@openclaw/zalo 2026.5.14-beta.1 → 2026.5.14-beta.2

package/dist/{actions.runtime-B-RkyU18.js → actions.runtime-DPLidmVV.js}

@@ -1,4 +1,4 @@
-import { t as sendMessageZalo } from "./send-B33YPMz_.js";
+import { t as sendMessageZalo } from "./send-DC0JAcxV.js";
 //#region extensions/zalo/src/actions.runtime.ts
 const zaloActionsRuntime = { sendMessageZalo };
 //#endregion

package/dist/api.js

@@ -1,5 +1,5 @@
-import { t as zaloPlugin } from "./channel-Cm5LsFn-.js";
-import { n as zaloDmPolicy, r as zaloSetupAdapter, t as createZaloSetupWizardProxy } from "./setup-core-B-97bdBF.js";
-import { n as resolveZaloRuntimeGroupPolicy } from "./group-access-B_fAqJAN.js";
+import { n as zaloDmPolicy, r as zaloSetupAdapter, t as createZaloSetupWizardProxy } from "./setup-core-c-VVz39c.js";
+import { t as zaloPlugin } from "./channel-Ds8WfCFp.js";
+import { n as resolveZaloRuntimeGroupPolicy } from "./group-access-Boqk-JNd.js";
 import { zaloSetupWizard } from "./setup-api.js";
 export { createZaloSetupWizardProxy, resolveZaloRuntimeGroupPolicy, zaloDmPolicy, zaloPlugin, zaloSetupAdapter, zaloSetupWizard };

package/dist/{channel-Cm5LsFn-.js → channel-Ds8WfCFp.js}

@@ -1,6 +1,5 @@
-import { a as resolveZaloAccount, i as resolveDefaultZaloAccountId, n as listEnabledZaloAccounts, r as listZaloAccountIds, s as buildSecretInputSchema } from "./accounts-OjbMFek2.js";
+import { c as listZaloAccountIds, f as buildSecretInputSchema, l as resolveDefaultZaloAccountId, r as zaloSetupAdapter, s as listEnabledZaloAccounts, t as createZaloSetupWizardProxy, u as resolveZaloAccount } from "./setup-core-c-VVz39c.js";
 import { n as collectRuntimeConfigAssignments, r as secretTargetRegistryEntries } from "./secret-contract-Dw93tGo2.js";
-import { r as zaloSetupAdapter, t as createZaloSetupWizardProxy } from "./setup-core-B-97bdBF.js";
 import { describeWebhookAccountSnapshot } from "openclaw/plugin-sdk/account-helpers";
 import { DEFAULT_ACCOUNT_ID } from "openclaw/plugin-sdk/account-id";
 import { formatAllowFromLowercase } from "openclaw/plugin-sdk/allow-from";
@@ -25,7 +24,7 @@ import { AllowFromListSchema, DmPolicySchema, GroupPolicySchema, MarkdownConfigS
 import { z } from "zod";
 import { coerceStatusIssueAccountId, readStatusIssueFields } from "openclaw/plugin-sdk/extension-shared";
 //#region extensions/zalo/src/actions.ts
-const loadZaloActionsRuntime = createLazyRuntimeNamedExport(() => import("./actions.runtime-B-RkyU18.js"), "zaloActionsRuntime");
+const loadZaloActionsRuntime = createLazyRuntimeNamedExport(() => import("./actions.runtime-DPLidmVV.js"), "zaloActionsRuntime");
 const providerId = "zalo";
 function listEnabledAccounts(cfg, accountId) {
 	return (accountId ? [resolveZaloAccount({
@@ -174,8 +173,8 @@ function normalizeZaloMessagingTarget(raw) {
 	if (!trimmed) return;
 	return trimmed.replace(/^(zalo|zl):/i, "").trim();
 }
-const loadZaloChannelRuntime = createLazyRuntimeModule(() => import("./channel.runtime-4Hdh_1my.js"));
-const zaloSetupWizard = createZaloSetupWizardProxy(async () => (await import("./setup-surface-Cs4_XZXk.js")).zaloSetupWizard);
+const loadZaloChannelRuntime = createLazyRuntimeModule(() => import("./channel.runtime-BwHejuBf.js"));
+const zaloSetupWizard = createZaloSetupWizardProxy(async () => (await import("./setup-surface-DY3c-fas.js")).zaloSetupWizard);
 const zaloTextChunkLimit = 2e3;
 const zaloRawSendResultAdapter = createRawChannelSendResultAdapter({
 	channel: "zalo",

package/dist/channel-plugin-api.js

@@ -1,2 +1,2 @@
-import { t as zaloPlugin } from "./channel-Cm5LsFn-.js";
+import { t as zaloPlugin } from "./channel-Ds8WfCFp.js";
 export { zaloPlugin };

package/dist/{channel.runtime-4Hdh_1my.js → channel.runtime-BwHejuBf.js}

@@ -1,7 +1,6 @@
-import { c as normalizeSecretInputString } from "./accounts-OjbMFek2.js";
-import { n as PAIRING_APPROVED_MESSAGE } from "./runtime-api-df534_Ih.js";
-import { i as getMe, n as ZaloApiError, t as resolveZaloProxyFetch } from "./proxy-D5AGEsI0.js";
-import { t as sendMessageZalo } from "./send-B33YPMz_.js";
+import { p as normalizeSecretInputString } from "./setup-core-c-VVz39c.js";
+import { i as PAIRING_APPROVED_MESSAGE } from "./runtime-api-CnYIxmRv.js";
+import { a as getMe, n as resolveZaloProxyFetch, r as ZaloApiError, t as sendMessageZalo } from "./send-DC0JAcxV.js";
 import { createAccountStatusSink } from "openclaw/plugin-sdk/channel-lifecycle";
 //#region extensions/zalo/src/probe.ts
 async function probeZalo(token, timeoutMs = 5e3, fetcher) {
@@ -53,7 +52,7 @@ async function probeZalo(token, timeoutMs = 5e3, fetcher) {
 //#endregion
 //#region extensions/zalo/src/channel.runtime.ts
 async function notifyZaloPairingApproval(params) {
-	const { resolveZaloAccount } = await import("./accounts-OjbMFek2.js").then((n) => n.t);
+	const { resolveZaloAccount } = await import("./setup-core-c-VVz39c.js").then((n) => n.o);
 	const account = resolveZaloAccount({ cfg: params.cfg });
 	if (!account.token) throw new Error("Zalo token not configured");
 	await sendMessageZalo(params.id, PAIRING_APPROVED_MESSAGE, { token: account.token });
@@ -87,7 +86,7 @@ async function startZaloGatewayAccount(ctx) {
 		setStatus: ctx.setStatus
 	});
 	ctx.log?.info(`[${account.accountId}] starting provider${zaloBotLabel} mode=${mode}`);
-	const { monitorZaloProvider } = await import("./monitor-DcrZwSax.js");
+	const { monitorZaloProvider } = await import("./monitor-BMpWuV4T.js");
 	return monitorZaloProvider({
 		token,
 		account,

package/dist/contract-api.js

@@ -1,3 +1,3 @@
 import { n as collectRuntimeConfigAssignments, r as secretTargetRegistryEntries } from "./secret-contract-Dw93tGo2.js";
-import { n as resolveZaloRuntimeGroupPolicy } from "./group-access-B_fAqJAN.js";
+import { n as resolveZaloRuntimeGroupPolicy } from "./group-access-Boqk-JNd.js";
 export { collectRuntimeConfigAssignments, resolveZaloRuntimeGroupPolicy, secretTargetRegistryEntries };

package/dist/{monitor-DcrZwSax.js → monitor-BMpWuV4T.js}

@@ -1,6 +1,6 @@
-import { n as resolveZaloRuntimeGroupPolicy, t as normalizeZaloAllowEntry } from "./group-access-B_fAqJAN.js";
-import { t as getZaloRuntime } from "./runtime-BRFxnYQx.js";
-import { a as getUpdates, c as sendMessage, l as sendPhoto, n as ZaloApiError, o as getWebhookInfo, r as deleteWebhook, s as sendChatAction, t as resolveZaloProxyFetch, u as setWebhook } from "./proxy-D5AGEsI0.js";
+import { n as resolveZaloRuntimeGroupPolicy, t as normalizeZaloAllowEntry } from "./group-access-Boqk-JNd.js";
+import { t as getZaloRuntime } from "./runtime-api-CnYIxmRv.js";
+import { c as sendChatAction, d as setWebhook, i as deleteWebhook, l as sendMessage, n as resolveZaloProxyFetch, o as getUpdates, r as ZaloApiError, s as getWebhookInfo, u as sendPhoto } from "./send-DC0JAcxV.js";
 import { deliverTextOrMediaReply, resolveSendableOutboundReplyParts } from "openclaw/plugin-sdk/reply-payload";
 import { normalizeStringEntries } from "openclaw/plugin-sdk/string-coerce-runtime";
 import { resolveDefaultGroupPolicy, warnMissingProviderGroupPolicyFallbackOnce } from "openclaw/plugin-sdk/runtime-group-policy";
@@ -186,7 +186,7 @@ const ZALO_TYPING_TIMEOUT_MS = 5e3;
 let zaloWebhookModulePromise;
 const hostedMediaRouteRefs = /* @__PURE__ */ new Map();
 function loadZaloWebhookModule() {
-	zaloWebhookModulePromise ??= import("./monitor.webhook-DDHdDX2R.js");
+	zaloWebhookModulePromise ??= import("./monitor.webhook-DlMvHl6I.js");
 	return zaloWebhookModulePromise;
 }
 function registerSharedHostedMediaRoute(params) {

