloRuntime, getRuntime: getZaloRuntime } = createPluginRuntimeStore({
+	pluginId: "zalo",
+	errorMessage: "Zalo runtime not initialized"
+});
+//#endregion
+export { mergeAllowFromEntries$1 as A, registerWebhookTargetWithPluginRoute as B, formatAllowFromLowercase$1 as C, isNumericTargetId$1 as D, isNormalizedSenderAllowed as E, promptSingleChannelSecretInput$1 as F, resolveWebhookPath$1 as G, resolveDefaultGroupPolicy$1 as H, readJsonWebhookBodyOrReject as I, sendPayloadWithChunkedTextAndMedia$1 as J, resolveWebhookTargetWithAuthOrRejectSync as K, readStringParam as L, normalizeAccountId$1 as M, normalizeResolvedSecretInputString as N, jsonResult as O, normalizeSecretInputString as P, withResolvedWebhookRequestPipeline as Q, registerPluginHttpRoute$1 as R, deliverTextOrMediaReply$1 as S, hasConfiguredSecretInput$1 as T, resolveInboundRouteEnvelopeBuilderWithRuntime$1 as U, resolveClientIp as V, resolveOpenProviderRuntimeGroupPolicy$1 as W, waitForAbortSignal as X, setTopLevelChannelDmPolicyWithAllowFrom as Y, warnMissingProviderGroupPolicyFallbackOnce$1 as Z, createChannelMessageReplyPipeline as _, WEBHOOK_ANOMALY_COUNTER_DEFAULTS as a, createFixedWindowRateLimiter as b, applyAccountNameToChannelSection as c, buildBaseAccountStatusSnapshot as d, buildChannelConfigSchema as f, chunkTextForOutbound$1 as g, buildTokenChannelStatusSummary$1 as h, PAIRING_APPROVED_MESSAGE as i, migrateBaseNameToDefaultAccount as j, logTypingFailure$1 as k, applyBasicWebhookRequestGuards as l, buildSingleChannelSecretPromptState$1 as m, setZaloRuntime as n, WEBHOOK_RATE_LIMIT_DEFAULTS as o, buildSecretInputSchema as p, runSingleChannelSecretStep$1 as q, DEFAULT_ACCOUNT_ID$1 as r, addWildcardAllowFrom$1 as s, getZaloRuntime as t, applySetupAccountConfigPatch as u, createChannelPairingController$1 as v, formatPairingApproveHint as w, createWebhookAnomalyTracker as x, createDedupeCache as y, registerWebhookTarget as z };

package/dist/runtime-api.js

@@ -1,3 +1,2 @@
-import { A as normalizeAccountId, B as resolveDefaultGroupPolicy, C as hasConfiguredSecretInput, D as logTypingFailure, E as jsonResult, F as readStringParam, G as runSingleChannelSecretStep, H as resolveOpenProviderRuntimeGroupPolicy, I as registerPluginHttpRoute, J as waitForAbortSignal, K as sendPayloadWithChunkedTextAndMedia, L as registerWebhookTarget, M as normalizeSecretInputString, N as promptSingleChannelSecretInput, O as mergeAllowFromEntries, P as readJsonWebhookBodyOrReject, R as registerWebhookTargetWithPluginRoute, S as formatPairingApproveHint, T as isNumericTargetId, U as resolveWebhookPath, V as resolveInboundRouteEnvelopeBuilderWithRuntime, W as resolveWebhookTargetWithAuthOrRejectSync, X as withResolvedWebhookRequestPipeline, Y as warnMissingProviderGroupPolicyFallbackOnce, _ as createDedupeCache, a as addWildcardAllowFrom, b as deliverTextOrMediaReply, c as applySetupAccountConfigPatch, d as buildSecretInputSchema, f as buildSingleChannelSecretPromptState, g as createChannelPairingController, h as createChannelMessageReplyPipeline, i as WEBHOOK_RATE_LIMIT_DEFAULTS, j as normalizeResolvedSecretInputString, k as migrateBaseNameToDefaultAccount, l as buildBaseAccountStatusSnapshot, m as chunkTextForOutbound, n as PAIRING_APPROVED_MESSAGE, o as applyAccountNameToChannelSection, p as buildTokenChannelStatusSummary, q as setTopLevelChannelDmPolicyWithAllowFrom, r as WEBHOOK_ANOMALY_COUNTER_DEFAULTS, s as applyBasicWebhookRequestGuards, t as DEFAULT_ACCOUNT_ID, u as buildChannelConfigSchema, v as createFixedWindowRateLimiter, w as isNormalizedSenderAllowed, x as formatAllowFromLowercase, y as createWebhookAnomalyTracker, z as resolveClientIp } from "./runtime-api-df534_Ih.js";
