@poolzin/pool-bot 2026.2.0 → 2026.2.2

package/dist/cron/store.js

@@ -1,15 +1,16 @@
+import JSON5 from "json5";
 import fs from "node:fs";
-import os from "node:os";
 import path from "node:path";
-import JSON5 from "json5";
+import { expandHomePrefix } from "../infra/home-dir.js";
 import { CONFIG_DIR } from "../utils.js";
 export const DEFAULT_CRON_DIR = path.join(CONFIG_DIR, "cron");
 export const DEFAULT_CRON_STORE_PATH = path.join(DEFAULT_CRON_DIR, "jobs.json");
 export function resolveCronStorePath(storePath) {
     if (storePath?.trim()) {
         const raw = storePath.trim();
-        if (raw.startsWith("~"))
-            return path.resolve(raw.replace("~", os.homedir()));
+        if (raw.startsWith("~")) {
+            return path.resolve(expandHomePrefix(raw));
+        }
         return path.resolve(raw);
     }
     return DEFAULT_CRON_STORE_PATH;
@@ -17,15 +18,29 @@ export function resolveCronStorePath(storePath) {
 export async function loadCronStore(storePath) {
     try {
         const raw = await fs.promises.readFile(storePath, "utf-8");
-        const parsed = JSON5.parse(raw);
-        const jobs = Array.isArray(parsed?.jobs) ? parsed?.jobs : [];
+        let parsed;
+        try {
+            parsed = JSON5.parse(raw);
+        }
+        catch (err) {
+            throw new Error(`Failed to parse cron store at ${storePath}: ${String(err)}`, {
+                cause: err,
+            });
+        }
+        const parsedRecord = parsed && typeof parsed === "object" && !Array.isArray(parsed)
+            ? parsed
+            : {};
+        const jobs = Array.isArray(parsedRecord.jobs) ? parsedRecord.jobs : [];
         return {
             version: 1,
             jobs: jobs.filter(Boolean),
         };
     }
-    catch {
-        return { version: 1, jobs: [] };
+    catch (err) {
+        if (err?.code === "ENOENT") {
+            return { version: 1, jobs: [] };
+        }
+        throw err;
     }
 }
 export async function saveCronStore(storePath, store) {

package/dist/cron/validate-timestamp.js

@@ -0,0 +1,43 @@
+import { parseAbsoluteTimeMs } from "./parse.js";
+const ONE_MINUTE_MS = 60 * 1000;
+const TEN_YEARS_MS = 10 * 365.25 * 24 * 60 * 60 * 1000;
+/**
+ * Validates at timestamps in cron schedules.
+ * Rejects timestamps that are:
+ * - More than 1 minute in the past
+ * - More than 10 years in the future
+ */
+export function validateScheduleTimestamp(schedule, nowMs = Date.now()) {
+    if (schedule.kind !== "at") {
+        return { ok: true };
+    }
+    const atRaw = typeof schedule.at === "string" ? schedule.at.trim() : "";
+    const atMs = atRaw ? parseAbsoluteTimeMs(atRaw) : null;
+    if (atMs === null || !Number.isFinite(atMs)) {
+        return {
+            ok: false,
+            message: `Invalid schedule.at: expected ISO-8601 timestamp (got ${String(schedule.at)})`,
+        };
+    }
+    const diffMs = atMs - nowMs;
+    // Check if timestamp is in the past (allow 1 minute grace period)
+    if (diffMs < -ONE_MINUTE_MS) {
+        const nowDate = new Date(nowMs).toISOString();
+        const atDate = new Date(atMs).toISOString();
+        const minutesAgo = Math.floor(-diffMs / ONE_MINUTE_MS);
+        return {
+            ok: false,
+            message: `schedule.at is in the past: ${atDate} (${minutesAgo} minutes ago). Current time: ${nowDate}`,
+        };
+    }
+    // Check if timestamp is too far in the future
+    if (diffMs > TEN_YEARS_MS) {
+        const atDate = new Date(atMs).toISOString();
+        const yearsAhead = Math.floor(diffMs / (365.25 * 24 * 60 * 60 * 1000));
+        return {
+            ok: false,
+            message: `schedule.at is too far in the future: ${atDate} (${yearsAhead} years ahead). Maximum allowed: 10 years`,
+        };
+    }
+    return { ok: true };
+}

package/dist/discord/monitor/agent-components.js

@@ -0,0 +1,438 @@
+import { Button, StringSelectMenu, } from "@buape/carbon";
+import { ButtonStyle, ChannelType } from "discord-api-types/v10";
+import { logVerbose } from "../../globals.js";