package/dist/{monitor.webhook-DDHdDX2R.js → monitor.webhook-DlMvHl6I.js}

@@ -1,4 +1,4 @@
-import { L as registerWebhookTarget, P as readJsonWebhookBodyOrReject, R as registerWebhookTargetWithPluginRoute, W as resolveWebhookTargetWithAuthOrRejectSync, X as withResolvedWebhookRequestPipeline, i as WEBHOOK_RATE_LIMIT_DEFAULTS, r as WEBHOOK_ANOMALY_COUNTER_DEFAULTS, s as applyBasicWebhookRequestGuards, v as createFixedWindowRateLimiter, y as createWebhookAnomalyTracker, z as resolveClientIp } from "./runtime-api-df534_Ih.js";
+import { B as registerWebhookTargetWithPluginRoute, I as readJsonWebhookBodyOrReject, K as resolveWebhookTargetWithAuthOrRejectSync, Q as withResolvedWebhookRequestPipeline, V as resolveClientIp, a as WEBHOOK_ANOMALY_COUNTER_DEFAULTS, b as createFixedWindowRateLimiter, l as applyBasicWebhookRequestGuards, o as WEBHOOK_RATE_LIMIT_DEFAULTS, x as createWebhookAnomalyTracker, z as registerWebhookTarget } from "./runtime-api-CnYIxmRv.js";
 import { safeEqualSecret } from "openclaw/plugin-sdk/security-runtime";
 import { createClaimableDedupe } from "openclaw/plugin-sdk/persistent-dedupe";
 //#region extensions/zalo/src/monitor.webhook.ts

package/dist/{runtime-api-df534_Ih.js → runtime-api-CnYIxmRv.js}

@@ -1,4 +1,3 @@
-import "./runtime-BRFxnYQx.js";
 import { formatAllowFromLowercase as formatAllowFromLowercase$1, isNormalizedSenderAllowed } from "openclaw/plugin-sdk/allow-from";
 import { createChannelMessageReplyPipeline } from "openclaw/plugin-sdk/channel-message";
 import { PAIRING_APPROVED_MESSAGE, buildTokenChannelStatusSummary as buildTokenChannelStatusSummary$1 } from "openclaw/plugin-sdk/channel-status";
@@ -14,4 +13,11 @@ import { logTypingFailure as logTypingFailure$1 } from "openclaw/plugin-sdk/chan
 import { resolveInboundRouteEnvelopeBuilderWithRuntime as resolveInboundRouteEnvelopeBuilderWithRuntime$1 } from "openclaw/plugin-sdk/inbound-envelope";
 import { waitForAbortSignal } from "openclaw/plugin-sdk/runtime";
 import { WEBHOOK_ANOMALY_COUNTER_DEFAULTS, WEBHOOK_RATE_LIMIT_DEFAULTS, applyBasicWebhookRequestGuards, createFixedWindowRateLimiter, createWebhookAnomalyTracker, readJsonWebhookBodyOrReject, registerPluginHttpRoute as registerPluginHttpRoute$1, registerWebhookTarget, registerWebhookTargetWithPluginRoute, resolveWebhookPath as resolveWebhookPath$1, resolveWebhookTargetWithAuthOrRejectSync, withResolvedWebhookRequestPipeline } from "openclaw/plugin-sdk/webhook-ingress";
-export { normalizeAccountId$1 as A, resolveDefaultGroupPolicy$1 as B, hasConfiguredSecretInput$1 as C, logTypingFailure$1 as D, jsonResult as E, readStringParam as F, runSingleChannelSecretStep$1 as G, resolveOpenProviderRuntimeGroupPolicy$1 as H, registerPluginHttpRoute$1 as I, waitForAbortSignal as J, sendPayloadWithChunkedTextAndMedia$1 as K, registerWebhookTarget as L, normalizeSecretInputString as M, promptSingleChannelSecretInput$1 as N, mergeAllowFromEntries$1 as O, readJsonWebhookBodyOrReject as P, registerWebhookTargetWithPluginRoute as R, formatPairingApproveHint as S, isNumericTargetId$1 as T, resolveWebhookPath$1 as U, resolveInboundRouteEnvelopeBuilderWithRuntime$1 as V, resolveWebhookTargetWithAuthOrRejectSync as W, withResolvedWebhookRequestPipeline as X, warnMissingProviderGroupPolicyFallbackOnce$1 as Y, createDedupeCache as _, addWildcardAllowFrom$1 as a, deliverTextOrMediaReply$1 as b, applySetupAccountConfigPatch as c, buildSecretInputSchema as d, buildSingleChannelSecretPromptState$1 as f, createChannelPairingController$1 as g, createChannelMessageReplyPipeline as h, WEBHOOK_RATE_LIMIT_DEFAULTS as i, normalizeResolvedSecretInputString as j, migrateBaseNameToDefaultAccount as k, buildBaseAccountStatusSnapshot as l, chunkTextForOutbound$1 as m, PAIRING_APPROVED_MESSAGE as n, applyAccountNameToChannelSection as o, buildTokenChannelStatusSummary$1 as p, setTopLevelChannelDmPolicyWithAllowFrom as q, WEBHOOK_ANOMALY_COUNTER_DEFAULTS as r, applyBasicWebhookRequestGuards as s, DEFAULT_ACCOUNT_ID$1 as t, buildChannelConfigSchema as u, createFixedWindowRateLimiter as v, isNormalizedSenderAllowed as w, formatAllowFromLowercase$1 as x, createWebhookAnomalyTracker as y, resolveClientIp as z };
+import { createPluginRuntimeStore } from "openclaw/plugin-sdk/runtime-store";
+//#region extensions/zalo/src/runtime.ts
+const { setRuntime: setZaloRuntime, getRuntime: getZaloRuntime } = createPluginRuntimeStore({
+	pluginId: "zalo",
+	errorMessage: "Zalo runtime not initialized"
+});
+//#endregion
+export { mergeAllowFromEntries$1 as A, registerWebhookTargetWithPluginRoute as B, formatAllowFromLowercase$1 as C, isNumericTargetId$1 as D, isNormalizedSenderAllowed as E, promptSingleChannelSecretInput$1 as F, resolveWebhookPath$1 as G, resolveDefaultGroupPolicy$1 as H, readJsonWebhookBodyOrReject as I, sendPayloadWithChunkedTextAndMedia$1 as J, resolveWebhookTargetWithAuthOrRejectSync as K, readStringParam as L, normalizeAccountId$1 as M, normalizeResolvedSecretInputString as N, jsonResult as O, normalizeSecretInputString as P, withResolvedWebhookRequestPipeline as Q, registerPluginHttpRoute$1 as R, deliverTextOrMediaReply$1 as S, hasConfiguredSecretInput$1 as T, resolveInboundRouteEnvelopeBuilderWithRuntime$1 as U, resolveClientIp as V, resolveOpenProviderRuntimeGroupPolicy$1 as W, waitForAbortSignal as X, setTopLevelChannelDmPolicyWithAllowFrom as Y, warnMissingProviderGroupPolicyFallbackOnce$1 as Z, createChannelMessageReplyPipeline as _, WEBHOOK_ANOMALY_COUNTER_DEFAULTS as a, createFixedWindowRateLimiter as b, applyAccountNameToChannelSection as c, buildBaseAccountStatusSnapshot as d, buildChannelConfigSchema as f, chunkTextForOutbound$1 as g, buildTokenChannelStatusSummary$1 as h, PAIRING_APPROVED_MESSAGE as i, migrateBaseNameToDefaultAccount as j, logTypingFailure$1 as k, applyBasicWebhookRequestGuards as l, buildSingleChannelSecretPromptState$1 as m, setZaloRuntime as n, WEBHOOK_RATE_LIMIT_DEFAULTS as o, buildSecretInputSchema as p, runSingleChannelSecretStep$1 as q, DEFAULT_ACCOUNT_ID$1 as r, addWildcardAllowFrom$1 as s, getZaloRuntime as t, applySetupAccountConfigPatch as u, createChannelPairingController$1 as v, formatPairingApproveHint as w, createWebhookAnomalyTracker as x, createDedupeCache as y, registerWebhookTarget as z };