-import { n as setZaloRuntime } from "./runtime-BRFxnYQx.js";
+import { A as mergeAllowFromEntries, B as registerWebhookTargetWithPluginRoute, C as formatAllowFromLowercase, D as isNumericTargetId, E as isNormalizedSenderAllowed, F as promptSingleChannelSecretInput, G as resolveWebhookPath, H as resolveDefaultGroupPolicy, I as readJsonWebhookBodyOrReject, J as sendPayloadWithChunkedTextAndMedia, K as resolveWebhookTargetWithAuthOrRejectSync, L as readStringParam, M as normalizeAccountId, N as normalizeResolvedSecretInputString, O as jsonResult, P as normalizeSecretInputString, Q as withResolvedWebhookRequestPipeline, R as registerPluginHttpRoute, S as deliverTextOrMediaReply, T as hasConfiguredSecretInput, U as resolveInboundRouteEnvelopeBuilderWithRuntime, V as resolveClientIp, W as resolveOpenProviderRuntimeGroupPolicy, X as waitForAbortSignal, Y as setTopLevelChannelDmPolicyWithAllowFrom, Z as warnMissingProviderGroupPolicyFallbackOnce, _ as createChannelMessageReplyPipeline, a as WEBHOOK_ANOMALY_COUNTER_DEFAULTS, b as createFixedWindowRateLimiter, c as applyAccountNameToChannelSection, d as buildBaseAccountStatusSnapshot, f as buildChannelConfigSchema, g as chunkTextForOutbound, h as buildTokenChannelStatusSummary, i as PAIRING_APPROVED_MESSAGE, j as migrateBaseNameToDefaultAccount, k as logTypingFailure, l as applyBasicWebhookRequestGuards, m as buildSingleChannelSecretPromptState, n as setZaloRuntime, o as WEBHOOK_RATE_LIMIT_DEFAULTS, p as buildSecretInputSchema, q as runSingleChannelSecretStep, r as DEFAULT_ACCOUNT_ID, s as addWildcardAllowFrom, u as applySetupAccountConfigPatch, v as createChannelPairingController, w as formatPairingApproveHint, x as createWebhookAnomalyTracker, y as createDedupeCache, z as registerWebhookTarget } from "./runtime-api-CnYIxmRv.js";
 export { DEFAULT_ACCOUNT_ID, PAIRING_APPROVED_MESSAGE, WEBHOOK_ANOMALY_COUNTER_DEFAULTS, WEBHOOK_RATE_LIMIT_DEFAULTS, addWildcardAllowFrom, applyAccountNameToChannelSection, applyBasicWebhookRequestGuards, applySetupAccountConfigPatch, buildBaseAccountStatusSnapshot, buildChannelConfigSchema, buildSecretInputSchema, buildSingleChannelSecretPromptState, buildTokenChannelStatusSummary, chunkTextForOutbound, createChannelMessageReplyPipeline, createChannelPairingController, createDedupeCache, createFixedWindowRateLimiter, createWebhookAnomalyTracker, deliverTextOrMediaReply, formatAllowFromLowercase, formatPairingApproveHint, hasConfiguredSecretInput, isNormalizedSenderAllowed, isNumericTargetId, jsonResult, logTypingFailure, mergeAllowFromEntries, migrateBaseNameToDefaultAccount, normalizeAccountId, normalizeResolvedSecretInputString, normalizeSecretInputString, promptSingleChannelSecretInput, readJsonWebhookBodyOrReject, readStringParam, registerPluginHttpRoute, registerWebhookTarget, registerWebhookTargetWithPluginRoute, resolveClientIp, resolveDefaultGroupPolicy, resolveInboundRouteEnvelopeBuilderWithRuntime, resolveOpenProviderRuntimeGroupPolicy, resolveWebhookPath, resolveWebhookTargetWithAuthOrRejectSync, runSingleChannelSecretStep, sendPayloadWithChunkedTextAndMedia, setTopLevelChannelDmPolicyWithAllowFrom, setZaloRuntime, waitForAbortSignal, warnMissingProviderGroupPolicyFallbackOnce, withResolvedWebhookRequestPipeline };