+import { enqueueSystemEvent } from "../../infra/system-events.js";
+import { logDebug, logError } from "../../logger.js";
+import { buildPairingReply } from "../../pairing/pairing-messages.js";
+import { readChannelAllowFromStore, upsertChannelPairingRequest, } from "../../pairing/pairing-store.js";
+import { resolveAgentRoute } from "../../routing/resolve-route.js";
+import { normalizeDiscordAllowList, normalizeDiscordSlug, resolveDiscordAllowListMatch, resolveDiscordChannelConfigWithFallback, resolveDiscordGuildEntry, resolveDiscordUserAllowed, } from "./allow-list.js";
+import { formatDiscordUserTag } from "./format.js";
+const AGENT_BUTTON_KEY = "agent";
+const AGENT_SELECT_KEY = "agentsel";
+/**
+ * Build agent button custom ID: agent:componentId=<id>
+ * The channelId is NOT embedded in customId - we use interaction.rawData.channel_id instead
+ * to prevent channel spoofing attacks.
+ *
+ * Carbon's customIdParser parses "key:arg1=value1;arg2=value2" into { arg1: value1, arg2: value2 }
+ */
+export function buildAgentButtonCustomId(componentId) {
+    return `${AGENT_BUTTON_KEY}:componentId=${encodeURIComponent(componentId)}`;
+}
+/**
+ * Build agent select menu custom ID: agentsel:componentId=<id>
+ */
+export function buildAgentSelectCustomId(componentId) {
+    return `${AGENT_SELECT_KEY}:componentId=${encodeURIComponent(componentId)}`;
+}
+/**
+ * Parse agent component data from Carbon's parsed ComponentData
+ * Carbon parses "key:componentId=xxx" into { componentId: "xxx" }
+ */
+function parseAgentComponentData(data) {
+    if (!data || typeof data !== "object") {
+        return null;
+    }
+    const componentId = typeof data.componentId === "string"
+        ? decodeURIComponent(data.componentId)
+        : typeof data.componentId === "number"
+            ? String(data.componentId)
+            : null;
+    if (!componentId) {
+        return null;
+    }
+    return { componentId };
+}
+function formatUsername(user) {
+    if (user.discriminator && user.discriminator !== "0") {
+        return `${user.username}#${user.discriminator}`;
+    }
+    return user.username;
+}
+/**
+ * Check if a channel type is a thread type
+ */
+function isThreadChannelType(channelType) {
+    return (channelType === ChannelType.PublicThread ||
+        channelType === ChannelType.PrivateThread ||
+        channelType === ChannelType.AnnouncementThread);
+}
+async function ensureDmComponentAuthorized(params) {
+    const { ctx, interaction, user, componentLabel } = params;
+    const dmPolicy = ctx.dmPolicy ?? "pairing";
+    if (dmPolicy === "disabled") {
+        logVerbose(`agent ${componentLabel}: blocked (DM policy disabled)`);
+        try {
+            await interaction.reply({
+                content: "DM interactions are disabled.",
+                ephemeral: true,
+            });
+        }
+        catch {
+            // Interaction may have expired
+        }
+        return false;
+    }
+    if (dmPolicy === "open") {
+        return true;
+    }
+    const storeAllowFrom = await readChannelAllowFromStore("discord").catch(() => []);
+    const effectiveAllowFrom = [...(ctx.allowFrom ?? []), ...storeAllowFrom];
+    const allowList = normalizeDiscordAllowList(effectiveAllowFrom, ["discord:", "user:", "pk:"]);
+    const allowMatch = allowList
+        ? resolveDiscordAllowListMatch({
+            allowList,
+            candidate: {
+                id: user.id,
+                name: user.username,
+                tag: formatDiscordUserTag(user),
+            },
+        })
+        : { allowed: false };
+    if (allowMatch.allowed) {
+        return true;
+    }
+    if (dmPolicy === "pairing") {
+        const { code, created } = await upsertChannelPairingRequest({
+            channel: "discord",
+            id: user.id,
+            meta: {
+                tag: formatDiscordUserTag(user),
+                name: user.username,
+            },
+        });
+        try {
+            await interaction.reply({
+                content: created