package/dist/runtime-api.js

@@ -1,3 +1,2 @@
-import { A as normalizeAccountId, B as resolveDefaultGroupPolicy, C as hasConfiguredSecretInput, D as logTypingFailure, E as jsonResult, F as readStringParam, G as runSingleChannelSecretStep, H as resolveOpenProviderRuntimeGroupPolicy, I as registerPluginHttpRoute, J as waitForAbortSignal, K as sendPayloadWithChunkedTextAndMedia, L as registerWebhookTarget, M as normalizeSecretInputString, N as promptSingleChannelSecretInput, O as mergeAllowFromEntries, P as readJsonWebhookBodyOrReject, R as registerWebhookTargetWithPluginRoute, S as formatPairingApproveHint, T as isNumericTargetId, U as resolveWebhookPath, V as resolveInboundRouteEnvelopeBuilderWithRuntime, W as resolveWebhookTargetWithAuthOrRejectSync, X as withResolvedWebhookRequestPipeline, Y as warnMissingProviderGroupPolicyFallbackOnce, _ as createDedupeCache, a as addWildcardAllowFrom, b as deliverTextOrMediaReply, c as applySetupAccountConfigPatch, d as buildSecretInputSchema, f as buildSingleChannelSecretPromptState, g as createChannelPairingController, h as createChannelMessageReplyPipeline, i as WEBHOOK_RATE_LIMIT_DEFAULTS, j as normalizeResolvedSecretInputString, k as migrateBaseNameToDefaultAccount, l as buildBaseAccountStatusSnapshot, m as chunkTextForOutbound, n as PAIRING_APPROVED_MESSAGE, o as applyAccountNameToChannelSection, p as buildTokenChannelStatusSummary, q as setTopLevelChannelDmPolicyWithAllowFrom, r as WEBHOOK_ANOMALY_COUNTER_DEFAULTS, s as applyBasicWebhookRequestGuards, t as DEFAULT_ACCOUNT_ID, u as buildChannelConfigSchema, v as createFixedWindowRateLimiter, w as isNormalizedSenderAllowed, x as formatAllowFromLowercase, y as createWebhookAnomalyTracker, z as resolveClientIp } from "./runtime-api-df534_Ih.js";
-import { n as setZaloRuntime } from "./runtime-BRFxnYQx.js";
+import { A as mergeAllowFromEntries, B as registerWebhookTargetWithPluginRoute, C as formatAllowFromLowercase, D as isNumericTargetId, E as isNormalizedSenderAllowed, F as promptSingleChannelSecretInput, G as resolveWebhookPath, H as resolveDefaultGroupPolicy, I as readJsonWebhookBodyOrReject, J as sendPayloadWithChunkedTextAndMedia, K as resolveWebhookTargetWithAuthOrRejectSync, L as readStringParam, M as normalizeAccountId, N as normalizeResolvedSecretInputString, O as jsonResult, P as normalizeSecretInputString, Q as withResolvedWebhookRequestPipeline, R as registerPluginHttpRoute, S as deliverTextOrMediaReply, T as hasConfiguredSecretInput, U as resolveInboundRouteEnvelopeBuilderWithRuntime, V as resolveClientIp, W as resolveOpenProviderRuntimeGroupPolicy, X as waitForAbortSignal, Y as setTopLevelChannelDmPolicyWithAllowFrom, Z as warnMissingProviderGroupPolicyFallbackOnce, _ as createChannelMessageReplyPipeline, a as WEBHOOK_ANOMALY_COUNTER_DEFAULTS, b as createFixedWindowRateLimiter, c as applyAccountNameToChannelSection, d as buildBaseAccountStatusSnapshot, f as buildChannelConfigSchema, g as chunkTextForOutbound, h as buildTokenChannelStatusSummary, i as PAIRING_APPROVED_MESSAGE, j as migrateBaseNameToDefaultAccount, k as logTypingFailure, l as applyBasicWebhookRequestGuards, m as buildSingleChannelSecretPromptState, n as setZaloRuntime, o as WEBHOOK_RATE_LIMIT_DEFAULTS, p as buildSecretInputSchema, q as runSingleChannelSecretStep, r as DEFAULT_ACCOUNT_ID, s as addWildcardAllowFrom, u as applySetupAccountConfigPatch, v as createChannelPairingController, w as formatPairingApproveHint, x as createWebhookAnomalyTracker, y as createDedupeCache, z as registerWebhookTarget } from "./runtime-api-CnYIxmRv.js";
 export { DEFAULT_ACCOUNT_ID, PAIRING_APPROVED_MESSAGE, WEBHOOK_ANOMALY_COUNTER_DEFAULTS, WEBHOOK_RATE_LIMIT_DEFAULTS, addWildcardAllowFrom, applyAccountNameToChannelSection, applyBasicWebhookRequestGuards, applySetupAccountConfigPatch, buildBaseAccountStatusSnapshot, buildChannelConfigSchema, buildSecretInputSchema, buildSingleChannelSecretPromptState, buildTokenChannelStatusSummary, chunkTextForOutbound, createChannelMessageReplyPipeline, createChannelPairingController, createDedupeCache, createFixedWindowRateLimiter, createWebhookAnomalyTracker, deliverTextOrMediaReply, formatAllowFromLowercase, formatPairingApproveHint, hasConfiguredSecretInput, isNormalizedSenderAllowed, isNumericTargetId, jsonResult, logTypingFailure, mergeAllowFromEntries, migrateBaseNameToDefaultAccount, normalizeAccountId, normalizeResolvedSecretInputString, normalizeSecretInputString, promptSingleChannelSecretInput, readJsonWebhookBodyOrReject, readStringParam, registerPluginHttpRoute, registerWebhookTarget, registerWebhookTargetWithPluginRoute, resolveClientIp, resolveDefaultGroupPolicy, resolveInboundRouteEnvelopeBuilderWithRuntime, resolveOpenProviderRuntimeGroupPolicy, resolveWebhookPath, resolveWebhookTargetWithAuthOrRejectSync, runSingleChannelSecretStep, sendPayloadWithChunkedTextAndMedia, setTopLevelChannelDmPolicyWithAllowFrom, setZaloRuntime, waitForAbortSignal, warnMissingProviderGroupPolicyFallbackOnce, withResolvedWebhookRequestPipeline };