package/dist/send-DC0JAcxV.js

@@ -0,0 +1,270 @@
+import { d as resolveZaloToken, u as resolveZaloAccount } from "./setup-core-c-VVz39c.js";
+import { createMessageReceiptFromOutboundResults } from "openclaw/plugin-sdk/channel-message";
+import { formatErrorMessage } from "openclaw/plugin-sdk/error-runtime";
+import { resolvePinnedHostnameWithPolicy } from "openclaw/plugin-sdk/ssrf-runtime";
+import { makeProxyFetch } from "openclaw/plugin-sdk/fetch-runtime";
+//#region extensions/zalo/src/api.ts
+/**
+* Zalo Bot API client
+* @see https://bot.zaloplatforms.com/docs
+*/
+const ZALO_API_BASE = "https://bot-api.zaloplatforms.com";
+const ZALO_MEDIA_SSRF_POLICY = {};
+var ZaloApiError = class extends Error {
+	constructor(message, errorCode, description) {
+		super(message);
+		this.errorCode = errorCode;
+		this.description = description;
+		this.name = "ZaloApiError";
+	}
+	/** True if this is a long-polling timeout (no updates available) */
+	get isPollingTimeout() {
+		return this.errorCode === 408;
+	}
+};
+/**
+* Call the Zalo Bot API
+*/
+async function callZaloApi(method, token, body, options) {
+	const url = `${ZALO_API_BASE}/bot${token}/${method}`;
+	const controller = new AbortController();
+	const timeoutId = options?.timeoutMs ? setTimeout(() => controller.abort(), options.timeoutMs) : void 0;
+	const fetcher = options?.fetch ?? fetch;
+	try {
+		const data = await (await fetcher(url, {
+			method: "POST",
+			headers: { "Content-Type": "application/json" },
+			body: body ? JSON.stringify(body) : void 0,
+			signal: controller.signal
+		})).json();
+		if (!data.ok) throw new ZaloApiError(data.description ?? `Zalo API error: ${method}`, data.error_code, data.description);
+		return data;
+	} finally {
+		if (timeoutId) clearTimeout(timeoutId);
+	}
+}
+/**
+* Validate bot token and get bot info
+*/
+async function getMe(token, timeoutMs, fetcher) {
+	return callZaloApi("getMe", token, void 0, {
+		timeoutMs,
+		fetch: fetcher
+	});
+}
+/**
+* Send a text message
+*/
+async function sendMessage(token, params, fetcher) {
+	return callZaloApi("sendMessage", token, params, { fetch: fetcher });
+}
+/**
+* Send a photo message
+*/
+async function sendPhoto(token, params, fetcher) {
+	const photoUrl = params.photo.trim();
+	let parsedPhotoUrl;
+	try {
+		parsedPhotoUrl = new URL(photoUrl);
+	} catch {
+		throw new Error("Zalo photo URL must be an absolute HTTP or HTTPS URL");
+	}
+	if (parsedPhotoUrl.protocol !== "http:" && parsedPhotoUrl.protocol !== "https:") throw new Error("Zalo photo URL must use HTTP or HTTPS");
+	await resolvePinnedHostnameWithPolicy(parsedPhotoUrl.hostname, { policy: ZALO_MEDIA_SSRF_POLICY });
+	return callZaloApi("sendPhoto", token, {
+		...params,
+		photo: parsedPhotoUrl.href
+	}, { fetch: fetcher });
+}
+/**
+* Send a temporary chat action such as typing.