+                    ? buildPairingReply({
+                        channel: "discord",
+                        idLine: `Your Discord user id: ${user.id}`,
+                        code,
+                    })
+                    : "Pairing already requested. Ask the bot owner to approve your code.",
+                ephemeral: true,
+            });
+        }
+        catch {
+            // Interaction may have expired
+        }
+        return false;
+    }
+    logVerbose(`agent ${componentLabel}: blocked DM user ${user.id} (not in allowFrom)`);
+    try {
+        await interaction.reply({
+            content: `You are not authorized to use this ${componentLabel}.`,
+            ephemeral: true,
+        });
+    }
+    catch {
+        // Interaction may have expired
+    }
+    return false;
+}
+export class AgentComponentButton extends Button {
+    label = AGENT_BUTTON_KEY;
+    customId = `${AGENT_BUTTON_KEY}:seed=1`;
+    style = ButtonStyle.Primary;
+    ctx;
+    constructor(ctx) {
+        super();
+        this.ctx = ctx;
+    }
+    async run(interaction, data) {
+        // Parse componentId from Carbon's parsed ComponentData
+        const parsed = parseAgentComponentData(data);
+        if (!parsed) {
+            logError("agent button: failed to parse component data");
+            try {
+                await interaction.reply({
+                    content: "This button is no longer valid.",
+                    ephemeral: true,
+                });
+            }
+            catch {
+                // Interaction may have expired
+            }
+            return;
+        }
+        const { componentId } = parsed;
+        // P1 FIX: Use interaction's actual channel_id instead of trusting customId
+        // This prevents channel ID spoofing attacks where an attacker crafts a button
+        // with a different channelId to inject events into other sessions
+        const channelId = interaction.rawData.channel_id;
+        if (!channelId) {
+            logError("agent button: missing channel_id in interaction");
+            return;
+        }
+        const user = interaction.user;
+        if (!user) {
+            logError("agent button: missing user in interaction");
+            return;
+        }
+        const username = formatUsername(user);
+        const userId = user.id;
+        // P1 FIX: Use rawData.guild_id as source of truth - interaction.guild can be null
+        // when guild is not cached even though guild_id is present in rawData
+        const rawGuildId = interaction.rawData.guild_id;
+        const isDirectMessage = !rawGuildId;
+        if (isDirectMessage) {
+            const authorized = await ensureDmComponentAuthorized({
+                ctx: this.ctx,
+                interaction,
+                user,
+                componentLabel: "button",
+            });
+            if (!authorized) {
+                return;
+            }
+        }
+        // P2 FIX: Check user allowlist before processing component interaction
+        // This prevents unauthorized users from injecting system events
+        const guild = interaction.guild;
+        const guildInfo = resolveDiscordGuildEntry({
+            guild: guild ?? undefined,
+            guildEntries: this.ctx.guildEntries,
+        });
+        // Resolve channel info for thread detection and allowlist inheritance
+        const channel = interaction.channel;
+        const channelName = channel && "name" in channel ? channel.name : undefined;
+        const channelSlug = channelName ? normalizeDiscordSlug(channelName) : "";
+        const channelType = channel && "type" in channel ? channel.type : undefined;
+        const isThread = isThreadChannelType(channelType);
+        // Resolve thread parent for allowlist inheritance
+        // Note: We can get parentId from channel but cannot fetch parent name without a client.
+        // The parentId alone enables ID-based parent config matching. Name-based matching
+        // requires the channel cache to have parent info available.