package/dist/send-DC0JAcxV.js

@@ -0,0 +1,270 @@
+import { d as resolveZaloToken, u as resolveZaloAccount } from "./setup-core-c-VVz39c.js";
+import { createMessageReceiptFromOutboundResults } from "openclaw/plugin-sdk/channel-message";
+import { formatErrorMessage } from "openclaw/plugin-sdk/error-runtime";
+import { resolvePinnedHostnameWithPolicy } from "openclaw/plugin-sdk/ssrf-runtime";
+import { makeProxyFetch } from "openclaw/plugin-sdk/fetch-runtime";
+//#region extensions/zalo/src/api.ts
+/**
+* Zalo Bot API client
+* @see https://bot.zaloplatforms.com/docs
+*/
+const ZALO_API_BASE = "https://bot-api.zaloplatforms.com";
+const ZALO_MEDIA_SSRF_POLICY = {};
+var ZaloApiError = class extends Error {
+	constructor(message, errorCode, description) {
+		super(message);
+		this.errorCode = errorCode;
+		this.description = description;
+		this.name = "ZaloApiError";
+	}
+	/** True if this is a long-polling timeout (no updates available) */
+	get isPollingTimeout() {
+		return this.errorCode === 408;
+	}
+};
+/**
+* Call the Zalo Bot API
+*/
+async function callZaloApi(method, token, body, options) {
+	const url = `${ZALO_API_BASE}/bot${token}/${method}`;
+	const controller = new AbortController();
+	const timeoutId = options?.timeoutMs ? setTimeout(() => controller.abort(), options.timeoutMs) : void 0;
+	const fetcher = options?.fetch ?? fetch;
+	try {
+		const data = await (await fetcher(url, {
+			method: "POST",
+			headers: { "Content-Type": "application/json" },
+			body: body ? JSON.stringify(body) : void 0,
+			signal: controller.signal
+		})).json();
+		if (!data.ok) throw new ZaloApiError(data.description ?? `Zalo API error: ${method}`, data.error_code, data.description);
+		return data;
+	} finally {
+		if (timeoutId) clearTimeout(timeoutId);
+	}
+}
+/**
+* Validate bot token and get bot info
+*/
+async function getMe(token, timeoutMs, fetcher) {
+	return callZaloApi("getMe", token, void 0, {
+		timeoutMs,
+		fetch: fetcher
+	});
+}
+/**
+* Send a text message
+*/
+async function sendMessage(token, params, fetcher) {
+	return callZaloApi("sendMessage", token, params, { fetch: fetcher });
+}
+/**
+* Send a photo message
+*/
+async function sendPhoto(token, params, fetcher) {
+	const photoUrl = params.photo.trim();
+	let parsedPhotoUrl;
+	try {
+		parsedPhotoUrl = new URL(photoUrl);
+	} catch {
+		throw new Error("Zalo photo URL must be an absolute HTTP or HTTPS URL");
+	}
+	if (parsedPhotoUrl.protocol !== "http:" && parsedPhotoUrl.protocol !== "https:") throw new Error("Zalo photo URL must use HTTP or HTTPS");
+	await resolvePinnedHostnameWithPolicy(parsedPhotoUrl.hostname, { policy: ZALO_MEDIA_SSRF_POLICY });
+	return callZaloApi("sendPhoto", token, {
+		...params,
+		photo: parsedPhotoUrl.href
+	}, { fetch: fetcher });
+}
+/**
+* Send a temporary chat action such as typing.
+*/
+async function sendChatAction(token, params, fetcher, timeoutMs) {
+	return callZaloApi("sendChatAction", token, params, {
+		timeoutMs,
+		fetch: fetcher
+	});
+}
+/**
+* Get updates using long polling (dev/testing only)
+* Note: Zalo returns a single update per call, not an array like Telegram
+*/
+async function getUpdates(token, params, fetcher) {
+	const pollTimeoutSec = params?.timeout ?? 30;
+	const timeoutMs = (pollTimeoutSec + 5) * 1e3;
+	return callZaloApi("getUpdates", token, { timeout: String(pollTimeoutSec) }, {
+		timeoutMs,
+		fetch: fetcher
+	});
+}
+/**
+* Set webhook URL for receiving updates
+*/
+async function setWebhook(token, params, fetcher) {
+	return callZaloApi("setWebhook", token, params, { fetch: fetcher });
+}
+/**
+* Delete webhook configuration
+*/
+async function deleteWebhook(token, fetcher, timeoutMs) {
+	return callZaloApi("deleteWebhook", token, void 0, {
+		timeoutMs,
+		fetch: fetcher
+	});
+}
+/**
+* Get current webhook info
+*/
+async function getWebhookInfo(token, fetcher) {
+	return callZaloApi("getWebhookInfo", token, void 0, { fetch: fetcher });
+}
+//#endregion
+//#region extensions/zalo/src/proxy.ts
+const proxyCache = /* @__PURE__ */ new Map();
+function resolveZaloProxyFetch(proxyUrl) {
+	const trimmed = proxyUrl?.trim();
+	if (!trimmed) return;
+	const cached = proxyCache.get(trimmed);
+	if (cached) return cached;
+	const fetcher = makeProxyFetch(trimmed);
+	proxyCache.set(trimmed, fetcher);
+	return fetcher;
+}
+//#endregion
+//#region extensions/zalo/src/send.ts
+function createZaloSendReceipt(params) {
+	const messageId = params.messageId?.trim();
+	return createMessageReceiptFromOutboundResults({
+		results: messageId ? [{
+			channel: "zalo",
+			messageId,
+			chatId: params.chatId
+		}] : [],
+		kind: params.kind
+	});
+}
+function toZaloSendResult(response, params) {
+	if (response.ok && response.result) return {
+		ok: true,
+		messageId: response.result.message_id,
+		receipt: createZaloSendReceipt({
+			messageId: response.result.message_id,
+			chatId: params.chatId,
+			kind: params.kind
+		})
+	};
+	return {
+		ok: false,
+		error: "Failed to send message",
+		receipt: createZaloSendReceipt({
+			chatId: params.chatId,
+			kind: params.kind
+		})
+	};
+}
+async function runZaloSend(failureMessage, params, send) {
+	try {
+		const result = toZaloSendResult(await send(), params);
+		return result.ok ? result : {
+			ok: false,
+			error: failureMessage,
+			receipt: result.receipt
+		};
+	} catch (err) {
+		return {
+			ok: false,
+			error: formatErrorMessage(err),
+			receipt: createZaloSendReceipt({
+				chatId: params.chatId,
+				kind: params.kind
+			})
+		};
+	}
+}
+function resolveSendContext(options) {
+	if (options.cfg) {
+		const account = resolveZaloAccount({
+			cfg: options.cfg,
+			accountId: options.accountId
+		});
+		return {
+			token: options.token || account.token,
+			fetcher: resolveZaloProxyFetch(options.proxy ?? account.config.proxy)
+		};
+	}
+	const token = options.token ?? resolveZaloToken(void 0, options.accountId).token;
+	const proxy = options.proxy;
+	return {
+		token,
+		fetcher: resolveZaloProxyFetch(proxy)
+	};
+}
+function resolveValidatedSendContext(chatId, options) {
+	const { token, fetcher } = resolveSendContext(options);
+	if (!token) return {
+		ok: false,
+		error: "No Zalo bot token configured"
+	};
+	const trimmedChatId = chatId?.trim();
+	if (!trimmedChatId) return {
+		ok: false,
+		error: "No chat_id provided"
+	};
+	return {
+		ok: true,
+		chatId: trimmedChatId,
+		token,
+		fetcher
+	};
+}
+function resolveSendContextOrFailure(chatId, options) {
+	const context = resolveValidatedSendContext(chatId, options);
+	return context.ok ? { context } : { failure: {
+		ok: false,
+		error: context.error,
+		receipt: createZaloSendReceipt({
+			chatId,
+			kind: "unknown"
+		})
+	} };
+}
+async function sendMessageZalo(chatId, text, options = {}) {
+	const resolved = resolveSendContextOrFailure(chatId, options);
+	if ("failure" in resolved) return resolved.failure;
+	const { context } = resolved;
+	if (options.mediaUrl) return sendPhotoZalo(context.chatId, options.mediaUrl, {
+		...options,
+		token: context.token,
+		caption: text || options.caption
+	});
+	return await runZaloSend("Failed to send message", {
+		chatId: context.chatId,
+		kind: "text"
+	}, () => sendMessage(context.token, {
+		chat_id: context.chatId,
+		text: text.slice(0, 2e3)
+	}, context.fetcher));
+}
+async function sendPhotoZalo(chatId, photoUrl, options = {}) {
+	const resolved = resolveSendContextOrFailure(chatId, options);
+	if ("failure" in resolved) return resolved.failure;
+	const { context } = resolved;
+	if (!photoUrl?.trim()) return {
+		ok: false,
+		error: "No photo URL provided",
+		receipt: createZaloSendReceipt({
+			chatId: context.chatId,
+			kind: "media"
+		})
+	};
+	return await runZaloSend("Failed to send photo", {
+		chatId: context.chatId,
+		kind: "media"
+	}, () => (async () => sendPhoto(context.token, {
+		chat_id: context.chatId,
+		photo: photoUrl.trim(),
+		caption: options.caption?.slice(0, 2e3)
+	}, context.fetcher))());
+}
+//#endregion
+export { getMe as a, sendChatAction as c, setWebhook as d, deleteWebhook as i, sendMessage as l, resolveZaloProxyFetch as n, getUpdates as o, ZaloApiError as r, getWebhookInfo as s, sendMessageZalo as t, sendPhoto as u };

package/dist/setup-api.js

@@ -1,5 +1,5 @@
-import { n as zaloDmPolicy, r as zaloSetupAdapter, t as createZaloSetupWizardProxy } from "./setup-core-B-97bdBF.js";
-import { n as resolveZaloRuntimeGroupPolicy } from "./group-access-B_fAqJAN.js";
+import { n as zaloDmPolicy, r as zaloSetupAdapter, t as createZaloSetupWizardProxy } from "./setup-core-c-VVz39c.js";
+import { n as resolveZaloRuntimeGroupPolicy } from "./group-access-Boqk-JNd.js";
 import { loadBundledEntryExportSync } from "openclaw/plugin-sdk/channel-entry-contract";
 //#region extensions/zalo/setup-api.ts
 function createLazyObjectValue(load) {