+*/
+async function sendChatAction(token, params, fetcher, timeoutMs) {
+	return callZaloApi("sendChatAction", token, params, {
+		timeoutMs,
+		fetch: fetcher
+	});
+}
+/**
+* Get updates using long polling (dev/testing only)
+* Note: Zalo returns a single update per call, not an array like Telegram
+*/
+async function getUpdates(token, params, fetcher) {
+	const pollTimeoutSec = params?.timeout ?? 30;
+	const timeoutMs = (pollTimeoutSec + 5) * 1e3;
+	return callZaloApi("getUpdates", token, { timeout: String(pollTimeoutSec) }, {
+		timeoutMs,
+		fetch: fetcher
+	});
+}
+/**
+* Set webhook URL for receiving updates
+*/
+async function setWebhook(token, params, fetcher) {
+	return callZaloApi("setWebhook", token, params, { fetch: fetcher });
+}
+/**
+* Delete webhook configuration
+*/
+async function deleteWebhook(token, fetcher, timeoutMs) {
+	return callZaloApi("deleteWebhook", token, void 0, {
+		timeoutMs,
+		fetch: fetcher
+	});
+}
+/**
+* Get current webhook info
+*/
+async function getWebhookInfo(token, fetcher) {
+	return callZaloApi("getWebhookInfo", token, void 0, { fetch: fetcher });
+}
+//#endregion
+//#region extensions/zalo/src/proxy.ts
+const proxyCache = /* @__PURE__ */ new Map();
+function resolveZaloProxyFetch(proxyUrl) {
+	const trimmed = proxyUrl?.trim();
+	if (!trimmed) return;
+	const cached = proxyCache.get(trimmed);
+	if (cached) return cached;
+	const fetcher = makeProxyFetch(trimmed);
+	proxyCache.set(trimmed, fetcher);
+	return fetcher;
+}
+//#endregion
+//#region extensions/zalo/src/send.ts
+function createZaloSendReceipt(params) {
+	const messageId = params.messageId?.trim();
+	return createMessageReceiptFromOutboundResults({
+		results: messageId ? [{
+			channel: "zalo",
+			messageId,
+			chatId: params.chatId
+		}] : [],
+		kind: params.kind
+	});
+}
+function toZaloSendResult(response, params) {
+	if (response.ok && response.result) return {
+		ok: true,
+		messageId: response.result.message_id,
+		receipt: createZaloSendReceipt({
+			messageId: response.result.message_id,
+			chatId: params.chatId,
+			kind: params.kind
+		})
+	};
+	return {
+		ok: false,
+		error: "Failed to send message",
+		receipt: createZaloSendReceipt({
+			chatId: params.chatId,
+			kind: params.kind
+		})
+	};
+}
+async function runZaloSend(failureMessage, params, send) {
+	try {
+		const result = toZaloSendResult(await send(), params);
+		return result.ok ? result : {
+			ok: false,
+			error: failureMessage,
+			receipt: result.receipt
+		};
+	} catch (err) {
+		return {
+			ok: false,
+			error: formatErrorMessage(err),
+			receipt: createZaloSendReceipt({
+				chatId: params.chatId,
+				kind: params.kind
+			})
+		};
+	}
+}
+function resolveSendContext(options) {
+	if (options.cfg) {
+		const account = resolveZaloAccount({
+			cfg: options.cfg,
+			accountId: options.accountId
+		});
+		return {
+			token: options.token || account.token,
+			fetcher: resolveZaloProxyFetch(options.proxy ?? account.config.proxy)
+		};
+	}