+        let parentId;
+        let parentName;
+        let parentSlug = "";
+        if (isThread && channel && "parentId" in channel) {
+            parentId = channel.parentId ?? undefined;
+            // Try to get parent name from channel's parent if available
+            if ("parent" in channel) {
+                const parent = channel.parent;
+                if (parent?.name) {
+                    parentName = parent.name;
+                    parentSlug = normalizeDiscordSlug(parentName);
+                }
+            }
+        }
+        // Only check guild allowlists if this is a guild interaction
+        if (rawGuildId) {
+            const channelConfig = resolveDiscordChannelConfigWithFallback({
+                guildInfo,
+                channelId,
+                channelName,
+                channelSlug,
+                parentId,
+                parentName,
+                parentSlug,
+                scope: isThread ? "thread" : "channel",
+            });
+            const channelUsers = channelConfig?.users ?? guildInfo?.users;
+            if (Array.isArray(channelUsers) && channelUsers.length > 0) {
+                const userOk = resolveDiscordUserAllowed({
+                    allowList: channelUsers,
+                    userId,
+                    userName: user.username,
+                    userTag: user.discriminator ? `${user.username}#${user.discriminator}` : undefined,
+                });
+                if (!userOk) {
+                    logVerbose(`agent button: blocked user ${userId} (not in allowlist)`);
+                    try {
+                        await interaction.reply({
+                            content: "You are not authorized to use this button.",
+                            ephemeral: true,
+                        });
+                    }
+                    catch {
+                        // Interaction may have expired
+                    }
+                    return;
+                }
+            }
+        }
+        // Resolve route with full context (guildId, proper peer kind)
+        const route = resolveAgentRoute({
+            cfg: this.ctx.cfg,
+            channel: "discord",
+            accountId: this.ctx.accountId,
+            guildId: rawGuildId,
+            peer: {
+                kind: isDirectMessage ? "dm" : "channel",
+                id: isDirectMessage ? userId : channelId,
+            },
+        });
+        const eventText = `[Discord component: ${componentId} clicked by ${username} (${userId})]`;
+        logDebug(`agent button: enqueuing event for channel ${channelId}: ${eventText}`);
+        enqueueSystemEvent(eventText, {
+            sessionKey: route.sessionKey,
+            contextKey: `discord:agent-button:${channelId}:${componentId}:${userId}`,
+        });
+        // Acknowledge the interaction
+        try {
+            await interaction.reply({
+                content: "✓",
+                ephemeral: true,
+            });
+        }
+        catch (err) {
+            logError(`agent button: failed to acknowledge interaction: ${String(err)}`);
+        }
+    }
+}
+export class AgentSelectMenu extends StringSelectMenu {
+    customId = `${AGENT_SELECT_KEY}:seed=1`;
+    options = [];
+    ctx;
+    constructor(ctx) {
+        super();
+        this.ctx = ctx;
+    }
+    async run(interaction, data) {
+        // Parse componentId from Carbon's parsed ComponentData
+        const parsed = parseAgentComponentData(data);
+        if (!parsed) {
+            logError("agent select: failed to parse component data");
+            try {
+                await interaction.reply({
+                    content: "This select menu is no longer valid.",
+                    ephemeral: true,
+                });
+            }
+            catch {
+                // Interaction may have expired
+            }
+            return;
+        }
+        const { componentId } = parsed;
+        // Use interaction's actual channel_id (trusted source from Discord)
+        // This prevents channel spoofing attacks
+        const channelId = interaction.rawData.channel_id;
+        if (!channelId) {
+            logError("agent select: missing channel_id in interaction");
+            return;
+        }
+        const user = interaction.user;
+        if (!user) {
+            logError("agent select: missing user in interaction");
+            return;
+        }
+        const username = formatUsername(user);
+        const userId = user.id;
+        // P1 FIX: Use rawData.guild_id as source of truth - interaction.guild can be null
+        // when guild is not cached even though guild_id is present in rawData
+        const rawGuildId = interaction.rawData.guild_id;
+        const isDirectMessage = !rawGuildId;