package/dist/setup-core-c-VVz39c.js

@@ -0,0 +1,282 @@
+import { createAccountListHelpers, resolveMergedAccountConfig } from "openclaw/plugin-sdk/account-helpers";
+import { DEFAULT_ACCOUNT_ID, normalizeAccountId } from "openclaw/plugin-sdk/account-id";
+import { normalizeOptionalString } from "openclaw/plugin-sdk/string-coerce-runtime";
+import { tryReadSecretFileSync } from "openclaw/plugin-sdk/core";
+import { resolveAccountEntry } from "openclaw/plugin-sdk/routing";
+import { buildSecretInputSchema, normalizeResolvedSecretInputString, normalizeSecretInputString } from "openclaw/plugin-sdk/secret-input";
+import { DEFAULT_ACCOUNT_ID as DEFAULT_ACCOUNT_ID$1, addWildcardAllowFrom, createDelegatedSetupWizardProxy, createPatchedAccountSetupAdapter, createSetupInputPresenceValidator, formatDocsLink, mergeAllowFromEntries, normalizeAccountId as normalizeAccountId$1 } from "openclaw/plugin-sdk/setup";
+//#region \0rolldown/runtime.js
+var __defProp = Object.defineProperty;
+var __exportAll = (all, no_symbols) => {
+	let target = {};
+	for (var name in all) __defProp(target, name, {
+		get: all[name],
+		enumerable: true
+	});
+	if (!no_symbols) __defProp(target, Symbol.toStringTag, { value: "Module" });
+	return target;
+};
+//#endregion
+//#region extensions/zalo/src/token.ts
+function readTokenFromFile(tokenFile) {
+	return tryReadSecretFileSync(tokenFile, "Zalo token file", { rejectSymlink: true }) ?? "";
+}
+function resolveZaloToken(config, accountId, options) {
+	const resolvedAccountId = normalizeAccountId(accountId ?? config?.defaultAccount);
+	const isDefaultAccount = resolvedAccountId === DEFAULT_ACCOUNT_ID;
+	const baseConfig = config;
+	const accountConfig = resolveAccountEntry(baseConfig?.accounts, normalizeAccountId(resolvedAccountId));
+	const accountHasBotToken = Boolean(accountConfig && Object.prototype.hasOwnProperty.call(accountConfig, "botToken"));
+	if (accountConfig && accountHasBotToken) {
+		const token = options?.allowUnresolvedSecretRef ? normalizeSecretInputString(accountConfig.botToken) : normalizeResolvedSecretInputString({
+			value: accountConfig.botToken,
+			path: `channels.zalo.accounts.${resolvedAccountId}.botToken`
+		});
+		if (token) return {
+			token,
+			source: "config"
+		};
+		const fileToken = readTokenFromFile(accountConfig.tokenFile);
+		if (fileToken) return {
+			token: fileToken,
+			source: "configFile"
+		};
+	}
+	if (!accountHasBotToken) {
+		const fileToken = readTokenFromFile(accountConfig?.tokenFile);
+		if (fileToken) return {
+			token: fileToken,
+			source: "configFile"
+		};
+	}
+	if (!accountHasBotToken) {
+		const token = options?.allowUnresolvedSecretRef ? normalizeSecretInputString(baseConfig?.botToken) : normalizeResolvedSecretInputString({
+			value: baseConfig?.botToken,
+			path: "channels.zalo.botToken"
+		});
+		if (token) return {
+			token,
+			source: "config"
+		};
+		const fileToken = readTokenFromFile(baseConfig?.tokenFile);
+		if (fileToken) return {
+			token: fileToken,
+			source: "configFile"
+		};
+	}
+	if (isDefaultAccount) {
+		const envToken = process.env.ZALO_BOT_TOKEN?.trim();
+		if (envToken) return {
+			token: envToken,
+			source: "env"
+		};
+	}
+	return {
+		token: "",
+		source: "none"
+	};
+}
+//#endregion
+//#region extensions/zalo/src/accounts.ts
+var accounts_exports = /* @__PURE__ */ __exportAll({
+	listEnabledZaloAccounts: () => listEnabledZaloAccounts,
+	listZaloAccountIds: () => listZaloAccountIds,
+	resolveDefaultZaloAccountId: () => resolveDefaultZaloAccountId,
+	resolveZaloAccount: () => resolveZaloAccount
+});
+const { listAccountIds: listZaloAccountIds, resolveDefaultAccountId: resolveDefaultZaloAccountId } = createAccountListHelpers("zalo");
+function mergeZaloAccountConfig(cfg, accountId) {
+	return resolveMergedAccountConfig({
+		channelConfig: cfg.channels?.zalo,
+		accounts: (cfg.channels?.zalo)?.accounts,
+		accountId,
+		omitKeys: ["defaultAccount"]
+	});
+}
+function resolveZaloAccount(params) {
+	const accountId = normalizeAccountId(params.accountId ?? (params.cfg.channels?.zalo)?.defaultAccount);
+	const baseEnabled = (params.cfg.channels?.zalo)?.enabled !== false;
+	const merged = mergeZaloAccountConfig(params.cfg, accountId);
+	const accountEnabled = merged.enabled !== false;
+	const enabled = baseEnabled && accountEnabled;
+	const tokenResolution = resolveZaloToken(params.cfg.channels?.zalo, accountId, { allowUnresolvedSecretRef: params.allowUnresolvedSecretRef });
+	return {
+		accountId,
+		name: normalizeOptionalString(merged.name),
+		enabled,
+		token: tokenResolution.token,
+		tokenSource: tokenResolution.source,
+		config: merged
+	};
+}
+function listEnabledZaloAccounts(cfg) {
+	return listZaloAccountIds(cfg).map((accountId) => resolveZaloAccount({
+		cfg,
+		accountId
+	})).filter((account) => account.enabled);
+}
+//#endregion
+//#region extensions/zalo/src/setup-allow-from.ts
+async function noteZaloTokenHelp(prompter) {
+	await prompter.note([
+		"1) Open Zalo Bot Platform: https://bot.zaloplatforms.com",
+		"2) Create a bot and get the token",
+		"3) Token looks like 12345689:abc-xyz",
+		"Tip: you can also set ZALO_BOT_TOKEN in your env.",
+		`Docs: ${formatDocsLink("/channels/zalo", "zalo")}`
+	].join("\n"), "Zalo bot token");
+}
+async function promptZaloAllowFrom(params) {
+	const { cfg, prompter } = params;
+	const accountId = params.accountId ?? resolveDefaultZaloAccountId(cfg);
+	const existingAllowFrom = resolveZaloAccount({
+		cfg,
+		accountId
+	}).config.allowFrom ?? [];
+	const unique = mergeAllowFromEntries(existingAllowFrom, [(await prompter.text({
+		message: "Zalo allowFrom (user id)",
+		placeholder: "123456789",
+		initialValue: existingAllowFrom[0] ? String(existingAllowFrom[0]) : void 0,
+		validate: (value) => {
+			const raw = (value ?? "").trim();
+			if (!raw) return "Required";
+			if (!/^\d+$/.test(raw)) return "Use a numeric Zalo user id";
+		}
+	})).trim()]);
+	if (accountId === DEFAULT_ACCOUNT_ID$1) return {
+		...cfg,
+		channels: {
+			...cfg.channels,
+			zalo: {
+				...cfg.channels?.zalo,
+				enabled: true,
+				dmPolicy: "allowlist",
+				allowFrom: unique
+			}
+		}
+	};
+	const currentAccount = cfg.channels?.zalo?.accounts?.[accountId];
+	return {
+		...cfg,
+		channels: {
+			...cfg.channels,
+			zalo: {
+				...cfg.channels?.zalo,
+				enabled: true,
+				accounts: {
+					...cfg.channels?.zalo?.accounts,
+					[accountId]: {
+						...currentAccount,
+						enabled: currentAccount?.enabled ?? true,
+						dmPolicy: "allowlist",
+						allowFrom: unique
+					}
+				}
+			}
+		}
+	};
+}
+//#endregion
+//#region extensions/zalo/src/setup-core.ts
+const channel = "zalo";
+const zaloSetupAdapter = createPatchedAccountSetupAdapter({
+	channelKey: channel,
+	validateInput: createSetupInputPresenceValidator({
+		defaultAccountOnlyEnvError: "ZALO_BOT_TOKEN can only be used for the default account.",
+		whenNotUseEnv: [{
+			someOf: ["token", "tokenFile"],
+			message: "Zalo requires token or --token-file (or --use-env)."
+		}]
+	}),
+	buildPatch: (input) => input.useEnv ? {} : input.tokenFile ? { tokenFile: input.tokenFile } : input.token ? { botToken: input.token } : {}
+});
+const zaloDmPolicy = {
+	label: "Zalo",
+	channel,
+	policyKey: "channels.zalo.dmPolicy",
+	allowFromKey: "channels.zalo.allowFrom",
+	resolveConfigKeys: (cfg, accountId) => (accountId ?? resolveDefaultZaloAccountId(cfg)) !== DEFAULT_ACCOUNT_ID$1 ? {
+		policyKey: `channels.zalo.accounts.${accountId ?? resolveDefaultZaloAccountId(cfg)}.dmPolicy`,
+		allowFromKey: `channels.zalo.accounts.${accountId ?? resolveDefaultZaloAccountId(cfg)}.allowFrom`
+	} : {
+		policyKey: "channels.zalo.dmPolicy",
+		allowFromKey: "channels.zalo.allowFrom"
+	},
+	getCurrent: (cfg, accountId) => resolveZaloAccount({
+		cfg,
+		accountId: accountId ?? resolveDefaultZaloAccountId(cfg)
+	}).config.dmPolicy ?? "pairing",
+	setPolicy: (cfg, policy, accountId) => {
+		const resolvedAccountId = accountId && normalizeAccountId$1(accountId) ? normalizeAccountId$1(accountId) ?? DEFAULT_ACCOUNT_ID$1 : resolveDefaultZaloAccountId(cfg);
+		const resolved = resolveZaloAccount({
+			cfg,
+			accountId: resolvedAccountId
+		});
+		if (resolvedAccountId === DEFAULT_ACCOUNT_ID$1) return {
+			...cfg,
+			channels: {
+				...cfg.channels,
+				zalo: {
+					...cfg.channels?.zalo,
+					enabled: true,
+					dmPolicy: policy,
+					...policy === "open" ? { allowFrom: addWildcardAllowFrom(resolved.config.allowFrom) } : {}
+				}
+			}
+		};
+		const currentAccount = cfg.channels?.zalo?.accounts?.[resolvedAccountId];
+		return {
+			...cfg,
+			channels: {
+				...cfg.channels,
+				zalo: {
+					...cfg.channels?.zalo,
+					enabled: true,
+					accounts: {
+						...cfg.channels?.zalo?.accounts,
+						[resolvedAccountId]: {
+							...currentAccount,
+							enabled: currentAccount?.enabled ?? true,
+							dmPolicy: policy,
+							...policy === "open" ? { allowFrom: addWildcardAllowFrom(resolved.config.allowFrom) } : {}
+						}
+					}
+				}
+			}
+		};
+	},
+	promptAllowFrom: async ({ cfg, prompter, accountId }) => promptZaloAllowFrom({
+		cfg,
+		prompter,
+		accountId: accountId ?? resolveDefaultZaloAccountId(cfg)
+	})
+};
+function createZaloSetupWizardProxy(loadWizard) {
+	return createDelegatedSetupWizardProxy({
+		channel,
+		loadWizard,
+		status: {
+			configuredLabel: "configured",
+			unconfiguredLabel: "needs token",
+			configuredHint: "recommended · configured",
+			unconfiguredHint: "recommended · newcomer-friendly",
+			configuredScore: 1,
+			unconfiguredScore: 10
+		},
+		credentials: [],
+		delegateFinalize: true,
+		dmPolicy: zaloDmPolicy,
+		disable: (cfg) => ({
+			...cfg,
+			channels: {
+				...cfg.channels,
+				zalo: {
+					...cfg.channels?.zalo,
+					enabled: false
+				}
+			}
+		})
+	});
+}
+//#endregion
+export { promptZaloAllowFrom as a, listZaloAccountIds as c, resolveZaloToken as d, buildSecretInputSchema as f, noteZaloTokenHelp as i, resolveDefaultZaloAccountId as l, zaloDmPolicy as n, accounts_exports as o, normalizeSecretInputString as p, zaloSetupAdapter as r, listEnabledZaloAccounts as s, createZaloSetupWizardProxy as t, resolveZaloAccount as u };