+	const token = options.token ?? resolveZaloToken(void 0, options.accountId).token;
+	const proxy = options.proxy;
+	return {
+		token,
+		fetcher: resolveZaloProxyFetch(proxy)
+	};
+}
+function resolveValidatedSendContext(chatId, options) {
+	const { token, fetcher } = resolveSendContext(options);
+	if (!token) return {
+		ok: false,
+		error: "No Zalo bot token configured"
+	};
+	const trimmedChatId = chatId?.trim();
+	if (!trimmedChatId) return {
+		ok: false,
+		error: "No chat_id provided"
+	};
+	return {
+		ok: true,
+		chatId: trimmedChatId,
+		token,
+		fetcher
+	};
+}
+function resolveSendContextOrFailure(chatId, options) {
+	const context = resolveValidatedSendContext(chatId, options);
+	return context.ok ? { context } : { failure: {
+		ok: false,
+		error: context.error,
+		receipt: createZaloSendReceipt({
+			chatId,
+			kind: "unknown"
+		})
+	} };
+}
+async function sendMessageZalo(chatId, text, options = {}) {
+	const resolved = resolveSendContextOrFailure(chatId, options);
+	if ("failure" in resolved) return resolved.failure;
+	const { context } = resolved;
+	if (options.mediaUrl) return sendPhotoZalo(context.chatId, options.mediaUrl, {
+		...options,
+		token: context.token,
+		caption: text || options.caption
+	});
+	return await runZaloSend("Failed to send message", {
+		chatId: context.chatId,
+		kind: "text"
+	}, () => sendMessage(context.token, {
+		chat_id: context.chatId,
+		text: text.slice(0, 2e3)
+	}, context.fetcher));
+}
+async function sendPhotoZalo(chatId, photoUrl, options = {}) {
+	const resolved = resolveSendContextOrFailure(chatId, options);
+	if ("failure" in resolved) return resolved.failure;
+	const { context } = resolved;
+	if (!photoUrl?.trim()) return {
+		ok: false,
+		error: "No photo URL provided",
+		receipt: createZaloSendReceipt({
+			chatId: context.chatId,
+			kind: "media"
+		})
+	};
+	return await runZaloSend("Failed to send photo", {
+		chatId: context.chatId,
+		kind: "media"
+	}, () => (async () => sendPhoto(context.token, {
+		chat_id: context.chatId,
+		photo: photoUrl.trim(),
+		caption: options.caption?.slice(0, 2e3)
+	}, context.fetcher))());
+}
+//#endregion
+export { getMe as a, sendChatAction as c, setWebhook as d, deleteWebhook as i, sendMessage as l, resolveZaloProxyFetch as n, getUpdates as o, ZaloApiError as r, getWebhookInfo as s, sendMessageZalo as t, sendPhoto as u };

package/dist/setup-api.js

@@ -1,5 +1,5 @@
-import { n as zaloDmPolicy, r as zaloSetupAdapter, t as createZaloSetupWizardProxy } from "./setup-core-B-97bdBF.js";
-import { n as resolveZaloRuntimeGroupPolicy } from "./group-access-B_fAqJAN.js";
+import { n as zaloDmPolicy, r as zaloSetupAdapter, t as createZaloSetupWizardProxy } from "./setup-core-c-VVz39c.js";
+import { n as resolveZaloRuntimeGroupPolicy } from "./group-access-Boqk-JNd.js";
 import { loadBundledEntryExportSync } from "openclaw/plugin-sdk/channel-entry-contract";
 //#region extensions/zalo/setup-api.ts
 function createLazyObjectValue(load) {