+        if (isDirectMessage) {
+            const authorized = await ensureDmComponentAuthorized({
+                ctx: this.ctx,
+                interaction,
+                user,
+                componentLabel: "select menu",
+            });
+            if (!authorized) {
+                return;
+            }
+        }
+        // Check user allowlist before processing component interaction
+        const guild = interaction.guild;
+        const guildInfo = resolveDiscordGuildEntry({
+            guild: guild ?? undefined,
+            guildEntries: this.ctx.guildEntries,
+        });
+        // Resolve channel info for thread detection and allowlist inheritance
+        const channel = interaction.channel;
+        const channelName = channel && "name" in channel ? channel.name : undefined;
+        const channelSlug = channelName ? normalizeDiscordSlug(channelName) : "";
+        const channelType = channel && "type" in channel ? channel.type : undefined;
+        const isThread = isThreadChannelType(channelType);
+        // Resolve thread parent for allowlist inheritance
+        let parentId;
+        let parentName;
+        let parentSlug = "";
+        if (isThread && channel && "parentId" in channel) {
+            parentId = channel.parentId ?? undefined;
+            // Try to get parent name from channel's parent if available
+            if ("parent" in channel) {
+                const parent = channel.parent;
+                if (parent?.name) {
+                    parentName = parent.name;
+                    parentSlug = normalizeDiscordSlug(parentName);
+                }
+            }
+        }
+        // Only check guild allowlists if this is a guild interaction
+        if (rawGuildId) {
+            const channelConfig = resolveDiscordChannelConfigWithFallback({
+                guildInfo,
+                channelId,
+                channelName,
+                channelSlug,
+                parentId,
+                parentName,
+                parentSlug,
+                scope: isThread ? "thread" : "channel",
+            });
+            const channelUsers = channelConfig?.users ?? guildInfo?.users;
+            if (Array.isArray(channelUsers) && channelUsers.length > 0) {
+                const userOk = resolveDiscordUserAllowed({
+                    allowList: channelUsers,
+                    userId,
+                    userName: user.username,
+                    userTag: user.discriminator ? `${user.username}#${user.discriminator}` : undefined,
+                });
+                if (!userOk) {
+                    logVerbose(`agent select: blocked user ${userId} (not in allowlist)`);
+                    try {
+                        await interaction.reply({
+                            content: "You are not authorized to use this select menu.",
+                            ephemeral: true,
+                        });
+                    }
+                    catch {
+                        // Interaction may have expired
+                    }
+                    return;
+                }
+            }
+        }
+        // Extract selected values
+        const values = interaction.values ?? [];
+        const valuesText = values.length > 0 ? ` (selected: ${values.join(", ")})` : "";
+        // Resolve route with full context (guildId, proper peer kind)
+        const route = resolveAgentRoute({
+            cfg: this.ctx.cfg,
+            channel: "discord",
+            accountId: this.ctx.accountId,
+            guildId: rawGuildId,
+            peer: {
+                kind: isDirectMessage ? "dm" : "channel",
+                id: isDirectMessage ? userId : channelId,
+            },
+        });
+        const eventText = `[Discord select menu: ${componentId} interacted by ${username} (${userId})${valuesText}]`;
+        logDebug(`agent select: enqueuing event for channel ${channelId}: ${eventText}`);
+        enqueueSystemEvent(eventText, {
+            sessionKey: route.sessionKey,
+            contextKey: `discord:agent-select:${channelId}:${componentId}:${userId}`,
+        });
+        // Acknowledge the interaction
+        try {
+            await interaction.reply({
+                content: "✓",
+                ephemeral: true,
+            });
+        }
+        catch (err) {
+            logError(`agent select: failed to acknowledge interaction: ${String(err)}`);
+        }
+    }
+}
+export function createAgentComponentButton(ctx) {
+    return new AgentComponentButton(ctx);
+}
+export function createAgentSelectMenu(ctx) {
+    return new AgentSelectMenu(ctx);
+}

package/dist/discord/monitor/allow-list.js

@@ -68,7 +68,7 @@ export function resolveDiscordAllowListMatch(params) {