package/dist/{setup-surface-Cs4_XZXk.js → setup-surface-DY3c-fas.js}

@@ -1,5 +1,4 @@
-import { a as resolveZaloAccount } from "./accounts-OjbMFek2.js";
-import { a as promptZaloAllowFrom, i as noteZaloTokenHelp, n as zaloDmPolicy } from "./setup-core-B-97bdBF.js";
+import { a as promptZaloAllowFrom, i as noteZaloTokenHelp, n as zaloDmPolicy, u as resolveZaloAccount } from "./setup-core-c-VVz39c.js";
 import { DEFAULT_ACCOUNT_ID, buildSingleChannelSecretPromptState, createStandardChannelSetupStatus, hasConfiguredSecretInput, promptSingleChannelSecretInput, runSingleChannelSecretStep } from "openclaw/plugin-sdk/setup";
 //#region extensions/zalo/src/setup-surface.ts
 const channel = "zalo";

package/dist/test-api.js

@@ -1,2 +1,2 @@
-import { n as resolveZaloRuntimeGroupPolicy } from "./group-access-B_fAqJAN.js";
+import { n as resolveZaloRuntimeGroupPolicy } from "./group-access-Boqk-JNd.js";
 export { resolveZaloRuntimeGroupPolicy };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/zalo",
-  "version": "2026.5.14-beta.1",
+  "version": "2026.5.14-beta.2",
   "description": "OpenClaw Zalo channel plugin",
   "repository": {
     "type": "git",
@@ -12,7 +12,7 @@
     "openclaw": "workspace:*"
   },
   "peerDependencies": {
-    "openclaw": ">=2026.5.14-beta.1"
+    "openclaw": ">=2026.5.14-beta.2"
   },
   "peerDependenciesMeta": {
     "openclaw": {
@@ -43,10 +43,10 @@
       "minHostVersion": ">=2026.4.10"
     },
     "compat": {
-      "pluginApi": ">=2026.5.14-beta.1"
+      "pluginApi": ">=2026.5.14-beta.2"
     },
     "build": {
-      "openclawVersion": "2026.5.14-beta.1"
+      "openclawVersion": "2026.5.14-beta.2"
     },
     "release": {
       "publishToClawHub": true,

package/dist/accounts-OjbMFek2.js

@@ -1,118 +0,0 @@
-import { createAccountListHelpers, resolveMergedAccountConfig } from "openclaw/plugin-sdk/account-helpers";
-import { DEFAULT_ACCOUNT_ID, normalizeAccountId } from "openclaw/plugin-sdk/account-id";
-import { normalizeOptionalString } from "openclaw/plugin-sdk/string-coerce-runtime";
-import { tryReadSecretFileSync } from "openclaw/plugin-sdk/core";
-import { resolveAccountEntry } from "openclaw/plugin-sdk/routing";
-import { buildSecretInputSchema, normalizeResolvedSecretInputString, normalizeSecretInputString } from "openclaw/plugin-sdk/secret-input";
-//#region \0rolldown/runtime.js
-var __defProp = Object.defineProperty;
-var __exportAll = (all, no_symbols) => {
-	let target = {};
-	for (var name in all) __defProp(target, name, {
-		get: all[name],
-		enumerable: true
-	});
-	if (!no_symbols) __defProp(target, Symbol.toStringTag, { value: "Module" });
-	return target;
-};
-//#endregion
-//#region extensions/zalo/src/token.ts
-function readTokenFromFile(tokenFile) {
-	return tryReadSecretFileSync(tokenFile, "Zalo token file", { rejectSymlink: true }) ?? "";
-}
-function resolveZaloToken(config, accountId, options) {
-	const resolvedAccountId = normalizeAccountId(accountId ?? config?.defaultAccount);
-	const isDefaultAccount = resolvedAccountId === DEFAULT_ACCOUNT_ID;
-	const baseConfig = config;
-	const accountConfig = resolveAccountEntry(baseConfig?.accounts, normalizeAccountId(resolvedAccountId));
-	const accountHasBotToken = Boolean(accountConfig && Object.prototype.hasOwnProperty.call(accountConfig, "botToken"));
-	if (accountConfig && accountHasBotToken) {
-		const token = options?.allowUnresolvedSecretRef ? normalizeSecretInputString(accountConfig.botToken) : normalizeResolvedSecretInputString({
-			value: accountConfig.botToken,
-			path: `channels.zalo.accounts.${resolvedAccountId}.botToken`
-		});
-		if (token) return {
-			token,
-			source: "config"
-		};
-		const fileToken = readTokenFromFile(accountConfig.tokenFile);
-		if (fileToken) return {
-			token: fileToken,
-			source: "configFile"
-		};
-	}
-	if (!accountHasBotToken) {
-		const fileToken = readTokenFromFile(accountConfig?.tokenFile);
-		if (fileToken) return {
-			token: fileToken,
-			source: "configFile"
-		};
-	}
-	if (!accountHasBotToken) {
-		const token = options?.allowUnresolvedSecretRef ? normalizeSecretInputString(baseConfig?.botToken) : normalizeResolvedSecretInputString({
-			value: baseConfig?.botToken,
-			path: "channels.zalo.botToken"
-		});
-		if (token) return {
-			token,
-			source: "config"
-		};
-		const fileToken = readTokenFromFile(baseConfig?.tokenFile);
-		if (fileToken) return {
-			token: fileToken,
-			source: "configFile"
-		};
-	}
-	if (isDefaultAccount) {
-		const envToken = process.env.ZALO_BOT_TOKEN?.trim();
-		if (envToken) return {
-			token: envToken,
-			source: "env"
-		};
-	}
-	return {
-		token: "",
-		source: "none"
-	};
-}
-//#endregion
-//#region extensions/zalo/src/accounts.ts
-var accounts_exports = /* @__PURE__ */ __exportAll({
-	listEnabledZaloAccounts: () => listEnabledZaloAccounts,
-	listZaloAccountIds: () => listZaloAccountIds,
-	resolveDefaultZaloAccountId: () => resolveDefaultZaloAccountId,
-	resolveZaloAccount: () => resolveZaloAccount
-});
-const { listAccountIds: listZaloAccountIds, resolveDefaultAccountId: resolveDefaultZaloAccountId } = createAccountListHelpers("zalo");
-function mergeZaloAccountConfig(cfg, accountId) {
-	return resolveMergedAccountConfig({
-		channelConfig: cfg.channels?.zalo,
-		accounts: (cfg.channels?.zalo)?.accounts,
-		accountId,
-		omitKeys: ["defaultAccount"]
-	});
-}
-function resolveZaloAccount(params) {
-	const accountId = normalizeAccountId(params.accountId ?? (params.cfg.channels?.zalo)?.defaultAccount);
-	const baseEnabled = (params.cfg.channels?.zalo)?.enabled !== false;
-	const merged = mergeZaloAccountConfig(params.cfg, accountId);
-	const accountEnabled = merged.enabled !== false;
-	const enabled = baseEnabled && accountEnabled;
-	const tokenResolution = resolveZaloToken(params.cfg.channels?.zalo, accountId, { allowUnresolvedSecretRef: params.allowUnresolvedSecretRef });
-	return {
-		accountId,
-		name: normalizeOptionalString(merged.name),
-		enabled,
-		token: tokenResolution.token,
-		tokenSource: tokenResolution.source,
-		config: merged
-	};
-}
-function listEnabledZaloAccounts(cfg) {
-	return listZaloAccountIds(cfg).map((accountId) => resolveZaloAccount({
-		cfg,
-		accountId
-	})).filter((account) => account.enabled);
-}
-//#endregion
-export { resolveZaloAccount as a, normalizeSecretInputString as c, resolveDefaultZaloAccountId as i, listEnabledZaloAccounts as n, resolveZaloToken as o, listZaloAccountIds as r, buildSecretInputSchema as s, accounts_exports as t };

package/dist/proxy-D5AGEsI0.js

@@ -1,131 +0,0 @@
-import { resolvePinnedHostnameWithPolicy } from "openclaw/plugin-sdk/ssrf-runtime";
-import { makeProxyFetch } from "openclaw/plugin-sdk/fetch-runtime";
-//#region extensions/zalo/src/api.ts
-/**
-* Zalo Bot API client
-* @see https://bot.zaloplatforms.com/docs
-*/
-const ZALO_API_BASE = "https://bot-api.zaloplatforms.com";
-const ZALO_MEDIA_SSRF_POLICY = {};
-var ZaloApiError = class extends Error {
-	constructor(message, errorCode, description) {
-		super(message);
-		this.errorCode = errorCode;
-		this.description = description;
-		this.name = "ZaloApiError";
-	}
-	/** True if this is a long-polling timeout (no updates available) */
-	get isPollingTimeout() {
-		return this.errorCode === 408;
-	}
-};
-/**
-* Call the Zalo Bot API
-*/
-async function callZaloApi(method, token, body, options) {
-	const url = `${ZALO_API_BASE}/bot${token}/${method}`;
-	const controller = new AbortController();
-	const timeoutId = options?.timeoutMs ? setTimeout(() => controller.abort(), options.timeoutMs) : void 0;
-	const fetcher = options?.fetch ?? fetch;
-	try {
-		const data = await (await fetcher(url, {
-			method: "POST",
-			headers: { "Content-Type": "application/json" },
-			body: body ? JSON.stringify(body) : void 0,
-			signal: controller.signal
-		})).json();
-		if (!data.ok) throw new ZaloApiError(data.description ?? `Zalo API error: ${method}`, data.error_code, data.description);
-		return data;
-	} finally {
-		if (timeoutId) clearTimeout(timeoutId);
-	}
-}
-/**
-* Validate bot token and get bot info
-*/
-async function getMe(token, timeoutMs, fetcher) {
-	return callZaloApi("getMe", token, void 0, {
-		timeoutMs,
-		fetch: fetcher
-	});
-}
-/**
-* Send a text message
-*/
-async function sendMessage(token, params, fetcher) {
-	return callZaloApi("sendMessage", token, params, { fetch: fetcher });
-}
-/**
-* Send a photo message
-*/
-async function sendPhoto(token, params, fetcher) {
-	const photoUrl = params.photo.trim();
-	let parsedPhotoUrl;
-	try {
-		parsedPhotoUrl = new URL(photoUrl);
-	} catch {
-		throw new Error("Zalo photo URL must be an absolute HTTP or HTTPS URL");
-	}
-	if (parsedPhotoUrl.protocol !== "http:" && parsedPhotoUrl.protocol !== "https:") throw new Error("Zalo photo URL must use HTTP or HTTPS");
-	await resolvePinnedHostnameWithPolicy(parsedPhotoUrl.hostname, { policy: ZALO_MEDIA_SSRF_POLICY });
-	return callZaloApi("sendPhoto", token, {
-		...params,
-		photo: parsedPhotoUrl.href
-	}, { fetch: fetcher });
-}
-/**
-* Send a temporary chat action such as typing.
-*/
-async function sendChatAction(token, params, fetcher, timeoutMs) {
-	return callZaloApi("sendChatAction", token, params, {
-		timeoutMs,
-		fetch: fetcher
-	});
-}
-/**
-* Get updates using long polling (dev/testing only)
-* Note: Zalo returns a single update per call, not an array like Telegram
-*/
-async function getUpdates(token, params, fetcher) {
-	const pollTimeoutSec = params?.timeout ?? 30;
-	const timeoutMs = (pollTimeoutSec + 5) * 1e3;
-	return callZaloApi("getUpdates", token, { timeout: String(pollTimeoutSec) }, {
-		timeoutMs,
-		fetch: fetcher
-	});
-}
-/**
-* Set webhook URL for receiving updates
-*/
-async function setWebhook(token, params, fetcher) {
-	return callZaloApi("setWebhook", token, params, { fetch: fetcher });
-}
-/**
-* Delete webhook configuration
-*/
-async function deleteWebhook(token, fetcher, timeoutMs) {
-	return callZaloApi("deleteWebhook", token, void 0, {
-		timeoutMs,
-		fetch: fetcher
-	});
-}
-/**
-* Get current webhook info
-*/
-async function getWebhookInfo(token, fetcher) {
-	return callZaloApi("getWebhookInfo", token, void 0, { fetch: fetcher });
-}
-//#endregion
-//#region extensions/zalo/src/proxy.ts
-const proxyCache = /* @__PURE__ */ new Map();
-function resolveZaloProxyFetch(proxyUrl) {
-	const trimmed = proxyUrl?.trim();
-	if (!trimmed) return;
-	const cached = proxyCache.get(trimmed);
-	if (cached) return cached;
-	const fetcher = makeProxyFetch(trimmed);
-	proxyCache.set(trimmed, fetcher);
-	return fetcher;
-}
-//#endregion
-export { getUpdates as a, sendMessage as c, getMe as i, sendPhoto as l, ZaloApiError as n, getWebhookInfo as o, deleteWebhook as r, sendChatAction as s, resolveZaloProxyFetch as t, setWebhook as u };

package/dist/runtime-BRFxnYQx.js

@@ -1,8 +0,0 @@
-import { createPluginRuntimeStore } from "openclaw/plugin-sdk/runtime-store";
-//#region extensions/zalo/src/runtime.ts
-const { setRuntime: setZaloRuntime, getRuntime: getZaloRuntime } = createPluginRuntimeStore({
-	pluginId: "zalo",
-	errorMessage: "Zalo runtime not initialized"
-});
-//#endregion
-export { setZaloRuntime as n, getZaloRuntime as t };

package/dist/send-B33YPMz_.js

@@ -1,141 +0,0 @@
-import { a as resolveZaloAccount, o as resolveZaloToken } from "./accounts-OjbMFek2.js";
-import { c as sendMessage, l as sendPhoto, t as resolveZaloProxyFetch } from "./proxy-D5AGEsI0.js";
-import { createMessageReceiptFromOutboundResults } from "openclaw/plugin-sdk/channel-message";
-import { formatErrorMessage } from "openclaw/plugin-sdk/error-runtime";
-//#region extensions/zalo/src/send.ts
-function createZaloSendReceipt(params) {
-	const messageId = params.messageId?.trim();
-	return createMessageReceiptFromOutboundResults({
-		results: messageId ? [{
-			channel: "zalo",
-			messageId,
-			chatId: params.chatId
-		}] : [],
-		kind: params.kind
-	});
-}
-function toZaloSendResult(response, params) {
-	if (response.ok && response.result) return {
-		ok: true,
-		messageId: response.result.message_id,
-		receipt: createZaloSendReceipt({
-			messageId: response.result.message_id,
-			chatId: params.chatId,
-			kind: params.kind
-		})
-	};
-	return {
-		ok: false,
-		error: "Failed to send message",
-		receipt: createZaloSendReceipt({
-			chatId: params.chatId,
-			kind: params.kind
-		})
-	};
-}
-async function runZaloSend(failureMessage, params, send) {
-	try {
-		const result = toZaloSendResult(await send(), params);
-		return result.ok ? result : {
-			ok: false,
-			error: failureMessage,
-			receipt: result.receipt
-		};
-	} catch (err) {
-		return {
-			ok: false,
-			error: formatErrorMessage(err),
-			receipt: createZaloSendReceipt({
-				chatId: params.chatId,
-				kind: params.kind
-			})
-		};
-	}
-}
-function resolveSendContext(options) {
-	if (options.cfg) {
-		const account = resolveZaloAccount({
-			cfg: options.cfg,
-			accountId: options.accountId
-		});
-		return {
-			token: options.token || account.token,
-			fetcher: resolveZaloProxyFetch(options.proxy ?? account.config.proxy)
-		};
-	}
-	const token = options.token ?? resolveZaloToken(void 0, options.accountId).token;
-	const proxy = options.proxy;
-	return {
-		token,
-		fetcher: resolveZaloProxyFetch(proxy)
-	};
-}
-function resolveValidatedSendContext(chatId, options) {
-	const { token, fetcher } = resolveSendContext(options);
-	if (!token) return {
-		ok: false,
-		error: "No Zalo bot token configured"
-	};
-	const trimmedChatId = chatId?.trim();
-	if (!trimmedChatId) return {
-		ok: false,
-		error: "No chat_id provided"
-	};
-	return {
-		ok: true,
-		chatId: trimmedChatId,
-		token,
-		fetcher
-	};
-}
-function resolveSendContextOrFailure(chatId, options) {
-	const context = resolveValidatedSendContext(chatId, options);
-	return context.ok ? { context } : { failure: {
-		ok: false,
-		error: context.error,
-		receipt: createZaloSendReceipt({
-			chatId,
-			kind: "unknown"
-		})
-	} };
-}
-async function sendMessageZalo(chatId, text, options = {}) {
-	const resolved = resolveSendContextOrFailure(chatId, options);
-	if ("failure" in resolved) return resolved.failure;
-	const { context } = resolved;
-	if (options.mediaUrl) return sendPhotoZalo(context.chatId, options.mediaUrl, {
-		...options,
-		token: context.token,
-		caption: text || options.caption
-	});
-	return await runZaloSend("Failed to send message", {
-		chatId: context.chatId,
-		kind: "text"
-	}, () => sendMessage(context.token, {
-		chat_id: context.chatId,
-		text: text.slice(0, 2e3)
-	}, context.fetcher));
-}
-async function sendPhotoZalo(chatId, photoUrl, options = {}) {
-	const resolved = resolveSendContextOrFailure(chatId, options);
-	if ("failure" in resolved) return resolved.failure;
-	const { context } = resolved;
-	if (!photoUrl?.trim()) return {
-		ok: false,
-		error: "No photo URL provided",
-		receipt: createZaloSendReceipt({
-			chatId: context.chatId,
-			kind: "media"
-		})
-	};
-	return await runZaloSend("Failed to send photo", {
-		chatId: context.chatId,
-		kind: "media"
-	}, () => (async () => sendPhoto(context.token, {
-		chat_id: context.chatId,
-		photo: photoUrl.trim(),
-		caption: options.caption?.slice(0, 2e3)
-	}, context.fetcher))());
-}
-//#endregion
-export { sendMessageZalo as t };