     return { allowed: false };
 }
 export function resolveDiscordUserAllowed(params) {
-    const allowList = normalizeDiscordAllowList(params.allowList, ["discord:", "user:"]);
+    const allowList = normalizeDiscordAllowList(params.allowList, ["discord:", "user:", "pk:"]);
     if (!allowList)
         return true;
     return allowListMatches(allowList, {
@@ -80,7 +80,7 @@ export function resolveDiscordUserAllowed(params) {
 export function resolveDiscordCommandAuthorized(params) {
     if (!params.isDirectMessage)
         return true;
-    const allowList = normalizeDiscordAllowList(params.allowFrom, ["discord:", "user:"]);
+    const allowList = normalizeDiscordAllowList(params.allowFrom, ["discord:", "user:", "pk:"]);
     if (!allowList)
         return true;
     return allowListMatches(allowList, {
@@ -89,6 +89,28 @@ export function resolveDiscordCommandAuthorized(params) {
         tag: formatDiscordUserTag(params.author),
     });
 }
+export function resolveDiscordOwnerAllowFrom(params) {
+    const rawAllowList = params.channelConfig?.users ?? params.guildInfo?.users;
+    if (!Array.isArray(rawAllowList) || rawAllowList.length === 0) {
+        return undefined;
+    }
+    const allowList = normalizeDiscordAllowList(rawAllowList, ["discord:", "user:", "pk:"]);
+    if (!allowList) {
+        return undefined;
+    }
+    const match = resolveDiscordAllowListMatch({
+        allowList,
+        candidate: {
+            id: params.sender.id,
+            name: params.sender.name,
+            tag: params.sender.tag,
+        },
+    });
+    if (!match.allowed || !match.matchKey || match.matchKey === "*") {
+        return undefined;
+    }
+    return [match.matchKey];
+}
 export function resolveDiscordGuildEntry(params) {
     const guild = params.guild;
     const entries = params.guildEntries;
@@ -128,6 +150,7 @@ function resolveDiscordChannelConfigEntry(entry) {
         enabled: entry.enabled,
         users: entry.users,
         systemPrompt: entry.systemPrompt,
+        includeThreadStarter: entry.includeThreadStarter,
         autoThread: entry.autoThread,
     };
     return resolved;
@@ -199,13 +222,13 @@ export function resolveGroupDmAllow(params) {
     const { channels, channelId, channelName, channelSlug } = params;
     if (!channels || channels.length === 0)
         return true;
-    const allowList = channels.map((entry) => normalizeDiscordSlug(String(entry)));
+    const allowList = new Set(channels.map((entry) => normalizeDiscordSlug(String(entry))));
     const candidates = [
         normalizeDiscordSlug(channelId),
         channelSlug,
         channelName ? normalizeDiscordSlug(channelName) : "",
     ].filter(Boolean);
-    return allowList.includes("*") || candidates.some((candidate) => allowList.includes(candidate));
+    return allowList.has("*") || candidates.some((candidate) => allowList.has(candidate));
 }
 export function shouldEmitDiscordReactionNotification(params) {
     const mode = params.mode ?? "own";
@@ -217,7 +240,7 @@ export function shouldEmitDiscordReactionNotification(params) {
         return Boolean(params.botId && params.messageAuthorId === params.botId);
     }
     if (mode === "allowlist") {
-        const list = normalizeDiscordAllowList(params.allowlist, ["discord:", "user:"]);
+        const list = normalizeDiscordAllowList(params.allowlist, ["discord:", "user:", "pk:"]);
         if (!list)
             return false;
         return allowListMatches(list, {

package/dist/discord/monitor/gateway-registry.js

@@ -0,0 +1,29 @@
+/**
+ * Module-level registry of active Discord GatewayPlugin instances.
+ * Bridges the gap between agent tool handlers (which only have REST access)
+ * and the gateway WebSocket (needed for operations like updatePresence).
+ * Follows the same pattern as presence-cache.ts.
+ */
+const gatewayRegistry = new Map();
+// Sentinel key for the default (unnamed) account. Uses a prefix that cannot
+// collide with user-configured account IDs.
+const DEFAULT_ACCOUNT_KEY = "\0__default__";
+function resolveAccountKey(accountId) {
+    return accountId ?? DEFAULT_ACCOUNT_KEY;
+}
+/** Register a GatewayPlugin instance for an account. */
+export function registerGateway(accountId, gateway) {
+    gatewayRegistry.set(resolveAccountKey(accountId), gateway);
+}
+/** Unregister a GatewayPlugin instance for an account. */
+export function unregisterGateway(accountId) {
+    gatewayRegistry.delete(resolveAccountKey(accountId));
+}
+/** Get the GatewayPlugin for an account. Returns undefined if not registered. */
+export function getGateway(accountId) {
+    return gatewayRegistry.get(resolveAccountKey(accountId));
+}
+/** Clear all registered gateways (for testing). */
+export function clearGateways() {
+    gatewayRegistry.clear();
+}