package/dist/setup-core-B-97bdBF.js

@@ -1,166 +0,0 @@
-import { a as resolveZaloAccount, i as resolveDefaultZaloAccountId } from "./accounts-OjbMFek2.js";
-import { DEFAULT_ACCOUNT_ID, addWildcardAllowFrom, createDelegatedSetupWizardProxy, createPatchedAccountSetupAdapter, createSetupInputPresenceValidator, formatDocsLink, mergeAllowFromEntries, normalizeAccountId } from "openclaw/plugin-sdk/setup";
-//#region extensions/zalo/src/setup-allow-from.ts
-async function noteZaloTokenHelp(prompter) {
-	await prompter.note([
-		"1) Open Zalo Bot Platform: https://bot.zaloplatforms.com",
-		"2) Create a bot and get the token",
-		"3) Token looks like 12345689:abc-xyz",
-		"Tip: you can also set ZALO_BOT_TOKEN in your env.",
-		`Docs: ${formatDocsLink("/channels/zalo", "zalo")}`
-	].join("\n"), "Zalo bot token");
-}
-async function promptZaloAllowFrom(params) {
-	const { cfg, prompter } = params;
-	const accountId = params.accountId ?? resolveDefaultZaloAccountId(cfg);
-	const existingAllowFrom = resolveZaloAccount({
-		cfg,
-		accountId
-	}).config.allowFrom ?? [];
-	const unique = mergeAllowFromEntries(existingAllowFrom, [(await prompter.text({
-		message: "Zalo allowFrom (user id)",
-		placeholder: "123456789",
-		initialValue: existingAllowFrom[0] ? String(existingAllowFrom[0]) : void 0,
-		validate: (value) => {
-			const raw = (value ?? "").trim();
-			if (!raw) return "Required";
-			if (!/^\d+$/.test(raw)) return "Use a numeric Zalo user id";
-		}
-	})).trim()]);
-	if (accountId === DEFAULT_ACCOUNT_ID) return {
-		...cfg,
-		channels: {
-			...cfg.channels,
-			zalo: {
-				...cfg.channels?.zalo,
-				enabled: true,
-				dmPolicy: "allowlist",
-				allowFrom: unique
-			}
-		}
-	};
-	const currentAccount = cfg.channels?.zalo?.accounts?.[accountId];
-	return {
-		...cfg,
-		channels: {
-			...cfg.channels,
-			zalo: {
-				...cfg.channels?.zalo,
-				enabled: true,
-				accounts: {
-					...cfg.channels?.zalo?.accounts,
-					[accountId]: {
-						...currentAccount,
-						enabled: currentAccount?.enabled ?? true,
-						dmPolicy: "allowlist",
-						allowFrom: unique
-					}
-				}
-			}
-		}
-	};
-}
-//#endregion
-//#region extensions/zalo/src/setup-core.ts
-const channel = "zalo";
-const zaloSetupAdapter = createPatchedAccountSetupAdapter({
-	channelKey: channel,
-	validateInput: createSetupInputPresenceValidator({
-		defaultAccountOnlyEnvError: "ZALO_BOT_TOKEN can only be used for the default account.",
-		whenNotUseEnv: [{
-			someOf: ["token", "tokenFile"],
-			message: "Zalo requires token or --token-file (or --use-env)."
-		}]
-	}),
-	buildPatch: (input) => input.useEnv ? {} : input.tokenFile ? { tokenFile: input.tokenFile } : input.token ? { botToken: input.token } : {}
-});
-const zaloDmPolicy = {
-	label: "Zalo",
-	channel,
-	policyKey: "channels.zalo.dmPolicy",
-	allowFromKey: "channels.zalo.allowFrom",
-	resolveConfigKeys: (cfg, accountId) => (accountId ?? resolveDefaultZaloAccountId(cfg)) !== DEFAULT_ACCOUNT_ID ? {
-		policyKey: `channels.zalo.accounts.${accountId ?? resolveDefaultZaloAccountId(cfg)}.dmPolicy`,
-		allowFromKey: `channels.zalo.accounts.${accountId ?? resolveDefaultZaloAccountId(cfg)}.allowFrom`
-	} : {
-		policyKey: "channels.zalo.dmPolicy",
-		allowFromKey: "channels.zalo.allowFrom"
-	},
-	getCurrent: (cfg, accountId) => resolveZaloAccount({
-		cfg,
-		accountId: accountId ?? resolveDefaultZaloAccountId(cfg)
-	}).config.dmPolicy ?? "pairing",
-	setPolicy: (cfg, policy, accountId) => {
-		const resolvedAccountId = accountId && normalizeAccountId(accountId) ? normalizeAccountId(accountId) ?? DEFAULT_ACCOUNT_ID : resolveDefaultZaloAccountId(cfg);
-		const resolved = resolveZaloAccount({
-			cfg,
-			accountId: resolvedAccountId
-		});
-		if (resolvedAccountId === DEFAULT_ACCOUNT_ID) return {
-			...cfg,
-			channels: {
-				...cfg.channels,
-				zalo: {
-					...cfg.channels?.zalo,
-					enabled: true,
-					dmPolicy: policy,
-					...policy === "open" ? { allowFrom: addWildcardAllowFrom(resolved.config.allowFrom) } : {}
-				}
-			}
-		};
-		const currentAccount = cfg.channels?.zalo?.accounts?.[resolvedAccountId];
-		return {
-			...cfg,
-			channels: {
-				...cfg.channels,
-				zalo: {
-					...cfg.channels?.zalo,
-					enabled: true,
-					accounts: {
-						...cfg.channels?.zalo?.accounts,
-						[resolvedAccountId]: {
-							...currentAccount,
-							enabled: currentAccount?.enabled ?? true,
-							dmPolicy: policy,
-							...policy === "open" ? { allowFrom: addWildcardAllowFrom(resolved.config.allowFrom) } : {}
-						}
-					}
-				}
-			}
-		};
-	},
-	promptAllowFrom: async ({ cfg, prompter, accountId }) => promptZaloAllowFrom({
-		cfg,
-		prompter,
-		accountId: accountId ?? resolveDefaultZaloAccountId(cfg)
-	})
-};
-function createZaloSetupWizardProxy(loadWizard) {
-	return createDelegatedSetupWizardProxy({
-		channel,
-		loadWizard,
-		status: {
-			configuredLabel: "configured",
-			unconfiguredLabel: "needs token",
-			configuredHint: "recommended · configured",
-			unconfiguredHint: "recommended · newcomer-friendly",
-			configuredScore: 1,
-			unconfiguredScore: 10
-		},
-		credentials: [],
-		delegateFinalize: true,
-		dmPolicy: zaloDmPolicy,
-		disable: (cfg) => ({
-			...cfg,
-			channels: {
-				...cfg.channels,
-				zalo: {
-					...cfg.channels?.zalo,
-					enabled: false
-				}
-			}
-		})
-	});
-}
-//#endregion
-export { promptZaloAllowFrom as a, noteZaloTokenHelp as i, zaloDmPolicy as n, zaloSetupAdapter as r, createZaloSetupWizardProxy as t };